Heartbleed flaw described as 'catastrophic' by experts: 'On the scale of 1 to 10, this is an 11'

Damage from the recently discovered flaw is impossible to assess, although most major companies have already secured their websites

A software bug that has gone unnoticed for two years has exposed sensitive data in as many as two out of every three web servers, say researchers.

The ‘heartbleed’ bug is a flaw in the widely-used web encryption software known as OpenSSL. Google, Facebook and Yahoo are some of the major companies that use SSL technology – most recognisable to users as the padlock that appears in the address bar of your browser.

Bruce Schneier, a security expert who has been covering the industry for years, described the flaw as 'catastrophic': "On the scale of 1 to 10, this is an 11," wrote Schneier in a blog post.

Since the flaw was discovered by researchers from Google and Finnish security group Codenomicon, webmasters have scrambled to update their software and protect users’ data, although some researchers warn that it is already too late.

The bug allowed attackers to pull random chunks of information from the memory of a server, meaning that everything from passwords and usernames to credit card numbers and home addresses could have been taken. As many as half a million websites are thought to have been affected.

The padlock in browser used to signal that HTTPS encryption is being used has been unsafe for more than two years.

The scale of the damage might never be known but the bug is thought to be the most serious uncovered in recent years. Some websites are encouraging users to change their passwords while others are advising that until they have confirmed that the bug has been fixed, changing passwords will do nothing.

Other security researchers have given more practical advice: “If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle.”

Google says that it has already “applied patches to key Google services” while Yahoo says that it has “made the appropriate corrections across the main Yahoo properties”. Facebook too, says that it has addressed the issues

Unfortunately, there’s not much that individual users can do to protect against ‘heartbleed’ – the responsibility is with the companies tasked with operating individual websites.

Life and Style
ebookNow available in paperback
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Guru Careers: Software Developer / C# Developer

    £40-50K: Guru Careers: We are seeking an experienced Software / C# Developer w...

    Guru Careers: Software Developer

    £35 - 40k + Benefits: Guru Careers: We are seeking a Software Developer (JavaS...

    Ashdown Group: UI Developer - (UI, HTML, CSS, JavaScript, AngularJS)

    £25000 - £40000 per annum: Ashdown Group: UI Developer - (UI, JavaScript, HTML...

    Ashdown Group: Graduate UI Developer - HTML, CSS, Javascript

    £25000 - £30000 per annum: Ashdown Group: Graduate UI Application Developer - ...

    Day In a Page

    Sun, sex and an anthropological study: One British academic's summer of hell in Magaluf

    Sun, sex and an anthropological study

    One academic’s summer of hell in Magaluf
    From Shakespeare to Rising Damp... to Vicious

    Frances de la Tour's 50-year triumph

    'Rising Damp' brought De la Tour such recognition that she could be forgiven if she'd never been able to move on. But at 70, she continues to flourish - and to beguile
    'That Whitsun, I was late getting away...'

    Ian McMillan on the Whitsun Weddings

    This weekend is Whitsun, and while the festival may no longer resonate, Larkin's best-loved poem, lives on - along with the train journey at the heart of it
    Kathryn Williams explores the works and influences of Sylvia Plath in a new light

    Songs from the bell jar

    Kathryn Williams explores the works and influences of Sylvia Plath
    How one man's day in high heels showed him that Cannes must change its 'no flats' policy

    One man's day in high heels

    ...showed him that Cannes must change its 'flats' policy
    Is a quiet crusade to reform executive pay bearing fruit?

    Is a quiet crusade to reform executive pay bearing fruit?

    Dominic Rossi of Fidelity says his pressure on business to control rewards is working. But why aren’t other fund managers helping?
    The King David Hotel gives precious work to Palestinians - unless peace talks are on

    King David Hotel: Palestinians not included

    The King David is special to Jerusalem. Nick Kochan checked in and discovered it has some special arrangements, too
    More people moving from Australia to New Zealand than in the other direction for first time in 24 years

    End of the Aussie brain drain

    More people moving from Australia to New Zealand than in the other direction for first time in 24 years
    Meditation is touted as a cure for mental instability but can it actually be bad for you?

    Can meditation be bad for you?

    Researching a mass murder, Dr Miguel Farias discovered that, far from bringing inner peace, meditation can leave devotees in pieces
    Eurovision 2015: Australians will be cheering on their first-ever entrant this Saturday

    Australia's first-ever Eurovision entrant

    Australia, a nation of kitsch-worshippers, has always loved the Eurovision Song Contest. Maggie Alderson says it'll fit in fine
    Letterman's final Late Show: Laughter, but no tears, as David takes his bow after 33 years

    Laughter, but no tears, as Letterman takes his bow after 33 years

    Veteran talkshow host steps down to plaudits from four presidents
    Ivor Novello Awards 2015: Hozier wins with anti-Catholic song 'Take Me To Church' as John Whittingdale leads praise for Black Sabbath

    Hozier's 'blasphemous' song takes Novello award

    Singer joins Ed Sheeran and Clean Bandit in celebration of the best in British and Irish music
    Tequila gold rush: The spirit has gone from a cheap shot to a multi-billion pound product

    Join the tequila gold rush

    The spirit has gone from a cheap shot to a multi-billion pound product
    12 best statement wallpapers

    12 best statement wallpapers

    Make an impact and transform a room with a conversation-starting pattern
    Paul Scholes column: Does David De Gea really want to leave Manchester United to fight it out for the No 1 spot at Real Madrid?

    Paul Scholes column

    Does David De Gea really want to leave Manchester United to fight it out for the No 1 spot at Real Madrid?