Java Security: Log4J, the SecurityManager, and Funding
- Track: Friends of OpenJDK devroom
- Room: D.openjdk
- Day: Saturday
- Start: 13:20
- End: 14:00
- Video with Q&A: D.openjdk
- Video only: D.openjdk
- Chat: Join the conversation!
A demonstration of log4j exploits, which defenses people tried, and which worked. We'll cover how groups responded effectively to patch to see what was common. We'll also look at open source funding models, subscriptions, and bug bounty programs to see why it's sometimes hard to donate.
This talk will use actual exploit code that takes over systems through their log messages to open calculators.
Speakers
 |
Erik Costlow |