And I'll just finish that thought since there are real engineers involved who probably had good intentions and skills: (as the article stated) the Google engineers were trying to improve compatibility and also seemed to follow the path of what other platforms (Java) had done in he past.
Code reviews happen every day in the industry, and often times it's amazing how many flaws and defects are found, but often internally and not exposed for the world to see and speculate on. The nature of open source is that this is all out in the open, and that's fine. It's also good that Google is actively paying bounties on discovering/fixing these types of bugs in a variety of major open source projects.
How about neither? The designers of the SSL3-era ciphersuites knew that MD5 was shady but had few better alternatives because those ciphersuites predate even the SSL3 standard itself and thus readily available SHA1, so they used constructions that remain secure 20 years later even with broken hash cores. And subsequent designers and implementors have swapped RC4 in and out of TLS as needed to mitigate performance problems that would have ruled out TLS entirely, and then later to mitigate attacks on TLS ciphersuites that are in fact worse (currently) than the RC4 vulnerability.
I know where you're coming from (YOU JUST HATE AMERICA) but this just isn't a politically volatile issue.
<tin foil hat>
Is it plausible that the NSA chose to leak enough "hints" that lead to apparently-independent discovery of things like BEAST and M-t-E, making reverting to older and known-broken cyphers like RC4 seem to be "the correct pragmatic decision" (quite possibly seeding those discussions with ideas that lead even completely innocent open source developers to choose and justify why they've just baked crypto that's completely vulnerable to un(publicly)known NSA exploits)?
(It's a little hard these days to know what's a "paranoid fantasy", what's an "interesting cypherpunk plot", and what's "a realistic and/or confirmed NSA threat" - at least for me…)
If by "leaking hints" you mean "screaming at the top of their lungs in public protocol design discussions not to do it this way until they got sick of being nibbled to death by committees of ducks and gave up" you might be interested in looking into the papers of one Ex-NSA P. Rogaway.
It's not political at all - if NSA has had viable attacks against RC4, doing little and not-carefully-scrutinized stuff like this to ensure it continues to be used widely would make a lot of sense.
I'd expect them to go so far as to attempt to stop publication of comparably-performant ciphers that could conceivably take its place. You'll recall the 1974 precedent involving IBM's independent discovery of differential cryptanalysis.
If there's one thing I'm even more vigilant about than distrusting the US government/military, it's not underestimating the lengths to which they will go to achieve their ends.
