America's cyber defenses are being dismantled from the inside

Original Article ↗ Hacker News Discussion ↗

Why the US Was Funding CVE

  • Several commenters argue the US funded CVE to be a “first mover” and de facto global leader in vulnerability coordination, gaining reputation and influence at low cost.
  • Others question why a single, politically unstable country should control a global reference system; from abroad, this looks risky, and they’d expect other states to build alternatives.

“World Leader” vs “Leader of the Free World”

  • Long subthread debates whether the US has ever explicitly claimed to be “leader of the world” versus “leader of the free world.”
  • One side calls the distinction pedantic and says US power and military dominance effectively made it the world leader.
  • The other side insists the broader “world leader” rhetoric is ahistorical and now being retrofitted to justify global public‑goods spending.

Cost, Value, and Governance of CVE

  • $50M/year is seen by some as trivial compared to overall US budgets and a bargain for a single global vulnerability namespace.
  • Others note reports that CVE was slow, backlogged, and poorly run, and argue that its effectiveness, not just its existence, should be scrutinized.
  • There’s disagreement whether control of CVE is mainly reputational or also strategically valuable as “the world’s inbox for 0‑days.”

Motives for Dismantling: Bungling vs Intent

  • One camp sees this as penny‑wise, pound‑foolish cost‑cutting by people who don’t understand cybersecurity but reflexively slash anything “international.”
  • Another sees deliberate sabotage: dismantling civil cybersecurity and institutions (CVE, CISA, NIST, IRS, EPA) to weaken the state, enrich a global billionaire class, and pave the way for authoritarian “strong‑man” solutions.
  • Some connect this to patterns of Russian state–organized‑crime fusion and to broader “accelerationist” ideology.

Alternatives: UN, EU, Private Sector, Decentralization

  • Suggestions include moving CVE to the UN, building multi‑national or EU‑led databases, or fully decentralizing so no single state can shut it down.
  • Skeptics note US hostility to the UN and lack of prior planning; cutting first, coordinating later is seen as evidence the current move is not about orderly internationalization.
  • There is cautious support for diversifying funding (e.g., new CVE foundations) but concern that purely private replacements will cost more and deliver less.

Security, Public Awareness, and Politics

  • Multiple commenters argue that gutting these programs does not help Americans and may expose US infrastructure and businesses to greater risk and foreign influence.
  • Others downplay immediate practical impact, saying the private sector and other countries will fill gaps, though likely with short‑term disruption.
  • A recurring thread laments that partisan media ecosystems leave many voters unaware of these moves, focusing instead on culture‑war topics.