Disable RC4 in TBB Firefox
Attacks against RC4 have recently been reported as plausible, and Microsoft, among other groups, have recommended avoiding RC4 for symmetric-key encryption. I would recommend blacklisting cipher suites that rely upon RC4 so that other stronger algorithms, such as AES, will be preferred instead, so as to avoid these attacks. For example, I have disabled 0x9c, 0x35, 0x5, 0x4, 0x2f, and 0xa in Chromium because they do not provide perfect forward secrecy, and 0xc007, 0xc011, and 0x66 because they rely on RC4 but do provide perfect forward secrecy.