this post was submitted on 16 Apr 2025
306 points (99.4% liked)

Memes

49990 readers
1257 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 6 years ago
MODERATORS
gary_host_laptop@lemmy.ml
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
306
CVE program (lemmy.ml)
submitted 1 week ago* (last edited 1 week ago) by cypherpunks@lemmy.ml to c/memes@lemmy.ml
20 comments fedilink hide all child comments
 

References:

top 20 comments
sorted by: hot top controversial new old
[–] Sickos@hexbear.net 59 points 1 week ago* (last edited 1 week ago) (2 children)

Ooooooooooooooooooh shiiiiiiiiiiit that's not good

Like, for anybody who already understands that everything to do with computers talking to each other is basically held together with spit and tape, they're defunding the tape

CVE is THE definitive central source for "fix this potential hack now plz"--at least for things the US thought was too dangerous to keep secret for their own sneaky purposes. Oldheads may remember getting alerts from CERT.

I assume, being a public-facing service, that it wasn't profitable and therefore it's inefficient.

Like, EU CVD/CSIRT will undoubtedly step in to close that gap, but burning this is insane.

[–] Sickos@hexbear.net 41 points 1 week ago (1 children)

This is sticking your dick in a toaster levels of stupid

[–] LodeMike@lemmy.today 20 points 1 week ago (2 children)
[–] Sickos@hexbear.net 11 points 1 week ago (1 children)

he-laughed this must have been embedded in my subconscious

[–] nightwatch_admin@feddit.nl 5 points 1 week ago (1 children)

!AccidentallyNotTheOnion@feddit.nl

[–] LodeMike@lemmy.today 3 points 1 week ago (1 children)

No posts :3

[–] nightwatch_admin@feddit.nl 3 points 1 week ago (1 children)

Sorry. A community like that would have a place these days, right?

[–] LodeMike@lemmy.today 2 points 1 week ago (1 children)

IDK.

I'm saying "make the first post"

[–] nightwatch_admin@feddit.nl 4 points 1 week ago (1 children)

What, and end up a Mod? No thanks

[–] LodeMike@lemmy.today 2 points 1 week ago* (last edited 1 week ago) (1 children)

I'm the mod of !copypasta@lemmy.ml I think

Edit: no !copypasta@sh.itjust.works

[–] nightwatch_admin@feddit.nl 3 points 1 week ago (1 children)

You are safe, it’s someone else

[–] LodeMike@lemmy.today 3 points 1 week ago

See edit

[–] Sickos@hexbear.net 16 points 1 week ago

wild doomer speculationOh, oh shit this might be followed by a play to make it illegal to report vulnerabilities to other countries.

[–] mannycalavera@feddit.uk 35 points 1 week ago (1 children)

The program will be picked up by others in the fullness of time. It's a shit move, for sure, but I bet the calculus here is that the US will still benefit from someone else doing the hard work but without paying for it.

The only thing the US loses here is prestige. And I'm totally fine with that.

[–] Franklin@lemmy.ca 14 points 1 week ago* (last edited 1 week ago) (1 children)

i don't think so, the reality is the scale of these programs often benefit from the reach and predictable finding government provides.

it's the same reason that foreign charities for medicine are most effective when done at a government level.

[–] mannycalavera@feddit.uk 2 points 1 week ago (1 children)

You don't think the program will be picked up by another government actor? It's only the US that can do this?

Hmmm 🤔. I think that given how important the work is some other government organisation will absolutely pick up the work if the US want to wash their hands of it.

[–] Franklin@lemmy.ca 6 points 1 week ago (1 children)

sorry I thought you meant it would be picked up by the private sector I merely misunderstood

[–] mannycalavera@feddit.uk 3 points 1 week ago

Ahh no worries ☺️. All good.

[–] Sickos@hexbear.net 9 points 1 week ago

It's back https://www.techradar.com/pro/security/funding-for-the-critical-cve-security-detection-system-renewed-just-hours-before-deadline