Episode 444
Mining the Logs
December 15th, 2021
40 mins 50 secs
Tags
About this Episode
The broader software problem the Log4Shell vulnerability reveals, and the story of how Chris lit his Coder robe on fire... While wearing it.
Support Coder RadioEpisode Links
- Apple Silicon Guide — A guide covering Apple Silicon including the applications, libraries and tools that will make you a better and more efficient with your Apple Silicon powered device.
- notes.jupiterbroadcasting.com — This site is a searchable archive of the show notes for the all Jupiter Broadcasting shows. Home to the best shows on Linux, Open Source, Security, Privacy, Community, Development, and News.
- How does Jupiter Broadcasting's notes site work? — It was a normal (for 2021) Sunday evening back in July, I was minding my own business, obviously doing something super cool, when I spotted a message from a certain badger-y fellow in the Self Hosted show’s Discord
- Hackers start pushing malware in worldwide Log4Shell attacks — When the Log4j application parses these logs and encounters the string, the bug will force the server to make a callback, or request, to the URL listed in the JNDI string. Threat actors can then use that URL to pass Base64-encoded commands or Java classes to execute on the vulnerable device.
- Microsoft quietly told Apple it was willing to turn big Xbox-exclusive games into iPhone apps — In reality, Microsoft was willing to play along with many of Apple’s demands — and it even offered to bring triple-A, Xbox-exclusive games to iPhone to help sweeten the deal.
- What’s in Apple’s iOS 15.2, iPadOS 15.2? Nude-Image Detection — In order for the feature to work, parents need to enable it on a family-sharing account.
- Linux Action News 219: Log4Shell Coverage — The Log4Shell vulnerability is making waves this week; we'll explain why and break down how it works.