Taylor Jolin

Technology Solutions Consultant, Musician, Animator

Category: Technology


So what is Log4j and why do we care?

Well, first, we need to understand what Log4j is. Essentially, Log4j is the logging function that is built-in in Java applications. This current vulnerability is affecting Apache servers; however, I feel that it will spread to a larger domain of targets aside from web servers.

On December 9th, the initial vulnerability was discovered, and software and hardware makers scrambled to issue patches for their products. A few days later, however, Hideki Okamoto of Akamai Technologies and other researchers found additional vulnerabilities within the patches.

So why is this a big deal? Well, Java is a colossal language and has a presence in a large number of consumer products. This vulnerability allows for the remote execution of code. When exploited, Log4J enables the attacker to remotely inject code into services that use the Log4j library with system-level privileges.

So what do we do? Updating Java is not enough. One thing you can do is update to Log4j2 version 2.16. If you cannot update, you can mitigate this vulnerability by setting either the system property log4j2.formatMsgNoLookups or the environmental variable LOG4J_FORMAT_MSG_NO_LOOKUPS to TRUE.


Trying out Logic Pro X…

I have become a total Mac enthusiast over the past few years and this is even further down the rabbit hole. I used to use Reaper as my primary DAW but decided to try Logic out finally. I love the editing features of Logic and am now a full convert. This mix in this post is using Logic Pro with the built in EQs and Compressors.

On the master track I have used the Slate Virtual Mix Rack. The guitar tracks are pretty straight forward; my Ibanez 8 string into my old, trusty AxeFX Ultra.