Brutkey

da_667
@da_667@infosec.exchange

@Viss@mastodon.social So I do wanna address this, because yes, you're absolutely right. The first three candidates, me another one of my co-workers, whom I respect very much both began comparing their answers to chatgpt and copilot AI output.

We both noticed that , aside from changing a few things around, and changing the order or some output, it was very close to the AI's output. And for the first two rounds of resumes (that is, three resumes were considered a single round), we flat-out rejected candidates who we knew from analysis were just using AI.

da_667
@da_667@infosec.exchange

@Viss@mastodon.social But then the hiring process was dragging on and the choice was "Warm body in the intern's seat, or nobody at all." and we choose to settle with someone being in the chair.

da_667
@da_667@infosec.exchange

@Viss@mastodon.social in retrospect, if I had any notion that he was padding his resume so heavily, I would've settled for nothing, and yet, here we are.

John Timaeus
@johntimaeus@infosec.exchange

@da_667@infosec.exchange @Viss@mastodon.social

Trying not to sound like the grumpy curmudgeon that I am, but the best informed, most trainable segment is 40-something.

I just had a class of 20-30ish year olds that knocked it out of the park. But they were heavily pre-selected for smart and experienced. They were the exception.

It seems most under 35ish can't find a file without search, or read and parse an error message. And 45+ can't learn unless they're already well into the discipline.

Viss
@Viss@mastodon.social

@johntimaeus@infosec.exchange @da_667@infosec.exchange i have literally said for like fifteen years that security is not a starter career. and its nice that folks are finally realizing that to be effective in security you have to take existing knowledge of stuff and "then abuse what you already know"