Why is everyone in this field so inept?

Why is everyone in this field so inept?

CRIME Shirt $21.68

The Kind of Tired That Sleep Won’t Fix Shirt $21.68

CRIME Shirt $21.68

  1. 1 month ago
    Anonymous

    It’s because they don’t want to learn about hacking. Most of them are glorified auditors that work with a checklist, no imagination, pen pushers. I love the field but we need less people like that and more people who want to know how things work, break them and make it better

    • 1 month ago
      Anonymous

      >Why is everyone in this field so inept?
      Because they're hired by whatever certifications they get as opposed to actual skill.

      moronic take. Documentation, compliance, and administrative paperwork is a huge part of cyber security, especially because the biggest problem tends to be LaShawnda from records clicking a fricking phishing link because she thought she was gonna get makeup coupons.

    • 1 month ago
      Anonymous

      >I love the field
      lmao, literally the equivalent of a security guard on the internet, only equipped enough to stop script kiddies (kid in a hoodie), but totally powerless against anything organised (guys tunnelling under the bank)

      • 1 month ago
        Anonymous

        But being a security guard is a good job, you literally get paid to do nothing. You are actually not supposed to do anything about criminals, just hide and call the police.

      • 1 month ago
        Anonymous

        I’m going to graduate with an associates in cybersecurity and hope that I can cruise through life just checking logs, installing updates, and closing/blocking suspicious ports/IPs. I’m also depressed and not really looking forward to anything aside from the inevitable AI, cyberpunk takeover.

    • 1 month ago
      Anonymous

      >Most of them are glorified auditors that work with a checklist, no imagination, pen pushers.
      As usual, first post best post /thread.

  2. 1 month ago
    Anonymous

    They needed a field that sounded high prestige where they could dump all the browns who couldn't understand webdev.

  3. 1 month ago
    Anonymous

    Remove the word "cyber" and you're still correct.

  4. 1 month ago
    Anonymous

    because glowies hire anyone good to be red team

    • 1 month ago
      Anonymous

      no they dont t. glowie

  5. 1 month ago
    Anonymous

    Everyone with zero skill can do it.

  6. 1 month ago
    Anonymous

    Because you homosexuals certified black hats out of the industry, and no one in their right mind is going to give me a job if I walk into the interview with the interviewers dox (inclusive of bank details), how I accomplished the task, and what I would do to rectify the issue to ensure it can’t happen again.

    I mean, it’s proof of work, but you’d all rather have some moronic indian c**t with a thousand random certs, and quite frankly, that’s fine with me. I love watching businesses crumble & burn because they hire based on accreditation & not ability lmao. You get what you deserve.

    • 1 month ago
      Anonymous

      This.

      All you're left with are jeets and Mr Robot basedboys who depend on tools they don't understand the workings of.

      • 1 month ago
        Anonymous

        i’m starting to lean into the opinion that this was all by design in order to undermine the infrastructure of the west as well as disenfranchise/demoralise anyone (mainly white men) who have even an inkling of understanding & experience.

        >Why is everyone in this field so inept?
        govs and companies are desperate to get people to secure their systems by following checklists

        checklists are not enough, the job is high stakes, high stress, gruelling and boring
        people who understand computer systems would rather be building something new and cool
        which leaves only non tech morons to enter the field

        The job is high-stress because as you start to learn more & more about network architecture, you quickly realise that all governments are paper tigers living in sandcastles, with their infrastructure being built atop an ever rising water table.

        But you’re right in that, yeah, we would rather be building something new and/or cool. I worked with a dude who was probably one of the most intuitive & clever black hats i’ve ever had the pleasure of meeting. Do you know what he does for work now? He’s a plumber. Said that not even all the money in the world could provide him with the means to deal with corporate checklists and KPIs demanded by people (women) who don’t (can’t) understand the scope of work. Now I don’t know what he does, but it’s sad to see such a waste of talent & potential because government/big business would rather shoot themselves in the foot than give people a fair go, but I digress.

        It’s all fun, games, and “sorry anon your skin is much too fair” until one of the many corporate data leaks contains the personal information of C-Suite execs & their kids. Then it’s all hands on deck, let’s hire the best and ONLY the best, etc.. Frick cybersecurity, there’s more money to be made brokering personal data, consequently cleaning the funds via exchange markets (same way gov does it), if money is your motivator. Otherwise, do what my old friend did and let it all burn.

        • 1 month ago
          Anonymous

          >you quickly realise that all governments are paper tigers living in sandcastles, with their infrastructure being built atop an ever rising water table.
          just a few defcon talks will make you realise you should be a prepper

          >until one of the many corporate data leaks contains the personal information of C-Suite execs & their kids. Then it’s all hands on deck
          this, unfortunately
          they never listen to tech people until something happens, and by then it's too late

          it's no use protecting sandcastles on the beach

        • 1 month ago
          Anonymous

          >i’m starting to lean into the opinion that this was all by design in order to undermine the infrastructure of the west as well as disenfranchise/demoralise anyone (mainly white men) who have even an inkling of understanding & experience.
          yeah, I think its going to take a very painful economic downturn for companies to become meritocratic again, just purely out of necessity
          but even then, they will never be meritocratic as long as civil rights laws still exist and H1B visas flood in
          We need regime change

          • 1 month ago
            Anonymous

            >I think its going to take a very painful economic downturn for companies to become meritocratic again, just purely out of necessity
            I agree, but by then it will be way too late to salvage anything, and we’ll all be left holding the proverbial bag that is the end of homogeneous white (polite) society. But i disagree with you on that you think people will learn their lesson: they won’t. People never learn, hence why we’re staring down the barrel of globalised communism & impending bantu bolshevism.

            Are you one of the glowies ITT? I want to hear it from the horses mouth regarding the stigma behind employment & mental health, as well as your thoughts/opinions (or whatever your KB articles allow you to share) on how to affect a beneficial regime change that doesn’t involve plugging in PLCs/PLBs to hijack a BMS and slowly asphyxiate the occupants. Bet you they don’t teach that in the Security+ exam lmao

        • 1 month ago
          Anonymous

          >Do you know what he does for work now? He’s a plumber.
          And I became a NEET. Miss me with that wagie shit.

          >you quickly realise that all governments are paper tigers living in sandcastles, with their infrastructure being built atop an ever rising water table.
          just a few defcon talks will make you realise you should be a prepper

          >until one of the many corporate data leaks contains the personal information of C-Suite execs & their kids. Then it’s all hands on deck
          this, unfortunately
          they never listen to tech people until something happens, and by then it's too late

          it's no use protecting sandcastles on the beach

          >defcon
          Part of the problem nowadays. It became Black Hat for blue hairs.

          What are some good resources to learn more about cyber security that is meme level certifications? I'm sure getting some would be helpful, but to learn more what are some good resources?

          If you need to ask because you can't determine this on your own, get a job at McDonalds. Your mindset is exactly the problem this thread is about.

  7. 1 month ago
    Anonymous

    Because netwerk engineers are to fricking autistic for it. Like with coodemonkeys you need someone translating their nonsense to a organisation. So basically they are glorified translators who also have the authority to set policies.

  8. 1 month ago
    Anonymous

    because companies don't want someone who tells them how they need to invest into stabilizing their brittle systems and processes, they just want compliance managers that will allow them to keep using windows and outlook and active directory because microsoft managed to convince everyone that's just how computers work

    • 1 month ago
      Anonymous

      >because companies don't want someone who tells them how they need to invest into stabilizing their brittle systems and processes
      Not quite right. Companies like to bring in consultants for this exact shit as opposed to listening to their own professionals who often give the same or better advice.

      • 1 month ago
        Anonymous

        you don’t have to pay consultants industry rates, nor do you have to pay for their benefits; you get all the goodies that come with an underpaid & over-qualified new hire, but with none of the job security or overheads/paperwork.

        • 1 month ago
          Anonymous

          I'm just saying they hire consultants as a humiliation ritual. Pray it never happens to you

          • 1 month ago
            Anonymous

            It happened once, and I learned my lesson very quickly. Frick corporate boomers and HR Karens.

            dude cybersecurity is fricking easy, all of the tools are already made and require zero thought to use but theyre so poorly documented and advertised that it seems insurmountable. People use this to jerk themselves off and treat the field like it means literally anything at all, but it's filled with fat midwit redditors. Almost all common AV and detection is literally fricking grep dude. You can bypass AMSI by randomly capitalizing letters in the one-liner you use to turn it off. Defender is almost completely beaten by beating grep. EDR? Beat the grep, unhook sysmon, use some other guy's tool to kill the service. Anyone doing actually cool shit is making cheats for games unironically.

            >Anyone doing actually cool shit is making cheats for games unironically.
            No one will hire someone who admits to breaching EULAs and SLAs for personal profit & gain lol. But yes, you’re right: cheats for video games are fricking rad and from what i’ve heard (eat my ass

            no they dont t. glowie

            ) the pay is quite decent for what it is. Like a mini micro service/mini SaaS that leaves you liable to be sued lmao

          • 1 month ago
            Anonymous

            i am both the second and third person you quoted. i dont want to be a glowie anymore, but I am obligated to be

          • 1 month ago
            Anonymous

            >i dont want to be a glowie anymore, but I am obligated to be
            I’m not even allowed to be a glowie, but I understand, anon; a man’s gotta do what a man’s gotta do.

  9. 1 month ago
    Anonymous

    >real hackers who have experience already have alternate sources of income
    >These people do not want to disclose their identity, normally.
    >Corporates would not risk their cyber assets to these people anyway.
    >people who would hire cybersec normally do not have the experience and knowledge to see who's actually talented
    >the best option you are left with is rando kids with fresh certificates
    >They gain experience by being attacked, and they normally deal with poojeet trojan email scam and random ddos attack, and that is good enough for day to day corporate usage.
    They are more like cyber janitors instead of security. Mall guards, if you insist on calling them sec.
    The real competent ones are either hidden or in the government.

    • 1 month ago
      Anonymous

      >The real competent ones are either hidden or in the government.
      Half right: the genuinely competent hackerman guys are either being watched by their government from a distance, or are being watched by the government by means of working for them. Then again, would you believe anything you read on the internet in 2024AD?

  10. 1 month ago
    Anonymous

    dude cybersecurity is fricking easy, all of the tools are already made and require zero thought to use but theyre so poorly documented and advertised that it seems insurmountable. People use this to jerk themselves off and treat the field like it means literally anything at all, but it's filled with fat midwit redditors. Almost all common AV and detection is literally fricking grep dude. You can bypass AMSI by randomly capitalizing letters in the one-liner you use to turn it off. Defender is almost completely beaten by beating grep. EDR? Beat the grep, unhook sysmon, use some other guy's tool to kill the service. Anyone doing actually cool shit is making cheats for games unironically.

  11. 1 month ago
    Anonymous

    Because it's full of morons who just get a bunch of certs and have no hands on experience so they frick shit up soon as they get hired

  12. 1 month ago
    Anonymous

    >Why is everyone in this field so inept?
    govs and companies are desperate to get people to secure their systems by following checklists

    checklists are not enough, the job is high stakes, high stress, gruelling and boring
    people who understand computer systems would rather be building something new and cool
    which leaves only non tech morons to enter the field

  13. 1 month ago
    Anonymous

    >always enjoyed reading and learning about exploits and whatnot
    >maybe I should pursue a career in cyber security
    >decent job market
    >check out certs etc
    >doesn't seem that hard
    >check what the actual jobs are
    >it's mostly just running automated scripts and sending their pdf output
    miss me with that gay shit

    • 1 month ago
      Anonymous

      >miss me with that easy job
      >miss me with an easy $100k
      Wankers like you would rather "work hard" for peanuts instead

  14. 1 month ago
    Anonymous

    What are some good resources to learn more about cyber security that is meme level certifications? I'm sure getting some would be helpful, but to learn more what are some good resources?

  15. 1 month ago
    Anonymous

    Time to post this shit again.
    http://phrack.org/issues/68/7.html

  16. 1 month ago
    Anonymous

    alright il get myself into this hacking business, I want the easiest, most based and time efficient way of learning to hack by writing code, I won't read ANY of your book or doc recs, I will wait a bit for your reply anon, but be quick about it.

  17. 1 month ago
    Anonymous

    Because it's full of morons who Google "cert with best salary" and the top results say CS with 100k

  18. 1 month ago
    Anonymous

    >Why is everyone in this field so inept?
    They learn from the "good guys" and not their actual enemies. The "good guys" follow processes, procedures, rules and laws. The bad guys are exempt from all of those things.

  19. 1 month ago
    Anonymous

    >it's another episode of IQfy coders lack knowledge of why risk management roles are important for information security

    • 1 month ago
      Anonymous

      >it's another episode of glorified bean counters larping about their checklists of applying two dozen layers of snake oil and then still getting all data exfiled because the s3 bucket was publicly listed

  20. 1 month ago
    Anonymous

    Well, for a large city in Texas, the city "promoted" the incompetent people from the network team into the newly created security team to "limit their blast radius".
    > security team didn't think the election subnet needed to be fronted by a firewall
    > "we have antivirus"
    > I asked them about "on your Oracle cluster that runs your elections?"
    > silence

    • 1 month ago
      Anonymous

      I've noticed something similar with networking guys jumping to security and then not having a lick of common sense when it comes to policy and best practice. I think part of it is people hiring internally and those individuals not coming from a security background to begin with. our previous security director for some fricking reason thought it was fine for us to not even have a DMZ, and we found out he was letting people save service account passwords in the description field in active directory

    • 1 month ago
      Anonymous

      >we have antivirus
      Cool so they have added another point of failure / entry because their checklist told them so.

      • 1 month ago
        Anonymous

        >Cool so they have added another point of failure
        No. Actually they admitted "can't put AV on Oracle" so in their checklist they noted the discrepancy and moved on.
        We looked at that Oracle cluster and it was getting hammered by access attempts from all over the city and all over the world.
        > "hmm, we will take that under advisement and bring it up with our consultant next time we meet"
        Any competent human would jump to "deny from all, allow from a select few".

  21. 1 month ago
    Anonymous

    part of hatred for security is the fact that they have to tard wrangle other teams for doing moronic shit. cops of IT

    • 1 month ago
      Anonymous

      More like other teams have to tard wrangle the CS guy after he fricks up the infrastructure

  22. 1 month ago
    Anonymous

    It seems to me that everyone touts security guys as being hyper competent hackerman geniuses who can disable industrial systems or break into top secret databases and shit, but everyone who actually works in the field just does paperwork or spends their days on splunk.
    Then you've got a minority of hyper autists who are really into reverse engineering and malware, but that's about it.

    I don't understand the discrepancy. How is the cyber field as a whole filled with glorified IT helpdesk workers? Who is working on the insane shit like quantumsquirrel and whatnot? Are we just made to believe "hackers can break into anything" when really nobody can break into anything and it's just the NSA installing backdoors into every device?

    • 1 month ago
      Anonymous

      Because that's what the world is. A world filled with incompetent people who don't give a frick.
      What you just described is the norm in every single field in existence. You can just see the divide here because of the perception of the public on the profession, that's all.

      • 1 month ago
        Anonymous

        Not really, some fields are filled with competent people. Taking extreme examples, actual AI (not data monkey bullshit), or quantitative finance, have no morons in them. Embedded work also has a lot of very competent guys.
        Cyber is, for some reason, full of morons while the actual stakes are extremely high. I'm just wondering if anyone currently alive has the skillset to actually do the hackerman shit we all hear about or if it's all spooks diverting motherboard supply lines and that's it

        • 1 month ago
          Anonymous

          You're comparing extremely specific fields with a very vast one. A more apt comparison would be with exploit development or red teaming. That's what you're thinking about when you talk about "hackerman stuff". The rest is important, but very boring. Incident Response is also filled with extremely talented people, just another line of work though.
          All in all, remember that while the lines of work don't require talent, they are still required. The world would go to shit without your local shop selling you some shit. Keep this in mind.

          • 1 month ago
            Anonymous

            >red teaming
            Yeah, but this seems like a ghost job to me. In that red team is all anyone ever hears about concerning cyber, but nobody seems to actually be doing it. Where are these people?

          • 1 month ago
            Anonymous

            It's not. But it's also less sexy than you think it is.
            Truth is, a red team is either external and it's a lot of no fun allowed moments and mostly conducting social engineering on people, or internal teams and that one is just a fricking snore.
            The gist of it is that it's not nearly as sexy as you think.
            The real sexy work is the work that would seem boring to most people. Exploit development, research and all that jazz. That shit is DULL to most people, but this is the real deal. The real talent lies there, and yet it's the least celebrated.
            I can convince you by making you look at pentesting job burnout rates. It's not red teaming, but it's got the same sexiness. Yet here we are.

  23. 1 month ago
    Anonymous

    The people who come up with clever ways to hide/obfuscate/transport data aren't allowed to work in IT departments. Everyone allowed in follows industry practices which were studied and worked around by cybercriminals years ago.

  24. 1 month ago
    Anonymous

    Because the process to get in as a law abiding citizen is worse than being a code monkey. Anyone with the right set of skills gets in via an inside friend or just goes black hat.

    • 1 month ago
      Anonymous

      >just goes black hat.
      There are no black hats
      Just spooks

  25. 1 month ago
    Anonymous

    The worst part is you can be a victim of identity theft while practicing the strictest type of infosec, come up with ways to hide your data, and have the data be useless if someone got it, from your personal machines/networks, but the company that handles your insurance/medical/banking/government related functions is full of people who will expose your SSN/finances and never be held seriously liable for any kind of breach.

  26. 1 month ago
    Anonymous

    cope sòylennial

  27. 1 month ago
    Anonymous

Your email address will not be published. Required fields are marked *