cURL author receives rude LogJ4 security inquiry

[Akira Urushibata]

LogJ4 Security Inquiry - Response Required
https://daniel.haxx.se/blog/2022/01/24/logj4-security-inquiry-response-required/

  On Friday January 21, 2022 I received this email. I tweeted about it
  and it took off like crazy.

  The email comes from a fortune-500 multi-billion dollar company that
  apparently might be using a product that contains my code, or maybe
  they have customers who do. Who knows?

  ...

Tweet mentioned above:
https://twitter.com/bagder/status/1484672924036616195

  If you are a multi billion dollar company and are concerned about
  log4j, why not just email OSS authors you never paid anything and
  demand a response for free within 24 hours with lots of info? ...

---

Richard Stallman stresses the importance of freedom, and many people
follow his instructions.  This kind of episode makes me wonder: is
freedom enough?

We tell people: "It's free as in freedom, not as in free beer."  While
I don't object to this slogan, I must point out that in reality, the
vast majority of free software users get it for free, without paying
anything for it.

When you get something for free, you are supposed to say thanks.  With
free software, many people fail to do that.  I fear lack of gratitude,
in wholehearted emotion as well as outward expression, will have
consequences.

It's rude not to say thanks.  Some people try to justify rudeness with
claims like this: "This isn't sophisticated.  It didn't take much
skill or effort to make.  It's not important."  If this is not
accurate, it can lead to trouble for those affected, including the
good-willed author who released his work under a free license.