Do you have a dumb question that you're kind of embarrassed to ask in the main thread? Is there something you're just not sure about?
This is your opportunity to ask questions. No question too simple or too silly.
Culture war topics are accepted, and proposals for a better intro post are appreciated.
Jump in the discussion.
No email address required.
Notes -
Lately on twitter, I’ve been seeing accounts of quite attractive young women, who are network engineers or security specialist or similar. Most of them have somewhat high following counts in the +20k. There are a bunch of similarities between them. They often have pronounce in the bio and sell some sort of book or course on how to do, what they do. Looking at the technical content they put out, it seems like incredibly basic stuff, such as running a password cracker like Hydra or running WireShark. All their Github profiles are more or less empty with no contributions to speak of. They seem to do little or no code at all, but they all appear to have employment in tech companies of various sorts.
I have only ever had one course in security, so I don’t know much about the field, but it was almost exclusively writing exploits in Assembly and some C. We were only allowed to use some basic tools to hexdump a binary and such. I do realize that in the real world you would use all sorts of tools available to you, but still, I would expect somewhat heavier technical skills displayed.
So I’m sort of confused. What do they actually do in their jobs? They don’t seem to have skills that I thought were required for that type of work. Are they just DEI hires? Why do they have so many followers? Is it just tech guys simping over women? Is the algorithm pushing them for some reason? I basically never see any such men (or maybe it is just my stupid ass only noticing the attractive women).
Does someone here work in the field, who can enlighten me?
Some examples of the most prominent:
https://twitter.com/TracketPacer
https://twitter.com/notshenetworks
https://twitter.com/inversecos
https://twitter.com/cybersecmeg
I'm more a generalist, but I run into both fields a good bit.
The first thing I'll caution is that, same as entry-level C++ courses that spend hilarious amounts of time teaching people to convert from hex to binary to octal, without teaching them what bit-shifting does, a lot of what you're trained for in entry-level infosec is not always going to be something that comes up at the job. If anything, that's truer for infosec than programming, simply because the field is so much broader. ErrataRob is a more stereotypical and typical infosec guy on the technical side, with some non-trivial code work behind him, but his summary of the field as having a nontechnical side, and the technical side being more about understanding code than writing it strikes me as correct for at least some portion.
((Intro-level network engineering stuff like CCNAs are more consistent, but mostly because the intro-level stuff is tedious everyday work; there's nothing impressive about terminating an ethernet cable, but the day you don't check for crossover vs straight-through is the day you'll plug a rollover cable into a passive power injector. A lot of people never look back at RIP except to flip it the bird, though.))
There's a lot of potential space for busywork: server admin, laptop provisioning, log management and configuration, so on. That discrepancy between the full breadth of the field and some operations is a good part of why these fields tend to develop a small industry of hobbyist projects. But in turn, not everyone does that extracurricular work, and even those who don't can't always publish. Even if you don't want to get into the office politics side of infosec, it can sneak up on you.
((Although in turn, F3Zinker's right that there is a lot of consultant creep, and a lot of benchwarmers/box-checkers present too. I've had more than my fair share of CISSPs that think throwing up a LDAP server with an aggressive password policy was the entire job. Like normal coding, it's hard to filter technically strong candidates from those who merely have the credentials, and it can take a while after they're hired to find out the hard way.))
The second warning is that it's useful to have people in a field that aren't, or at least don't present, as deep experts. There are people in the embedded systems world for whom this is light and even insufficiently precise reading, and I'd like to eventually be one of them. For most people, going directly to that, or even eevblog levels is waaaaaaay too deep to start swimming. By contrast, someone like GreatScott is less-than-101-level, but that doesn't necessarily make his demos worse or even easier for him to produce; it just means the projects are smaller and presented for less adept readers.
For really obvious versions of that distinction, I'd compare 3x3 Custom or Matt Estlea vs. RexKruger or StumpyNubs. They're all writing for hobbyist or small business readers (hence the lack of MDF), but where 3x3 and Estlea are clearly more focused on exploring new unusual concepts while only occasional touching on fundamentals, Kruger and Nubs -- despite Nubs in particular clearly having massive amounts of professional experience -- are about those fundamentals or basics even as they use them for harder or more complicated tasks.
I think the big difference is that most of the men don't get that large follower counts, and when they reblog they're less likely to have their personality as a part of the reblog. There's a lot of guys writing well-south of SwiftOnSecurity's level; what's different is that these accounts are only a magnitude or so of SoS's follower count, rather than the mag-and-a-half of some of their coworkers (a NotSheNetworks coworker with a slightly more impressive git history, but not much greater twitter emphasis on deep tech stuff).
My gut check for the four you provided:
TracketPacer's pretty open that her specialty is electrical signalling and local area comms for ethernet in an aviation/space context, and she's got a number of comments that only make sense in that context (ethernet PHY means something entirely different if your field wasn't stuck with ARINC for eternity). I don't get the follower counts given that -- even with NASA and all the airbus fuckery, this is a tiny field -- but she's got enough side-along content that's more generally useful for embedded systems work that maybe real-ish? Still a pod person, but if that's engagement farming it's coming from inside the house.
NotSheNetworks's twitter feed is more obnoxious politics than anything specific to the field. Black Hills Information Security has more realish-focus, some of it her posts and not obviously trivial, but she feels like the one who's either done the hardest to boost her follower count, whether that be by drama farming or otherwise.
InverseCos looks like the real deal for the application layer. That obnoxious level of gruntwork over tiny details is absolutely the sort of thing that you'll do as often or more often than hexdumping a questionable file.
Cybersecurity Meg looks like a fairly young and not especially technical cert jockey, and the YouTube interviews emphasize interviews of more experienced people. I've got mixed feelings about this space -- there's a lot of i-crossing and t-dotting that happens to hit requirements rather than develop a serious security plan, or marking off a thousand 'vuln detections' in code that don't have anything to do with actual vulnerabilities -- but it's absolutely a lot of infosec as a field today and even if you want to work the technical side you'll get stuck dealing with it. Possible that she's working as / being promoted as a recruitment technique (women's fitness and "how to get started" is a convenient combination), but still better than being sponsored by RAID SHADOW MANSCAPE VPN.
As an aspiring hobbyist can you explain what you mean by the lack of MDF? Is this one of those midwit bell curves where both the complete beginner and the dark sith master agree that "it's brown and it's cheap lol" while the midwit wastes time trying to craft solid wood into an equally smooth flat panel, or something?
There's a little bit of that, where midwits (myself included) tend to think of MDF- and plywood-heavy designs as fake or insufficiently sexy. It used to be more popular for entry-level projects about ten years ago, where the price difference between MDF and S4S softwoods was much greater.
For the complete beginner, MDF does have its place. It's mostly flat, incredibly dimensionally stable, and accepts paint well so long as you prep the edges correctly. You have to be trying aggressively to get any tearout, and the stuff sands almost embarrassingly well. If you want to learn about dados and rabits joins, especially by hand, it's an excellent option. You'll have to buy a number of good drill bits because predrilling to exact sizes is so important, but that's not an awful habit and these days you can get some decent HarborFreightium drill bits for cheap.
But MDF does have a lot of awkward tradeoffs: you're really limited in joinery, the material is both brittle and has little stress resistance, the dust is slippery as ice and almost as bad as walnut for your lungs, the material is very abrasive on cutting blades, and even small amounts of water or high humidity before it's got some finish on it will turn it into sludge. These aren't big deals at smaller scales or with starter tools, but as you start to do bigger projects they can exceed a lot of the savings you might have gotten from the raw panels. Meanwhile, once you have a real planer, you'll find that you're often going to want to plane down (non-pre-primed) MDF to get rid of shipping marks (and sometimes to get a more precise thickness for a project); if you want an MDF-heavy project to stay stable and rigid you'll start supplementing it with hardwood edge banding. You'll start looking at finish quality, and for MDF you're pretty much restricted to sand-and-prime-and-sand-and-paint or veneer, and when working with hand tools those are a lot more tedious than varnish or polyurethane or Odie's oil.
But there's also a specific place where those tradeoffs are extremely worthwhile, and that's bulk cabinetry. You buy planer blades in bulk and have a resharpening contract, so the tool wear matters but it's a line item. You're going to be using an airless or HLVP gun, not a thousand paint rollers, so painting is a lot easier and you can get a uniform coat in minutes, not days. You and your employees are totally wearing those mandatory safety masks cough cough, and if you don't have a big dust collection system your shop will literally explode. Obnoxious and complex glue-ups. The cabinets are going to be permanently installed once (and the installation itself will lend a ton of strength), so it doesn't matter if your fixtures will tear themselves apart if moved. In return, you basically can ignore dimensional stability, and the extent that simplifies your project when you're trying to keep 1/8th inch accuracy over eight or twelve or sixteen feet is a big deal.
And bulk manufactured wood cabinets are not-so-coincidentally also a big money maker for large-business wood shops. (These same forces also drive flatpakable furniture, though the margins there are smaller and a lot of it's overseas stuff.) Not the only one, and if you have the buyers have the cash for conventional wood you'll definitely try to upsell them. But it's as close to a reliable demand as it gets.
There are still some places for MDF (and to a lesser extent, OSB) for hobbyist and small businesses. It's excellent for CNC work you intend to paint later, for example, and sometimes you can do things there that real lumber won't tolerate. If you're installing into drywall, not having to care about seasonal movement can be really convenient. There's a few situations where the extra weight and heft is enough of a bonus you'll throw a bit of MDF paneling in even when using real wood for the framing.
That's pretty much what I assumed. Most of the flatpack and flatpack adjacent furniture I've had has been chipboard with a laminate or veneer surface, but I'm pretty sure our kitchen cupboard doors are MDF underneath the protective thermofoil finish because like you say they're from a place that prioritises volume and efficiency over craftsmanship. The galaxy brain is building that bulk business and the brainlet is shrugging and saying "it's a cupboard door, what else matters" while us midwits seethe about how phony it is.
I've been warming to plywood on the basis of cost x simplicity x skill level but unless I found a niche use for MDF like complex shaping (I remember using it to build terrain for WH40k when I was a kid) then I just can't bring myself to willingly choose it. It's so soft and heavy, and the moment it gets a drop of water on it it turns into cardboard. That's before having to worry about the clouds of hazardous dust. But yeah, maybe if I was building cupboard doors that would get painted anyway or a sacrificial top for a workbench it might be the sound choice. OSB I just think of as subfloor or a very quick and dirty wall material.
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
I think this is the equivalent of pretty girls in hunting YouTube channels- cute girls doing male-typical things draws views from males interested in those things.
More options
Context Copy link
Could this be explained along basic economic lines or trends?
Eg. (taking a stab at this, but likely other folk here are much better at it than me):
The skills and patterns for getting to the top of social media sites are now well understood and cheap/easily bought (you can take effective courses that will train you). So we're starting to see an over-supply of attractive people who are good at engineering their way to the top of the algorithm for any given niche, and an under-supply of niches that are still lucrative.
These same attractive people are prospecting for new niches, and then zero-sum competing with each other for dominance of each given niche.
If this were true, I'd expect, in the short term, as these specific niches are being prospected, that a small fraction of the folk dominating each niche to have some legitimacy - they're folk who know their niche, and then picked up the social media dominance skills as secondary. The rest followed some other path, that led to them having a social media skills and now shopping around for which niche they can best exploit or dominate, or something along those lines.
In the longer term, as each niche becomes more and more extremely competitive, I'd expect the low value add folk to gradually get side lined or marginalized, and the folk who actually have something to contribute to start dominating. Likely through any of several methods - though I suspect actually having or gaining the skills and talent necessary to produce original content won't be one of them, since probably the best way to dominate a niche is to become an opinionated and effective aggregator as opposed to becoming an original content creator.
More options
Context Copy link
Why would you expect Twitter popularity to correlate strongly with display of technical skills?
I wouldn't necessarily in general, but at least for the accounts that I see, where they promote themselves as professionals in some domain (not necessarily tech), there does seem to be a pretty strong correlation between skill, creativity, credentials or output and their following counts. Then again, that is hard to say for sure, since it is not a random sample.
Yeah, I think the base rate could be really low. There's a selection pressure for charisma and attractiveness, of course, but also financial incentives. Contributors have a lot less reason to cultivate their Twitter following if they can't monetize it with a book or something.
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
They could be in more people facing sales type roles. Many of the very few women who graduated electrical engineering with me ended up in similar admin/sales/project management roles that have the slightest hints of still being a technical role.
As for what explains these accounts? Probably the fact that there is someone capitalizing on every single niche that exists.
Csec is especially prone to consultant creep, plenty of women there as well in big4s and whatnot. Someone has to attract the clients.
More options
Context Copy link
More options
Context Copy link