this post was submitted on 16 Apr 2025
788 points (99.6% liked)

Technology

68918 readers
4032 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
788
CVE Board members launch the CVE Foundation, a dedicated, non-profit to continue identifying vulnerabilities, after the US ended its contract with Mitre (www.thecvefoundation.org)
submitted 3 days ago by Tea@programming.dev to c/technology@lemmy.world
44 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] FauxLiving@lemmy.world 6 points 2 days ago

The CVE system protects everyone that uses computers. It is a public service that forms the core of cybersecurity in the US and many other places. It does not cost the database any more money if people use it to provide services to clients.

Letting a private corporation take it over and put it behind a paywall now means that security, like so many other things, will only be available to people with money. It will make software and hardware more expensive by adding yet another license fee or subscription if you want software that gets security updates.

In addition, a closed database is just less useful. This system works because when one person notifies the system of an exploit then every other person now knows. That kind of system is much higher quality if you have more people that are able to access it.

An industry being created and earning money by providing cybersecurity services shows how useful such a system is for everyone. There are good paying jobs that depend on this data being freely available. New startups only need to provide service, they don't need to raise the funds to buy into the security database because it is a public service. They also pay taxes (a significant amount if they're charging $30,000 per audit), more than enough profit for the government to operate a database.