"Catastrophic" is the right word. On the scale of 1 to 10, this is an 11.
No, it's not. If you asked me — I was a CISO not many years ago — I'd call this an 8. Schneier means well, but he has a tendency to exaggerate. (Here is an example of him suggesting that SOAP and other web services never be used because they "sneak" through HTTP and are therefore inherently insecure: https://www.schneier.com/crypto-gram-0006.html#SOAP)
A 10 would be a case where a bug was not easily patched, and gave complete control of servers to any interested script kiddie. Thousands or millions of web users would have had enough information for credit card and identity theft to be acted on before the hole could be plugged.
This is not that case. And it's certainly not an "11". Most vital websites have either already been patched or are about to be.
I'm going to have to go ahead and sort of disagree with you. A security library, specifically doing crypto, that is installed/embedded/used everywhere that trivially leaks plaintext data remotely to anyone who comes knocking (including passwords, keys, CC numbers, etc) is a compete failure.
Sure, it could hand out shells into a remote system, or hell it could launch a bunch of nuclear rockets as well...that would be very bad. But you seem to miss the point that perhaps someone's password to their shell (or maybe a nuclear launch code) is going over the wire and is intercepted...by a hostile government agency, or a 13 year old playing with a python script. There are endless, devastating scenarios one can think up caused by such a critical bug in the very fabric of the secure communication of the internet.
Heartbeep did, in theory, allow for millions of web users to have their credit cards, passwords, addresses, social security numbers, tax filings and more to be compromised.
Worse than "only in danger until patched", retroactively stored traffic is vulnerable if, like many sites, Perfect Forward Security wasn't used.
If the NSA took advantage of this at all, their logged traffic has become very useful...
"Even 11 is an understatement. Remember the servers involved have potentially been leaking their private key for their certificate! This means anyone can 'fake' being them.
It is not enough to do new certificates. All of the old certificates could now be used for man in the middle attacks! 2/3rds of the Internets certificates potentially need to be blacklisted! This is a MAJOR disaster.
It is unfeasible to blacklist such a large amount of certificates - as every device requires a list of all blacklisted certificates. This means all of the major CA's are going to have to black list their intermediate certificate authorities, and start issuing all new certificates under new CA's. This means even people who weren't effected will probably have to have their certificates blacklisted.
In short EVERY existing CA used on the internet may have to be black listed, and every single SSL certificate re-issued.
IMO SSL/TLS is now completely broken. The number of potential certificates that have been exploited and that could now be used for man in the middle attacks could be in the millions..... the list of black listed certificates will be in the millions and/or the number of blacklisted sub certficate authorities is probably going to be 10,000+. Vendors already hate just including one or two items on the blacklist, let alone this number of items.... "
It's not actually 2 thirds of the Internet, but it can be that the effects can be really bigger than most people imagine on the moment. Either the massive blacklisting or ignoring the period of potential exposure.
Hopefully all this can result in the push to change some of the principles of certificate verification. And maybe a different approach to OpenSSL development.
No, it's not. If you asked me — I was a CISO not many years ago — I'd call this an 8. Schneier means well, but he has a tendency to exaggerate. (Here is an example of him suggesting that SOAP and other web services never be used because they "sneak" through HTTP and are therefore inherently insecure: https://www.schneier.com/crypto-gram-0006.html#SOAP)
A 10 would be a case where a bug was not easily patched, and gave complete control of servers to any interested script kiddie. Thousands or millions of web users would have had enough information for credit card and identity theft to be acted on before the hole could be plugged.
This is not that case. And it's certainly not an "11". Most vital websites have either already been patched or are about to be.
We can now keep calm and carry on.