I am genuinely sick of seeing all the US political news on Tildes, especially because of the sheer volume of it being submitted lately and how depressing it all is. The creation of ~society was a decent compromise since at least it keeps all the politics topics contained in one group, but it's still not ideal, IMO.

I don't want to totally unsubscribe from ~society since, for the most part, I do actually enjoy reading about societal level events/issues around the world. I don't want to have to click 'Ignore' on every single topic about US politics, since there are a lot of them being submitted. And I don't want to filter out absolutely all 'politics' from my front page either though, which is currently my only other option since we can't yet filter tags by multiple criteria (e.g. filtering topics that only contain 'politics' AND 'usa').

So I propose that we start using a 'politics.usa' tag, even though it's a bit redundant, so that US politics can be specifically filtered out by people like myself that want to avoid seeing such topics. Thoughts?

I am going to be in Minneapolis soon and I have 1 free day which I want to spend going to local bookstores. Does anyone have a favorite local store in the city? I particularly like going to bookstores with good SFF sections, and also lots of book club/staff picks; and also to used bookstores with good SFF fictions. It's my first time in Minneapolis so every local bookstore there will be new to me!

A letter to CVE board members posted to bluesky a few hours ago reveals that MITRE funding for the Common Vulnerabilities and Exposures (CVE) program is about to expire. Haven't found any good articles that cover this news story yet, but it's spreading like wildfire over on bluesky.

Of course this doesn't mean that the CVE program will immediately cease to exist, but at the moment MITRE funding is absolutely essential for its longterm survival.

In a nutshell CVEs are a way to centrally organize, rate, and track software vulnerabilities. Basically any publicly known vulnerability out there can be referred to via their CVE number. The system is an essential tool for organizations worldwide to keep track of and manage vulnerabilities and implement appropriate defensive measures. Its collapse would be devestating for the security of information systems worldwide.

How can one guy in a position of power destroy so much in such a short amount of time..? I hope the EU will get their shit together and fund independent alternatives for all of these systems being butchered at the moment...

Edit/Update 20250415 21:10 UTC:
It appears Journalist David DiMolfetta confirmed the legitimacy of the letter with a source a bit over an hour ago and published a corresponding article on nextgov 28 minutes ago.

Edit/Update 20250415 21:25 UTC:
Brian Krebs also talked to MITRE to confirm this news. On infosec.exchange he writes:

I reached out to MITRE, and they confirmed it is for real. Here is the contract, which is through the Department of Homeland Security, and has been renewed annually on the 16th or 17th of April.
MITRE's CVE database is likely going offline tomorrow. They have told me that for now, historical CVE records will be available at GitHub, https://github.com/CVEProject

Edit/Update 20250415 21:37 UTC:
Abovementioned post has been supplemented by Brian Krebs 5 Minutes ago with this comment:

Hearing a bit more on this. Apparently it's up to the CVE board to decide what to do, but for now no new CVEs will be added after tomorrow. the CVE website will still be up.

Edit/Update 20250416 08:40 UTC:
First off here's one more article regarding the situation by Brian Krebs - the guy I cited above, as well as a YouTube video by John Hammond.

In more positive news: first attempts to save the project seem to emerge. Tib3rius posted on Bluesky about half an hour ago, that a rogue group of CVE board members has Launched a CVE foundation to secure the project's future. It's by no means a final solution, but it's at least a first step to give some structure to the chaos that has emerged, and a means to manage funding from potential alternative sources that will hopefully step up to at least temporarily carry the project.

Edit/Update 20250416 15:20 UTC:
It appears the public uproar got to them. According to a nextgov article by David DiMolfetta the contract has been extended by 11 months on short notice just hours before it expired...

Imo the events of the past 24 hours will leave their mark. It has become very clear that relying on the US government for such critical infrastructure is not a sustainable approach. I'm certain (or at least I hope) that other governments (i.e. EU) will draw appropriate consequences and build their own infrastructure to take over if needed. The US is really giving up their influence on the world at large at an impressive pace.

Hello all, as the title implies, I will be attending my first ever large scale protest(USA based) in person.

I’m wondering if people have any advice of what to expect/do and how to stay safe ?

Thank you !

PS - was not sure where to post this.