Mumbai, April 1 (Agencies): Korean hardware giant Samsung didn't put keylogging software on its laptops, and the company partly responsible for causing the fuss has made a grovelling apology.
A report accused Samsung of releasing two of its laptops with a pre-installed keylogger, which is able to log keystrokes and take screenshots. It resulted in a major PR blow-up, with the Korean firm forced to issue a statement denying that it had stuck Starlogger in its hardware to spy on people. In a blog post, the insecurity firm Gfi Labs confirmed that the keylogger detection was based on a false positive in its Vipre antivirus software. Alex Eckelberry, general manager of Gfi security, said, "We have no one to blame but ourselves."
Gfi Lab's Vipre software detected C:WINDOWSSL, the Slovenian language directory for Windows Live, as malware. This is the same directory path used by the StarLogger keylogger, hence the confusion. Eckelberry said of the directory, "At some point several years after the original detection was written, Windows Live started using that directory to install Slovenian language files for Windows Live."
"Samsung started pre-installing Windows Live, including all the languages, and there you have the problem we're having today." Although it was a big mistake by Gfi, rival insecurity firm F-Secure stuck up for the company, saying the original report was flawed.
F-Secure's security chief Mikko Hyponnen said in a blog post, "Unfortunately Mohamed Hassan (CISSP),who did the original analysis did not double-check his findings and blamed Samsung instead."
"Apparently he did not look at the contents of the 'SL' folder at all."
A report accused Samsung of releasing two of its laptops with a pre-installed keylogger, which is able to log keystrokes and take screenshots. It resulted in a major PR blow-up, with the Korean firm forced to issue a statement denying that it had stuck Starlogger in its hardware to spy on people. In a blog post, the insecurity firm Gfi Labs confirmed that the keylogger detection was based on a false positive in its Vipre antivirus software. Alex Eckelberry, general manager of Gfi security, said, "We have no one to blame but ourselves."
Gfi Lab's Vipre software detected C:WINDOWSSL, the Slovenian language directory for Windows Live, as malware. This is the same directory path used by the StarLogger keylogger, hence the confusion. Eckelberry said of the directory, "At some point several years after the original detection was written, Windows Live started using that directory to install Slovenian language files for Windows Live."
"Samsung started pre-installing Windows Live, including all the languages, and there you have the problem we're having today." Although it was a big mistake by Gfi, rival insecurity firm F-Secure stuck up for the company, saying the original report was flawed.
F-Secure's security chief Mikko Hyponnen said in a blog post, "Unfortunately Mohamed Hassan (CISSP),who did the original analysis did not double-check his findings and blamed Samsung instead."
"Apparently he did not look at the contents of the 'SL' folder at all."
