Schedule

Schedule

Wednesday, November 26

1417035600 This Week in Google
1417046400 Tech News 2Night
1417048200 Android App Arena
1417053600 Ham Nation

Saturday, November 29

1417287600 The Tech Guy

Sunday, November 30

1417374000 The Tech Guy
1417388400 This Week in Tech

Monday, December 1

1417456800 Tech News Today
1417460400 Triangulation
1417465800 iPad Today
1417478400 Tech News 2Night

Tuesday, December 2

1417543200 Tech News Today
1417546800 MacBreak Weekly
1417554000 Security Now
1417561200 Before You Buy
1417564800 Tech News 2Night
1417568400 All About Android
1417577400 Padre's Corner

Wednesday, December 3

1417624200 FLOSS Weekly
1417629600 Tech News Today
1417633200 Windows Weekly
1417640400 This Week in Google
1417651200 Tech News 2Night
1417653000 Android App Arena
1417658400 Ham Nation

Thursday, December 4

1417716000 Tech News Today
1417719600 Know How...
1417723200 Marketing Mavericks
1417728600 Coding 101
1417732200 Home Theater Geeks
1417737600 Tech News 2Night
1417739400 The Giz Wiz

Friday, December 5

1417802400 Tech News Today
1417806000 This Week in Law
1417824000 Tech News 2Night

Saturday, December 6

1417892400 The Tech Guy

Most Recent Episodes

FLOSS Weekly
Episode #317: Pentaho November 26th, 2014

Pentaho a big data integration and business analytics software.

Tech News Today

EU wants to extend 'Right to be Forgotten' worldwide.

Before You Buy

Nexus 6 Review

All About Android

Nexus Player, Lollipop love/hate, and patent wars.

Security Now
Episode #483: Let's Encrypt November 25th, 2014

Steve Gibson looks in depth at new Certificate Authority "Let's Encrypt".

MacBreak Weekly

Iphone 6 Plus Pixel Peeping and Beats music coming to iOS.

Tech News 2Night

Will Safari Ditch Google?

Tech News Today

Sony Pictures gets hit with a devastating hack.

iPad Today

Dropbox Carousel, Square + Apple Pay, Product (RED) apps.

Tech News 2Night
Episode #222: New Drone Rules November 24th, 2014

New rules for drones you might not like, Netflix's big push into Asia, and the spying malware that

Coding 101 13

Sanitize')DROP TABLE Python;

April 17 2014

Hosts: Fr. Robert Ballecer, SJ and Shannon Morse

Guest: Dale Chase

Welcome to Coding 101 - It's the TWiT show that gives YOU the knowledge to live in the wonderful world of the programmer. This week we are introducing our newest module, Python with Code Warrior Dale Chase!

To see all the code used in today's episode, go to Our Github Repository for Module 2

Loops (Recap)

* As we may recall, loops are an easy way to reuse code.
* It allows us to "loop" a section of code so that it doesn't have to be writen over and over.

While Loops
"While loops in Python work very much like they do in C#

They use some sort of counter and some sort of relational true/false statement. The while loop will continue to run as long as the statement is true. The true/false statement is pre-test, meaning that it will evaluate the statement BEFORE the loop code is executed."

Code Sample:

counter = 0

while counter < 5:

counter = counter +1
print counter

Output:
1
2
3
4
5"

Sanitizing your Input!

The Heartbleed Bug

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

Here is the OpenSSL Code

(The Bug starts on Line 3972)
/* Read type and payload length first */

hbtype = *p++;

n2s(p, payload);

pl = p;

hbtype is the TYPE of data

P++ increments the pointer

p is the pointer for the payload

payload is the length of the payload"

The problem is that the SENDER gets to set the "payload" length and the code never checks to see if the sent length matches the recieved length of the payload.

The Crux of the Matter:
* The Hearbleed bug stems from code that does not check to make sure it's recieving into memory what it expected.
* In other words... IT DIDN'T SANITIZE IT'S INPUT!

Get in Touch With Us!

* Subscribe and get Coding 101 automatically at TWiT.tv!
* Follow PadreSJ and Snubs on Twitter.
* Watch the show live and join the chatroom every Thursday at 1:30pm PST.
* Email us at Padre@twit.tv and Shannon@twit.tv.
* Join our Google+ Community!

Download or subscribe to this show at twit.tv/code. Also, check out our transcripts.

Bandwidth for Coding 101 is provided by Cachefly.

Running time: 41:46

Sponsors: