| website | https://mbauman.com |
This. Earnestly! Also, https://xkcd.com/977/
*edited to add: this was written in reply/quoting another post but I deleted the quote in order to insert the image, and the association was lost. I can't find the original post. Apologies. Left up because funny in its own right.
And that's not even getting into all the security vendors themselves. And it's missing cvelistv5.
Is there a consensus on who is doing the best job at adding/providing the enriched product/version information in a timely manner? I wanna subscribe to that feed!
OK #infosec folks. Has anyone put together a map of the #cve data ecosystem? It's a wild world. There's:
* MITRE's CVEs (pretty much just the identifier and unstructured text)
* NIST NVD's enriched CVEs (with product and version info)
* CISA's vulnrichment (similar)
* EUVD (similar?)
* GitHub's advisory DB (sometimes pushing to, sometimes pulling from the above DBs, sometimes with ecosystem info)
* Package manager advisory dbs (with their own versions)
* OSV.dev, pulling from all of the above?
"The last time the National Guard was activated without a governor’s permission was in 1965, when President Lyndon B. Johnson sent troops to protect a civil rights march in Alabama."
What a painful mixture of irony and tragedy.
I sent eight letters certified mail to the credit agencies a month ago, and so far I’ve gotten five responses:
- two agencies gave me ten digit pins that I’ll need to store for 15+ years I guess
- one agency said I didn’t give the right information (even though I sent all the same copies to everyone)
- one agency misspelled my daughters name wildly (think “Jjane”) everywhere. So did that work? Who knows.
- still waiting for three more responses even though they sent one for the other kid
Is anyone else struggling to put freezes on their kids’ credit after the #ChangeHealthcare security failure?
A company — of whom I’m not a customer and didn’t even know of — handled my 2 & 6 year old’s SSNs and PII negligently, and so now the best option I have (I guess?) is to send their birth certificates & SSN cards (and mine) to 4 other companies of whom I’m also *not a customer*. The only reason I can is due to the FCRA.
What a brilliant example of American Corporate Capitalism at work.
„I created a list of 19 ways that the Nazis pushed Jews out of society between 1933 and 1939, paving the way for the “Final Solution.” They banned Jewish people from schools and universities, from the civil service, and from the media. They made it illegal for them to participate in sports, kicked them out of the military, and denied them state funded health care.“
„By my count, Republicans today are attempting to achieve all 19 but attacking trans people instead.“
https://www.damemagazine.com/2025/04/29/why-i-am-leaving-the-usa/
My family is fleeing the country. We are not doing this in a panic; this is an orderly retreat from an unwinnable situation. We are slowly but surely packing up and emptying out our house. Instead of planning summer vacation and planting flowers, we're tackling a mountain of overdue home repairs, painting, carpeting, and deep
I'm bummed to see all the #fosstodon drama. As someone who does some moderation work, I can definitely appreciate the amount of highly taxing and emotional work that it entails, and I'm very sorry that it burned out Kev and Mike.
I myself have jumped ship. Yes, there's the recent drama, but I really only have two core motivations for doing so:
1. Stability
2. I had never really processed what the "no advocacy" rule actually meant in practice. And I don't like how it _could_ be (ab)used.
doboprobodyne
Jon Udell
Felix Reda