FOR IMMEDIATE RELEASE
April 16, 2025
CVE Foundation Launched to Secure the Future of the CVE Program
[Bremerton, Washington] – The CVE Foundation has been formally established to ensure the long-term viability, stability, and independence of the Common Vulnerabilities and Exposures (CVE) Program, a
Which…is absolutely wild. The government should absolutely be funding vulnerability research. If anything so that they can exploit them.
But I suspect they are taking the corporate approach. The foundation is going to do the research anyway and publish it widely. Just take advantage while adding nothing of value in return.
Even corporations understand the value of having a seat at the table. A significant reason for corporate sponsorship of standards groups and such is so that if it comes up, they have a person there who can argue for their interests.
Not even in an interesting or corrupt way.
“Our engineers think it would be better to do it this way, any objections?” And then everyone talks about it.
Leaving means you only get to use what others put together. If your needs don’t fit you just have to cope.
Corporations love getting stuff for free, but if all it takes to solve a technical problem is cash, that’s great too. Cash is a better way to solve a technical problem than time and engineers.
Not even in an interesting or corrupt way. “Our engineers think it would be better to do it this way, any objections?” And then everyone talks about it.
And this was the mental roadblock I hit trying to imagine a world without lobbyists.
As if we could ignore every voice with some connection to a profit motive (ignoring thousands of experts), etc
In an ideal world it would be much closer to how the standards committees work. The issue isn’t people sharing their opinions and desires for how the system should work, it’s when they use inequitable means to bias the decision. My industry, security, has lobbied for official guidelines on security requirements for different situations. Makes it easier to tell hospitals they can’t have nurses sharing login credentials: government says that’s bad, and now your insurance says it’s a liability.
The problem is that lobbying too often comes with stuff like a “we’re always hiring like minded people at our lobbying firm, if you happen to find yourself in the position to do so, give us a call.”.
It’s too easy for people with a lot of money to make their voices more heard.
It’s not that the wealthy and business interests should be barred from sharing opinions with legislators, it’s that “volume” shouldn’t be proportional to money. My voice as a person who lives near a river should be comparable to that of the guy who owns the car wash upstream when it comes to questions of how much we care about runoff going into the river.
Exactly. We need to get money and promises out of lobbying. You should merely be allowed to explain the problems or benefits of a bill/law, realistic consequences, and proposed solutions.
Lobbyists aren’t inherently bad. The problem is lack of transparency and controls. Without effective controls of course a corporation with millions to spend will always have the upper hand over some NGO that lobbies for the common good.
Which…is absolutely wild. The government should absolutely be funding vulnerability research. If anything so that they can exploit them.
But I suspect they are taking the corporate approach. The foundation is going to do the research anyway and publish it widely. Just take advantage while adding nothing of value in return.
God I hate this fucking timeline.
Even corporations understand the value of having a seat at the table. A significant reason for corporate sponsorship of standards groups and such is so that if it comes up, they have a person there who can argue for their interests.
Not even in an interesting or corrupt way.
“Our engineers think it would be better to do it this way, any objections?” And then everyone talks about it.
Leaving means you only get to use what others put together. If your needs don’t fit you just have to cope.
Corporations love getting stuff for free, but if all it takes to solve a technical problem is cash, that’s great too. Cash is a better way to solve a technical problem than time and engineers.
And this was the mental roadblock I hit trying to imagine a world without lobbyists.
As if we could ignore every voice with some connection to a profit motive (ignoring thousands of experts), etc
Well said!
Yeah, the lobbying question is a complicated one.
In an ideal world it would be much closer to how the standards committees work. The issue isn’t people sharing their opinions and desires for how the system should work, it’s when they use inequitable means to bias the decision. My industry, security, has lobbied for official guidelines on security requirements for different situations. Makes it easier to tell hospitals they can’t have nurses sharing login credentials: government says that’s bad, and now your insurance says it’s a liability.
The problem is that lobbying too often comes with stuff like a “we’re always hiring like minded people at our lobbying firm, if you happen to find yourself in the position to do so, give us a call.”.
It’s too easy for people with a lot of money to make their voices more heard.
It’s not that the wealthy and business interests should be barred from sharing opinions with legislators, it’s that “volume” shouldn’t be proportional to money. My voice as a person who lives near a river should be comparable to that of the guy who owns the car wash upstream when it comes to questions of how much we care about runoff going into the river.
Exactly. We need to get money and promises out of lobbying. You should merely be allowed to explain the problems or benefits of a bill/law, realistic consequences, and proposed solutions.
👏
Lobbyists aren’t inherently bad. The problem is lack of transparency and controls. Without effective controls of course a corporation with millions to spend will always have the upper hand over some NGO that lobbies for the common good.
If you listen closely, you can hear the heads of NSA people banging on their desks because of the funding stop
No one said they weren’t funding vulnerability research anymore. They just weren’t going to share the information.