Some background. I'm a senior developer who has performed hundreds of interviews and seen dozens of questionable recruits long before AI. Typically the scam is that an offshore consultancy wants to place some roles to collect wages. Many of these agencies are from collectivist cultures, so in the mind of the agency, they all work in our project. This may not be true, but the agency sees the position as theirs, not the recruit's. So they typically don't the issue with putting recruit A in front of the interviewer and then slotting recruit B in after the position is secured. I've seen this done with A talking while B moves their lips on camera. Now with chatGPT (and earlier to some degree with just Google Search) we just see applicants eyes focused on something they're reading when we ask questions. All of this is just as easy as an AI generated applicant (if not easier) and quite likely to get the recruit hired.
A lot of this narrative is pointing the finger at China, North Korea and Russia/Ukraine. The best candidates I've fielded have been Ukrainian, Russian and Chinese. These are countries well known for their tech sectors. North Korea has executed the largest crypto heists in history. These are not groups who need to fake it.
So who does this narrative serve? It serves the RTO CEOs. This makes CEOs scared to hire remote workers and lets the ones who demand it have a reason.
If anything the panic around AI should reinforce the need to think critically about these things.
A LOT of people are far worse at interviewing than they think they are. And so, a bullshit artist can get hired. Technology now allows these bullshit artists to propagate more, and do more damage than would have previously be possible. AI in the workplace is a similar problem. Can you tell the different between someone who really just leans on ChatGPT all day but is actually incompetent? Probably so, but someone who was that incompetent just wouldn't have previously been able to hang on for quite as long, or deceive so many people.
[edit]
It's clear that my comment was not clearly written -- when I said "A LOT of people are far worse at interviewing than they think they are," I was referring to the people holding the interviews, and not referring to candidates. I'm shocked at just how bad a lot of folks are at holding interviews, and just how misplaced their confidence in their ability seems to be.
This works both ways right? Would it be fair to say that interview processes don't differentiate good hires from bullshit artists? Feels like framing the problem differently might make it tractable.
I had to take company training in interviewing. The trainer started out by acting out a fake interview. Then he asked us how we felt about him as a candidate. Pretty much everyone agreed that he nailed the interview. Then he began to list all the things he said and how he answered questions, and it slowly became clear that it was all bullshit, and he never said anything that was a direct answer to any of the interview questions. By using deflection and redirection he was able to completely control the interview and give a glowing impression of himself.
I wish I could remember what company was hired to do that because it was one of the best corporate training experiences of my life.
Anyone involved in interviewing really needs to ask themselves "what are we testing for?" In my world, we require anyone who makes it to the full in-person interview to give a technical talk on any topic they want, followed by Q&A from an audience that has a broad collective knowledge base. This has the benefits of:
- Letting the candidate start the interview on strong ground of their choosing
- Giving both the candidate and the team a chance to talk shop in a way that simulates the day-to-day work context
- Offering an opportunity for the candidate to gauge how curious and cordial their potential future colleagues are
- Making it very obvious if the candidate is BSing if they can't answer live questions about something they chose to present
Added: I should acknowledge though that talking about technical topics of interest may get more complicated at some proprietary firms than open source ones.
So I'm not sure that this method works if candidates can give talks on subjects the interviewers are unfamiliar with.
Is your company hiring?
My definition of “senior” is what you will see in the leveling guidelines of most well known tech companies - not “I codez real gud”.
While I agree completely, I also know plenty of people who fit this description, but would probably aren't the folks you ask to give a power point on a technical topic.
TBH I've done my time in management and done my fair share of presentations, but I would HATE this to the point that I might well opt out.
There's a reason I'm not in management anymore, and a presentation like described is a far cry from working with stakeholders and engineers to define and document technical requirements. Or even presenting those to a group with shared context.
I might well take the fact that you've made it a part of the interview process to be an indication that this is a regular job requirement as opposed to something I have to do here and there.
A very common concern, but overblown in my experience. If you notice, I never actually said "judge the candidate's presentation skills" (or anything of the sort) in why I think this process is great. The presenation is really just level-setting; the candidate gets to set the topic and give sufficient context for a conversation to occur. The presentation is at most the first 15 minutes out of a ~3 hour in-person interview process. That's how little it matters.
It's the Q&A and subsequent discussions that matter.
If someone thinks Cmake is super cool and knows all sorts of great use cases for it, then they should present that. They should also be prepared to answer open-ended follow-up questions like "broadly speaking, how could a project transition from something like Automake to Cmake?" or "what are some footguns in Cmake and how can we avoid them?"
One of the things I like to do on the hiring side is hold interviews in the smallest room people won't complain about. The way we think about public speaking has a lot to do with how close we are to each other.
A LOT of interviews are one-sided bully sessions, so people don't jump through the hoops they are expected to.. especially in hazing-friendly cultures like the security and finance sectors
I've had candidates I knew 15 minutes into the session I would sell a panel on "no hire" for, still say I was the best interview they've ever done in their life. This is not so much because I'm actually good at it, but going by the substantive content of that and much other feedback I've received especially in the last four years, I earn these rave reviews instead mainly because:
- I'm not afraid to admit where a candidate knows more than I do, and
- when someone seems so nervous it may be confounding their performance, I gently remind them that I've been through this before, it's hard on everyone and I don't hold that against people, and it's okay if they need to take a deep breath and recenter.
It's systemic, and it isn't even about being able to derive a reliable signal from the interaction. The problem is way more fundamental, in the same sense that you don't fix "Lord of the Flies" by reminding everyone regularly to be polite and not swear.
I mean, as I've just discussed, I can't even trust the good feedback I get from candidates, because any signal on actual improvements I could make is totally swamped by the noise of people practically ready to lick a hand in exchange for not being treated like something you'd scrape off a boot heel.
Which is also not something I hold against anyone on an individual level. The system that so consistently produces such outcomes is another matter. I used to think it was shameful people so rarely bother to represent their company in a good light, in the one formal occasion when most engineers ever actually do so. But in retrospect, I think I was the one who was wrong: the median level of representation in this area is more or less exactly accurate to what is deserved.
They've all drunk the leetcode / cs question koolaid, instead of just talking about projects, and how they would solve some things, and checking their personality (this is like 70% of the weight for me for new team members) if nobody likes you because of your attitude / personality, you'll bring down the team with your personality.
Age old question, who will judge the judge?
More relevant question: even if you can easily tell the difference, can you convince the person who makes the hiring decisions that your colleague is incompetent and only relays words to/from ChatGPT?
Ways to combat bait and switch is to alter interview questions, add new questions to every interview, ask deeper level questions, and observe the candidate in how they respond. It should be a more conversational tone the entire time, random discussion paths pursued, especially if the candidate's interests perk up about something. Every candidate has a different background so getting them to talk about that and problems they solved and diving into those in detail should be a good gauge of ability.
Fast forward nearly 18 months into the 6 month contract, and about $40k later, there is no working app and the "CEO" says "well I would love to give you some of your money back but the contract has expired so I am no longer able to do that, we could sign another one for $20k to finish if you'd like."
I've worked with probably a dozen offshoring companies in my life in one way or another and every single one of them has been deceitful to the point of being fraudulent, and puts out some of the worst code you have ever seen.
I tell everyone considering it that if you can afford it, you're getting scammed in one way or another. You're better off going with a US-based firm that guarantees you'll get American workers who are physically in the US working on your product.
I'd rather hire Deloitte or Accenture for 10x the price - I know they offshore a ton but you'll at least have avenues to get your money back if they don't deliver.
https://www.reddit.com/r/ProgrammerHumor/comments/2xjrdy/whe...
tl;dr - Company CTO hires off-shore dev consultant to write an app, the code is horrendously bad, doesn't even fulfill requirements, and has to be thrown out because it's such a bug-ridden mess. Company scrambles to produce the app internally and succeeds. Later, they need to launch a new product, CTO decides to rehire the same off-shore consultant.
Second time is very quickly approaching "what salary/bonus/options/401k match can we claw back because this is professional negligence" territory.
You’re not going to want to pay the rates that they will charge for their best of the best hands on developers based in the US and if they did start staffing lots of devs in the US, they wouldn’t be price competitive.
I have worked at AWS Professional Service (full time direct hire) and now work at a third party consulting company as a “staff consultant”. Only a few large and/or well funded companies (and government agencies pre-DOGE) were/are willing to pay the rates that the companies charge to have me on a project.
Even then, they lean on me far more for leadership and strategy than hands on keyboard
GP suggested Deloitte and Accenture. They do offer technical consulting services but really as an afterthought specializing in accounting and business consulting. Thoughtworks (home to Martin Fowler, Kent Beck, Zhamak Dehghani and so many more) is far more savvy, had been a far better presence in the industry, and has more highly skilled people. I am a bit partial but with reason.
In balance, I have absolutely nothing negative to say; I loved working there and felt great about the work we did for others. Consultancies and their clients can be messy but it was a wonderful place to overwork (relative to my personal capacities). The technologists were top notch, people cared to do good work and deliver real business value, and the ambient emotional intelligence was soothingly glorious.
https://en.wikipedia.org/wiki/Chrysler_Comprehensive_Compens...
Will we get AI to determine if the candidates are using AI?
reality is way more messy and worse. There are multiple actors involved in each part. Eg 2-3 "actors" for visual screen are ready for each call, 2-4 "audio" knowledge only experts on the call, 1 dedicated speaker, 1 person coordinating answers from audio folks to actor folks.
they are even ready for once in a while visit to offices in us, so they have actors there on the field as well ready to attend calls (probably 1 to 1 mapping after first visit)
and the work assigned is assigned to a completely different set of people, not involved in any of above. those folks and these folks dont interact.
i have worked part time as one of the "audio" person in above interviews. also involved on work side. ama.
Compare US tier 1 city salary to India tier 2 city salary and the math will work out.
This is debatable.
My company now mandates all contractors sourced via one specific firm, and more recently that 70% of contractors are located "offshore", which in practice means India. Of the 5 contractors they have placed, I've let 4 go for performance reasons. Even at the rates they're getting paid (about 25% what a domestic resource would get) they're net-negative value.
> This is debatable
work is being delivered is relative, not talking about good work or great work. its average at best. The debate you want to do maybe is if this is better than call center scams
They apply to multiple jobs at multiple companies..
One team handle interview process to make sure they get the job, once they get the job another set of people handle the actual work.. And then the interview team also handle any instance the person need to be seen or talked to..
Each job pay a few of those guys and the company keep the rest.. If they land enough jobs they can easily pay for all that..
Also, the purchasing power disparity in different regions is humongous. For what a typical L5 might get paid in Silicon Valley, you can afford a team of 5-10 in India, and India isn’t even ‘low cost’ anymore.
It’s as if someone else disconnected us.
I am sure they are North Koreans. Next time I will have a picture of fat leader printed out and I am asking the candidate what they think of Kim.
If you think these scams aren't real, you aren't looking. We're a remote company, but our policy is now to only hire candidates from internal referrals, or candidates who are in a location where someone on the team they're hiring into can grab coffee with them.
Guess France is a collectivist culture. That's 101 of many consultancies: get the contract by presenting the A-Team then switch with junior employees a couple weeks in.
In-person interviews.
And if you don't want to pay for that, proctoring.
And if you don't want to pay for that, I have next to zero sympathy for you.
I've run into this with a Ukrainian consultancy. It wasn't even a scam. They told us up-front that they were prepared to pull their best engineers from some other clients and put them on our team in order to win our business. Our obvious reaction: and when you get another opportunity, you will pull those engineers from us and we'll get the B-team, just like you're about to do to someone else.
Naturally we didn't move forward with them (this was before the war, so very lucky decision)
Out of curiosity, what tech sector does Ukraine have? I don't remember ever hearing of any large successful Ukrainian SW compony or unicorn.
(Their response to a customer-service request a year or so ago was sobering. Along the lines of "yes, that's a bug we know about, but the developer who owns that feature lost his home in a missile strike last week. Once he's got housing and a new laptop he'll fix it." A week later he fixed it.)
Europe doesn't have a ton of large and high paying software companies, but it does have a ton of good developers.
Romania probably has produced half a million software developers over the past 30 years (in a population of about 20 million), yet it basically doesn't have any large software companies. Probably the biggest you might have heard of are Bitdefender or in the past Softpedia.
Or the alternative, foreign companies set up shop there to scoop up the local developers. Using Romania as an example, Bucharest has R&D centers with at least hundreds of developers each (some with thousands), for: Amazon, Google, Microsoft, Oracle, Adobe, SAP, UIPath, Huawei, Honeywell, IBM, Cognizant, Ericsson, Ubisoft, HP, etc.
Russia, on the other hand, has traditionally focused more on building its own products and brands, both for its domestic market (Yandex, VK) and the global market (Karsperky, ABBYY, JetBrains). When a technology they create for themselves turns out to be pretty good, it often spills over to the West and gains global popularity - examples being ClickHouse (originally to support metrics collection at Yandex), nginx (originally a reverse proxy at Rambler), etc. I have a hard time remembering something similar coming out of Ukraine?..
I may be wrong, it's just my impression of it (reading Ukrainian/Russian job postings etc.)
JxBrowser: https://teamdev.com/jxbrowser/ DotNetBrowser: https://teamdev.com/dotnetbrowser/
Its Jetbrains, and they don't deny having workers there at all (the company itself If I recall correctly is located in the Czech Republic). In fact, they went through great expense to exfiltrate their Ukrainian employees and cut Russia off before everyone else got on the bandwagon (IE, before it was 'cool').
Like wich exactly? Jetbrains is one, but it is from Czechia IIRC. I was asking what tech products has Ukrainian tech sector produced.
My understanding is that they had the Czech business location with Russian developers so they had a clean public face.
I’d believe you if you insisted on Kiev based too, I don’t know anything first hand.
There you go, hope it makes more sense for you.
A deepfaked recruit is a slight extension of that.
I got my only remote BigTech job post Covid where the entire loop was remote. But it was customary before then to fly people into the office for the final interview.
Yes I realize “remote first” companies may not have an office. But even then, you could fly the interviewees to the location of the interviewer and use a hotel conference room.
https://www.cnn.com/2013/01/17/business/us-outsource-job-chi...
And as much as I hate to admit it, remote work has so many downsides for most companies, I see why many of them are in on RTO and hybrid.
Luckily in 2020 I pivoted to cloud consulting + app dev where it doesn’t make sense to be in the office since you will either be working with clients remotely or flying into their offices.
And even then AWS forced their ProServe consultants and SAs (full time employees) to be in an office when not on the client’s sites after I had already left. As does GCP.
Call me a conspiracy theorist but it seems vastly more likely that China and Russia (far and away NK’s strongest, nearest, and largest allies) are executing these hacks and blaming them on the NKs to avoid retribution.
You either believe that or that NKs are genetically superior specimens because they’re not doing anything else that would yield the superior results they attain.
I'm 100% sure there are some people there using AI to try to get through interviews, but what's the end game? The article mentions faking identification documents and work history. Well the first is a crime, and the second takes about 5 minutes to verify. "RTO to prevent crime" is so dumb even the RTO CEOs aren't pushing that one yet.
Maybe in the future it will be a more significant problem but not this year, not next year and probably not even this decade.
> The applicant, a Russian coder named Ivan, seemed to have all the right qualifications for the senior engineering role. When he was interviewed over video last month, however, Pindrop’s recruiter noticed that Ivan’s facial expressions were slightly out of sync with his words.
> That’s because the candidate, whom the firm has since dubbed “Ivan X,” was a scammer using deepfake software and other generative AI tools in a bid to get hired by the tech company, said Pindrop CEO and co-founder Vijay Balasubramaniyan.
Hm, let's read on.
> As for “Ivan X,” Pindrop’s Balasubramaniyan said the startup used a new video authentication program it created to confirm he was a deepfake fraud.
Oh, I get it, it's an ad for Pindrop.
Christ the future is stupid.
There is a Reddit community with over 400k members to show how prevalent this is [1]. There's lots of tactics like not allowing mentions on LinkedIn so they can't be publicly mentioned and seen by other unsuspecting employers, and just maintaining plausible deniability about why they can't make an on camera meeting. It is technically not illegal so it is very lucrative and hard to detect.
Close to zero companies would accept this, even if your performance met standards and you did it in such a way you didn't miss a single meeting. That's why I said if you are open about it they will fire [or not hire] you. It's a double standard.
There is only one used method of performance measurement: time spent. Every company who CLAIMS to be "data-driven" or "gamifies the system" are lying through their teeth. They're like every other company, they measure performance by hours spent.
I've seen many engineers easily hitting double the number of tickets closed as others. They don't work 20 hours a week. If they did, they would be fired within days.
This is why over-employment is "cheating". Employers don't actually care about your performance, they care about how much you're paying. If you're paying less to them, even if their end of the deal is sweet, they feel cheated. They, like most Americans, value perceived fairness over actual outcomes. They have no issue shooting themselves, or you, in the foot if this looks to be more fair.
Now I could go out and get a retail job for after my regular job.
2. I'm not aware of anyone who is the CEO of 4 companies; well, except Mr Musk, but don't you dare say for a second that no one is batting an eye at that. Most CEOs I know barely have enough time for one company; and obviously the performance of Musk's companies recently suggests he's in the same boat.
3. The original poster pretty clearly inferred that, in these situations, generally speaking these workers are not meeting performance expectations.
If you want to work at 4 companies and your 4 managers don't have a problem with it, then go for it. Real problem arises when one lie about it and does it stealthily. Lying shouldn't be allowed, neither for CEOs nor for worker bees.
As they say, "Turnabout is fair play".
But god forbid the laborers do anything that takes advantage of a situation to better their lot in life.
For the record, I ain't one of those folks either. I'm not looking to hold more than one job at a time, and I suspect the actual majority of workers are like this too, so even if the argument held water for someone, 400K people is less than 0.1% of the workforce. That is hardly worth worrying about beyond simple precautions if it something you think is an issue
(I work remotely for a big corp and this is how I feel and act as well.)
This is the same as grouping all workers together as being lazy.
If you think you are, I'll counterpoint it by insisting that I'm entitled to a house. Why should someone else have two, or more, or two hundred, when I don't even have one? Some landlord hoarding of them is, after all, robbing me.
You are entitled to a place to live, and the option of choosing it to specifically be a somewhat normal house in your general area, and landlords actually are robbing a huge portion of the population from their right to own a home. The average age of a first time home owner is rising and it's not rising consensually. The US has been tilting away from the rational middle ground between "no landlords" and "landlords own everything" over the last few decades.
Especially in the WFH era where it's much easier to get away with it clean, I don't see anything all that wrong with working 2 or 3 such jobs at the same time. If all of them are happy, or at least not too terribly upset, with your performance, what's the harm. There's definitely been times in my life where I could see myself doing that just for the sake of being bored.
What do you do in your second and third job? How did you find it?
All three jobs are software engineering. C++ mostly.
Just because the fraud or theft isn't at the moment illegal doesn't meant it isn't fraud or theft.
It's a breach of contract. It's not fraud or theft.
Nobody's stealing anything in these situations.
You notice that they have two "executive assistants" on staff at the 30-person company you're applying to. Gee, I wonder if this "CEO" does any actual work? No, of course they fucking don't. Linkedin post about how they balance work with family despite all this, LOL, it's because all your "jobs" are fake and you have enough money to pay to make all your personal work go away, too. You're a goddamn part-time worker dilettante playing pretend that you're a "hard worker" with amazing time management skills.
Yeah, demands that employees operate under far greater constraints and give more than the near-zero shits about the company than the owner- and executive-classes for way less compensation are totally reasonable and should be respected. /s
And as others have pointed out, apparently it's only ok when a genius-level CEO takes four different CEO spots and a few board seats and continues to play video games all day. Yep, totally ok and not for anyone else.
Somehow that's fine for higher ups to 'sit' on 10 boards. And they do not see that like 'steal as many paychecks'.
On the other hand, I am the hiring manager at a healthcare company and I have to layoff 1-2 people per year who do this. I know all the tell tale signs, random blocks on calendar, missing meetings, sudden health issues when there are production incidents, getting stuck on simple problems for days at a time. Of course you can always back it up by looking at their stats (staring at Microsoft teams 4-5 hours a day).
I just close that company’s laptop and never think about them again.
There is no linkedin to update, no resume to update, no desperate dash or networking for another role.
Although there is less sympathy for being sacked for performance issues when thats the reason, the realities in my overemployment journey have been companies running out of runway for reasons not solvable by engineering direction, furloughs, government contracts where the top performers only lasted 5 more weeks longer than I did after being promised that the project was a 5 year contract, whole org adjustments, “we are going in a different direction” and more. Tech is not a stable sector. This is a far superior position to be in.
I’ve met expectations and gotten raises from simultaneous full time roles as well.
So, from the employer's perspective, it feels like fraud. But they've effectively been defrauding you for the past 100 years, by making you work salary when your job isn't a salary job. So, it's even. Well... not really. Still absurdly skewed in the employer's favor of course, but a little more even.
He struck me as somebody who was just overextended and flailing around for immediate cash revenue. So I think he had convinced himself he could do his two companies and a full-time job. But I expect that in practice he'd stint us on hours and be so sleep-deprived during them that he'd be somewhere between marginally and negatively productive until we fired him.
But then it's hard to tell the difference between a desperate schmuck and a scammer, as I think it's a continuum. A lot of out-and-out scams get started like that.
To be fair, I could probably replace children with running a company on the side and still end up less sleep deprived.
A pre-employment background check (which you typically do after accepting an offer and right before starting the job) would clearly show all your previous places of employment (for up to 7 years at the very least), along with the timelines. How would one explain that to the employer?
In fact, I got a copy of it back too, where it listed even some of the jobs I didn’t list myself because I didn’t think they were relevant (e.g., the grocery store job I had the summer before college, 5 years before the SWE position I was getting background checked for).
One time, it even had an interesting tidbit that got flagged. A former employer of mine didn’t exist anymore at the time of the background check (the company got absorbed into another international corp and then closed down all offices in the state I worked in, thus ceasing to exist both legally and physically). So the background check report mentioned there was an indication of me having worked there, but they couldn’t reach out to the company to verify my exact employment dates.
It doesn't just show your employment for the past 7 years, it also shows your comp, your debts, your defaults, everything.
It didn’t have my reported salary or debts. I know because I requested a copy of the report my employer got (which afaik is a legal requirement to provide one upon request, so it was as simple as clicking a button).
In general, I have no issues with my employer knowing my previous compensation once i am employed there. At no point in my interviews in over a decade at different companies was I ever asked what I made in terms of comp before, only what I wanted to make. And the background check only comes after the offer is already agreed upon, signed, and I already started working there. So I don’t see a problem there.
How does that have any relation to a real agency, staffed with competent experts that specialize in background checks?
The overemployed crowd is two steps ahead though: https://old.reddit.com/r/overemployed/comments/10el4ll/remov...
The most they can realistically do to you for violating that section is just firing you. I don’t see them trying to collect the “damages” in the civil court.
I am not saying it's not happening. But we haven't seen it happen on HN.
This is in the Atlanta market where I use to live before I started working remotely and moved. I got this email from a recruiter there. It’s about the same in most major non west coast markets
(Starting on page 26) https://motionrecruitment.com/hubfs/TSG-25/Atlanta-IT-Salary...
Compare that to any of the BigTech or adjacent companies where entry level developers are getting return offers from their internships of $150K-$175K.
Onsite interviews were a normal practice just a few years ago.
Getting a taste of their own medicine after all those fake or evergreen postings. Feels shitty doesn't it? At least the people looking for hires still have a job to feed their families, unlike many on the job seeker side.
It's hilarious that the same technique is now being used against them and companies are angry and frustrated. Too bad they are not actually human to understand what those feelings mean.
We talked to some recruiters recently and they essentially said atleast 1 step of the hiring process must be in person unless a valid reason can be made. i.e. single mother taking care of child going through a divorce backed up by a court record.
One fun thing to do is stress test their GPU / CPU out during part of a coding exam. (Only do this for 99% confirmed cases) This can slow the deepfake software down so much that it starts looking messed up and obvious. Securing employee onboarding with KYE IAM is also critical. Most of these people don't put much effort on the 360 review of an applicant and verifications beyond video calls spot them early on. There are countless solutions to the problem so you need to be creative. These applicants think they are next level fakes, but a lot can be spotted a mile away.
Unless they've changed tactics, I think they might just blow up literally any job listing they can because the cost of not getting called back is nil anyway.
Nobody is moving across the nation to a town in the middle of nowhere to make $10/hr.
And I have been contacted many times to such kind of arrangement that the offered me that we will give you realistic fake US profile, you have to give interview, if you get hired, we will take some share of salary. And I denied, as I do not want to live with feeling of guilty of lying for earning more than I need where I live, I can live way better with what I make than my other fellow countrymen.
Want to add tech to the mix? Give the hired ones in-person a device to take home that will need to be verifiably at their stated location. Also require confirmation they are located where they say they are located, maybe even hire a PI to verify. And yes, traveling digital nomads could be accommodated; "I'll be in Bali the next month"; "fine, just send us a pic of your passport stamp and the location device will confirm it". Yes, it is a bit of light surveillance, you are paying for work and basic honesty and verifiability is not too big of an ask.
Sure, some of that could be fooled by working with an accomplice, but it would certainly cut down the fakers by orders of magnitude, and the NKs by ~100%.
"A bit of light surveillance" my ass.
Who said anything about install? They give you a company phone.
And you really think it is unreasonable for a person/company paying you money to do a task to know where on the planet you are located, emergency contacts, etc.? What happens when you get hit by a bus in Bangkok or have a scuba incident in Bali and are in the hospital for a week or worse? You just go dark and they have no way to send aid or even get status on the work you are now suddenly not doing, or obtain the current files so someone else can make progress?
Of course there are many inconsequential gigs/jobs for which it doesn't matter if you disappear, or lie about your identity or location, or are a North Korean spy trying to destroy the company, and you're welcome to work for those.
But I'm 100% in favor of remote work, and I would not remotely consider hiring someone for any consequential project or position without knowing they are who they say they are and they are where they say they are located.
And from a Corporate and National Security perspective, while I consider Return To Office largely outrageous, it seems quite reasonable for simple physical security measures to verify an employee is who and where they say they are.
Even more so considering the massive amounts of both nation-state-level corporate espionage and remote work fraud going on.
I can fall into a coma in the US. If your business depends on “being able to send aid”, then you have failed as a business.
If I am not delivering work output, terminate me.
My employer is entitled to my work output for compensation, no more, no less. The rest is an unwarranted intrusion into the rest of my life.
You are of course correct, they are free to not hire me, as I am free to not work there.
“Install” - you describe a device that reports my location, and described being required to take that with me so they could know / verify said location. That is so beyond the pale.
“Oh you said you were in Bali last week? Passport please so we can verify.”
What next? Do I need to send my after visit summaries from my doctor to HR, too?
>>My employer is entitled to my work output for compensation, no more, no less.
Of course that is true if you are working on a contractor or gig basis. The spec is for "Qty X of Y widgets, with software doing Z, delivered in July to our office in Cupertino", and you have no access to their offices or systems. Working basically incognito is fine, as long as comms are maintained for reasonable updates and you deliver as, where, and when specified.
But if you are both taking on the obligations of an employer-employee relationship, including benefits, legal obligations, access to company systems & offices, use of company equipment, etc., it is not only reasonable to know you are who you say you are and where you say you are, it is the managers' responsibility to know.
If your CEO comes to ask about and engineering issue on Project Sigma, and your report "Joe" is responsible, but you haven't heard from "Joe" in a week, and the last you knew he was flying to Australia, but you can't say if "Joe" is working in Sydney, beaching in Bali, or selling secrets in Shanghai to a Chinese competitor, and you don't even really know who "Joe" is, it seems you have not only dropped the ball but lost the plot. And probably your management job.
>>If your business depends on “being able to send aid”, then you have failed as a business.
Of course it is a mgt failure to structure your org with a single point of failure. But if an employee has responsibilities so trivial it makes no difference if they suddenly disappear, why were they even on payroll?
Why is it unreasonable to expect an employee to take care of themselves and company laptop/phone/etc., and be in reliable and honest contact so if something does happen, you can take steps to help, such as knowing where to send a replacement laptop or updated team info?
>>If I am not delivering work output, terminate me.
Of course, but the context here is dishonest employees stealing corporate secrets for enemy nation-states or stealing payroll until they are found out.
The costs of secret stealing can easily be company bankruptcy and unemployment for every other employee, and national security breaches.
The costs to bogus employees or dishonest 'overworkers'[0] stealing payroll until they are found out is beyond just stolen paychecks, it's also the overhead and lack of progress for the rest of the team.
More generally, it's important for remote work options to thrive, and if the basis is "F.U., you can't even know who or where I am, don't pay me if you don't like it.", almost all employers will make their policy: "sit your butt in this specific office chair 9-5 M-F". I'm a strong advocate of remote work, and have sat in the employer's chair many times, but if those are the only two options, my only choice is RTO.
>>required to take that with me so they could know / verify said location. That is so beyond the pale.
I disagree. This is not like monitoring cameras/microphones/keystrokes (even 'tho similar monitoring in an office is trivial by walking to someone's cubicle). But to claim that your employer or manager (not gig-work contract mgr) can not even know what hemisphere or time zone you are in seems absurd. And no, daily "were you really at the Dr.?" stuff isn't the point of my solution either. I am literally saying only that you should be verifiably open about who you are and where you are on an every-few-days basis.
So, in the context of corporate/international espionage and dishonest employees and agencies stealing everything from the company jewels to payroll, what solution do YOU have that makes remote work viable? That's a serious question.
.
.
.
[0] I've got no problem with people who remotely 'overwork' two remote jobs if they can honestly keep up with their responsibilities for both. I have a big problem with people taking on more paychecks than they possibly can and just riding it until they are terminated, or "agencies" dishonestly posing as a single employee. Both are fine if everyone fully and transparently understands the situation, but fundamentally dishonest if done with deception. Just like open honest polyamory is fine, but cheating on your spouse is not.
I just had a PR opened that was a two character change, in Javascript, changing `if (!warned)` to `if (!== warned)`. They assured me, in an H1 no less, that they had tested everything and that it was fixing some problem, but didn't say what.
What the hell is happening, and what are we supposed to collectively do about this? Or is this just some new norm we'll have to adapt to?
I'm getting whiplash from how quickly this article jumps to conclusions. Most corporate cybersecurity is quite strong. Why is this the very first conclusion they come to? Not even that the fake profiles collect a salary, just.. "virus!!!"
I have this theory in general that paper is going to make a huge comeback. We've passed the point now where there is no meaningful way to tell if something is AI unless it physically cannot be. Hand written paper and physical art is literally the only thing left that passes this.
I didn't see any "AI" candidates, but I was suspicious about a few / if they were in fact who they said they were.
The part I worry about is that maybe I was just too suspicious and some poor guy was playing it straight and I gave a thumbs down due to my suspicions.
Except the "them" who've been wasting applicants' time for decades is not the same as the "them" who are facing the flood of fake job seekers.
It's generally preferable that "justice" treats innocent parties and guilty parties quite differently.
I'm very experienced, live in the US and a friendly chap who interviews well, but because of everyone is using AI (applicants, recruiters, employers), it's next to impossible to get a reply to any posting or get trough to a 'human'.
The empire strikes back. Until now, the job market, was flooded with false vacancies.
Oh, they're nothing fancy, just perfect-bound with card covers and spines hand-lettered in silver paint on black bookbinder's tape. But they're workmanlike and sturdy and sound in the hand, and maybe it'll be worth someone's value to own words that not only have obviously been labored over at length, but that never change even when no one is looking at them.
Why not, I suppose. Printed words are already becoming a luxury, with the decline in material and workmanship in modern hardbound "prestige" editions reflecting their place among the economy of aspirational, status- and status-anxiety-signaling goods. Obviously I would have no market among these dreary neoliberal bourgeoisie, but I'm sure there are a few perverts on websites like this one who'd pay more for the produce of hours in an attic over hand tools and muttered swears, for something that even if it's just a trade paperback still feels and reads the way a book should.
> More than 300 U.S. firms inadvertently hired impostors with ties to North Korea for IT work
"Impostors" implies that the people they hired couldn't do the job. That's not true: These were people who just faked their location/identity. They had the skills and worked for a long time for those companies. As far as the company was concerned, they were just regular employees. If they couldn't do the job they would've been fired.
If these "impostor" employees actually couldn't do the job and they somehow were able to stick around for as long as they did there's a different sort of crisis going on in "US companies" that has to do with management.
But two, are you serious with "If they couldn't do the job they would've been fired"? I think the most charitable assumption I could make is that you must not have been in the working world long. There are plenty of places that are bad noticing and getting rid of underperformers, even when everybody involved is well meaning. If somebody is actively running it as a scam, it could be hard indeed to detect. And really, they don't have to evade detection forever. Even a few months of paycheck may be more than enough for them to cover the costs of getting the jobs.
Undoubtedly there would be many who would say "I would never spend even one cent to apply for a job position". However, given that such positions tend to pay tens of dollars per hour, and given that a proper application takes at least a few minutes to fill out, I think this is economically unviable. And, of course, if I'm wrong and you now have thousands of applicants anyway, you then have a small fund to draw from for other recruiting activities like in-person interviews.
Or a job description which has X, but X is a very small subset but in fact its a mostly legacy system using Y.
Want to pay me for my time?