Samsung Plants Keyloggers On Laptops 515
Saint Aardvark writes "Mohammed Hassan writes in Network World that he found a keylogger program installed on his brand-new laptop — not once, but twice. After initial denials, Samsung has admitted they did this, saying it was to 'monitor the performance of the machine and to find out how it is being used.' As Hassan says, 'In other words, Samsung wanted to gather usage data without obtaining consent from laptop owners.' Three PR officers from Samsung have so far refused comment."
WTF? (Score:5, Insightful)
Worst idea since Sony's rootkit. They should be prosecuted over crap like this.
Without obtaining consent? (Score:0, Insightful)
I bet there's a cryptic line somewhere in the EULA or whatever legalese they bundle with computers these days that "authorized" it.
I'm sure they think they're smart when they cipher such idiocies into the EULAs, but in the end it will do little difference for Samsung.
Re:Not once, but twice (Score:3, Insightful)
Re:WTF? (Score:5, Insightful)
Worse than Sony's rootkit. Both programs attempt to do something to your property without your consent, but only this one also takes the opportunity to spy on you. They won't be prosecuted, though. At the very worst, some sacrificial lamb from marketing will be fired. American corporate CEOs are above the law.
Boycott (Score:5, Insightful)
Let them know their behavior isn't appropriate. Don't buy their product, and let everyone you know why you don't recommend buying their product.
Default Software (Score:1, Insightful)
I'm surprised that Mr Hassan, having no fewer than 13 letters' worth of titles and certifications after his name, doesn't do what many informed users do immediately upon purchasing a Windows laptop: immediately format the HD and do a fresh installation of the OS. His discovery of a keylogger is yet more evidence of the necessity of doing so.
Stop it (Score:5, Insightful)
If you don't get outraged when outrageous stuff happens, then don't be surprised when more outrageous things happen. It's your own damn fault for not standing up for what's right.
Only one case? (Score:5, Insightful)
A quick search didn't turn up any other reports of this besides discussion pointing back to the linked Network World article. Considering it seems very easy to detect (an SL folder in the main windows directory, accompanied by an automatic uninstall program?) it seems like people wouldn't have any trouble finding it if it is there. Anyone have any confirmation? Anyone besides Mr. Hassan finding this on their new Samsung?
And we do this how? (Score:5, Insightful)
How do you recommend we install a clean copy of Windows, short of buying your own copy for $189.00? PC manufacturers don't even include a "recovery disk" any more, let alone a copy of the OS you just bought and paid for. Not that I disagree with you at all, but the average consumer isn't going to buy their PC for $500-1200, and then cough up $200 for a clean copy of the OS, and then another couple hundred to find someone to wipe and install it for them.
Re:WTF? (Score:2, Insightful)
Shh, it's better to trash "American CEO's" and "American Coporations" Stop with your facts
Re:Stop it (Score:3, Insightful)
...not to claim him, you, or myself more right or righteous. But, I often find when I stand up for the rights of myself and others, I usually end up standing alone. ...with a few shoe prints and knife blades in my backside for good measure.
Did you ever get the feeling that the reason the things in life that suck are allowed to continue is because so many people want it that way?
Re:And we do this how? (Score:3, Insightful)
Well, in my case it's simple as I use Linux for everything nowadays - I do still have a Win XP partition on this laptop, as it makes it easier to support my Dad when he gets problems, but I never use it.
If I was buying a new laptop and needed Windows on it then I'd 'obtain' one. It isn't software piracy as I already own the license through buying the hardware with the COA on it, so it's not illegal. The only problem is that you would still need to download the hardware-specific drivers from Samsung's website - and who can say that they don't bury the keylogger software inside one of them? Then you're shit out of luck I guess, unless you're ready to reverse-engineer the downloaded code.
Re:Oh say it isn't so... (Score:5, Insightful)
"Meh, corruption isn't news, stfu" == "give me more corruption", in the end.
If you don't get upset over these sort of things, you just invite more. Sure, making a fuss won't necessarily stop it from happening again, but remaining silent certainly won't.
Extremely Sceptical (Score:5, Insightful)
OK - we have a keylogger that is plainly visible in the windows directory on his machine and.... that's it. Where is the rest of the evidence? It phones home - I presume he has wireshark traces in the acticle with IP addresses that are owned by Samsung.... Nope. Any network traces showing the activity? .... Nope. Naturally he bought another laptop and, without attaching it to any network, discovered the same keylogger.... Nope. Now he has announced this lots of people have looked at their Samsung laptops and found the keylogger... Nope.
But wait - he has the admission of the company itself! Well, actually, a junior helpdesk driod who probably had no idea what he was actually talking about and was just agreeing with him to get him off the phone. Because the alternative is that every junior helpdesk droid in Samsung knows about the highly illegal secret keylogger that is install on every laptop, but none of them thought "I'm tired of being a helpdesk droid, I think a class action suit is a better way of making a living".
There is also nonsense statements - "the keylogger is completely undetectable": Really? Apart from the c:/windows/SL directory, the entries in the registry and everything else that will make any sensible AV product go beserk that is.
Re:And we do this how? (Score:3, Insightful)
Oh yeah, that's a great way to avoid keyloggers.
Re:WTF? (Score:2, Insightful)
And me without mod points AGAIN...
Re:WTF? (Score:2, Insightful)
nobody worries about other criminals who won't be able to meet their financial commitments if they do a stretch in the workhouse, so why should we worry about that when it's a corporate "person"?
Like Soylent Green, corporations are made of people. How many innocent investors and employees are you willing to punish for the malicious actions of a few? What if the company provides a vital service to its customers? Draconian solutions rarely work out well in practice. A fine many times larger than any possible profit creates the same disincentive, without suddenly telling a bunch of unrelated workers "sorry, no paycheck for you this month".
Re:WTF? (Score:5, Insightful)
Draconian solutions remind everyone of their personal responsibility. Rest assured that if investing in corporations that break the law came with actual monetary costs, pretty soon people would be avoiding the stocks of those corporations like the plague. And nothing of value would be lost.
Re:Extremely Sceptical (Score:4, Insightful)
If this is part of the standard install it should be easy to duplicate and with the publicity this is sure to generate it's likely to be attempted.. personally I'll wait for a technical person to comment on this and more importantly provide the details rather than "After an in-depth analysis of the laptop, my conclusion was that this software was installed by the manufacturer, Samsung" (that's not good enough imho).
This is not believable. (Score:3, Insightful)
I mean, literally, unbelievable. I do not believe it. And anyone else who believes it without some proof apart from what this dude says, is a god damned moron. Apparently that's most of the people in this thread.
(The fact that someone at Samsung seems to have "confirmed" it just means that someone got hold of an idiot somewhere and he said some stupid crap, probably without even understanding what he was saying.)
Re:WTF? (Score:5, Insightful)
That isn't a bad thing. It means the company will have trouble attracting quality talent unless it develops a system and policy to NOT do things like install root kits on computers. If you work for a company that does bad things, and you pay a price, you might want to go work somewhere else, or risk paying that price.
Is it "fair" to all the low level employees? Maybe not, but it will be effective in protecting the general public, which means it is worth the price, since it creates an incentive for companies to NOT be asshats and install root kits on devices.
What is fair is that companies (and shareholders) pay a price for breaking the law. This is the only way you can pressure stockholders and employees to pressure their management to do business in a fair and honest way, by having a "price" for not doing so.
UPDATE THE SUMMARY PLEASE! (Score:1, Insightful)
Hey fucking useless Slashdot editors... please update the summary so you don't continue to slander Samsung over this one guy's erroneous complaint.