Schedule

Schedule

Sunday, January 25

1422212400 The Tech Guy
1422226800 This Week in Tech

Monday, January 26

1422295200 Tech News Today
1422298800 Triangulation
1422304200 iPad Today
1422316800 Tech News 2Night

Tuesday, January 27

1422381600 Tech News Today
1422385200 MacBreak Weekly
1422392400 Security Now
1422399600 Before You Buy
1422403200 Tech News 2Night
1422406800 All About Android
1422415800 Padre's Corner

Wednesday, January 28

1422462600 FLOSS Weekly
1422468000 Tech News Today
1422471600 Windows Weekly
1422478800 This Week in Google
1422489600 Tech News 2Night
1422491400 Android App Arena
1422496800 Ham Nation

Thursday, January 29

1422554400 Tech News Today
1422558000 Know How...
1422561600 Marketing Mavericks
1422567000 Coding 101
1422570600 Home Theater Geeks
1422576000 Tech News 2Night
1422577800 The Giz Wiz

Friday, January 30

1422640800 Tech News Today
1422644400 This Week in Law
1422662400 Tech News 2Night

Saturday, January 31

1422730800 The Tech Guy

Sunday, February 1

1422817200 The Tech Guy
1422831600 This Week in Tech

Monday, February 2

1422900000 Tech News Today
1422903600 Triangulation
1422909000 iPad Today
1422921600 Tech News 2Night

Tuesday, February 3

1422986400 Tech News Today
1422990000 MacBreak Weekly
1422997200 Security Now
1423004400 Before You Buy
1423008000 Tech News 2Night
1423011600 All About Android

Most Recent Episodes

Tech News 2Night
Episode #260: Box's Big IPO January 23rd, 2015

Skymall files for Bankruptcy

This Week in Law

Who should be responsible for determining international cyber law policies?

Tech News Today

Apple Watch battery and Winklevi the NASDAQ of Bitcoin.

This Week in Computer Hardware

GTX 960, Microsoft HaloLens, ECS LIVA X, and more!

Home Theater Geeks

More CES 2015 highlights.

Coding 101
Episode #51: Steve Gibson January 22nd, 2015

Creator of SpinRite.

The Giz Wiz

RX Robots, ChargerLeash, BluBed Holster, and more.

Tech News 2Night

iTunes Makes More Money Than Hollywood

Marketing Mavericks

Measuring Social Engagement

Know How...

All of your quad copter questions.

Coding 101 13

Sanitize')DROP TABLE Python;

April 17 2014

Hosts: Fr. Robert Ballecer, SJ and Shannon Morse

Guest: Dale Chase

Welcome to Coding 101 - It's the TWiT show that gives YOU the knowledge to live in the wonderful world of the programmer. This week we are introducing our newest module, Python with Code Warrior Dale Chase!

To see all the code used in today's episode, go to Our Github Repository for Module 2

Loops (Recap)

* As we may recall, loops are an easy way to reuse code.
* It allows us to "loop" a section of code so that it doesn't have to be writen over and over.

While Loops
"While loops in Python work very much like they do in C#

They use some sort of counter and some sort of relational true/false statement. The while loop will continue to run as long as the statement is true. The true/false statement is pre-test, meaning that it will evaluate the statement BEFORE the loop code is executed."

Code Sample:

counter = 0

while counter < 5:

counter = counter +1
print counter

Output:
1
2
3
4
5"

Sanitizing your Input!

The Heartbleed Bug

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

Here is the OpenSSL Code

(The Bug starts on Line 3972)
/* Read type and payload length first */

hbtype = *p++;

n2s(p, payload);

pl = p;

hbtype is the TYPE of data

P++ increments the pointer

p is the pointer for the payload

payload is the length of the payload"

The problem is that the SENDER gets to set the "payload" length and the code never checks to see if the sent length matches the recieved length of the payload.

The Crux of the Matter:
* The Hearbleed bug stems from code that does not check to make sure it's recieving into memory what it expected.
* In other words... IT DIDN'T SANITIZE IT'S INPUT!

Get in Touch With Us!

* Subscribe and get Coding 101 automatically at TWiT.tv!
* Follow PadreSJ and Snubs on Twitter.
* Watch the show live and join the chatroom every Thursday at 1:30pm PST.
* Email us at Padre@twit.tv and Shannon@twit.tv.
* Join our Google+ Community!

Download or subscribe to this show at twit.tv/code. Also, check out our transcripts.

Bandwidth for Coding 101 is provided by Cachefly.

Running time: 41:46

Sponsors: