Because vulnerability management has nothing to do with national security, right?
Updated to add at 1700 UTC, April 16
In an 11th-hour reprieve, the US government last night agreed to continue funding the CVE program.
Not sure how much more whiplash I can take…
They want us to all tune out. This is all by design so we don’t know what’s real or not anymore, then they can get away with even more and nobody will care.
This is what they’ve been doing for years and years, this is just more of the same.
I’m not sure about “they” the US government, but it’s absolutely a Russian/ Authoritarian state playbook.
Oh absolutely 100% this has had foreign involvement, the KGB handbook (literally) describes how to plant chaotic agents into a democratic nation’s population to boost both sides of every social debate or argument. The digital age made this the easiest tactic in the world and every nation that’s been “annexed” by Russia experienced this sowing of absolute weaponized bullshit and hate.
edit: several tankies follow me around downvoting my every comment and throwing tankie memes at me because they seeth when someone says that Russia did a bad thing. It’s quite charming, they can’t do much else because they’re blocked.
1000%
I think a lot of it is to get and propogate misinformation because some people won’t hear about the 180s and still talk about as if they happened
someone told them what the acronym really meant, musta thought it was an EV credit or something
Why should something of this importance be entrusted to a single government anyways, shouldn’t it be distributed/decentralized?
We as a society need to start defining our damn acronyms. Stop assuming everyone knows what every acronym is, because they do not.
Lucky for you the linked article explains the acronym!
Wait, you’re not one of those people who only reads headlines, are you?
ISWYMBIHTD
“I see what you mean but I have to disagree”?
TYVM
NP, TTYL
IWHBYD
“I would have, but you died”? :D
I would have been your daddy…
It’s an old Halo CE reference that gets shortened to that acronym a lot.
okay, but pretty much anyone in software knows what CVE means, and anyone outside of software doesn’t need to know what CVE means… it’s almost as common in the professional context as CPU
CPU = Chief Party Unicorn
Yup. If you touch anything related to security, you know what a CVE is.
Yeah, like several other people on the internet I’m not American, so I have no idea what this is about.
I’m not American, but CVE’s absolutely form the cornerstone of IT security, and are the trusted keystone of industry security globally.
Ikr?
fr fr
GCVE is more confusing if anything
False alarm
Updated to add at 1700 UTC, April 16 In an 11th-hour reprieve, the US government last night agreed to continue funding the CVE program.
What a stable government
stable geniuses
I don’t think it’s a false alarm, in the sense that it is totally reasonable to be alarmed. They are cutting crucial stuff before they know what it is. There are a lot of things being cut where we’re only going to understand the impact years from now.
Sure, but there’s a limited bandwidth for people’s intake of information. This in particular is no longer a cause for alarm.
Are you guys free yet?
It’s because the entire administration is a vulnerability
They dont want national security.
They want to steal your property and destroy the country so they can reform it in their image.
Rather they want new vulnerabilities to go right to the market and remain unknown for longer, because that makes the surveillance and other criminal activity by the government easier.
deleted by creator
My European friends here: do whatever you can to make EUVD a viable alternative. It’s a vulnerability database led by the European Union Agency for Cybersecurity enisa. Since their website is relatively new, you can help by providing feedback though this survey. Yes, the CVE funding has been continued for another year. But a sustainable approach to vulnerability management cannot be dependent on a single government-owned / funded entity any longer! I wish the board members all the best in transferring CVE to a new umbrella organization, but now is a great time to also consider global alternatives.
Oh my God, and then I think of all the hundreds of thousands of veterans who voted for Trump. You did a great job.
Terrifying. Unfortunately it’s difficult to explain to laypeople why the CVE system is so important. Our nation’s leaders certainly won’t get it. Hopefully the experts are able to get through to them when it’s time to renew again. And maybe we can reduce our government dependence a bit by then.
So either the EU steps up and funds them until the administration tariffs the EU until they stop.
Or we rely on the big tech companies to step up and fund them and risk pissing off the administration.
Honestly the only way I see them coming back is either up root their lives and move to the EU with a funding guarantee, or the EU just sets up their own program.
😳 Is the program entirely funded by the US government?
What can EU and other governments/businesses do about this? Or what are they doing?
Yet another great decision by our benevolent leadership
Oh, there goes the majority of the cybersec vulnerability disclosure space
This is the platform most of the world uses to keep track of publicly known vulnerabilities
