Samsung installs keylogger on its laptop computers

In the fall of 2005, the security and computer world was abuzz with what was at the time dubbed as the "Sony BMG rootkit Fiasco." Sony BMG used a rootkit, computer program that performs a specific function and hides its files from the regular user, to monitor computer user behavior and limit how music CDs were copied and played on one's computer.

Some in the computer security industry had hoped that the criminality of the act that Sony BMG had engaged in together with the huge business costs associated with the settling of the case with consumers and federal authorities would act as a deterrent to any company which might want to monitor computer usage. Others, including Mark Russinovich, the developer and blogger who first discovered the rootkit, were not so sure. In fact Mr. Russinovich warned that "Consumers don't have any kind of assurance that other companies are not going to do the same kind of thing (as Sony)" (Borland, 2005).

How right has Mr. Russinovich been!

While setting up a new Samsung computer laptop with model number R525 in early February 2011, I came across an issue that mirrored what Sony BMG did six years ago. After the initial set up of the laptop, I installed licensed commercial security software and then ran a full system scan before installing any other software. The scan found two instances of a commercial keylogger called StarLogger installed on the brand new laptop.

On March 1, 2011, I called and logged incident 2101163379 with Samsung Support (SS). First, as Sony BMG did six years ago, the SS personnel denied the presence of such software on its laptops. After having been informed of the two models where the software was found and the location, SS changed its story by referring the author to Microsoft since "all Samsung did was to manufacture the hardware." When told that did not make sense, SS personnel relented and escalated the incident to one of the support supervisors.

The supervisor who spoke with me was not sure how this software ended up in the new laptop thus put me on hold. He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."

In other words, Samsung wanted to gather usage data without obtaining consent from laptop owners.