• MajorHavoc
    link
    fedilink
    arrow-up
    5
    ·
    edit-2
    4 months ago

    They have a good point though. Pen testing is a vanishingly small corner of our field, and I haven’t seen anyone with a past conviction get hired for those roles, in a long time. (Edit: Of course, I work with privacy respecting folks, so there could be, and their conviction just isn’t famous.)

    I’ve seen too many hacker kids think their hacker reputation is going to get them out of trouble, and it didn’t.

    • prole@beehaw.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      4 months ago

      I’ll defer to you on this as I’m by no means an expert. I suppose I thought there was more demand for young people who have that specific skillset than there actually is.

      • MajorHavoc
        link
        fedilink
        arrow-up
        3
        ·
        4 months ago

        Yeah. The demand for red team skills is complicated.

        There’s plenty of work to do. But there’s a lot of anxiety, and in some cases laws, that make hiring managers cautious.

        When a team member is going to sometimes physically break into a data center, things are much simpler if they have an unimpeachable reputation.

        And that, itself, is unfair, since everyone’s definition of “unimpeachable reputation” is going to be a bit different. I’m inclined to factor in motives, but not everyone can.

        So it’s not the end of the world for a young hacker with a conviction, but they definitely have a more difficult time.