Thank god there were no Russians or Iranians. /s
Many of the DPRK workers operate out of Russia (and China.)
It takes that level of verification to become a security guard or a school bus driver. Anybody in computer security should be doing this.
[1] https://www.sterlingcheck.com/services/fingerprinting/
[2] https://www.aamva.org/technology/systems/verification-system...
I live in China, a supposedly autocratic country and one with universal ID, and even companies here don't take fingerprints. ID will be shown when you are officially onboard. I can't say for all, but for most companies (at least the ones without the need for a security clearance), requiring ID at interview will be seen as a red flag, and requiring fingerprint would probably be put on social media and name shamed, if not straight up reported to the authorities.
Not that I’d do it. The paradox that security for a firm means zero privacy for me is too much to bear these days.
I would call the on-site interview and/or minimal background check "the most pareto frontier thing you can do."
Verify their ID in person, issue their laptop etc in person, make sure someone who interviewed them is there to meet and greet them (and attest that it's the same person they talked to.)
If you can at least do a final interview in person also, then that's even better.
(context: https://www.cnbc.com/2025/04/16/former-cisa-chief-krebs-leav... )
Capability based operating systems can be made secure. Data diodes are a proven strategy to allow remote monitoring without the possibility of ingress of control. Between those two tools, you have a chance of useable and secure computing in the modern age, even against advanced threats.
Yeah... I feel like Cassandra, but here we are. You've been warned, yet again.
CyberMacGyver•3h ago
owyn•2h ago
ash-ali•2h ago
mandevil•2h ago
https://www.rsaconference.com/usa
keyle•2h ago
hiddencost•1h ago
(Kidding. A little.)
saagarjha•46m ago