>>510578664 >Undergrad in college working for research project the university is running >"Hey anon we're bringing in some grad students, can you get them up to speed" >Trying to explain things to them and they're just nodding, but I can tell they don't get it at all >Next day jeet grad student emails me if I can teach him what ssh is >bruh-moment.png
>Working at a large company as an internal pentester >Find vulnerability >Me and white colleague meet with team of jeet engineers >Explain the problem and exactly how to fix it by using a known stable library >"No saar we will use custom fix" >Please don't do that, I can bypass that and it will still be vulnerable, please just use the library, colleague concurs and backs me up >"Saar you not understanding, we do cutsom fix, it will be ok" >Whatever, just tell me when I can validate the "fix" >Two weeks later: "Saar it is fixed please do the needful and validate" >I bypassed it in literally 5 minutes
>Same company >vulnerability reported to us through bug bounty program >Hop on call with white incident response guy and team of jeet engineers >Tell them exactly how to fix the problem >"We cannot do that saar you must call this other team" >Get other team on the line >"No saar we cannot do that" >ok who can then??? >the first team we just called >???? >Call first team back and get them on a call together with the second team >None of them know how to do this very simple thing >Have to wait for white engineer on a totally separate team to give them the permissions to make a change in the k8s config
