[quote="Neowin"][img]http://i.cubeupload.com/9NF8uU.png[/img]
According to Network World, Samsung has been [url="http://www.networkworld.com/newsletters/sec/2011/032811sec2.html"]installing[/url] key logging software on its laptop computers. On May 1 Mohamed Hassan, a graduate of the Master of Science in Information Assurance (MSIA) program at Norwich University, discovered an application called [url="http://starlogger.software.informer.com/"]StarLogger[/url] had been installed on his brand new laptop. He discovered the software was located in the C:\Windows\SL\ folder, and after some investigation, Hassan found it was recording every keystroke, including emails, documents, usernames and passwords.
He proceeded to report this to Samsung Support and logged incident number 2101163379 with them. In a similar move to SonyBMG about the installing of [url="http://www.neowin.net/news/aries-sony-rootkit-remover"]rootkits[/url], Samsung's support department denied the existence of any such software on its laptops.
After being informed of two different models which had been tested for the keylogger, Samsung changed its tune and, instead, blamed Microsoft by saying "all Samsung did was to manufacture the hardware." This answer was not accepted by Mohamed and he told them that it "did not make sense", the incident was then moved higher up the support chain to a supervisor, who explained to Hassan that he was "not sure how this software ended up in the new laptop," but confirmed that "yes, Samsung did knowingly put this software on the laptop to monitor the performance of the machine and to find out how it is being used."
In 2007 the FTC Chairman, Deborah Platt Majoras, said "Installations of secret software that create security risks are intrusive and unlawful." If this story turns out anything like the Sony rootkit fiasco we may see lawsuits, and quite a few of them.
The two models currently known to contain this software are the R525 and R540. CNET has published a helpful guide on how to remove this software, to read it click [url="http://download.cnet.com/8301-2007_4-20048963-12.html"]here[/url].
Image Credit: [url="http://starlogger.software.informer.com/screenshot/29081/"]Informer[/url]
[/quote]
Source: [url]http://www.neowin.net/news/samsung-installing-keylogger-on-laptops[/url]
[h2]Update:[/h2]
[quote="Engadget"]
Update 2: Samsung's official Korean language blog, Samsung Tomorrow, has a posted an update calling the findings false. According to Samsung, the confusion arose when the VIPRE security software mistakenly identified Microsoft's Slovene language folder ("SL") as Starlogger, which Sammy was able to recreate from an empty c:\windows\SL folder (see image above). So yeah, move along, it's much ado about nothing -- the R525 and R540 laptops are perfectly safe.
[/quote]
Source: [url]http://www.engadget.com/2011/03/31/samsung-reportedly-installing-keylogger-software-on-r525-privac/[/url]
:tinfoil:
That's creepy
They're going to get sued.
What idiot made the decision "Let's find out how the laptops are being used by recording people's passwords".
Samsung's about to be raped in the ass with a spike covered diamond dildo.
So that is how my friends Steam account got stolen. Some Samsung employee was peeking into his shit.
Three words, say them with me:
Class Action Lawsuit.
The sad truth is that the government knows about keylogging software and sometimes hardware installed on many computers. I was at a government office building and saw that they check all the drivers and kernel instructions of every new piece of computer related equipment that comes into the building to make sure it's free of any foreign logging features. The thing is, there is sometimes even dedicated hardware that is completely undetectable at the OS level in some computers for the sole purpose of capturing user input information. All that data is then sent back home through more dedicated hardware that is invisible and undetectable on the OS level.
herp derp 100% of keylogging programs are malicious
[editline]31st March 2011[/editline]
[sp]not really[/sp]
[editline]a[/editline]
Gee there sure are some uninformed people posting in this thread
[QUOTE=Metalcastr;28905333]What idiot made the decision "Let's find out how the laptops are being used by recording people's passwords".[/QUOTE]
Everyone that start throwing off pre-installed software.
[QUOTE=Hesychasmos;28905523]herp derp 100% of keylogging programs are malicious
[editline]31st March 2011[/editline]
[sp]not really[/sp][/QUOTE]
They are a COMPLETE invasion of privacy.
Samsung said that "yes, Samsung did knowingly put this software on the laptop to monitor the performance of the machine and to find out how it is being used."
In other words, they had the ability and probably were actively looking at EVERYTHING people were typing into their computer from the moment that thing booted up.
[QUOTE=Master117;28905578]They are a COMPLETE invasion of privacy.
Samsung said that "yes, Samsung did knowingly put this software on the laptop to monitor the performance of the machine and to find out how it is being used."
In other words, they had the ability and probably were actively looking at EVERYTHING people were typing into their computer from the moment that thing booted up.[/QUOTE]
Please direct me to the part where it said that Samsung was "actively looking at EVERYTHING people were typing into their computer"
Keyloggers are used as administrative, parental, and personal safety/surveillance tools, not just to steal Runescape accounts
I don't see any way this could be legal unless they slipped something into the TOS even then its debatable.
Oh and required viewing for any Samsung related topic: [url]http://www.yhchang.com/SAMSUNG_MEANS_TO_COME.html[/url]
well i hope they don't put keyloggers in their monitors
[QUOTE=thisispain;28905677]well i hope they don't put keyloggers in their monitors[/QUOTE]
or video cameras in the cd drives
[QUOTE=Hesychasmos;28905628]Please direct me to the part where it said that Samsung was "actively looking at EVERYTHING people were typing into their computer"
Keyloggers are used as administrative, parental, and personal safety/surveillance tools, not just to steal Runescape accounts[/QUOTE]
If someone could actually refute this instead of just rating it dumb it would be fucking swell
Just to restate my point: Not all keyloggers are malicious. There's a possibility that Samsung installed this as a legitimate administrative tool [b](although there is not enough information in the article to tell whether this is a remote-access keylogger or not)[/b], just as other laptop manufacturers package other bloatware with their laptops.
And this is why you should always do a clean install of your OS and never use a prebuild Windows of any manufacture which is normally completely bloated up.
Anyway this is really a bad move of Samsung.
[QUOTE=Hesychasmos;28906002]If someone could actually refute this instead of just rating it dumb it would be fucking swell
Just to restate my point: Not all keyloggers are malicious. There's a possibility that Samsung installed this as a legitimate administrative tool [b](although there is not enough information in the article to tell whether this is a remote-access keylogger or not)[/b], just as other laptop manufacturers package other bloatware with their laptops.[/QUOTE]
Are you illiterate? It said specifically in the article that Samsung admitted the keylogger program was "to monitor the performance of the machine and to find out how it is being used."
This means that Samsung was watching what people were typing into the laptop. It was actively sending user-data back to Samsung. What sites they visited, who they chatted with and with what content, passwords, and so on. It's blatantly obvious. What do they do with this information? They sell it. They sell all your data. They probably even tally the passwords people use for shit to see what the most common passwords are and what patterns people use to make them. They are making money off of you in more ways than you think.
What would you do if a hacker installed a keylogger on your computer and monitored everything you were doing but claimed that they were only doing it "to monitor the performance of the machine and to find out how it is being used." You wouldn't be very happy, would you? What's the difference between some stupid script kiddie hacker and a big corporation like Samsung watching what you do with your shit? Hell, in some ways, I'm more afraid when companies have access to my shit more than some lone hacker.
[QUOTE=Forumaster;28905429]Samsung's about to be raped in the ass with a spike covered diamond dildo.[/QUOTE]
[img]http://sharetv.org/images/medium/metalocalypse/291484.jpg[/img]
[QUOTE=Hesychasmos;28906002]If someone could actually refute this instead of just rating it dumb it would be fucking swell
Just to restate my point: Not all keyloggers are malicious. There's a possibility that Samsung installed this as a legitimate administrative tool [b](although there is not enough information in the article to tell whether this is a remote-access keylogger or not)[/b], just as other laptop manufacturers package other bloatware with their laptops.[/QUOTE]
The problem is that there was a hidden keylogger in the first place, not that it sends data back.
What if one Samsung laptop required service? then the Samsung technician(s) could easily recover the log file :colbert:
[QUOTE=Hesychasmos;28906002]If someone could actually refute this instead of just rating it dumb it would be fucking swell
Just to restate my point: Not all keyloggers are malicious. There's a possibility that Samsung installed this as a legitimate administrative tool [b](although there is not enough information in the article to tell whether this is a remote-access keylogger or not)[/b], just as other laptop manufacturers package other bloatware with their laptops.[/QUOTE]
You are the most retarded person ever. EVER!
Administrative tool, pah.
kaspersky will delete that if that ever accorded... if they found it.
Everything I've read about this stinks.
How many laptops supposedly have this included?
This story is bullshit.
The guy who supposedly found the keylogger gives a really shitty description of his methodology, making it nearly impossible to reproduce.
[quote]While setting up a new Samsung computer laptop with model number R525 in early February 2011, I came across an issue that mirrored what Sony BMG did six years ago. After the initial set up of the laptop, I installed licensed commercial security software and then ran a full system scan before installing any other software. The scan found two instances of a commercial keylogger called StarLogger installed on the brand new laptop. Files associated with the keylogger were found in a c:\windows\SL directory.
According to a Starlogger description, StarLogger records every keystroke made on your computer on every window, even on password protected boxes.
This key logger is completely undetectable and starts up whenever your computer starts up. See everything being typed: emails, messages, documents, web pages, usernames, passwords, and more. StarLogger can email its results at specified intervals to any email address undetected so you don't even have to be at the computer your[sic] are monitoring to get the information. The screen capture images can also be attached automatically to the emails as well as automatically deleted.
After an in-depth analysis of the laptop, my conclusion was that this software was installed by the manufacturer, Samsung. I removed the keylogger software, cleaned up the laptop, and continued using the computer. However, after experiencing problems with the video display driver, I returned that laptop to the store where I bought it and bought a higher Samsung model (R540) from another store.
Again, after the initial set up of the laptop, I found the same StarLogger software in the c:\windows\SL folder of the new laptop. The findings are false-positive proof since I have used the tool that discovered it for six years now and I am yet to see it misidentify an item throughout the years. The fact that on both models the same files were found in the same location supported the suspicion that the hardware manufacturer, Samsung, must know about this software on its brand-new laptops.
[/quote]
Again, no description of what antivirus software he used, how he ensured he didn't have a false positive, and he gives no explanation for why he believes Samsung installed it.
[QUOTE=PrismatexV8;28907470]This story is bullshit.
The guy who supposedly found the keylogger gives a really shitty description of his methodology, making it nearly impossible to reproduce.
Again, no description of what antivirus software he used, how he ensured he didn't have a false positive, and he gives no explanation for why he believes Samsung installed it.[/QUOTE]
the articles do stink but apparently he is a networking security specialist
[QUOTE=Binladen34;28910268]Makes me wonder about my netbook.[/QUOTE]
findings were false
there's no keylogger
[QUOTE=Hesychasmos;28905628]Please direct me to the part where it said that Samsung was "actively looking at EVERYTHING people were typing into their computer"
Keyloggers are used as administrative, parental, and personal safety/surveillance tools, not just to steal Runescape accounts[/QUOTE]
HAI GUYS ill be your glass citizen for the day
aint got nothin to hide aint got nothin to worry about RITE? LOLO!!
please direct me to the nearest ultra authoritarian government so I can live out my fantasy and die in a deathcamp.
[QUOTE=Forumaster;28905429]Samsung's about to be raped in the ass with a spike covered diamond dildo.[/QUOTE]
It menaces with spikes of diamond.
Sorry, you need to Log In to post a reply to this thread.
