• Potatos_are_not_friends@lemmy.world
    link
    fedilink
    arrow-up
    15
    ·
    10 months ago

    I used to make jokes to juniors/interns like the above. Then I watched a junior start typing my joke in terminal, and I freaked out and stopped.

    Sometimes I forget these jokes go over the heads of people.

    • lightnsfw@reddthat.com
      link
      fedilink
      arrow-up
      5
      ·
      10 months ago

      Same. I was working on a help desk years ago helping another agent with a call where the customer was being ignorant and I sent him a message that said something like “does he want us to wipe his ass for him too?” (Not that exactly but in the context of the situation it would have been similarly insulting). Next reply I get from the other agent was “he said no”.

      😬

    • afraid_of_zombies@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      10 months ago

      I managed a homework help chatroom for EEs. One of them got a PI and was so happy. Another person suggested that they run that command. Later on the other person claimed they didn’t expect it to work.

      It took me and another mod way too long to help the other guy fix his PI. Wasn’t really happy about it. The new rule I came up with was if you must must make a joke do something harmless like “touch /this” and reference MC Hammer.

    • XTornado@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      10 months ago

      I mean… it’s the best way to learn by being stupid and doing mistakes, but truly some mistakes are too much damage and does not help to learn or if we talk about other jobs can kill somebody.

  • MonkeMischief@lemmy.today
    link
    fedilink
    arrow-up
    6
    ·
    10 months ago

    Did they execute the command on localhost or the remote? Because hey if they had privileges to root-nuke the target that’s gotta count for something right? Lmao

    • Neshura@bookwormstory.social
      link
      fedilink
      English
      arrow-up
      5
      ·
      10 months ago

      The way this reads I think the company did not actually provide a good sandboxed environemt. So when they rm -rf /'d the thing they actually deleted a lot of stuff the recruiters still needed (likely the pentest environments for other candidates). Because imo that’s the only reason I can think of to just outright ban a candidate from applying for any other role at the company.

      • Hillock@feddit.de
        link
        fedilink
        arrow-up
        2
        ·
        10 months ago

        You should ban anyone who tries this regardless of the outcome. There is always a small chance they did it on purpose trying to cause damage. There is no benefit by giving them another chance, you just riks giving them the possibility of doing more damage. If the thing was a mistake, the person will learn from it and find another job.

        • Kühe sind toll@feddit.de
          link
          fedilink
          arrow-up
          3
          ·
          10 months ago

          If the task would have been to find general security risks this would have counted. I mean, he did some serious harm, but he was able to find a security issue.

          • bane_killgrind@lemmy.ml
            link
            fedilink
            English
            arrow-up
            0
            ·
            10 months ago

            I think there is kind of an assumption that the scenario is “outside host gains privileged access” so there’s not really a security issue with some attacker deleting root on their own box.

      • NocturnalEngineer@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        10 months ago

        To be honest, considering the role they’re applying for, I would reject their job application too even if it occurred inside a sandboxed environment.

        They should know exactly what rm -rf does. The fact they didn’t and they still arbitrary ran the command anyway… massive red flags. Could even say he failed to twart a social engineering attack.

      • extant@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        10 months ago

        To me it reads like the recruiter thought the person was a troll and banned them.

  • Admiral Patrick@dubvee.org
    link
    fedilink
    English
    arrow-up
    4
    ·
    10 months ago

    I love when cheaters fail to prosper.

    Back when I still used Reddit, so many posts were just CS students trying to get other Redditors to do their homework for them. I don’t think I ever came across any technical interview cheaters, but I’m sure there were some.

    • CosmicTurtle@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      10 months ago

      I remember one interview I had with a candidate. It was for a database analyst position that required SQL.

      The first round was typically a phone screen where I chat with the candidate, get to know them a bit.

      Second round was code review. I asked them to do a SQL query that did x.

      The queries were simple. The goal was to get the candidate to walk through the query.

      I had one candid that, over screen share, wrote the query flawlessly. Then I asked them to explain what it was doing. The candidate froze.

      I can get understand getting nervous so I moved onto an insert statement. I had them write one and then do another without using certain terms (often leading to a sub query).

      Again, flawless. I asked what situations would you use one over the other.

      Again, they froze. I started to get suspicious that they were cheating and had them, instead of typing the answer, say the answer. When they couldn’t, I knew enough that it wasn’t going to work.

      • stoly@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        10 months ago

        I had an applicant very obviously read to me that Wikipedia article about Active Directory.

      • redcalcium@lemmy.institute
        link
        fedilink
        arrow-up
        1
        ·
        10 months ago

        I wonder why people do this. You wouldn’t apply to a welding job if you can’t weld. Why so many people apply to programming positions if they can’t actually code (or a database analyst position without knowing SQL)?

        • hulemy@ani.social
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          Some people seem to think you can just Google stuff or more recently use AI to do the coding, not knowing that being a dev is mostly about knowing what to search and that being a dev isn’t just coding.

      • RegalPotoo@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        10 months ago

        A lot of the time I find “spot the bug” questions to be more informative, especially for junior roles. We stopped asking fizz-buzz - just about everyone has heard of it by now and it’s pretty easy to just rote learn a solution. Instead we give them the spec for fizz-buzz and a deliberately broken implementation and ask them to fix it. If they get flustered, just asking “what does this program output” usually give a pretty clear indication if they can reason about code in a systematic way.

        • aksdb@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          10 months ago

          That’s fine if there are no weird pedantic ropes to fall over. I am not a compiler or linker, that’s what I have compilers and linkers for. Same with an IDE. I don’t know many details of the stdlib or other common libs, because why should I waste space in my brain for stuff code completion can show me…

          • RegalPotoo@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            10 months ago

            The kind of bugs I’m talking about are things like “the logical flow of the code is broken because the order of the if/else if/else branches is wrong”, “this program never finishes because you don’t increment that counter” and “you specified print the numbers 1 to 100, but that counter starts at 0”.

            I’m testing your ability to think logically, not your knowledge of stdlib trivia

    • superbirra@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      10 months ago

      not sure why you deem it necessary to point it out in this specific context, anyway yes, depending on system setup this definitely could show a warning

  • Lojcs@lemm.ee
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    How are you supposed to fine 7 vulernabilities in an hour anyways? No way they expect the applicant to actually find vulernabilities right? So you need to memorize a bunch and see if they are present, which doesn’t achieve anything other than testing your memorization abilities

    • Hyperreality@kbin.social
      link
      fedilink
      arrow-up
      5
      ·
      10 months ago

      How are you supposed to fine 7 vulernabilities in an hour anyways?

      Threaten the interviewer with a knife until they give you at least 7 vulnerabilities. tapsheadmeme

    • fkn@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      10 months ago

      Using Kali? Easy if you have training. The capstone for our security course a decade ago was too find and exploit 5 remote machines (4 on the same network, 1 was on a second network only one of the machines had access to) in an hour with Kali. I found all 5 but could only exploit 3 of them. If I didn’t have to exploit any of them 7 would be reasonably easy to find.

      Kali basically has a library of known exploits and you just run the scanner on a target.

      This isn’t novel exploit discovery. This is “which of these 10 windows machines hasn’t been updated in 3 years?”

    • nifty@lemmy.worldOP
      link
      fedilink
      arrow-up
      3
      ·
      10 months ago

      Months 1-3: hey he’s new, just getting used to things

      Months 4-6: he’s not good, but maybe trainable?

      Months 7-9: he needs to be on a PIP so we can CYA and fire him

      Months 10-12: phase out and fire

      Rinse and repeat at new companies every year for 5 years, get hired as Engineering Manager at sixth job.

      • RegalPotoo@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        10 months ago

        Before you become a master you must make one thousand mistakes; some people choose to make the same ten mistakes a hundred times each

    • Urist@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      10 months ago

      Chill out. They may be German or something where shit like that is concatenated into one word.