Abuse Melding

Je hebt een klacht over de onderstaande posting:

27-12-2021, 20:17 door Anoniem

Door Anoniem: Het probleem zit m'n niet alleen in de code maar met name ook in hoe Java applicaties in elkaar zitten zoals Anoniem 10:29 noemt. Op ZDNet: "Its real trouble isn't so much with open-source itself. There's nothing magical about open-source methodology and security. Security mistakes can still enter the code. Linus's law is that given enough eyeballs, all bugs are shallow. But, if not enough developers are looking, security vulnerabilities will still go unnoticed. As what I'm now calling Schneier's law, "Security is a process, not a product," points out constant vigilance is needed to secure all software. That said, the real pain-in-the-rump with log4j is with how Java hides what libraries its source code and binaries use in numerous Java Archive (JAR) variations. The result? You may be using a vulnerable version of log4j and not know until it's been exploited. " Behind the log4j mess is another problem, That's "How do you know what open-source components your software is using?" For ...

Beschrijf je klacht (Optioneel):

captcha