Heartbleed flaw described as 'catastrophic' by experts: 'On the scale of 1 to 10, this is an 11'

Damage from the recently discovered flaw is impossible to assess, although most major companies have already secured their websites

A software bug that has gone unnoticed for two years has exposed sensitive data in as many as two out of every three web servers, say researchers.

The ‘heartbleed’ bug is a flaw in the widely-used web encryption software known as OpenSSL. Google, Facebook and Yahoo are some of the major companies that use SSL technology – most recognisable to users as the padlock that appears in the address bar of your browser.

Bruce Schneier, a security expert who has been covering the industry for years, described the flaw as 'catastrophic': "On the scale of 1 to 10, this is an 11," wrote Schneier in a blog post.

Since the flaw was discovered by researchers from Google and Finnish security group Codenomicon, webmasters have scrambled to update their software and protect users’ data, although some researchers warn that it is already too late.

The bug allowed attackers to pull random chunks of information from the memory of a server, meaning that everything from passwords and usernames to credit card numbers and home addresses could have been taken. As many as half a million websites are thought to have been affected.

The padlock in browser used to signal that HTTPS encryption is being used has been unsafe for more than two years.

The scale of the damage might never be known but the bug is thought to be the most serious uncovered in recent years. Some websites are encouraging users to change their passwords while others are advising that until they have confirmed that the bug has been fixed, changing passwords will do nothing.

Other security researchers have given more practical advice: “If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle.”

Google says that it has already “applied patches to key Google services” while Yahoo says that it has “made the appropriate corrections across the main Yahoo properties”. Facebook too, says that it has addressed the issues

Unfortunately, there’s not much that individual users can do to protect against ‘heartbleed’ – the responsibility is with the companies tasked with operating individual websites.

News
news
New Articles
tvDownton Abbey Christmas special
Arts and Entertainment
Wolf (Nathan McMullen), Ian (Dan Starky), The Doctor (Peter Capaldi), Clara (Jenna Coleman), Santa Claus (Nick Frost) in the Doctor Who Christmas Special (BBC/Photographer: David Venni)
tvOur review of the Doctor Who Christmas Special
News
peopleIt seems you can't silence Katie Hopkins, even on Christmas Day...
PROMOTED VIDEO
Life and Style
ebookNow available in paperback
ebooks
ebookPart of The Independent’s new eBook series The Great Composers
News
i100
Arts and Entertainment
Jenna Coleman as Clara Oswald in the Doctor Who Christmas special
tvForget the rumours that Clara Oswald would be quitting the Tardis
Arts and Entertainment
Japanese artist Megumi Igarashi showing a small mascot shaped like a vagina
art
Life and Style
fashion
Arts and Entertainment
Left to right: Stanley Tucci, Sophie Grabol and Christopher Eccleston in ‘Fortitude’
tvSo Sky Atlantic arrived in Iceland to film their new and supposedly snow-bound series 'Fortitude'...
Arts and Entertainment
tv
News
The Queen delivers her Christmas message
newsTwitter reacts to Her Majesty's Christmas Message
Sport
sport
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Ashdown Group: Moodle Developer (PHP ,Linux, Apache, MySQL, Moodle)

    £35000 - £45000 per annum: Ashdown Group: Moodle Developer (PHP ,Linux, Apache...

    Recruitment Genius: Web Developer

    £17000 - £30000 per annum: Recruitment Genius: This is a fantastic opportunity...

    Recruitment Genius: Junior .NET Web Developer - Winform / MVC

    £21000 - £26000 per annum: Recruitment Genius: This Award-winning pharma softw...

    Recruitment Genius: Senior Java Developer

    £30000 - £45000 per annum: Recruitment Genius: A Senior Java Developer is requ...

    Day In a Page

    A Christmas without hope: Fears grow in Gaza that the conflict with Israel will soon reignite

    Christmas without hope

    Gaza fears grow that conflict with Israel will soon reignite
    After 150 years, you can finally visit the grisliest museum in the country

    The 'Black Museum'

    After 150 years, you can finally visit Britain's grisliest museum
    No ho-ho-hos with Nick Frost's badass Santa

    No ho-ho-hos with Nick Frost's badass Santa

    Doctor Who Christmas Special TV review
    Chilly Christmas: Swimmers take festive dip for charity

    Chilly Christmas

    Swimmers dive into freezing British waters for charity
    Veterans' hostel 'overwhelmed by kindness' for festive dinner

    Homeless Veterans appeal

    In 2010, Sgt Gary Jamieson stepped on an IED in Afghanistan and lost his legs and an arm. He reveals what, and who, helped him to make a remarkable recovery
    Isis in Iraq: Yazidi girls killing themselves to escape rape and imprisonment by militants

    'Jilan killed herself in the bathroom. She cut her wrists and hanged herself'

    Yazidi girls killing themselves to escape rape and imprisonment
    Ed Balls interview: 'If I think about the deficit when I'm playing the piano, it all goes wrong'

    Ed Balls interview

    'If I think about the deficit when I'm playing the piano, it all goes wrong'
    He's behind you, dude!

    US stars in UK panto

    From David Hasselhoff to Jerry Hall
    Grace Dent's Christmas Quiz: What are you – a festive curmudgeon or top of the tree?

    Grace Dent's Christmas Quiz

    What are you – a festive curmudgeon or top of the tree?
    Nasa planning to build cloud cities in airships above Venus

    Nasa planning to build cloud cities in airships above Venus

    Planet’s surface is inhospitable to humans but 30 miles above it is almost perfect
    Surrounded by high-rise flats is a little house filled with Lebanon’s history - clocks, rifles, frogmen’s uniforms and colonial helmets

    Clocks, rifles, swords, frogmen’s uniforms

    Surrounded by high-rise flats is a little house filled with Lebanon’s history
    Return to Gaza: Four months on, the wounds left by Israel's bombardment have not yet healed

    Four months after the bombardment, Gaza’s wounds are yet to heal

    Kim Sengupta is reunited with a man whose plight mirrors the suffering of the Palestinian people
    Gastric surgery: Is it really the answer to the UK's obesity epidemic?

    Is gastric surgery really the answer to the UK's obesity epidemic?

    Critics argue that it’s crazy to operate on healthy people just to stop them eating
    Homeless Veterans appeal: Christmas charity auction Part 2 - now LIVE

    Homeless Veterans appeal: Christmas charity auction

    Bid on original art, or trips of a lifetime to Africa or the 'Corrie' set, and help Homeless Veterans
    Pantomime rings the changes to welcome autistic theatre-goers

    Autism-friendly theatre

    Pantomime leads the pack in quest to welcome all