I dread every time I google something and the results is on a domain like cryptodavid.net (cool domain btw, feel free to buy it). They all have shitty enormous headers that make it impossible to read, ads everywhere (and they're custom so you have to hide them manually), nag me to subscribe to their fucking newsletter and keep showing popups for CHEAP ETHICAL HACKER TRAININGS.
When did those websites become even worse than SEO ones?
Name:
Anonymous2018-05-21 3:44
Infosec people are the worst. But there are many different types of infosec people.
Firstly, there are the luddites who hate any new features in software because ``muh potential attack vectors.'' They want us all to use minimal software on desktops in enforced bunkers guarded by armed security guards. They don't get that their security guidelines aren't usable. We'll never progress with IoT and cloud security when many infosec people are anti-cloud and anti-IoT.
Then you get the morons who barely know how to run Nessus and Metasploit and think they're hot shit. Or you get the people who specialize in a specific area of security while completely ignoring everything else. Wow, you popped calc.exe on a very specific version of Windows 7 with very specific updates installed. Congratulations, that'll get you far in life.
Then there are the FUD people who find fucking hard-to-exploit security issues that have like 10 different prerequisite conditions, and then they write articles about how THE SKY IS FALLING AND EVERYTHING IS GETTING HACKED OH MY GOD but actually it's pretty much impossible to make use of the shitty vulnerability they found but they're hyping it up to get social media attention.
Then you get the egotistical retards who want everyone to listen to them, and they continually tweet bullshit like ``I told you so'' on twitter after a breach, as if they're fucking nostradamus or some shit, even though they're saying the same shit everybody else says and has been saying for years, yet they think they're special somehow.
And don't even get me started on the people who guilt-trip companies into hiring them based on their gender or race. If your claim to fame is ``I'm a woman of color in tech'' and you don't have a portfolio to show for it, fuck off. Stop watering down security with this shit.
Moving on, a lot of people who do pen tests or security consulting have shit personalities and shit social skills. They think they're god and people should do everything they say. They think non-security people are drooling retards and that the only important thing in life is to get domain admin. They often give shit security advice because they don't get that red teaming is way easier than defense, and that they're not the same at all. Wow, you can pop a shell. Congratulations! Not that hard, actually.
Then there are the corporate shills who sell shitty security appliances that don't actually make you more secure, but it helps you check the boxes for compliance. These people string together buzzwords that sound vaguely security-related, but it won't actually fix your security issues.
Then you get the people who find worthless XSS vulnerabilities and then act like douches about it rather than dealing with people responsibly and maturely. ``IF YOU DON'T PAY ME $10K FOR THIS WORTHLESS BUG RIGHT NOW, I'M GONNA TWEET ABOUT YOU SOOOO HARD, AND PUBLICLY DISCLOSE THE VULN AND EGG PEOPLE ON IN HOPES THAT SOMEONE MISUSES IT BUT PLEASE DON'T HOLD ME ACCOUNTABLE''
There are also the phishing guys who talk about phishing as if it's the same as more technical hacking. Wow, you convinced someone to click on an email attachment.It was actually a RAT. Great job, you're a 1337 hacker now! Tell me more about your overpriced consulting services that don't do jack shit for securing anything.
There are also lots of people who understand security well, but aren't good at explaining things. Poorly-written documentation, confusing Defcon presentations, etc. Don't blame other people when you yourself suck at getting the message across.
Then there are the ``infosec rockstar'' losers who are super insecure. The ``I'm not like those OTHER nerds'' people who try wayyyyy too hard to seem cool. Vaping, mohawks, saying edgy shit for shock value, t-shirts with lame jokes on them, dressing like they're 20 years younger than they actually are, piercings, drugs, etc. Because apparently being an IT or CS professional is too boring. Grow up.
Fuck off morons, SQL injection and OWASP shit and Tor and Kali does not make you a super genius. It makes you someone with a computer and like 10 hours to spare, this shit is easy af but it's not impressive.