Thanks for QTing the sophos product!  I do trust them and figure it will be a good one given Doc's recommendation.

Or it can be innocent - they just wanted to have a good tool for the tech calls.  A really stupid innocent move, but do not always attribute to evil what can easily be explained by stupidity (I forget who said that).

As always the consumer is presented with a very real problem, just who do you believe. 

FALSE ALARM Testing confirms Samsung keylogger rumour just a false alarm
http://www.theregister.co.uk/2011/03/31/samsung_keylogger_rumour_debunked/

Antivirus testers have backed up Samsung's protestations that the detection of keylogging software on brand-new Samsung laptops was just a false alarm.

Mohamed Hassan, founder of security consultancy NetSec, raised the alarm after a scan revealed that two newly purchased Samsung laptops were infected with StarLogger, a commercial keylogger. Hassan investigated the matter before working on a story for NetWork World that compared the incident to the infamous Sony BMG rootkit fiasco of 2005.

It was suggested that Samsung was using underhand methods to extract market research, monitoring user activity without their knowledge or consent in the process. Hassan was eventually put through to a Samsung support centre manager who told him that Samsung had pre-loaded software to "monitor the performance of the machine and to find out how it is being used".

Samsung quickly denied it was doing anything of the sort before issuing a more detailed statement saying that the

Testing by antivirus researchers this morning confirmed that VIPRE Antivirus detects 'StarLogger' after creating a 'SL' folder on a clean PC. Even an empty folder with no files in it creates this behaviour.

I actually prefer this, as it gives the hotel information in case you come back to your room and something is missing, they will know where to start to find out who took it.  Does not matter to me though if they know when I come and go, it is their hotel after all, and this just seems as a very good means of security.

Thanks - yes I verified it was a false alarm.  Sorry for the rhubarb.

Only one problem with that. If you buy a PC it comes with a restore DVD that in most cases one has to make themselves. If you reinstall Windows it reinstall the bloatware. They quit giving out copies of "just" Windows some time ago. So one has to spend hours getting rid of the bloatware. A format would not help much.

Oh....BTW...it's 'LIBEL', really as it's the 'written word'.

It's a worry that a 'security expert' could be confused by a false-positive. Considering that it happens all the time with programs, you think he would research further before throwing it on the net.

One of the reasons I buy the full version of an OS. 

OK...I'll elucidate.....

For reckless and irresponsible reporting I agree.  But for the innocent stuff, no.  And the rub is how do you figure the difference.  Samsung has a recourse against Netsec, and that is the courts.  Proving it is not so easy, but then given the respective pockets of the 2 companies, the odds favor Samsung should they pursue it.

I agree strongly with this view.  While my job is Network security, I do not have the skills or time to investigate every alarm raised, so I trust others to do it for me.  When they screw up big time, like this one, it makes my job harder in knowing who to trust. 

The end result is that Samsung got hurt, but I suspect Netsec got a fatal blow for their early false positive.  Had they been right, they would be kings of the castle.  As it is, their reputation just took a very bad blow.

If it were only that easy. *sigh.

Unfortunately shit happens.

Which goes to show, experts know nothing.