1114
Uncle Sam abruptly turns off funding for CVE program. Yes, that CVE program
(go.theregister.com)
Are you guys free yet?
this post was submitted on 16 Apr 2025
1114 points (98.4% liked)
Technology
68916 readers
4797 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Updated to add at 1700 UTC, April 16
In an 11th-hour reprieve, the US government last night agreed to continue funding the CVE program.
Not sure how much more whiplash I can take...
They want us to all tune out. This is all by design so we don't know what's real or not anymore, then they can get away with even more and nobody will care.
This is what they've been doing for years and years, this is just more of the same.
I’m not sure about “they” the US government, but it’s absolutely a Russian/ Authoritarian state playbook.
Oh absolutely 100% this has had foreign involvement, the KGB handbook (literally) describes how to plant chaotic agents into a democratic nation's population to boost both sides of every social debate or argument. The digital age made this the easiest tactic in the world and every nation that's been "annexed" by Russia experienced this sowing of absolute weaponized bullshit and hate.
edit: several tankies follow me around downvoting my every comment and throwing tankie memes at me because they seeth when someone says that Russia did a bad thing. It's quite charming, they can't do much else because they're blocked.
load more comments
(1 replies)
I think a lot of it is too get and propogate misinformation because some people won't hear about the 180s and still talk about as if they happened
load more comments
(1 replies)
CVE program – the centralized Common Vulnerabilities and Exposures database of product security flaws
Just in case
Edit: I'm glad I wasn't the only one that didn't know. When the headline reads like everyone should know I felt a little dumb for a second.
Thank you. I've never heard this acronym before, myself.
load more comments
(9 replies)
My European friends here: do whatever you can to make EUVD a viable alternative. It's a vulnerability database led by the European Union Agency for Cybersecurity enisa. Since their website is relatively new, you can help by providing feedback though this survey. Yes, the CVE funding has been continued for another year. But a sustainable approach to vulnerability management cannot be dependent on a single government-owned / funded entity any longer! I wish the board members all the best in transferring CVE to a new umbrella organization, but now is a great time to also consider global alternatives.
It’s because the entire administration is a vulnerability
We as a society need to start defining our damn acronyms. Stop assuming everyone knows what every acronym is, because they do not.
Lucky for you the linked article explains the acronym!
Wait, you're not one of those people who only reads headlines, are you?
load more comments
(15 replies)
REPUBLICANS. Not some nebulous "uncle sam". Republicans are turning off funding. They deserve 100% of the blame because they are 100% the cause.
Repugnicunts own the white house & house because Democraps in power didn't do their jobs the last four years. Russian influence in elections? Obvious, yet not abated by NSA. Misinformation by Fox & Facebook, X? Also obvious. Also not abated (let's go after TikTok!).
Blatant treason? No problem, we'll let him take presidency after we DON'T CHECK THE VOTING IRREGULARITIES in VOTES COLLECTED BY THE LARGEST CONTRIBUTER TO TRUMP'S CAMPAIGN.
DNC is a shit-heap.
AOC & Sanders are lovely exceptions.
load more comments
(1 replies)
load more comments
(12 replies)
It’s not Uncle Sam, or the USA shutting this down. It’s the Republican Administration. They’ve been empowered by the Republican led Congress to shut down anything it doesn’t like, understand, or benefit from.
They dont want national security.
They want to steal your property and destroy the country so they can reform it in their image.
Rather they want new vulnerabilities to go right to the market and remain unknown for longer, because that makes the surveillance and other criminal activity by the government easier.
load more comments
(1 replies)
One can only conclude that either this is the latest step in a deliberate effort to sabotage the functioning of the US (and by extension much of the west), or just another monumentally stupid idea brought to life by their limitless incompetence.
They're Russian puppets, both things are true.
I suspect that the administration that asked their people to stop focusing on Russia in the cyber space is deliberately trying to weaken our security posture in relation to said country. This confirms it. Edit: The starlink (fuck musk) leak directly to the Russians now double confirms this
load more comments
(5 replies)
Right before Windows 10 loses security updates too, what a coincidence. Wonder what the Russians are working on...
The EU needs to start planning now (well, really, needed to start planning in 2016) to replace every critical system that relies in any way on the US government.
If you think of money invested vs. return on government programs like this, the benefit is incredible. That it's being discontinued is obvious proof that the US is run by the agents of its own destruction and cannot be relied upon in any way: not as a supplier of military equipment, or information technology, or economic codependency.
They're doing so much of this shit quietly, but when you start to put each piece together it should be frightening to anyone that doesn't believe Russia is our BFF.
In late Feb, just after the whole Zelenskyy White House visit, Hegseth issued an order to Cyber Command to halt all planning against Russia including cybersecurity offensive strategies.
He gave the order to Commander Timothy Haugh, who is also head of the National Security Agency. Haugh told the outgoing director of operations, and cyber command begun putting together an official document of why this is a very bad idea.
I missed this completely until yesterday, but it turns out that Haugh and his NSA deputy were both suddenly ousted from their positions less than 2 weeks ago.
No reason was given they were just told "your services are no longer required." Apparently Laura Loomer requested Trump have them removed and made some vague accusations against them bc they had been installed under Biden.
I admit I hadn't heard of CVE program before today. Since we are BFFs now and Russia is "totally not a threat" to the U.S., I guess it's supposed to be ok because friends share everything. But wouldn't this also make us incredibly more vulnerable to China and any other country?
load more comments
(3 replies)
I was, like, w-what CVE program. I don't know of any "CVE" programs that could be shut down, so I don't know what that abbreviation refers to.
Unless...
...oh no. Fuck. The actual CVE program? And they're just gonna- Shit.
What.
How.
I don't know how many times I've said "America is fucked" when reading the news lately, and I should stop doing that, because that fact has now been so well established that there's no need to elaborate.
Oh my God, and then I think of all the hundreds of thousands of veterans who voted for Trump. You did a great job.
False alarm
Updated to add at 1700 UTC, April 16 In an 11th-hour reprieve, the US government last night agreed to continue funding the CVE program.
I don't think it's a false alarm, in the sense that it is totally reasonable to be alarmed. They are cutting crucial stuff before they know what it is. There are a lot of things being cut where we're only going to understand the impact years from now.
load more comments
(1 replies)
What a stable government
stable geniuses
Terrifying. Unfortunately it’s difficult to explain to laypeople why the CVE system is so important. Our nation’s leaders certainly won’t get it. Hopefully the experts are able to get through to them when it’s time to renew again. And maybe we can reduce our government dependence a bit by then.
For most people the consequences of this action will be too far away to understand the connection, so it's a pretty good target for the US Republican party.
2017: covfefe
2025: cvefefe
On the bright side, at least our upcoming American cyberpunk dystopia is now more likely to feature a greater prevelance of lone wolf, broke, two bit hackers as a semi-viable lifestyle/'career path'...
load more comments
(4 replies)
This has a CVE score of 10. The next Security Now podcast episode is going to be lit.
load more comments
(4 replies)
😳 Is the program entirely funded by the US government?
What can EU and other governments/businesses do about this? Or what are they doing?
Imagine being one of the tech billionaires who Trump bankrolled and he does this- basically handing out wrenches for people to throw.
Can't wait until I don't have to upgrade software anymore!
view more: next ›