|
surebet posted:actual anti-secfuck content: is there a npt bad combination of password managers and ad blockers? ublock origin is the adblocker you should use. do not use ublock. you can add disconnect, which is kinda like ghostery but not owned by an ad agency. i think there's another one people like too
|
# ? Jun 3, 2016 16:04 |
|
|
# ? Jun 6, 2024 09:42 |
|
pr0zac posted:having a cissp or oscp is not an indicator of a good security person any more than a college degree is, esp not in the area of infosec I'm trying to hire for I have both of those certs, because a) I'm black, so I have to. b) My years of work experience in IT aren't representative of my actual time doing computer touching in life c) I'm black, your HR hurdles are my HR mountains. d) My college degree is an asociates in Nursing e) I didn't pay for any of my 6 certifications, so...why not get them on the company dime if its low-effort and poo poo you're already doing anyways?
|
# ? Jun 3, 2016 16:04 |
|
Volmarias posted:Aren't we all! :makes jerking off motions: eventually!
|
# ? Jun 3, 2016 16:40 |
|
I keep reading TV as television and imagine this is what the future internet of things will be like
|
# ? Jun 3, 2016 16:46 |
|
i thought people only used teamviewer when beiung tech-support scammed, learn something new every day
|
# ? Jun 3, 2016 16:47 |
|
pr0zac posted:having a cissp or oscp is not an indicator of a good security person any more than a college degree is, esp not in the area of infosec I'm trying to hire for oh 2.6? you fancy, huh?
|
# ? Jun 3, 2016 17:04 |
|
anthonypants posted:1password for personal use, secret server for the office didn't know there was a ublock & a ublock origin, i'm using origin. guess i'll roll that out re: secret server, i'll have a look, seems nice. i've been considering a smart card approach since we're also shopping for a physical access control system, what kind of hell am i inviting in my life regarding lost credentials?
|
# ? Jun 3, 2016 17:22 |
|
also there's a weird part of me that wants to get my CISSP for funzies. this is a bad idea right? (see above gpa joke)
|
# ? Jun 3, 2016 17:32 |
|
anthonypants posted:i think there's another one people like too privacy badger, which is backed by the EFF so that counts for something imo i use disconnect tho because it works and i hadn't heard of pb before switching from ghostery to disconenct
|
# ? Jun 3, 2016 17:49 |
|
I completely ignore certifications when reading resumes, who cares?
|
# ? Jun 3, 2016 17:55 |
|
surebet posted:didn't know there was a ublock & a ublock origin, i'm using origin. guess i'll roll that out if you're doing physical credentials right, losing them should be no problem - report lost, revoke credential, issue new card
|
# ? Jun 3, 2016 17:58 |
|
apseudonym posted:I completely ignore certifications when reading resumes, who cares? i ignore anything that i do not recognise and have myself because obviously if i dont have a cert, its not worth having actually i don't but i guarantee this logic is used irl
|
# ? Jun 3, 2016 18:05 |
|
gfsincere posted:I have both of those certs, because oh yeah, i'm not saying having them is a BAD thing by any means, just they aren't a strong indicator of good in my experience not being a cis white male actually is though since if you're not and are still willing to put up with the biased bullshit in this industry you probably give enough of a drat about it to do well
|
# ? Jun 3, 2016 18:11 |
|
surebet posted:didn't know there was a ublock & a ublock origin, i'm using origin. guess i'll roll that out I'd get it just to say you had it and you can (to HR) make wildly unreasonable salary demands and they will actually sound reasonable to them.
|
# ? Jun 3, 2016 18:22 |
|
apseudonym posted:I completely ignore certifications when reading resumes, who cares? HR robots who cannot read and evaluate resumes without buzzwords do. The actual interviewers won't.
|
# ? Jun 3, 2016 18:26 |
|
hr does not read any resumes and hasnt for more than a decade and a half hr puts the resume onto a scanner that scans them in to a program like resumix which groups them by buzzwords
|
# ? Jun 3, 2016 18:31 |
|
it seems the only applicant we got was a resume with this weird computer code gobbledygook at the top, all the other applications are blank oh well
|
# ? Jun 3, 2016 18:33 |
|
pr0zac posted:oh yeah, i'm not saying having them is a BAD thing by any means, just they aren't a strong indicator of good in my experience Oh man, there's so many paper tigers out there. I've met so many CISSPs (pretty much exclusively Indian) that didn't know the very basics of IT. As in I was in an advanced training class for Qualys (job-mandated) and I poo poo you not a dude from India with a masters in Information Security (from New Delhi Basement University I'm sure) legit raised his hand and asked what subnetting was. The rest of the Indians in the class were also wondering, meanwhile literally everyone else in the class was dumbfounded, because HOW. HOW. And this guy was a CISO somewhere. I wish I would have gotten his card so I could have emailed his job like "Bro. This guy is awful."
|
# ? Jun 3, 2016 18:33 |
|
when i worked at $av_vendor, i had a customer i worked with frequently who'd send me screenshots sent via his iphone. now if this were some sort of airgapped network i wouldn't have had given much thought to this as this was not uncommon in situations where clearance was a non-issue (and me being a foreign national, etc), but this was a university computer and dameware was installed according to the icons in the systray the guy also was a 5-year cissp to make matters funnier, i ended up working with him as a consultant at another company and he was what i expected nice person but i think he didn't know how to take a screenshot at all
|
# ? Jun 3, 2016 18:43 |
|
OSI bean dip posted:when i worked at $av_vendor, i had a customer i worked with frequently who'd send me screenshots sent via his iphone. now if this were some sort of airgapped network i wouldn't have had given much thought to this as this was not uncommon in situations where clearance was a non-issue (and me being a foreign national, etc), but this was a university computer and dameware was installed according to the icons in the systray They are usually always nice people, but they usually don't know poo poo about poo poo, including the stuff they have certs in. Cheating is SUPER rampant in India, so I pretty much consider any cert gained while in India fraudulent until proven otherwise.
|
# ? Jun 3, 2016 18:49 |
|
owasp are accepting data to build the top ten web vulns for 2016 https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
|
# ? Jun 3, 2016 19:04 |
|
gfsincere posted:They are usually always nice people, but they usually don't know poo poo about poo poo, including the stuff they have certs in. Cheating is SUPER rampant in India, so I pretty much consider any cert gained while in India fraudulent until proven otherwise. http://attrition.org/errata/charlatan/ankit_fadia/ this guy takes the cake
|
# ? Jun 3, 2016 19:31 |
|
but not the plastic off his laptop, what the hell
|
# ? Jun 3, 2016 19:53 |
|
is there a free practice test or something for cissp, because I'd like to try my hand at it since I get the feeling I can answer 80% of the questions already but I'm not actually looking to get one right now so I don't want to pay for the ~official materials~ or whatever
|
# ? Jun 3, 2016 19:57 |
|
or i could just google "cissp practice test" and pick the first result like a big boy
|
# ? Jun 3, 2016 19:59 |
|
things cissp can't cover: https://samvartaka.github.io/exploitation/2016/06/03/dead-rats-exploiting-malware
|
# ? Jun 3, 2016 20:01 |
|
OSI bean dip posted:http://attrition.org/errata/charlatan/ankit_fadia/ haha, holy poo poo, this guy http://attrition.org/errata/charlatan/ankit_fadia/fadia13.html
|
# ? Jun 3, 2016 20:15 |
|
Winkle-Daddy posted:haha, holy poo poo, this guy http://attrition.org/errata/charlatan/ankit_fadia/fadia13.html
|
# ? Jun 3, 2016 20:25 |
|
rape accusations at Tor
|
# ? Jun 3, 2016 20:26 |
|
gfsincere posted:Because if so, I might be selling myself short. thats the weird thing about cs really
|
# ? Jun 3, 2016 20:34 |
|
Captain Foo posted:rape accusations at Tor
|
# ? Jun 3, 2016 20:36 |
|
Captain Foo posted:rape accusations at Tor details? is this some bs like the assange stuff or a real accusation from a non us-govt payroll person?
|
# ? Jun 3, 2016 20:40 |
|
Sharktopus posted:details?
|
# ? Jun 3, 2016 20:43 |
|
Sharktopus posted:details?
|
# ? Jun 3, 2016 20:45 |
|
Sharktopus posted:details?
|
# ? Jun 3, 2016 20:49 |
|
Sharktopus posted:details? what was bs about the allegations against assange?
|
# ? Jun 3, 2016 20:49 |
|
and they dont care if he's out raping they just dont want him part of the tor organization? or is this a dont talk to cops thing? would germany even extradite him for a trial in the US?
|
# ? Jun 3, 2016 20:50 |
|
also thanks for linking I dont particularly care for ioerror and am not defending him here, this already smells more legit than the assange stuff ever did
|
# ? Jun 3, 2016 20:51 |
|
we use a lot of offshore resources provided by firms in india for some bullshit accounting reason and whenever we get a good person they always leave because they know it and just junp ship to some other company then we get given a replacement that is without fail someone whose experience is 100% the firms own training courses and is poo poo they quite literally use us to train their staff, i just refuse to let them work on my stuff as they are without fail an actual negative
|
# ? Jun 3, 2016 20:51 |
|
|
# ? Jun 6, 2024 09:42 |
|
Powerful Two-Hander posted:they quite literally use us to train their staff, i just refuse to let them work on my stuff as they are without fail an actual negative lol that some CFO thinks he's adding to the bottom line by doing all this
|
# ? Jun 3, 2016 20:53 |