According to Network World, Samsung has been installing key logging software on its laptop computers. On May 1 Mohamed Hassan, a graduate of the Master of Science in Information Assurance (MSIA) program at Norwich University, discovered an application called StarLogger had been installed on his brand new laptop. He discovered the software was located in the C:\Windows\SL\ folder, and after some investigation, Hassan found it was recording every keystroke, including emails, documents, usernames and passwords.
He proceeded to report this to Samsung Support and logged incident number 2101163379 with them. In a similar move to SonyBMG about the installing of rootkits, Samsung's support department denied the existence of any such software on its laptops.
After being informed of two different models which had been tested for the keylogger, Samsung changed its tune and, instead, blamed Microsoft by saying "all Samsung did was to manufacture the hardware." This answer was not accepted by Mohamed and he told them that it "did not make sense", the incident was then moved higher up the support chain to a supervisor, who explained to Hassan that he was "not sure how this software ended up in the new laptop," but confirmed that "yes, Samsung did knowingly put this software on the laptop to monitor the performance of the machine and to find out how it is being used."
In 2007 the FTC Chairman, Deborah Platt Majoras, said "Installations of secret software that create security risks are intrusive and unlawful." If this story turns out anything like the Sony rootkit fiasco we may see lawsuits, and quite a few of them.
The two models currently known to contain this software are the R525 and R540. CNET has published a helpful guide on how to remove this software, to read it click here.
Update: Samsung have since investigated this complaint, and discovered that this is simply a false positive from the security software. The C:\Windows\SL directory is created to hold Slovenian language files, and its presence on the disk is all that is required to trigger the false alert.
Image Credit: Informer