back to article I'm a security expert, and I almost fell for a North Korea-style deepfake job applicant …Twice

Twice, over the past two months, Dawid Moczadło has interviewed purported job seekers only to discover that these "software developers" were scammers using AI-based tools — likely to get hired at a security company also using artificial intelligence, and then steal source code or other sensitive IP. Moczadło is a security …

  1. b0llchit Silver badge
    Facepalm

    Old scams in new jackets

    Online job-interview? How about "Please meet us at one of our local offices.".

    I can't imagine to have any person employed when not seen and talked to by a real person. There is nothing more important than face-to-face and look-in-the-eye communication. There may be (trusted) people added via a video link, but the job-seeker should at least be seen by one trusted peer who is physically present with the job-seeker.

    1. Caver_Dave Silver badge

      Re: Old scams in new jackets

      The first time I met our HR Manager (after I had been working for nearly a week), she told me that I was the only person she had ever employed that she had never spoken to, let alone seen.

      It can happen when you are well known by the technical team in a fairly niche area of work.

    2. doublelayer Silver badge

      Re: Old scams in new jackets

      If the company is remote, where do you send the person? It also makes any interview very expensive when you have to fly the person from Poland or Serbia to San Francisco. Not that it wouldn't help, but there is a reason why a lot of companies, even those with offices, don't do their interviews in person. Your solution could involve sending people to the offices only for the last interview before giving them an offer, which would be slightly better.

      1. Tom66

        Re: Old scams in new jackets

        Realistically, if you're going to spend, say, £70k+ a year on a senior software engineer, £2k for round trip flights plus a stay in a hotel is a good insurance policy. It needn't be done for every candidate, but can be part of the final interview.

        If the company has no office, then they can rent an office or conference room for a day near to the interviewer, or the candidate.

        1. rcxb Silver badge

          Re: Old scams in new jackets

          Realistically, if I'm going to scam, say, £500k+ from some company that thinks I'm a legit employee, paying a stand-in £2k to go there in person and pretend to be me is a good investment. I can make excuses to skip most face-to-face meeting, but can pay someone to go in for the final interview.

      2. MachDiamond Silver badge

        Re: Old scams in new jackets

        "If the company is remote, where do you send the person?"

        Someplace that's easy and cheap to get to. In the US, Las Vegas, NV can be good for the western half of the country since there's loads of flights every day, moderately priced hotels and offices that can be rented short term. Obviously, one wouldn't have all applicants come in for interview, but only shortlisted people. There's also extra curricular actives for all. If the post is important and there are only a few people that will fit, it's worth the expense to find the right person. With so many trade shows/conventions being held in LV, company staff may be there anyway and can come early or stay late to do interviews. Many major cities aren't really that expensive if only for a couple of days and will have the facilities to hire. Since many big city airports aren't actually in the named city, but a bit outside the borders, that lowers prices too.

    3. Anonymous Coward
      Anonymous Coward

      Re: Old scams in new jackets

      I had several job interview during Covid. Since then my last 2 jobs were following video interviews. The previous one is in another country and while the brand exists where I live, that belongs to a different legal entity. My latest does have a 'local office' 10 minutes from my home but the interviewers couldn't be physically present at the same time due to conflicts.

    4. Irongut Silver badge

      Re: Old scams in new jackets

      I have been working for my current employer for almost a year. I have not met any of my colleages in person, have never been in the town where head office is located and at Xmas discovered a nephew-in-law has worked for the same company for a few months less than me. He is the only fellow employee I have met.

      In that time I have done work no-one else in the company could or had time to do and improved internal IT for every employee. I would not have been able to travel to an office as part of the recruitment process and so would have ended up unemployed and homeless instead. Fortunately for myself and my employer they were not as inflexible or regressive as yourself.

      1. Anonymous Coward
        Anonymous Coward

        Re: Old scams in new jackets

        I've interviewed with non-local companies. They typically offer to pay all expenses for the interview trip, even if it's just personal car usage. I don't think I would ever consider hiring someone without interviewing them in person (which might be after a video interview). How do you know they don't have someone off-camera feeding them the answers?

    5. Anonymous Coward
      Anonymous Coward

      Re: Old scams in new jackets

      One of my kids got a job with only (a few) video conferencing interviews. So they didn't have to explain that they used a wheelchair most of the day. Which would have reduced their chance of being hired.

      Worked out good as they can now ski every day after work. They use a sitski, look it up.

  2. martinusher Silver badge

    A job's a job

    Ignoring the political reality of everyday life -- a purely artificial construct at the best of times -- what you have is ultimately someone wanting to exchange labor for cash. We're told in this day and age that it doesn't matter if the person is physically present or working remotely, so long as they can do the job and they're cheap enough that's all that's important.

    Ultimately the problem is the globalization of the labor pool. All this Cold War nonsense about spying, malware injection and general skulduggery is just nonsense except that people who are trying to squeeze every last cent out of a workforce are unlikely to want to invest the time and money in decent QA -- they want their code or services as cheaply as possible so opening their products to a whole hose of unwanted issues.

    You can't fault people for trying it on even if the technology's not quite up to it yet. Supply meets demand -- we want an 'ideal' candidate so the market is responding by providing them.

    1. b0llchit Silver badge
      Joke

      Re: A job's a job

      You can't fault people for trying it on even if the technology's not quite up to it yet.

      Job-seeker: Hello,

      Job-seeker: My name is Serge and will be defrauding you today. Please, take a look at my impressive statistics as produced by the best of machines.

      Job-seeker: My video link is not always as good with our local bandwidth limitations. But we shall manage to impress you anyway.

      Interviewer: How much would you like to defraud us for?

      Job-seeker: Well, I've been thinking, as a good start, about €180k per year and all of your software.

      Interviewer: That seems like a nice start. Can you tell me how you are going to do it all?

      Job-seeker: Sure thing! You are --bzzzz-- going to --bzzzz-- sleep and --bzzzz-- sign al the documents --bzzzz--

      Job-seeker: You are --bzzzz-- now obeying my commands --bzzzz--

      Interviewer: Absolutely!

      Interviewer: I welcome you to our team! All our moneys are belong to you!

      Job-seeker: Thank you.

    2. Caver_Dave Silver badge

      Re: A job's a job

      Why all the down ticks?

      It's what you get when the Finance Team control everything.

      1. doublelayer Silver badge

        Re: A job's a job

        Maybe because, on every single article where North Korean activities are brought up, martinusher can be counted on like clockwork to show up with an explanation of what is happening which ignores facts stated in the article, denies facts you can prove with a quick search, and has a benign explanation which is wrong but also wouldn't be acceptable if it was what actually happened. For example, the argument that employers were intending to hire Chinese remote workers when the article said that they were impersonating US residents or claiming that these workers are all free agents just trying to make an honest day's wage for an honest day's work.

        This comment is no different. It suggests that North Korean workers are free agents again (they're not), that the stories of installing malware into companies are fiction (they're not), and follows the same inaccurate playbook. I don't know why he does this, but he does do it routinely. It goes on to blame the companies that hire these workers, so not only is it your fault if you hire a North Korean, it's your fault if someone manages to commit fraud in an interview to look better at their job than they are. In reality, those who fraudulently complete interviews using ChatGPT or someone else giving them answers are not fulfilling the needs of the market, they're lying for personal gain, or in the case of North Koreans, survival and tiny perks. People who become victims of fraudsters may be many things. They may be greedy, miserly, stupid, or they might not be any of those things (it all depends on the context), but they aren't getting what they wanted or it wouldn't be fraud.

        1. martinusher Silver badge

          Re: A job's a job

          I'm a Californian and have worked in 'technology' for all of my working life. Here your colleagues are likely to be a mixed bunch with a lot of Chinese and Iranians, some Indians (not that many in firmware) plus assorted Russians, some Europeans (including Brits) and even the occasional 'merkan. Working with this type of mongrel group gives you quite a wide perspective on people from other backgrounds and. in particular, tends to dispel the Cold War mindset that they're all some kind of menacing hive animal out to get 'us' etc.

          This doesn't mean that criminals, opportunists and general bad people don't exist. Its just that you're just as likely to get your corporate IP stolen by an ambitious local as you are by some Chinese person. Malware is now more corporate than ever -- individual franchises might be working out of bedrooms in Rugby (for example) but the creation tends to hide as legitimate businesses, often in jurisdictions that are either noticeably poor at enforcement of 'flexible' on the matter.

          So, yes, I'll defend "Chinese" or "Korean" as people, not the PRC government (and the less said about either Korean government the better at the moment). I just can't abide systematic prejudice. After all, its easy to characterize Brits as arrogant know-it-alls who still think they have an Empire (when they're not crashing around blind drunk somewhere) so why would you tar everyone from somewhere else, especially if its just nonsense spurted out by the defunct leadership of a has-been society?

          1. doublelayer Silver badge

            Re: A job's a job

            Because that's not what you said earlier. You've written a softer message, one that I agree with, and pretending it's what you've been saying before. You did not defend Koreans as a people because nobody was attacking Koreans as a people. I'd happily employ someone from North Korea who had escaped, because they would have to escape for it to be possible, because nothing is intrinsically good or bad about their national origin. Your defenses have been of North Korean government-organized operations by denying that they were this, or pretending that they didn't install malware, or mutating the reasons why anyone would hire them to ascribe to the employer a level of complicity that they did not have. Now, you're deflecting from this by suggesting that those who say otherwise are prejudiced against Koreans, when in fact we're prejudiced against state-run criminal groups no matter who runs them or where they were born.

            I too have worked with people from lots of countries, nearly all of whom were wonderful people. Many of those were former residents of countries whose governments I do not trust at all. They were not installing malware on corporate devices. They weren't copying customer data. They were not being monitored by agents of the government of the land of their birth, at least as far as I know. The people in these articles were all of these things, and that is what we have a problem with.

  3. Hugo Rune
    Pint

    M'M'M'Max Headroom here.

    https://youtu.be/cYdpOjletnc

  4. The Man Who Fell To Earth Silver badge
    FAIL

    The real problem

    Is employers trying to hire on the cheap by using cheaper overseas developers. In this case, it's not like there's a lack of talent in the San Fransisco Bay Area. If you hire local you can interview people in person. If you are setting up an office overseas, again there are ways to do it where you actually meet people, or you work through representatives you have met in person. It's only a matter of time before some company gets the crap sued out of them by their customers because the house of cards the company created is considered negligence.

    1. Neil Barnes Silver badge

      Re: The real problem

      Not just meeting in person for the interview(s) I think: you also need to know that the person you hired is the person who's turning up at the office and/or working offsite.

      1. Like a badger

        Re: The real problem

        Well, if employers are hiring so remotely then surely they're saying they don't really care. Do the job adequately and cheaply and I'll ask no questions. To be fair, that's the same approach when big companies offshore their IT or support functions.

        1. ChoHag Silver badge

          Re: The real problem

          There is a difference between subcontracting and hiding your identity to secure a job you couldn't get otherwise.

      2. Roland6 Silver badge

        Re: The real problem

        There are systems that assist, they seem to be used by solicitors, obviously, you need to be able to produce documentation: passport, driving licence and other things to prove I’d and address. Part of the checking is a comparison of photo id with the video stream.

        1. MachDiamond Silver badge

          Re: The real problem

          "Part of the checking is a comparison of photo id with the video stream."

          Not anymore. It's also not that hard to whip up a passport, driving license or other documents that will look good enough if scanned or photographed, but wouldn't pass muster IRL. It's really tough when those documents are from somebody in a different country. I worked as a doorman at a bar ages ago and we had a reference book since there was no way we could memorize all of the different documents valid in the US for verifying age. Plenty of times people would hand over a foreign ID claiming it was legit. 9/10 is probably wasn't, but we had no way to tell. Funny that they had "left their passport at the hotel". All of this said, a good enough fake can be manufactured and would, of course, look like the person on video.

    2. Yet Another Anonymous coward Silver badge

      Re: The real problem

      >t's not like there's a lack of talent in the San Fransisco Bay Area.

      Your mission is to hire the best possible XYZ developer possible, but you are only allowed to chose from people who currently live in SF and aren't current;y working for one of your competitors.

      And you have to pay 5x as much because they have to afford to live in SF and you have to pay 5x as much for office space to be in SF.

      It would be like limiting your choice of leaders to people who went to Eton and Oxford.

      1. The Man Who Fell To Earth Silver badge
        FAIL

        Re: The real problem

        "Your mission is to hire the best possible XYZ developer possible..."

        And yet you are too cheap to spend a couple of grand to fly them in for an in-person interview for a job that's going to cost you, when you include benefits & salary, hundreds of thousands of dollars per year.

        You get what you deserve.

        1. Roland6 Silver badge

          Re: The real problem

          > And yet you are too cheap to spend a couple of grand to fly them in for an in-person interview

          Same as the 1980s.

          The laugh I had was I decided to visit California, so offered to visit for in person interview, it was surprising just how many job opportunities being discussed over the telephone suddenly disappeared…

      2. Anonymous Coward
        Anonymous Coward

        Re: The real problem

        You couldn't find a remote worker in the US? You have to go to Serbia for talent?

        OK maybe you would pay double but flying someone to San Francisco who is in the US is not that expensive.

      3. Anonymous Coward
        Anonymous Coward

        Re: The real problem

        I'll be impressed by the technology when the UK gets it's first AI Prime Minister.

        1. ScottishYorkshireMan

          Re: The real problem

          Even an artificially intelligent prime minister would be better than what we have had, have and what is on offer for the foreseeable. Assuming of course that AI PM doesn't emerge from the Cult of Musk.

          1. Anonymous Coward
            Anonymous Coward

            Re: The real problem

            Ah your basic problem there is that you used "intelligent" and "prime minister" in the same sentence. Those terms are mutually exclusive....

        2. DJV Silver badge

          Re: The real problem

          I suspect the question here should be, "Could they do any worse?" With previous incumbents such as Boris "bodies pile high" Johnson and Liz "I crashed the economy" Truss, plus the latest idiot going back on pre-election promises, an AI system would have to be pretty bad to do even worse.

          1. MachDiamond Silver badge

            Re: The real problem

            How would one go about verifying the citizenship of an AI?

        3. Irongut Silver badge

          Re: The real problem

          It would last longer than a lettuice or a Truss.

        4. Anonymous Coward
          Anonymous Coward

          Re: The real problem

          AI lettuce

  5. Roj Blake Silver badge

    Re: I won't be able to decide if the person I'm talking with is a real person or not

    Unless of course, you actually met them for real.

    1. This post has been deleted by its author

    2. Ken G Silver badge
      Trollface

      Re: I won't be able to decide if the person I'm talking with is a real person or not

      What if an AI tool can summarise the works of G.E. Moore and Hegel sufficiently well that it can convince you it is real and you aren't?

      1. ICL1900-G3 Silver badge

        Re: I won't be able to decide if the person I'm talking with is a real person or not

        As I approach my final taxi, I wonder more and more about whether I'm real or not. It helps adjusting to the next stage, I suppose.

  6. Omnipresent Silver badge

    Jobs given by AI

    If you haven't figured out yet, sites like linkin and indeed are data collection sites now. You get uploaded to the data warehouses where you are either sold off to third party companies doing nefarious things, or hacked. Very often hacked in fact. They like to get your email and phone numbers off these sites, and then target you if you look like you make money, or are important.

    To get an interview, or to get looked at, you first have to get through the parameters set by the AI.

    1. MachDiamond Silver badge

      Re: Jobs given by AI

      "f you haven't figured out yet, sites like linkin and indeed are data collection sites now. "

      LinkedIn at one point (pre-M$) was a useful service. Now they are trying to be yet another general purpose Social Media company and pushing people to send in more of their data to flesh out the database a bit better. I still have a listing on LI, but I haven't updated anything in ages and don't fall for all of the carp they try to drag me into including paying them for a "premium" account. It's getting rarer that somebody I want to connect with finds me there. Of course, I'm at an age now where my peers are more and more completing their chapter of the story. Those that are left and have done well aren't in the workforce full time any longer and certainly not out looking for jobs on job sites.

      1. Anonymous Coward
        Anonymous Coward

        Re: Jobs given by AI

        Yes, I was on LI since beta days, had a premium account back when it was cheap and gave useful extras, cancelled when it became expensive and before those extras were removed.

  7. Anonymous Coward
    Anonymous Coward

    Interesting

    "Moczadło also repeatedly asks the interviewee to wave his hand in front of his face — this is supposed to detect an AI-generated face because it disrupts the model and will make the image appear glitchy as the software lags while trying to integrate a real hand covering a deepfake face."

    Hmm, nice trick, which will probably always have this lag ...

    ""But I'm scared that in a year, as AI advances, I won't be able to decide if the person I'm talking with is a real person or not." "

    I'm not that worried TBH. There will always be differences between an educated person and a repeating IA no matter the size of the corpus used to train it.

    We will adapt.Remember how Deckard could identify replicants in Blade Runner 2049 ? We'll do the same :)

    1. chivo243 Silver badge
      Thumb Up

      Re: Interesting

      you're in the desert....

      1. FrogsAndChips Silver badge

        Re: Interesting

        But, how come I'd be there?

      2. Anonymous Coward
        Anonymous Coward

        Re: Interesting

        > you're in the desert....

        I'm having dessert? Which flavour?

      3. MachDiamond Silver badge

        Re: Interesting

        "you're in the desert...."

        Directly in front of you is a mail box......

    2. doublelayer Silver badge

      Re: Interesting

      There are other tactics. The first interviewee, for example. The second one used GPT-style answers, but the first one knew what he was talking about or was better at cheating. Probably it was the former; some of the North Koreans they use are quite well-trained. They don't always do great work once they're hired, although sometimes they do. It would be possible to have people who know what they're doing do the interviews, then swap in others for the actual job. That is easy for an orchestrated campaign the way that North Koreans do it, but it wouldn't be hard to hire someone to fake being you for a couple interviews. Vigilance and processes that verify as much information as you can will always be necessary.

      1. druck Silver badge

        Re: Interesting

        Just like with Indian outsourcing firms the person you speak to initially who knows his stuff, isn't the one which you find is allocated to do the actual work for you.

    3. Anonymous Coward
      Anonymous Coward

      Re: Interesting

      Don't worry, in a year or two, AI will be good enough to wave a hand in front of the generated face.

      Of course, the hand will have the wrong number of fingers and an extra elbow on the forearm.

      1. Anonymous Coward
        Anonymous Coward

        Re: Interesting

        Norfolk AI

    4. rcxb Silver badge

      Re: Interesting

      "There is considerable overlap between the intelligence of the smartest A.I.s and the dumbest humans." - Bears feasting out of trashcans

  8. Lon24
    Coat

    Mirror, Mirror ...

    How can a real candidate know whether the interviewer is a deep AI fake? If its getting into difficulty it just has to say it's from HR. Who can tell the difference between a real HR person and a ZX-80 Eliza program with a nice backdrop?

    Ooops, HR downvotes incoming...

    1. Like a badger

      Re: Mirror, Mirror ...

      "Ooops, HR downvotes incoming..."

      Unlikely, HR people can't find the on switch.

      1. isdnip

        Re: Mirror, Mirror ...

        Naah, they're looking for the Any key.

  9. Yet Another Anonymous coward Silver badge

    My new interview question

    I have replaced "Can you reverse a linked-list in place ?" with "you see a turtle on its back in the desert .... "

    1. Ken G Silver badge
      Angel

      Re: My new interview question

      There's good eating on them!

      1. Anonymous Coward
        Anonymous Coward

        Re: My new interview question

        No, that's tortoises.

        1. Anonymous Coward
          Anonymous Coward

          Re: My new interview question

          If you can explain the differences then I'll know you're an AI.

  10. Pascal Monett Silver badge
    FAIL

    So, you call yourself a security expert

    And you can't be arsed to get an interview in person.

    I'm thinking that you're part of the problem.

    1. Anonymous Coward
      Anonymous Coward

      Re: So, you call yourself a security expert

      How many actual security experts call themselves that?

      1. Anonymous Coward
        Anonymous Coward

        Re: So, you call yourself a security expert

        I don't know if I'm an expert but I know never to call myself one or put it on my CV or I'll get offered another fucking security architect role.

        Life's too short.

  11. Acrimonius

    Asian accent!!!

    Isn't the unlikely Asian accent a big clue!

    1. Ken G Silver badge
      Black Helicopters

      Re: Asian accent!!!

      What if they're speaking Polish but using an Asian simultaneous translation AI?

    2. doublelayer Silver badge

      Re: Asian accent!!!

      I'm guessing this is why they pretend to be Polish or Serbian, assuming that people will not know what a Serbian accent sounds like and will mistake their Asian one for a Balkan one. Trying to pass it off as Chinese might be easier, but I think many small companies would not hire a Chinese remote worker at all due to more complicated Chinese labor laws and they would also probably offer a lower salary.

  12. Evil Auditor Silver badge

    If we followed the wet dreams of AI evangelists, soon we see AI interviewing AI.

    1. The Man Who Fell To Earth Silver badge
      Facepalm

      Why do you think

      The data centers use so much electricity?

  13. John70

    Wonder If...

    ...Trump will put tariffs on using remote workers not living in the US of A

    1. Anonymous Coward
      Anonymous Coward

      Re: Wonder If...

      > Wonder if when...

      FTFY. *sigh*

  14. Mr Humbug

    The more important question

    If he almost fell for this twice, how many attempts have been made that he didn't spot?

    And how would he know?

  15. Nematode Bronze badge

    My latest AI test, which was hilarious. Tells me to use humour, which AI doesn't really get.

    I simply asked "What happens when the drumming stops?"

    Chatterguppy took this seriously. Didn't even get it when I gave a link to the (well-known in music circles) joke.

    So test that on your on-line interviewee. I guarantee you'll be able (assuming you're a human) to tell a human response from a machine's, even if the interviewee had never heard the joke.

    https://www.talkbass.com/threads/if-drums-stop-very-bad.689762/ for those who haven't

    1. jdzions

      BASS SOLO

    2. Throatwarbler Mangrove Silver badge
      Devil

      I had a video interview with a manager with no discernible sense of humor. I'm pretty sure he was a real human, however.

  16. abotoe

    Reverse Captcha?

    Why not just order a potentially fake applicant to write "I am real" on their forehead with a marker? I bet the software can't handle that (yet). If you can decode their probably horrible mirror writing, they're probably not a deepfake. Plus, if they do turn out to be actually human, you get the added benefit of weeding out those who aren't willing to be the ideal employee and bend over and take it when told to.

  17. Anonymous Coward
    Anonymous Coward

    I think...

    ...this warrants a re-think of hiring processes more than anything. Even without AI, the tropes and obstacles in job interviews etc are well known these days...the fact that a whole industry exists for things like writing job applications, CVs etc tells you just how uniform the whole thing has become.

    I suspect that this process is very "samey" across the board has something to do with the massive number of MBAs out there...and people doing business studies in general.

    I studied business for a while...but I was in a unique position where I grew up in and around a fairly large family business, in which I was encouraged to work in any and all positions from the ground up to understand it, my old man would have me doing all kinds of things...right from sweeping warehouses all the way to up to assisting with tax returns, I got to see and be involved in a lot of stuff, not only with the family business, but other businesses affiliated with the business, it's customers and just other business folks my old man was affiliated with (the accelerated in the late 90s when people realised I was a very good techie, I was in high demand all over the place for my technical skills)...anyway, what they were teaching in business studies barely reflected reality at all, I'm fortunate to be able to see things from both perspectives and I can pick and choose which perspective I want to approach from at a given, but a lot of modern "business" folks are fucking stuck with zero flexibility...the academic approach to business is very "perfect world" and relies upon a lot of assumptions...it also seems to centre a lot around "making your case" as it were...this approach can work to a certain degree with certain types of business...if you want to open up a coffee shop or some other kind of simple "one trick" small business then sure a SWOT analysis might be very important, especially if you need to apply for a bank loan or something to start it up...but in reality, starting a business (especially one in a less understood or relatively niche market segment) typically puts you up against a negative feedback, people that don't understand etc etc...so you're met with a lot of resistance that no amount of academic plan writing can get you through...there is an awful lot of conviction and self belief required in these circumstances and you just have to be resourceful...this type of business requires you to think on your feet and define new processes, new ways of doing things...the people that typically operate this way are a dying breed because they're being drowned out by the "paint by numbers" academics.

    The way I was introduced to business and the way I still carry out business is to work out where you need to be in order to deliver whatever it is you want to deliver, and find ways to make money out of the steps to get there...which is in stark contrast to the modern take which is to fully flesh out your final product, apply for a massive fucking loan and go straight for the end game.

    Lets say you have a great idea for a new "widget"...the modern approach requires you to construct an elaborate business plan with a market analysis, full costing etc etc and then you shop it around to beg for loans to make it happen...that's a bit of a broad strokes description, but you get the point...there is basically no problem solving between conception and producing the widgets and the distribution and production of the widgets lives and dies on whether you can find an investor brave enough to take a punt...which is a risky proposition because the investor will be hanging his hat on your one widget that want to produce.

    The way I have always done things is similar, I will write a business plan, assess the market etc...but I won't go around begging for loans. I look at the requirements to get my widget produced and figure out whether somewhere in that chain there are deals to be brokered...if I want a factory to build me a mould and produce my widgets, in order to pay for that, I need to find that money...that money could come from finding alternate suppliers for the factory to bring their costs down, it could be in setting up new partnerships with other businesses to provide more output and revenue for the factory etc etc...you get the picture...a lot of back scratching...finding the funding for a project doesn't always have to come in the form of an investor putting a large deposit in a bank account...that's often the last resort in my experience.

    Anyway, my point is that the vast majority of business people out there these days are "cookie cutter" business people, often holding MBAs with no actual experience doing business with anyone...and rely heavily on very academic approaches to getting things done...this leaves you wide open to being exploited...because if you're copy/pasting a process, you can be damned sure that plenty of other people are aware of that process and know how to bend it in their favour.

    The worst part is academics tend to hire academics...it's human nature to lean towards what you understand and move away from things you don't...quite a lot of doctrine is hammered into academics and for quite a while they exist in a bubble which becomes their entire scope of understanding...they tend to look inwards rather than outwards...and a lack of outward vision makes you blind to reality.

  18. Paul Hovnanian Silver badge

    And right in the middle ...

    ... of the comments section for this article, there's a advert video loop of a goat wearing humans clothing.

    1. druck Silver badge

      Re: And right in the middle ...

      Advert? What's that?

      1. Paul Hovnanian Silver badge
        Boffin

        Re: And right in the middle ...

        "Advert? What's that?"

        https://dictionary.cambridge.org/dictionary/english/advert

  19. Anonymous Coward
    Anonymous Coward

    Imagine that

    Employing someone sight unseen who lives in another country. Hmmm, what could possibly go wrong?

    I know I’m old, but these are problems introduced by the employer alone.

  20. MachDiamond Silver badge

    The professionals

    There was a time when professional test takers would sit college exams for people in large classes where the prof or TA's wouldn't know everybody by sight.

    If Little Kim wants to infiltrate people, I have to wonder why he wouldn't draft a cadre of specially trained people to apply for those positions. They could get jobs at company X, Y and Z with others doing the actual "work". That would get past the whole hiring phase where they might be tripped up by using technology (technology, def: stuff that doesn't quite work yet).

    1. O'Reg Inalsin

      Re: The professionals

      See El Reg recent article about the "Arizona Laptop Farmer". Looking at 5 years.

  21. Boolian

    Hire Purpose

    Well, I did want to lead with the definition of 'Expert', which as any fule kno, is 'someone who has made every conceivable mistake in a very narrow field'

    However, I'm more interested in the nuance for rejecting the applicant. He really wanted to hire 'him' because his responses and answers were so good. So... why didn't he? Security reasons, or something apparently.

    That becomes a personnel with a known issue, which one can surely mitigate against, at least to a degree equivalent of trying to prevent the nightshift jannie from stealing the launch codes, or keeping the alky away from the drinks cabinet.

    The other consideration is, that at some point in the near future, the shady AI really does become the best candidate, and not hiring them is like asking kids not to eat the sweeties when it comes to the Finance dept and Manglement; so probably best to get in early and actually have a protocol for utilising AI, however dodgy - that should be bread and butter for a 'security expert'.

    However, to swerve the downvotes, I must acknowledge my entire previous career arcs where I severally encountered:

    "He's a great worker, so long as you keep him right and supervise him" - Mate, that's worse than a man short - "Eh?" - We're a man down supervising him..." "But he's a great worker" - He's not two great workers though is he? "I don't know what you mean, he's a really good worker...."

    1. doublelayer Silver badge

      Re: Hire Purpose

      "However, I'm more interested in the nuance for rejecting the applicant. He really wanted to hire 'him' because his responses and answers were so good. So... why didn't he?"

      As much as you might want to hire a brilliant identity thief, the identity thief part might outweigh the brilliant part. Even ignoring the likelihood that this was a North Korean, someone willing to fake who they are could be all sorts of problems, from someone on a list of people you're not supposed to pay to someone who is willing to do malicious things to your company. You already know they're lying about some things, so why should you trust them not to do anything else. What it really means is that they would really like to hire a person with the same skills as this one, but without the criminal aspect.

      If we add in the typical methods of the North Korean IT laborers, they sometimes do good work, but in many cases, they can't even if they are good at it because they're often working multiple jobs to collect as much money as possible. Many of them work in the short term on the theory that they will be discovered eventually and thrown out so they want to maximize their gains until then. They also have a tendency to install ransomware and steal code and customer data. There are two types of companies where the damage is even worse. If you run a cryptocurrency operation, their goal is stealing all the cryptocurrency. If you run a security company, their goal is to steal the vulnerabilities you know about and use those for their malware. They focus on both of these a lot. This being a security company, that is one more reason on the already admirable stack not to hire the person no matter how much they know.

  22. JamesPevanS

    How does one get through to the third of fourth stage of a remote interview without having their camera on?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like