Schedule

Schedule

Friday, October 24

1414191600 Tech News 2Night

Saturday, October 25

1414260000 The Tech Guy

Sunday, October 26

1414346400 The Tech Guy
1414360800 This Week in Tech

Monday, October 27

1414429200 Tech News Today
1414432800 Triangulation
1414438200 iPad Today
1414450800 Tech News 2Night

Tuesday, October 28

1414515600 Tech News Today
1414519200 MacBreak Weekly
1414526400 Security Now
1414533600 Before You Buy
1414537200 Tech News 2Night
1414540800 All About Android
1414549800 Padre's Corner

Wednesday, October 29

1414596600 FLOSS Weekly
1414602000 Tech News Today
1414605600 Windows Weekly
1414612800 This Week in Google
1414623600 Tech News 2Night
1414630800 Ham Nation

Thursday, October 30

1414688400 Tech News Today
1414692000 Know How...
1414695600 Marketing Mavericks
1414701000 Coding 101
1414704600 Home Theater Geeks
1414710000 Tech News 2Night
1414711800 The Giz Wiz

Friday, October 31

1414774800 Tech News Today
1414778400 This Week in Law
1414785600 Android App Arena
1414796400 Tech News 2Night

Saturday, November 1

1414864800 The Tech Guy

Sunday, November 2

1414954800 The Tech Guy
1414969200 This Week in Tech

Monday, November 3

1415037600 Tech News Today
1415041200 Triangulation

Most Recent Episodes

This Week in Computer Hardware

Civilization: Beyond Earth perfomance tests and building your own Dropbox.

Tech News Today

Facebook launches a new standalone app called Rooms that enables anonymous discussion.

The Giz Wiz

Pumpkin power saw, 3D scanner, and more.

Home Theater Geeks

Problems observed in Cinema Audio Systems.

Coding 101

Finishing the app building module.

Tech News 2Night

Etsy's new dongle, Aereo's legal future

Know How...

Hoverboards, Sticky Windows, and Quadcopter Pt. 2

Marketing Mavericks

Fan engagement with sports.

Tech News Today

Facebook alternative Ello raised $5.5 million in new venture funding.

Ham Nation

Gordon West explains why use a dipole.

Coding 101 13

Sanitize')DROP TABLE Python;

April 17 2014

Hosts: Fr. Robert Ballecer, SJ and Shannon Morse

Guest: Dale Chase

Welcome to Coding 101 - It's the TWiT show that gives YOU the knowledge to live in the wonderful world of the programmer. This week we are introducing our newest module, Python with Code Warrior Dale Chase!

To see all the code used in today's episode, go to Our Github Repository for Module 2

Loops (Recap)

* As we may recall, loops are an easy way to reuse code.
* It allows us to "loop" a section of code so that it doesn't have to be writen over and over.

While Loops
"While loops in Python work very much like they do in C#

They use some sort of counter and some sort of relational true/false statement. The while loop will continue to run as long as the statement is true. The true/false statement is pre-test, meaning that it will evaluate the statement BEFORE the loop code is executed."

Code Sample:

counter = 0

while counter < 5:

counter = counter +1
print counter

Output:
1
2
3
4
5"

Sanitizing your Input!

The Heartbleed Bug

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

Here is the OpenSSL Code

(The Bug starts on Line 3972)
/* Read type and payload length first */

hbtype = *p++;

n2s(p, payload);

pl = p;

hbtype is the TYPE of data

P++ increments the pointer

p is the pointer for the payload

payload is the length of the payload"

The problem is that the SENDER gets to set the "payload" length and the code never checks to see if the sent length matches the recieved length of the payload.

The Crux of the Matter:
* The Hearbleed bug stems from code that does not check to make sure it's recieving into memory what it expected.
* In other words... IT DIDN'T SANITIZE IT'S INPUT!

Get in Touch With Us!

* Subscribe and get Coding 101 automatically at TWiT.tv!
* Follow PadreSJ and Snubs on Twitter.
* Watch the show live and join the chatroom every Thursday at 1:30pm PST.
* Email us at Padre@twit.tv and Shannon@twit.tv.
* Join our Google+ Community!

Download or subscribe to this show at twit.tv/code. Also, check out our transcripts.

Bandwidth for Coding 101 is provided by Cachefly.

Running time: 41:46

Sponsors: