I happen to know the details of this attack since I work on Chrome's SSL/TLS stack.The linked article is sensationalist nonsense, but one should give the authors the benefit of the doubt because the press can be like that. Fundamentally there's nothing that people should worry about here. Certainly it's not the case that anything is 'broken'. But http://eprint.iacr.org/2006/136 sure looks like a r