Explore the practical implications of timing attacks against web applications in this DefCamp 2018 conference talk. Delve into the fundamentals of timing attacks, including prerequisites and calculation methods for Round Trip Time (RTT) and server response time. Examine the role of spikes in these attacks and learn how to identify potential targets. Investigate techniques for timing different functions and discover essential attack resources. Understand how to reduce the search space and the potential consequences of successful timing attacks. Conclude by discussing possible solutions to mitigate these security vulnerabilities. Gain valuable insights into this critical aspect of web application security from industry experts at one of Central and Eastern Europe's premier hacking and information security conferences.