Heartbleed flaw described as 'catastrophic' by experts: 'On the scale of 1 to 10, this is an 11'

Damage from the recently discovered flaw is impossible to assess, although most major companies have already secured their websites

A software bug that has gone unnoticed for two years has exposed sensitive data in as many as two out of every three web servers, say researchers.

The ‘heartbleed’ bug is a flaw in the widely-used web encryption software known as OpenSSL. Google, Facebook and Yahoo are some of the major companies that use SSL technology – most recognisable to users as the padlock that appears in the address bar of your browser.

Bruce Schneier, a security expert who has been covering the industry for years, described the flaw as 'catastrophic': "On the scale of 1 to 10, this is an 11," wrote Schneier in a blog post.

Since the flaw was discovered by researchers from Google and Finnish security group Codenomicon, webmasters have scrambled to update their software and protect users’ data, although some researchers warn that it is already too late.

The bug allowed attackers to pull random chunks of information from the memory of a server, meaning that everything from passwords and usernames to credit card numbers and home addresses could have been taken. As many as half a million websites are thought to have been affected.

The padlock in browser used to signal that HTTPS encryption is being used has been unsafe for more than two years.

The scale of the damage might never be known but the bug is thought to be the most serious uncovered in recent years. Some websites are encouraging users to change their passwords while others are advising that until they have confirmed that the bug has been fixed, changing passwords will do nothing.

Other security researchers have given more practical advice: “If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle.”

Google says that it has already “applied patches to key Google services” while Yahoo says that it has “made the appropriate corrections across the main Yahoo properties”. Facebook too, says that it has addressed the issues

Unfortunately, there’s not much that individual users can do to protect against ‘heartbleed’ – the responsibility is with the companies tasked with operating individual websites.

Life and Style
ebookNow available in paperback
ebooks
ebookA delicious collection of 50 meaty main courses
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Recruitment Genius: Support and Development Engineer

    £20000 per annum: Recruitment Genius: The leading provider of Employee Managem...

    Recruitment Genius: Creative Designer

    £15000 - £25000 per annum: Recruitment Genius: This Kent based design consulta...

    Recruitment Genius: IT Gazetteer Consultant

    £25000 - £34000 per annum: Recruitment Genius: Are you looking to work for an ...

    Recruitment Genius: Regional Support Manager

    Negotiable: Recruitment Genius: This role's responsibility also include operat...

    Day In a Page

    Greece debt crisis: What happened to democracy when it’s a case of 'Vote Yes or else'?

    'The economic collapse has happened. What is at risk now is democracy...'

    If it doesn’t work in Europe, how is it supposed to work in India or the Middle East, asks Robert Fisk
    The science of swearing: What lies behind the use of four-letter words?

    The science of swearing

    What lies behind the use of four-letter words?
    The Real Stories of Migrant Britain: Clive fled from Zimbabwe - now it won't have him back

    The Real Stories of Migrant Britain

    Clive fled from Zimbabwe - now it won’t have him back
    Africa on the menu: Three foodie friends want to popularise dishes from the continent

    Africa on the menu

    Three foodie friends want to popularise dishes from the hot new continent
    Donna Karan is stepping down after 30 years - so who will fill the DKNY creator's boots?

    Who will fill Donna Karan's boots?

    The designer is stepping down as Chief Designer of DKNY after 30 years. Alexander Fury looks back at the career of 'America's Chanel'
    10 best statement lightbulbs

    10 best statement lightbulbs

    Dare to bare with some out-of-the-ordinary illumination
    Wimbledon 2015: Heather Watson - 'I had Serena's poster on my wall – now I'm playing her'

    Heather Watson: 'I had Serena's poster on my wall – now I'm playing her'

    Briton pumped up for dream meeting with world No 1
    Wimbledon 2015: Nick Bollettieri - It's time for big John Isner to produce the goods to go with his thumping serve

    Nick Bollettieri's Wimbledon Files

    It's time for big John Isner to produce the goods to go with his thumping serve
    Dustin Brown: Who is the tennis player who knocked Rafael Nadal out of Wimbeldon 2015?

    Dustin Brown

    Who is the German player that knocked Nadal out of Wimbeldon 2015?
    Ashes 2015: Damien Martyn - 'England are fired up again, just like in 2005...'

    Damien Martyn: 'England are fired up again, just like in 2005...'

    Australian veteran of that Ashes series, believes the hosts' may become unstoppable if they win the first Test
    Tour de France 2015: Twins Simon and Adam Yates have a mountain to climb during Tour of duty

    Twins have a mountain to climb during Tour of duty

    Yates brothers will target the steepest sections in bid to win a stage in France
    John Palmer: 'Goldfinger' of British crime was murdered, say police

    Murder of the Brink’s-MAT mastermind

    'Goldfinger' of British crime's life ended in a blaze of bullets, say police
    Forget little green men - aliens will look like humans, says Cambridge University evolution expert

    Forget little green men

    Leading evolutionary biologist says aliens will look like humans
    The Real Stories of Migrant Britain: An Algerian scientist adjusts to life working in a kebab shop

    The Real Stories of Migrant Britain

    An Algerian scientist struggles to adjust to her new life working in a Scottish kebab shop
    Bodyworlds museum: Dr Gunther von Hagens has battled legal threats, Parkinson's disease, and the threat of bankruptcy

    Dying dream of Doctor Death

    Dr Gunther von Hagens has battled legal threats, Parkinson's disease, and the threat of bankruptcy