On Friday Lenovo is going to tell the world about how it plans to regain the trust of its users in the wake of the Superfish clusterfuck – and may even launch an independent security audit of its products.
"Our goal, in the end, is to make this right," Lenovo's CTO Peter Hortensius told The Register on Tuesday. "It's going to take a long road to earn trust back."
Google is scrapping Pwnium, its annual bug hunting event, and folding it into an existing year-round program in part to reduce security risks.
The company held Pwnium annually at CanSecWest, a security conference in Vancouver, to find security problems in its Chrome OS, Chrome browser and affiliated applications.
Last week, a storm erupted on the net after it became widely known that Superfish – software that was being pre-installed on Lenovo PCs – could compromise users’ security and privacy.
The problem with Superfish was not just that it injected money-making ads into websites, but that it used a self-signed root certificate to intercept encrypted HTTPS traffic for every website users visited – replacing legitimate site certificates with its own.
Linux admins were sent scrambling to patch their boxes on Monday after a critical vulnerability was revealed in Samba, the open source Linux-and-Windows-compatibility software.
The bug, which has been designated CVE-2015-0240, lies in the smbd file server daemon. Samba versions 3.5.0 through 4.2.0rc4 are affected, the Samba Project said in a security alert.
Hundreds of entrepreneurial and impatient hackers have exploited a loophole to purchase early tickets to the Burning Man festival.
Geeks meddled with Ticketfly's first-in-best-dressed system to jump the queue and push in ahead of the hordes hoping to attend the counter-cultural event.
The Cosmic Corporation, the event's organiser, issued a statement saying it busted the 200 hackers and axed their tickets. “Approximately 200 people created a technical backdoor to the sale and made their way to the front of the line,” it says.