Hello DDB team and forum friends, it's my first time posting here.
Some of my players are worried about this log4j thing in java, is this something being addressed by the DDB team? Should we be concerned? My players and myself are very conscious about cyber security flaws and the last thing we want is to play dnd and then have something happen.
If you have any information for peace of mind that would be cool. I dont know if this applies to extensions like beyond20 as well which you guys do not make, but may be a vulnerability?
Based on the size of the company and the type of work they do, they most likely have proxies in place that will prevent this type of stuff from occurring. Further more patches are already coming out by Apache for this issue. I would say, change your passwords, which may do nothing. Watch your bank accounts. This too shall pass.
This was the same question asked at my work, but the host of our websites/apps are behind a proxy which hides the IP's of the servers running them. Without the IP of the server the .jar file being used can't be sent to the server. I can't speak for DDB, but I feel that they would have been privy to such info as news came out concerning log4j and would have made adjustments if needed.
Oh and just for those that are not in the know with log4j below is my quick google search for a simple definition of the issue. I am not in the network security world, but I do work in the software development space and have and have had what this thread is talking about, come up in conversation over the last few days.
Log4shell is a critical vulnerability in the widely-used logging tool Log4j, which is used by millions of computers worldwide running online services. A wide range of people, including organizations, governments and individuals are likely to be affected by it.
Rollback Post to RevisionRollBack
To post a comment, please login or register a new account.
Hello DDB team and forum friends, it's my first time posting here.
Some of my players are worried about this log4j thing in java, is this something being addressed by the DDB team? Should we be concerned? My players and myself are very conscious about cyber security flaws and the last thing we want is to play dnd and then have something happen.
If you have any information for peace of mind that would be cool. I dont know if this applies to extensions like beyond20 as well which you guys do not make, but may be a vulnerability?
Based on the size of the company and the type of work they do, they most likely have proxies in place that will prevent this type of stuff from occurring. Further more patches are already coming out by Apache for this issue. I would say, change your passwords, which may do nothing. Watch your bank accounts. This too shall pass.
This was the same question asked at my work, but the host of our websites/apps are behind a proxy which hides the IP's of the servers running them. Without the IP of the server the .jar file being used can't be sent to the server. I can't speak for DDB, but I feel that they would have been privy to such info as news came out concerning log4j and would have made adjustments if needed.
Oh and just for those that are not in the know with log4j below is my quick google search for a simple definition of the issue. I am not in the network security world, but I do work in the software development space and have and have had what this thread is talking about, come up in conversation over the last few days.