It would be interesting to hear from the HN community, people with Samsung laptops, if they've had this happen, or if they check now, if this keylogger is discovered.
Currently on an R720 and I've no SL folder, either.
I've poked around various locations on the machine and run some scans with a number of different tools, but I've discovered nothing untoward, as yet.
My attestation is somewhat of an irrelevance, however, as I've no way of accurately replicating the environment in which Mr Hassan carried out his research. It looks as though I shall simply have to wait and see how this all plays out over the coming days.
Given US law enforcement's use of surveillance on individuals with certain foreign ties, in order to faithfully replicate this it might require someone named "Mohamed" unfortunately.
And what does he mean by "After the initial set up of the laptop"? What exactly did he do? Couldn't it just mean that the security software he is using to do the scan or the media he is using is infected? I just think this sounds fishy until he's verified it with a completely different set of tools.
Not only that, but there are legit reasons to include a keylogger as part of a laptop build out. Every computer has, or should have, this kind of auditing capacity. The question is a) whether it's turned on by default and b) whether any information is being transmitted on the sly. In all likelihood, this was either some sort of mistake, or the keylogger is intended for use by the computer's owner -- not by Samsung.
EDIT: Sorry for scaring people. Listen, I HATE keyloggers and other invasive software. Here:
My point was that I can see a legit need for low-level auditing by whoever owns the PC. Including such a package that's turned off by default, might be better than forcing a worried parent to sift through 12 keyloggers on Google, half of which are malware, a quarter of which don't work, in order to find out if her 12-year-old is composing YouTube dances and uploading them to 4chan.
Someone who desires to keep track of a user's key strokes, for example a corporation. This is coming from someone who consents to monitoring every day.
While I agree it is not good for the singular, non-ignorant person, I'm sure there's a massive market for "Corporate Consumers" who'd like to save a buck instead of spending effort configuring a system.
About having the capability of auditing, I suppose it saves production costs to have one laptop with a switch, as opposed to two laptops with slight hardware or software differences.
Right I could see this being part of some child usage monitoring package. It may be part of some crapware that comes with the computer. I bet Samsung is scrambling right now to find out which crapware vendor included it and will find out it part of a net monitoring suite.
Or those who fancy sex on the dinner table without spectators? That's a relatively crass example (sorry), but the privacy implication is clear when you put it in those terms. My home is my home, and what I do behind my door is my business.
I'm surprised you're getting voted up. As much as I disagree with most of the privacy agenda, a lot of their fights are the only thing stopping us from turning Orwellian.
Nothing to hide is pretty arbitrary, too; you mean you have nothing to hide under our current laws. So sure, let them bring the cameras in. Then they'll rewrite the law and you'll suddenly have something to hide.
What most people do not get is: We all (as in every single one of us) have something to hide. I'd say those, who really think they do not, are just crazy.
Credit card numbers, medical conditions, who we have sex with, who we want to have sex with, who we do not want to have sex with, even whether we want to have sex at all etc. pp. We usually do not urinate or masturbate in front of others because we all have something to hide.
If you consider this it's easy to get his sarcasm.
Maybe, and if that were the case, the number of people the sarcasm is missing means it could have been communicated better. Watch his karma swing around -- I'm not the only one that missed it, apparently. It certainly wasn't a good spot for it, because he's responding to sarcasm.
It's a popular mantra made by politicians any time they want to introduce a new anti-privacy measure. This mantra and his version especially is so farcical, I think it's obvious to the majority of readers that his tongue is firmly in his cheek.
Ha, I posted that I wondered if I was going to come back to a -4 or a +4 karma :)
Yes it was sarcastic. As other commenters said, it's a very common and senseless rhetoric used by anti-privacy politicians. Applying it to an extreme example (like camera in your home) was meant to demonstrate how daft such a stance is.
But I disagree, I think it was a very good spot for it: In my mind, some of the best irony is when it's nearly indistinguishable from truth. So I will take the swinging karma as a complement :D
It's also a worrying illustration of how far the anti-privacy agenda has progressed, when people can think you're seriously advocating surveillance cameras in private homes.
Then that's what someone should say, and then promptly get upvoted. Some questions need to be asked, alternative points of view made, and then shown to the world why it's a bad idea; we shouldn't hide them from view to be missed so someone else can make the same mistake.
Meaning can be inferred from the down-voting. I think that was probably the meaning behind most of the negative votes.
I actually believe that it's okay to use voting to express whether you agree or disagree with a point. Where's the harm?
I think that the experience of reading HN is enhanced when there's contrast between popular and unpopular ideas. If a post is unpopular, it doesn't mean that I don't read it. If anything, I might pay more attention to it.
In some cases its lack of popularity might spark more debate; like it has in this case.
Apparently it has to do with how much karma you've accumulated. I magically got the ability to downvote some time last week, without any effort on my part.
I actually believe that it's okay to use voting to express whether you agree or disagree with a point. Where's the harm?
This is a bad point of view and is what is leading to the degradation of HN as a place for people who see the world through a different lens. We have already lost a lot of beautiful minds due to heard voting. Downvoating is for items that do not belong on HN, nothing more nothing less. If you downvote because you do not agree with an idea you are actively suppressing discussion, no matter how strongly you disagree. Many time from people more brilliant that ourselves.
The voting mechanism is a tool. People choose to use tools in whichever way they see fit. A culture will develop and form according to the norms which are set around group usage.
On HN people I've found that many people use voting to signal whether they agree (or disagree) with something. If that wasn't the case, I'd see my karma rise - rather than rise, fall and fluctuate.
As far as I can tell, if something shouldn't be on HN, we have the ability to flag a post.
I can agree that a post shouldn't needless be hammered into negative space, just as a person's point of view shouldn't be needlessly trampled on in meat-space. But I think that down-voting in general has found a place.
We can say that it might be better to never down-vote - but many users have the ability, and it's a regular practice. Neglecting the fact is a little like ignoring the fact the emperor is wearing no clothes.
As far as I can tell, if something shouldn't be on HN, we have the ability to flag a post.
You cannot flag comments downvoting is there to discourage, trolls and abuse.
We can say that it might be better to never down-vote - but many users have the ability, and it's a regular practice. Neglecting the fact is a little like ignoring the fact the emperor is wearing no clothes.
I am well aware of that and it has lead to a decline in the standard that HN used to be (while my account may not reflect it I have been around here for a long time, and witnessed the decline first hand). It has been complained about on HN ad nasium. No one is neglecting the fact that it happens, I am just stating that doing so makes HN a worse place the results are obvious and have already lead to some valuable people leaving.
To flag a comment, click on 'link' and then 'flag'.
I think the decline is largely due to a rise in meta-discussion about HN and a rise in articles which are mainly designed to self-promote their authors.
I apologise for playing my part in the first ... ;P
The harm is that the voting system is designed as a step towards hiding (or at least not highlighting) posts which get downvoted. So downvoting prevents the experience which you yourself agree is desirable, that of seeing both popular and unpopular ideas represented.
That being said, I strongly believe that if a system is being misused, it is the system not the users which are at fault. In this case, my first suggestion (doubtless in need of refinement) is that there should be prominent agree/disagree buttons on every post to allow everyone to express their opinion, and then a separate "flag" link for people to mark spam or useless comments.
Well, that certainly elucidates your point of view: thank you.
But although the system never makes posts inaccessible (to do so would, I'm sure, elicit complaints of "censorship"), it does, if you're using a normally configured browser, grey out negative-voted comments so that they require deliberate effort to read (by -4, you need to highlight them with the mouse). It moves lower-voted posts down the page: even if you have time to read every post, which many people don't, you probably lose focus and pay less attention by the time you get down there. And it reduces the karma of people who make downvoted posts, which some people probably care about (e.g. because they lose/don't get the ability to downvote) and some people probably don't, but which is clearly intended as discouragement.
I think it's clear that the system is designed with the assumption that posts that get downvoted are posts that it intends to discourage. (And I think it's agreed for purposes of this discussion that spam and useless comments are deserving of discouragement in a way that comments one happens to disagree with are not.)
I think the voting system probably provides some interesting metrics about users personality types; e.g. whether they have brutal/gentle personality traits etc.
I wonder if this kind of metric is used in ycombinator interviews?
I think this is a promising line of thinking, the idea that there should be more than one kind of vote. There is confusion as to what the single up/down means, and this is not helped by the fact that the single karma value actually matters for things (the ability to downvote at all or the level of obscuration of the comment). It is certainly not helpful if everyone has a different opinion of what that arrow should mean.
From a UI perspective, there are tradeoffs. Multiple vote options means better sorting, more thorough meaning. It also means more confusion and more work.
Also, instead of single vote tallies, has there been social experimentation with preferential voting systems on comments? (This still has the problem of needing more than one flavor of preference.)
Yeah. But maybe with multiple votes, we already effectively have this. The problem is that those votes are counted internally not as preference order but as total number of votes, adding to a user's general karma score.
In my view, it's ok to downvote something you something disagree with until it gets back down to 1 point. Then downvotes start to censor it and I think it harms discussion unless that comment is one of the things the grandparent commenter was talking about.
I respectfully disagree. Notice how I'm replying instead of downvoting. Downvoting something you disagree with is just pure laziness. You're too lazy to reply so you just downvote, which contributes to burying the opinion of someone else.
You should focus on upvoting. Downvotes should be reserved for abusive, trolling, or spam comments.
I don't personally downvote things I disagree with (If it's presented well I sometimes upvote) but I think it's acceptable. If it wasn't supposed to be that way, it would be "flag" with no downvote option. I also personally think downvote should be removed from the UI completely but...
Great point, but I wasn't aware that there are "usual, legitimate" reasons for downvoting, and that these are well-known enough that you can call them the usual reasons. Seems like everybody just uses their best judgment.
That said, I didn't downvote him, I simply didn't vote. I don't feel a need to vote on everything, and that extends to downvoting.
(A clear deviation of the guidelines deserves a downvote, a clear compliance does not. Like any law, there is a grey area in between requiring some amount of judgement. But these guidelines still stand to ground the discussion around what is/isn't a "usual, legitimate" reason for downvoting.)
Nobody is scared, don't flatter yourself. Your attitude is simply invasive and pointy-haired. Couple that with using a URL-shortened blind link where you are supposedly establishing some kind of safe-computing credibility, and I can only LOL.
Worried parents?! Now you're really getting dangerous. I hope you think long and hard before having children if this is the kind of treatment you expect to give them. If you have a 12 year old who is already uploading "dances" (?) to YT/chans, you have much bigger problems than a computer or the internet (hint: mirror).
I had a chuckle at this. The use of "pointy-haired" was at least creative. And yeah, I believe parents have the right to spy on their kids, especially when it comes to the net. Largely, I'd add, because of people like you (trolls).
It's certainly not a sure thing, but given the poor track record for OEMs, the fact that this guy has a master's in an IT field, that it happened on 2 different model laptops, and that Network World chose to publish it, I'm inclined to believe him. After all, if he's done this "initial setup" on other laptops in the past and not detected this keylogger, Samsung probably has a part to play in this.
This is easy enough to verify, confirm, or deny independently. All you need is another security expert to come to the same conclusion, and it's confirmed. Likewise, another security expert can invalidate the conclusion just as easily. There's not much ambiguity in the outcome.
Someone confirmed that they install software to monitor some kind of usage data:
*
When told that did not make sense, SS personnel relented and escalated the incident to one of the support supervisors.
The supervisor who spoke with me was not sure how this software ended up in the new laptop thus put me on hold. He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."*
Just playing devil's advocate here but I wouldn't trust a "support supervisor" to know what he's talking about. He could be talking about the task manager for all we know. He could be just saying whatever he thinks will make this dude get off the phone so he can go grab lunch.
He should have analyzed the SL configuration to see where the logged keystrokes are sent. That'd have been interesting to see. Now it's just guesswork.
If it was Samsung's responsibility (big if at this stage obviously) then I'd actually be more scared if they didn't install it on purpose.
I get that large corporations intentionally do bad things for money but I kind of assume that they're competent enough that they don't accidentally let their master install for a new laptop get infected with a key logger. I'm not saying that I believe them to be completely competent, just that the level of cock ups I expect from them doesn't run to this.
For me if they did install it accidentally then that's worse than them installing it deliberately for some ill considered audit or support purpose.
I don't believe any corporation can be 'good' or 'evil'. Corporations are comprised of people - some of whom will choose to do 'bad things'.
Digital technology provides a huge amount of power to those who have access to it. People are necessarily subject to human emotions and motivations - some will choose to do things which place people at risk.
Transparency and division of power within an organisation needs to be set-up and maintained to prevent abuses from occurring .. but I'd imagine, in most cases the stage has already been set to allow this kind of thing to happen without a corporation's knowledge.
I assume them to be broadly technically competent in so much as they won't let their master install get infected with a key logger.
I'm happy to accept that they may be incompetent when it comes to making decisions about whether it would be a good idea to install a key logger for support or audit purposes.
However, a scan result does not mean much, a full proof would be if he found the keystrokes actually logged in some file and/or being sent to somewhere.
Btw, I am typing this from a Samsung R510 laptop. Fortunetaly I don't use crappy windows. I run Gentoo Linux.
"Fortunetaly (sic) I don't use crappy windows. I run Gentoo Linux."
A reasonable observation followed by a stupid effectively ad hominem attack. The reason your Linux PC is free from the Samsung keylogger (if it does exist) is only because there's little to no incentive to bother with attacking Linux users. Do you really believe Microsoft has spent billions in research and hiring the brightest minds in technology to create an inherently insecure OS, or is it more likely that the incredibly large userbase creates much greater incentives for security attacks?
No, the reason his computer does not have the keylogger is because he installed an operating system other than the one it came with (assuming the story is accurate). Even if he had reinstalled Windows, he would not have it.
The fact that Macs are statistically less likely to be infected by malware does not mean they are immune. It just means, that most malware-authors are more interested in windows because of the larger number of potential victims.
(Who came up with the idea to spin the fact that Macs are less attractive to black-hats into Macs being more secure anyway?)
This wasn't so much aimed as a direct response to the joke but rather a general comment towards the fact that there are actually people who want to believe that Macs are actually more secure then any other computer. Sorry for being so unclear.
I wonder where it stores all this logged information. Despite a lot of references to the Sony rootkit, the author doesn't specifically call this a rootkit other than to say it's "completely undetectable" (not really). There's also mention of traces of the program being found in c:\windows\SL, which means its not very well hidden. More information is required.
I would have expected this to show up from many different sources. The fact that only one person is reporting this makes the story somewhat suspect. Surely he's not the only Samsung owner to run a malware scan.
He noticed this back in February so I'd think that's a fairly long time to be the only report. A few other things bothered me about the article: the heavy handed reference to Sony's rootkit, as others noted, is inappropriate since the Sony rootkit was clearly a deliberate decision. In this case, the most we can say at this point in time is that he found a keylogger on a Samsung computer. Whether it was put there deliberately or not is unknown. Which leads to my further gripes with the headline (which flatly implies that it was deliberate), with the fact that he didn't retain the evidence but chose to write about it (which means noone can verify his findings), and with his apparent lack of curiousity about whether the keylogger was operational and where it might be sending its data.
On March 1, 2011, I called and logged incident 2101163379 with Samsung Support.
...
The supervisor confirmed that Samsung did knowingly put this software on the laptop to "monitor the performance of the machine and to find out how it is being used."
If it is just a user testing program they would only put it on a random small percentage of machines - otherwise you would be swamped by the amount of data. You might also have biased data if you only put it on a particular model and a large number of them were bought be a single corporation or school district
I think it means that the author does/did not expect you to be the target audience. To you, an appeal to authority does not mean much, but for someone who does not have much technological knowledge, it may have some weight.
Maybe they were trying to pull views from yahoo finance or something?
Perhaps he wasn't getting any response from Samsung, and posted this to prod them into action. Still this seems like a really terrible way to end an article:
In the next article, Mr Hassan discusses how Samsung responded to his discovery.
It was mentioned because the author of the column (M.E. Kabay) used to be a director of the same program at Norwich University that Hassan got his master's from, and as he said, "it is a pleasure to collaborate with an alumnus." Basically it's a shout-out to the university.
"He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."
It's possible --- and the customer service manager he was talking to just said anything to get off the phone, even if it meant lying about something he didn't understand. Maybe he didn't even realize it would paint his company in a bad light.
The findings are false-positive proof since I have used the tool that discovered it for six years now and I am yet to see it misidentify an item throughout the years.
Thus, it is false-positive proof? Why wouldn't he test it against other tools? Why wouldn't he try to find out as much about this as you can before writing an accusatory article?
Further, why is he running a full-system security scan on a fresh installation of Windows? Is that normal? If this is a genuine accusation of wrongdoing, then I think that the actual sequence of events and his entire methodology should be disclosed.
Wow, that's a lot of faith in the AV industry and definition based AV. Perhaps Mr. Security Consultant should realize the limitations of his tools and the importance of doing random samples. He seriously saw this on one laptop and is accusing Samsung of a conspiracy?
Not that I put anything above big multinational companies, but some due dilligance would be nice. I guess its all about selling ad impressions. Facts, accuracy, and responsibility come last.
He seriously saw this on one laptop and is accusing Samsung of a conspiracy?
He saw it on TWO laptops.
Not that I put anything above big multinational companies, but some due dilligance would be nice.
He called Samsung to report the issue and had Samsung supervisor confirm that keyloggers are knowingly installed on Samsung laptops in order to monitor usage.
Using the same methodology and the same software - granted, it's "false-positive proof", but there are variables here he didn't account for. Methodology matters.
Samsung supervisor
No, Samsung SUPPORT supervisor. I'm comfortable going out on a limb and hypothesizing that:
A) The Samsung Support Supervisor knew exactly as much about the situation as the author - that is, Nothing. He called telephone support, not the engineering department.
B) It's entirely possible said supervisor bullshitted something that sounded plausible and positive. Again, it's a call center support supervisor, not a press release or any sort of official statement by the company.
The author has an extremely small sample, a very small amount of extremely limited evidence, and nothing that could be called a credible statement from Samsung.
IF Samsung is knowingly doing this it's a terrible policy and a serious problem. IF it's for the reason the supervisor said, it's Incredibly bad policy. IF the article is true, it's possibly criminal. We don't have enough evidence to claim that yet, and until more testing is done and Samsung makes a statement, it's not an Incident, it's a curious event that certainly calls for further investigation.
> Further, why is he running a full-system security scan on a fresh installation of Windows? Is that normal?
If you're a bit paranoid or don't trust the manufacturer (with good reason, apparently) it makes perfect sense to run a scan on a fresh system after initial setup. It's probably not a normal thing to do - pausing all usage of the system to check it for malware - but it makes sense.
> the actual sequence of events and his entire methodology should be disclosed.
Eh, not really. We just need to run the same scans (using lots of different software) on other Samsung laptops, both the same and different models, and see if it detects the logger. If the logger is found, then he's right, if it's not than he's wrong (and probably it's his own software which is infected). His methodology only matters if no supporting evidence for infection is found.
> If you're a bit paranoid or don't trust the manufacturer (with good reason, apparently) it makes perfect sense to run a scan on a fresh system after initial setup.
That's what I mean. If he had reason to not trust them, then he should share his reasoning. It would help us to understand why he was conducting a post-installation scan in the first place. It is not normal behavior otherwise.
> Eh, not really. We just need to run the same scans (using lots of different software) on other Samsung laptops, both the same and different models, and see if it detects the logger.
Very true. I meant that it would help us to maximize our success with duplicating his method, which would translate into a higher detection rate if the logger actually exists. If one isn't found, it would help us figure out why he might be seeing what he sees.
> That's what I mean. If he had reason to not trust them, then he should share his reasoning.
From the end of the article:
> Mohamed Hassan, MSIA, CISSP, CISA is the founder of NetSec Consulting Corp, a firm that specializes in information security consulting services.
Most likely a client discovered what appeared to be a keylogger and brought it to NetSec for investigation. Part of that process would have likely been to purchase a new Samsung laptop as part of a simulation to figure out how the keylogger may have been installed. Finding it on a fresh purchase must have been quite surprising!
It's a disappointing cliff-hanger ending. Without more information it's impossible to say whether this is just some malware accident or a deliberate policy by Samsung. I'm inclined to think that the former situation is more likely.
So if youy use a Samsung machine in a lawyers office, or in a classified role or anywhere subject to HIPA presumably you should switch brands - or face a negligence charge?
Could be an expensive mistake on Samsung's part - especially if somebody decides that lawyers, governemnt, hospitals also shouldn't use any Samsung phones, copiers, printers etc 'just in case'
Is there not a hole in this argument? Why wouldn't he first question the store at which he bought both of these Samsung laptops? This isn't solid evidence that the source of the keylogger is from the hardware manufacturer and is borderline defamation.
Indeed, we shouldn't jump to any conclusions. My point was that the author appears to already have, especially given the article's title. There are lots of situations that could explain to origin of the malware (reseller, pre-installed bloatware, etc), but the author chose one.
This strikes me as dubious at best. I think a more likely explanation is that his detection software is flagging anything with the path "c:\windows\SL" as malware.
He says "This key logger is completely undetectable," which is clearly untrue (he has allegedly detected it).
If it's logging his keystrokes, it's either storing them locally or sending them off somewhere else, or both. If he's as qualified as he says, he should be able to find out which (find a file that increases in size after a lot of keystrokes, use Wireshark...).
Uh no they didn't, this guy has said this is what he was told on a phone call. Samsung has not released a public statement saying this is what they actually do.
Without confirmation from anyone else that has a Samsung laptop (have just checked my brother's bought 2 months ago and found nothing) this really should be taken with a grain of salt.
Off-topic: I wrote a very primitive passive keystroke logger a few years ago (just to demonstrate how they work). I still have the source code and folks email me about it often:
My example is really trivial and it only works on Windows, but it works well and demonstrates the concept of passive keystroke logging. Unlike system wide hooks, passive logging just monitors the key states. Sort of like when you are playing a video game and press the 'P' key. The game pauses because it's monitoring the P key's state (up or down) and can tell when it changes. Extend that concept to the entire keyboard and you have a passive keystroke logger.
Passive loggers are more challenging to detect as well and they run just fine as a normal user (no need to be root).
Stumbled across the same function (GetAsyncKeyState) when I was a kid....mainly because I couldn't figure out hooks.
They are not difficult to detect though. Emulate an (obscure) keystroke, wait 5sec and do you own GetAsyncKeyState. If its cleared then another app pulled the keystate via GetAsyncKeyState.
A low-level keyboard hook (that's a specific kind of Windows hook) does not need root either. It still only monitors the session that the hooking app is running in the context of.
This was originally to be used with malware that needs to run when the user is away from their workstation. You can access p->vkCode in KeyboardProc() to see which keys are pressed.
One interesting thing to note is that if you remove the invisible window/message pumping loop, the program behaves erratically when processing the low-level inputs. I never looked into this.
This is really really easy to detect for malware analysts. One of the first things you look for in memory on a compromised system is hooking. Most rootkits use hooks at different levels to hide or monitor things.
Strangely, on a clean system most hooks tend to be from the Antivirus (usually hooking filesystem calls for on demand scans).
Definitely. Any amateur effort will generally involve SetWindowsHookEx() + DLL injection to capture keystrokes. The intention was to move this up to ring 0 eventually, but I decided to work on more lucrative things instead.
However there are many known problems with implementations using GAKS. Bad implementations make heavy use of CPU and it's easily detectable. The methods I suggested later in my post are far superior.
It also very wrong to claim that _this_ is how keyloggers are implemented. This technique has been deprecated some time ago.
Could be any number of reasons for this. The store may have messed up and had its computers infected by a virus. Or Samsung itself. Or user error, like other people pointed out already.
What I would be interested to know is if the logger actually phones home, and if so, to where. That would give fairly conclusive proof if Samsung did it or someone else. If it's just logging stuff locally then what's the point? Maybe Samsung (if Samsung is indeed the culrpit) could claim it's for tech support reasons?
The only problem is that now you have to find a way to download the iso's from microsofts' servers to do it now because most laptop manufacturers only give recovery media that gives you all the crapware when you reinstall.
It wasn't that long ago that you got actual windows install media when you bought a computer.
> It wasn't that long ago that you got actual windows install media when you bought a computer.
Oh, I'm afraid that was actually quite a long time ago.
However, the last time I checked, Microsoft did impose a condition that mostly affected laptop manufacturers, such that they were required to provide any genuine Windows customer with real Windows media on request, rather than just some not-quite-real-Windows recovery media. Is this no longer the case?
If that is still a requirement for installing OEM Windows on laptops for sale, maybe a campaign where a significant fraction of Samsung laptop customers suddenly started demanding real media would attract the attention of whatever fool thought this was a good idea. This is not mutually exclusive with an expensive class action lawsuit, of course. }:-)
Ah, excellent - next time my parents by a laptop, I'll have them ask for the disk. My dad's laptop crashed awhile back, and he had nothing to reinstall on it. :/
Back in... 2006?, when purchasing a Dell I put down $10 to receive a plain Jane XP Pro installation disk, in addition to the crapware-infested restore disk that came with it by default.
More recently, helping a friend with a Dell purchase, I could no longer find that option in the online order flow. Maybe if you call them and ask...
I've reinstalled Windows on Dell computers for friends that didn't have the discs. I just called Dell, and they mailed me a plain Windows install disc for free. Awesome! I'm not sure if they still do that.
With HP, I wasn't even able to pay for an install disc of any sort, and since the recovery portion of the HD was gone I had to buy a copy of Windows. I'll never buy an HP computer for this reason.
I'll add that that disk was actually stolen in a burglary. When I subsequently needed to reinstall, a friend burned a copy of his XP Pro disk and mailed it. In combination with the code on the license sticker on the machine, this worked fine.
(I'm hesitant to download an image from an unknown source.)
I don't know about Windows 7 -- I seem to recall reading that installation disks for it work somewhat differently, but I don't recall the details.
If you look you can get the windows 7 isos from microsofts' servers (or in this case their distribution network through digital river).
These have worked for my OEM licenses, XP though I remember you needed to use the disk with the correct service pack to install with your software key. (A sp1 key wouldn't work with a sp2 disk and vica versa.)
google: windows 7 iso (first result) (mydigitallife)
The links that say msft-dnl.digitalrivercontent are the same as when you buy online (at least when I bought my win 7 professional license for my desktop the iso linked is the same as the one I downloaded).
Those are probably the only ones I would trust, make sure you are indeed going to digitalrivercontent website, download appropriate language and version/arch (prof, home prem 64 or 32)
I believe the links on that page (also cited by a few other pages I encountered) are pre-SP1. Does anyone know of comparable links for ISO's that have SP1 incorporated (which is what I assume is now shipping with new PC's).
In my case, I'm in the position of occasionally needing to support others who have e.g. Win 7 (most recently, actually, someone with Vista). Sometimes, it's simplest to simply back up their data and re-install. But I may need to supply an installation disk; even if they have one, part of the solution may be installing from a disk minus all the crapware.
I don't do this work regularly, so I'm not part of a community that's constantly, physically swapping disks and utilities and whatnot.
If you request an original copy from your retailer they have to (are supposed to) give it to you and can only charge you a fee for the media, which is usually $10-25.
This applies for the first few months, thereafter you can call Microsoft and within a few prompts they will send it out to you, often for free.
Should work in most countries, and is a bit of a backdoor way of getting original install disks.
There is also a way in the EU to get a free linux distro disk if you request it, which was part of the EU antitrust settlement but I can't remember what that was (all of these consumer rights features were part of one settlement or another)
Unfortunately not just regular people. Last time a new employee was hired to my team, the teamlead said just give him this laptop previously used by an external consultant, don't bother formatting it or removing old profiles, just make sure it works.
And we're the software development division in the company.
Yea, some colleagues of mine thought that installing a fresh OS on their laptop would "break" it. The software engineering workforce has its range of very good and very bad employees.
That _can_ happen if the newer OS doesn't have the correct drivers available. I'm a "wiper" but I have spent many an hour trying to get simple functionality working again on a fresh install.
I know that we (IT Folks) are all used to the concept of system images which can be used to deploy fresh builds/images to machines that are based on standards. Further we are used to the idea of VMs that run in clusters/clouds etc. and we are used to virtual desktop environments that run as a terminal interface to a VDI backend, finally we are also familiar checking out files for source control etc.
I believe that we are close to being able to 'check-out' a system image that would be downloaded as a VM to a machine (physical machine) where it runs locally as a fully installed OS - but then can be 'checked in' and released once done. A new physical machine comes along and we check out our image.
We can further abstract the user profile data and have it follow the user (there is a company that was recently bought that does this piece... I cant recall the name).
The idea is high-layer virtualization. Where we had virtualized machine, OS, APP and recently infrastructure such as storage - we have virtualized profiles as well. Soon we will have virtual installs.
There is a hybrid model I wrote about some years ago, posted recently to HN as well - which is similar to the Atrix concept. You have all your user profile data on the mobile device and you effectively check-in to a KVM for better screen and input.
I am not sure about the dock of the Atrix, if it has a CPU and GPU for bigger/faster/better -- but this is what I am referring to.
The data profile is tied to the person. Everything else floats - when the use-case calls for better CPU/GPU you check-out the physical device...
Samsung responds to installation of keylogger on its laptop computers
The supervisor who spoke with me was not sure how this software ended up in the new laptop thus put me on hold. He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."
In other words, Samsung wanted to gather usage data without obtaining consent from laptop owners.
[…]
We contacted three public relations officers for Samsung for comment about this issue and gave them a week to send us their comments. No one from the company replied.
Thank heavens this was software based - now imagine if they shipped keyboard firmware with a built in keylogger! Who knows, may be some do - that would be nearly impossible to detect as they can encrypt it.
On a related note - My bank requires me to use a on-screen virtual keyboard to log into the online account. The keys of this virtual keyboard are randomly rearranged every time it is invoked. That could certainly beat keyloggers.
Of course :) On the other hand, security is about putting as many deterrents as practically possible - nothing can be 100% secure. So to that extent it is still better to have measures like on screen keyboard than not. And then even if you somehow perfected the on-screen keyboard to not give out screenshots - there is always browser based malware that can send your session or creds to the attacker without bothering about keylogging!
I've played around with a few, and imho most of the common ones easily available on public torrent trackers have the ability to take screenshots on mouseclicks, with a nice little animation pointing out where the mouse pointer was when the click event happened too.
'Keystroke' logs include text, pictures and even videos in these toolkits.
Basically if you've been taken over by keystroke logging malware, it'd be safest to assume that everything on the machine's been compromised.
With the old PC BIOS and APM, it is possible to implement a fully Free Software firmware, with no 3rd party binary crap or DRM malware. http://www.coreboot.org/ does this.
Well, this rules out my plan to buy a Series 9 for travel.
Hopefully the supervisor he talked to was just blowing smoke and trying to get him to go away. If this is legitimately approved by Samsung, somebody needs their head examined.
Or failing that, they should loan me their laptop after they've done some banking and online shopping on it.
Use of such a laptop in the UK would appear to contravene the Computer Misuse Act (on at least a count of unauthorised computer access), if you have a Samsung with this software I suggest you hire a good lawyer and shop around for investment opportunities for your payout.
What are the chances that Samsung have also breached government secrets acts with this in several countries!?
I'm trusting the report here but it was at least second level and they referred somewhere for help with the query so it appears it was 3rd level support. Certainly attributable to the company in such a case.
The second part is more interesting, but it doesn't give any indication as to whether the keylogger was installed on a small number of internal test machines which then accidentally escaped into consumerland, or whether this is a more widespread practice. If it is widespread then Samsung are really entering a world of pain in terms of lawsuits.
This isn't the first time Samsung did this kind of thing. On their android phones, they have a system called CarrierIQ that is deeply embedded into the system and can monitor practically all aspects of phone usage.
Let me pull on a conspiracy theorists hat here, and give one possible reason:
When you purchase a laptop, at least in my experience, it records the serial number of the laptop purchased. Now, generally you don't purchase a laptop in cash (At least in the states, but that really has to do with overzealous cops who think anything over a hundred dollars is drug money), you use a credit/check card. What this means is at checkout they have an address, and name (From the card) and a serial number.
You go home, and type away, log in to Facebook, do whatever you normally do, all the while keylogger is running away in the background. NSA walks over to Samsung and says "Hey, can we get those keylogger results? Great, here's your million dollars", takes those, then sees that John Doe is searching for poison on Google. They run off, and arrest him.
Basically, that information would be NSA's wetdream.
Is this true? Probably not, but it's one possible motive.
I am skeptical this is true. Some phone tech support guy overseas is not official confirmation of official policy. I would like to see more widespread confirmation ('happened to me too!') before people start dumping on Samsung.
Also missing, evidence it was turned installed and running at bootup, evidence it was sending information anywhere. It should be fairly easy to use the laptop, connect to the internet, and see what data is sent to what server, owned by whom. THAT is evidence. These are just random unimportant files in some random directory until then.
216 comments
[ 4.9 ms ] story [ 203 ms ] threadI've poked around various locations on the machine and run some scans with a number of different tools, but I've discovered nothing untoward, as yet.
My attestation is somewhat of an irrelevance, however, as I've no way of accurately replicating the environment in which Mr Hassan carried out his research. It looks as though I shall simply have to wait and see how this all plays out over the coming days.
And what does he mean by "After the initial set up of the laptop"? What exactly did he do? Couldn't it just mean that the security software he is using to do the scan or the media he is using is infected? I just think this sounds fishy until he's verified it with a completely different set of tools.
EDIT: Sorry for scaring people. Listen, I HATE keyloggers and other invasive software. Here:
http://bit.ly/2U3iAH
My point was that I can see a legit need for low-level auditing by whoever owns the PC. Including such a package that's turned off by default, might be better than forcing a worried parent to sift through 12 keyloggers on Google, half of which are malware, a quarter of which don't work, in order to find out if her 12-year-old is composing YouTube dances and uploading them to 4chan.
Someone who desires to keep track of a user's key strokes, for example a corporation. This is coming from someone who consents to monitoring every day.
While I agree it is not good for the singular, non-ignorant person, I'm sure there's a massive market for "Corporate Consumers" who'd like to save a buck instead of spending effort configuring a system.
About having the capability of auditing, I suppose it saves production costs to have one laptop with a switch, as opposed to two laptops with slight hardware or software differences.
I'm surprised you're getting voted up. As much as I disagree with most of the privacy agenda, a lot of their fights are the only thing stopping us from turning Orwellian.
Nothing to hide is pretty arbitrary, too; you mean you have nothing to hide under our current laws. So sure, let them bring the cameras in. Then they'll rewrite the law and you'll suddenly have something to hide.
Credit card numbers, medical conditions, who we have sex with, who we want to have sex with, who we do not want to have sex with, even whether we want to have sex at all etc. pp. We usually do not urinate or masturbate in front of others because we all have something to hide.
If you consider this it's easy to get his sarcasm.
Yes it was sarcastic. As other commenters said, it's a very common and senseless rhetoric used by anti-privacy politicians. Applying it to an extreme example (like camera in your home) was meant to demonstrate how daft such a stance is.
But I disagree, I think it was a very good spot for it: In my mind, some of the best irony is when it's nearly indistinguishable from truth. So I will take the swinging karma as a complement :D
His comment is not spam.
His comment caused discussion.
His comment is an opinion, not a false fact.
There are no personal attacks of any kind in his comment, and his language is fine.
His argument is simply unpopular.
None of your responses indicate any of the usual legitimate reasons for downvoting.
So why the downvotes? Do you really want HN to be an echo chamber instead of an arena of civil discussion?
I actually believe that it's okay to use voting to express whether you agree or disagree with a point. Where's the harm?
I think that the experience of reading HN is enhanced when there's contrast between popular and unpopular ideas. If a post is unpopular, it doesn't mean that I don't read it. If anything, I might pay more attention to it.
In some cases its lack of popularity might spark more debate; like it has in this case.
I don't believe down-voting discourages discussion .. I'd argue it often provokes it.
Not that I have been able to figure out the magic that gets you the ability to downvote, but I don't really feel the need.
But indeed it sinks discussions, since the points are one the ways (not the only one) to sort comments.
Not that I'm really worried about it one way or another, though.
This is a bad point of view and is what is leading to the degradation of HN as a place for people who see the world through a different lens. We have already lost a lot of beautiful minds due to heard voting. Downvoating is for items that do not belong on HN, nothing more nothing less. If you downvote because you do not agree with an idea you are actively suppressing discussion, no matter how strongly you disagree. Many time from people more brilliant that ourselves.
On HN people I've found that many people use voting to signal whether they agree (or disagree) with something. If that wasn't the case, I'd see my karma rise - rather than rise, fall and fluctuate.
As far as I can tell, if something shouldn't be on HN, we have the ability to flag a post.
I can agree that a post shouldn't needless be hammered into negative space, just as a person's point of view shouldn't be needlessly trampled on in meat-space. But I think that down-voting in general has found a place.
We can say that it might be better to never down-vote - but many users have the ability, and it's a regular practice. Neglecting the fact is a little like ignoring the fact the emperor is wearing no clothes.
You cannot flag comments downvoting is there to discourage, trolls and abuse.
We can say that it might be better to never down-vote - but many users have the ability, and it's a regular practice. Neglecting the fact is a little like ignoring the fact the emperor is wearing no clothes.
I am well aware of that and it has lead to a decline in the standard that HN used to be (while my account may not reflect it I have been around here for a long time, and witnessed the decline first hand). It has been complained about on HN ad nasium. No one is neglecting the fact that it happens, I am just stating that doing so makes HN a worse place the results are obvious and have already lead to some valuable people leaving.
I think the decline is largely due to a rise in meta-discussion about HN and a rise in articles which are mainly designed to self-promote their authors.
I apologise for playing my part in the first ... ;P
Thank you, you learn something new every day.
Really this is all silly, if you upvote for agreement, why not the opposite?
For the record, I personally believe that you're right.
That being said, I strongly believe that if a system is being misused, it is the system not the users which are at fault. In this case, my first suggestion (doubtless in need of refinement) is that there should be prominent agree/disagree buttons on every post to allow everyone to express their opinion, and then a separate "flag" link for people to mark spam or useless comments.
I rarely ignore the comments at the bottom of a page - in fact, sometimes the least interesting comments are those that are highest ranked.
What's the difference between having upvote / downvote buttons and agree / disagree buttons?
But although the system never makes posts inaccessible (to do so would, I'm sure, elicit complaints of "censorship"), it does, if you're using a normally configured browser, grey out negative-voted comments so that they require deliberate effort to read (by -4, you need to highlight them with the mouse). It moves lower-voted posts down the page: even if you have time to read every post, which many people don't, you probably lose focus and pay less attention by the time you get down there. And it reduces the karma of people who make downvoted posts, which some people probably care about (e.g. because they lose/don't get the ability to downvote) and some people probably don't, but which is clearly intended as discouragement.
I think it's clear that the system is designed with the assumption that posts that get downvoted are posts that it intends to discourage. (And I think it's agreed for purposes of this discussion that spam and useless comments are deserving of discouragement in a way that comments one happens to disagree with are not.)
I wonder if this kind of metric is used in ycombinator interviews?
From a UI perspective, there are tradeoffs. Multiple vote options means better sorting, more thorough meaning. It also means more confusion and more work.
Also, instead of single vote tallies, has there been social experimentation with preferential voting systems on comments? (This still has the problem of needing more than one flavor of preference.)
Downvoting posts you disagree with amounts to an attempt to suppress contrary opinion.
You should focus on upvoting. Downvotes should be reserved for abusive, trolling, or spam comments.
That said, I didn't downvote him, I simply didn't vote. I don't feel a need to vote on everything, and that extends to downvoting.
Yup, there are. Here: http://ycombinator.com/newsguidelines.html
(A clear deviation of the guidelines deserves a downvote, a clear compliance does not. Like any law, there is a grey area in between requiring some amount of judgement. But these guidelines still stand to ground the discussion around what is/isn't a "usual, legitimate" reason for downvoting.)
Worried parents?! Now you're really getting dangerous. I hope you think long and hard before having children if this is the kind of treatment you expect to give them. If you have a 12 year old who is already uploading "dances" (?) to YT/chans, you have much bigger problems than a computer or the internet (hint: mirror).
* When told that did not make sense, SS personnel relented and escalated the incident to one of the support supervisors.
The supervisor who spoke with me was not sure how this software ended up in the new laptop thus put me on hold. He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."*
http://www.networkworld.com/newsletters/sec/2011/040411sec1....
Just playing devil's advocate here but I wouldn't trust a "support supervisor" to know what he's talking about. He could be talking about the task manager for all we know. He could be just saying whatever he thinks will make this dude get off the phone so he can go grab lunch.
If it was Samsung's responsibility (big if at this stage obviously) then I'd actually be more scared if they didn't install it on purpose.
I get that large corporations intentionally do bad things for money but I kind of assume that they're competent enough that they don't accidentally let their master install for a new laptop get infected with a key logger. I'm not saying that I believe them to be completely competent, just that the level of cock ups I expect from them doesn't run to this.
For me if they did install it accidentally then that's worse than them installing it deliberately for some ill considered audit or support purpose.
I don't believe any corporation can be 'good' or 'evil'. Corporations are comprised of people - some of whom will choose to do 'bad things'.
Digital technology provides a huge amount of power to those who have access to it. People are necessarily subject to human emotions and motivations - some will choose to do things which place people at risk.
Transparency and division of power within an organisation needs to be set-up and maintained to prevent abuses from occurring .. but I'd imagine, in most cases the stage has already been set to allow this kind of thing to happen without a corporation's knowledge.
"Never attribute to malice that which is adequately explained by stupidity."
I assume them to be broadly technically competent in so much as they won't let their master install get infected with a key logger.
I'm happy to accept that they may be incompetent when it comes to making decisions about whether it would be a good idea to install a key logger for support or audit purposes.
Btw, I am typing this from a Samsung R510 laptop. Fortunetaly I don't use crappy windows. I run Gentoo Linux.
A reasonable observation followed by a stupid effectively ad hominem attack. The reason your Linux PC is free from the Samsung keylogger (if it does exist) is only because there's little to no incentive to bother with attacking Linux users. Do you really believe Microsoft has spent billions in research and hiring the brightest minds in technology to create an inherently insecure OS, or is it more likely that the incredibly large userbase creates much greater incentives for security attacks?
I have a much classier Keyboard Concierge.
(Who came up with the idea to spin the fact that Macs are less attractive to black-hats into Macs being more secure anyway?)
On a machine he just bought, without installing anything else?
Besides, someone has to be first.
...
The supervisor confirmed that Samsung did knowingly put this software on the laptop to "monitor the performance of the machine and to find out how it is being used."
Really bad way to start an article. Who cares about all these qualifications? Did he find a key logger and how did Samsung respond?
Unfortunately, they have decided to make us wait for the response. That seems really lame IMHO.
Maybe they were trying to pull views from yahoo finance or something?
In the next article, Mr Hassan discusses how Samsung responded to his discovery.
http://www.networkworld.com/newsletters/sec/2011/040411sec1....
"He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."
Thus, it is false-positive proof? Why wouldn't he test it against other tools? Why wouldn't he try to find out as much about this as you can before writing an accusatory article?
Further, why is he running a full-system security scan on a fresh installation of Windows? Is that normal? If this is a genuine accusation of wrongdoing, then I think that the actual sequence of events and his entire methodology should be disclosed.
Not that I put anything above big multinational companies, but some due dilligance would be nice. I guess its all about selling ad impressions. Facts, accuracy, and responsibility come last.
He saw it on TWO laptops.
Not that I put anything above big multinational companies, but some due dilligance would be nice.
He called Samsung to report the issue and had Samsung supervisor confirm that keyloggers are knowingly installed on Samsung laptops in order to monitor usage.
Using the same methodology and the same software - granted, it's "false-positive proof", but there are variables here he didn't account for. Methodology matters.
Samsung supervisor
No, Samsung SUPPORT supervisor. I'm comfortable going out on a limb and hypothesizing that:
A) The Samsung Support Supervisor knew exactly as much about the situation as the author - that is, Nothing. He called telephone support, not the engineering department.
B) It's entirely possible said supervisor bullshitted something that sounded plausible and positive. Again, it's a call center support supervisor, not a press release or any sort of official statement by the company.
The author has an extremely small sample, a very small amount of extremely limited evidence, and nothing that could be called a credible statement from Samsung.
IF Samsung is knowingly doing this it's a terrible policy and a serious problem. IF it's for the reason the supervisor said, it's Incredibly bad policy. IF the article is true, it's possibly criminal. We don't have enough evidence to claim that yet, and until more testing is done and Samsung makes a statement, it's not an Incident, it's a curious event that certainly calls for further investigation.
If you're a bit paranoid or don't trust the manufacturer (with good reason, apparently) it makes perfect sense to run a scan on a fresh system after initial setup. It's probably not a normal thing to do - pausing all usage of the system to check it for malware - but it makes sense.
> the actual sequence of events and his entire methodology should be disclosed.
Eh, not really. We just need to run the same scans (using lots of different software) on other Samsung laptops, both the same and different models, and see if it detects the logger. If the logger is found, then he's right, if it's not than he's wrong (and probably it's his own software which is infected). His methodology only matters if no supporting evidence for infection is found.
That's what I mean. If he had reason to not trust them, then he should share his reasoning. It would help us to understand why he was conducting a post-installation scan in the first place. It is not normal behavior otherwise.
> Eh, not really. We just need to run the same scans (using lots of different software) on other Samsung laptops, both the same and different models, and see if it detects the logger.
Very true. I meant that it would help us to maximize our success with duplicating his method, which would translate into a higher detection rate if the logger actually exists. If one isn't found, it would help us figure out why he might be seeing what he sees.
From the end of the article:
> Mohamed Hassan, MSIA, CISSP, CISA is the founder of NetSec Consulting Corp, a firm that specializes in information security consulting services.
Most likely a client discovered what appeared to be a keylogger and brought it to NetSec for investigation. Part of that process would have likely been to purchase a new Samsung laptop as part of a simulation to figure out how the keylogger may have been installed. Finding it on a fresh purchase must have been quite surprising!
Could be an expensive mistake on Samsung's part - especially if somebody decides that lawyers, governemnt, hospitals also shouldn't use any Samsung phones, copiers, printers etc 'just in case'
"I returned that laptop to the store where I bought it and bought a higher Samsung model (R540) from another store."
I will wait for confirmation/proof in either direction before drawing any conclusion regarding possible "defamation" on the authors part.
He says "This key logger is completely undetectable," which is clearly untrue (he has allegedly detected it).
If it's logging his keystrokes, it's either storing them locally or sending them off somewhere else, or both. If he's as qualified as he says, he should be able to find out which (find a file that increases in size after a lot of keystrokes, use Wireshark...).
I don't think the Samsung "confirmation" brings me to 50% confidence that Samsung actually was logging and capturing people's keystrokes, though.
I would still like to see what the keylogger is actually doing - storing, transmitting, what?
Without confirmation from anyone else that has a Samsung laptop (have just checked my brother's bought 2 months ago and found nothing) this really should be taken with a grain of salt.
"SL" stands for "Samsung Laptop," some manufacturer-specific software?
https://github.com/16s/16k
My example is really trivial and it only works on Windows, but it works well and demonstrates the concept of passive keystroke logging. Unlike system wide hooks, passive logging just monitors the key states. Sort of like when you are playing a video game and press the 'P' key. The game pauses because it's monitoring the P key's state (up or down) and can tell when it changes. Extend that concept to the entire keyboard and you have a passive keystroke logger.
Passive loggers are more challenging to detect as well and they run just fine as a normal user (no need to be root).
They are not difficult to detect though. Emulate an (obscure) keystroke, wait 5sec and do you own GetAsyncKeyState. If its cleared then another app pulled the keystate via GetAsyncKeyState.
https://gist.github.com/a95f198292c9e453e054
This was originally to be used with malware that needs to run when the user is away from their workstation. You can access p->vkCode in KeyboardProc() to see which keys are pressed.
One interesting thing to note is that if you remove the invisible window/message pumping loop, the program behaves erratically when processing the low-level inputs. I never looked into this.
Strangely, on a clean system most hooks tend to be from the Antivirus (usually hooking filesystem calls for on demand scans).
[1] - http://www.dc4420.org/
Are you implying that you wrote malware?
Better off using a keyboard hook or GetAsyncKeyState as someone suggested.
And if you want to write a 'real' implementation, you write a keyboard filter driver. Or hook NtUserGetAsyncKeyState.
// From the source code:
ks = GetAsyncKeyState( kiter->first );
However there are many known problems with implementations using GAKS. Bad implementations make heavy use of CPU and it's easily detectable. The methods I suggested later in my post are far superior.
It also very wrong to claim that _this_ is how keyloggers are implemented. This technique has been deprecated some time ago.
What I would be interested to know is if the logger actually phones home, and if so, to where. That would give fairly conclusive proof if Samsung did it or someone else. If it's just logging stuff locally then what's the point? Maybe Samsung (if Samsung is indeed the culrpit) could claim it's for tech support reasons?
I started doing it because of the crap they bundle in there, but this seems like an unintended good reason to do so as well.
It wasn't that long ago that you got actual windows install media when you bought a computer.
Oh, I'm afraid that was actually quite a long time ago.
However, the last time I checked, Microsoft did impose a condition that mostly affected laptop manufacturers, such that they were required to provide any genuine Windows customer with real Windows media on request, rather than just some not-quite-real-Windows recovery media. Is this no longer the case?
If that is still a requirement for installing OEM Windows on laptops for sale, maybe a campaign where a significant fraction of Samsung laptop customers suddenly started demanding real media would attract the attention of whatever fool thought this was a good idea. This is not mutually exclusive with an expensive class action lawsuit, of course. }:-)
More recently, helping a friend with a Dell purchase, I could no longer find that option in the online order flow. Maybe if you call them and ask...
(I'm not a regular Dell purchaser.)
With HP, I wasn't even able to pay for an install disc of any sort, and since the recovery portion of the HD was gone I had to buy a copy of Windows. I'll never buy an HP computer for this reason.
(I'm hesitant to download an image from an unknown source.)
I don't know about Windows 7 -- I seem to recall reading that installation disks for it work somewhat differently, but I don't recall the details.
These have worked for my OEM licenses, XP though I remember you needed to use the disk with the correct service pack to install with your software key. (A sp1 key wouldn't work with a sp2 disk and vica versa.)
The links that say msft-dnl.digitalrivercontent are the same as when you buy online (at least when I bought my win 7 professional license for my desktop the iso linked is the same as the one I downloaded).
Those are probably the only ones I would trust, make sure you are indeed going to digitalrivercontent website, download appropriate language and version/arch (prof, home prem 64 or 32)
http://www.windowsvalley.com/unlock-all-editions-from-window...
To get all editions-
4. Just delete the file and finally create the bootable ISO and burn your unlocked disc.
In my case, I'm in the position of occasionally needing to support others who have e.g. Win 7 (most recently, actually, someone with Vista). Sometimes, it's simplest to simply back up their data and re-install. But I may need to supply an installation disk; even if they have one, part of the solution may be installing from a disk minus all the crapware.
I don't do this work regularly, so I'm not part of a community that's constantly, physically swapping disks and utilities and whatnot.
http://answers.microsoft.com/en-us/windows/forum/windows_7-w...
This applies for the first few months, thereafter you can call Microsoft and within a few prompts they will send it out to you, often for free.
Should work in most countries, and is a bit of a backdoor way of getting original install disks.
There is also a way in the EU to get a free linux distro disk if you request it, which was part of the EU antitrust settlement but I can't remember what that was (all of these consumer rights features were part of one settlement or another)
I believe that we are close to being able to 'check-out' a system image that would be downloaded as a VM to a machine (physical machine) where it runs locally as a fully installed OS - but then can be 'checked in' and released once done. A new physical machine comes along and we check out our image.
We can further abstract the user profile data and have it follow the user (there is a company that was recently bought that does this piece... I cant recall the name).
The idea is high-layer virtualization. Where we had virtualized machine, OS, APP and recently infrastructure such as storage - we have virtualized profiles as well. Soon we will have virtual installs.
There is a hybrid model I wrote about some years ago, posted recently to HN as well - which is similar to the Atrix concept. You have all your user profile data on the mobile device and you effectively check-in to a KVM for better screen and input.
I am not sure about the dock of the Atrix, if it has a CPU and GPU for bigger/faster/better -- but this is what I am referring to.
The data profile is tied to the person. Everything else floats - when the use-case calls for better CPU/GPU you check-out the physical device...
Although Intel's own drivers now work better for most embedded Intel chipsets than the crap the laptop maker puts out
Samsung responds to installation of keylogger on its laptop computers
The supervisor who spoke with me was not sure how this software ended up in the new laptop thus put me on hold. He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."
In other words, Samsung wanted to gather usage data without obtaining consent from laptop owners.
[…]
We contacted three public relations officers for Samsung for comment about this issue and gave them a week to send us their comments. No one from the company replied.
On a related note - My bank requires me to use a on-screen virtual keyboard to log into the online account. The keys of this virtual keyboard are randomly rearranged every time it is invoked. That could certainly beat keyloggers.
'Keystroke' logs include text, pictures and even videos in these toolkits.
Basically if you've been taken over by keystroke logging malware, it'd be safest to assume that everything on the machine's been compromised.
That is ridiculous.
Binary blob drivers aren't "convenient," they are a violation of your privacy.
The ACPI and EFI firmware interfaces in newer PCs are particularly bad in this respect.
http://www.wilderssecurity.com/showthread.php?t=236384
http://archive.fosdem.org/2007/interview/ronald+g+minnich
ACPI drivers are bytecode blobs that the BIOS passes to the kernel, and expects the kernel to interpret in priveleged mode:
http://lwn.net/2001/0704/kernel.php3
With the old PC BIOS and APM, it is possible to implement a fully Free Software firmware, with no 3rd party binary crap or DRM malware. http://www.coreboot.org/ does this.
Hopefully the supervisor he talked to was just blowing smoke and trying to get him to go away. If this is legitimately approved by Samsung, somebody needs their head examined.
Or failing that, they should loan me their laptop after they've done some banking and online shopping on it.
Use of such a laptop in the UK would appear to contravene the Computer Misuse Act (on at least a count of unauthorised computer access), if you have a Samsung with this software I suggest you hire a good lawyer and shop around for investment opportunities for your payout.
What are the chances that Samsung have also breached government secrets acts with this in several countries!?
http://forum.xda-developers.com/showpost.php?p=11763089
I think you are exaggerating this thing too much.
When you purchase a laptop, at least in my experience, it records the serial number of the laptop purchased. Now, generally you don't purchase a laptop in cash (At least in the states, but that really has to do with overzealous cops who think anything over a hundred dollars is drug money), you use a credit/check card. What this means is at checkout they have an address, and name (From the card) and a serial number.
You go home, and type away, log in to Facebook, do whatever you normally do, all the while keylogger is running away in the background. NSA walks over to Samsung and says "Hey, can we get those keylogger results? Great, here's your million dollars", takes those, then sees that John Doe is searching for poison on Google. They run off, and arrest him.
Basically, that information would be NSA's wetdream.
Is this true? Probably not, but it's one possible motive.
Also missing, evidence it was turned installed and running at bootup, evidence it was sending information anywhere. It should be fairly easy to use the laptop, connect to the internet, and see what data is sent to what server, owned by whom. THAT is evidence. These are just random unimportant files in some random directory until then.