309

CVE program (lemmy.ml)

submitted 2 weeks ago* (last edited 2 weeks ago) by cypherpunks@lemmy.ml to c/memes@lemmy.ml

20 comments fedilink hide all child comments

References:

top 20 comments

sorted by: hot top controversial new old

[-] Sickos@hexbear.net 59 points 2 weeks ago* (last edited 2 weeks ago)

Ooooooooooooooooooh shiiiiiiiiiiit that's not good

Like, for anybody who already understands that everything to do with computers talking to each other is basically held together with spit and tape, they're defunding the tape

CVE is THE definitive central source for "fix this potential hack now plz"--at least for things the US thought was too dangerous to keep secret for their own sneaky purposes. Oldheads may remember getting alerts from CERT.

I assume, being a public-facing service, that it wasn't profitable and therefore it's inefficient.

Like, EU CVD/CSIRT will undoubtedly step in to close that gap, but burning this is insane.

[-] Sickos@hexbear.net 41 points 2 weeks ago

This is sticking your dick in a toaster levels of stupid

[-] LodeMike@lemmy.today 20 points 2 weeks ago

https://theonion.com/elon-musk-rushed-to-hospital-after-attempting-to-impreg-1851106889/

[-] Sickos@hexbear.net 11 points 2 weeks ago

he-laughed this must have been embedded in my subconscious

[-] LodeMike@lemmy.today 5 points 2 weeks ago

[-] nightwatch_admin@feddit.nl 5 points 2 weeks ago

!AccidentallyNotTheOnion@feddit.nl

[-] LodeMike@lemmy.today 3 points 2 weeks ago

No posts :3

[-] nightwatch_admin@feddit.nl 3 points 2 weeks ago

Sorry. A community like that would have a place these days, right?

[-] LodeMike@lemmy.today 2 points 2 weeks ago

IDK.

I'm saying "make the first post"

[-] nightwatch_admin@feddit.nl 4 points 2 weeks ago

What, and end up a Mod? No thanks

[-] LodeMike@lemmy.today 2 points 2 weeks ago* (last edited 2 weeks ago)

I'm the mod of !copypasta@lemmy.ml I think

Edit: no !copypasta@sh.itjust.works

[-] nightwatch_admin@feddit.nl 3 points 2 weeks ago

You are safe, it’s someone else

[-] LodeMike@lemmy.today 3 points 2 weeks ago

See edit

[-] Sickos@hexbear.net 16 points 2 weeks ago

wild doomer speculation

Oh, oh shit this might be followed by a play to make it illegal to report vulnerabilities to other countries.

[-] mannycalavera@feddit.uk 35 points 2 weeks ago

The program will be picked up by others in the fullness of time. It's a shit move, for sure, but I bet the calculus here is that the US will still benefit from someone else doing the hard work but without paying for it.

The only thing the US loses here is prestige. And I'm totally fine with that.

[-] Franklin@lemmy.ca 14 points 2 weeks ago* (last edited 2 weeks ago)

i don't think so, the reality is the scale of these programs often benefit from the reach and predictable finding government provides.

it's the same reason that foreign charities for medicine are most effective when done at a government level.

[-] mannycalavera@feddit.uk 2 points 2 weeks ago

You don't think the program will be picked up by another government actor? It's only the US that can do this?

Hmmm 🤔. I think that given how important the work is some other government organisation will absolutely pick up the work if the US want to wash their hands of it.