This is a good reminder to always do your homework before making such a strong accusation. Samsung's reputation is probably largely undamaged, other than among people who just read the headlines on news aggregator sites. Even searching for 'Samsung Key Logger' pulls up mostly articles about the false alarm situation.<p>Mohamed Hassan [MSIA, CISSP, CISA and graduate of the Master of Science in Information Assurance (MSIA) program from Norwich University in 2009 as the original article prominently states], on the other hand, is probably not so lucky. Any Google search on his name from now on will probably reveal this whole debacle. Furthermore, I wouldn't be surprised if he just opened himself up to legal action by Samsung.
I'm no expert of Antivirus software, but figuring whether something is a threat by its _folder name_ ??? With all the money going into the industry? That has to be some sort of april fool's prank gone really bad.
I can't help it. But the whole "security software" business really reminds me of the mob.<p><i>Nice laptop you have here; would be a shame if something would happen to it!</i>
If you Google <a href="http://www.google.com/search?q=samsung+keylogger+monitor+the+performance+of+the+machine" rel="nofollow">http://www.google.com/search?q=samsung+keylogger+monitor+the...</a><p>You'll have thousands of quotes from a so-called "Samsung supervisor" who "said it's used to "monitor the performance of the machine and to find out how it is being used."<p>What is this bullshit ? From where did the quote come from ?<p>Amazing how most are just copy-paste.
It just prove that very few online news websites verify their source if the keylogger claim is false.
<i>"The findings are false-positive proof since I have used the tool that discovered it for six years now and I am yet to see it misidentify an item throughout the years."</i><p>Mohamed's lesson: Just because you were unable to prove a false-positive with the same program for 6 years doesn't mean there weren't any.
The laptop story yesterday led me to learn about CarrierIQ on my cell phone, which was equally disturbing. Maybe the laptop was a false alarm, but my Samsung cell phone did indeed have a keylogger on it. So I'm not inclined to cut them a lot of slack right now.
<a href="http://forum.xda-developers.com/showpost.php?p=11763089" rel="nofollow">http://forum.xda-developers.com/showpost.php?p=11763089</a>
"A lie can travel halfway round the world while the truth is putting on its shoes." -- often attributed to Mark Twain<p>The original article was so poorly fact checked. It really reflects poorly on Mohamed Hassan (and all his fancy yet meaningless credentials) and M. E. Kabay (who apparently worships Mr Hassan unquestioningly). I will not hold my breath out for a public apology from either of those two, although they are the ones who owe Samsung one.<p>And the irony is in fact delicious. A security expert finds a virus using an anti-virus scanner tool, and confirms it with some call center employee with the company. What does being a "security expert" have to do with any of that? My 10 year old nephew could have done that!
I like this whole debacle. I think it ended well. HN, and the power of news aggregating/forum/linking sites wield a decent amount of media power. I like that - because it's one of the instances where the collective mind has greater intelligence than any one individual. It confirms the notion that tech producers need to pay attention to the tech community and shortens the distance between the two, which I think is a good thing.
This has got to get to 400+ points. For those who took the day off and will continue to believe the sensationalism before it pops off the front page? To be damned!<p>EDIT: I mean, this is the only tech news site I read. I don't know if I'm in the same boat so to speak.
Customer service Reps would NEVER have the authority to tell you that there is secret Key Logger on your computer. So if a customer Rep is telling you something like that, he is either trying to get fired or there is a miscommunication.
Wow, what a waste of everyone's time:<p>> [UPDATE 3/31/11: Mich Kabay writes: A Samsung executive personally flew from Newark, N.J., to Burlington, Vt., carrying two unopened boxes containing new R540 laptop computers. These units were immediately put under seal and details recorded for chain-of-custody records. At 17:40, Dr Peter Stephenson, Director of the Norwich University Center for Advanced Computing and Digital Forensics, began the detailed forensic analysis of the disks. We expect results by Monday.]<p><a href="http://www.networkworld.com/newsletters/sec/2011/040411sec1.html" rel="nofollow">http://www.networkworld.com/newsletters/sec/2011/040411sec1....</a>
Great news... but what's with the SL folder? The report does not say what SL folder contains on a new laptop.
Anyway, pretty dumb to check for viruses by folder name.
Perhaps I read it wrong, but the article never says Samsung didn't ship a keylogger, it just indicates that the AV software can make false positives based on a folder.<p>Can we get a link to an article that actually checks a Samsung laptop (and lists their methodology, not this "Duh, there were not any keyloggers") instead of anecdotal evidence and attacking the previous reseaerchers methods?<p>Even if the previous guy was wrong, at least he listed all his methods for review.
False positives are the bane of IT security products in general. I would say that 90% of issues reported are FPs and the end user is expected to figure that out, confirm then double confirm before reporting it as a <i>potential</i> issue.
From the original post which started all this:<a href="http://www.networkworld.com/newsletters/sec/2011/032811sec2.html" rel="nofollow">http://www.networkworld.com/newsletters/sec/2011/032811sec2....</a><p>"After an in-depth analysis of the laptop, my conclusion was that this software was installed by the manufacturer, Samsung. I removed the keylogger software, cleaned up the laptop, and continued using the computer."<p>So, the author, Mohamed Hassan was able to uninstall a software which was never installed? I think he would have deleted the folder in question and called that un-installing!!