Now that the BEAST is public knowledge, TLS 1.0 is NOT safe to use (nor is SSL 3.0). I have seen reports that the RC4 cipher is unaffected (and is widely supported). Is that true?
I know that TLS 1.1 is immune. But out of the 1,000,000 most popular SSL/TLS enabled websites, only a few (221) support TLS 1.1 or higher.
The exploit is restricted to browsers because it requires JavaScript or Browser Plugins via MITM. PayPal.com is vulnerable, as of this writing.
