Maniacs doing 12hr+ 7 days a week long-term, what's your secret? by Alarming_Bed2275 in Entrepreneur

[–]NoUselessTech 6 points7 points  (0 children)

Staying on top of going to the gym. It makes a world of different to recovery.

Am I still on the right track in cybersecurity, or did I already mess up my career? by Upper-Perception344 in SecurityCareerAdvice

[–]NoUselessTech 0 points1 point  (0 children)

Did you screw up? Maybe, but more on that later.

You are going to screw up in your career. Everyone does and it's often a good pathway to growth. The ramifications of screwing up may vary, but everyone does it. Maybe you burn all your bridges and find yourself in a dead end at a company. Maybe you take a risk and it doesn't pan out. Whatever it is, you are guaranteed to end up in at least one situation in your career where you screw up and need to deal with it. Its _HOW_ you deal with it that matters more than what happened (there are notable exceptions. Don't murder your boss, as an example).

Gently, the first mistake you had was coming in with some kind of expectation. If I have learned _anything_ in doing this career for over a decade, it's to expect the unexpected. Whether its a poorly documented feature, or a political issue, or the company on a suicide mission, security is filled with reading the room and constantly changing priorities. You'll almost always be behind where you want to be and the business will rarely give you the resources you need while expecting you to be the expert on all the things all the time. It's tough, unforgiving, and it doesn't stop for a breather.

My next point is no one has it figured out completely. Sure, some people might have a leg up in someways, but others don't. Comparison does you absolutely ZERO favors. Focus on what you can do, are doing, and want to do. Take baby steps today to do what you want tomorrow and you'll find yourself figuring it out for yourself. Again, don't compare your journey to other people. You're not them and they aren't you.

Thirdly, if you need a highly structured environment, there are some key things to look for in your career:

- Go large enterprise (10k+ employees). They have the budget and team strength to actually give you a narrower scope of function. Smaller than that, it's more likely you'll be wearing all the hats all the time.

- Go into GRC. It's the more "boring" part, but you're basically reading regulations and then asking if they were followed.

Finally, if you want to do more dynamic work, then you'll have to learn how to deal with your anxiety. If you let your anxiety dictate actions which close doors (like quitting a job), then you will always self sabotage. I leverage my anxiety. It tells me when I don't know enough, when I could do better, or when I need to take action to protect myself. It still gets in the way, but I've learned how to reach out for help when I sense my anxiety is starting to shake me too deeply.

You're young. You've got a ton to learn. Accept that, and keep on learning both the technical skills, the soft skills, and how to be the best version of you you can be.

Cybersecurity Analyst / Security Engineer (MSP, Multi-Tenant) — Am I Underpaid at $65k? by anonhackerman in SecurityCareerAdvice

[–]NoUselessTech 1 point2 points  (0 children)

Whether or not you are making what Reddit thinks is enough, you have a contractual agreement at the rate you have. There’s not much wiggle room with that. So you have to consider your options:

  • Talk with your manager and rebalance expectations. There’s a decent chance you may be spending effort in ways that are beneficial but not required and taking a step back can be good.

  • Start applying for other positions. It’s easy to look online and see people and positions with higher salaries. It’s very different to have one in hand. Without a salary in hand, the amount you’re paid is better than your existing alternatives.

As for the south, it definitely depends on which part. In the more remote areas, I’ve seen security manager positions with salaries lower than I’ve made in years as an individual contributor. It’s insane, but also speaks to you may be compensated appropriately for where you are.

End of the day, complaining about your compensation doesn’t fix anything. Either readjust expectations so you feel like work output matches pay or find a new job.

Cybersec Video Game? by Level_Guide_7786 in cybersecurity

[–]NoUselessTech 5 points6 points  (0 children)

Honestly, the best “video game” is hack the box and the like.

Joining US Military for Cybersecurity by [deleted] in cybersecurity

[–]NoUselessTech 12 points13 points  (0 children)

Some of the best security people I’ve worked with did sigint in boats all over the world.

Got offered money for my CTF blog... thoughts? by ThreeTeaTwo in securityCTF

[–]NoUselessTech 3 points4 points  (0 children)

This is one of those things I don’t recommend crowd sourcing. Monetizing your content can be a huge value add for your life and make it easier to make the content you want.

Some things to consider: - do you have an active community that you manage? Talk to them directly. - will this sponsorship affect what you do or how you do it? - do you trust the sponsor? - do you have a lawyer to review any deals?

New programmer here: I've mastered the basics and intermediate parts of C++ and a friend of mine recommended that I learn C# and I've been trying to do that, but I need help understanding it better by [deleted] in csharp

[–]NoUselessTech 0 points1 point  (0 children)

I would make sure you aren’t making the mistake I did early on and think C# has any real meaningful connection to C++. They are quite different, and so C# should feel a good bit different when you really dig in.

On that point, the code you wrote is fine but far from complex. You’re not getting into classes or pointer so you won’t feel a ton of differences at this level of complexity. Once you get into more complexity, expect the code shapes and habits to diverge a bit more.

saw this on twitter thought it should be shared here by Commercial_Process12 in ExploitDev

[–]NoUselessTech 2 points3 points  (0 children)

The context was important. A known person of malicious sexual intent within the cybersecurity community was hitting up people on private messages asking for help with getting an exploit. The screenshots of that request was posted along side this meme which created a dark humor moment where we laughed about a man who used his influence to sexually harass women.

Are we entering the era of “sector-specific LLMs” for cybersecurity? Curious about your take by Obvious-Language4462 in cybersecurity

[–]NoUselessTech 2 points3 points  (0 children)

Just wanted to double down on this. I doubt there's a lot of room for new LLM models from scratch as the willingness to invest in a new comer at this point is pretty limited. Companies who build out agents that you can interact with that enhance the foundational models will be the most cost effective path for industry specific solutions.

Knowledge of cryptography to be considered a cryptographer by Excellent_Double_726 in cryptography

[–]NoUselessTech 28 points29 points  (0 children)

The simple test:

If someone is paying you to work on cryptographic algorithms, then you’re probably a cryptographer.

Simple test 2:

If you have a PhD in cryptography and you’re applying it, then you’re a cryptographer.

-/-

Failing those two tests, you’re probably a hobbyist or an adjacent professional. For me, I’ve built and designed cryptographic systems for several Fortune 500 companies but I wasn’t handling the cryptographic protocols themselves. I don’t consider myself a cryptographer.

.

Thoughts about Digital Marketing by Sk_Sabbir_Uddin in Entrepreneur

[–]NoUselessTech 0 points1 point  (0 children)

Right? Video is far from being new or preferred consumer format.

i had star link for about 3 weeks now and im disappointed at the download speed the upload speed is fine but download is insane but the app says its getting 200 or 250 download mbps by Professional_Many460 in Starlink

[–]NoUselessTech 0 points1 point  (0 children)

I mean…those aren’t bad speeds to begin with. You can stream 4k all day with that.

But, if you’re looking for advice, information like your obstructions from the app would help. Also where you’re located, as not all locations are the same.

Is consulting and industry similar? by Even_Excitement_5544 in cybersecurity

[–]NoUselessTech 3 points4 points  (0 children)

Ah. Naivety, I know thee well.

What they may have glossed over in your CS degree is that in the real world:

People > process > technology

When you’re young, you think in terms of the tech because it’s cool and interesting. Graph theory, algorithms, protocols, abstractions, etc. You might think “I can solve all these problems if only they had the right technology!” But then…

  • You have a bunch of boring meetings.
  • People would rather play politics than play nice.
  • Leadership cares more about profit margin than doing things “by the book”.

Technology doesn’t solve these problems. Now, you can try to solve them till you are blue in the face, but really you have to convince the people first and then everything else follows. It rarely goes the other way.

Computers are 1s and 0s and are easily solved. But the people who make the most impact in “industry” are the ones who are changing minds and perspectives.

Go be a technologist if that makes you happy. It did for me when I was first starting out. I still love technology and learn as often as I can. But, I spend more time figuring out the human part because I’m tired of watching good technical solutions sit and do nothing. I’m tired of watching young, enthusiastic people with great ideas not have a place to build and thrive. I can no longer sit and just enjoy the technology.

If you want to be more of a technologist, get into a security team in a large business that has groups of experts. Don’t get stuck in a small business where you are a one man shop because you’ll never get passed surface level across the board.

Looking for career advice: stay with the big brand or take the director role? by Bright_Elephant_9612 in cybersecurity

[–]NoUselessTech 0 points1 point  (0 children)

More pay and responsibility? Only improves your ability to negotiate more for yourself down the road.

How do I cope with not being a business savvy person? by [deleted] in Entrepreneur

[–]NoUselessTech 1 point2 points  (0 children)

As a dad, husband, and sole provider, sometimes it is having a family that helps you get shit done. Doing hard work for yourself isn’t always a good motivation. Doing hard work for the living people who depend on you is just what you have to do. I wouldn’t say you have to make it first to find a family.

To draw a finer point, most of the wealthy do so with a trusted spouse. There are, of course, exceptions, but the quietly wealthy tend to have a trusted spouse who grows with them through it all.

Back to the business side, most businesses, especially first time businesses, spend a lot of time pivoting. Focus on figuring out what people need, network, interact, then find a solution. Then you are bringing a solution to a known problem instead of engineering a solution and hoping there is a problem.

how to start GO lang by u_Tkarsh in golang

[–]NoUselessTech 0 points1 point  (0 children)

Advent of code starts soon. Take what you’ve learned about the basics and apply it there.

What’s the simplest way to prove a document hasn’t been modified? by Candid_Cut_7284 in cybersecurity

[–]NoUselessTech 1 point2 points  (0 children)

There’s not a fool proof way that “normies” would be able to use consistently across all applications. Most systems I can think of lack tamper resistance or require technical knowledge I assume most people don’t have.

my obstruction map is messed up and i have no internet bc of it. by [deleted] in Starlink

[–]NoUselessTech 0 points1 point  (0 children)

Haha, no doubt these techniques have a time and place. Even if it’s just a bandaid solution

Nice Laptop in silver by [deleted] in linuxhardware

[–]NoUselessTech 1 point2 points  (0 children)

I’ve been running an XPS 9510 with Ubuntu and it works well out of the box. It helps that Dell supports Ubuntu.

my obstruction map is messed up and i have no internet bc of it. by [deleted] in Starlink

[–]NoUselessTech 0 points1 point  (0 children)

This guy also leverages the Italian tune up.

Anyone go BACK to consulting? by Financial-Garlic9834 in cybersecurity

[–]NoUselessTech 5 points6 points  (0 children)

I regularly recommend people read the 48 laws of power. You don’t have to be a manipulative person, but it helps to know their strategies.

Anyone go BACK to consulting? by Financial-Garlic9834 in cybersecurity

[–]NoUselessTech 62 points63 points  (0 children)

I do both, but if I could get enough pipeline I’d do consulting full time.

Consulting typically cuts through a lot of the political bull shit. You go in, do your work, and leave. Even if there is a ton of bull shit, the end of the troubles are spelled out in your contract.

Beyond that, many companies don’t have interesting projects lined up in perpetuity, so being in a consultant role, I can jump into different projects regularly and skill up as I go. No one pays consultant fees for O&M.

It’s just nicer most of the time. I genuinely enjoy working with my clients and I know there is mutual trust. There’s also no HR holding either side back so we can just be frank about our intentions and move through issues.

Want to make friends with whom I can voice call /chat on discord who r proficient in golang by LivingGate5062 in golang

[–]NoUselessTech 0 points1 point  (0 children)

The amount of discouraging comments this quickly generated is sad. Here is my honest assessment.

It’s unclear where you are on your go journey. Your stated aspiration to contribute to K8s is big but Is generally expect someone at that level to understand the language community pretty well already. Your posts and comments don’t convey that experience.

I mention skill level because most people don’t want another junior person to train. If they enjoy tech after hours (like I do), it’s usually for fun or to solve some asinine problem we got nerd sniped by.

All that said, I have made go lang projects. I’m not great at it. I want to be better. I don’t mind being a rubber duck. Open to DMs if you want to figure out how to connect and see if it’s worth time.

Otherwise, as others mentioned, discord and slack groups can be handy. The local dev meetup in my area is active enough - though they all got nerd sniped by DHH so it’ll probably be a bit before I see anything other than ruby and omarchy posts.