To this day the most prevalent, evasive and destructive malware is developed in C/C++... So may as well ban those languages too!!
Seriously, if your answer to 'stopping malware written in Go' is to ban all applications written in Go, your security team needs some more training budget or you need to get a new team altogether. Banning a language because 'the AV we pay 10mil a year for doesn't catch it' is an insane thought process. Get Outlook for Android<https://aka.ms/AAb9ysg> ________________________________ From: golang-nuts@googlegroups.com <golang-nuts@googlegroups.com> on behalf of Robert Engels <reng...@ix.netcom.com> Sent: Tuesday, August 23, 2022, 09:49 To: Brian Candler <b.cand...@pobox.com> Cc: golang-nuts <golang-nuts@googlegroups.com> Subject: Re: [go-nuts] Is Go a security malware risk? I think what is being suggested that if the sec team bans all applications that exhibit dynamic code loading behavior they’d be safer - which would catch a lot of apps in the net. On Aug 23, 2022, at 10:44 AM, Brian Candler <b.cand...@pobox.com> wrote: On Tuesday, 23 August 2022 at 15:30:49 UTC+1 Gopher-Insane wrote: The issue is not a vulnerability in the language itself but the use of that language to embed malware so AV signatures do not detect it. The feeling is that our InfoSec will be wanting to restrict obscure languages (Go, Rust etc...). And how exactly does choosing not to use Go/Rust in your own organization, avoid you from getting infected by malware written in Go/Rust? -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com<mailto:golang-nuts+unsubscr...@googlegroups.com>. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/a465a7ff-3e13-458d-a7f8-61c0375c38a7n%40googlegroups.com<https://groups.google.com/d/msgid/golang-nuts/a465a7ff-3e13-458d-a7f8-61c0375c38a7n%40googlegroups.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com<mailto:golang-nuts+unsubscr...@googlegroups.com>. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/CD882B25-875C-48BF-9AC2-C3E003B38451%40ix.netcom.com<https://groups.google.com/d/msgid/golang-nuts/CD882B25-875C-48BF-9AC2-C3E003B38451%40ix.netcom.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/SN6PR04MB4622C5AFD39130B92312B07DA1709%40SN6PR04MB4622.namprd04.prod.outlook.com.
