this post was submitted on 28 Aug 2024
240 points (98.8% liked)

Cybersecurity

5650 readers
63 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago
MODERATORS
 
top 19 comments
sorted by: hot top controversial new old
[–] Peruvian_Skies@sh.itjust.works 33 points 2 months ago (1 children)

How many people are smart enough to open an issue on GitHub but stupid enough to run code from a password-protected file in a random Mediafire link?

[–] UnrepentantAlgebra@lemmy.world 24 points 2 months ago (2 children)

GitHub is many things nowadays. Some people use it sort of like a blog where they can easily post long pages of text, sometimes it's the first thing that shows up in the search results when you search for a computer/phone problem.

I'm gonna sound old here but the younger generations are in general less computer literate than they were back in my day, and a lot of people have no qualms about downloading and running random exe's from discord or mediafire.

[–] sugar_in_your_tea@sh.itjust.works 12 points 2 months ago (2 children)

Yeah, in my office, nobody had heard of dvorak (my keyboard layout), and they think I'm crazy for using vim. They don't seem to understand how git actually works, and when I describe how compilers work, they think I'm speaking a foreign language. And these are people with years of SW development experience and CS degrees, a couple of them have masters.

I'm older than many of them, but I'm not that old (millenial), yet I'm positive I knew all of this stuff back when I was at their point, as did most of my coworkers. Not sure if it's a "kids these days" thing, or if I was just in a hacker-minded group earlier in my career, but I'm quite disappointed in the depth of technical knowledge SW devs have these days. Oh, and I hired most of them, and they were the better ones of the bunch I was presented with.

To be fair, we're a Python + JavaScript shop, but I still expect devs to be curious about how things work under the hood.

[–] Hupf@feddit.org 5 points 2 months ago (1 children)

Yeah, I guess so. I even gave a training to our team a year or so back.

[–] UnrepentantAlgebra@lemmy.world -2 points 2 months ago (1 children)

Ok you might be a little crazy for using vim in 2024 :D but it depends on the context. Editing a quick config file from command line? Sure. Working on a big project? No way, give me an IDE with real navigation and auto complete functionality.

I think part of the reason is just that the barrier to entry for software development continues to drop with IDEs, dependency/package managers, etc. It's really easy to get a working knowledge of your tools without knowing how they really work under the hood, which is good and bad.

[–] sugar_in_your_tea@sh.itjust.works 7 points 2 months ago* (last edited 2 months ago)

Vim can have "real navigation," I have a plugin installed that lets me jump to method/class/variable definitions, and it works really well. The interaction is certainly different (IMO better, I just hit "gd" and I'm there), but I'm able to get the features my coworkers like from whatever IDE they have with a few minutes of installing a plugin and editing some configs.

I've tried IDEs and editors, and honestly, I'm much more productive with my vim setup. Most of my time is spent reading and navigating code, and that's really nice w/ Vim. To each their own, but everyone should master the tools they use, and I find myself having to help other devs with their own configs (e.g. the Python plugin by default in VSCode ignores most type errors, and we use optional types everywhere and they're wrong more often than not...).

So yeah, I'm pretty sad that many new devs these days don't really understand their tools, and sometimes don't even understand the platform they're using because their IDE handwaves it away. I suppose that's good for me as a senior engineer because I can provide value fixing the random issues the other devs can't, but it does make me sad that maybe, just maybe, AI will have a chance at eliminating so many jobs because the average dev doesn't dig much deeper than the average AI does. I'm not too worried about my job, but I am worried that I'm going to have to fire people because a machine is better at their job than them...

[–] JulesTheModest@sh.itjust.works 1 points 2 months ago (1 children)

Yes, I think you are right. I think it's an attention span issue.

[–] Ashen44@lemmy.ca 3 points 2 months ago* (last edited 2 months ago) (1 children)

The reaaon tech literacy has dropped so much is actually because we've gotten too good at UX. You don't need to know nearly as much to do most things with computers now, so most people don't bother learning about how to properly use a computer anymore. Setting up an email address or a router or a website has gotten significantly less complicated so the average person can do it without needing to learn any new skills. Hell, phones are so streamlined that most people probably don't even realize their phone has a file browser.

[–] exu@feditown.com 2 points 2 months ago* (last edited 2 months ago)

I'd argue we haven't gotten good with UX, we've gotten fancy with it. No way in hell many of the current popular stuff is good UX. But shiny sells

Edit: spelling because typing on phones is shit

[–] Ghoelian@lemmy.dbzer0.com 30 points 2 months ago

Ahh, was wondering what was up with those comments on an issue I made.

Pretty much immediately got 2 comments with shady mediafire links in them.

[–] tyler@programming.dev 15 points 2 months ago (1 children)

I recently saw an entire org set up with individual repos that were clearly meant to be found in search results for stuff like “comparison tool” (I don’t remember my exact search). It would then lead to a repo that just had a license and readme. The readme would be a full readme that explained the software but linked elsewhere to get it. The link was clearly a malware or phishing attempt.

[–] furikuri@programming.dev 8 points 2 months ago

Lmao. They couldn't even copy code from a random MIT licensed project? Sometimes I think these scammers aren't even trying

[–] webhat@infosec.exchange 7 points 2 months ago (1 children)
[–] True@lemy.lol 14 points 2 months ago (1 children)

I have that in my post😅

[–] Gladaed@feddit.org 4 points 2 months ago (1 children)
[–] odium@programming.dev 4 points 2 months ago (2 children)
[–] Gladaed@feddit.org 3 points 2 months ago* (last edited 2 months ago)

Ohhh, it's a link with a set text. Didn't see that or it was edited in. So very tiny

[–] Telorand@reddthat.com 2 points 2 months ago

I can copy in Boost.