Changelog Master Feed

Security for Gophers (Go Time #101)

Listen Later

Mat, Filippo, Johan, and Roberto discuss security in Go. Does Go make it easy to secure your code? What common mistakes are Gophers making? What is fuzzing? How can attackers abuse your code if you use the default http mux?

Join the discussion

Changelog++ members support our work, get closer to the metal, and make the ads disappear. Join today!

Sponsors:

  • KubeCon + CloudNativeCon – The Cloud Native Computing Foundation’s flagship Kubernetes community conference which gathers adopters and technologists from leading open source and cloud native communities. Learn more and register — get 10% off with the code KCNACHANGELOG19 Feel free to use the Convince Your Boss letter in part or in full so you can your team can attend.
  • TeamCity by JetBrains – Build and release your software faster with TeamCity — a self-hosted continuous integration and delivery server developed by JetBrains. TeamCity is super-smart at running incremental builds, reusing artifacts, and building only what needs to be built, which can save over 30% of the daily build time. Learn more at teamcity.com/gotime.
  • LinodeOur cloud server of choice. Deploy a fast, efficient, native SSD cloud server for only $5/month. Get 4 months free using the code changelog2019. Start your server - head to linode.com/changelog.
  • FastlyOur bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform. Learn more at fastly.com.

    • Featuring:

    • Filippo Valsorda – Website, GitHub, Mastodon, X
    • Johan Brandhorst – Website, GitHub, X
    • Roberto Clapis – GitHub, X
    • Mat Ryer – GitHub, LinkedIn, Bluesky, X

    Show Notes:

    • Go Playground example #1 - this demonstrates the sql safety pattern that Roberto mentions in the episode.
    • Go Playground example #2 - this demonstrates the stringer pattern mentioned by Roberto to avoid printing passwords out in logs.
    • go-fuzz package - a package for generating random inputs for your code.
    • So you want to expose Go on the Internet - although this needs updating, it was written by Filippo to help others tackle the challenge of securely exposing Go services to the internet.

      • Something missing or broken? PRs welcome!

      ...more
      View all episodesView all episodes
      Download on the App Store
      Changelog Master FeedBy Changelog Media
      • 4.4
      • 4.4
      • 4.4
      • 4.4
      • 4.4

      4.4

      29 ratings

      More shows like Changelog Master Feed

      View all
      Software Engineering Radio - the podcast for professional software developers by team@se-radio.net (SE-Radio Team)

      Software Engineering Radio - the podcast for professional software developers

      273 Listeners

      Hanselminutes with Scott Hanselman by Scott Hanselman

      Hanselminutes with Scott Hanselman

      382 Listeners

      The Changelog: Software Development, Open Source by Changelog Media

      The Changelog: Software Development, Open Source

      288 Listeners

      Software Engineering Daily by Software Engineering Daily

      Software Engineering Daily

      625 Listeners

      Talk Python To Me by Michael Kennedy

      Talk Python To Me

      581 Listeners

      Soft Skills Engineering by Jamison Dance and Dave Smith

      Soft Skills Engineering

      289 Listeners

      Thoughtworks Technology Podcast by Thoughtworks

      Thoughtworks Technology Podcast

      44 Listeners

      The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence) by Sam Charrington

      The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence)

      436 Listeners

      Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

      Syntax - Tasty Web Development Treats

      988 Listeners

      CoRecursive: Coding Stories by Adam Gordon Bell - Software Developer

      CoRecursive: Coding Stories

      188 Listeners

      Kubernetes Podcast from Google by Abdel Sghiouar, Kaslin Fields

      Kubernetes Podcast from Google

      179 Listeners

      Practical AI by Practical AI LLC

      Practical AI

      200 Listeners

      The Stack Overflow Podcast by The Stack Overflow Podcast

      The Stack Overflow Podcast

      63 Listeners

      Big Technology Podcast by Alex Kantrowitz

      Big Technology Podcast

      506 Listeners

      Oxide and Friends by Oxide Computer Company

      Oxide and Friends

      67 Listeners