On Thursday, August 25, 2022 at 4:58:18 PM UTC+8 Gopher-Insane wrote: > Thank you kortschak, yes that was all I was doing. Seeking advice from > people who have better knowledge than me in this area. Again, very grateful > for everyone's help. > > On Thursday, 25 August 2022 at 09:54:13 UTC+1 kortschak wrote: > >> On Thu, 2022-08-25 at 01:47 -0700, Holloway Kean Ho wrote: >> > What exactly you're trying to achieve by taking a very elaborated, >> > crystal-clear, good-willed security-related article way out of its >> > context with your thread title here and agitate some of the Go >> > maintainers here? >> >> I don't think that's what the OP was doing. Bill Kennedy suggested they >> ask here, and I think that they have enough information/ideas to take >> back to their security team to address the misconceptions that they >> have. >> >> All right. In that case, you can point the same article's 2nd last paragraph which is very self-explainatory.
This book (§1, §2, and §7.5) should give you a quick basic: https://www.cs.ox.ac.uk/andrew.ker/docs/computersecurity-lecture-notes-mt2014.pdf This book should you give you a rough idea about introduction to specifically computing security technical aspect. Security itself has a lot of aspects.: http://www.uoitc.edu.iq/images/documents/informatics-institute/exam_materials/Introduction%20to%20Computer%20Security%20pdf%20DONE.pdf This manual alone (https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html) can give you an idea that a system security (hardware+software) is about controlling quite a large number of aspects and considerations than being picky with a programming language is the very last thing to consider. 1 additional point to counter to the counter-argument is: neither one (within computing security scope alone) mention specifically of a programming language being a threat since most of contents are theorems, threat model + countermeasures, practices, etc etc. The argument about behavorial detection in consumer-product AV: https://usa.kaspersky.com/resource-center/definitions/heuristic-analysis And difference between behavorial detection vs heuristic analyis: https://security.stackexchange.com/questions/157797/what-is-the-difference-between-heuristic-based-and-behaviour-based-virus-scannin Of course, given the current geo-political situation, you can search "heuristic analysis" of the AV of your choice and find out when they started the implementation. For Kas (I used to use it when I was on Windows OS long time ago), if I'm not mistaken, it was implemented all the way back since the transition from Windows XP to Windows 7 era. The rest of the competitors: I'm not aware of it. > Apologies if this caused offense. That was never the intention. I am a big fan of Go myself, and this was raised to me by our Security team. I was seeking the advice of experts in the field to help me build an argument. I do fully appreciate everyone's help. Nahh, no worries. Be careful with framing the title next time. Some forums' zealots will skin you alive with that kind of touch. Regards, Holloway -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/cda12c2d-d24b-447b-a8dd-72009c62e8bdn%40googlegroups.com.
