Warning: HTTPS is no longer secure.
If possible, set your browser to use TLS 1.2 and undo all other encryption options (SSL3, TSL1.0).
This will break a number of web sites you visit, but you will be secure.
Update: There is quite a bit of talk on the interwebs regarding this issue. The folks over at openssl claim they have fixed this by inserting empty fragments into their TLS streams (read about it here). Firefox bug track has some info on it; it looks like they’re working on TLS 1.1 first before 1.2. Another good discussion going on at ISC about it. The Register also reported on The Beast tool that exploits this flaw in TLS and SSL.
Who Said What?