- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
The long view of security strategies for your network.
After falsely accusing Samsung Electronics of shipping laptops with keylogger software installed – a subsequent test gave the machines a clean bill of health, see Samsung Laptops Clean: No keylogger or spyware of any kind found -- my colleagues and I analyzed the things we did wrong.
I didn't follow my own guidelines, which I expressed to my colleague as follows on March 9: "The issue you have identified is serious and will cause an explosion in the press. It is therefore critically important that we be absolutely sure of all the facts – and that the identification of a keylogger is absolutely solid."
First, I should have realized that a report that Samsung was installing a keylogger for tracking did not make sense, even though we believed Samsung had admitted as much: keyloggers are inappropriate as monitoring tools for computer activity because they work with keystrokes, not comprehensive logging of extensive useful information. That realization alone should have warned me that we were likely on a wrong path.
Second, when I learned that there was a directory called C:\Windows\SL associated with StarLogger, I should have looked further into the situation by asking about files found in the directory.
Third, I should have written to the makers of the antivirus to see if they had any comments about the identification of StarLogger. They would have responded that it was a false alarm and the whole mess would have stopped right there.
Fourth, while I did send Samsung copies of my draft article on Saturday March 12 asking for comments, when no response came I should have phoned Samsung and tried to get a response and should not have published the article until I had a response.
I want to make it absolutely clear that Samsung has behaved impeccably. It did absolutely nothing wrong and the company responded to this ill-advised, incorrect analysis with courtesy and calm. It collaborated fully with Dr. Stephenson on the subsequent test so that he could publish his categorically clean bill of health for their computers.
My deepest apology.
Read more about security in Network World's Security section.
M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services and teaching. He is Chief Technical Officer of Adaptive Cyber Security Instruments, Inc. and Associate Professor of Information Assurance in the School of Business and Management at Norwich University. Visit his Web site for white papers and course materials.