• 0 Posts
  • 14 Comments
Joined 1 year ago
cake
Cake day: July 2nd, 2023

help-circle




  • I'm not happy that anyone is dying. In fact, I've got quite a large problem with that.

    That's why I'm all for Russia getting out of Ukraine and ending this war. If Russians are on Ukrainian land with weapons trying to kill Ukrainians... Well, there's no other option.

    I find it funny how you're talking about "Western imperialism" while regurgitating the lies of a country that's literally invading another. I find the brain gymnastics of the people here morbidly fascinating.





  • Linux with Microsoft is more of a pain than a benefit. What are you hoping to get out of it over simply using a VM?

    I had Linux (Fedora) for some time but found it unreliable and unprofessional in meetings with customers (or even just colleagues) when Teams started fucking around or my headphones had issues. Since I switched back to Windows and found it easier to just use a Kali VM with a mounted folder for all the projects and a clean but completely set up snapshot. You can do every type of engagement like that (though if you do iOS pentesting you'll need to live boot some Linux or have a Mac to jailbreak) without the added headache of compatibility.

    Assuming of course any password cracking etc. is done on a dedicated server.





  • This AI stuff is annoying me. I don't work in development - I'm a pentester and recently had to work on some scripts with a colleague.

    He is a few years my senior and basically completely relies on ChatGPT for simple string matching and splitting in bash. I could not believe my eyes. He got ChatGPT to spit out a command that didn't work exactly as we needed it to because it was looking for the wrong string. It was a really simple fix but he again had to ask ChatGPT for how to fix it, until I was like "let me do it".

    It's not that he's dumb or anything, but I feel like he just grew completely lazy from that and doesn't even want to think anymore. Later on he was troubleshooting the same script for a few hours until he noticed that ChatGPT output messed up the order of lines and tried to access a variable that was only declared in the next line.

    I think ChatGPT and whatever else are really useful tools, but people tend to use them as shortcuts to learning instead of getting things done quicker. That is in everyone's own responsibility - I just have the hunch that my job will get way more interesting with a new generation of incompetent developers 😁




  • If you add any specific measure I could comment on that, but generally I think that user experience must be taken into account up to a point. You won't disable 2FA so they don't have to get their phone, but you implement it with SSO so logging in once is sufficient.

    Power users such as admins on the other hand should be able to understand and use higher security measures such as 2FA for every administrative login.