Heartbleed: don’t rush to update passwords, security experts warn

Internet security researchers say people should not rush to change their passwords after the discovery of a widespread “catastrophic” software flaw that could expose website user details to hackers.

Suggestions by Yahoo and the BBC that people should change their passwords at once – the typical reaction to a security breach – could make the problem worse if the web server hasn’t been updated to fix the flaw, says Mark Schloesser, a security researcher with Rapid7, based in Atlanta, Georgia. 

Tumblr, which is affected, issued a warning to its users on Tuesday night. Although the firm said it had “no evidence of any breach”, and has now fixed the issue on its servers, it recommends users take action. Full story

Heartbleed: Hundreds of thousands of servers at risk from catastrophic bug

Hundreds of thousands of web and email servers worldwide have a software flaw that lets attackers steal the cryptographic keys used to secure online commerce and web connections, experts say.

They could also leak personal information to hackers when people carry out searches or log into email.

The bug, called “Heartbleed”, affects web servers running a package called OpenSSL.

Among the systems confirmed to be affected are Imgur, OKCupid, Eventbrite, and the FBI’s website, all of which run affected versions of OpenSSL. Full story

Tumblr posted the following on its Staff blog

We have no evidence of any breach and, like most networks, our team took immediate action to fix the issue.

US tech giants knew of NSA data collection, agency’s top lawyer insists

The senior lawyer for the National Security Agency stated unequivocally on Wednesday that US technology companies were fully aware of the surveillance agency’s widespread collection of data, contradicting months of angry denials from the firms. 

Rajesh De, the NSA general counsel, said all communications content and associated metadata harvested by the NSA under a 2008 surveillance law occurred with the knowledge of the companies – both for the internet collection program known as Prism and for the so-called “upstream” collection of communications moving across the internet. Read more

Photo: KeystoneUSA-Zuma/Rex

Social porn: why people are sharing their sex lives online

From PornTube to Pinsex to Pornostagram, sex websites are following the lead of social networks, allowing users to like, share, repost and comment on each other’s pornography. Read more

Photograph: Fabrice Lerouge/Getty Images/Onoky

"In five years’ time, all news articles will be a single coloured icon that fires out info-nuggets", writes Charlie Brooker

Photograph: David Levene for the Guardian

The top 30 young people in digital media: Nos 10-1 - #G2GenY

The Guardian’s 10 trainee digital journalists invited Alex Hern and Matt Andrews from the Guardian, and BuzzFeed’s editorial director Jack Shepherd to help choose the most exciting people under 30 in digital media. Here’s their top 10

See Nos 30-11 here
Read more from the takeover.

Bionic ears: let’s hear it for cochlear implants

Oliver Campbell is a picture of childhood contentment. At just under two years old he is experimenting with words and is happily peppering his creative endeavours with them. But inside Oliver’s head something extraordinary is happening. Currents from tiny electrodes, curled inside the snail-shaped cochlea of his inner ear, are stimulating his auditory nerve, allowing him to hear. Take them away and Oliver’s world would be thrown into confusion. Read more

Photograph: Suki Dhanda for the Observer

Malaysian Airlines plane mystery: how can a flight disappear off radar?

As the search continues for the missing Malaysian Airlines plane, more questions have been asked about how it is possible for a modern aircraft to simply vanish without trace. Some relatives of missing victims are accusing the authorities of withholding information.

Theories about what happened remain speculative, but the widening search areas suggest that the authorities are genuinely in the dark about the fate of the plane. Read more

Pictured: Malaysia’s civil aviation chief Azharuddin Abdul Rahman briefs reporters on the search and recovery efforts. Photograph: Daniel Chan/AP

Nasa Asteroid Data Hunter contest hopes humans will outsmart dinosaurs

An asteroid at least 10km wide may have seen off the dinosaurs 66m years ago, but will humankind be smart enough to avoid a similar fate?

Nasa is working on it. The space agency has spent the last 16 years searching for near-Earth asteroids larger than 1km in size, and claims to have found 98% of them.

Now it’s enlisting coders and citizen scientists to help with a survey of smaller asteroids that could still be hazardous, including the launch today of a set of “Asteroid Data Hunter” developer contests. Read more

Image: Andrzej Puchta/Alamy