• Text size      
  • Send this article to a friend
  • Print this article

Experts call for calm over internet bug

Security experts have urged internet users not to panic and instantly change their passwords in wake of the Heartbleed bug security flaw, despite suggestions to do so from prominent sites like Tumblr.

Hugh Boyes, cyber security lead at the UK-based Institution of Engineering and Technology said: "Change your passwords — but only after the affected website operators and internet service providers have implemented the patch to fix the bug.

"Changing your password before the bug is fixed could compromise your new password."

The popular blogging website Tumblr, which is owned by Yahoo!, had previously urged its users to change all their passwords, especially those protecting sensitive data like email and bank accounts, immediately.

Independent security expert Bruce Schneier has also called for calm, but emphasised the seriousness of the web security breach.

"'Catastrophic' is the right word. On the scale of 1 to 10, this is an 11."

The Heartbleed bug was discovered on Monday by a team of security experts, including one from Google, having gone undetected for more than two years.

The bug bypasses the encryption that normally protects data as it is sent between computers and servers, leaving personal and sensitive data vulnerable. It is commonly recognised as the closed padlock that appears in the corner of the web browser to show your connection is secure.

Contextual targeting label: 
Business

Commenting & Moderation

We moderate all comments on HeraldScotland on either a pre-moderated or post-moderated basis.
If you're a relatively new user then your comments will be reviewed before publication and if we know you well and trust you then your comments will be subject to moderation only if other users or the moderators believe you've broken the rules

Moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours. Please be patient if your posts are not approved instantly.

225734