Dealing With Dirt
Dirty IT job No. 5: Fearless malware hunter
Wanted: Go-getter with inquisitive nature and a high tolerance for gore, sleaze, and the baser instincts of humanity.
Hunting malware means crawling the deepest, darkest, nastiest corners of the Web, because that's where the bad stuff usually congregates -- such as drive-by installs on porn and warez sites, says Patrick Morganelli, senior vice president of technology for anti-malware vendor Enigma Software.
"Due to the nature of the sites we need to monitor, one of our first questions in any job interview here is, 'Would you mind viewing the most offensive pornography you've ever seen in your life?' Because that's what a lot of malware research entails."
[ Hackers aren't always so hard to track down. See "Stupid hacker tricks, part two: The folly of youth." ]
Even employees not actively involved in malware research can encounter deep nastiness, he says. One time an employee merely passed by a support technician's display while the tech was remotely logged in to a customer's PC. What the employee saw on the tech's screen was so disturbing that he quit shortly thereafter.
"It can definitely wear on people," Morganelli says. "The amount of filth you need to go through on a daily basis just to do your job can be pretty trying, and much of it is extremely disturbing -- bestiality and worse. But there's no way to fight this stuff unless you go out and actively collect it."
Andrew Brandt, a malware researcher and blogger for security software vendor Webroot (and InfoWorld chronicler of IT admin gaffes, stupid hacker tricks, and colossal QA oversights, says he was warned before he took the job that he'd see porn that would turn his stomach. But he says he sees less malware distributed via porn sites and more via fake BitTorrents and game cheats sites.
"I would describe my job as rubbing a white glove on the filthy underbelly of the Net and seeing what comes off," says Brandt. "Every day I work with malware that does everything you don't want it to do -- like steal your bank account information, break your computer, or barrage you with ads -- and I do it 20, 30, 40 times a day.
"The dirtiest thing about my job is not that the malware is incredibly difficult to research or fix; it's that once the bad guys latch onto some trick they use it over and over and over. I start to crave the little differences that crop up. Still, every day I learn something new -- even if it's just 'oh my god, this is the hundredth time I've seen the exact same exploit'."
Dirty IT job No. 4: Zombie console monkey
Wanted: Individuals with low self-esteem and high boredom threshold willing to spend long hours poring over server logs and watching blinking lights on a network console.
This job title combines two of the most onerous yet often necessary tasks ever assigned to an IT grunt: analyzing system logs and monitoring network operations, says Lawrence Imeish, a principal consultant for IT services provider Dimension Data.
[ Drone-like conditions can make for colossal testing oversights. ]
"Doing log file analysis and correlation has to be the most tedious, mundane, perpetually boring job in of all IT," he says. But because logs maintain detailed records of all activity that takes place on a system, they're vital tools for debugging and error detection, he adds.
"Meanwhile, network operations centers usually have a person whose job is to stare at screens waiting for green lights to turn red, signifying a problem with some system," he says. "There are useful messages in all those blips and flashing lights, though, and many of them can go a long way toward preventing problems before they occur."
As companies trim body counts, they often combine these positions into what Imeish calls the Zombie Console Monkey. The utter lack of human interaction combined with little to no exposure to the sun means Zombies have been known to become almost transparent over time, he adds.
These days, mature IT organizations use event correlation software and network monitoring apps that can identify anomalies and notify the necessary parties if the network fails. Even then, says Imeish, some companies feel more comfortable with a human being sitting there and watching the dials, just in case.
"It's an entry-level job with not a lot of thought involved. Creative thinking? Forget about it. Your job is to follow a script, written down in a manual, for anything that might happen. That's why we call them 'zombies' -- no brains are required."