Lyrics & Knowledge Personal Pages Record Shop Auction Links Radio & Media Kids Membership Help
The Mudcat Cafemuddy

Post to this Thread - Sort Descending - Printer Friendly - Home


Tech: Is Factory Installed Spyware Better?

JohnInKansas 30 Mar 11 - 08:27 PM
GUEST,goodlife 31 Mar 11 - 06:32 AM
JohnInKansas 01 Apr 11 - 01:05 AM
Bernard 01 Apr 11 - 11:59 AM
SteveMansfield 01 Apr 11 - 02:13 PM
Share Thread
more
Lyrics & Knowledge Search [Advanced]
DT  Forum
Sort (Forum) by:relevance date
DT Lyrics:





Subject: Tech: Is Factory Installed Spyware Better?
From: JohnInKansas
Date: 30 Mar 11 - 08:27 PM

Samsung laptops may have spyware pre-installed

Maker may have put in software to "monitor performance"

By Paul Wagenseil
SecurityNewsDaily
2011-03-30

The South Korean electronics giant Samsung may be spying on its own customers, using a program pre-installed on laptops that secretly monitors every keystroke.

In a guest posting on NetworkWorld, Toronto security researcher Mohammed Hassan described how he found keylogging software on a brand-new Samsung laptop he bought last month. He deleted it and continued to use the laptop, until it developed other problems.

Hassan returned it to the retailer and came home with a slightly better Samsung model — which also turned out to have the keylogging software.

He called Samsung telephone support, and after some buck-passing, finally spoke to a supervisor, who first tried to blame it on Microsoft.

Told that didn't make sense, the supervisor then admitted to Hassan that the software is there to "monitor the performance of the machine and to find out how it is being used."

The software was a commercial product called StarLogger, which its maker says is "completely undetectable and starts up whenever your computer starts up."

It also captures screenshots at predetermined intervals. Both the keystrokes and the screenshots can be secretly emailed to designated addresses.

Hassan says there was no notification that his keystrokes were being logged.

But it seems that Samsung may not have been trying very hard to conceal StarLogger. The software was hiding in plain sight at the file path "c:\windows\SL\".

Samsung's behavior is probably illegal, and definitely unethical. As Hassan puts it, "the issue has legal, ethical, and privacy implications for both the businesses and individuals who may purchase and use Samsung laptops."

Five years ago, the Sony BMG music company was found to be illegally inserting malware on music CDs that would install "rootkits" into Windows laptops to prevent them from "ripping" MP3 files. Sony BMG eventually paid $575 million in fines and payouts connected with multiple lawsuits.

To anyone who's recently purchased a Samsung laptop, make sure you scan it thoroughly with antivirus software, and also search its Windows folder for a directory called "SL."

If you find something like what Hassan described, you might want to consider contacting NetworkWorld — and possibly a lawyer.
Samsung representatives had not responded to NetworkWorld's queries by Wednesday afternoon (March 30).

[end quote]

Probably doesn't require much comment(?).

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Is Factory Installed Spyware Better?
From: GUEST,goodlife
Date: 31 Mar 11 - 06:32 AM

not neccessarily probably the one they can get the best deal with but it will have to work to protect their image


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Is Factory Installed Spyware Better?
From: JohnInKansas
Date: 01 Apr 11 - 01:05 AM

I had thought that perhaps someone here might have come across the same story, and might have further input.

The "saturation advertising" by mostly questionable "anti spyware" programs makes it difficult to find credible information about anything but the most prominent reports of security issues, since any search gets the hundred thousand most popular junk advertisements before you get to the news.

Sources likely to be reliable are now saying that they're convinced that the report of factory installed spyware on some Samsung laptops was a "false positive."

Statements issued by Samsung are "somewhat weak" and in most cases suffer from incredibly bad translations (possibly machine-generated English?) making it difficult to tell whether they really say much of anything.

At least two "bloggers" apparently at Sophos, a usually trustable source, offer assurance that Samsung is "probably not guilty."

One of the more legible - if not really reassuring - responses is the retraction by the original source for the report I saw: MSNBC - Samsung laptop spyware likely a false alarm.

The original source of the report, who identified himself as a manager** at a "computer security provider" with a reasonably visible reputation apparently will need to do some damage control.

Samsung is unlikely to be seriously harmed, assuming that a more complete explanation does appear promptly; but the report that their support people were mystified by the whole event - and may have responded with incorrect information - is consistent with reviews ranking their tech support as "mid-range" (translation: mediocre).

[But the same ratings say HP is "excellent" which I have not found to be my own assessment.]

If the original report was, as some reports indicate, based on a false positive generated by a reasonably common AV program, it might appear that the AV builder needs at least to provide a little better documentation of the program's limitations.

** The top-line recommendation might be that "managers shouldn't be allowed to tweet," but that's sort of an internal thing for the company policy writers.

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Is Factory Installed Spyware Better?
From: Bernard
Date: 01 Apr 11 - 11:59 AM

I think 'GUEST,goodlife' misread the thread title as I initially did!

John is clearly referring to 'benign malware' for want of a better phrase, and I don't like the sound of it or its implications one bit.

At least Micro$haft, Adobe, Google et al ask permission before allowing their spyware to snoop - though it's now a little worrying to think it may just be lurking there, waiting for its master to activate it.

If this report is, indeed, a 'false positive' - and I see quite a few of those - then fair enough. But the 'no smoke without fire' brigade would still have a field day!


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Is Factory Installed Spyware Better?
From: SteveMansfield
Date: 01 Apr 11 - 02:13 PM

Another story confirming the false positive: the UK tech newspaper Computer Weekly.

Sometimes, particularly when it comes to malware false positives, it really is just smoke ...


Post - Top - Home - Printer Friendly - Translate
  Share Thread:
More...

Reply to Thread
Subject:  Help
From:
Preview   Automatic Linebreaks   Make a link ("blue clicky")


Mudcat time: 24 September 9:26 PM EDT

[ Home ]

All original material is copyright © 1998 by the Mudcat Café Music Foundation, Inc. All photos, music, images, etc. are copyright © by their rightful owners. Every effort is taken to attribute appropriate copyright to images, content, music, etc. We are not a copyright resource.