Keylogging software discovered on brand new laptops!!

Avatar

Please consider registering
Guest

Search

— Forum Scope —






— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

Register Lost password?
sp_Feed sp_topic_old
Keylogging software discovered on brand new laptops!!
Avatar
Jim Hillier
Admin
Forum Posts: 2492
Member Since:
August 9, 2011
sp_UserOfflineSmall Offline
1
March 30, 2011 - 10:02 pm
sp_Permalink sp_Print

Here's a new one; how about keylogging software pre-installed on brand new laptops, straight from the factory.......BY THE MANUFACTURER!!

The "StarLogger" software was discovered by Mohamed Hassan, founder of NetSec Consulting, after he scanned 2 brand new Samsung laptops [model numbers R525 and 540].

StarLogger auto starts with Windows and records all keystrokes made on the computer. It can be difficult to detect, and can be set to periodically and surreptitiously send e-mails containing information gleaned from the computer to a preset e-mail address, with screen capture images attached.

When Hassan first contacted Samsung to report this intrusion they referred him to Microsoft, saying all they did was manufacture the hardware. However, a senior supervisor at Samsung finally admitted that they had indeed installed the software on the laptops in order to monitor machine performance "and to find out how it is being used."

In other words, Samsung wanted to gather usage data without obtaining consent from laptop owners.

Good grief!!

Sounds as though users should be adding one more essential security step to the conventional strategy.....i.e. thoroughly scan any brand new machine as soon as possible!!

Or do you do that already??

Avatar
Chad Johnson
Mod
Forum Posts: 867
Member Since:
August 11, 2011
sp_UserOfflineSmall Offline
2
March 31, 2011 - 12:19 pm
sp_Permalink sp_Print

I do one better - I boot and nuke the machine and install Windows from scratch.

And of course, by breaking the seal on the laptop you agree to do whatever it is they want from you...

Avatar
Chad Johnson
Mod
Forum Posts: 867
Member Since:
August 11, 2011
sp_UserOfflineSmall Offline
3
March 31, 2011 - 1:42 pm
sp_Permalink sp_Print

This is now being reported as "incorrect":
[url:q9q3elbp]http://www.pcworld.com/article/223823/samsung_series_9_laptop_shows_no_signs_of_spyware.html[/url:q9q3elbp]

Samsung is (naturally) denying any such claim.

Avatar
Nightowl78
Member
Forum Posts: 78
Member Since:
September 17, 2008
sp_UserOfflineSmall Offline
4
March 31, 2011 - 1:48 pm
sp_Permalink sp_Print

Hi Jim:

This from CNET about keylogger in laptops from Samsung

Avatar
Nightowl78
Member
Forum Posts: 78
Member Since:
September 17, 2008
sp_UserOfflineSmall Offline
5
March 31, 2011 - 1:49 pm
sp_Permalink sp_Print

Sorry Jim forgot the link

[url:ibt01fze]http://news.cnet.com/8301-31921_3-20049259-281.html?part=rss&subj=news&tag=2547-1_3-0-20[/url:ibt01fze]

Avatar
Ken Harthun
Mod
Forum Posts: 86
Member Since:
August 11, 2011
sp_UserOfflineSmall Offline
6
March 31, 2011 - 2:54 pm
sp_Permalink sp_Print

WHOA! Everyone settle down. It's not true. Repeat, this is a false report!

http://nakedsecurity.sophos.com/2011/03 ... y-software.

Don't give it another thought. People react far too quickly to this stuff and that's understandable, but often it's over-reaction.

Avatar
Jim Hillier
Admin
Forum Posts: 2492
Member Since:
August 9, 2011
sp_UserOfflineSmall Offline
7
March 31, 2011 - 3:12 pm
sp_Permalink sp_Print

[quote:3ue2c8oc]WHOA! Everyone settle down. It's not true. Repeat, this is a false report![/quote:3ue2c8oc]
Ken - What [i:3ue2c8oc]are[/i:3ue2c8oc] you on about? That's exactly what the previous posts have all been saying!!

[quote:3ue2c8oc]Sorry Jim forgot the link[/quote:3ue2c8oc]
Nightowl - LOL....never done that myself.

Thanks Guys, just caught up with this latest news this morning.

Seems the "Vipre" AV software has caused a little embarrassment for Mohamed Hassan by reporting a false positive and Samsung are in the clear.

It is an interesting concept though. I wonder how many manufacturers have actually considered it but then decided not to go ahead simply because of the potential to damage their reputation.

I also think it reflects badly on manufacturers public image [in general] that a report such as this could be so readily accepted as believable.....the "I wouldn't put it past them" syndrome?

Or maybe I am more cynical than the average.

Cheers guys....Jim

Avatar
Ken Harthun
Mod
Forum Posts: 86
Member Since:
August 11, 2011
sp_UserOfflineSmall Offline
8
March 31, 2011 - 6:18 pm
sp_Permalink sp_Print

Honestly, I see so much of this false reporting and scare-mongering that I just have no tolerance for it anymore. Sorry, but I didn't read any of the other links, just figured everyone was perpetuating the scare. Sorry, my bad, reverse dramatization, I guess.

Before I post ANYTHING about scary stuff like this, I often spend up to an hour or more researching it. Because if I was to post a fake scare based on a false positive on my Security Corner blog at TechTarget, they are likely to reprimand me for it.

And I deal with people who actually open things like the UPS Notification spam that has been floating around. Don't people know that if they get 500 of those things at once that it can't be real? Sheesh!

Forgive my lapse of temper and realize that I, too, am human, even though the 'net now has me labeled as the "Sheikh of Geek"

Avatar
Jim Hillier
Admin
Forum Posts: 2492
Member Since:
August 9, 2011
sp_UserOfflineSmall Offline
9
March 31, 2011 - 8:04 pm
sp_Permalink sp_Print

Agree 100% Ken. If everyone started reporting false positives, flagged by errant security software, as real/legitimate threats it would be bedlam!!

I find it unbelievable (and incredibly naive) that Mohamed Hassad (so-called security 'expert') did not bother to double check and confirm Vipre's findings [via other security programs] before actually reporting the incident on the net.....it ain't exactly rocket science!! Thankfully his claims were very quickly disproved.

I guess the embarrassment he would now be suffering through his ill considered action would be punishment enough.

"The Sheikh of Geek" eh?......Is that a good thing??

Avatar
Ken Harthun
Mod
Forum Posts: 86
Member Since:
August 11, 2011
sp_UserOfflineSmall Offline
10
March 31, 2011 - 8:39 pm
sp_Permalink sp_Print

"The Sheikh of Geek" eh?......Is that a good thing?? [/quote:2h6mfmo0]

Well, the people who have assigned me that moniker are some of your fellow Aussies, so I have to assume those blokes know what they're talking about!

Have not figured it out yet, but I seem to get on with you folks living in Oz. Have a good fellow in Perth, WA I chat with all the time and one in Palmerston, NT. Then there's the Sheila, Cindy, from Adelaide. Hell, I feel like I ought to throw some shrimp on the barbie and pop a couple of Tooheys or XXXXs.

But, don't pay any attention to this codger, mate! I'm just enjoyin' me grog...

G'day!

Avatar
Jim Hillier
Admin
Forum Posts: 2492
Member Since:
August 9, 2011
sp_UserOfflineSmall Offline
11
March 31, 2011 - 8:53 pm
sp_Permalink sp_Print

[size=140:230rula6]LOL[/size:230rula6]

Well, you certainly have a handle on the lingo mate.

Forum Timezone: America/Indiana/Indianapolis

Most Users Ever Online: 188

Currently Online:
14 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Member Stats:

Guest Posters: 10

Members: 1272

Moderators: 3

Admins: 4

Forum Stats:

Groups: 8

Forums: 19

Topics: 1538

Posts: 11824

Administrators: Jim Hillier, Richard Pedersen, David Hartsock, Marc Thomas

Moderators: Judy Novotny, Jason Shuffield, Mail Poet