1) What was in the SL directory? F-Secure claims the certified guy never inspected it. What about them, did they inspect it? They could have easily asked Hassan for a copy (insert appropriate caveats here about trusting sources). Sounds like they didn't even find one on their own, so how can they assert they know what it does not contain? They might not have gotten one of the laptops with the payload; that doesn't mean they don't exist.
2) How did the SL directory get there? F-Secure didn't even offer a theory.
3) Is Samsung installing keyloggers on a subset (random sample) of their machines?
4) I'd like to see it stated clearly, with no weasel words: Is F-Secure under contract with Samsung or do they have any business relationship with Samsung whatsoever? If not, are they angling for one?
1) What was in the SL directory? F-Secure claims the certified guy never inspected it. What about them, did they inspect it? They could have easily asked Hassan for a copy (insert appropriate caveats here about trusting sources). Sounds like they didn't even find one on their own, so how can they assert they know what it does not contain? They might not have gotten one of the laptops with the payload; that doesn't mean they don't exist.
2) How did the SL directory get there? F-Secure didn't even offer a theory.
3) Is Samsung installing keyloggers on a subset (random sample) of their machines?
4) I'd like to see it stated clearly, with no weasel words: Is F-Secure under contract with Samsung or do they have any business relationship with Samsung whatsoever? If not, are they angling for one?