|
you’re not automatically a bad person just because your employer does something lovely Automatically is doing a lot of important work in that sentence.
|
# ? Jun 24, 2021 19:57 |
|
|
# ? May 26, 2024 02:34 |
|
Mr. Crow posted:
I don't work for a FAANG dipshit. I'm not in the tech sector at all.
|
# ? Jun 24, 2021 20:04 |
|
Internet Explorer posted:I think this is a good topic worth discussing, but if we could try to be a little kinder to each other while doing it, it would be much appreciated. Just so this doesn't get lost on the previous page.
|
# ? Jun 24, 2021 20:07 |
|
There's no such thing as a "good" or "bad" company in the good-guy/bad-guy sense, ethics exist on a non-linear spectrum full of nuance. Participating in society isn't an automatic disqualifier in being allowed to want to improve society's injustices.
|
# ? Jun 24, 2021 20:14 |
|
klosterdev posted:There's no such thing as a "good" or "bad" company in the good-guy/bad-guy sense, ethics exist on a non-linear spectrum full of nuance. Participating in society isn't an automatic disqualifier in being allowed to want to improve society's injustices. That's my whole point! No one is at fault.
|
# ? Jun 24, 2021 20:17 |
|
One of the perks of my employer is that working there provides you with plenty of reasons you're a bad person. Fortunately, I already have enough of those, so I've never needed to take them up on it.
|
# ? Jun 24, 2021 20:20 |
|
Cup Runneth Over posted:That's my whole point! No one is at fault. I wouldn't say that either, there's a lot of people doing and enabling extremely harmful things who should be reevaluating their decisions and the path that they're on. These are for the most part case-by-case however, taking any of these to the ridiculous extreme blanket conclusions that the internet likes to do is a fairly worthless conversation that detracts from what's actually going on.
|
# ? Jun 24, 2021 20:25 |
|
just work in hosting. you support everyone no matter their politics, so you have plenty of opportunity to feel good and bad about yourself my first week at my new job saw a group of people explaining to one of our salesmen that picking up Parler after AWS kicked them was not a good idea, especially given our main clients are government agencies
|
# ? Jun 24, 2021 20:52 |
|
klosterdev posted:I wouldn't say that either, there's a lot of people doing and enabling extremely harmful things who should be reevaluating their decisions and the path that they're on. These are for the most part case-by-case however, taking any of these to the ridiculous extreme blanket conclusions that the internet likes to do is a fairly worthless conversation that detracts from what's actually going on. Let me rephrase that: No one here is at fault. And if they are, everyone is. Playing degrees of defense contractor is dumb.
|
# ? Jun 24, 2021 20:54 |
|
Cup Runneth Over posted:Let me rephrase that: No one here is at fault. And if they are, everyone is. Playing degrees of defense contractor is dumb. I would not be surprised to discover that one of Trump's sysadmins posts here. I would be able to guarantee it if my job timeline had lined up just a little differently
|
# ? Jun 24, 2021 21:07 |
|
RFC2324 posted:I would not be surprised to discover that one of Trump's sysadmins posts here. I would be able to guarantee it if my job timeline had lined up just a little differently Ugh, made me cringe for a second. https://twitter.com/AlyssaM_InfoSec/status/1408120698573316104
|
# ? Jun 24, 2021 21:32 |
|
Hey, I don't know where to ask for better advice on this front so I figured I'd try here. I'm looking to make an encrypted folder I can unlock with a password on Windows 10 Home. Just something to stick some Word documents in with sensitive data. Are there any good options for this sort of thing? I'm not expecting any particular attack or concern, but better safe than sorry with research ethics. e: there's apparently a built in folder encryption function in Windows, is that reasonably secure? Arivia fucked around with this message at 23:04 on Jun 24, 2021 |
# ? Jun 24, 2021 22:57 |
|
Make a 1GB veracrypt volume and just drag stuff into it (shows up as a normal drive in windows?) or a bitlocker USB drive?
|
# ? Jun 24, 2021 23:14 |
|
Arivia posted:Hey, I don't know where to ask for better advice on this front so I figured I'd try here. I'm looking to make an encrypted folder I can unlock with a password on Windows 10 Home. Just something to stick some Word documents in with sensitive data. Are there any good options for this sort of thing? I'm not expecting any particular attack or concern, but better safe than sorry with research ethics. The built-in encryption is about as secure as your windows password is complex. (So for most people, not very. But if you change your windows password into a secure password it's better.) And if someone is snooping on your PC while it's signed in and unlocked, it is zero protection. It's metaphorically the equivalent of locking your front door, if that's all you are looking for. Bitlocker is way more secure, Win10 Home can access bitlocker encrypted drives but not create them. An upgrade to a Pro key is $10-15 in SA mart and highly worth it at that price. Then there's VeraCrypt which is free / open source, but may be a little harder to figure out.
|
# ? Jun 24, 2021 23:20 |
|
Klyith posted:The built-in encryption is about as secure as your windows password is complex. (So for most people, not very. But if you change your windows password into a secure password it's better.) And if someone is snooping on your PC while it's signed in and unlocked, it is zero protection. It's metaphorically the equivalent of locking your front door, if that's all you are looking for. VeraCrypt looks great. Thank you!
|
# ? Jun 24, 2021 23:25 |
|
e: spoke too early
|
# ? Jun 24, 2021 23:52 |
|
The CEH cert is worthless in private industry and I would have considered it theft had my company not paid for it back in 2016. I let mine expire.
|
# ? Jun 25, 2021 00:17 |
|
Diva Cupcake posted:The CEH cert is worthless in private industry and I would have considered it theft had my company not paid for it back in 2016. I let mine expire. Agreed! Got mine paid for, would never have taken it otherwise.
|
# ? Jun 25, 2021 00:28 |
|
Diva Cupcake posted:The CEH cert is worthless in private industry and I would have considered it theft had my company not paid for it back in 2016. I let mine expire. My Coworker narrowly missed the exam for that one. Also got a CISSP last year. CISO position created and he didn't even get an interview.
|
# ? Jun 25, 2021 00:31 |
|
CLAM DOWN posted:Disagree. I work for a public sector org/crown corp that makes a positive difference and I'm proud of that.
|
# ? Jun 25, 2021 01:03 |
|
CLAM DOWN posted:You always post the shittiest most passive aggressive takes. I wasn't downplaying anything, dude. Turn on your monitor, etc.
|
# ? Jun 25, 2021 01:19 |
|
Cup Runneth Over posted:That's my whole point! No one is at fault.
|
# ? Jun 25, 2021 10:57 |
|
Disconnect your WD My Book Live devices if you have them. https://arstechnica.com/gadgets/2021/06/mass-data-wipe-in-my-book-devices-prompts-warning-from-western-digital/
|
# ? Jun 25, 2021 12:53 |
|
evil_bunnY posted:ding ding Yeah. It sucks, but the public / "do good" sector is something like 15% of the job market, and probably less than that when it comes to tech. Most of us have to work elsewhere by basic supply and demand rules. It's also pretty laughable to be rolling Facebook, AWS, and Netflix all into the same ethical ball on the basis of them being large companies who can shower their employees with high wages and benefits. There are some companies out there with highly questionable business plans that are actively against the best interests of people. The vast, vast majority of companies don't fall into that category, though, and it's useless to pretend they do and look down on someone because they're not living the way you think they should. This whole conversation line smacks of the same vibe as that vegan friend nobody likes expounding on why you using a dairy based coffee creamer makes you a bad person.
|
# ? Jun 25, 2021 15:23 |
|
Arivia posted:Hey, I don't know where to ask for better advice on this front so I figured I'd try here. I'm looking to make an encrypted folder I can unlock with a password on Windows 10 Home. Just something to stick some Word documents in with sensitive data. Are there any good options for this sort of thing? I'm not expecting any particular attack or concern, but better safe than sorry with research ethics. You could make a sealed folder in OneDrive if you consider Microsoft trustworthy. It’s naturally unreachable until you unlock the folder and once you seal it back the local items get synched to OneDrive and removed from explorer access.
|
# ? Jun 25, 2021 16:28 |
|
https://twitter.com/z3r0trust/status/1408455185714712576?s=20
|
# ? Jun 25, 2021 17:16 |
|
Nfc is just the best
|
# ? Jun 25, 2021 17:25 |
|
Klyith posted:And if someone is snooping on your PC while it's signed in and unlocked, it is zero protection.
|
# ? Jun 25, 2021 17:41 |
|
evil_bunnY posted:I'm sorry but if you're at a palantir/LM/cop-enabler outfit you don't really get the benefit of the doubt anymore? Cup Runneth Over posted:That doesn't mean go out and roll coal and work for Raytheon, work a job you're proud of working.
|
# ? Jun 25, 2021 17:43 |
|
Hey, if you're going to argue about it, put some effort into your post and treat others with kindness. It's not an easy topic with a clear answer.
|
# ? Jun 25, 2021 17:44 |
|
Internet Explorer posted:Hey, if you're going to argue about it, put some effort into your post and treat others with kindness. It's not an easy topic with a clear answer. Its real easy with only one hard question. If your actions directly sustain the bad poo poo, you should probably be job hunting. The question is where is the line, because almost all of us our jobs helps sustain at least some bad poo poo, just at one or two steps remove, and alot of us also support some good poo poo, and I refuse to accept that Clam Down is the best of us
|
# ? Jun 25, 2021 17:52 |
|
Storm One posted:Phrased this way it might lead a novice to assume that Bitlocker and VeraCrypt are immune to the snooping issue: they're not, it's exactly the same deal once any FDE volume is unlocked. Mmm, I wasn't very precise, but the file/folder encryption is always unlocked by simple login to your account. While veracrypt would normally be secure until you access & unlock it, and same with bitlocker if you're using a virtual drive or separate partition from your OS.
|
# ? Jun 25, 2021 17:53 |
|
DrDork posted:There are some companies out there with highly questionable business plans that are actively against the best interests of people. RFC2324 posted:The question is where is the line
|
# ? Jun 25, 2021 17:56 |
|
the short and obvious story is that we all have a broad spectrum of stuff we'll do and stuff we won't. as you get closer to stuff you won't do, you want more money. i take google's money to do infosec for google. i won't do that for facebook, but if i was really hard up i could suck it up and work for them. palantir is right out. i can say that now, because it's really hard to think of a scenario where i'd _actually_ have to work for palantir (i could just, you know, go work basically anywhere else instead for a bit less money), but i'm sure i'd do terrible things if it was the only way to make sure my son was fed and clothed. i am lucky that my profession is in high enough demand that my calculus is "do i be part of a lovely thing for an extra fifty grand a year?" instead of "do i be part of a lovely thing so that my son doesn't suffer from malnutrition." it's obviously true that working for parks bureau on their website is not morally the same as designing autonomous machine guns for ICE even though they are both part of the US government. it's obviously true that working on itunes or whatever for apple is not morally the same as being the person holding the gun to the head of the child slaves working in the cobalt mines. "there is no ethical consumption under capitalism" means that all our hands are dirty from participating in this hosed up exploitative mess that we call the global economy. it does not mean that all choices are equal. to my mind, working for palantir is about as bad as some scenarios of working for defense contractors. other defense scenarios are much less bad, something like facebook. some are probably "oh that's fine" to my mind, because the individual project matters. if you're working on defending the US water supply, that's not ceteris paribus a bad thing (even if raytheon is involved). if you're working on contaminating foreign water supplies as deterrence, that's ceteris paribus hosed up and yikes. in any case, doing a blanket "only work for perfect orgs" is dumb, because no org is perfect. even the org with a perfect mission and perfect execution is going to have some sexist manager or a racist sales guy whose bullshit is swept under the rug because of his numbers or whatever. there is no perfection, there's what level of moral risk you're willing to take by associating yourself with a particular branch of a particular organization. it would be useful to talk about the properties that we find problematic (both individually and as a profession). how much dirt one is willing to get on their hands varies tremendously based on both an individual's current particular circumstances and how much they actually care about making the world better (or alternatively, not-worse).
|
# ? Jun 25, 2021 18:04 |
|
RFC2324 posted:just work in hosting. you support everyone no matter their politics, so you have plenty of opportunity to feel good and bad about yourself I worked in that industry about 20 years ago when it shared hosting was actually profitable. Our biggest clients ran several "Asian/Russian Bride" sites and I regret how naive I was. RFC2324 posted:I would not be surprised to discover that one of Trump's sysadmins posts here. I would be able to guarantee it if my job timeline had lined up just a little differently Before I left we had sold a VPS (maybe $100 a month) account to Trump University.
|
# ? Jun 25, 2021 18:13 |
|
I used to work in fintech and I definitely lost sleep over it
|
# ? Jun 25, 2021 18:16 |
|
Achmed Jones posted:the short and obvious story is that we all have a broad spectrum of stuff we'll do and stuff we won't. as you get closer to stuff you won't do, you want more money. if you want a perfect org, please start one. if you can actually figure out a way to stay in business while remaining perfectly moral I will happily jump ship to work for you (this is not snarky, I mean it sincerely. we all do the mental calculus, and it would be nice if mine could come up clean for once)
|
# ? Jun 25, 2021 19:01 |
|
start doing ransomware and only target bad orgs
|
# ? Jun 25, 2021 19:08 |
|
I've refused to do work for Oil companies in the past, to be fair since I drive fossil fueled cars that seems kinda hypocritical. That and realizing as a vet I worked for the ultimate oil company, the US Government.
|
# ? Jun 25, 2021 19:11 |
|
|
# ? May 26, 2024 02:34 |
|
Cup Runneth Over posted:Unethical because you work for a government which https://www.bbc.com/news/world-us-canada-57592243 https://www.nbcnews.com/news/world/remains-more-200-children-found-indigenous-school-canada-n1269092
|
# ? Jun 25, 2021 19:43 |