Log4J exploit

Lots of articles I’m reading about this is how Chinese and Russian state actors are perpetrating all these breaches and attacks.

Are we to assume that neither the US nor any of its allies is exploiting the Log4J flaw? Is it just American computers that are valuable to black hat hackers?

Are we not trying to get into the action, too? If so, why not?


Probably. though apparently none of my servers have the potential problem (had my dev look into this).

I’ve read that the dark branches of the US gov’t will walk into a data center, provide a black box and demand that it be installed on the main trunk - all traffic in and out goes through the black box. And then staff are not allowed to even mention it’s existence. That I actually find believable - and with that level of intrusion, hacking computers isn’t really necessary. It’s not a big stretch to go from that to the idea that other countries are doing the same thing, and sharing info.

You’re barely anonymous from other internet users, nevermind governments.

The NSA doesn’t have countless cryptanalysts working for it for no reason.

This isn’t new news. The news about “The Room” at the AT&T building in San Francisco came out 20 years ago.