Log4j hack exposes problems with open-source software

If an orphan software project like this could be sitting in the heart of the world’s Internet infrastructure, how many other potential time bombs are there out there?

Richard Waters
Hackers launched more than one million attacks on computers worldwide through a previously unnoticed vulnerability in the widely used piece of software called Log4j. PHOTO: ST FILE
Updated
Published
December 21, 2021 at 5:00 AM
New: Gift this subscriber-only story to your friends and family

(FINANCIAL TIMES) - The world runs on open-source software. What began as a crazy-sounding experiment - letting voluntary, self-organising communities write and maintain widely used pieces of software - has turned into a central part of the tech landscape. The average application these days includes more than 500 open-source components.

So it's more than a little alarming to discover that, more than two decades into the open-source era, glaring security holes sometimes surprise even the experts.

Already a subscriber? 

Dive deeper at $0.99/month

Want more exclusives, sharp insights into what's happening at home and abroad? Subscribe to stay informed.

ST One Digital Package - Monthly

$9.90 $0.99/month

No contract

$0.99/month for the first 3 months, $9.90/month thereafter. T&Cs apply.

Subscribe now

Unlock these benefits

  • All subscriber-only content on ST app and straitstimes.com

  • Easy access any time via ST app on 1 mobile device

  • 2-week e-paper archive so you never miss out on any topic that matters to you

Join ST's Telegram channel and get the latest breaking news delivered to you.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 031/10/2021, MCI (P) 032/10/2021. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2021 SPH Media Limited. All rights reserved.

Back to the top