wampus
@wampus@lemmy.ca
- Comment on CVE Board members launch the CVE Foundation, a dedicated, non-profit to continue identifying vulnerabilities, after the US ended its contract with Mitre 1 week ago:
Sure, though that’s part of the problem that the States is whining about. US taxes paid for the service, which lots of other nations/foreign companies used.
Things like Libraries require taxes to operate. You’d likely be annoyed if you were struggling, and then found out your gov was using your taxes to pay for a bunch of foreign countries to have libraries. And then you find out that those foreigners are able to use those libraries to make good money, which they don’t use to support their libraries, cause the States is already covering it. So you’re paying taxes, and struggling to do so, so that EU companies can reap profits and live comfy.
And yes, charge a fee. That’s basically what I’ve said, no? That there’s a value add, and that there are ‘professionals’/companies using it who aren’t paying for that value add. So something like a fee for frequent pulls against the vuln feeds, to replace whatever funding the US gov was giving, would make sense to me. though I suppose this has now been kicked down the road till next year.
- Comment on CVE Board members launch the CVE Foundation, a dedicated, non-profit to continue identifying vulnerabilities, after the US ended its contract with Mitre 1 week ago:
Yeah, but that’s sort of the point I was making… it was a data repository used by “thousands and thousands” of security professionals and organizations. So people who were generating revenue off of the service. I mean, they’re professionals, not hobbyists / home users.
I’m not an American, but in terms of everything running like a company/for profit, I’d say that its best if things are sustainable / able to self-maintain. If the US cutting funding means this program can’t survive, that’s an issue. If it has value to a larger community, the larger community should be able to fund its operation. There’s clearly a cost to maintaining the program, and there are clearly people who haven’t contributed to paying that cost.
In terms of going back to whatever, the foundation involved is likely to sort out alternative funding, though potentially with decreased functionality (it sounds like they had agreements to pay for secondary vulnerability report reviews, which will likely need to get scaled back). Maybe they’ll need to add in a fee for frequent feed pulls, or something similar. I wouldn’t say it’s completely toast or anythin just yet.
- Comment on CVE Board members launch the CVE Foundation, a dedicated, non-profit to continue identifying vulnerabilities, after the US ended its contract with Mitre 1 week ago:
I’m honestly not totally sure what to think about this one, though I recognise that it’s a big shift/likely a negative overall result.
Reason I’m humming and hawing, is that there are lots of expensive cybersecurity type ‘things’ that rely on the CVE system, without explicitly paying in to that system / supporting it directly, from what I recall / have seen. Take someone like Tenable security, who sell vulnerability scanners that extensively use/integrate with the CVE/NVD databases… companies pay Tenable huge amounts of money for those products. Has Tenable been paying anything into the ‘shared’ public resource pool? How about all those ‘audit’ companies, who charge like 10-30k per audit for doing ‘vulnerability / penetration tests’.
IT Security has been an expensive/profitable area for a long time, while also relying on generally public/shared resources to facilitate a lot of the work. Maybe an ‘industry’ funded consortium is the more appropriate way to go.
- Comment on Should visitors to a country (tourist / visa-holders / people staying temporarily) have the right to criticize the government? When should an immigrant have the right to criticize the government? 2 weeks ago:
Lots of people seem to think it’s either or, and it really shouldn’t be, in my view. (I’ll note I’m canadian, since it seems to matter to some these days).
The argument that foreigners shouldn’t be allowed to protest is to me somewhat valid, but with a bunch of reservations. Peaceful protests, publishing op eds, (obviously) University papers, online posts, and other ‘regular’ forms of expression I’m totally in agreement that they should be allowed to express themselves/participate.
But we’ve also seen cases in Canada where our immigration levels got so high, that we literally had CCP organized protests in favour of a detained Chinese CCP Billionaire, as well as the tearing down of “peaceful protests”/awareness things in regards to HongKong and the crack down the CCP did there. We’ve seen large, organized groups of Indian students – their messages of “go get free food” being amplified by foreign controlled social media – draining our food banks dry, the loss of that social support helping to fuel class conflicts and increased animosity towards Indian people as a demographic. We’ve seen ‘protests’ leveraged by foreign powers to sow discontent and animosity intentionally, and/or to control the narrative around news stories.
And that’s really no surprise: one of the stated methodologies of authoritarian regimes, for attacking democracies, is to basically sow civil unrest through the amplification of contested issues/topics. They’ll amplify/fund controversial right-wing and left-wing viewpoints in order to cause internal conflict. They’ll hype up race conflicts. Like how the majority of people are totally fine saying both “Hamas is bad” and “Israel’s genocidal actions in gaza are bad”, but somehow it’s always framed as just a 2 sided thing where you’re on one side or the other, is great for authoritarians: why fight a democracy, when you can make it fight itself. If we’re accepting Students/people from authoritarian regimes, we have to be realistic in acknowledging many of these people will share the regimes beliefs, and will be actively working against our governments / peoples. They aren’t the stereotypical refugee seeking a better/freer life, but rather people with malicious intentions and a desire to disrupt.
So I’m fine with such people having visas and non-permanent citizenship revoked if the person’s involved in criminal activity (violent protests), and/or if they’re a primary organizer/instigator/funder of such things, or (as was the case with some ‘student’ groups in Canada) they’re actively coordinating their protests with foreign embassies/agents. I’d also be in favour of increased scrutiny of people from such regions when it comes to long term stays / partial immigration (where they don’t renounce their former non-democratic country). Lots of countries also expect singular citizenship, I see no particular issue with western democracies at least requiring that their citizens not support/be registered citizens of authoritarian dictatorships. If you want to live in an egalitarian/democratic country, you shouldn’t be supportive of authoritarian autocracies/dictatorships.
And again, similar to the note about ‘one side or the other’, in terms of free speech, most folks generally recognise that there are some reasonable restrictions / repercussions involved with it. Hate speech, explicitly calling for the killing of some group of people or what have you, clearly not a ‘right’ for most sane people – at least, not one that wouldn’t come with consequences. In the same way that the left is fine boycotting Musk for his Nazi salutes (he’s free to express himself as a Nazi, and other people are free to take issue with that / not support him because of it), foreigners explicitly challenging the existing norms of society should be prepared for potential consequences if they do so in a manner deemed inappropriate.
- Comment on I mean......if you really think about it..... 3 weeks ago:
You’d have to gender swap all the non Fry characters into obsessed sex addicts wanting to jump Fry.
- Comment on IRS braces for $500bn drop in revenue as taxpayers skip filings in wake of DOGE cuts 4 weeks ago:
I don’t disagree with you – I believe their line of reasoning was along the lines of getting all the operating funds needed for the ‘government’ from revenue generated from tariffs. One reason for aggressively slashing social support systems could be that they want to shift people’s dependency for those programs more directly to corporate interests such as Google and Apple – many tech companies have ‘interests’ in the medical field after all. The one area they would likely still want to maintain govt functions in, are military in nature – the theory is that they want what are essentially geo-distant corporate city states that are connected via the internet, and protected by orbital weaponry / nuclear arms. Setting up a few blocs of this nature, and having them constantly feign conflicts with each other, will help to keep people placated as well, in a sort of horribly Orwellian sense. That sort of concern isn’t really something for the ultra wealthy to be bothered by though, which’s one reason oligarchies are so dangerous.
Still looks like the USA is sorta heading in that direction a bit, though obviously any of my musings are just guesses based on conspiracy theories I find plausible – so I doubt it’d play out that way any time soon or anything. If there were ‘real’ flags of that sort of thing being imminent, I imagine some people in the govt would be making even more noise to us commoners, hah.
- Comment on IRS braces for $500bn drop in revenue as taxpayers skip filings in wake of DOGE cuts 4 weeks ago:
And loss of trust / stability of the government makes the tech industry’s push for corporate controlled ‘freedom cities’ much easier to get agreement on, allowing America’s rich oligarchs to quite literally establish their own baronies ;P
- Comment on IRS braces for $500bn drop in revenue as taxpayers skip filings in wake of DOGE cuts 4 weeks ago:
I seem to recall hearing Trump officials/project2025 sorts say they wanted to do away with income tax, replace it with tariffs. So, I mean, the IRS falling apart and not being able to collect income tax is sorta… on the roadmap, isnt it? Like issuing this warning is prolly just gonna be taken as a goal milestone achieved on the plan… ??
- Comment on Discord going public. Plz help a future refugee. 5 weeks ago:
Thanks, appreciated.
- Comment on Discord going public. Plz help a future refugee. 5 weeks ago:
Silly question perhaps, but I haven’t tripped across it on the site for Revolt – is there a relatively straight forward server version for self-hosting, or is it just that the source is on github and you can compile it in theory if you feel like goin through that process… ?
- Comment on Digg is about to be rebooted. Thoughts? 1 month ago:
Reddit’s seeing membership outflows resulting from their more draconian policies. Reddit boss restarts a competitor platform so that he can try and recapture users by owning his own competition, while trying to pretend like there’s no conflict.
idk. Seems pretty suspect to me. Lemmy seems ‘ok’ for news aggregation, and it has a more community / local vibe to it. For example, I can have more confidence that the feeds I see on Lemmy.ca are more controlled / accountable to Canadians, rather than the heavily Americanized subs that exist in Reddit. And I can pick and choose which other subs to see, with better understanding of the likely biases that I’ll encounter. This sort of end user transparency is really refreshing, especially given the burbling propaganda war being waged by the Americans at present against Canada.