context: i teach at a local college in IT. some of my classes are part of the cybersec curriculum.
as far as i have been able track (linkedin, email, etc.) roughly 3/4 of the previous graduating cybersec class has been unable to get a job in cybersec. probably 1/2 of those are struggling to find even basic sysadmin or password-resetter positions.
this is significantly different than when the program started (around 2015 or so), where roughly 4/5 of the graduating class had jobs (specifically in cybersec) lined up at the time of graduation.
cybersec is a bit of an outlier, but i see a similar trend with the networking program and game design program as well (the only other 2 i have first-hand knowledge of)
its rough out there! (i am recommending to my kids that they avoid post-secondary)
Game design also seems like it'd be an outlier fwiw, since it's a niche that people desperately want to get into if they've participated in contemporary entertainment culture in the last 2 decades, and that schools are happy to take their money for, but realistically the competition's always seemed high. Networking is a pretty boring unglamorous pursuit though that's very behind the scenes as well as being difficult and niche.
This surprises and worries me, because it seems more important than ever to take cyber security seriously. Although bots are more sophisticated and capable than ever, people seem to feel much the same as they did ten years ago. It's as though security is eternally reactive.
None of the top cyber security talent I've worked with went to school for it, and I have been underwhelmed by what I see coming from college programs. These kinds of credentials themselves are not a signal of quality to me.
Goodwill with hiring managers is good. But in a down economy it'd be helpful to boost your reputation more broadly.
If I were running your college's program, I would invest in a presence at Defcon. If just one your students could use their skills to uncover and present something genuinely interesting, it would be worth covering their airfare and accommodations just to get your logo on the screen. If you could do this every other year, your program would have an unparalleled brand.
>Goodwill with hiring managers is good. But in a down economy it'd be helpful to boost your reputation more broadly.
part of our success over the years has been due to our reputation building, presence at local/state/national conventions, etc. that is exactly why the sudden downturn in hiring has been eye-opening.
> i am recommending to my kids that they avoid post-secondary
Certainly I'd avoid an expensive standard university to start unless they have an obvious path. I'd recommend the local community college for 2 years to get an Associate's Degree of some form though with an eye on heading to a university for the last bits.
> I am recommending to my kids that they avoid post-secondary
I think that's a mistake, unless you mean "and go into debt for college". Working with many people over the years the educated (in STEM) are noticably better quality than high school or bootcamp folks on average. Work ethic or amount of code written is not an issue, just the general thinking through of problems.
well, yes. i am not rich. they would need to take loans. and from what i am seeing, they would likely end up working in the exact same position as the 19 year old who decided to go directly into the workforce.
i will, of course, support them no matter what they decide. but when we discuss options, i emphasize skilled trades, or working for a few years before committing themselves to tens of thousands of dollars of debt to very possibly end up in a position that doesnt require the schooling.
For what is worth. I am planning to save about 60k for each and encourage them to go to the State university that is 20minutes from home. Hopefully they can go to college and stay debt free. But it will be really up to them.
I don't mean to argue but living at home and community college + state school is a viable option. I was not wealthy but able to not borrow for school this way. Good luck
i am just not recommending it as a first choice to my kids. i remember how it was presented to me: "go to post-secondary or be stuck burger-flipping forever."
this is also just one random teacher's opinion, where 99.9% of the context (e.g. academic history of my kids, aptitude, my experiences as a teacher, my location, etc.) are missing. so, mountain of salt and all that. my recommendation is specifically a recommendation for my kids.
> some of my classes are part of the cybersec curriculum
> as far as i have been able track (linkedin, email, etc.) roughly 3/4 of the previous graduating cybersec class has been unable to get a job in cybersec. probably 1/2 of those are struggling to find even basic sysadmin or password-resetter positions.
What is the curriculum that is being taught in your program?
If it's "how to be a Splunk or Crowdstrike" admin or "how to be an L1 SOC" I don't think that is a hireable skill at this point.
What is the curriculum though - you don't need to send me the name of the institution but I've been a hiring manager in the space and a PM for some of the larger companies and I haven't been impressed by "Cybersecurity" bootcamps or degree holders unless they also had a tangible track record (eg. HackerOne).
I feel a lot of hiring reflects that as well now - if I want a SWE to build a runtime agent I'm better off hiring a new grad from UC Berkeley who took CS162 and CS161 versus someone who took a summary course but doesn't understand how ld_preload works. Similarly, if I was doing AppSec for WebApps/OWASP I'd rather hire someone with an actual bounty track record on HackerOne instead of a bootcamp grad and potentially even a degree holder.
My best hiring pipeline have either been Vets who were in a Cyber MOS with a couple years of hands-on experience and then did a WGU type program (the WGU program was just a checkbox for HR) or successful bounty hunters with a strong track record on HackerOne or Cobalt.
i have no arguments with anything you have said here. but none of it really explains how we went from most kids being hired directly into the industry a few years ago to only a few of them now. our curriculum has not changed enough in the last few years for the curriculum to be the culprit.
we understand the importance of meeting the employers where they are at, so once a year we meet with ~15 industry partners (people in your position) and ask them directly questions like: "of your recent hires, what are they missing?", "what specific skills do you think needs more focus?", etc. that informs any changes we make for the following year. we have dropped entire courses and spun up new ones solely from industry input.
we also understand the importance of hands-on experience. it is probably the most common feedback we get from people in your position. we have a giant lab so kids get experience wiring up and configuring real physical appliances instead of doing it all in packet tracer or whatever. we have a bug bounty club, we attend and host hackathons, etc. courses are split roughly 50/50 between theory classes and practical classes. practical courses are mostly focused on "fix this shitty/vulnerable implementation of X" or "here is an existing environment, propose and then implement something that addresses X problem in the least-disruptive way" rather than "here is a fresh start, implement X in this perfect environment".
i dont want to give too much detail (e.g. course names and progression), as i would probably end up doxxing myself. but as someone who started off in the industry and then moved to a teaching position later in life, i am 100% with you. people who have real experience (e.g. a vet with cyber experience) are almost always going to be a better hire than a fresh graduate (i think this is true in any industry, and has always been true -- so it doesnt explain the change). but my job is to try and close that gap, and i think we have made good progress along that path. we are absolutely not a 6 month money-grab program.
>I'd be scared if I was certain Redmond corporation who makes their money on 365 and Intune.
scared of what? microsoft doesnt need to care about new businesses with under 50 employees at all. they have governments, banks, universities, colleges, and large non-tech enterprises completely locked down. small business with 10-50 devices are a drop in the ocean.
>New businesses under 50 employees are going to eat this up like there's no tomorrow.
i seriously doubt people outside of the tech or design spheres (i.e. most people) are going to go with apple for their businesses. when you are starting a business, you dont want to also have to teach all of your employees (and possibly yourself) how to use a new operating system.
you are going to look up "local IT company" or "local MSP", ask them to set you up, and they will integrate you into their existing microsoft ecosystem and send over some thinkpads, while you focus on your business.
It really depends on the context and the context within the context.
I used to manage a medium sized IT firm in Colombia on a hybrid manner.
One of our biggest clients had a sort of high end boutique set of businesses and two bigger businesses that interacted quite more with the regular public.
For the high end boutiques he asked us ONLY and ONLY to use mac's both because down there they are synonym of "prestige and class" and because the (very attractive) women that he hired for most roles were only familiar, or preferred mac's and were consumer's exclusively of apple's walled garden.
We had a bunch of customers like that, the real issue is that if this were on place I would have made it an option for my clients, eventually some things like security or software may move a significant number of users there, specially after the new mac mini, the neo and the ma air become budget options compared to a lot of what microsoft is offering in latam and some parts of Europe.
I'd say it's the old "never attribute to malice that which is adequately explained by stupidity". Admittedly the current administration has a more than ample supply of both, but I think they do have more stupidity than malice.
Having said that, once someone explains to them in words of one syllable that they've just banned the sale of all of the devices that make the Internet go for the entire electoral base, they'll TACO so fast it'll make your head spin.
Sooner or later, some idiot lawmaker/opportunist is going to insist on 1) age checks to connect to a router and 2) content filters for routers, both of which can be used to score cheap political points.
>I imagine a lot of people would find that absolutely nothing ties them to Windows anymore, even gamers with things like Steam Proton often find their needs met.
i absolutely concede the gamers dont have too much of an excuse anymore, unless you play some specific games that are windows-only (or, more accurately, where the anti-cheat malware is windows-only).
but for some reason, these announcements/conversations always leave out the biggest share of windows users, who also happen to be the slowest to change: governments and large institutions (banks, hospitals, universities).
it will be decades yet for them to switch off windows.
another often overlooked one: small businesses that use quickbooks (which is thousands and thousands of small businesses). or engineering firms that use solidworks (or other CAD)
so, yes, for home use it is a fantastic time to explore non-windows options, absolutely. but it aint the "year of the linux desktop" yet, and wont be for awhile, if you count government and institutions.
FWIW a tech company I retired from was about 60% mac and a portion of them operated almost exclusively out of VirtualBox + Linux. IT had some rock solid Linux sysadmins but not quite enough to support most of the company moving to Linux. There are some shops that could go 50% Linux especially on the development side without much issue if compliance and auditors were on board.
not all classes are 100% lectures. many of my kids classes have 15-30 minutes of "work time". sometimes entire periods are "work periods" when they have a big project or whatever.
>the wait times aimed to “influence customers to increase their adoption of digital self-solve, as a faster way to address their support question. This involves inserting a message of high call volumes, to expect a delay in connecting to an agent and offering digital self-solve solutions as an alternative.”
>Even if HP’s telephone support center wasn’t busy, callers would reportedly hear: We are experiencing longer waiting times and we apologize for the inconvenience.
i am absolutely positive, without proof of course, that this is an extremely common practice. my isp does the exact same thing with basically the same wording. over the years i have called at all times of the day, all days of the week, across all seasons, and it is always "we are experiencing high call volumes right now. but hey, did you know you can do lots of stuff on the website? go to the website. please use the website".
i almost (not really) respect HP for at least admitting to it, rather than all the companies that i suspect are still doing this in the shadows and will never admit to it.
I honestly bet 75% of the time I hear “We are currently experiencing high call volumes” someone answered within a minute or two.
In some sense that has the befit of a “surprise and delight” moment too because the consumer might be prepared to wait longer and then “whoa nice, that wasn’t so long!”
I think it is a common practice, and another I think will be just a static set of times that they play the "higher than average call volumes" message, rather than anything dynamic. I think call centre stuff is incredibly basic, even though the domain isn't that complicated.
My doctor's office phone manages "You are number two in the queue". Somewhere, maybe it was a previous doctor, added "and should expect to wait about 5 minutes".
Even in my internal company tech support line they play that "higher than expected call volumes" message, but their website also has counter on it that tells you just how many people are on hold and even when it is just one (me) it plays that message.
>i am absolutely positive, without proof of course, that this is an extremely common practice. my isp does the exact same thing with basically the same wording. "sorry, high call volumes right now. but hey, did you know you can do lots of stuff on the website? go to the website. please use the website".
Look up Erlang numbers for call centers. We absolutely know how to calculate required reps for a desired queue dwell. It is 100% a voluntary decision to degrade the Call Center to push people to web based automation. Consider this your proof. We have the equations. Executives make the active decision to not use them/use them to shift cost burden.
t. Helped implement a Call Center before, and we aimed for sub 5 minute queue dwell at all hours of the day.
Wait time is calculable; but you need an accurate forecast to staff and schedule. When I last worked in this space, forecasts were generated down to 15m granularity and agent work schedules (hours, break times, etc.) were derived from those forecasts.
What if you get a large number of people calling at very particular times? E.G. what if you're getting far more calls at 09:00 than at 09:15? You can't hire agents just to handle a 15-minute surge.
Erlang's model assumes that the world is static or at least predictable; it doesn't take into account things like the superBowl, a hurricane cancelling 90+% of flights from a major airport, or a much-larger-than-usual number of customers trying to cancel because of a previously-confidential price increase now being publicly announced.
Baseline demand affects the numbers much more than the unpredictable spikes do. You can come up with edge cases if you like, but the reality is that it all averages out pretty well with large volume.
"i am absolutely positive, without proof of course, that this is an extremely common practice. "
Health insurance does this for sure. From what I have seen I am convinced they have sophisticated systems to frustrate patients and providers until they give up.
>"do a thorough review and restore all the mechanisms that made the use of smartphones and internet optional".
we should probably workshop ideas that are within reality.
downvoters are welcome to tell me how they would approach a worlwide review of everything that requires internet and un-internet it. i will wait.
some primer questions to get your brain turning: who organizes and conducts the review? who pays for the review? who pays for the implementations? whats the messaging and how do you convince people to go along with rethinking/re-implementing their entire already-working infrastructure that they have potentially spent millions to billions of dollars on? do you just dissolve all of the internet-only services, and tell the founders to suck it? who enforces it and how?
Consumer protection legislation would be a way to solve this:
If a business has more than X employees / does more than X amount of business per year / has more than X physical locations (pick one or more, make up some new criteria, tune to suit the needs of society) it must offer the same capabilities to interact with the business to those without smart phones as those with.
Small businesses wouldn't be radically impacted because they generally aren't "Internet only" anyway. The large business that are impacted have plenty of resources to handle compliance. If anything I'd argue it levels the playing field to an extent.
1) if you make it only applicable to smart phones, i just stop offering an uber smartphone app and now uber is website-only. if you apply it to "internet", as the original poster did, then:
2) companies like uber would be forced to shut down. you can say "cool, if they cant do it, their problem", which is fine, but a dozen of major issues pop up if something like 1/4 of the businesses currently propping up the stock market have to close doors or otherwise invest billions of dollars in phone centers or whatever they need.
it also raises questions about all sorts of businesses. another off the top of my head example: should 1password setup a call center where i can tell the operator what my new hackernews password is? is 1password exempt even if they have hundreds of employees and do millions per year? if yes, we have to come up with a bunch of murky criteria and definitions of what companies are exempt (across every industry, no less). which will, of course, cost a lot of time and money, just to surely be gamed. can we convince tax payers to foot that bill?
(this is also ignoring the approximately 0% chance that some sort of regulation of this sort gets pushed into law, against all of the extremely powerful tech lobbies. we dont even have ubiquitous right-to-repair!)
I'll fully admit that I'm "vibe commenting" here out of frustration with the direction society is going.
There won't ever be any consumer protection legislation like I suggested. I know that. It would make things better, but it'll never happen.
Things aren't going to get better for people who don't want to be forced to use new technology. (Eventually it'll be you being forced, too.)
I'm arguing, much in the way some techies bemoan removing malware from their parents' computer as an argument for why we shouldn't be allowed to use our mobile computers for what we want, for businesses to be required to offer ways of interacting to people who don't want to own smartphones. My argument isn't in the interests of powerful lobbies.
My wife and I have been helping her elderly aunt deal with a bank recently. I was shocked at the assumption her aunt would be able to receive SMS, use a smartphone with a camera to do "identity verification", etc. This lady has a flip phone, a land line, and no personal computer. Sure-- she could meet with someone at a branch to help her. Their first available meeting was a month away.
It's not going to get fixed. Nobody with the power to do anything about it cares.
>out of frustration with the direction society is going.
i am 100% with you.
>My wife and I have been helping her elderly aunt deal with a bank recently. I was shocked at the assumption her aunt would be able to receive SMS, use a smartphone with a camera to do "identity verification", etc. This lady has a flip phone, a land line, and no personal computer. Sure-- she could meet with someone at a branch to help her. Their first available meeting was a month away.
i have been there too, and it drives me mental.
i would love to work on realistic ways of addressing it, because it is a real issue. i am not denying that at all. my whole point, in my original comment, was that a plan of "un-internet the world" is, in my opinion, a complete waste of time and energy to seriously work on. the internet is here -- okay, lets figure it out from there. the genie isnt going back into the bottle. so lets spend our energy on ideas that acknowledge that fact, instead of trying to shove the genie back in.
> Sure-- she could meet with someone at a branch to help her. Their first available meeting was a month away.
You have to expect business to optimize for their common case and just make sure there is a path for the exceptions. That's what this bank did and it's just the way of the world.
I'm not a big phone person either, and it is inconvenient for sure, but I get benefits from that and the cost is extra friction when dealing with online institutions. Everything has a trade-off
Of course businesses that wouldn't make sense without technology, like Uber, food delivery, or anything else that is an app anyway, would be exempt.
I'm talking more about things that used to work without the internet for decades just fine but suddenly started requiring the use of the internet. Banks, government agencies, parking, event tickets, etc.
Oh, God... don't even get me started about fucking Ticketmaster and their goddamn app.
I've had multiple venues just straight-up tell me "no app, no entry" when I've contacted them pushing-back on installing Ticketmaster's drek.
For one I was able to play "confused old man" and get printed tickets, at least.
For another I just gave up, swallowed my morals, and loaded their app on my wife's iPhone.
There was one that I just didn't buy tickets for. The performer didn't really need my support, and I wasn't super broken up to not see them, but they lost a sale because of the stupid app requirement.
okay, well i appreciate the clarity. lets flesh it out some more.
how are you determining which businesses are affected? would you apply these regulations to entire industries (e.g. the entire finance industry) or would each business have to be reviewed independently?
if we run with the finance/bank example, what do you do about online-only banks (e.g. WealthSimple)? should they be forced to shut down?
My intuition is that it should only apply to businesses that have a physical presence, or need it to do their job. So, for banks, that would be only those with branches. We also have one of those online-only banks (T-Bank, ex Tinkoff), it's overwhelmingly popular among us millennials, but older people use something else.
that leaves a pretty big loophole, though. if i am a smaller bank that has 5-20 branches, it might just be in my best interest (profit) to just go online-only instead of implement whatever the regulations deem necessary.
(keeping in mind that this regulation applies to all industries, so the above example of closing all physical operations because the regulations make it more profitable to now be online-only, so that the regulations dont apply, repeats in all industries)
And that's fine I guess? It's important that there are banks that are too huge to go online-only.
It will be easier to comply for other industries. From my initial example, for event tickets, they wouldn't care much whether they scan a screen or a piece of paper when you enter, and they could let already-existing box offices sell the tickets. For government agencies, those already have offices, so nothing changes. For parking, just bring back the kiosks.
I had some thoughts on dynamic tax rates depending on how desirable a product or service is.
Then can do standard formulas like, will operations continue if the power is out, internet, smart phones, running water, phone lines, payment processing, etc, how long will service be down 1-3 days, weeks, months etc
If your store can't immediately switch to cash apply some modest tax increase. If people can't buy food for more than a week the extra tax is high. You might want to buy gas lamps and a "home" battery.
If we, the tech-savvy people, start pushing for it, it may have a chance of succeeding. On the other hand, if we take your defeatist approach, it's an absolute certainty that nothing will change.
there is a great clickhole headline that your comment reminds me of
"Heartbreaking: The Worst Person You Know Just Made a Great Point"
4chan has produced some hilarious/interesting stuff, and they have also driven people to suicide. i suppose it is up to everyone individually to make the value judgement there.
yes, you are repeating the "what about" part. my comment has literally nothing to do with other social networks.
if it helps, feel free to apply the original quote to facebook or whatever when they do something good. but this article and comment chain is about 4chan. so i am talking about 4chan.
lol, what are you talking about? i said i was reminded of a quote, that is it. no one disagreed, they just said “other people do it too” and put words in my mouth so they could argue about something.
like, what “stance” do you think i am even trying to take?
Well, much like HN, 4chan is a couple dozen boards of different topics frequented by something like 22 million unique users every month. So of course there's going to be good things there. And of course there's going to be bad things there. You don't get to pick and choose.
Trying to make a "value judgment" and boil the whole thing down to "4chan good" or "4chan bad," seems with even the most generous interpretation... incredibly reductive and foolhardy.
i wasnt trying to make any sort of profound point. i was reminded of an applicable quote i like, so i posted it.
and of course my comment is reductive, it is a total of 3 sentences. i dont really know what nuance you were expecting to get out a 3 sentence comment.
everything is gray, with both good and bad. 4chan included. there we go -- more true, less interesting.
I mean that's pretty vacuously true, since (the community of) "4chan" is a subset of (the total population of) "humanity in general," but it's a stronger and more interesting claim to make about the subculture in question.
If anything, the person you were replying to was intentionally describing how 4chan is less dissimilar to humanity in general than its typical portrayal, so responding with a dismissal that that makes them just the same as everyone else is really just affirming their point.
as far as i have been able track (linkedin, email, etc.) roughly 3/4 of the previous graduating cybersec class has been unable to get a job in cybersec. probably 1/2 of those are struggling to find even basic sysadmin or password-resetter positions.
this is significantly different than when the program started (around 2015 or so), where roughly 4/5 of the graduating class had jobs (specifically in cybersec) lined up at the time of graduation.
cybersec is a bit of an outlier, but i see a similar trend with the networking program and game design program as well (the only other 2 i have first-hand knowledge of)
its rough out there! (i am recommending to my kids that they avoid post-secondary)
reply