Forums
Nov 21Don't Lookup: The Log4j Debacle
by in News Roundup on 2021-12-15All the headlines for the past week have touched upon the "Log4Shell" bug, CVE-2021-44228. This is a "big deal" bug that's coupled with some surprising features of how Java works.
Before we get into the news roundup portion of this, we need to discuss a little history. Today, the buzzword is "microservices". We break up our large, complicated application into a bunch of tiny services, and focus on how messages travel between these services. Usually, these services are communicating through some sort of network protocol or a message bus. The topology of a large and complicated application can turn into a forest of unclear and difficult to parse dependencies.