Alibaba Cloud slapped by Chinese ministry for mishandling Log4j China's Ministry of Industry and Information Technology has suspended Alibaba Cloud's membership of an influential security board to protest its handling of the Log4j flaw. The move appears odd as The Apache Software Foundation credited Alibaba Cloud's Chen Zhaojun for identifying and reporting the Log4J flaw in the first …
Is there an equivalent Chinese proverb?
Saying your star player will be booted off the football team is a bit daft. Alibaba could very much just find more of these issues and without a forum to discuss, do the same again, putting MIIT at a disadvantage.
But hey this is above my pay grade, brighter people than me can see the wisdom in it.
Actually, benching a star athlete is done all the time by teams that are interested in maintaining a team culture or ethic.
If you take China at their word (always an iffy thing to do) they wanted MIIT to know as soon any MIIT member knew because there were other MIIT companies that would be affected.
"seems apt."
Seems an appropriate sentence.
But allow me to point it out, Chinese regulators allow the disclosure of the vuln. to the vendor, then to the National Vulnerability Database instead of world+dog. Seems to me they missed the second rule, not the first one.
... as I'm pretty most superpowers will have been bailout to have that weapon in their warchest.
They did well to release it to the apache foundation; perhaps with an anonymous account or apache having an anonymous drop web page that doesn't need an account. No credits though and work filtering the junk submitted I suppose.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
