In order to execute their attack, Rizzo and Duong use BEAST Browser Exploit Against SSL/TLS against a victim who is on a network on which they have a man-in-the-middle position.
So in order to “break” the AES component of SSL 3.0 you have to already have compromised the client/server in another way by inserting yourself inside the data stream? no big deal here. If the machine/s are already compromised then all other security is moot. This is nothing to be concerned about..keep your machine clean and this “attack” is no big deal.