Thursday, 31 March 2011 17:50

Samsung says it is spyware-free, blames VIPRE


Samsung has firmly denied reports that it is loading its laptops with spyware, something that would truly have been 'astonishing' if true, but Samsung says anti-virus software giving a false-positive is to blame for the snafu.

Ok everyone, we can all stop panicking. The reports that Samsung -might- have been installing spyware on its computers has been firmly denied by Samsung as "not true", and has issued a statement clarifying its spyware status.

Now, while we have to take Samsung at its word, there is no particular reason to disbelieve the company - it has worked hard to renew its notebook line in Australia after an absence of a few years, and thus far has done very well.

While accusations of spyware are never welcome, especially if you're innocent of such activities, I guess the old adage of 'there's no such thing as bad publicity' applies in this instance.

The whole thing started when Toronto-based IT consultant, Mohamed Hassan, claimed to have discovered the 'StarLogger' keylogging software on not one Samsung laptop, but two, as quoted in a PC World article.

The details are in our previous story on the topic, where Mr Hassan had purchased a Samsung R525 and then an R540 laptop, from different stores, with both supposedly having StarLogger installed.

Mr Hassan assumed the worst, thinking that Samsung had installed the software, with Samsung's tech support people first denying knowledge of the spyware, then apparently claiming it was installed to keep an eye on users, with the blame then sheeted onto Microsoft, before finally Jason Redmond, a Samsung spokesperson saying they took this issue 'very, very seriously' and claimed no knowledge of StarLogger or its creators.

So, what really happened? Well, according to Samsung Australia and the global Samsung HQ, the whole thing is down to a simple case of mistaken identity.

A Samsung spokesperson told iTWire that: 'Reports that a keylogger was installed in Samsung laptops are not true. Our findings indicate that the person mentioned in the article used a security program called VIPRE that mistook a folder created by Microsoft Live Application for a key logging software, during a virus scan.'

VIPRE is made by SunBelt Software and claims to be high performance anti-virus software, with a chart showing how it has the lowest CPU usage memory usage etc against a range of competitors. Like some of its competitors, it also now has a famous false positive to add to its list of awards. At least it wasn't causing computers to stop booting properly!

Seeing as we're again taking Samsung at its word, as we have no reason to doubt it, it looks like this false positive has caused a spyware scandal that isn't.

Samsung's IT executives must be breathing a sigh of relief, as opposed to a spy of relief - after all, no-one wants to be tarnished with the espionage brush - unless they're 007-types whose job it is to actually spy!

So'¦ we can all relax. Samsung says it is spyware-free, and unless any information comes out to the contrary (and no doubt more investigations by interested end-users and security firms will continue), we're happy to believe that Samsung truly is keylogger spyware-free.

That said, most notebook companies offer update utilities or even PC health type utilities which communicate information about your system back to the manufacturer, and to which you've usually agreed to by clicking "I agree" and "Next". These utilities are not, however, capturing your every keystroke, they're not getting your usernames or passwords. What they are probably getting is diagnostic info and other telemetry, just as OS makers usually do today.

Is it right? That's up to you. Usually clicking "I agree" and "Next" without reading is what many people do so they can use the software, and aren't really even aware of what information an application is collecting. In any case, this kind of information collection about hardware and software configurations and diagnostic info, etc, is accepted, while real spyware, malware and even adware most definitely is not, with a massive industry dedicated to defending against the ever more sophisticated cyber threats appearing anew on a worryingly regular basis.

So, whatever any company claims, we should not take a spyware-free status for granted. It is possible to be infected by spyware or worse after receipt of a clean computer, and everyone should check their computers for spyware, malware, viruses and other net nasties, whatever their origin, with their up-to-date 2011 Internet security suite and at least another additional malware/adware/spyware scanner, free or paid.

Security info and commentary continues on page two, please read on!

Naturally, all of the usual advice to update your OS and all your programs with the latest updates and patches fully applies, including Adobe Flash, Real Player, Adobe Reader, udpates for Office or other business software, updates for everything when you use any operating system, be it Windows, Mac OS X, Linux or something else - with regular image and regular backups to fall back on and roll back to should an update go rogue and snafubar the whole system.

Usually spyware and malware emanates from criminal organisations with online operations, perpetuating fraud on a wide scale. Spyware from companies and governments is where things cross the line.

So, Samsung says it is spyware free, which is a very good declaration to make. It's a shame that a false-positive pushed the story into the press, but if it puts companies on notice that consumers will not tolerate spyware, that's a good outcome.

Even better would be if every person reading this article checked that their systems were totally scanned, backed-up and up-to-date, with each person helping their friends get their computers properly updated too, whether it is themselves helping directly, getting knowledgeable relatives or kids to help, or recommending in-home computer help services.

After all, the fight against spyware, malware, viruses and more is fought on a person-by-person, computing device-by-computing device basis. There will always be zero-day shockers or super sophisticated ultra-new methods that specifically target a vulnerability and tested to ensure it avoids as many, if not all, of today's detection technologies as possible.

But the fight against spyware isn't standing still either, doing everything possible to stay one or more steps ahead of the criminals, just as the criminals do all they can to stay as many steps ahead as possible from the rest of us.

Surf and compute safely whatever computing device and OS you use, and keep your digital security knowledge as up to date as possible!


Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.



Some of the most important records are paper-based documents that are slow to issue, easy to fake and expensive to verify.

Digital licenses and certificates, identity documents and private citizen immunity passports can help you deliver security and mobility for citizens’ information.

Join our webinar: Thursday 4th June 12 midday East Australian time


Alex Zaharov-Reutt

One of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.



Recent Comments