http://sunbeltblog.blogspot.com/2011/03/samsung-laptops-do-not-have-keylogger.html
That is all well and good, but what about this claim on networkworld.com:
“The supervisor who spoke with me was not sure how this software ended up in the new laptop thus put me on hold. He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."
and
“We contacted three public relations officers for Samsung for comment about this issue and gave them a week to send us their comments. No one from the company replied.”
My thoughts:
- Why did the “supervisor” confirm that Samsung were using a rootkit?
- Why did Samsung fail to respond to networkworld?
So what did we learn from this incident?
- Heuristic detections based on directory path MUST be regularly re-reviewed. As far as I can tell after a bit of research, the …\Windows\SL directory has been in use since about October 2010.
- If a reporter contacts you claiming to have found a virus in your product, DON’T IGNORE HIM.
- The “supervisor” needs training.
Updated original news report:
http://www.networkworld.com/newsletters/sec/2011/032811sec2.html
Related Posts
- Disregard an IE ‘false positive’
QUESTION You've previously recommended Unlocker, but Internet Explorer (IE) 8.0 won't let me download it. I managed to obtain the file using Google Chrome, but Security Essentials then blocked it and ... - Panic on Facebook: AVG HTML/Framer false positive
You CAN go to South Africa in Mafia Wars Notice of a possible infection – which is really a false positive in AVG’s AV scanner – in Zynga’s Mafia Wars game on Facebook ha... - Deal with a malware false positive
QUESTION Kaspersky is reporting that an 'action similar to a PDM.Keylogger has been detected'. A virus scan finds nothing, but Detected Threats reports: 'Type Path Name Criticality F C:\Program Files\... - False Positive Automation Problems Remain
In March Panda Security released a test file to demonstrate the operation of their cloud-based anti-malware products. Less than 3 months later that file is widely detected as malicious by oth... - McAfee’s False Positive and the reactions
Last week, Security Software vendor McAfee released a database update containing a false positive that led to Windows crashes.
Soon enough, emails, tweets and other headlines were laughing at McAfee f... - Malware Authors Taking Advantage of McAfee False Positive
Always ever ready to pounce on any major new events, the creators of rogue antivirus software are quick to seize on the latest major news event to try and push their wares on unsuspecting users. In th... - Compromised ads leading to TDSS rootkit infections
As we all know, compromised sites play an important role in web distributed malware, acting as the conduit, guiding user traffic to further malicious content. Sometimes, the attackers get lucky, and s... - ZeroAccess, an advanced kernel mode rootkit
In the last couple years there have been three major players who dominated the scene in the field of the kernel mode rootkit development. They are Rustock rootkit - with its latest build discovered i... - No Keyloggers on Samsung Laptops as Far as We Know
Network World has published an article claiming that Samsung Electronics installs Windows keyloggers on their laptops by default. This caused an uproar, as even Samsung support appeared to con... - Confirmed: Samsung is Not Shipping Keyloggers
We now have confirmation for what we wrote in our previous blog post: Samsung is not shipping keyloggers on their laptops.The whole saga was caused by a false alarm of the VIPRE Antivirus prod...
Posted on 01 April 2011. Tags: False, Positive, rootkit, Samsung, VIPRE
The above information is reprinted from and copyrighted © by Spyware Sucks.
