Secure web browsing cracked by "BEAST"

"A pair of researchers have unveiled a serious new attack on web browser security... a new tool [called "BEAST"] that attacks TLS and SSL, the cryptographic protocols used to establish secure web connections.

The ability to crack encrypted web traffic removes the safety net that protects you when you're doing sensitive online tasks like banking or using credit cards...

Right now the attack can take up to half an hour to execute."

Full article (by Mark Stockley)  http://nakedsecurity.sophos.com/2011/09/24/secure-web-browsing-cracked-by-beast/?utm_source=facebook&utm_medium=status+message&utm_campaign=naked+security

-----------------

Addendum [from http://en.wikipedia.org/wiki/Transport_Layer_Security#Browser_implementations ]

Mozilla Firefox, versions 2 and above, support TLS 1.0 [the protocol now under attack].   As of September 2011, Firefox does not support TLS 1.1 or 1.2.

Internet Explorer 8 in Windows 7 (and Windows Server 2008 R2) supports [the newer/safe] TLS 1.2.  [It seems that IE8 under Win XP only supports TLS 1.0]

As of Presto 2.2, featured in Opera 10, Opera supports TLS 1.2.