Sienna
siennabates.com ∙ github ∙ mastodon ∙ twittersecurity and privacy enthusiast, researcher, AMC A-lister
PhD Application Rejection
Unfortunately this past week has been rather rough. On Monday I heard back from UC Berkeley about my application to the School of Information’s PhD program. They are unable to offer me a slot for the upcoming school year beginning in Fall 2025. I am pretty disheartened by the news as I really thought I had a good chance and was doing all the right things to make myself an ideal candidate. I know it is a competitive program and they only take a few people every year, sometimes under 5 but never more than 10 and they get hundreds of applicants every year for that program. ...Gen AI Follow Up
More and more at my job I keep hearing about things like “if you aren’t using AI everyday or finding ways to incorporate it into your job, you’ll fall behind”. This makes me think about all the discourse about whether AI will be taking everyone’s jobs. I still firmly believe a human element is necessary for all jobs regardless of how much one believes we need to incorporate AI. I think the approach to its incorporation in the workplace day to day is fundamentally flawed. It is a powerful technology and it is really cool to see how it has evolved in such a short period. However, that does not make it some magical cure or solution to all problems, there are still problems with each platform or service. I believe many people are so in awe of its capabilities that it is often mistaken for a replacement for their actual thoughts and effort into solving a problem. ...An Even Higher Education
Recently I was thinking about whether or not I wanted to pursue higher education, well, an even HIGHER education that is. I never really thought I would be interested in pursuing a doctorate but thinking about it more and more it doesn’t seem like a terrible idea. I really have a few things I am looking at but the deadline to apply to UC Berkeley is December this year so I have a few months to think about it and get it together. Berkeley is likely the only place I would want to apply due to its proximity for where I live. The worst that can happen is my application is rejected. They only accept about 3-7 students out of hundreds of applicants. I am a bit worried about whether or not I am “good enough” to get in to such a prestigious school. I know everyone says its hard to be successful in tech or security without a CS degree and while I don’t have one yet, I’m also not interested in pursuing one either. There is an Information Systems PhD in the iSchool or information school that seems like it is more appealing to me and would fit the types of things I want to study and learn about. ...Privacy Perspective
I like that this paper has some ideas that privacy is difficult to define but maybe, similarly to the concept of “cybersecurity” as a whole, is there much work on the thought that privacy is more of an umbrella term and why is is difficult to descibe or define is because there are many types and the day to day person is not as familiar with the possibility there can not only be more than one type but more than one definition. ...Gen AI Thoughts
We saw a massive dip in the educational quality students were getting during and post Covid. The amount of teachers retiring and discussing how their students lack basic skills for literacy and critical thinking is staggering. I see so many posts on various social medias taking specific stances or commenting about a recent issue without actually doing any reading and follow up. Like it’s absolutely fine to have a wrong stance on something (I do believe some things are fundamentally correct or not correct than up for debate on). However posing their stance as fact or because of what a specific article says and people always want a shortened version because reading is a lot of engagement and our society is moving its focus to short form content. This can be damaging because people just want to read a headline or quote and don’t actually understand it can be taken out of context and used to spread misinformation - and people just don’t care. ...Evolution of Social Media
Earlier this week I saw a tweet about a new social media app. It focuses on using AI edited images of a user into fantasy scenarios or whatever they want really and it got me thinking about how much social media has changed over time. Now disclaimer: this might be my most boomer take as a gen Z individual. I was on Facebook around the time I moved to public school from private school and back then, my timeline was only ever people I knew in real life or wanted to. But eventually, it became filled with people I didn’t know or who were tangential friends to even those I barely knew myself whether that be a classmate or someone I went to summer camp with years prior. It became a competition to have the most likes on statuses or how many friends you had in comparison to others. ...Thotcon 2023
This was the second time I have had the opportunity to attend Thotcon which took place May 19-20, 2023. I really enjoyed getting to go again as it is a great opportunity to see some of my friends who live in the Midwest again now that I have moved to California. On Thursday we arrived late afternoon after a fairly early morning and we met our friends Aaron and G. We got a late lunch before our friends headed off to the speaker dinner ahead of the conference while we took a short nap. Later that night we met up with some more of our friends at their residence near the conference. It was nice to catch up with people I have not seen in a while. ...Academia to Industry
Background I have been thinking a lot about my experience transitioning from academia to the tech industry and my misconceptions of how prepared I actually was. I realize now, that I was prepared in all the wrong ways and what I would do if I could go back and do things differently. Writing - From minimum word counts to being as concise as possible. - The corporate dialect - I understand but can’t quite speak or replicate myself. - convey thoughts directly and efficiently. - To leave feelings at the door. Deliverables - There is rarely a template. - Many tasks do require some bit of magic to pull answers out of a hat. - Make sure to clarify what is internal vs external deadlines. - How many revisions are needed. - Some companies prefer deliverables in a certain format - pptx. - Some companies prefer text heavy vs not slides. Communication - Everyone is different. - Coming in it was typical to be expected to bend your preferences in favor of others. - It is okay to speak up if you feel someone is not respecting your time. - Learning everyone’s communication styles is hard. - You may not always work with someone who matches your work/communication style. - Don’t be afraid to suggest things that might improve processes. - For the love of god document the things you would need to inform someone about if they came in the middle of a project. - You probably cannot be yourself. - Professionalism is still necessary even if you think something is stupid. Overall things that helped - Finding a mentor to trust. - Befriending people around the same age. - You can be social even if just with those you think you’ll like. - You dont have to make small talk with everyone. - Find someone who you can ask all your dumb questions to. - Be honest with your manager about the things you’re struggling with, self awareness shows you’re trying to make an improvement. - Find someone who is in the same position but higher up that can validate your thoughts, feelings, and intuition about a topic or process. - I still believe the corp world would be better if people were just real about things.Shmoocon 2023
This was my second time visiting Washington D.C. for Shmoocon, my first being back in 2022. First thing I was excited about was the theme of this year, which was Broadway. The year prior was picnic. I was pretty excited when I saw the booklet that usually contains the schedule and talks with speakers, as well as some challenges and puzzles was made to look like a playbill. Also, there were three different attendee badges were made to represent three different Broadway theaters. Mine was shaped like the New Amsterdam theater, there was also one that represented the Richard Rodgers theater, as well as one other which I cannot remember. Each badge also had a portion of a QR code on the back which if put together correctly could help you embark on the remainder of the badge challenge. The bag with all the promotional swag was pretty cool this year too, it was a collapsible backpack that folds up really nice and is good for travel. I usually don’t use the given bag during the conference, but I liked this one so much I used it the whole tine. Also, coolest swag was definitely the tech deck. ...CISSP First Attempt Preparation and Afterthoughts
Preparation There are 8 domains that the CISSP tests on: security and risk management asset security security architecture and engineering communication and network security identity and access management security assessment and testing security operations software development security" Favorite way to study is use study mode and go through practice exams (Boson) and make my best guess at the right answer and then check if im right and if not I read the description as to why. I go through every single question that way and it takes a while but it helps reassuring myself especially when or if I was not confident in my guess. ...Security Plus Preparation
Background I graduated in May 2020 with my BS in Cybersecurity from Purdue University. I also recently completed my MS in Cyber Forensics in August 2022 after defending my thesis, which was titled “Cybersecurity Industry Needs and the CSEC ABET curriculum analysis”. I also completed/passed EcCouncil’s Certified Ethical Hacker (CEH) in Summer of 2021. I currently work as a security researcher at a small security consulting company. Now, I do NOT believe you need to have this background in order to pass and complete the Security+ certification, so do not let my experience discourage you from taking it. I know of many people who have obtained it without having any college experience nor any formal technical background. My reasoning for taking this certification was to be more confident in the application of my security knowledge. ...