fsebugoutzone.org:9999

Post Ali268MdcBXZ5pHzW4 by Jplonie@aus.social
(DIR) More posts by Jplonie@aus.social
(DIR) Post #Ali0xdc5xfjVRzu7GK by Viss@mastodon.social
2024-09-05T22:11:42Z

0 likes, 0 repeats

https://www.theregister.com/2024/09/05/white_house_cyber_jobs/so the dude in the whitehouse in charge of filling security jobs thinks that you dont need a background in technology to work in computer security. this is like building your house out of matches, thermite and magnesium and hosting a cookout everyday. its going to go very very badly. for literally everyone.

(DIR) Post #Ali0xeJhLYbxdEIwE4 by Viss@mastodon.social
2024-09-05T22:12:46Z

0 likes, 0 repeats

like, imagine if you could just &#39;skip to the end&#39; in other professions like that. neurosurgery: today i change oil at jiffy lube, but after a bootcamp, im literally cutting open peoples skulls and sticking probes and scalpels in their brains!vascular surgery: who needs medschool or experience? just let me at them veins, i watched a few youtube videos, it&#39;ll be fine.

(DIR) Post #Ali0xf7KN2JI79WZaC by Viss@mastodon.social
2024-09-05T22:13:51Z

1 likes, 0 repeats

do you think that if they did this for medicine, or chemistry or other highly nuanced careers that typically require years of experience, that people would be lining up?&quot;sure! let the gen z or gen alpha kid with the face tattoos who doesnt know what a dialtone is OPERATE ON MY FUCKING BRAIN&quot;yeah, i&#39;ll watch. go nuts.

(DIR) Post #Ali0xga4vcu0ebz32G by Viss@mastodon.social
2024-09-05T22:33:54Z

0 likes, 0 repeats

bonus points: i wonder how many of these assholes are gonna slide their way into those jobs

(DIR) Post #Ali262UvQSbWtn7WbI by Jplonie@aus.social
2024-09-05T22:52:49Z

0 likes, 0 repeats

@Viss there are roles for other skill sets. For example educators. Lots of really skilled security people can&#39;t communicate well. And communication and education are critical to scale things. Also lots of admin and spreadsheets involved in security. People with finance backgrounds rock that world. Need to think how we can pull others into our world and leverage their skills to make the ones with the technology background more effective. As they grow in experience from being evolved they start to understand and take up more capabilities. If your answer is only &quot;we need more people with 5 years of experience in the guts of operating systems now&quot; I think you will be disappointed when you can&#39;t fill the positions

(DIR) Post #Ali263JcNz9bR0q0cC by Viss@mastodon.social
2024-09-05T22:53:29Z

0 likes, 0 repeats

@Jplonie you see the news, right?

(DIR) Post #Ali2647FPSqvuw3dyK by Jplonie@aus.social
2024-09-05T22:55:02Z

0 likes, 0 repeats

@Viss the article you posted or something else?

(DIR) Post #Ali2656vi8C10Euu7E by Viss@mastodon.social
2024-09-05T22:58:08Z

0 likes, 0 repeats

@Jplonie i mean in general. like, if youre looking at security news theres some huge hack, or some huge breach like four times a day. and what youre suggesting is already happening, and its why i say that what we are currently doing is fucked and broken. so doing MORE of it wont fix the problems we currently have. the reason we have these problems now is because people are too green, and leadership gives no fucks.

(DIR) Post #Ali265nT9yDj8AosQC by Jplonie@aus.social
2024-09-05T23:13:37Z

0 likes, 0 repeats

@Viss also re daily breaches. I suspect that&#39;s more a result of the cloud than anything else. I often wonder what things would have been like if companies stayed out of cloud /saas.

(DIR) Post #Ali266Ted7xrF0YZAu by Viss@mastodon.social
2024-09-05T23:17:21Z

0 likes, 0 repeats

@Jplonie regardless of where the people are employed - on prem or off prem - hiring people who dont know what the fuck they are doing, in my opinion, is the root cause for ALL THIS *waves arms*

(DIR) Post #Ali266UMaUX1HCt8HQ by Viss@mastodon.social
2024-09-05T22:59:01Z

0 likes, 0 repeats

@Jplonie the problem is very very very much NOT &quot;there arent enough people in security&quot;there are way way way too many people in security - and many of them have no fucking idea what they&#39;re doing. thats why we&#39;re in this mess.and by saying &quot;oh anybody who wants to can jump into security&quot; is saying &quot;i dont understand the problem, and i lack the experience to propose a solution&quot;

(DIR) Post #Ali267CJx3h3TXSEnQ by Jplonie@aus.social
2024-09-05T23:44:55Z

0 likes, 0 repeats

@Viss also every industry is filled with people who don&#39;t know what they doing. Doctors, builders, bankers. We are worse sure but no industry is perfect.

(DIR) Post #Ali267w3D2GzlMql4i by Viss@mastodon.social
2024-09-05T23:50:51Z

0 likes, 0 repeats

@Jplonie point me to a vascular surgeon, or a neurosurgeon that was able to get a job at a hospital operating on people brains or hearts without doing medschool or a residency.or point me to a lawyer who was able to pass the bar and get licensed without going to lawschool

(DIR) Post #Ali268MdcBXZ5pHzW4 by Jplonie@aus.social
2024-09-05T23:55:27Z

0 likes, 0 repeats

@Viss that&#39;s only the case because those industries have grown through the phase of any quack can become that person. Those industries (for a variety of reasons, from not killing people to gatekeeping) have all built up training and certification infrastructures, to protect themselves. Security or (even other IT areas) haven&#39;t done that yet.

(DIR) Post #Ali269AGdfEtZkVcsC by Viss@mastodon.social
2024-09-05T23:56:47Z

0 likes, 0 repeats

@Jplonie well after this genius in the whitehouse starts packing sensitive security roles with derps, influencers, frauds and cheats - and shit starts burning down - hopefully they start. but its gonna take some explosions for them to realize their technique is .. very very incorrect.

(DIR) Post #Ali269pOAm8HdHkSy8 by Jplonie@aus.social
2024-09-05T23:59:21Z

0 likes, 0 repeats

@Viss the funny thing is we know how to mature an industry. It&#39;s a well worn path. Just nobody wants to do it.

(DIR) Post #Ali26AJAO3x57dgFNo by Viss@mastodon.social
2024-09-06T00:00:08Z

0 likes, 0 repeats

@Jplonie oh tons of folks want to do it - but they are intentionally disincentivised by the big four, ics2 and the whole compliance regime. if we start actually fixing problems those people are all fucked, and they know it

(DIR) Post #Ali26ApQS7kwjgm0fI by Jplonie@aus.social
2024-09-06T00:01:31Z

0 likes, 0 repeats

@Viss capitalism at its finest.

(DIR) Post #Ali26BnKrNg7jUnr2u by Viss@mastodon.social
2024-09-06T00:01:54Z

1 likes, 0 repeats

@Jplonie dont worry, the fuckery is cominghttps://arstechnica.com/security/2024/09/sailors-hid-an-unauthorized-starlink-on-the-deck-of-a-us-warship-and-lied-about-it/

(DIR) Post #AliAC2TfDIvoCrtzjE by kyle@mastodon.kylerank.in
2024-09-06T01:32:59Z

0 likes, 0 repeats

@Viss While I understand the sentiment, I&#39;ve worked with quite a few very talented folks both in tech in general and security specifically, who had non-tech degrees (like music, linguistics and history).When many of us got into the industry there weren&#39;t really formal education options for what we did (both for sysadmin and security roles in my case) and a lot of the skills were self-taught or learned on the job. With the right on-the-job training and right people it could work.

(DIR) Post #AliAJSFjmP7EAsvMsy by Viss@mastodon.social
2024-09-06T01:34:18Z

0 likes, 0 repeats

@kyle if youve been following the news for the last 5 years, while admirable, your sentiment is already in plan and it has shown to be .. well.. grossly deficient.