This is a new attack, not the one Schneier was talking about. It's
very elegant work -- they actually implemented an attack that can
recover the long-term private key. The only caveat is that their
attack currently works on LANs, not WANs, because they need more
precise timing than is generally feasible over the Internet.

    --Steve Bellovin, (me) (2nd edition of "Firewalls" book)

Hm, mea culpa. I read the title without digging very far into the actual
announcements and thought it a rehash of the earlier holes. Thanks for
clearing it up for me.