sylver_dragon

No, it'll just get disabled. Security baselines are a common feature of enterprise IT, this will just be another requirement.

It's not a crazy as you think.

I just kinda "fell" into IT. In terms of college, I hold an Associates Degree in Math/Science from a community college; so, slightly more than nothing, but only just. I was very lucky in that my father spent an insane amount of money in the early 80's to buy a computer and then turned me loose on it. I was doing simple programming in GW-Basic by the time I was a teenager and got pretty good at making boot disks to play games. I just became that kid who "knew computers". After leaving college, a friend of mine convinced me to put a resume in at the company he worked for. They needed a computer tech and I fit the bill. From there it was a long sequence of job hops every 3-5 years until I ended up as a sysadmin dealing with mostly Windows systems, Active Directory, Exchange and SQL. Plus, anything else which just needed someone to "figure it out". That eventually landed me at a gig working as a sysadmin at a US FedGov site (which is why I got my CISSP). There I often worked closely with the cybersecurity team, as they would need stuff done on the domain, and I would get it done. When they had an opening on their team, they did everything short of drag me into the office to apply for that spot. I worked in cybersecurity for that site until a bit after the COVID pandemic when I got a message on LinkedIn about a "FULLY REMOTE" (yes, the message put that all in caps) position. I was curious and applied. I now work from home, reading other peoples' email and trying to keep the network secure for a Fortune 500 company.

The best advice I can offer is: keep learning and never be afraid to just try.
A lot of my career is based around "oh shit, it's broke. Here sylver_dragon, you figure it out." I loved logic puzzles as a kid and now I basically do them for a living. I would also recommend nurturing professional relationships and don't burn bridges you don't need to. That friend, who got me my first IT job was also pivotal, about a decade later, in getting me to apply to a different company he worked for at the time. When I put my resume in, it passed through the hands of several different people, people whom I had worked with at that first job. Between my performance and them knowing what type of person I was, everyone one of them said, "yup, hire this guy". Having good working relationships now can pay a lot of dividends in the future.

Congratulations, you have now arrived at the Trough of Disillusionment:

It remains to be seen if we can ever climb the Slope of Enlightenment and arrive at reasonable expectations and uses for LLMs. I personally believe it's possible, but we need to get vendors and managers to stop trying to sprinkle "AI" in everything like some goddamn Good Idea Fairy. LLMs are good for providing answers to well defined problems which can be answered with existing documentation. When the problem is poorly defined and/or the answer isn't as well documented or has a lot of nuance, they then do a spectacular job of generating bullshit.

I currently work in cybersecurity in a Senior Incident Response role. Fair warning, my opinion is biased by my own route into cybersecurity and the fact that I deal with incidents and not managing people. Though, I do get involved in interviewing and hiring. I'd say you have a good start at it. While I am sure I will be accused of gatekeeping, I much prefer working with analysts who have spent time in help desk and even as a sysadmin/netadmin. It helps if you have a good understanding of how systems and networks work. I don't expect new analysts to just jump into Wireshark and start reading through packets with me (I'm a weirdo who really enjoys that), but I will assume that I can talk, at a high level, about TCP/UDP, LDAP, SMB/CIFS, RDP or SSH and they won't be completely lost. Though, no one is expected to know everything and we all have our weak spots; so, don't be intimidated if any of that acronym soup isn't instantly familiar. Everyone is Googling stuff constantly. You'll memorize some of it due to repetition, but never be afraid to ask questions.

The last time my company was hiring for the SOC, the number one thing I was looking for in interviews was some evidence of an inquisitive mind. Someone geeking out over their home lab, TryHackMe or stuff like that was a sure-fire way to get my vote. I tend to be ambivalent about certs. I had some Windows 2000 certs (technically, those don't expire, but ya...), a Sec+ (it's expired) and an active CISSP (mile wide, inch deep, only useful for impressing hiring managers). I took a week long, in person training for the CEH but never took the test due to the COVID pandemic. Also, if the course (an official EC-Council course) was anything to judge by, that cert is just high-grade bullshit. I also have dealt with far too many "paper tigers" in my career to fall over swooning when someone has a bunch of alphabet soup behind their name. So, while I would recommend getting some certs, hiring managers love them, don't get too caught up on them. You'll learn far more just breaking stuff and troubleshooting it. The Net+/Sec+ duo is usually a good start.

On coding skills, I do recommend getting some ability to read/write code. The language isn't super important. Python is a good one to have some literacy in, it gets used everywhere. But, unless you are going to push heavily into security development, you don't need to be at the same level as a developer. If you can pop open exploits in exploit-db.com and make sense of what they are doing, and be sure the code isn't going to root your test box, that's usually enough.

Let me also recommend that you work to keep your communications/writing skills sharp. A lot of what one does in cybersecurity revolves around getting other people to do stuff. You will be regularly writing reports and needing to convince people to do stuff and/or explaining why you just kicked their system off the network. It really sucks to read incident reports from someone whose grasp of the language is lacking. Get in the habit of documenting what you do, taking screenshots, and writing in clear, concise language. You don't need to be Shakespeare, but at least get your spelling right (spell check exists, use it), and get the basics of grammar down. If you hand me a resume with there/their/they're mixed up, you're going to walk into an interview with negative marks already against you.

On the upshot, now is a fantastic time to be getting into cybersecurity. Organizations are desperate to hire trained people and some will be willing to roll the dice on a less experienced analysts who shows potential. Feel free to ask questions, I enjoy what I do most days and am happy to talk about it.

Ya, the "hey, pay a bunch of real money to unlock this quest" is a shitty way to monetize expansions. If they want to have a paid DLC, just have a paid DLC. Also, this shit:

It's instead being sold via the Creation Club storefront that's also been added to the game as part of this update, for a price of 700 credits.
For a bit of context, purchasing a pack of 1000 Creation Club credits - which is what you'd need to be able to buy this quest...

The execs of any company which has made up "coins" which cannot be bought in exact amount to cover exact items should be dragged out into the street, and have molten gold poured down their throats.

They just want to Reach Out, Hug and Smother. What's so horrible about that?

Well, unlike the vast majority of pundits and other forecasts FiveThirtyEight had Trump at about a 28.6% chance to win, and was catching all kinds of shit over it. While you would still expect a 70-30 favorite to win a majority of the time, sometimes the dice do come up craps. So ya, while I wouldn't take his word as gospel, he did predict Trump to flame out in the 2016 GOP Primary after all, he's also pretty good at evaluating polling data and is probably worth taking seriously.

And let's be honest here, the fact that Biden is somewhere between tied and a slight underdog to Trump is bad, really fucking bad. If Biden had been willing to swallow his ego a year and a half ago, and bow out of the race, we might have had a much better candidate at this point. With his numbers slipping and his approval rating being so low, it's hard to believe we would have had worse. Of course, were he taken out behind the shed now, that could result in a lot of chaos, which could be worse for any resultant candidate. So, it may now be that Democrats are committed to Biden and just have to hope things improve for him. But, with the DNC convention yet to be held and the Democratic Candidate yet to be officially named, it may still be worth considering the metaphorical Old Yeller option.

I have to believe the actual poll and report aren't as glaringly stupid as that headline. If you ask nearly anyone, "do you want peace?" They are going to respond with "yes." The devil is always in the details though. Ask them, "should the war in Ukraine be ended by the Ukrainian Government capitulating to all Russian demands to secure an immediate peace?" And, you might find a lot of folks are suddenly less peaceful. This reminds me of the old saw:
There's lies, damned lines and then there is statistics.

With a crafted question and a bit of p-hacking you can get a lot of results you want out of people.

I don't know about "perfect" but I've found a career (cybersecurity) that I can take some satisfaction from. Would I keep doing it, if I won the lottery tomorrow? Fuck no. I'd be out the door and sitting on a beach somewhere doing fuck all. But, I'm pretty good at it, don't mind doing the work 8 hours a day, and it pays well enough that I can occasionally go sit on a beach somewhere doing fuck all.

My experience has been pretty similar. With Windows turning the invasive crap up to 11, I decided to try and jump to Linux. The catch has always been gaming. But, I have a Steam Deck and so have seen first hand how well Proton has been bridging that gap and finally decided to dip my toes back in. I installed Arch on a USB 3 thumbdrive and have been running my primary system that way for about a month now. Most everything has worked well. Though, with the selection of Arch, I accepted some level of slamming my head against a wall to get things how I want them. That's more on me than Linux. Games have been running well (except for the input bug in Enshrouded with recent major update, that's fixed now). I've had no issues with software, I was already using mostly FOSS anyway. It's really been a lot of "it just works" all around.

This comic brought to you by the current situation in Haiti.