@scottalanmiller said in Are Security Careers Real?:

@IRJ said in Are Security Careers Real?:

@scottalanmiller said in Are Security Careers Real?:

@IRJ said in Are Security Careers Real?:

@scottalanmiller I think you assume that most IT professionals are doing everything they can to be secure.

No, I don't. I just assume that that is the place to fix the problem. Likewise, you are assuming most people in security roles are secure, but they are not either. Often they are worse than the non-security IT people. I've had security consultants cause some pretty major security holes for customers that IT would never have done. The problem with people being insecure extends to the security people, sadly. So the issue with "people are insecure" is universal. So fixing the problem instead of bandaiding it is a better approach.

That logic is sound, but is generally not practical. From my experience with penetration testing is that there is always at least one glaring weakness that hasn't been identified by the IT department. Many times it is much more than one glaring weakness.

Out of all the IT professionals here, who has actually built their current network from the ground up? not many. Most have inherited something else.

I don't rule out pen testing. The question would more be "who should run it?"

The question these days isn't really who should run it... There are a number of tools that can be automated to send reports (Alienvault,OpenVAS, Nessus)...

The question is really who should be reviewing the reports...

I would argue that it should be reviewed by the entire IT team. So they can talk about the issues that are found.

You have sent that thing in enough times. Demand that they replace it.

If they won't do it, reach out to the HP guys over on SW (or here if there are any around).

All in the name of preventing people from loading an OS on their computer that they actually WANT to use, lol... Even if they don't want the computers form this manufacturer, ha ha.

@Minion-Queen said:

Kinda like MS Clutter. Where you get an email telling you about the clutter emails every day

Unless you dislike Clutter cluttering up your inbox with useless clutter...

@Minion-Queen said in This Is Who Is Teaching College:

Most Christian schools are all about the not teaching anything that could be related to the real world.

So much this!

I include home schoolers in that as well. So many folks I know that were home schooled (or are being homeschooled) have such a limited world view (limited to what their parents are teaching them within incredibly strict religious boundaries). This does nothing to prepare the kids for real life -- even less so than modern public schools.

Edit: That's not to say that all home schooling is bad, but if you're going to home school a child, teach them about the real world, and history, and math, and science, and not just "God Says..."

If you use Greenshot... You can let it upload the image to Imgur and copy the URL that it gives you... then you can do something like this:

-- to get the image in there...

![Title](image url)

And it will display the image.

@mlnews said in Wine 2.0 Released:

http://www.zdnet.com/article/windows-on-linux-moves-forward-with-new-wine-2-0-release/

Time to see if any new games work or not!

I recommend trying that command that Scott posted a bit ago.
I just checked form my laptop, and it actually works...

cat /sys/firmware/acpi/tables/MSDM and you sohuld be able to identify your key in there...
(Pro Tip: Its the last bit of the blurb, lol)

I've probably had my application thrown in the trash several times, because I'm not going to tell you what I'm making. If you like my resume, bring me in for an interview. If you like me, then we can talk how much you are going to pay me.

But I'm not going to tell you how much I'm making at my current job.

@WingCreative Charge them in cookies.

*looks at @gjacobse

@travisdh1 said in Installing Amazon Alexa on Raspberry Pi 3:

@DustinB3403 said in Installing Amazon Alexa on Raspberry Pi 3:

So this isn't something @travisdh1 would want to build and leave around?

Maybe in someone else's house. I haven't jumped on the automated assistant thing yet, I'm still quite leery of having something like that in the house.... yes, I know I carry one around in my pocket with the phone. Doesn't mean I use it.

Also doesn't mean you want yet another one reporting everything you say to the NSA.

*puts on sunglasses and retreats to a safe distance.

After such a long winded incident, I would suspect that this warrants a note to somebody above this employee's pay grade.

In another week or two: WD acquires Toshiba...

Okay... now...

select userid,name from users;

@wirestyle22 said in How Do Such Big Gaps Get Missed in IT Education:

A lot of the certs are not vendor neutral as well. If I got my CCNA I wouldn't have used it until now for instance and we're replacing our cisco switches in a month or two anyway.

While you are right about that, I think that the technical certs that are more than just "entry level" type certifications will teach you concepts that directly translate to other vendors.

I actually did get my CCNA... and used it to work on a grand total of two Cisco switches that were retired about 6 months after I started that job, lol. But the concepts have enabled me to do a lot more than just cisco gear.

When going from one vendor to the next, it is just a matter of matching up terminology and looking up the commands for what you want to do.

Edit: I must emphasize that it is important to know and understand the concepts well!

@MattSpeller Better pour it out and make you a fresh, hot cup, lol.

@Reid-Cooper said in Samsung Calls Vulnerability a Feature:

You need a faraday cage for these things!

Or just don't connect them to the internet, at least. My current TV has never been online, lol.

Edit: This probably means that it has hacked my WiFi and is online without telling me by now.

It looks like the data has loaded right... let's check one more...

select imageid,imagetype,name from images limit 10;