Re: AES was not cracked, cut the click bait
> So it's not clickbait, it's a real issue.
I think you have missed the point on why I have called it out as click bait.
Just because something is a real issue doesn't mean it isn't misdescribed or exaggerated in order to get you to read something. That an implementation of AES can be oracle"d this way is very serious.
AES is a description of what should be done to a byte stream to encrypt a secret with a key and how to get that byte stream back knowing the key. For a crypto algorithm to be broken means that I am able to decode the byte stream cheaper than attempting every possible key in the keyspace.
As far as I am aware*, AES is still not broken, and this technique, whilst novel and even significant, shows a faulty implementation of AES, not a fault in AES generally.
*if some TLA does crack it then don't expect them to scream it from the roof top.