Another great security blog post...
Just caught wind of this article. Turns out the need for software developers to optimize can give away information. Take a look at how this article shows you how to determine the right cookie based on a timing attack. Great stuff, and once again, shows the real need to understand a problem before you go coding up solutions.