Sign In

Communications of the ACM

ACM Opinion

Log4j Vulnerability: Why Your Hot Take on It Is Wrong

View as: Print Mobile App Share:
Illustration shows a lock inside a shield to denote tech security.

Do not celebrate silly hot takes that try to reduce the Log4j problem to one thing. Security is complicated. Software is complicated.

Don't use the Log4j problem to start banging the drum of "open source sustainability" crises. Open source isn't a security problem, and open source sustainability is a complicated issue.

Instead, it's time to "accept the reality of bugs/outages; do the best that we can to mitigate, learn, and improve; and wait for the next one."

From TechRepublic
View Full Article


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account