M"""""""`YM MMP"""""YMM MM"""""""`YM    MM'""""'YMM MMP"""""YMM M"""""`'"""`YM MM"""""""`YM M""MMMMM""M M""""""""M MM""""""""`M MM"""""""`MM
M  mmmm.  M M' .mmm. `M MM  mmmmm  M    M' .mmm. `M M' .mmm. `M M  mm.  mm.  M MM  mmmmm  M M  MMMMM  M Mmmm  mmmM MM  mmmmmmmM MM  mmmm,  M
M  MMMMM  M M  MMMMM  M M'        .M    M  MMMMMooM M  MMMMM  M M  MMM  MMM  M M'        .M M  MMMMM  M MMMM  MMMM M`      MMMM M'        .M
M  MMMMM  M MMb     dMM MM  MMMMMMMM 88 MM.     .dM MMb     dMM M  MMM  MMM  M MM  MMMMMMMM Mb       dM MMMM  MMMM MM        .M MM  MMMMM  M

4E 4F 50 2E 43 4F 4D 50 55 54 45 52

Brief Review of Golang

package main;import(“fmt”);func main(){fmt.println(“Hello, World!”)} As a self-proclaimed and empirically evident part-time nerd, every so often I come across a device which can be utilized to exponentiate my nerdiness and propagate said nerdiness to others. These devices may be simply such to me yet even worse, real vices—such as leading me to countless hours down a rabbit hole which I end up in three weeks to two whole months later, wondering how I got there with a mission in mind which will take me at least another week(#overestimationduetopathologicalprocrastination) to accomplish. The device of topic is that which leads to more devices and can be argued to recursively devise devices: programming languages!

I came across programming languages around eleven years of age as I was learning my way around the Internet via AOL 2.5, getting into trouble on various(AOL, Prodigy, MSN, etc.) services with other people’s creations which were normally made with Visual Basic(VB)—at this time, 3.0 was the go-to. I decided to figure out how to go about making my own, which lead me to finding about SendKeys, which is a simple VB macro used to send keystrokes to specific windows then learning VB syntax on my own(via the Help menu and viewing source code). After some time, I moved on to other languages. As I got into networking, I went on a hiatus from programming and other digital endeavors then pursued other ventures in life. Now, over 20 years later, I’m back and trying my hand at Go!

I recently dropped Computer Science as my minor to be able to dedicate more time to the classes in my major and learning more modern technologies which I feel would be conducive to my development and viability within the field—and I would rather write x64 Assembly than Java.

Why Go?:

Go, also known as Golang, is a breath of fresh air for system-level programming because it’s designed for simplicity and also the pioneer of built-in concurrency. Safety was one of the biggest improvements over the older languages. One of the main intentions of Go was to correct where C goes wrong.

Memory management is an option yet there it’s not mandated nor is it recommended, unless the developer is that skilled and willing to take the risk. Golang has a plethora of features which are vastly improved over its predecessors, the main one being C(C-lang). It was designed by Robert Griesemer, Rob Pike and Ken Thompson – all legends in the field of Computer Science. Of course where you see Ken Thompson’s name, you know that Brian Kernighan’s is certainly within earshot. Brian Kernighan is a co-author in ‘The Go Programming Language’ book, which is designed very similarly to ‘The C Programming Language’ book, co-authored by Brian Kernighan and Dennis Ritchie.

With this mix of notable names in Computer Science, you can see why a following has brewed with Golang.

The Good!

Because Golang is a system-level language which compiles natively, the applications load much faster than interpreted languages such as my favorite: Python, and my least favorite: Java. Concurrency is built-in, so you may utilize concurrency/parallelism features for tasks which may demand so. Go is a statically-typed language which makes it strict and requires the programmer to learn to cleverly deal with these constraints.

Go is cross-system compatible, so the programs you develop will run on any system between Linux, Mac and Windows.

There’s a vast selection of packages to use with Go. The distance between you and something that can be a solution to your problem is only a couple clicks on golang.org or a trip to a bookstore to pick up a copy of The Go Programming Language, if your preference is paperback.

The Bad:

The compiled binaries tend to be larger than what you’d expect from even a simple-functioning application. To get them down to a more reasonable size, it requires a little more familiarity with the command line than many are willing to go or are comfortable with. However, the bright side is that you can compile it for a specific architecture to remove some of that bulk. The programmer ought to be familiar with systems and architectures in order to have a seamless experience with Go—there’s only so much that an IDE can do for you, so it’s best to familiarize yourself with the command line features of Golang, in addition to the terminal/console of one’s daily driving operating system.

The learning curve for Go isn’t too high yet it can be difficult to pick up on the tricky syntax at first. Yes, tricky! Coming from having an understanding of C—mostly through application security and reversing, Bash and Python, I find Golang’s syntax to be rather tricky. For example, it took some time for me to become accustomed to its unorthodox syntax for defining a function of a type:

func (r receiver) identifier(parameters)(returns) { // !code! } Python’s simple: def identifier(parameters): // !code! return #return statement

C’s syntax isn’t too far off from Python, as Python was designed to be the bridge between C-lang and Bash.

But wait, there’s more! As the problems become more complex, so do the solutions… Functions which use functions as parameters… Functions with functions as parameters which return functions. Coming from being a casual Pythonist code/user for over 10 years, it’s easy to get lost in the sauce when it comes to a language with such a disorienting order of code structure. However, the challenge is on!

Its Own Name; Its Own Lane:

Some of the differences which I’ve noted in Go from other languages are that it’s not object- oriented, which I am absolutely fine with. I think OOP had its place and it might be good if you’re dealing with a certain problem sets, yet it’s not fitting for every solution, especially if you’re one to prefer functional programming. What’s more, the computer doesn’t care if your code is composed in OOP or SOLID; What matters is if it compiles(working can make for a whole other story!)

Switch statements are rather different from other languages, in the sense that they no longer require a break statement for cases. This is one of the things of Go which makes the coding experience much less daunting because if it’s a switch statement, what else are you really going to do when the case matches, than break?

The options for built-in data structures are rather limited to slices and maps, or as others familiar with Python may know them as lists and dictionaries, and others familiar with C, C++ and Java may know them to be arrays and hash tables.

The only loop in Golang is the For Loop, which one must learn to work with in order to fill the shoes of while statements, etc. It’s not a difficult task, it just requires a non-conventional approach to iterations. Other language feature while loops, do-while, etc.

The ‘fmt’ and ‘vet’ packages are your friend. Vet is as the name implies, a veterinarian for your beloved coding gopher, which checks for bugs and erroneous code. Meanwhile, ‘fmt’ is short for Format, in which this feature fixes the formatting of your code to meet the standard amongst the Golang community, making your code much easier to read. However, it makes it a little more difficult to figure out who wrote the code, due to putting it in the community-standard style of coding convention.

New to Me:

There are some features of Go which are completely new to me, such as marshaling and unmarshaling JSON and XML. Marshaling is noted as a process done to arbitrary data, turning its structures into strings, then into structures, and back into strings. I tried this once and I still need a clear understanding of how this actually works behind the scenes. For now it seems like encoding/decoding of data via compression/decompression.

Go’s one of the few languages to require the curly braces for a For-Loop. In Java, it’s for the assistance of the programmer’s vision that the curly braces are used—to note that all within them are a part of the loop.

The Comparison:

As a longtime user of Python, it’s only natural that I am to compare Python to Go, although they are both programming languages, one is a high-level scripting language—which Go is also capable of doing. I compare go to Python due to its simplicity in syntax compared to other statically typed languages such as C++ and Rust. Python programs can be run on any machine as long as they’ve got Python installed. Python’s installation is required to interpret the code to the device. Go programs can be run on any machine with or without Go installed because they’re compiled and generally fit to run on any architecture unless the compiler has otherwise been instructed so.


python3 program.py This is the way to launch a Python application/script from the command line. go run This is one would launch a Go program as a script, directly from the code. go build This is how the program would be compiled with Go’s abnormally fast compiler. <./program>

Once compiled into an executable binary, the program can be launched from the command line without providing a file extension, if that’s how it was instructed to compile. I believe that the strength in this is accessibility which is in Go’s favor. Python2 was recently deprecated and Python3 is the successor yet there’s no confusion for those attempting to run any version of Go’s compiled programs due to compatibility issues. The same goes for Java as with Python. Java requires the user have Java runtime files pre-installed before they’re able to run any Java binaries. Go is capable of everything Python and Java are in addition to much more.

Attribution Detrimentation Station:

In an investigative scenario/situation, attribution is paramount when it comes to the results of a case. The evidence of a digital forensics case must be proven beyond reasonable doubt that there is a relationship between the data and the threat actor. One of the things which can obfuscate this for investigators is Go’s Format/”fmt” package. As previously noted in the above section, “Its Own Name, its Own Lane”, fmt has numerous uses. However, running the following:

gofmt -w

, on the command line will properly format a programmer’s code into a common code convention. Go’s ‘fmt’ is meant to increase readability, and enable better maintenance of code by having that code formatting convention. Fmt can throw off a person attempting to put an exact person to code, because one of their identification vectors—code analysis, can prove to be fruitless in this situation.

I took the time to experiment with Vim’s Go plugin, vim-go. Vim-go automatically runs gofmt and goimports on save.

A Verdict of Sorts: func verdict (sorts s) final_verdict() {

/* Golang is a very interesting language and I can’t expect it to be anything less than so, especially with the pioneering individuals behind it—they’re actually the ones who created the backbone to what we all know to be operating systems and modern programming languages. I’ve tried my hand at many programming languages due to being interested in reverse engineering, dealing with multiple operating systems, and taking numerous IT-related courses. Out of all languages, I can honestly state that Golang is the most interesting. I’ve some experimenting to do with the Go binaries because they seem to be vastly differ from C/C++ binaries. I’ve even seen some Assembler instructions in Golang’s compiled binaries which I haven’t seen in other languages such as C, C++ and Rust.

With the versatility of Golang, being a system language with reach high-level reach to applications and web with ease; I’ll be dedicating more time to learning the language and putting it to use. Go may very well relieve Python of its duties as my go-to programming language.

Go is simple enough to teach to a newbie and powerful enough for a veteran to make use of. The difficulty in picking up a new programming language comes from having an expectancy of syntax and the impatience which results in either learning quickly or not at all. The language has a wide range of features which I’ve not touched on in this review, yet if I ever start a blog, I will do so. I’ve taken a dive into Go and I will certainly explore the language further. } */

// This is a comment(the pair of forward slashes). Anything prior to the double forward-slashes is considered to be valid code // (up to you and the compiler), anything afterwards is considered a note to the reader of the code. `/* and */` denotes a multi-line comment, which the final paragraph composed between.