Security

The US National Vulnerability Database has slipped from a dull but dependable piece of security plumbing into a sputtering liability. Enrichment of CVEs has stalled, backlogs have exploded, and defenders are left with raw identifiers instead of usable intelligence. This collapse is not accidental, it is the predictable result of political austerity, funding cuts, and a fixation on flashy science over unglamorous infrastructure. In other words, the pipes have burst while Washington debates whether water is really a priority. For security teams all over the world, the message is blunt: stop waiting for rescue. Diversify your sources, automate your own triage, build peer networks, and treat metadata as survival gear, not a luxury. ...

David Clark remembers the moment the Internet’s Pandora’s box creaked open and said, “Hello, world.” It was 2 November 1988, and the Morris Worm was slithering its way through cyberspace like a python on speed. Designed with the innocence of a curious grad student and the destruction of a cyber sledgehammer, it crashed some 6,000 machines, roughly one-tenth of the Internet at the time. Not bad for an opening act. ...