IT/Software career thread: Invert binary trees for dollars.

Deathwing · Mar 13, 2021

Aldarion said:
How about its not ugly as shit, doesnt force you to write your code in a terrible unreadable format, and for the love of FUCK, doesnt impose meaning on whitespace characters?

I mostly kid my python friends in a good natured way, but seriously, any language that has rules for whitespace characters should be dragged out in the alley and shot.

Odd, unreadable and ugly are common detractors levied at perl. Python is specifically built for readability, so if you're having trouble with that, that's on you or whomever wrote the code you're trying to decipher.

I can understand the whitespace issue, but this usually comes from people that are used to bracketed languages and have trouble adapting. Any halfway decent IDE will mitigate most of the whitespace issues. What editors have you tried with Python? VSCode has been quite good for me.

So, again, where would you use perl instead of Python?

chaos · Mar 13, 2021

Perl is the worst

TJT · Mar 13, 2021

Aldarion said:
How about its not ugly as shit, doesnt force you to write your code in a terrible unreadable format, and for the love of FUCK, doesnt impose meaning on whitespace characters?

I mostly kid my python friends in a good natured way, but seriously, any language that has rules for whitespace characters should be dragged out in the alley and shot.

chaos · Mar 13, 2021

TJT said:
That is my main gripe with them. The part where you have someone managing user accounts/pws? Yes that absolutely needs to be done, although much of it can be automated. But this can be also done by a system admin without even adding extra responsibilities to their role. It doesn't have to be a "cybersecurity" dude. I am fully capable of pressing EXECUTE PEN TEST on whatever dumbass scanning tool you're using. Why do you have a job again?

It is as you say. Most of them ride coattails of people and shit they don't understand. Oh you saw a red alert in splunk? Who set it up? What is it looking for? Rather than investigate or understand this they just raise the alarm that OMG SECURITY VULNERABILITY. Bro, this is why people hate you. The wise cybersecurity professional would be the one spending time creating splunk rules and intelligent alerts looking for meaningful events that should prompt action. But it is the extreme minority that actually does this. As splunk is usually configured by devs who want splunk to tell them about shit they care about. Which is usually related to their current projects and workload rather than from the perspective of "is this secure?" Somehow this gets adopted by cybersecurity without even changing it and just rolling with it. Probably because they read some article about splunk being "great for cybersecurity."

I think the problem is competing priorities. Especially with custom applications, but with infra as well. You can do it and are likely more skilled than the analysts telling you what nessus says, but your priority will revolve around ops rather than security and you will be focused on the next project rather than picking apart your own infra for holes.

Idk, I had a different experience since I went from being a sysadmin to doing VM and then pentests etc. I'm not a big fan of the career path where people jump straight into security without having an IT background of some kind because without knowing how shit is actually done you can't assess it worth a shit. In most cases, I have worked with people who can without the background but they are unicorns.

Deathwing · Mar 13, 2021

TJT said:
View attachment 341615

Why do you need that?

Ao- · Mar 13, 2021

Mist said:
Hey, I like event management/incident response/monitoring tools+alert configuration/problem management.

What is this alert? Oh it's garbage. Oh this alert garbage happened 6 times this month? I only want you to tell me if this garbage happens 3 times in a day, or 5 times in a week, otherwise toss it in the trash.

It's like playing a super grindy video game.

You don't really get to see the interesting parts of incident response if you're just doing it for your own mid-size internal company, but when you're doing it for hundreds of companies at once with thousands of sites it gets a lot more interesting.

You should be a detection engineer or SIEM engineer and double your salary.

chaos said:
I think the problem is competing priorities. Especially with custom applications, but with infra as well. You can do it and are likely more skilled than the analysts telling you what nessus says, but your priority will revolve around ops rather than security and you will be focused on the next project rather than picking apart your own infra for holes.

Idk, I had a different experience since I went from being a sysadmin to doing VM and then pentests etc. I'm not a big fan of the career path where people jump straight into security without having an IT background of some kind because without knowing how shit is actually done you can't assess it worth a shit. In most cases, I have worked with people who can without the background but they are unicorns.

If you came into security without a tech background, you should be doing governance or compliance/assurance.
I went sysadmin -> desktop support -> unix engineer -> SOC analyst -> IR Analyst -> Security Service Lead -> SOC Program Owner -> VM Manager

The sysadmin/engineer part (and the desktop support part) were critical in forming an understanding of 'how the fuck does shit work'. I also own the code scanning, so I emphathize with the dude that

TJT talked about, but his role is to say "Oh, yeah, those are compensating controls, nice. We'll flag that so it doesn't come up again. Can you point me to the SaaS/IaaS best practices you are using so we can bring them in?".

Mist · Mar 13, 2021

Ao- said:
You should be a detection engineer or SIEM engineer and double your salary.

Probably? Most of my security experience happens to be on the border of security and telecom, but given the amount of SIP hacking going on the past year with everyone's remote worker setups being complete security garbage, there's more and more overlap every day. Plus most people's voice infrastructure is just a bunch of unpatched linux servers, and I've done more than my fair share of security audits and SRM implementations of customer systems to get them patched up to compliance, so there's overall a lot of overlap with security in telecom.

But ultimately, alert management is alert management. Whether it's a security alert or a network alert or a telco circuit down, it's an alert and ultimately an incident that needs responding to.

I should probably go work for Solarwinds or another company in that space and work on getting actual security certs.

taebin · Mar 14, 2021

Get certified in NSX-T, everything VCF, RP4VM, PCF, Azure.

Security sucks.

Mist · Mar 15, 2021

taebin said:
Get certified in NSX-T, everything VCF, RP4VM, PCF, Azure.

Security sucks.

Security sucks, but I really do like pro-active monitoring and event management/incident response stuff in general, whether it's server/application performance metrics, storage metrics, circuit outages, or security stuff, along with automating various types of network inventorying and auditing.

The amount of problems you can predict and prevent with good monitoring is amazing. I just feel like people in IT generally don't like preventing problems, they like waiting for problems to happen so they can look like geniuses when they fix them.

Tmac · Mar 15, 2021

Mist said:
I just feel like people in IT generally don't like preventing problems, they like waiting for problems to happen bc they're lazy.

FTFY

Neranja · Mar 15, 2021

Mist said:
I just feel like ~~people~~ managers in IT generally don't like preventing problems, because that would generate work hours and therefore costs, which have to be accounted somewhere, where you have the general problem that you can't prove a negative, in this case that you prevented a bad thing that never happened. They like waiting for problems to happen so they can ~~look like geniuses when they fix them~~ bill the client for the incident/hours and mostly don't do anything, because never touch a running system, as most managers on the client side need someone to blame and go: "you last touched it, so you probably broke it and therefore it's your fault and now your problem".

FTFY

Tmac · Mar 15, 2021

I'm getting more and more experience with corporate IT types and I've yet to meet one that impresses me.

TJT · Mar 16, 2021

I really like my current manager. He is extremely hands off and understands that the problems I am solving are why he hired me. He doesn't necessarily have the time or incentive to understand why or how. He was never a developer. He started out as a network guy building out internal systems. So he lets me do whatever. Like I've mentioned before I've saved the company a lot of money and created a bunch of stuff that has been very efficient for them.

What he does, as most managers should be doing, is projecting and planning future tasks and projects as cleanly as possible. So that you don't spend tons of time unraveling confusing ass requests because the stakeholders couldn't be bothered with explaining themselves clearly. Just hammer them on the finer details on what they are asking for. How is this supposed to work, etc etc. This is hard because business seems to absolutely hate doing this. But they have no problem complaining later if what you made for them didn't do what they didn't actually ask you to do. Often even when YOU say "have you thought about wanting X, Y, or Z?" They outright tell you no.... lol.

alavaz · Mar 20, 2021

Tauntworth said:
Going through the final loop interview w/ Amazon here in a few days (video engineering). Anybody here had the pleasure (or pain) of working for Amazon on the tech side? Any advice on the loop interview? There is a fuckton of documentation on this, which I can find on my own, but was more looking for anybody's anecdotal thoughts and or advice on the process.

How'd your interview go? I'm also doing the loop here in 2-3 weeks - virtual of course.

As much bad as I've heard about working for Amazon, The people I've spoken too seem down to earth and the work sounds honestly pretty great.

Ironically, their leadership principals don't scream bullshit to me like the principals of most tech companies. I do however see how people could use them as excuses to be raging dicks.

Aldarion · Mar 21, 2021

Deathwing said:
Odd, unreadable and ugly are common detractors levied at perl. Python is specifically built for readability, so if you're having trouble with that, that's on you or whomever wrote the code you're trying to decipher.

I can understand the whitespace issue, but this usually comes from people that are used to bracketed languages and have trouble adapting. Any halfway decent IDE will mitigate most of the whitespace issues. What editors have you tried with Python? VSCode has been quite good for me.

So, again, where would you use perl instead of Python?

Anywhere I was tempted to use one of them?

the thing about Perl is, you can make it look however you want. My perl code is a work of art, lovely to look upon.

All python looks the same, because it has to. And it all looks like ass.

The only editor is nano. I've heard rumors others exist, but why?

Deathwing · Mar 21, 2021

Aldarion said:
Anywhere I was tempted to use one of them?

the thing about Perl is, you can make it look however you want. My perl code is a work of art, lovely to look upon.

All python looks the same, because it has to. And it all looks like ass.

The only editor is nano. I've heard rumors others exist, but why?

What is it with you and some topics? Any time someone mentions python you run in and thumb your nose like a kid forced to eat vegetables. You're like this with 2FA and now it looks like editors too.

Do you have any objective reasons to use perl? You can say readability is objective but you've only provided subjective opinions. On a broader scale, I'm pretty sure perl will lose on readability.

Aychamo BanBan · Mar 21, 2021

Edward Snowden question: why didn’t he get to somewhere without extradition before publishing his big thing that got him in trouble?

wormie · Mar 21, 2021

Deathwing said:
What is it with you and some topics? Any time someone mentions python you run in and thumb your nose like a kid forced to eat vegetables. You're like this with 2FA and now it looks like editors too.

Do you have any objective reasons to use perl? You can say readability is objective but you've only provided subjective opinions. On a broader scale, I'm pretty sure perl will lose on readability.

He is just trolling. If not then he is uber butt hurt that his field moved away from perl and its just him and one other boomer left using it.

TJT · Mar 21, 2021

Using nano to write code is so... Boomer. Like those guys at GM who were absolute aces using VIM. It's cool and all but the advantages of intellisense and similar code writing tools just makes the idea of writing raw code on a simple text editor like nano fucking retarded.

Sublime text and atom I understand as they are intentionally designed to have coding plugins so you can code without dealing with a heavier IDE.

Pythonista faggots writing code in the trickiest way possible that you can only do in python is still really annoying though.

wormie · Mar 21, 2021

TJT said:
Faggots writing code in the trickiest way possible that you can only do in python is still really annoying though.

I feel personally attacked

Search

IT/Software career thread: Invert binary trees for dollars.

Deathwing

chaos

Buzzfeed Editor

TJT

Mr. Poopybutthole

chaos

Buzzfeed Editor

Deathwing

Ao-

¯\_(ツ)_/¯

Mist

REEEEeyore

taebin

Same trailer, different park

Mist

REEEEeyore

Tmac

Adventurer

Neranja

Tmac

Adventurer

TJT

Mr. Poopybutthole

alavaz

Trakanon Raider

Aldarion

Egg Nazi

Deathwing

Aychamo BanBan

Asshat wormie

2023 Asshat Award Winner

TJT

Mr. Poopybutthole

Asshat wormie

2023 Asshat Award Winner