The good news about the discovery that the encryption procedure behind Secure Socket Layer and Transport Layer Security has been compromised is that the newest versions of both SSL and TLS are still safe and they have been available for a while now.  The bad news is that not only do only a tiny handful of websites utilize TLS 1.1/1.2 and SSL 3.0, most browsers don’t even support the updated protocols.  Oddly Internet Explorer and Internet Information Services both support the newer protocols, though they are not enabled by default; the only one that does have TLS 1.2 enabled by default is Opera.  

You don’t have to immediately switch browsers, in order for your secure connection to be compromised the attacker first has to compromise your browser or machine in order to get JavaScript code to run in your browser before they can start the decryption process.  It is not the quickest peice of programming either … yet.  In the proof of concept that The Register references a 1000-2000 character long cookie will take about a half hour to crack, which is most likely longer than the average connection to your PayPal account will last, which is the site they used as an example.   Of course if you throw a dozen Tesla cards at it and it will probably decrypt the packets at a much quicker pace.

"Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that’s passing between a webserver and an end-user browser.

The vulnerability resides in versions 1.0 and earlier of TLS, or transport layer security, the successor to the secure sockets layer technology that serves as the internet’s foundation of trust. Although versions 1.1 and 1.2 of TLS aren’t susceptible, they remain almost entirely unsupported in browsers and websites alike, making encrypted transactions on PayPal, GMail, and just about every other website vulnerable to eavesdropping by hackers who are able to control the connection between the end user and the website he’s visiting."

Here is some more Tech News from around the web:

Tech Talk