top | item 43771672

(no title)

mfer | 10 months ago

To play devils advocate here, a thought comes to mind...

Should the US be the one to handle the CVE database globally? The current administration wants to see other parts of the world help carry the load. A little scare could be the push needed to make this either distributed or handled by a coalition. This could be a positive for the US (who doesn't want to be the sole funder) and for those who don't want the US to have sole control.

discuss

jwagenet|10 months ago

As with many other cuts and activities by the administration, it’s not that some programs don’t deserve scrutiny, but that the cuts are careless and shortsighted.

XorNot|10 months ago

Well, and also irrelevant. The budgetary numbers this is being claimed to be in service too will not be reached even if you dismantled every single program like this and all the related ones.

It's the equivalent of taking a day off work to haggle over the price of a bus ticket.

thesuitonym|10 months ago

Your premise is flawed. Reframe the question like this: Should the US be the sole arbiter of software vulnerabilities? Absolutely not! But that doesn't mean the US should cut off the spigot. Other countries should start their own version of CVE, so they can check each other's work, and disclose vulnerabilities that certain governments may desire to keep secret.