Samsung laptops have keylogging rootkits installed at the factory

[Rainmaker]

Never did. You made it up.

Thank goodness for post quoting in email reply notifications then. Seriously though, it's late/early so I'll let you off lol

 

[Emlyn_Dewar]

*glares at his TV with disgust*

That TV is recording your viewing habits! I'll gladly take it off your hands for nothing, just to put a stop to their crime...

 

[Aod]

Even your employers are not allowed use such tools to check their company machine usage.

actually, they are.

any company that has a halfway-decent IT policy will have employees sign an IT usage code-of-conduct agreement at the point of employment, and within it shall be stipulated something along the lines of "Employees have no expectation of privacy"
totally legal depending on the Companies IT policy.

what samsung's done however? Hmmm... that's dodgy. they're going to be in a whole pack of trouble for this i expect.
remember the trouble google got into with the WiFi data-thing?

 

[Hotwired]

So when these things try to email out don't firewalls wave a flag or something.

Zonealarm likes to do popups every time a new program wants net access for example.

 

[Rroff]

Depends how its implemented, if its (partially) a low level rootkit then potentially zonealarm won't even see its traffic.

 

[Rainmaker]

So when these things try to email out don't firewalls wave a flag or something.

Zonealarm likes to do popups every time a new program wants net access for example.

Most likely, yes. Though some malware is clever enough to disguise its traffic as legit system traffic, and hence make it through. I look forward to a more detailed analysis of this implementation of the spyware.

Having said that, don't forget that we're a forum of IT geeks. It's easy to forget that meanwhile, 99% of the public buy their shiny laptop, "press the blue 'e'" and they're away. And that's it. Windows firewall is permissive of most outgoing connections by default, and most users wouldn't care anyway - especially if they named it something like Samsung Update Service.

Personally I'm glad I got my MacBook Pro. I was so close to getting a high end Samsung. I'll never buy from them again tbh.

 

[EdGey]

Christ, thats terrible.

Dont really have anything Samsung at the moment other than a HDD which just happens to be crap.

Wont touch them after this.

 

[Dewotter]

I've actually just switched from an older Samsung Q210 to a new MacBook Pro.

 

[sunnysingh]

Wow that's damaging news for Samsung. It's gonna be an interesting 24 hours at their HQ.

 

[Bennie-Mac]

I've actually just switched from an older Samsung Q210 to a new MacBook Pro.

Its too late they already have all your credit card details

 

[Rainmaker]

The worst part is, it was done intentionally. Somehow having malware sneak in and get inadvertently shipped on your product is bad enough - but to purposefully implant a rootkit piece of spyware so you can harvest data from paying customers? Scum, tbh.

 

[Mark A]

Just out of interest, what is a decent spyware program to use? I'm still using spybot S&D, is there any better free programs?

 

[Hotwired]

Also Malwarebytes Anti-Malware aka MBAM.

Not an either/or tbh, some things are picked up by one and not the other.

 

[Rainmaker]

Just out of interest, what is a decent spyware program to use? I'm still using spybot S&D, is there any better free programs?

I'm presuming you meant anti spyware? MalwareBytes is the daddy these days, though SuperAntiSpyware and HitMan Pro are both decent too. Best of all, they're all free.

 

[SiriusB]

I am finding lately that SAS picks up a bunch of stuff MBAM seems to miss. Whether or not it is an issue of SAS being over-sensitive or not is another matter.

 

[Energize]

I'll wait until there's some reputable source rather than a blog before getting up in arms.

 

[Rainmaker]

I'll wait until there's some reputable source rather than a blog before getting up in arms.

A sensible approach, but since the guy reporting it is a reputable security researcher and he says Samsung have admitted doing it... Well it doesn't look good.

 

[Energize]

A sensible approach, but since the guy reporting it is a reputable security researcher and he says Samsung have admitted doing it... Well it doesn't look good.

And in another thread just the other day a nobel prize winning scientist published some crackpot research in new scientist, I don't put much stock in one persons word regardless of reputation.

 

[Rainmaker]

And in another thread just the other day a nobel prize winning scientist published some crackpot research in new scientist, I don't put much stock in one persons word regardless of reputation.

Quite. It'll be interesting to see what turns up, but I still have doubts - I mean would a respected researcher risk everything to lie openly about a worldwide corporation?

Non-replicable results in a study (the Nobel guy) is one thing. Lying and openly slandering a company is quite another! He'd be bankrupt in a week if he couldn't back up his allegations, surely?

We'll find out soon enough, no doubt.

 

[Energize]

Remember that South Korean scientist who fabricated SCNT results? God knows why people do it but they do. Maybe this isn't even him, maybe someone else gained access to his account.