Schedule

Schedule

Monday, April 27

1430154000 Tech News Today
1430157600 Triangulation
1430163000 iPad Today
1430170200 Coding 101
1430175600 Tech News 2Night

Tuesday, April 28

1430240400 Tech News Today
1430244000 MacBreak Weekly
1430253000 Security Now
1430262000 Tech News 2Night
1430265600 All About Android

Wednesday, April 29

1430321400 FLOSS Weekly
1430326800 Tech News Today
1430330400 Windows Weekly
1430337600 This Week in Google
1430348400 Tech News 2Night
1430350200 Android App Arena
1430355600 Ham Nation

Thursday, April 30

1430413200 Tech News Today
1430416800 Know How...
1430422200 Marketing Mavericks
1430427600 Home Theater Geeks
1430434800 Tech News 2Night
1430436600 The Giz Wiz

Friday, May 1

1430499600 Tech News Today
1430503200 This Week in Law
1430514000 Before You Buy
1430521200 Tech News 2Night

Saturday, May 2

1430589600 The Tech Guy

Sunday, May 3

1430676000 The Tech Guy
1430690400 This Week in Tech

Monday, May 4

1430758800 Tech News Today
1430762400 Triangulation
1430767800 iPad Today
1430775000 Coding 101
1430780400 Tech News 2Night

Tuesday, May 5

1430845200 Tech News Today
1430848800 MacBreak Weekly
1430857800 Security Now
1430866800 Tech News 2Night
1430870400 All About Android

Wednesday, May 6

1430926200 FLOSS Weekly
1430931600 Tech News Today
1430935200 Windows Weekly
1430942400 This Week in Google
1430953200 Tech News 2Night
1430955000 Android App Arena
1430960400 Ham Nation

Most Recent Episodes

This Week in Tech

Hands on the Apple Watch, Tesla battery, tractor EULAs, and more.

The Tech Guy
The Tech Guy 1182 April 26th, 2015

Managing your cell data, soundbars, top Android phones, and more.

The Tech Guy
The Tech Guy 1181 April 25th, 2015

Leo Laporte's first impressions of the Apple Watch.

Tech News 2Night

Quick tips for feeling better about your facebook usage.

Before You Buy

Leo Laporte unboxes the Apple Watch.

This Week in Enterprise Tech

Facebook vs. Spammers and Twitter vs. Trolls.

This Week in Law

Katy Perry's attempt to trademark the design of "Left Shark" is rejected.

Tech News Today

We'll show you how waterproof the Apple Watch really is...

This Week in Computer Hardware

Google Fi, Intel Compute Stick, and more.

The Giz Wiz

gizwiz.tv

Coding 101 13

Sanitize')DROP TABLE Python;

April 17 2014

Hosts: Fr. Robert Ballecer, SJ and Shannon Morse

Guest: Dale Chase

Welcome to Coding 101 - It's the TWiT show that gives YOU the knowledge to live in the wonderful world of the programmer. This week we are introducing our newest module, Python with Code Warrior Dale Chase!

To see all the code used in today's episode, go to Our Github Repository for Module 2

Loops (Recap)

* As we may recall, loops are an easy way to reuse code.
* It allows us to "loop" a section of code so that it doesn't have to be writen over and over.

While Loops
"While loops in Python work very much like they do in C#

They use some sort of counter and some sort of relational true/false statement. The while loop will continue to run as long as the statement is true. The true/false statement is pre-test, meaning that it will evaluate the statement BEFORE the loop code is executed."

Code Sample:

counter = 0

while counter < 5:

counter = counter +1
print counter

Output:
1
2
3
4
5"

Sanitizing your Input!

The Heartbleed Bug

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

Here is the OpenSSL Code

(The Bug starts on Line 3972)
/* Read type and payload length first */

hbtype = *p++;

n2s(p, payload);

pl = p;

hbtype is the TYPE of data

P++ increments the pointer

p is the pointer for the payload

payload is the length of the payload"

The problem is that the SENDER gets to set the "payload" length and the code never checks to see if the sent length matches the recieved length of the payload.

The Crux of the Matter:
* The Hearbleed bug stems from code that does not check to make sure it's recieving into memory what it expected.
* In other words... IT DIDN'T SANITIZE IT'S INPUT!

Get in Touch With Us!

* Subscribe and get Coding 101 automatically at TWiT.tv!
* Follow PadreSJ and Snubs on Twitter.
* Watch the show live and join the chatroom every Thursday at 1:30pm PST.
* Email us at Padre@twit.tv and Shannon@twit.tv.
* Join our Google+ Community!

Download or subscribe to this show at twit.tv/code. Also, check out our transcripts.

Bandwidth for Coding 101 is provided by Cachefly.

Running time: 41:46

Sponsors: