conferences | speakers | series

Java Security: Log4J, the SecurityManager, and Funding

home

Java Security: Log4J, the SecurityManager, and Funding
FOSDEM 2022

A demonstration of log4j exploits, which defenses people tried, and which worked. We'll cover how groups responded effectively to patch to see what was common. We'll also look at open source funding models, subscriptions, and bug bounty programs to see why it's sometimes hard to donate.

This talk will use actual exploit code that takes over systems through their log messages to open calculators.

Speakers: Erik Costlow