back to article MITRE fighter says CVE delays are no laughing matter, names bug ROFL in branding protest

Security man David Jorm has started giving important bugs names, logos and even websites, because MITRE won't assign them Common Vulnerabilities and Exposures (CVE) numbers. CVE numbers are the tags assigned to bugs and are designed to help the security industry ensure that they're all fixing the same problem. Jorm, of Console …

  1. Anonymous Coward
    Anonymous Coward

    "routinely report MITRE is responsive"

    So what's the problem?

    1. Dabooka Silver badge

      Re: "routinely report MITRE is responsive"

      "Yet researchers from prominent technology firms routinely report MITRE is responsive to their requests."

      That kind of suggests significant vulnerabiliites are being overlooked simply because they're submitted by less recognised outfits.

      1. DougS Silver badge

        Re: "routinely report MITRE is responsive"

        Part of that may be due to how less recognized outfits often hype meaningless bugs trying to get attention for themselves. If you have a bug that requires multiple steps of stupidity and simply leaks information that others have on you anyway, it isn't deserving of a CVE.

        Sad that researchers coming up with real bugs are having problems because of this, but if MITRE is trying to be responsible about only assigning them for real vulnerabilities the issue is more that the people doing that aren't recognizing stuff too well. If they're unsure, they should write an article at the Register about the bug. If it turns out to be nothing, generally the commentards have picked it apart pretty conclusively in a matter of hours!

      2. TeeCee Gold badge

        Re: "routinely report MITRE is responsive"

        .....a researcher under the spoof account Justin Timberlake managed to get a CVE number......

        Well, you don't get much less recognised as a technology firm than that. An example of complex technology in that quarter would be "shoelaces".

  2. Alan J. Wylie

    Several people have recently left the CVE Editorial Board

    Casper Dik

    Matt Bishop

    Panos Kampanakis

    Gene Spafford

    Casper and Spaf are, of course, very well known names.

  3. james 68

    Be thankful

    At least he didn't name it "Buggy MacBugface".

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019