|
Achmed Jones posted:when they said i'd be an apprentice noone said i'd have to learn A lot of people tend to be shocked to realize how much they don't know, particularly in computers.
|
#
?
Sep 15, 2022 17:05
|
|
|
|
| # ? May 31, 2024 00:29 |
|
|
Seemed weird to me I guess, since I've been surrounded in IT without ever needing to know how to use any of those things for a decade. "entry level" isn't "entry level" if it means you need to compete some prerequisite levels first. It would be different if we were talking about a freelance webdev position and you took html and css and Javascript classes ten years ago In any case, I'm fine with learning the content, I was just surprised
|
|
#
?
Sep 15, 2022 17:06
|
|
|
RFC2324 posted:A lot of people tend to be shocked to realize how much they don't know, particularly in computers. Especially in Security Engineering and Infosec in general, where you have to be a jack of all trades, effectively.
|
|
#
?
Sep 15, 2022 17:06
|
|
|
Also it's kind of amusing because I know those things and have taken computer engineering courses and more practical electrical house wiring courses Not confident enough to mess around with a fuse box wiring though
|
|
#
?
Sep 15, 2022 17:08
|
|
|
GreenBuckanneer posted:Also it's kind of amusing because I know those things and have taken computer engineering courses and more practical electrical house wiring courses Well that's where Jack of Trades tends to fall flat, as the other half of that saying is "...master of none.". You will run into specialized concerns that will either require you to do some learning/research or talk to someone who is a Subject Matter Expert (i.e. in this case an Electrician)
|
|
#
?
Sep 15, 2022 17:10
|
|
|
GreenBuckanneer posted:they said the position was entry level For what it's worth, I recently got my Masters in CS and I only know SQL and Elastic (assuming you mean Amazon EC2) in your list and only SQL was part of the required Database course. I learned to use EC2 through a Cloud Computing elective though I may have come across some of that other stuff because they seem to be AWS products, tools, etc. I did Mechanical Engineering for undergrad before switching gears so I don't know what the BS coursework looks like
|
|
#
?
Sep 15, 2022 17:17
|
|
|
ec2 is not what people mean by "elastic" "elastic" means lucene/elastic search - inverted index data storage and querying
|
|
#
?
Sep 15, 2022 17:40
|
|
|
More specifically, elk, so elastic logstash kibana
|
|
#
?
Sep 15, 2022 17:47
|
|
|
"elk stack" is basically "generic roll-your-own-siem" at this point. elk/splunk/sumo/etc
|
|
#
?
Sep 15, 2022 17:49
|
|
|
There also seems like there's some infighting between exabeam wanting to move away from splunk and do their own thing, I heard
|
|
#
?
Sep 15, 2022 17:52
|
|
|
GreenBuckanneer posted:Also it's kind of amusing because I know those things and have taken computer engineering courses and more practical electrical house wiring courses bizarre combo ngl
|
|
#
?
Sep 15, 2022 18:04
|
|
|
Crime on a Dime posted:bizarre combo ngl College to college transfer credits where one college has less specialized content (but cheaper)
|
|
#
?
Sep 15, 2022 18:06
|
|
|
GreenBuckanneer posted:College to college transfer credits where one college has less specialized content (but cheaper) 
|
|
#
?
Sep 15, 2022 18:12
|
|
|
CS teaches you a lot of theoretically-useful cruft that you need to dig out of to actually do your job, but is good to have as your background. Asymptotic reasoning about algorithm complexity is great - but you are often NOT at large enough n.
|
|
#
?
Sep 15, 2022 18:35
|
|
|
Absurd Alhazred posted:CS teaches you a lot of theoretically-useful cruft that you need to dig out of to actually do your job, but is good to have as your background. See every 23 year old gamedev thinking that everything should be a red-black tree instead of the humble and cache-coherent flat-rear end array
|
|
#
?
Sep 15, 2022 18:49
|
|
|
more falafel please posted:See every 23 year old gamedev thinking that everything should be a red-black tree instead of the humble and cache-coherent flat-rear end array Yup! Simplicity and readability trumps cleverness most of the time. You can always add clever later.
|
|
#
?
Sep 15, 2022 19:52
|
|
|
I am liking learning about some of these things I've never once used in my adult life, like regex. Would have been useful when I was younger for sure.
|
|
#
?
Sep 15, 2022 20:03
|
|
|
I think it's one of the things that people coming out of college, a cert program, or some other info sec boot camp don't realize is that IT is a very very broad discipline and don't impress on them that you need to know at least something about every other IT discipline to properly do security on it/with it.
|
|
#
?
Sep 15, 2022 22:47
|
|
|
RFC2324 posted:A lot of people tend to be shocked to realize how much they don't know, particularly in computers.
|
|
#
?
Sep 15, 2022 23:40
|
|
|
Arsenic Lupin posted:I was a technical writer, which meant that I had the gift of getting away with asking stupid questions. You'd be amazed how often I'd say, "Okay, what does QYZX actually do?" and a sigh of relief would waft across the room because somebody else had asked. one of the things I hammer on when I train anyone is "never run a command you don't understand" and it seems to frustrate people its especially fun to try and follow that while dealing with undocumented behaviors
|
|
#
?
Sep 16, 2022 00:14
|
|
|
RFC2324 posted:one of the things I hammer on when I train anyone is "never run a command you don't understand" and it seems to frustrate people "Eh don't worry, we got backups"
|
|
#
?
Sep 16, 2022 00:51
|
|
|
Zil posted:"Eh don't worry, we got backups" Me, usually with a client: "And when did you last test them?" Client: *eyes suddenly bulge wide*
|
|
#
?
Sep 16, 2022 01:04
|
|
|
https://twitter.com/samwcyo/status/1570577801790783493?s=20&t=hC8MXOUeW4NkEE5deWIkjw
|
|
#
?
Sep 16, 2022 04:08
|
|
|
Sickening posted:https://twitter.com/samwcyo/status/1570577801790783493?s=20&t=hC8MXOUeW4NkEE5deWIkjw holy loving lol i am lollin irl right now lmao lmao 
|
|
#
?
Sep 16, 2022 04:23
|
|
|
I cannot stop lol and lmao oh my god this is INCREDIBLE https://twitter.com/vxunderground/status/1570597582417821703 e: https://twitter.com/Uber_Comms/status/1570584747071639552
|
|
#
?
Sep 16, 2022 04:27
|
|
|
Woof, that's pretty bad.
|
|
#
?
Sep 16, 2022 04:29
|
|
|
What's going to be worse is when Discord gets popped and someone is able to link Discord MFA phone numbers and Uber account phone numbers. With the home address from Uber.
|
|
#
?
Sep 16, 2022 04:31
|
|
|
MFA people, MFA. sigh
|
|
#
?
Sep 16, 2022 04:59
|
|
|
 lol. lmao.
|
|
#
?
Sep 16, 2022 04:59
|
|
|
Move fast and break things.
|
|
#
?
Sep 16, 2022 05:05
|
|
|
Apparently it wasn't a dick pic. It was goatse. A true hacker of culture imo.
|
|
#
?
Sep 16, 2022 05:08
|
|
|
I hope they delete the entire loving company
|
|
#
?
Sep 16, 2022 05:27
|
|
|
Ynglaur posted:MFA people, MFA. sigh MFA was part of the first hurdle and it wasn't enough. I will bet anything their secrets server wasn't on SSO or MFA because it was "inside the perimeter". It also gives me the vibes nothing inside is monitored as these actors had tons of free time to look around. Is there a single org out there that makes sure that VPN connections are more than username/password and mfa?
|
|
#
?
Sep 16, 2022 05:27
|
|
|
Oh, I also got an interview request from uber to be part of their cloud security team but I refused to do their 2 hour homework assignment before they would interview me.
|
|
#
?
Sep 16, 2022 05:28
|
|
|
CLAM DOWN posted:lol. lmao. This perfectly sums up my reaction. Burn it to the ground. The fallout will likely be impressive.
|
|
#
?
Sep 16, 2022 05:43
|
|
|
Famethrowa posted:I hope they delete the entire loving company It would be a fitting end.
|
|
#
?
Sep 16, 2022 06:31
|
|
|
GreenBuckanneer posted:I am liking learning about some of these things I've never once used in my adult life, like regex. Would have been useful when I was younger for sure. Regex is one of the most important things I ever learned in college Ynglaur posted:MFA people, MFA. sigh Bypassed via API token Cup Runneth Over fucked around with this message at 07:01 on Sep 16, 2022 |
|
#
?
Sep 16, 2022 06:59
|
|
|
I thought the Powershell script had a password, and not a token?
|
|
#
?
Sep 16, 2022 07:26
|
|
|
Couple more Uber tweets, including some financial deets. I wonder if this will prove their story that they couldn't afford to make their drivers actual employees and not contractors  Son of Thunderbeast posted:Uber just got mega hacked
|
|
#
?
Sep 16, 2022 07:39
|
|
|
|
| # ? May 31, 2024 00:29 |
|
|
I know jack poo poo about infosec beyond half-remembered basics but this is funny as hell.
|
|
#
?
Sep 16, 2022 08:53
|
|
