34900+ entries in 0.235s
douchebag: Not to mention,
I'm only making $35k/yr and
I work 60 hours a week
☟︎ douchebag: Well,
I've spoken to management about this and they basically told me that they aren't willing to do anything to actually help the customers and just want to sell our service
mircea_popescu: but
i also do not see anything fundamentally wrong with you holding this view until changed a few hookers.
a111: Logged on 2018-05-22 23:09 douchebag:
I just want to have a job that
I can enjoy doing. The reason
I don't enjoy my current job is because it doesn't require any critical thinking, and in fact is discourages it.
I would have a great time hacking companies and telling them how to fix their security.
douchebag: For fucks sake,
I know a 17 year old who has made $70k this year alone
☟︎ douchebag:
I know loads of people in the InfoSec field, and for the most part they're all well off
mircea_popescu: ed to be angry." "What, he got over it ?" (
http://trilema.com/2016/hail-cesar/#selection-53.0-52.9 ), which "son" then has to come up with inane bullshit like "look at the birds and the bees -- they're not hunters, nor do their sow or reap, their existence is flatly meaningless, so could you live in the perfect womb of jonah's whale whose name is stupidity" or if you prefer the direct quote, "want to live darkly and richly
i phf:
http://btcbase.org/log/2018-05-22#1816718 << hah,
i originally watched it for the same reason, and the only thing
i even remember is burroughs sitting in the chair, and spitting the "narcotics" prediction in his famous squeaky voice
☝︎☟︎ douchebag:
I know,
I stopped counting at 30 when
I was 17
mircea_popescu: asciilifeform,
i see that even here. these people LOVE to work.\
douchebag: Well,
I just don't see why it's a bad thing to want to do something
I enjoy and be good at it.
mircea_popescu: "What would
i do then ?!" fuck me,
i dunno, break down and cry, really ?!
douchebag:
I'd also like to publish writeups about my research and be recognized as someone who actually knows what the hell they're doing.
douchebag:
I just want to have a job that
I can enjoy doing. The reason
I don't enjoy my current job is because it doesn't require any critical thinking, and in fact is discourages it.
I would have a great time hacking companies and telling them how to fix their security.
☟︎ a111: Logged on 2018-05-22 22:32 douchebag:
I want to work a fulfilling job where
I know that
I am actually providing a good service and giving customers a high quality security audit as well as high quality security products
douchebag: asciilifeform: Well, if you're a vulnerability broker you're purchasing and selling exploits that have extremely high potential impact.
I think it's safe to assume there's a high level of risk associated with holding
mircea_popescu: as it happens, mostly as a function of personal bias, ~everyone here with the exception of me assings value to engineering and no value to whoring.
i tend to assign a value of about to cents to either, allowing for roundings.
douchebag: Now with that said,
I think it would be a very interesting career being a vulnerability broker - however there are a lot more risks in terms of nations state attacks for that sort of stuff.
douchebag: asciilifeform: Well
I get what you're saying, breaking a prng is an incredibly effective attack vector. However,
I feel that most companies are more at risk of actually being hacked via less-elegant means
douchebag: mircea_popescu:
I've seen very few cases of a company being pwned by a prng being broken,
I see companies getting pwned via SQLi, RCE, XXE, IDOR all the time
diana_coman: sure;
I'm exposing current image, not giving a rating
douchebag: Well actually,
I've found there are a lot of companies who actually do care about security. Primarily because they run bug bounty programs instead of sueing the fuck about anyone who points out their security flaws.
mircea_popescu: w enforcement is ever more a vacuous activity, consisting of a narrow few items. "found drugs in house / car" "found '''child pornography''' on computer / guy was holding a gun in the bank" etc. all that's still ongoing are tyhe "taskforces", driven by specific special interest groups, the "drugs", the "sex trafficking", the "money laundering" etc. in the 70s large cities stopped prosecuting breaking and entering, much like
i mircea_popescu:
http://btcbase.org/log/2018-05-22#1816908 <<
i'll point something out, in the vein of the previous "tripartite idiocy" discussion : law enforcement consists of very minimal work, and even less useful work these days. you know those century-old complicated "murder investigations", with barry fitzgerald going "tis a heavy case" and so on ? NONE of that still exist ; the line-ups to pick up suspects are mostly gone, etcetera. la
☝︎ douchebag:
I would be doing a more comprehensive audit, as well as telling them exactly what they need to do to actually be secure their company - even though my service would require more work for them it would be a betterend result for them
a111: Logged on 2018-05-22 22:22 douchebag:
I don't program in c or c++,
I don't do binary exploitation,
I don't do reverse engineering
diana_coman: heh, weren't you just "
I wanna pass compliance tests" one sec ago?
douchebag: diana_coman:
I'd imagine that only companies who actually care about their security would purchase my services
diana_coman: asciilifeform, for all the world if the above doesn't scream "boy" at you (instead of dwarf,
I don't know what else can)
douchebag:
I want to work a fulfilling job where
I know that
I am actually providing a good service and giving customers a high quality security audit as well as high quality security products
☟︎ douchebag: asciilifeform: Well, the security firm
I currently work for doesn't allow me to give customers actual advice on security. eg. "Hey maybe running windows server 2003 isn't a good idea for your company"
douchebag: Well
I can, but
I'd like to have a job doing it. Perhaps start a security firm someday
douchebag: diana_coman:
I'd like to offer commercial penetration testing services
douchebag: regardless,
I'd like to learn more about it over time
douchebag:
I think reverse engineering is cool as fuck, however it's not going to be very helpful to achieve my end goal
douchebag: also asciilifeform, for the type of job
I would like to have web application exploitation, network attacks, and social engineering attacks are the main things
I need to focus on
ben_vulpes: yes but the "unsure if
i should do this until people cheered for me" bit was lulzy
douchebag: asciilifeform: When it comes to web application exploitation -
I'm a pro and it's rather profitible
douchebag:
I don't program in c or c++,
I don't do binary exploitation,
I don't do reverse engineering
☟︎ douchebag:
I was just doing what was asked of me
douchebag: asciilifeform: Keep in mind, this is not the type of auditing
I usually do.
douchebag:
I was only asked to find exploits for the dependencies being used
douchebag:
I just added dependcy exploits for m4, mpc, mpfr, musl, ncurses and pkgconf
mircea_popescu: so far that's even the reason empire crossed the threshold into oblivion (
i'm too lazy to dig up ye olde trilema where
i say "state may exist for as long as it so closely mimmicks my will
i can't discern it's there, and not one second past that" ) and now must be destroyed. had it had the sense (rather, the capacity) to maintain both forms,
i'd nwever have even noticed it, and it could have continued to exist therefore.
☟︎ mircea_popescu: anyway,
i suspect we might be the only ones to have ~ever~ produced an item that doesn't specifically benefit from headcount as such.
mircea_popescu:
i suspect you're profiled as "crotchety old man with no social skills" because "technical expertise must have this fatal flaw" as per the cinematic rolodex of fatal flaws.
mircea_popescu: and
i imagine they're in the deepest hole the reich has, not because of "guilt" but because they're radioactive, can train others.
mircea_popescu: sure. yet, for illustration : suppose camelfucker (as esltard imagines it) were sent to bomb vhs-america (as orc imagines it). the result ? after weeks of silence, "hey man, why do you want to harm these ppl, they're cool.
i put in my greencard application and found a local gf, don't call her a whore she just likes to give head in bathrooms, it's all good"
mircea_popescu: transparently, the reason the old man even did the film, and what they tgold him to be in it etc, is because he wanted to put the following phrase out there where
i could reach it : "that in a few years, the right wingers will use the narcotics pretext to create an international police state".
mircea_popescu: and ~this~, this and only this, is why
i said and
i've been saying that only burning the whole thing down is a feasible approach. because of this.
mircea_popescu: if what maduro is running there is socialism
i'm a woman.
mircea_popescu: do you realise ~every single fucktarded sub 25 yo girly on fetlife~ thinks "her relationship is great" and "my guy gives me everything
i want, which you couldn't" ?
mircea_popescu: asciilifeform, if this guy meets your definition of "budget model" then
i am at a loss for words. how would the putative mob set the hiring standards higher ?
mircea_popescu: and the devils, well, they don't fucking know which side their head faces.
i mean, nevermind the "oh, we're the legal system of cluelessness". dja realise
i personally humiliated the european union delegation at bucharest (calling tiself "romanian government" for 0 rerasons) because ~they did not know how many heads of pigs lived on the land at given date~ ?