this post was submitted on 16 Apr 2025
267 points (98.5% liked)

Technology

69109 readers
3242 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
267
Trump administration decides to fund CVE cybersecurity tracker after all (www.theverge.com)
submitted 5 days ago* (last edited 5 days ago) by zaxvenz@lemm.ee to c/technology@lemmy.world
17 comments fedilink hide all child comments
 

The government will continue funding the Common Vulnerabilities and Exposures (CVE) program. In a statement to The Verge, US Cybersecurity and Infrastructure Agency (CISA) spokesperson Jared Auchey said it “executed the option period on the contract to ensure there will be no lapse in critical CVE services” last night.

https://archive.ph/V7zF4

top 17 comments
sorted by: hot top controversial new old
[–] Rooskie91@discuss.online 90 points 5 days ago (1 children)

Lol what a clown show

[–] pdxfed@lemmy.world 31 points 5 days ago

Clown shows can be funny. This is like watching pallbearers drop caskets at a children's hospital funeral.

[–] cellardoor@lemmy.world 58 points 5 days ago* (last edited 5 days ago) (1 children)

Too little too late. The CVE Foundation is now a thing. Link

[–] db2@lemmy.world 9 points 5 days ago* (last edited 5 days ago)

I hope they don't drop it now.

autocorrect is so worthless now

[–] withabeard@lemmy.world 36 points 5 days ago (1 children)

At this point ... what stops the CVE foundation moving on as a foundation and working to find an alternative funding model?

[–] Maestro@fedia.io 38 points 5 days ago (1 children)

Nothing. They should do exactly that. As usual the US government has proven that it cannot be trusted or relied on.

[–] vermaterc@lemmy.ml 3 points 5 days ago (1 children)

So... the US government doesn't have to fund it anymore? So that is an advantage for them in this situation, what is the disadvantage? Or was that their goal all along?

[–] taladar@sh.itjust.works 17 points 5 days ago

Usually the goal when funding stuff like this is to buy some influence to control major decisions. I wouldn't put it beyond an independent foundation, to take just one example, to drastically reduce the deadlines between confidential disclosure and public release where some government or corporate controlled organization might set some that are more made for the slow speed of large org bureaucracy.

[–] gibmiser@lemmy.world 34 points 5 days ago

I guess they'd rather have control than let it become nonprofit

[–] salacious_coaster@infosec.pub 30 points 5 days ago

They're scream testing the whole government, one piece at a time.

[–] kubica@fedia.io 27 points 5 days ago

I hope the alternative new foundation comes on top.

Edit: I found a link with more info. https://www.heise.de/en/news/After-the-impending-CVE-ban-EU-vulnerability-database-goes-live-10354564.html

[–] Gerudo@lemm.ee 19 points 5 days ago

I can't keep going to the doctor with all this whiplash.

[–] henfredemars@infosec.pub 11 points 5 days ago

🩴

[–] gargolito@lemm.ee 7 points 5 days ago

I always wanted to learn how to bankrupt more than one casino. Now I know.

[–] Warl0k3@lemmy.world 9 points 5 days ago* (last edited 5 days ago)

I know it's the whole point of them doing this shit but it's getting so hard to cope with the constant fucking around. What in the fuck are we going to do? At least for now they've realized how spectacularly stupid this move was, I guess.

[–] Itdidnttrickledown@lemmy.world 5 points 5 days ago

Flip Flop 47 is at it again.

[–] twinnie@feddit.uk 5 points 5 days ago

There’s already alternatives, why not just let them take over? Trump complained about the US giving up DNS, now he’s complaining about CVE. He wants to control everything but doesn’t want to pay for it.