diff --git a/VERSION b/VERSION
index c0c1447d..ddc9452e 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-Version 2.00.0 (2012-06-13 20:02:08) dev
+Version 2.00.0 (2012-06-14 13:00:51) dev
diff --git a/gluon/utils.py b/gluon/utils.py
index 167a9f0e..99780351 100644
--- a/gluon/utils.py
+++ b/gluon/utils.py
@@ -21,7 +21,12 @@ logger = logging.getLogger("web2py")
 
 def compare(a,b):
     """ compares two strings and not vulnerable to timing attacks """
-    return len(a)==len(b) and all(x==b[i] for i,x in enumerate(a))
+    if len(a) != len(b):
+        return False
+    result = 0
+    for x, y in zip(a, b):
+        result |= ord(x) ^ ord(y)
+    return result == 0
 
 def md5_hash(text):
     """ Generate a md5 hash with the given text """