Schedule

Schedule

Tuesday, July 22

1406048400 Tech News Today
1406052000 MacBreak Weekly
1406059200 Security Now
1406066400 Before You Buy
1406070000 Tech News 2Night
1406073600 All About Android

Wednesday, July 23

1406129400 FLOSS Weekly
1406134800 Tech News Today
1406138400 Windows Weekly
1406145600 This Week in Google
1406156400 Tech News 2Night
1406158200 The Giz Wiz
1406163600 Ham Nation

Thursday, July 24

1406221200 Tech News Today
1406224800 Know How...
1406228400 The Social Hour
1406233800 Coding 101
1406237400 Home Theater Geeks
1406242800 Tech News 2Night
1406246400 OMGcraft

Friday, July 25

1406307600 Tech News Today
1406311200 This Week in Law
1406318400 Android App Arena
1406329200 Tech News 2Night

Saturday, July 26

1406397600 The Tech Guy

Sunday, July 27

1406484000 The Tech Guy
1406498400 This Week in Tech

Monday, July 28

1406566800 Tech News Today
1406570400 Triangulation
1406575800 iPad Today
1406588400 Tech News 2Night
1406590200 Marketing Mavericks

Tuesday, July 29

1406653200 Tech News Today
1406656800 MacBreak Weekly
1406664000 Security Now
1406671200 Before You Buy
1406674800 Tech News 2Night
1406678400 All About Android

Wednesday, July 30

1406734200 FLOSS Weekly
1406739600 Tech News Today
1406743200 Windows Weekly
1406750400 This Week in Google
1406761200 Tech News 2Night
1406763000 The Giz Wiz
1406768400 Ham Nation

Thursday, July 31

1406826000 Tech News Today
1406829600 Know How...
1406833200 The Social Hour
1406838600 Coding 101
1406842200 Home Theater Geeks
1406847600 Tech News 2Night
1406851200 OMGcraft

Most Recent Episodes

Marketing Mavericks

The evolution of internet based radio and its future.

This Week in Enterprise Tech

Coho Data

Tech News 2Night

Yahoo to buy Flurry.

iPad Today

Hack your life

Triangulation

"Windows Weekly" co-host and editor of ZDNet's "All About Microsoft" blog.

Tech News Today
Episode #1053: NSF NSA July 21st, 2014

NSA supposedly snooping private photos.

This Week in Tech

Comcast call from hell.

The Tech Guy
The Tech Guy 1102 July 20th, 2014

Should home users be running Windows?

The Tech Guy
The Tech Guy 1101 July 19th, 2014

Can I use public Wi-Fi to save money and still be safe?

Tech News 2Night

Airbnb logo backlash?

Coding 101 13

Sanitize')DROP TABLE Python;

April 17 2014

Hosts: Fr. Robert Ballecer, SJ and Shannon Morse

Guest: Dale Chase

Welcome to Coding 101 - It's the TWiT show that gives YOU the knowledge to live in the wonderful world of the programmer. This week we are introducing our newest module, Python with Code Warrior Dale Chase!

To see all the code used in today's episode, go to Our Github Repository for Module 2

Loops (Recap)

* As we may recall, loops are an easy way to reuse code.
* It allows us to "loop" a section of code so that it doesn't have to be writen over and over.

While Loops
"While loops in Python work very much like they do in C#

They use some sort of counter and some sort of relational true/false statement. The while loop will continue to run as long as the statement is true. The true/false statement is pre-test, meaning that it will evaluate the statement BEFORE the loop code is executed."

Code Sample:

counter = 0

while counter < 5:

counter = counter +1
print counter

Output:
1
2
3
4
5"

Sanitizing your Input!

The Heartbleed Bug

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

Here is the OpenSSL Code

(The Bug starts on Line 3972)
/* Read type and payload length first */

hbtype = *p++;

n2s(p, payload);

pl = p;

hbtype is the TYPE of data

P++ increments the pointer

p is the pointer for the payload

payload is the length of the payload"

The problem is that the SENDER gets to set the "payload" length and the code never checks to see if the sent length matches the recieved length of the payload.

The Crux of the Matter:
* The Hearbleed bug stems from code that does not check to make sure it's recieving into memory what it expected.
* In other words... IT DIDN'T SANITIZE IT'S INPUT!

Get in Touch With Us!

* Subscribe and get Coding 101 automatically at TWiT.tv!
* Follow PadreSJ and Snubs on Twitter.
* Watch the show live and join the chatroom every Thursday at 1:30pm PST.
* Email us at Padre@twit.tv and Shannon@twit.tv.
* Join our Google+ Community!

Download or subscribe to this show at twit.tv/code. Also, check out our transcripts.

Bandwidth for Coding 101 is provided by Cachefly.

Running time: 41:46

Sponsors: