I have read numerous times that the RC4 cipher itself is considered broken in TLS. Still many websites are using the TLS_RSA_WITH_RC4_128_SHA configuration even to date.
Now, I know that sometimes different uses of a cipher mitigate different attack scenarios, so my question is straightforward: Is this particular cipher configuration still considered secure, or are companies just not fast enough in changing to other configurations?
