While setting up a new Samsung computer laptop with model number R525 in early February 2011, I came across an issue that mirrored what Sony BMG did six years ago. After the initial set up of the laptop, I installed licensed commercial security software and then ran a full system scan before installing any other software. The scan found two instances of a commercial keylogger called StarLogger installed on the brand new laptop. Files associated with the keylogger were found in a c:\windows\SL directory.This is double-plus ungood, from a security perspective. The fact that a vendor would record your passwords without your knowledge or consent is a huge breach of trust. So far, the Samsung PR flacks are ducking the issue.
According to a Starlogger description, StarLogger records every keystroke made on your computer on every window, even on password protected boxes.
My recommendation is that anyone considering buying one of these reconsider.
Update 31 March 2011 11:17: An anonymous commenter says this is a false alarm. El Reg adds some detail:
Samsung has issued a brief denial, in which it said the researcher has identified an innocuous directory as the keylogger in error. Its statement says that the researcher's security program "mistook a folder created by Microsoft Live Application for a key logging software, during a virus scan."If this is an antivirus false positive event, I wonder if Samsung could sue for damage to reputation.