I think it became inevitable that traditional ‘sites’ were going to be in trouble once AI bots gained ground. The user interface is much more organic / user friendly, given that it can be conversational.

It’s why big corps were so quick to start building walls/moats around the technology. If end users had control over what sites their AI bots used to pull information from, that’d be a win for the consumer/end-user, and potentially legitimate news sites depending on how the payment structure is sorted out. Eg. Get a personalized bot that references news articles from a curated list of trusted / decent journalist sites across a broad political spectrum, and you’d likely have a really great “AI assistant” to keep you up to date on various current events. This sort of thing would also represent an existential threat to things like Googles core marketing business, as end users could replace many of their ‘searches’ with a curated personalized AI assistant trained on just reputable sources.

Big tech wants to control that, so that they can advertise via those bots / prioritize their own agenda / paid content. So they want to control the AI sources, and restrict end users’ ability to filter garbage. If users end up primarily interacting with an AI avatar, and you can control the products / information that avatar presents, you have a huge amount of control over the individuals and their spending habits. Not much of a surprise.

It’d be cool to see a user friendly local LLM that allowed users to point it at reference sites of their choosing. Pair that with a news-site data standard that streamlines the ability to pull pertinent data, and let news agencies charge a small fee for access to those APIs to fund it a bit. Shifting towards LLM based data delivery, they could even potentially save a bit in terms of print / online publications – don’t need a fancy expensive user-facing web app, if they’re all just talking to their LLM-based model-hot AI assistant anyway.

SVB was intentionally crashed by tech bros like Peter Thiel, likely as a strategic move to lobby for change in the banking sector / to gain more access for tech companies. The bank operated in a risky space, with too high a concentration of tech bro customers. This left them exposed to Thiel and crowd going “Hey, look at the balance sheet, if we all withdrew our money at once we can pop this bank and trigger a discussion about banking regulations / reform!”.

So, no one forgot, it’s all part of the same larger plan really.

Sure, though that’s part of the problem that the States is whining about. US taxes paid for the service, which lots of other nations/foreign companies used.

Things like Libraries require taxes to operate. You’d likely be annoyed if you were struggling, and then found out your gov was using your taxes to pay for a bunch of foreign countries to have libraries. And then you find out that those foreigners are able to use those libraries to make good money, which they don’t use to support their libraries, cause the States is already covering it. So you’re paying taxes, and struggling to do so, so that EU companies can reap profits and live comfy.

And yes, charge a fee. That’s basically what I’ve said, no? That there’s a value add, and that there are ‘professionals’/companies using it who aren’t paying for that value add. So something like a fee for frequent pulls against the vuln feeds, to replace whatever funding the US gov was giving, would make sense to me. though I suppose this has now been kicked down the road till next year.

Yeah, but that’s sort of the point I was making… it was a data repository used by “thousands and thousands” of security professionals and organizations. So people who were generating revenue off of the service. I mean, they’re professionals, not hobbyists / home users.

I’m not an American, but in terms of everything running like a company/for profit, I’d say that its best if things are sustainable / able to self-maintain. If the US cutting funding means this program can’t survive, that’s an issue. If it has value to a larger community, the larger community should be able to fund its operation. There’s clearly a cost to maintaining the program, and there are clearly people who haven’t contributed to paying that cost.

In terms of going back to whatever, the foundation involved is likely to sort out alternative funding, though potentially with decreased functionality (it sounds like they had agreements to pay for secondary vulnerability report reviews, which will likely need to get scaled back). Maybe they’ll need to add in a fee for frequent feed pulls, or something similar. I wouldn’t say it’s completely toast or anythin just yet.

I’m honestly not totally sure what to think about this one, though I recognise that it’s a big shift/likely a negative overall result.

Reason I’m humming and hawing, is that there are lots of expensive cybersecurity type ‘things’ that rely on the CVE system, without explicitly paying in to that system / supporting it directly, from what I recall / have seen. Take someone like Tenable security, who sell vulnerability scanners that extensively use/integrate with the CVE/NVD databases… companies pay Tenable huge amounts of money for those products. Has Tenable been paying anything into the ‘shared’ public resource pool? How about all those ‘audit’ companies, who charge like 10-30k per audit for doing ‘vulnerability / penetration tests’.

IT Security has been an expensive/profitable area for a long time, while also relying on generally public/shared resources to facilitate a lot of the work. Maybe an ‘industry’ funded consortium is the more appropriate way to go.

Thanks, appreciated.

Silly question perhaps, but I haven’t tripped across it on the site for Revolt – is there a relatively straight forward server version for self-hosting, or is it just that the source is on github and you can compile it in theory if you feel like goin through that process… ?