Schedule

Schedule

Thursday, August 21

1408640400 Tech News Today
1408644000 Know How...
1408647600 The Social Hour
1408653000 Coding 101
1408656600 Home Theater Geeks
1408662000 Tech News 2Night
1408663800 The Giz Wiz
1408672800 OMGcraft

Friday, August 22

1408726800 Tech News Today
1408730400 This Week in Law
1408737600 Android App Arena
1408748400 Tech News 2Night

Saturday, August 23

1408816800 The Tech Guy

Sunday, August 24

1408903200 The Tech Guy
1408917600 This Week in Tech

Monday, August 25

1408986000 Tech News Today
1408989600 Triangulation
1408995000 iPad Today
1409007600 Tech News 2Night
1409009400 Marketing Mavericks

Tuesday, August 26

1409072400 Tech News Today
1409076000 MacBreak Weekly
1409083200 Security Now
1409090400 Before You Buy
1409094000 Tech News 2Night
1409097600 All About Android
1409106600 Padre's Corner

Wednesday, August 27

1409153400 FLOSS Weekly
1409158800 Tech News Today
1409162400 Windows Weekly
1409169600 This Week in Google
1409180400 Tech News 2Night
1409182200 redditUP
1409187600 Ham Nation

Thursday, August 28

1409245200 Tech News Today
1409248800 Know How...
1409252400 The Social Hour
1409257800 Coding 101
1409261400 Home Theater Geeks
1409266800 Tech News 2Night
1409268600 The Giz Wiz
1409277600 OMGcraft

Friday, August 29

1409331600 Tech News Today
1409335200 This Week in Law
1409342400 Android App Arena
1409353200 Tech News 2Night

Saturday, August 30

1409421600 The Tech Guy

Most Recent Episodes

redditUP

IE dev team AMA, birdmen vs mudmen.

This Week in Google

How do you solve the problem of internet trolls?

Windows Weekly

HTC One Windows Phone and Windows 9 Release Preview

Tech News 2Night

Vine lets you import video.

FLOSS Weekly
Episode #305: Crate Data August 20th, 2014

Crate Data is a distributed SQL data store that runs on one machine or a cluster of machines.

Tech News Today

The data theft of some 4.5 million patients of Community Health Systems is thanks to Heartbleed.

Padre's Corner

Solar Cooking Birds and Brian Chee

All About Android

How do parents have complete control over their kid's Android phones?

Before You Buy

Lenovo Chromebook review.

Security Now

Delaware legislation gives heirs access to a deceased member's digital assets.

Coding 101 13

Sanitize')DROP TABLE Python;

April 17 2014

Hosts: Fr. Robert Ballecer, SJ and Shannon Morse

Guest: Dale Chase

Welcome to Coding 101 - It's the TWiT show that gives YOU the knowledge to live in the wonderful world of the programmer. This week we are introducing our newest module, Python with Code Warrior Dale Chase!

To see all the code used in today's episode, go to Our Github Repository for Module 2

Loops (Recap)

* As we may recall, loops are an easy way to reuse code.
* It allows us to "loop" a section of code so that it doesn't have to be writen over and over.

While Loops
"While loops in Python work very much like they do in C#

They use some sort of counter and some sort of relational true/false statement. The while loop will continue to run as long as the statement is true. The true/false statement is pre-test, meaning that it will evaluate the statement BEFORE the loop code is executed."

Code Sample:

counter = 0

while counter < 5:

counter = counter +1
print counter

Output:
1
2
3
4
5"

Sanitizing your Input!

The Heartbleed Bug

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

Here is the OpenSSL Code

(The Bug starts on Line 3972)
/* Read type and payload length first */

hbtype = *p++;

n2s(p, payload);

pl = p;

hbtype is the TYPE of data

P++ increments the pointer

p is the pointer for the payload

payload is the length of the payload"

The problem is that the SENDER gets to set the "payload" length and the code never checks to see if the sent length matches the recieved length of the payload.

The Crux of the Matter:
* The Hearbleed bug stems from code that does not check to make sure it's recieving into memory what it expected.
* In other words... IT DIDN'T SANITIZE IT'S INPUT!

Get in Touch With Us!

* Subscribe and get Coding 101 automatically at TWiT.tv!
* Follow PadreSJ and Snubs on Twitter.
* Watch the show live and join the chatroom every Thursday at 1:30pm PST.
* Email us at Padre@twit.tv and Shannon@twit.tv.
* Join our Google+ Community!

Download or subscribe to this show at twit.tv/code. Also, check out our transcripts.

Bandwidth for Coding 101 is provided by Cachefly.

Running time: 41:46

Sponsors: