'To be fair to him, Samsung did turn around and say, "Yeah we're keylogging, problem?" or words to that effect.'
May I observe that the only reason we think that Samsung confirmed this is from the words of a source that is now appearing not to be trustworthy in the first place? If this "security consultant" couldn't verify the actual existence of a key logger in the first place, why do we trust him to accurately relay a conversation with support? I don't really accept it as fact that Samsung confirmed anything in particular at any point; the possibility that this guy heard what he wanted to hear is too significant to ignore.
The most straight forward way to find out what the Samsung created SL directory does is to ask Samsung. Which apparently he did.
I would suggest that wading through a corporate customer service call center's escalation process is reasonable evidence of due diligence. And I find it somewhat more likely that a call center employee affirmed the SL directory was for keylogging to clear the case than that Mr. Hassan fabricated a story about the call and Samsung's confirmation.
Hassan's allegation has all the marks of a mistake due to inexperience rather than fabrication because it is just too easy to disprove.
May I observe that the only reason we think that Samsung confirmed this is from the words of a source that is now appearing not to be trustworthy in the first place? If this "security consultant" couldn't verify the actual existence of a key logger in the first place, why do we trust him to accurately relay a conversation with support? I don't really accept it as fact that Samsung confirmed anything in particular at any point; the possibility that this guy heard what he wanted to hear is too significant to ignore.