Right now, Volkan Yazici is working 22 hour days for free. Yazici is a member of the Log4J project, an open-source tool used widely to record activity inside various types of software. It helps run huge swaths of the internet, including applications ranging from iCloud to Twitter, and he and his colleagues are now desperately trying to deal with a massive vulnerability that has put billions of machines at risk.
As pressure and critics pile on the Log4J team, old questions of fairness are being asked about the open-source world. “Fairness is a problem,” says Ceki Gülcü, who founded Log4 . “There’s this weird imbalance, where you profit from something but you don’t give anything back.” The public is also almost completely ignorant of the immense role—and risk—of the free-labor-powered open-source software that runs the internet. OpenSSL powers encryption, for example, and Linux is behind the most widely used operating systems on the planet, including Android.