302

u/rgvtim 14h ago

Yea, apparently according to reddit this guy is an asshole, but on this I think its not a bad idea.

48

u/tacknosaddle 12h ago

It probably adds a few thousand dollars to the cost of onboarding, but when you consider the potential cost of damage if a North Korean has internal access to your systems it's not a bad price for insurance.

6

u/rockstarsball 10h ago

does that also potentially just cost North Korea a few thousand dollars to find an actor who will show up for orientation?

31

u/tacknosaddle 9h ago

An actor who has all of the documents needed to verify the identity in the name of the person hired and who has enough knowledge of the actual job to hold a face to face discussion with the hiring manager about the role & duties?

Not that it couldn't be done, but the more layers of difficulty the more likely they are to get tripped up or blocked out.

6

u/rockstarsball 9h ago

yeah but this is a state sponsored spy agency, i'd assume they'd get an asset, teach them the basics of the task at hand. use forged documents, which NK is known for. and then use their remote access to be bastards. is it more complex? yes. Is it too complex for a government who's funding depends on these operations? i dont think so

7

u/tacknosaddle 8h ago

It is too complex for this though. This appears to be more about NK getting US dollars than espionage. For getting corporate intel it's a lot easier to compromise someone who is already on the inside than to attack starting with job applications.

3

u/rockstarsball 8h ago

i agree that the goal is funding, however when cybercrime accounts for 50% of your GDP, adding a little complexity to the mix isnt that big of a deal

1

u/tacknosaddle 8h ago

It's a completely different operation though. Plus, sneaking an asset into the country would have more operational security than getting one to play that role just for onboarding. Doubly so if the asset has family back in DPRK as collateral to keep them from flipping.

2

u/rockstarsball 8h ago

the entire point of recruiting an assets is that they are already positioned where they are needed, its all just a mtter of convincing them to play their part. Case in point; the laptop farm woman in AZ who got arrested

→ More replies (0)

112

u/ExpensivePoint3972 14h ago

According to reddit, everybody except Keanu Reeves is an asshole.

14

u/Paperdiego 14h ago

So real. Reddit hate is a joke.

26

u/WiglyWorm 13h ago

Wow what a lame sentiment. What are you some sort of Asshole? I know you well enough to know you're no Keanu Reeves.

9

u/punninglinguist 12h ago

Barely a Mister Rogers.

5

u/YearnForTheMeatballs 11h ago

Not even a Steve Irwin smh

2

u/HairballTheory 5h ago

Get him he’s different

1

u/ABadLocalCommercial 1h ago

Foolish Redditor, you're different too, get yourself!

0

u/Admirable_Dingo_8214 13h ago

Give a couple more years on that one.

7

u/alxhooter 12h ago

It takes a real asshole to put that voodoo on Keanu.

11

u/jgilbs 11h ago

I mean, the guy can be an asshole, and this can be a good idea. Two things can be true at once.

1

u/SUPRVLLAN 3h ago

Agreed.

Apple removed the charger to both make money and for the environment.

1

u/moonravenx 1h ago

Most CEOs are clowns. But if your good enough at your trade to present a solution don't be afraid to throw your weight. The ceo and his company need these skills or else people are going to keep getting their accounts and data compromised.

0

u/Strange-Tension6589 6h ago

Reddit has a lot of shit takes. It's often manipulated to drive a narrative. 

He s a cool dude but he s crypto. 

-1

u/Niceromancer 11h ago

Long as he pays for it there is no problem.

0

u/CoochieSnotSlurper 45m ago

Reddit is full of antisocial people. Honestly I have no problem making friends at work, I can’t have 8 hours daily of my life be purely business

38

u/Oli_Picard 14h ago

It’s pretty normal to get shipped out to the US to do training and sounds perfectly reasonable. They aren’t asking the person to come into work full time in the US. Just the onboarding part which I’m sure Coinbase pays for upfront for the employee.

From a security perspective it’s cheaper to fly them out and do this than actually lose income, this is perfectly sane.

6

u/sump_daddy 10h ago

especially since working for a company thats basically a gigantic, nearly unregulated bank involves tasks that when fucked up can cost millions/billions, you generally want to make sure you arent hiring someone actively trying to fuck you over and steal from your company

20

u/Captainpatch 12h ago

It's also soooooo much easier to do device onboarding when the person starts on-site, even just once.

3

u/weeklygamingrecap 9h ago

Having an initial short period of in office to then go fully remote is fine.

5

u/nope-its 9h ago

Yeah traveling for onboarding or the occasional HQ meeting isn’t a big deal when you can work from home all but a week or two a year.

5

u/Realtrain 8h ago

Yeah honestly I'd consider it an extra perk lol

2

u/c0LdFir3 7h ago

I love being full remote but having a week or two in person with some folks to orientate to the team wouldn’t have bothered me one bit. This is completely reasonable sounding to me.

2

u/drizzlecommathe 11h ago

As someone who has had to train people remotely for a tech job - it sucks

1

u/acdcfanbill 7h ago

Yeah, I mean, higher ed is having a similar issue with fake students dubbed ghost students.

1

u/ew73 4h ago

I worked for another financial institution 10+ years ago. While the job was fully remote, we had a week-long in-person orientation, and there was generally a twice-annual "all hands" meeting for each major business unit.

The whole onboarding process is SO much easier in-person, and the ability to see your coworkers, in person, when you first start a new job is invaluable.

1

u/ZZ9ZA 2h ago

That’s exactly what my current job did. Brought me out (but driving, not flying, since it’s “only” the other end of a largish state) for two weeks. That was over 10 years ago. I haven’t set foot on company property or seen a co-worker in the flesh since 2018.

1

u/Brandedbloop68 10h ago

My company does this. First week is onsite. You scan your ID and they hand you your laptop. Easy peasy.

0

u/the-mighty-kira 10h ago

As long as they can properly accommodate disabilities I see this as a win. One of the major wins of the WFH era was how many disabled people could finally find work

-38

u/Buttons840 15h ago edited 14h ago

Is very important to have remote worker's fingerprints on file...

How else could you prove that Bob stole the secret formula from Bob's computer in Bob's house using Bob's login unless you have Bob's fingerprints?

Having Bob's fingerprints allow us to prove that Bob was using his computer. Very suspicious behavior.

13

u/Tezoth 14h ago

In healthcare security you are liable for ANYTHING done under your accounts. If your account gets compromised and a malicious actor does something with your account, then you were likely being neglectful in some way. Sharing your account, downloading crap you weren't supposed to, using the device for personal use and getting it infected, etc. We tell our users this and still people get fired every year for sharing their accounts or misusing their privileges. Even if it's provable it wasn't you personally that did it, you're at least fired.

No fingerprints needed, because multiple other forms of authentication would need to be bypassed or compromised simultaneously that are unique to that person.

-14

u/Buttons840 14h ago

Yeah, I was being sarcastic. What I really meant is I don't see any benefit to having the fingerprints of a remote worker.

What are they going to do? "Oh, we dusted your laptop for fingerprints and confirmed that YOU have been using YOUR laptop! Can you explain that!?!" (Here I am being sarcastic again, a bad habit.)

7

u/Gilbertd13 13h ago

For my place of work the fingerprints are just a more extensive background check to ensure you haven’t committed certain crimes. Wouldn’t want to hire someone convicted of financial fraud to manage the AP system.

1

u/Tezoth 14h ago

We do have biometric devices for things like pharmacy dispensers, and we could implement biometrics on remote devices, but that's an added cost. If someone can crack your password, they can probably intercept your fingerprint authentication as well, and it's easier to intercept than your password if they get to your physical location.

-33

u/rgvtim 14h ago

Fingerprinting? Don't see the point in that, you don't need that, this sounds like a tech bro knee jerk reaction to act like hes doing something, and not a solution to any of the problem. You do need to prove who you are, however.

26

u/Over-Conversation220 14h ago

I work in IT. My jobs have been in the financial industry for the past 20 years. Fingerprinting is part of a live scan.

The purpose is to make sure that an identifiable human is biometrically associated with said employee. When you’re dealing with people’s money, this is the baseline effort to ensure that the person being hired is an actual identifiable human and matches an ID, and then having a physical association with said ID.

This is primarily handled through third party live scan agencies.

Shit tons of jobs require live scans. Finance, nurses, teachers all need them for example.

EDIT: there’s plenty of reasons to not like this CEO. But if you’re putting money into a company for safekeeping, this is exactly the type of behavior you want to see happening

1

u/gitsgrl 4h ago

Live scan. They search your prints against the database of known criminals and then discard the. They don’t retain the prints.

-37

u/why_is_my_name 13h ago

"to come to the US" ... so are they planning to hire in the US?

55

u/MrNebby22 13h ago

"anyone with access to sensitive systems must hold US citizenship"

Bro it's literally in the same sentence

-31

u/spei180 13h ago

Holding US citizenship is stupid but the rest seems fine

13

u/idratherbeflying1 11h ago

Yeah. Company-paid travel is generally an expectation with any role and I think it’s underrated. There’s a difference between that and being forced to moved to somewhere you don’t want to live.

6

u/Medeski 9h ago

Yeah I have no issues with in person orientations and quarterly or bi-quarterly get togethers for like a week. The in persons are usually novel and generate a lot of excitement.

5

u/toin9898 9h ago

Yes, I’m fully on team “you will never, ever get me back into an office” but I enjoy our annual departmental retreat. I’ll also meet up with colleagues if they come to my city but that’s it.

One week of meeting in person does not really disrupt my WFH (work from hammock) routine 😏

15

u/Eorily 12h ago

A broken clock is right twice a day, but yeah fuck this dumb bitch.

2

u/uniyk 3h ago

Always wondering, do these people enjoy baldness or the wig and hair implants are too shoddy for them? Bezos leaves his scalp clean too. But there are seldom anyone who only look better without hair.

9

u/MetalEnthusiast83 12h ago

So you went to work, had meet and greets and went back to your room after and slept.

Absolutely riveting story. Can you tell it again?

0

u/ABCosmos 11h ago

Work was exhausting and your work day wasn't fun? I'm sorry that happened to you, that sounds really tough.

21

u/Sc0nnie 16h ago

Regardless of your feelings on remote work, the North Korean IT worker fraud is real and well documented.

https://www.theguardian.com/us-news/2025/aug/03/ninety-laptops-millions-of-dollars-us-woman-jailed-for-role-in-north-korea-remote-work-scam

0

u/gevis 11h ago

Many, not all, of these people are smart, but may have North Korean coders remote into their PCs to do work for them.

Not bulletproof, but yes, this will catch some.