Log4j hack exposes problems with open-source software

If an orphan software project like this could be sitting in the heart of the world’s Internet infrastructure, how many other potential time bombs are there out there?

Hackers launched more than one million attacks on computers worldwide through a previously unnoticed vulnerability in the widely used piece of software called Log4j. PHOTO: ST FILE
New: Gift this subscriber-only story to your friends and family

(FINANCIAL TIMES) - The world runs on open-source software. What began as a crazy-sounding experiment - letting voluntary, self-organising communities write and maintain widely used pieces of software - has turned into a central part of the tech landscape. The average application these days includes more than 500 open-source components.

So it's more than a little alarming to discover that, more than two decades into the open-source era, glaring security holes sometimes surprise even the experts.

Already a subscriber? 

Dive deeper at $0.99/month

Want more exclusives, sharp insights into what's happening at home and abroad? Subscribe to stay informed.

Unlock these benefits

  • All subscriber-only content on ST app and straitstimes.com

  • Easy access any time via ST app on 1 mobile device

  • 2-week e-paper archive so you never miss out on any topic that matters to you

Join ST's Telegram channel and get the latest breaking news delivered to you.