That may sound rather bold, and perhaps a tad overbearing, but any software that puts up notice of a keylogger, with the inclusion of a new directory on a computer is in need of a complete overhaul.
It is as if the inclusion of a picture of a puppy was the sign of a hard drive infested with pornographic pictures.
Yesterday, news was all around of the inclusion of a keylogger on certain Samsung notebook computers. The backlash started was amazing – people were ready to gather the townspeople and trek to Korea to burn down the Samsung factory. It had to be after all – wasn’t it confirmed?
No, apparently some few people went off half-cocked, without possession of all the facts, because early today, Adrian Kingsley-Hughes tells us that the false positive (that means that the software screwed the pooch) can be replicated by the inclusion of a single empty directory entry on a Windows machine, and the use of VIPRE antivirus software.
I have not used this software in many years, nor would I, because with antivirus software, 1 strike is all you get. It is far too important that I get something that never gives a false positive, than for something to be blowing whistles in the dark, whipping up fear, and causing valid, useful files to be compromised, and possibly eliminated. I tried this drek long ago, when I got is as part of a software bundle offered by Tiger Direct. It was abominably bad. Disastrous beyond words.
It still is, from outward appearance, and the notations of Mr. Kingsley-Hughes.
Replicating the false-positive is easy … simply create an empty folder called SL in the Windows folder and scan it.
That this should never, ever, ever have happened is without need for words. The fact that this happened as it did most likely means that Samsung will now own VIPRE, after a period of protracted litigation (I say protracted because nothing in our legal system is ever easy – sometimes simple is made hard, because no one will believe that the problem was that simple, or that better QC was not done).
With luck, after Samsung wins the day, it will bury VIPRE, and its source code, in a deep, dark hole.
UPDATE – Since this has become such a point of attack for many, I thought I might look around to see if anyone else might be putting forth an opinion about this, and I found one on the Instant Fundas website –
.The incident has now turned our attention to the reliability of malware scanner VIPRE. Apparently, VIPRE Antivirus engine takes shortcuts in detecting malware and raises alarm bells solely on the presence of certain folders without attempting to confirm the detection. This is a terrible idea.
It also raises question on the reliability and authenticity of information provided by Samsung’s tech support staff whose fabricated stories caused the company such embarrassment.
This means that there is enough blame to spread around liberally, but still points up that it should not have happened.
As I said in a comment below, we know that mistakes in programs occur, but we, as consumers, in this case, paying consumers, have the reasonable expectation that gross errors have been weeded out prior to release.