Linked by David Adams on Wed 30th Mar 2011 16:02 UTC
Privacy, Security, Encryption Hearkening back to the Sony Rootkit brouhaha from a few years ago, a security researcher is claiming in a Network World article that he detected factory-installed keyloggers in two brand new Samsung Laptops. Samsung has made no official response, but a tech support supervisor contacted by the author said that the keystroke logging software was installed by Samsung to "monitor the performance of the machine and to find out how it is being used."
Thread beginning with comment 468405
To read all comments associated with this story, please click here.
jello
Member since:
2006-08-08

I have several questions:

Does anybody know of any free software to find rootkits and keyloggers on Windows?

Is this a Windows only problem or is Linux also running stuff like this?

Thanks

Reply Score: 1

Morgan Member since:
2005-06-29

I have several questions:

Does anybody know of any free software to find rootkits and keyloggers on Windows?


There are several out there; www.malwarehelp.org is a good resource to start from.

Is this a Windows only problem or is Linux also running stuff like this?


It's highly doubtful that any GNU/Linux or BSD distribution contains something like that, and it's very difficult (but not impossible) to infect such OSes with rootkits. It would depend on an absolutely moronic user (which is rare among the OSS using crowd), or on physical access to the hardware by the person wanting to install the rootkit. OS X is nearly as safe as other Unix-like OSes, and the more obscure OSes are virtually malware-free.

That said, it's easy to keep your Windows installation secure if you research the options available and don't visit shady parts of the internet. As one of my colleagues used to say, "If you sleep with a prostitute you catch the funk, why is it any different for a PC?"

Reply Parent Score: 0

BluenoseJake Member since:
2005-08-11

Uh, no...

The term rootkit originated in Unix systems, and Linux is not immune, the source of most rootkits in Unix\Linux is crackers who gain root access through normal means, mainly security holes in other software running on the system. The cracker then installs the rootkit himself, if the exploit he used allows him to gain root access. This allows him access even if the original exploit is fixed.

Spreading the same old crap that Unix\Linux is magically immune to these things doesn't help anybody, especially people who take your words to heart and then get burned.

Now on the other hand, they are much easier to detect in Linux\Unix, so I think a lot of the cracker types are falling back on the old standbys of replacing standard commands like login with trojans, which is easier to do, and if you do that to a bunch of commands, you can cover more bases.

Reply Parent Score: 6

kameraadpjotr Member since:
2010-07-17

It is *highly unlikely* that a Linux (or Unix or whatever) computer is/was compromised, as Samsung does not sell, AFAIK, a computer with Linux (except Android, but that's on smartphones), as this is a factory install, so they have root access anyway. Linux is not immune to rootkits, but it is to this one, as Samsung only sells Windows boxes.

Reply Parent Score: 2