Bad Reputation vs Bad Assumptions
I was wandering through my blog list today and, by way of the ever enjoyable Observations of a Digitally Enlightened Mind, came across an interesting but, in my opinion, totally unfounded and flawed article related to security.
The article in question is one where PopSci published a list of the 10 Worst Jobs in Science. Many of them are truly awful and I wouldn't wish on my worst enemy. Mind numbingly, stomach turningly bad. It was #6, nearly half way down a terrifying list, that the job in question was described.
Now I've been a Microsoft hater in my day, no question. As a security type person they've been quite the headache at various times, and as an Apple fan I don't really find it an enjoyable system to use. That being said if Microsoft were to track me down and ask if I was interested in a job working with their security teams I'd jump at it.
Now the article is very correct about one aspect of it. Microsoft does wear a big "Hack Me" sign. It'd be nonstop pandemonium. Attacks at every angle, computer criminals gunning for you every day. If it's not the operating system it's the office suite, if it's not the office suite, it's the browser. There are few pieces of code attacked as aggressively as Microsoft's, it comes with the territory when you dominate the market place in so many genres the way they do. Microsoft should wear that "Hack Me" sign proudly, maybe with a big gold chain (that they can afford) and some bling letters.
So yes, under attack constantly. While I can't speak for anyone else that's exactly why I'd want to work for them, and I think that's perfectly natural. Surgeons may not like people being sick or hurt, but they sure enjoy cutting them open, or so I'm told (by my uncle who is one). It's the same with information security. A week (like the past couple) with few large threats gets dull quickly. Now the week when the ANI attacks came out, that was fun. Would working for Microsoft be easy? Not in the least but rarely do people learn when they're "safe". They don't grow without challenges.
If I wanted easy I'd go be a security guy for a small mom and pop somewhere, nice and safe, with a small number of supported apps, a smaller number of machines, and five users I could personally beat for being stupid. The Microsoft's, Amazon's, Mozilla's, government groups and financials are in the thick of it, defending dozens of complex pieces of software, hundreds of thousands of machines, and billions of dollars. The Internet is a very dangerous place for groups like those and I believe that's the most attractive reason to work for them.
1 comments:
"Microsoft does wear a big 'Hack Me' sign."
This is true. But after watching the past two Apple commercials (that weren't about the iPhone), I would say that Apple also has a "Hack Me". A sign with blinking lights and so large that it has it's own gravitational pull.
Post a Comment