China disciplines Alibaba Cloud for handling of Log4j bug
www.scmp.com
The Ministry of Industry and Information Technology said it will suspend work with Alibaba Cloud as a cybersecurity threat intelligence partner after the firm reported a critical security flaw to Apache.
  • Kusimulkku@lemm.ee
    1·
    1 year ago

    Notifying vendors first about security flaws is a cybersecurity industry norm, but a new law encourages Chinese companies to first notify the government

    That’s a bit… worrying

  • TheAnonymouseJoker@lemmy.ml
    01·
    3 years ago

    I think this is a wrong gesture on China’s part. The government should be a secondary entity to the developer entity of software code affected. Apache software’s bug should be known to Apache first, and then anyone else, considering Apache server is used everywhere in the world.