While I realize this was an example of how side channel attacks work, timing attack happen over and over again in the real world, for example back in 2008 the xbox 360 per console key could be recovered allowing downgrading to a vulnerable kernel.<p><a href="http://beta.ivc.no/wiki/index.php/Xbox_360_Timing_Attack" rel="nofollow">http://beta.ivc.no/wiki/index.php/Xbox_360_Timing_Attack</a><p>For the curious, the solution is to use a constant time comparison function, which can usually be done by not returning until the end of the comparison loop