{"id":1363,"date":"2021-12-22T00:00:00","date_gmt":"2021-12-22T00:00:00","guid":{"rendered":"urn:uuid:c45c52ec-75f6-479d-8ea5-b2f0bad55cac"},"modified":"2021-12-22T00:00:00","modified_gmt":"2021-12-22T00:00:00","slug":"open-source-software-log4j-nocui-ruo-xing","status":"publish","type":"post","link":"https:\/\/www.sekaiken.com\/?p=1363","title":{"rendered":"Open source software Log4j \u306e\u8106\u5f31\u6027"},"content":{"rendered":"<p>MIT technology review \u3092\u8cfc\u8aad\u306f\u3058\u3081\u307e\u3057\u305f\u3002\u79d1\u5b66\u6280\u8853\u3092\u4e2d\u5fc3\u3068\u3057\u305f\u9031\u520a\u8a8c\uff1f\u3067\u3001$50\/year\u3067\u3059\u3002\u904e\u53bb\u8cfc\u8aad\u3057\u305fNational Geographic\u7b49\u3088\u308a\u3082\u79c1\u306b\u5408\u3063\u3066\u3044\u308b\u3088\u3046\u3067\u3001\u9762\u767d\u3044\u306e\u306f\u3044\u3044\u306e\u3067\u3059\u304c\u3001\u6642\u9593\u304c\u8db3\u308a\u306a\u304f\u306a\u308a\u307e\u3059\u3002\u3055\u3066\u3001\u6628\u65e5\u6709\u6599\u306e\u8ee2\u8077\u4f1a\u793eIndeed\u306e\u8a71\u3092\u3057\u305f\u306e\u3067\u3001\u4eca\u65e5\u306f\u3042\u308b\u610f\u5473\u305d\u306e\u5bfe\u6975\u306b\u3042\u308b open-source software developers\u306e\u8a71\u3092\u540c\u8a8c\u304b\u3089\u7d39\u4ecb\u3057\u307e\u3059\u3002\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u306e\u5185\u90e8\u51e6\u7406\u3067\u5e83\u304f\u4f7f\u308f\u308c\u3066\u3044\u308bLog4J\u3068\u3044\u3046\u30bd\u30d5\u30c8\u306b\u8106\u5f31\u6027\u304c\u898b\u3064\u304b\u3063\u305f\u305d\u3046\u3067\u3001\u305d\u306e\u5bfe\u7b56\u3067\u30dc\u30e9\u30f3\u30c6\u30a3\u30a2\u304c\u4e00\u65e522\u6642\u9593\u52b4\u50cd\u3067\u60b2\u9cf4\u3092\u4e0a\u3052\u3066\u3044\u308b\u3068\u306e\u3053\u3068\u3002\u30d0\u30b0\u3084\u8106\u5f31\u6027\u3092\u898b\u3064\u3051\u308b\u4eba\u3084\u5bfe\u51e6\u3059\u308b\u4eba\u306b\u5bfe\u4fa1\u3092\u6255\u3046\u65b9\u5411\u3067\u5927\u4f01\u696d\u304c\u30b5\u30dd\u30fc\u30c8\u306b\u4e57\u308a\u51fa\u3057\u3066\u3044\u308b\u3001\u3068\u8a18\u4e8b\u306f\u7d50\u3070\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>Log4J helps run huge swaths of the internet, including applications ranging from iCloud to Twitter, and he and his colleagues are now desperately trying to deal with a massive vulnerability that has put billions of machines at risk.<\/p>\n<p>swath \u30b9\u30ef\u3059\u3000\u5927\u938c\u3067\u5208\u3063\u305f\u3072\u3068\u5208\u308a\u5206\u306e\u7267\u8349\u3000\uff08\u2190\u65e5\u672c\u8a9e\u306b\u3059\u308b\u3068\u9577\u304f\u306a\u308b\u8a00\u8449\u3067\u3059\u306d\uff09<br \/>\nmassive \u5927\u898f\u6a21\u306a\u3001\u5927\u304d\u304f\u3066\u91cd\u3044<br \/>\nvulnerability \u8106\u5f31\u6027 \u30f4\u30a1\u30eb\u30cd\u30e9\u300c\u30d3\u300d\u308a\u30c6\u30a3\u3000vulnerable \u300c\u30f4\u30a1\u300d\u30eb\u30cd\u30e9\u30d6\u308b\u3000\u8106\u5f31\u306a\u3001\u5f31\u5f31\u3057\u3044<br \/>\ndesperately \u6b7b\u306b\u7269\u72c2\u3044\u3067\u3000\u300c\u30c7\u300d\u30b9\u30d1\u30ec\u30fc\u30c8\u308a<br \/>\nput something at risk  \u5371\u967a\u306b\u3055\u3089\u3059<\/p>\n<p>For something so important, you might expect that the world\u2019s biggest tech firms and governments would have contracted hundreds of highly paid experts to quickly patch the flaw.<br \/>\npatch \uff08\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u7528\u8a9e\uff09\u30d1\u30c3\u30c1\u3092\u5f53\u3066\u308b\u3001\u4fee\u5fa9\u3059\u308b<br \/>\ncontract \u5951\u7d04\uff08\u3059\u308b\uff09\u3000\u540d\u8a5e\u306e\u30a2\u30af\u30bb\u30f3\u30c8\u306f\u524d\u3002\u52d5\u8a5e\u306e\u30a2\u30af\u30bb\u30f3\u30c8\u306f\u524d\u5f8c\u308d\u3001\u4e21\u65b9\u3042\u308b\u3088\u3046\u3067\u3059\u3002<\/p>\n<p>\u6628\u65e5\u306e\u96fb\u6c17\u5de5\u4e8b\u58eb\u5354\u4f1a\u306e\u30b5\u30a4\u30c8\u306b\u306f&rdquo;Empowering Contractors&rdquo; \u8acb\u8ca0\u696d\u8005\uff08\u7c73\u300c\u30b3\u300d\u30f3\u30c8\u30e9\u30af\u30bf\u30fc\u3000\u571f\u5efa\u696d\u8005\u3001\u304c\u306f\u307e\u308b\u3053\u3068\u3082\u3042\u308b\uff09\u306b\u529b\u3092\u4e0e\u3048\u308b\uff08\u6a29\u9650\u3092\u4e0e\u3048\u308b\u3001\u304c\u306f\u307e\u308b\u3053\u3068\u3082\u3042\u308b\uff09\u3000\u3068\u3042\u308a\u307e\u3057\u305f\u3002\u3000\u3000<\/p>\n<p>Log4J, which has long been a critical piece of core internet infrastructure, was founded as a volunteer project and is still run largely for free, even though many million- and billion-dollar companies rely on it and profit from it every single day. <\/p>\n<p>rely on\u3000\u983c\u308b<br \/>\nprofit from it \u305d\u308c\u304b\u3089\u5229\u76ca\u3092\u3042\u3052\u308b<\/p>\n<p>In some ways the structure resembles unpaid internships in other industries\u2014a system increasingly seen as unethical(\u53cd\u502b\u7406\u7684\u306a\u3000\u30a2\u30f3\u300c\u30a8\u300d\u3057\u30ab\u30eb), exploitative\uff08\u643e\u53d6(\u3055\u304f\u3057\u3085\uff09\u7684\u306a\u3000\u30a8\u30af\u30b9\u30d7\u308d\u30a4\u30bf\u30c6\u30a3\u30f4\uff09\u3000, and unfairly advantageous to people who can afford to take on heaps \uff08\u96c6\u7a4d\u3000\u30d2\u30fc\u30d7\uff09of uncompensated \uff08\u5bfe\u4fa1\u3092\u53d7\u3051\u306a\u3044\uff09work at the expense of those who cannot\u3000\uff08\u305d\u308c\u304c\u3067\u304d\u306a\u3044\u4eba\u3005\u306e\u8cbb\u7528\u306e\u3082\u3068\u3067\uff09.<\/p>\n<p>These are the top systemic risks to the internet.  systemic\u306f\u3001\u751f\u7406\u5b66\u7528\u8a9e\u3067\u300c\u8eab\u4f53\u5168\u4f53\u306e\u300d<br \/>\nHe, for instance, parlayed his free work on Log4J into multiple lucrative software development jobs in the finance industry.   parlay \u300c\u30d1\u30fc\u300d\u308c\u30a4\u3000\u8ac7\u5224\u3059\u308b\u3001\u4ea4\u6e09\u3059\u308b<\/p>\n<p>\u203b\u3000open source\u306e\u958b\u767a\u3092\u7121\u5bfe\u4fa1\u3067\u884c\u3063\u3066\u3082\u3001\u5225\u306e\u9ad8\u984d\u306e\u4ed5\u4e8b\u306e\u305f\u3081\u306e\u5b9f\u7e3e\u3065\u304f\u308a\u306b\u306a\u308b\u3068\u3044\u3046\u4ed5\u7d44\u307f\u3067\u52d5\u3044\u3066\u3044\u305f\u304c\u3001\u8106\u5f31\u6027\u3092\u767a\u898b\u3057\u305f\u308a\u5bfe\u7b56\u3057\u305f\u308a\u3059\u308b\u305f\u3081\u306e\u52d5\u6a5f\u4ed8\u3051\u306b\u306f\u306a\u308a\u306b\u304f\u3044\u3002\u8106\u5f31\u6027\u5bfe\u5fdc\u306b\u306f\u3001\u958b\u767a\u8005\u4ee5\u5916\u3067\u5185\u90e8\u306e\u8a73\u7d30\u3092\u7406\u89e3\u3059\u308b\u4eba\u304c\u5fc5\u8981\u306a\u305f\u3081\u3001\u5bfe\u4fa1\u3092\u6255\u308f\u306a\u3044\u3068\u3084\u308b\u6c17\u306b\u306a\u308b\u4eba\u304c\u51fa\u306a\u3044\u3002\u305d\u3053\u306e\u624b\u5f53\u3092Google\u7b49\u5927\u4f01\u696d\u304c100\u5104\u5186\u57fa\u91d1\u3092\u3064\u304f\u3063\u305f\u308a\u3057\u3066\u884c\u304a\u3046\u3068\u3057\u3066\u3044\u308b\u3001\u3068\u306e\u3053\u3068\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>MIT technology review \u3092\u8cfc\u8aad\u306f\u3058\u3081\u307e\u3057\u305f\u3002\u79d1\u5b66\u6280\u8853\u3092\u4e2d\u5fc3\u3068\u3057\u305f\u9031\u520a\u8a8c\uff1f\u3067\u3001$50\/year\u3067\u3059\u3002\u904e\u53bb\u8cfc\u8aad\u3057\u305fNational Geographic\u7b49\u3088\u308a\u3082\u79c1\u306b\u5408\u3063\u3066\u3044\u308b\u3088\u3046\u3067\u3001\u9762\u767d\u3044\u306e\u306f\u3044\u3044\u306e\u3067\u3059\u304c\u3001\u6642\u9593\u304c\u8db3\u308a\u306a\u304f\u306a\u308a\u307e\u3059\u3002\u3055\u3066\u3001\u6628\u65e5\u6709\u6599\u306e\u8ee2\u8077\u4f1a\u793eIndeed\u306e\u8a71\u3092\u3057\u305f\u306e\u3067\u3001\u4eca\u65e5\u306f\u3042\u308b\u610f\u5473\u305d\u306e\u5bfe\u6975\u306b\u3042\u308b open-source software developers\u306e\u8a71\u3092\u540c\u8a8c\u304b\u3089\u7d39\u4ecb\u3057\u307e\u3059\u3002\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u306e\u5185\u90e8\u51e6\u7406\u3067\u5e83\u304f\u4f7f\u308f\u308c\u3066\u3044\u308bLog4J\u3068\u3044\u3046\u30bd\u30d5\u30c8\u306b\u8106\u5f31\u6027\u304c\u898b\u3064\u304b\u3063\u305f\u305d\u3046\u3067\u3001\u305d\u306e\u5bfe\u7b56\u3067\u30dc\u30e9\u30f3\u30c6\u30a3\u30a2\u304c\u4e00\u65e522\u6642\u9593\u52b4\u50cd\u3067\u60b2\u9cf4\u3092\u4e0a\u3052\u3066\u3044\u308b\u3068\u306e\u3053\u3068\u3002\u30d0\u30b0\u3084\u8106\u5f31\u6027\u3092\u898b\u3064\u3051\u308b\u4eba&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[43,42],"tags":[6,5],"class_list":["post-1363","post","type-post","status-publish","format-standard","hentry","category-companies","category-tech","tag-companies","tag-tech"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.sekaiken.com\/index.php?rest_route=\/wp\/v2\/posts\/1363","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sekaiken.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sekaiken.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sekaiken.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sekaiken.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1363"}],"version-history":[{"count":0,"href":"https:\/\/www.sekaiken.com\/index.php?rest_route=\/wp\/v2\/posts\/1363\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.sekaiken.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1363"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sekaiken.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1363"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sekaiken.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1363"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}