Samsung says it is spyware-free, blames VIPRE

Alex Zaharov-Reutt
Thursday, 31 March 2011 16:50

Your IT - Home IT

Samsung has firmly denied reports that it is loading its laptops with spyware, something that would truly have been 'astonishing' if true, but Samsung says anti-virus software giving a false-positive is to blame for the snafu.

Ok everyone, we can all stop panicking. The reports that Samsung -might- have been installing spyware on its computers has been firmly denied by Samsung as "not true", and has issued a statement clarifying its spyware status.

Now, while we have to take Samsung at its word, there is no particular reason to disbelieve the company - it has worked hard to renew its notebook line in Australia after an absence of a few years, and thus far has done very well.

While accusations of spyware are never welcome, especially if you're innocent of such activities, I guess the old adage of 'there's no such thing as bad publicity' applies in this instance.

The whole thing started when Toronto-based IT consultant, Mohamed Hassan, claimed to have discovered the 'StarLogger' keylogging software on not one Samsung laptop, but two, as quoted in a PC World article.

The details are in our previous story on the topic, where Mr Hassan had purchased a Samsung R525 and then an R540 laptop, from different stores, with both supposedly having StarLogger installed.

Mr Hassan assumed the worst, thinking that Samsung had installed the software, with Samsung's tech support people first denying knowledge of the spyware, then apparently claiming it was installed to keep an eye on users, with the blame then sheeted onto Microsoft, before finally Jason Redmond, a Samsung spokesperson saying they took this issue 'very, very seriously' and claimed no knowledge of StarLogger or its creators.

So, what really happened? Well, according to Samsung Australia and the global Samsung HQ, the whole thing is down to a simple case of mistaken identity.

A Samsung spokesperson told iTWire that: 'Reports that a keylogger was installed in Samsung laptops are not true. Our findings indicate that the person mentioned in the article used a security program called VIPRE that mistook a folder created by Microsoft Live Application for a key logging software, during a virus scan.'

VIPRE is made by SunBelt Software http://www.sunbeltsoftware.com/home-home-office/vipre/ and claims to be high performance anti-virus software, with a chart showing how it has the lowest CPU usage memory usage etc against a range of competitors. Like some of its competitors, it also now has a famous false positive to add to its list of awards. At least it wasn't causing computers to stop booting properly!

Seeing as we're again taking Samsung at its word, as we have no reason to doubt it, it looks like this false positive has caused a spyware scandal that isn't.

Samsung's IT executives must be breathing a sigh of relief, as opposed to a spy of relief - after all, no-one wants to be tarnished with the espionage brush - unless they're 007-types whose job it is to actually spy!

So'¦ we can all relax. Samsung says it is spyware-free, and unless any information comes out to the contrary (and no doubt more investigations by interested end-users and security firms will continue), we're happy to believe that Samsung truly is keylogger spyware-free.

That said, most notebook companies offer update utilities or even PC health type utilities which communicate information about your system back to the manufacturer, and to which you've usually agreed to by clicking "I agree" and "Next". These utilities are not, however, capturing your every keystroke, they're not getting your usernames or passwords. What they are probably getting is diagnostic info and other telemetry, just as OS makers usually do today.

Is it right? That's up to you. Usually clicking "I agree" and "Next" without reading is what many people do so they can use the software, and aren't really even aware of what information an application is collecting. In any case, this kind of information collection about hardware and software configurations and diagnostic info, etc, is accepted, while real spyware, malware and even adware most definitely is not, with a massive industry dedicated to defending against the ever more sophisticated cyber threats appearing anew on a worryingly regular basis.

So, whatever any company claims, we should not take a spyware-free status for granted. It is possible to be infected by spyware or worse after receipt of a clean computer, and everyone should check their computers for spyware, malware, viruses and other net nasties, whatever their origin, with their up-to-date 2011 Internet security suite and at least another additional malware/adware/spyware scanner, free or paid.

Security info and commentary continues on page two, please read on!