Log4J Vulnerability (Log4Shell) Explained - for Java developers

Log4j 2.17 is out for vulnerabilities discovered in 2.16

DouglasRosser

I was not satisfied with other contents out there. The moment I noticed your video I was sure before watching that now I am going to get 101% correct understanding as usual. Thanks a lot Koushik!

mohammadwaseemraza

You have superpower of explaining difficult things in easy words.
Nicely explained that companies don't value for free open source stuff ( that reminds me we don't thank you enough for making such great free content 😊).

Maybe 2nd version of this video would be (we always ask for more 😊).
1. Live example showing same vulnerability in action.
2. How exactly this issue is fixed. i.e. before and after comparison.

ChiragVithlani

More than the knowledge on this topic, I am overwhelmed by your thought towards people contributing for open source tools/apps. Your thoughts towards open source community is SO PURE. KUDOS!!! It's not always MONEY that matters, by the way. People like you having such noble intent towards society and community. KEEP THIS SPIRIT ON!!! Thanks

thunderbolt

I am watching this almost more than a year after this was released (yup, I'm not a techie/tech geek), and I have watched quite a few videos trying to understand this issue (esp. for non-techies), and this is one of the best videos explaining this issue!! And this is coming from a non-technie! Kudos!

shantanusapru

Thank you for explaining this. Especially the thought about many companies making money out of using open-source libraries but not giving back to the open-source volunteers.

sumitdas-krfe

Your make a brilliant point. Often see huge companies tap into open source and brag about it, but forgetting to support the people actually doing it financially.

larsoleruben

Always comeback to learn from your tutorials from my early college days (around 2013-14). Kaushik you are really a great teacher who can convey the knowledge in simplified manner. Your view on Private companies donating money to these opensource project is spot on, but there is chances of these companies controlling the whole project and projecting their own agenda into it, so yes it would be great if we can support such projects financially but it's tricky one. Also I'm thankful for people like you who provide such a quality stuff, I have nothing but deep gratitude and I'm planning to become member of your channel to support what you're doing, keep doing this we need more people like you :)

vivekmishra

Dude, that is hands-down the most informative, entertaining, and accurate description of the log4j vulnerability that I've enjoyed. Thanks!

JoeKme

The way you ended the video with that thought provoking message is awesome

valardohaeris

The last part of the video regarding supporting open source software is really thoughtful. Thank you.

MuztabaHasanat

This is by far the best Log4J vulnerability explanation on the internet

dinushkamahawedage

Just like open source we have "stack overflow" people don't realize the efforts and time people devote to help this community to keep going, be its open source or helping some developer out, we must respect and do what ever we can in order to get things going.

gauravchauhan

Your channel has been a single source of truth for all things Java for me for a very long time now. Thank you for the explanation.

faziluddinshaik

I’m a total layman on this and am just informing myself so that I understand what is happening with my work’s response to the vulnerability. Your content is so clear yet detailed. Absolutely fantastic.

topaz_climber

I was watching this in Incognito mode but this explaination is so awesome that I had to come here to like it and comment on it. Awesome stuff. Thanks for all this effort.

rajanchauhan

Came for the vulnerabilty,
Left with a beautiful message .
Thank you .

himanshutripathi

So far one of the best explanations I've heard about this issue. Great job. "When was it really exploited?" Yes, great question...

matteotony

Kaushik your words are ultimate..you got to be the professor for all java developers as like in money heist serial.!

citizen

I am not an IT professional but I know people who are and frantically working to resolve there log4j issues. Atleast I know why now. This vid might be for java pros, but the explanation was clear even for a layman like me. Cheers!

Blokelobster