Dijkgraaf - 1:41 am on Sep 21, 2011 (gmt 0)

(3. Enable TLS 1.2 in Internet Explorer, which is off by default I read. I don't know how you do that.)

Tools, Internet Options, Advanced, tick TLS 1.2


From what I've read so far about this exploit is that "This attack requires that the attacker be able to sniff the traffic and run code on the victims machine to inject the chosen-plaintext into the stream." If you can run code on the victims machine, why bother trying to crack the encryption? Just intercept the data before it is encrypted. I suppose we will have to await further details