Schedule

Schedule

Sunday, March 29

1427652000 The Tech Guy
1427666400 This Week in Tech

Monday, March 30

1427734800 Tech News Today
1427738400 Triangulation
1427743800 iPad Today
1427751000 Coding 101
1427756400 Tech News 2Night

Tuesday, March 31

1427821200 Tech News Today
1427824800 MacBreak Weekly
1427833800 Security Now
1427842800 Tech News 2Night
1427846400 All About Android

Wednesday, April 1

1427902200 FLOSS Weekly
1427907600 Tech News Today
1427911200 Windows Weekly
1427918400 This Week in Google
1427929200 Tech News 2Night
1427931000 Android App Arena
1427936400 Ham Nation

Thursday, April 2

1427994000 Tech News Today
1427997600 Know How...
1428003000 Marketing Mavericks
1428008400 Home Theater Geeks
1428015600 Tech News 2Night
1428017400 The Giz Wiz

Friday, April 3

1428080400 Tech News Today
1428084000 This Week in Law
1428094800 Before You Buy
1428102000 Tech News 2Night
1428105600 Padre's Corner

Saturday, April 4

1428170400 The Tech Guy

Sunday, April 5

1428256800 The Tech Guy
1428271200 This Week in Tech

Monday, April 6

1428339600 Tech News Today
1428343200 Triangulation
1428348600 iPad Today
1428355800 Coding 101
1428361200 Tech News 2Night

Tuesday, April 7

1428426000 Tech News Today
1428429600 MacBreak Weekly
1428438600 Security Now
1428447600 Tech News 2Night
1428451200 All About Android

Most Recent Episodes

The Tech Guy
The Tech Guy 1173 March 28th, 2015

Meerkat vs. Periscope

This Week in Enterprise Tech

HP Aims New Rack at Open Stack Developers

Before You Buy

Parrot Bebop Preview, Vivitek Qumi Q5 projector

Tech News 2Night

Tech elite likes to go racing

This Week in Law

Creative Commons Licenses 101 with Sarah Pearson.

Tech News Today

Blackberry posts a profit!

This Week in Computer Hardware

Silverstone Fortress FT05 case, Dell XPS 13 review, and Corsair Dominator memory kits.

The Giz Wiz

Condiments for pets, mini tennis ball launcher, Goatee Saver, and more.

Home Theater Geeks

Composer Richard Einhorn, MTI's Kevin Manbeck, and restoring "The Passion of Joan of Arc."

Tech News 2Night

Twitter releases Periscope!

Coding 101 13

Sanitize')DROP TABLE Python;

April 17 2014

Hosts: Fr. Robert Ballecer, SJ and Shannon Morse

Guest: Dale Chase

Welcome to Coding 101 - It's the TWiT show that gives YOU the knowledge to live in the wonderful world of the programmer. This week we are introducing our newest module, Python with Code Warrior Dale Chase!

To see all the code used in today's episode, go to Our Github Repository for Module 2

Loops (Recap)

* As we may recall, loops are an easy way to reuse code.
* It allows us to "loop" a section of code so that it doesn't have to be writen over and over.

While Loops
"While loops in Python work very much like they do in C#

They use some sort of counter and some sort of relational true/false statement. The while loop will continue to run as long as the statement is true. The true/false statement is pre-test, meaning that it will evaluate the statement BEFORE the loop code is executed."

Code Sample:

counter = 0

while counter < 5:

counter = counter +1
print counter

Output:
1
2
3
4
5"

Sanitizing your Input!

The Heartbleed Bug

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

Here is the OpenSSL Code

(The Bug starts on Line 3972)
/* Read type and payload length first */

hbtype = *p++;

n2s(p, payload);

pl = p;

hbtype is the TYPE of data

P++ increments the pointer

p is the pointer for the payload

payload is the length of the payload"

The problem is that the SENDER gets to set the "payload" length and the code never checks to see if the sent length matches the recieved length of the payload.

The Crux of the Matter:
* The Hearbleed bug stems from code that does not check to make sure it's recieving into memory what it expected.
* In other words... IT DIDN'T SANITIZE IT'S INPUT!

Get in Touch With Us!

* Subscribe and get Coding 101 automatically at TWiT.tv!
* Follow PadreSJ and Snubs on Twitter.
* Watch the show live and join the chatroom every Thursday at 1:30pm PST.
* Email us at Padre@twit.tv and Shannon@twit.tv.
* Join our Google+ Community!

Download or subscribe to this show at twit.tv/code. Also, check out our transcripts.

Bandwidth for Coding 101 is provided by Cachefly.

Running time: 41:46

Sponsors: