Category: thoughts

Posted on

Getting out of it what you put into it

It’s been difficult to make myself come here and blog.

Somewhere along the way, things on the internet changed. I used to enjoy writing updates in a blog post, letting friends and family know what had been going on around here, what I was up to, or even just what I was thinking. I knew that there were certain people who followed my blog pretty frequently and would often comment or even just acknowledge that I had posted something. It was a nice community feeling, and I would read other people’s blogs as well. Somewhere along the way this all shifted. I think it probably had something to do with Facebook becoming the predominant platform for people posting updates and being able to keep up with many more people in that format.

It’s a real shame though, because now I’ve gotten myself off of Facebook, off of Instagram, off of Twitter, and I’m largely just biding my time here and on Bluesky.

I find myself not wanting to share content or updates or news or anything like that. I definitely feel more more guarded about what I share online.

Perhaps it’s because of all the horror stories I’ve read about people getting stalked or swatted or whatever, just because they said something someone else didn’t like or disagreed with. I’ve been thinking often about how the internet really has precipitated the downfall of humanity. It’s pretty sad because I thought it was going to be an awesome thing for quite a while.

It definitely had an un-jaded, innocent adolescence phase. However, what happened was that once the World Wide Web became more and more accessible and was starting to be carried around in everyone’s pockets, everything started to change for the worse.

I remember back in college I took a class on how to use the World Wide Web. It was a great introduction into internet culture, what it meant to have a flame war, what spam was, and what good netiquette was.

That’s a word you don’t really hear anymore. Netiquette. It’s a shame. Everyone thinks they have the right to just get very angry at everyone else now, and it’s taken a lot of the fun out of the whole thing.

Maybe if people had been required to take lessons about the internet in order to access it, and had to learn how easily you can be fooled by misinformation and how you need to be able to discern between what’s real and what’s not, we might not be in the predicament we’re in today.

So I don’t know, maybe I’ll take this blog down in the near future. Is anyone reading it? My web statistics say “no”. So this is pretty much an exercise in talking into the ether. I’m putting things into it, but getting out nothing.

Posted on

LinkedIn is at Peak Enshittifaction

💡
These are my personal opinions, which exist in an entirely segmented realm of my brain and my existence than that of my employer. They are not associated.

This is a story about the enshittification of LinkedIn. You are probably familiar with it.

I’ve been on LinkedIn for about 20 years. It started as a useful way to demonstrate my work experience, connect with current and past coworkers, and build business relationships. It was useful as a digital calling card of sorts.

At security conferences, I’d quickly pull up the app on my phone and befriend someone I had just met and had a conversation with. We’d keep in touch and Like or comment on each other’s LinkedIn posts.

Admittedly, most of those connections I made would never become anything else. We didn’t continue any real-world conversations or reach out to each other at all. These “friends” just became reminders of a short conversation I once had at a conference or workshop. I started wondering what the use of this site was, yet, everyone seemed to be using it, so I found myself curiously coming back once in a while.

Persistent Outreach

I can’t pick out an exact point in time that it started happening, but there was a noticeable shift in the kinds of connection requests I started getting. Maybe it coincided with my job title changes as they evolved and became more desirable for marketers to reach out to. Maybe it coincided with LinkedIn becoming a marketing person’s fertile playground. I am not sure, but something shifted.

One change I did notice, and I never felt like figuring out why, is that I started getting Followers in addition to people asking me to Connect. Some people would Follow me and then ask to Connect later. LinkedIn never did anything noticeable to explain what this all meant, but it happened.

Who? Why?

It was confusing, and I never felt like looking into it, so I just started ignoring them.

Sales Pitches

Everything started turning into sales pitches: requests to “run something by you,” get “10 minutes of your time,” show me an article they’d “really like your opinion on.” All in the name of making a connection –and possible sales lead– to meet a quota in SalesForce (most likely).

They even tried bribery in the form of sending me an Amazon gift card, just to meet with them for 30 minutes and hear their pitch. I know for a fact, based on experience, this would only lead to even more persistent follow-ups, “ticklers”, and pressurized tactics to sell to me.

I stopped going to LinkedIn as much.

Overly Persistent Salespeople

Within the last 2 years, I started getting connection requests alongside immediate follow-ups to my work email, and it became clear that I decided I needed to look into things – or shut down my LinkedIn account. Some setting somewhere must have changed, but I wasn’t sure what.

I was sure, however, that I had never put my work email address into LinkedIn. Yes, it was probably easy to guess based on who I work for, but this cold-calling tactic was sleazy and would immediately turn me off to any reputable vendors, especially when they had be annoyingly persistent by sending me multiple “just let me know if you’d like me to stop bugging you” types of emails.

In short: if you are a salesperson, please don’t do this.

Silent Privacy Changes

The company has implemented some invasive changes over the years, and didn’t bother to tell users – or buried the notices deep in their TOS that no one read. Their lack of privacy by default has always been concerning. Some of these were questionable, others, such as opting you in to AI training, were mind-boggling. There was even a short-lived lawsuit about that.

The AI setting you didn’t know about.

LinkedIn’s True Enshittification

The true indicator that we had reached the event horizon in the downfall of LinkedIn occurred sometime in the last year.

I logged in one day and saw that posts and comments had turned vitriolic. They had become like Twitter, like the comment section on your local newspaper’s website, or just about any thread on NextDoor these days.

An Executive Director!

People were making terrible statements with their employer’s name associated with them.

Posting your pronouns was never required. Why is it such a problem anyway?

Yes, it coincides with the political climate in the USA and the general climate of intolerant “free speech” that has proliferated everywhere as a result. But in a setting of professional profiles closely tied to employers? Why risk your job, your customer base, or your reputation?

“Listener”
Even using the “R” word.

I will just say this about that: we are all humans, we all deserve equal opportunity to live, love, and thrive. You know, that whole “Life, Liberty, and the Pursuit of Happiness” thing.

Live and let live. Do unto others as you would have them do unto you. A rising tide lifts all boats. You know…basic decency to others.

LinkedIn is now complicit in stifling these pursuits.

I am at a loss for any further words, really. Having left Facebook, Instagram, and Twitter within the last month, I am now shutting down my LinkedIn profile.

Indeed.

— willc

Posted on

Welcome To My World

This phrase is the slogan of a narcissist.

“Welcome to my world.”

It diminishes whatever the person receiving it just said. It turns attention back to the person who said it. It indicates a lack of empathy, and is also a request for sympathy.

“You should feel sorry for me instead.”

Sometimes it is meant to be funny, but underneath the surface it is cruel.

It is entirely possible that not everyone who says it is a narcissist, and people may not even realize it comes off as mean, but it is a red flag, and is a self-centered phrase in any given situation.

Empathy is a good alternative

Instead of saying “Welcome to my world” when someone expresses their struggles with something, you might be tempted to turn to a different phrase such as “I know how that goes” or “I’ve been through that myself.”

These really aren’t much different than “welcome to my world,” just less bratty.

How about trying not to use an “I” statement at all? Don’t turn it back to you. Try some empathy.

“That sounds really difficult.”

“Oh wow, you had a rough day. Let me make you some tea.”

“Tell me more about that.”

Often, what people need, whether they realize it consciously or not, is just to be heard. That can make the difference in turning someone’s bad day around.

In other words, you may not be a narcissist, but using narcissistic phrases can inadvertently shut down and dismiss the person who is trying to convey their plight to you. Offer some support, some kindness, some empathy.

You might be surprised at the reactions you get.

Posted on

Thoughts on OSCP being ‘outdated’

In recent weeks I have been reading comments online about the Penetration Testing with Kali Linux (PWK) course and OSCP exam taking a lot of flak for being “tool old” and using “outdated exploits that don’t even work anymore.”

I believe most of these comments are directed at the lab environment and course materials. It is true that you won’t find many systems in modern pentesting engagements that are exploitable with older things such as EternalBlue (MS17-010).

But that is beside the point.

The PWK and OSCP exam are all about teaching you how to think, solve problems, persevere, and develop a pentesting methodology that works for you.

It is true that Hack The Box (HTB) and other modern online capture-the-flag frameworks are more leading-edge in that regard, which is great, and they can certainly be an excellent way to augment and prepare for the PWK/OSCP journey.

But the point is that it really doesn’t matter if you drive a 2019 Ferrari 488 Spider or a 1996 Honda Accord, it is whether or not you figure out how to get to the destination.

clicky