The other day I wrote about how the SSL implementation of Alex Jones's PrisonPlanet.tv was not done properly, so the website was vulnerable to attacks like CRIME or BEAST. Well apparently a few people sent that article to Alex's team and they promptly fixed it (Well most of it).
Now PrisonPlanet.tv has an 'A' rating from SSL Labs!
Alternatively to mitigate against the BEAST, they can disable TLS 1.0 and below, but then that would limit what browsers could access their site, and probably wouldn't be a great idea for a web media company.
Still though, the BEAST attack is very difficult to perform. According to a white paper from ISecPartners:
The actual attack is likely very difficult because of the browser's enforcement of the SOP [Same Origin Policy], but it is possible that some web technologies provide a mechanism for cross-domain communication.In short, the chance of that attack is unlikely, so the changes Alex's team has done is probably good enough for now.
Anyway, I'm glad I could have helped in a small way to make the Prison Planet community more secure so we can all continue to fight in the Infowar!