Schedule

Schedule

Sunday, December 21

1419188400 The Tech Guy
1419202800 This Week in Tech

Monday, December 22

1419271200 Tech News Today
1419274800 Triangulation
1419280200 iPad Today
1419292800 Tech News 2Night

Tuesday, December 23

1419357600 Tech News Today
1419361200 MacBreak Weekly
1419368400 Security Now
1419375600 Before You Buy
1419379200 Tech News 2Night
1419382800 All About Android
1419391800 Padre's Corner

Wednesday, December 24

1419444000 Tech News Today
1419447600 Windows Weekly
1419454800 This Week in Google
1419465600 Tech News 2Night

Thursday, December 25

1419530400 Tech News Today
1419534000 Know How...
1419537600 Marketing Mavericks
1419543000 Coding 101
1419546600 Home Theater Geeks
1419553800 The Giz Wiz

Friday, December 26

1419616800 Tech News Today
1419638400 Tech News 2Night

Saturday, December 27

1419706800 The Tech Guy

Sunday, December 28

1419793200 The Tech Guy
1419807600 This Week in Tech

Monday, December 29

1419876000 Tech News Today
1419879600 Triangulation
1419885000 iPad Today
1419897600 Tech News 2Night

Tuesday, December 30

1419962400 Tech News Today
1419966000 MacBreak Weekly
1419973200 Security Now
1419980400 Before You Buy
1419984000 Tech News 2Night
1419987600 All About Android
1419996600 Padre's Corner

Most Recent Episodes

The Tech Guy
The Tech Guy 1145 December 20th, 2014

Is North Korea responsible for the Sony hack?

Tech News 2Night

BBC says Apple mistreats factory workers.

This Week in Law

Photojournalist claims a blog infringes his copyright of the monkey selfie.

Tech News Today

The BBC has aired a new documentary slamming Apple

This Week in Computer Hardware

AMD Omega Driver, mechanical keys, and Broadwell NUC pics.

The Giz Wiz
Episode #1498: Inflate My Ego December 18th, 2014

TalkBand, disco lights, inflatable chair, and more!

Home Theater Geeks

Multichannel audio, speaker placement, and multiple subwoofers.

Tech News 2Night

A Security Flaw in Millions of Routers

Coding 101

Polishing up the holiday pricer.

Know How...

In case you didn't know this is Episode 123

Coding 101 13

Sanitize')DROP TABLE Python;

April 17 2014

Hosts: Fr. Robert Ballecer, SJ and Shannon Morse

Guest: Dale Chase

Welcome to Coding 101 - It's the TWiT show that gives YOU the knowledge to live in the wonderful world of the programmer. This week we are introducing our newest module, Python with Code Warrior Dale Chase!

To see all the code used in today's episode, go to Our Github Repository for Module 2

Loops (Recap)

* As we may recall, loops are an easy way to reuse code.
* It allows us to "loop" a section of code so that it doesn't have to be writen over and over.

While Loops
"While loops in Python work very much like they do in C#

They use some sort of counter and some sort of relational true/false statement. The while loop will continue to run as long as the statement is true. The true/false statement is pre-test, meaning that it will evaluate the statement BEFORE the loop code is executed."

Code Sample:

counter = 0

while counter < 5:

counter = counter +1
print counter

Output:
1
2
3
4
5"

Sanitizing your Input!

The Heartbleed Bug

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

Here is the OpenSSL Code

(The Bug starts on Line 3972)
/* Read type and payload length first */

hbtype = *p++;

n2s(p, payload);

pl = p;

hbtype is the TYPE of data

P++ increments the pointer

p is the pointer for the payload

payload is the length of the payload"

The problem is that the SENDER gets to set the "payload" length and the code never checks to see if the sent length matches the recieved length of the payload.

The Crux of the Matter:
* The Hearbleed bug stems from code that does not check to make sure it's recieving into memory what it expected.
* In other words... IT DIDN'T SANITIZE IT'S INPUT!

Get in Touch With Us!

* Subscribe and get Coding 101 automatically at TWiT.tv!
* Follow PadreSJ and Snubs on Twitter.
* Watch the show live and join the chatroom every Thursday at 1:30pm PST.
* Email us at Padre@twit.tv and Shannon@twit.tv.
* Join our Google+ Community!

Download or subscribe to this show at twit.tv/code. Also, check out our transcripts.

Bandwidth for Coding 101 is provided by Cachefly.

Running time: 41:46

Sponsors: