Trump administration decides to fund CVE cybersecurity tracker after all (www.theverge.com)
from zaxvenz@lemm.ee to technology@lemmy.world on 16 Apr 15:25
https://lemm.ee/post/61508859

The government will continue funding the Common Vulnerabilities and Exposures (CVE) program. In a statement to The Verge, US Cybersecurity and Infrastructure Agency (CISA) spokesperson Jared Auchey said it “executed the option period on the contract to ensure there will be no lapse in critical CVE services” last night.

archive.ph/V7zF4

#technology

threaded - newest

gibmiser@lemmy.world on 16 Apr 15:45 next collapse

I guess they’d rather have control than let it become nonprofit

Rooskie91@discuss.online on 16 Apr 15:51 next collapse

Lol what a clown show

pdxfed@lemmy.world on 16 Apr 17:10 collapse

Clown shows can be funny. This is like watching pallbearers drop caskets at a children’s hospital funeral.

henfredemars@infosec.pub on 16 Apr 16:00 next collapse

🩴

kubica@fedia.io on 16 Apr 16:09 next collapse

I hope the alternative new foundation comes on top.

Edit: I found a link with more info. https://www.heise.de/en/news/After-the-impending-CVE-ban-EU-vulnerability-database-goes-live-10354564.html

withabeard@lemmy.world on 16 Apr 16:16 next collapse

At this point … what stops the CVE foundation moving on as a foundation and working to find an alternative funding model?

Maestro@fedia.io on 16 Apr 17:07 collapse

Nothing. They should do exactly that. As usual the US government has proven that it cannot be trusted or relied on.

vermaterc@lemmy.ml on 16 Apr 17:40 collapse

So… the US government doesn’t have to fund it anymore? So that is an advantage for them in this situation, what is the disadvantage? Or was that their goal all along?

taladar@sh.itjust.works on 16 Apr 19:26 collapse

Usually the goal when funding stuff like this is to buy some influence to control major decisions. I wouldn’t put it beyond an independent foundation, to take just one example, to drastically reduce the deadlines between confidential disclosure and public release where some government or corporate controlled organization might set some that are more made for the slow speed of large org bureaucracy.

Warl0k3@lemmy.world on 16 Apr 16:16 next collapse

I know it’s the whole point of them doing this shit but it’s getting so hard to cope with the constant fucking around. What in the fuck are we going to do? At least for now they’ve realized how spectacularly stupid this move was, I guess.

salacious_coaster@infosec.pub on 16 Apr 17:11 next collapse

They’re scream testing the whole government, one piece at a time.

cellardoor@lemmy.world on 16 Apr 17:12 next collapse

Too little too late. The CVE Foundation is now a thing. Link

db2@lemmy.world on 16 Apr 19:12 collapse

I hope they don’t drop it now.

autocorrect is so worthless now

twinnie@feddit.uk on 16 Apr 17:53 next collapse

There’s already alternatives, why not just let them take over? Trump complained about the US giving up DNS, now he’s complaining about CVE. He wants to control everything but doesn’t want to pay for it.

Gerudo@lemm.ee on 16 Apr 18:42 next collapse

I can’t keep going to the doctor with all this whiplash.

gargolito@lemm.ee on 17 Apr 03:06 next collapse

I always wanted to learn how to bankrupt more than one casino. Now I know.

Itdidnttrickledown@lemmy.world on 17 Apr 03:16 collapse

Flip Flop 47 is at it again.