Here's a little more explanation on how it works: http://threatpost.com/en_us/blogs/new-attack-breaks-confiden...

They still require access to your browser to, I'm assuming, modify certain data in some way such that they can actually perform the chosen plaintext attack on the encrypted cookies.