Did anyone say TWAMP?
And this is different from TWAMP/OWAMP https://datatracker.ietf.org/doc/html/rfc5357 how exactly?
16 publicly visible posts • joined 28 Apr 2023
It seems to be a custom flavour of Ubuntu. Typically such builds are produced to bake in validated SSO/smartcard/VPN setup for the users to use out of the box.
What worries me is that offering a custom Linux build may be also used to deprive upstream projects like Ubuntu, LibreOffice, Thunderbird of support money. Which brings back the question of long-term sustainability of this endeavour. It would have been much simpler for a German public entity to get supported SLES from German Suse.
The blessed fix – migrating to log4j2 – is a large undertaking. And I would recommend migration to slf4j anyway. Not to mention that you need access to the source code of your app for either of them.
However, one of the original creators of log4j1 created a drop-in replacement https://reload4j.qos.ch/. It also works if you have software that is out of support – a single JAR could be replaced.
Many people didn't know this fix or didn't trust it because they weren't aware who created reload4j.
The only message RH is trying to send here is that RH clones do not get RELIABLE and TIMELY support, including for security fixes (which I can see embargoing from their own customers for a few days/weeks). This is enough for any serious company to buy from RH instead of using a clone if they operate a mission-critical system on RHEL. All the code in question is released by RH under GPL, often before it makes it to RHEL, sometimes after (eg security fixes). RH needs to just delay when the code is made available under GPL, not to actually prevent it from being shared.
Well, if you know which chips store the data, you can just desolder them with a hot air gun first and return a phone will all chips except for the flash storage chips. An example guide: https://www.ifixit.com/Guide/Unlock+NAND+Data+for+NAND+Repair+-+Fix+iPhone+X+Stuck+in+Recovery+Mode/145293