Schedule

Schedule

Saturday, April 19

1397930400 The Tech Guy

Sunday, April 20

1398016800 The Tech Guy
1398031200 This Week in Tech

Monday, April 21

1398099600 Tech News Today
1398103200 Triangulation
1398108600 iPad Today
1398121200 Tech News 2Night

Tuesday, April 22

1398180600 Marketing Mavericks
1398186000 Tech News Today
1398189600 MacBreak Weekly
1398196800 Security Now
1398204000 Before You Buy
1398207600 Tech News 2Night
1398211200 All About Android

Wednesday, April 23

1398267000 FLOSS Weekly
1398272400 Tech News Today
1398276000 Windows Weekly
1398283200 This Week in Google
1398294000 Tech News 2Night
1398295800 The Giz Wiz
1398301200 Ham Nation

Thursday, April 24

1398358800 Tech News Today
1398362400 Know How...
1398366000 The Social Hour
1398371400 Coding 101
1398375000 Home Theater Geeks
1398380400 Tech News 2Night
1398384000 OMGcraft

Friday, April 25

1398445200 Tech News Today
1398448800 This Week in Law
1398466800 Tech News 2Night

Saturday, April 26

1398535200 The Tech Guy

Sunday, April 27

1398621600 The Tech Guy
1398636000 This Week in Tech

Monday, April 28

1398704400 Tech News Today
1398708000 Triangulation
1398713400 iPad Today
1398726000 Tech News 2Night

Most Recent Episodes

Tech News 2Night

Heartbleed hijacks VPN sessions, NASA's new laser internet connection, HTC wants to own the selfie market, criminals use drones to find pot farms, and Pandora sued over playing pre-1972 recordings.

This Week in Computer Hardware

New Haswell CPU's, the word on Nvidia’s 337.50 driver update, desktop monitor upgrades, and more!

This Week in Law

Regulating robots, remixing music and fair use, the Aereo Supreme Court case, and more!

Tech News Today

Heartbleed flaw is getting fixed on more websites, Pandora sued by major record labels, Google might split Nexus into two different price points, and more.

Home Theater Geeks

POV binaural audio recording with High-Definition video.

Know How...

The Heartbleed exploit explained with jellybeans, tweak Windows 7 or 8 for extra speed, manage your passwords with LastPass, and a first look at the WRT 1900AC.

Tech News 2Night

Dropbox is on an acquisition spree, Facebook lets you find your Friends on a map, try-on Google Glass at home, Twitter's ad app launches, Amazon's Fire TV expands voice search, iOS could have Shazam built-in, and Honda's ASIMO robot is even more human.

Coding 101

Your Python list example, we'll explain the Heartbleed bug with jelly beans, and a While Loop.

The Social Hour

Amber & Sarah chat with Stageit's Evan Lowenstein on connecting artists and fans, Twitter's new ad strategy, US Airways' major major tweet fail, is Runkeeper's Breeze app Rad or Fad? And more!

OMGcraft

Chad shows off Play Mindcrack's version of Goat Simulator for Minecraft!

Coding 101 13

Sanitize')DROP TABLE Python;

April 17 2014

Hosts: Fr. Robert Ballecer, SJ and Shannon Morse

Guest: Dale Chase

Welcome to Coding 101 - It's the TWiT show that gives YOU the knowledge to live in the wonderful world of the programmer. This week we are introducing our newest module, Python with Code Warrior Dale Chase!

To see all the code used in today's episode, go to Our Github Repository for Module 2

Loops (Recap)

* As we may recall, loops are an easy way to reuse code.
* It allows us to "loop" a section of code so that it doesn't have to be writen over and over.

While Loops
"While loops in Python work very much like they do in C#

They use some sort of counter and some sort of relational true/false statement. The while loop will continue to run as long as the statement is true. The true/false statement is pre-test, meaning that it will evaluate the statement BEFORE the loop code is executed."

Code Sample:

counter = 0

while counter < 5:

counter = counter +1
print counter

Output:
1
2
3
4
5"

Sanitizing your Input!

The Heartbleed Bug

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

Here is the OpenSSL Code

(The Bug starts on Line 3972)
/* Read type and payload length first */

hbtype = *p++;

n2s(p, payload);

pl = p;

hbtype is the TYPE of data

P++ increments the pointer

p is the pointer for the payload

payload is the length of the payload"

The problem is that the SENDER gets to set the "payload" length and the code never checks to see if the sent length matches the recieved length of the payload.

The Crux of the Matter:
* The Hearbleed bug stems from code that does not check to make sure it's recieving into memory what it expected.
* In other words... IT DIDN'T SANITIZE IT'S INPUT!

Get in Touch With Us!

* Subscribe and get Coding 101 automatically at TWiT.tv!
* Follow PadreSJ and Snubs on Twitter.
* Watch the show live and join the chatroom every Thursday at 1:30pm PST.
* Email us at Padre@twit.tv and Shannon@twit.tv.
* Join our Google+ Community!

Download or subscribe to this show at twit.tv/code.

Bandwidth for Coding 101 is provided by Cachefly.

Running time: 41:46

Sponsors: