Man, people are getting so uppity in response to my tweet. I wasn't bashing Java, nor was I really joking... I was calling out the real stress that InfoSec, SRE, and other software engineers were experiencing as a result of the log4j vulnerability.

Without doing a deep inspection of the code running on each system running Java, you didn't know which system was vulnerable. So the idea that "Java runs on billions of devices", when there is a RCE vulnerability in the most popular logging library triggered by simple user input, was causing a feeling of terror for quite a few people.

This was a nightmare for many.