Schedule

Schedule

Monday, May 25

1432573200 Tech News Today
1432576800 Triangulation
1432582200 iOS Today
1432589400 Coding 101
1432594800 Tech News 2Night

Tuesday, May 26

1432659600 Tech News Today
1432663200 MacBreak Weekly
1432672200 Security Now
1432681200 Tech News 2Night
1432684800 All About Android

Wednesday, May 27

1432740600 FLOSS Weekly
1432746000 Tech News Today
1432749600 Windows Weekly
1432756800 This Week in Google
1432767600 Tech News 2Night
1432769400 Android App Arena
1432774800 Ham Nation

Thursday, May 28

1432832400 Tech News Today
1432836000 Know How...
1432846800 Home Theater Geeks
1432854000 Tech News 2Night

Friday, May 29

1432918800 Tech News Today
1432922400 This Week in Law
1432933200 Before You Buy
1432940400 Tech News 2Night

Saturday, May 30

1433008800 The Tech Guy

Sunday, May 31

1433095200 The Tech Guy
1433109600 This Week in Tech

Monday, June 1

1433178000 Tech News Today
1433181600 Triangulation
1433187000 iOS Today
1433194200 Coding 101
1433199600 Tech News 2Night

Tuesday, June 2

1433264400 Tech News Today
1433268000 MacBreak Weekly
1433277000 Security Now
1433286000 Tech News 2Night
1433289600 All About Android

Wednesday, June 3

1433345400 FLOSS Weekly
1433350800 Tech News Today
1433354400 Windows Weekly
1433361600 This Week in Google
1433372400 Tech News 2Night
1433374200 Android App Arena
1433379600 Ham Nation

Most Recent Episodes

This Week in Tech

Uses of VR, Key FOB security, new Spotify, @POTUS, and more.

The Tech Guy
The Tech Guy 1190 May 24th, 2015

Make your own media player.

The New Screen Savers

Delighting audiences for decades, our guest Martin Sargent

The Tech Guy
The Tech Guy 1189 May 23rd, 2015

Finding a low cost telephone line that works during power outages.

This Week in Enterprise Tech

Your SSDs are DOOMED!

Before You Buy

Myriam Joire reviews the HP Spectre x360 laptop.

This Week in Law

A California appeals court lifts ban on the "Innocence of Muslims" video on YouTube.

Tech News 2Night

Selena Larsen joins us to discuss accessibility, iOS9, and WWDC rumors.

Tech News Today

Apple Round-up, Google Scrambles, and Russia threatens.

Home Theater Geeks

HDR, High Frame Rate, virtual reality, and more.

Coding 101 13

Sanitize')DROP TABLE Python;

April 17 2014

Hosts: Fr. Robert Ballecer, SJ and Shannon Morse

Guest: Dale Chase

Welcome to Coding 101 - It's the TWiT show that gives YOU the knowledge to live in the wonderful world of the programmer. This week we are introducing our newest module, Python with Code Warrior Dale Chase!

To see all the code used in today's episode, go to Our Github Repository for Module 2

Loops (Recap)

* As we may recall, loops are an easy way to reuse code.
* It allows us to "loop" a section of code so that it doesn't have to be writen over and over.

While Loops
"While loops in Python work very much like they do in C#

They use some sort of counter and some sort of relational true/false statement. The while loop will continue to run as long as the statement is true. The true/false statement is pre-test, meaning that it will evaluate the statement BEFORE the loop code is executed."

Code Sample:

counter = 0

while counter < 5:

counter = counter +1
print counter

Output:
1
2
3
4
5"

Sanitizing your Input!

The Heartbleed Bug

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

Here is the OpenSSL Code

(The Bug starts on Line 3972)
/* Read type and payload length first */

hbtype = *p++;

n2s(p, payload);

pl = p;

hbtype is the TYPE of data

P++ increments the pointer

p is the pointer for the payload

payload is the length of the payload"

The problem is that the SENDER gets to set the "payload" length and the code never checks to see if the sent length matches the recieved length of the payload.

The Crux of the Matter:
* The Hearbleed bug stems from code that does not check to make sure it's recieving into memory what it expected.
* In other words... IT DIDN'T SANITIZE IT'S INPUT!

Get in Touch With Us!

* Subscribe and get Coding 101 automatically at TWiT.tv!
* Follow PadreSJ and Snubs on Twitter.
* Watch the show live and join the chatroom every Thursday at 1:30pm PST.
* Email us at Padre@twit.tv and Shannon@twit.tv.
* Join our Google+ Community!

Download or subscribe to this show at twit.tv/code. Also, check out our transcripts.

Bandwidth for Coding 101 is provided by Cachefly.

Running time: 41:46

Sponsors: