A security researcher believes that he discovered Samsung having installed keyloggers in its laptop models. This is a serious claim, as unauthorized installation of spying tools such as a keylogger is a huge breach of privacy.
The findings came from Mohamed Hassan, MSIA, CISSP, CISA graduated from the Master of Science in Information Assurance (MSIA) program from Norwich University in 2009. Hassan is also the founder of NetSec Consulting Corp, an information security consulting company. At the same time, he is a senior IT Security consultant and an adjunct professor of Information Systems in the School of Business at the University of Phoenix.
Hassan was setting up a Samsung R525 laptop and he ran a scan using VIPRE, which detected the keylogging software StarLogger. Hassan later got another Samsung laptop, this time a different model – the R540. In it he found the same finding from VIPRE, which identified the offending files in c:\windows\SL.
Despite it being a rather obvious place to hide a keylogger, Hassan believed in the results. He wrote to Network World, "The findings are false positive-proof since I have used the tool that discovered it for six years now and I am yet to see it misidentify an item throughout the years."
Network World reported Hassan's findings in full, which sprung Samsung into full action mode to get to the bottom of things. It turns out, however, that Hassan was wrong.
The directory path c:\windows\SL wasn't for StarLogger at all; it was for Windows Live Essentials language pack for Slovenski. All it took to fool VIPRE into reporting the presence of StarLogger was the presence of the directory – not even needing the language files installed.
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
LOL. A man trying to gain fame without proper analysis! Shame on you! You call yourself a security expert? Relying on only 1 tool and not verify your claims???? Dude, you sure are one heck of an expert!Reply
Wow, I work in the IT Industry and it's pretty damn easy to differentiate between spyware and a freaking language pack. I mean, what, did he think the directory had Microsoft published INIs as a trick? At the very least he didn't think of running multiple anti-virus programs? And no, keyloggers aren't "virtually undetectable": the areas of the registry where StarLogger sets it's self to start are pretty well known and if a Security Consultant doesn't know HKCU/Software/Microsoft/Windows/CurrentVersion/Run by heart then that's just sad.Reply
Yeah, he gained fame alright...but I don't think it's a good thing here. How is going to look to NetSec Consulting Corp for security consulting now?Reply
Biggest oops in recent tech history, I tell you what...Reply
Whooops..... eh, yea.... nevermind guys, I uh.... nevermind. Hey look over there!Reply
Notoriety is earned.Reply
Making the claim "The findings are false positive-proof since I have used the tool that discovered it for six years now and I am yet to see it misidentify an item throughout the years." goes to show that he is a fool and it's inexcusable.
There's no such thing as a defect free antivirus application. Vipre isn't even in the top ten.
take a look at his name, lol...how did he get all those certifications?Reply
Here in the Silicon Valley, anyone that puts a string of 'certificates' after their name in print is laughed at: bozo factor is nearly certain.Reply
An Adjunct Professor at UoP? Isn't that like Jr. Custodian at Wendy's? Is that 'school' even accredited?
In any case, I hope NW salvages what is left of their reputation by having this neophyte, and his cohort, walk the plank. Any customer of his company should RUN not walk, to the competition.
heycarnutHere in the Silicon Valley, anyone that puts a string of 'certificates' after their name in print is laughed at: bozo factor is nearly certain.QEDAn Adjunct Professor at UoP? Isn't that like Jr. Custodian at Wendy's? Is that 'school' even accredited?In any case, I hope NW salvages what is left of their reputation by having this neophyte, and his cohort, walk the plank. Any customer of his company should RUN not walk, to the competition.i very much agree with you on this oneReply
You idiots already forgot about HBGary?Reply