Is Samsung is watching your keystrokes?


Network World has an ongoing story broken by Mohamed Hassan, an IT expert, who reported the discovery of a keylogger program on two new laptops bought from Samsung. When Samsung was initially asked about it, they had first pointed fingers at Microsoft.

Later, however, when the incident was escalated upwards, a supervisor at Samsung admitted that the software was knowingly put there to “monitor the performance of the machine and to find out how it is being used.” Examining the program, a keylogger called “StarLogger”, it records every keystroke made – even the ones that you think are safe when you type in passwords. It runs in the background, silently, and can email the results back without the user knowing.

If this is widespread across more than the two Samsung laptop models that Hassan investigated (an R525 and an R540), it’s a blatant security vulnerability evidently sanctioned by the company. The supervisor’s answer is telling because that’s exactly what it implies.

If you’re not familiar with what a keylogger like this can do, just imagine inviting someone to look over your shoulder while you do your banking or email who then reports your keystrokes and password back to a total stranger. It would also be as if Toyota or Ford secretly installed video cameras inside their cars to monitor just how people use them, sending the data wirelessly to wherever.

When I first heard about this, I was amazed that a company would even think that this kind of thing was okay. It’s not the first time this has happened, either. Sony was caught a few years back for rootkits that secretly installed on PCs when you played any of their music CDs on them, rootkits that were found to inadvertently open security holes and cause problems for Windows machines in general, forcing a huge recall of all affected discs.

People already have a lot to worry about when it comes to protecting their information online. The last thing they need to do is to worry about whether the company they’re buying a new PC from is also trying to get it…and leave the door open for everyone else to do the same.
UPDATE (3.30.11): Samsung has launched an investigation and is working with Mr. Hassan and fellow security expert, M.E. Kabay

UPDATE (3.31.11): It turns out that in the end, it was a false positive. Samsung is completely in the clear, though as Network World has commented, odd that an employee would admit that there was a keylogger on these laptops when asked by Hassan. Nevertheless, it turns out that the virus scanner used to detect the software, VIPRE, mistakenly identified another piece of software for the keylogger. VIPRE has since been updated and GFI Labs, the developer of the scanner, have issued apologies all around.