What do you call the 'Good Guys' that use malwear?
Usually, "Bad Guys".
With Stuxnet outed as a government-sponsored project by none other that one B. Obama of 1600 Pennsylvania Avenue, the world has concrete evidence that states commission the coding of malware. That evidence led Anton Chuvakin, a research director in Gartner's IT1 Security and Risk Management group, to ponder just what the …
Usually, "Bad Guys".
"Poorly-attired but well-meaning individuals"?
Malwear? Would that be hostile underpants?
Hopefully the guys who actually do this sort of stuff are smart enough to rely on the security policy of their employers when considering what to put on their CV, rather than some clown at Gartner.
If the bare fact whoever you work for does the sort of things you worked on is classified, you can't write *anything* about it that could reveal anything about what it could almost be related to, that is, unless you have prison rape fantasies. Naming specific projects is also very, very much frowned upon.
During my tenure with Department X of Some Government, I was a project manager facilitating the development of powerful new software required to push the boundaries of current data collection to an evolutionary new level.
Due to the projects I led, the world experienced radically new shifts in security procedures and paranoid delusions.
You did something like:
Generated software that took down botnets and their control channels. Reduced the amount of unwanted email by 50%. Aided in the prosecution of those involved. Recovered millions for end users.
The above is pure fiction, of course, but if it actually happened, I'd be willing to hire the guy!
I mean if you have someone who is delusional enough to violate basic human rights just because some government tells him so, that's probably not someone you might want to have in your company.
Unless it's a very unethical company that is.
I know that some bunch of morons have decided that internet access is a fundamental human right.
However, that doesn't mean that anyone with more than half a brain needs to pay attention to them.
We can start worrying about new human "rights" when the old ones are met. You know, not dying in infancy from starvation, exposure or lack of basic sanitation and medication. That sort of thing.
Destroying a machine and endangering the workers near it sounds like it might violate their human rights.
That's what Stuxnet did, it was fairly similar in effect to smuggling in some boomex - and of course both considerably easier to do and much more deniable.
Sorry, ethics doesn't pay the mortgage or buy food.
Do *not* enter into this line of work. You will never be able to put it on your resume/c.v ("national security"). ... and even if you are allowed to, nobody will ever hire you as a programmer, ever again.
Yes, we *can* pretty much all code this shit ... but we don't. It's an ethics/ethos thing. Ignore ethics/ethos once in your career, and it'll follow you forever.
Not disagreeing with your ethical stance, Jake, but OTOH working for the NSA doesn't seem to have harmed Bruce Schneier's career (admittedly, he wasn't developing malware AFAIK).
Actually, only people have ethics - corporations do not, and will indeed happily hire such people.
No need to rename. Malware is "mal" from the perspective of the rightful owner of the system it runs on. This is why, for example Blaster was malware while Low Orbit Ion Cannon is not, even though they could both be termed "attack software".
Why is this tagged "Joibs"?
Can call it :-
Weaponised Software :)
right next to Navy SEAL and Medal of Honour recipient.
That's a very good point, if you want to have a job that's a plus, put it in. There are a lot of jobs in the war industry, and they have to take just about everybody. But don't complain to be stuck in a job where people around you have a higher than justified self esteem.
Responsible for the management of 200 people? I think somewhere in the 5-12 range to include one or two PHDs would be sufficient to pull this off in about 6 months. Even if it required a few more lackeys for manual testing, I would be really surprised if the time scale was any longer than that. It would be a short enough period to round out if for some reason you really didn't want to simply lie about what you were doing.
You could generally put what government you worked for (most commonly your own) and MOD or DOD.
You can obviously talk about what technologies you used as well.
Worked for the MOD at Whitehall writing a traditional N-tier web application using xyz web framework and wizzy wizzy backend server technology.
The information that is covered by Official Secrets Act are the details about what you were writing and what it's supposed to do, it might make it more difficult to talk about in an interview, but you can talk about the technologies and general technical principles, just not the details of what you were doing with it.
"So, you say you developed software while working there. Would you like to provide a little more information? What sort of software did you write?"
"I could tell you that, but then I'd have to kill you."
My usual reply is more along the lines of:
"Maybe... What's your clearance?"
Most then double-check the paperwork, and realize that if I answer their questions, someone is facing jail time.