Schedule

Schedule

Tuesday, March 3

1425405600 Tech News Today
1425409200 MacBreak Weekly
1425418200 Security Now
1425427200 Tech News 2Night
1425430800 All About Android

Wednesday, March 4

1425486600 FLOSS Weekly
1425492000 Tech News Today
1425495600 Windows Weekly
1425502800 This Week in Google
1425513600 Tech News 2Night
1425515400 Android App Arena
1425520800 Ham Nation

Thursday, March 5

1425578400 Tech News Today
1425582000 Know How...
1425587400 Marketing Mavericks
1425592800 Home Theater Geeks
1425600000 Tech News 2Night
1425601800 The Giz Wiz

Friday, March 6

1425664800 Tech News Today
1425668400 This Week in Law
1425679200 Before You Buy
1425686400 Tech News 2Night
1425690000 Padre's Corner

Saturday, March 7

1425754800 The Tech Guy

Sunday, March 8

1425837600 The Tech Guy
1425852000 This Week in Tech

Monday, March 9

1425920400 Tech News Today
1425924000 Triangulation
1425929400 iPad Today
1425936600 Coding 101
1425942000 Tech News 2Night

Tuesday, March 10

1426006800 Tech News Today
1426010400 MacBreak Weekly
1426019400 Security Now
1426028400 Tech News 2Night
1426032000 All About Android

Wednesday, March 11

1426087800 FLOSS Weekly
1426093200 Tech News Today
1426096800 Windows Weekly
1426104000 This Week in Google
1426114800 Tech News 2Night
1426116600 Android App Arena
1426122000 Ham Nation

Thursday, March 12

1426179600 Tech News Today
1426183200 Know How...
1426188600 Marketing Mavericks
1426194000 Home Theater Geeks
1426201200 Tech News 2Night
1426203000 The Giz Wiz

Most Recent Episodes

Tech News 2Night

Google Wireless is coming.

Coding 101

We finish our Arduino clock.

Triangulation

Becky Worley is the tech contributor for ABC.

TWiT Live Specials

Samsung Galaxy S6 Edge, HTC One M9, Acer Liquid Jade Z, and more.

Tech News Today

Mobile World Congress coverage.

iPad Today

Cord cutting options and other TV apps.

This Week in Tech

Mobile World Congress preview, Apple Watch speculation, Title II, and more.

The Tech Guy
The Tech Guy 1166 March 1st, 2015

Samsung announces Galaxy S6.

TWiT Live Specials

The Samsung Galaxy S6, S6 Edge, and Samsung Pay launch.

The Tech Guy
The Tech Guy 1165 February 28th, 2015

Storing photos and files if an iPad is your only computer.

Coding 101 13

Sanitize')DROP TABLE Python;

April 17 2014

Hosts: Fr. Robert Ballecer, SJ and Shannon Morse

Guest: Dale Chase

Welcome to Coding 101 - It's the TWiT show that gives YOU the knowledge to live in the wonderful world of the programmer. This week we are introducing our newest module, Python with Code Warrior Dale Chase!

To see all the code used in today's episode, go to Our Github Repository for Module 2

Loops (Recap)

* As we may recall, loops are an easy way to reuse code.
* It allows us to "loop" a section of code so that it doesn't have to be writen over and over.

While Loops
"While loops in Python work very much like they do in C#

They use some sort of counter and some sort of relational true/false statement. The while loop will continue to run as long as the statement is true. The true/false statement is pre-test, meaning that it will evaluate the statement BEFORE the loop code is executed."

Code Sample:

counter = 0

while counter < 5:

counter = counter +1
print counter

Output:
1
2
3
4
5"

Sanitizing your Input!

The Heartbleed Bug

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

Here is the OpenSSL Code

(The Bug starts on Line 3972)
/* Read type and payload length first */

hbtype = *p++;

n2s(p, payload);

pl = p;

hbtype is the TYPE of data

P++ increments the pointer

p is the pointer for the payload

payload is the length of the payload"

The problem is that the SENDER gets to set the "payload" length and the code never checks to see if the sent length matches the recieved length of the payload.

The Crux of the Matter:
* The Hearbleed bug stems from code that does not check to make sure it's recieving into memory what it expected.
* In other words... IT DIDN'T SANITIZE IT'S INPUT!

Get in Touch With Us!

* Subscribe and get Coding 101 automatically at TWiT.tv!
* Follow PadreSJ and Snubs on Twitter.
* Watch the show live and join the chatroom every Thursday at 1:30pm PST.
* Email us at Padre@twit.tv and Shannon@twit.tv.
* Join our Google+ Community!

Download or subscribe to this show at twit.tv/code. Also, check out our transcripts.

Bandwidth for Coding 101 is provided by Cachefly.

Running time: 41:46

Sponsors: