
Georgia Tech Creates Cybersecurity Master’s Degree Online for Less Than $10k - electriclove
https://www.news.gatech.edu/2018/08/08/georgia-tech-creates-cybersecurity-masters-degree-online-less-10000
======
jamestimmins
While these degrees are interesting, they still have the same entrance
requirements as on-campus programs (transcripts, references, undergrad
degree). This is a shame bc there are many people, especially in software
engineering, who have the skills yet lack adequate proof of those skills.

I'd love if there were a CS masters that either let you apply directly or
complete a specification to get automatic admission. Perhaps after completing
foundational courses with a B average. That would greatly increase access and
should be sufficient to weed out unprepared candidates.

~~~
phyller
I was accepted into the Georgia Tech CS masters program without any formal
education in CS. I have significant practical work experience though. If you
don't have an undergrad degree at all, I'm not sure a master's degree is
appropriate? If you don't want to get an undergrad degree, at this point in
time that has some logic to it, but you are committing to a path where you
will not be getting formal degrees. There are things like Coursera
specializations that can provide training and some level of certification.

~~~
marcoperaza
> _If you don 't have an undergrad degree at all, I'm not sure a master's
> degree is appropriate?_

Why shouldn't it be? I don't see why 3 years worth of miscellaneous classes
and 1 year worth of classes toward a major (not even necessarily in computer
science) should be a prerequisite for a cybersecurity program, or for any
masters program for that matter. It just seems like another part of the false
mythology of undergraduate education. And I'm sure the people running these
credential rackets realize that allowing students to cut to the point would
put an end to their gravy train.

~~~
close04
Even the name of the degree, _masters_ , implies that this is for mastering
that subject. I personally take that as a hint that (in general) you should
already be intimately acquainted to it before mastering it.

Those years for the bachelor don't just prove you learned some random
subjects. They also show that you deliver - you have a topic, you study it,
you pass the exam.

The reason you say "I don't need that" is because you have to pay a crapload
of money for those 3 years with a dubious ROI. It's a credential racket
because they charge you through your nose. And it's cheaper now because online
is cheaper. But it's unrealistic to assume you get the same quality for less
money, it would sink their normal masters business right? Lots of things are
debatable here especially if you dig into the exceptions but generally it
might be the difference between takeout/fast food and a good restaurant.

When I see people skipping some degrees and going for the online ones they
have to show some damn good practical achievements to convince me that was
time worth saving.

I'm pretty sure most of you would refuse to go to a doctor who studied online.
Cyber-security can easily turn out to be life or death.

~~~
icelancer
If you are mid-30s with 100+ semester credits done in your Bachelor's Degree,
but can't go back to finish it because many of the credits have expired, the
idea that you'd have to re-finish the degree just to sit for a Master's Degree
when you turn 40 is ridiculous.

Plenty of people have been admitted to MS programs without a BS/BA when they
prove why they're the exception. Serious private sector work fills in the gaps
easily. MBA programs are no different.

~~~
hacym
I think that the case you're describing is the exact reason this requirement
is important. Lacking credits in an undergraduate degree is a red flag -- why
are you missing them? Why didn't you go back and make them up? If you're
serious about a formal education, the lack of a few credits shouldn't hold you
back.

~~~
icelancer
In my case, I took a full-time job overseas between my JR and SR year making
100k+ in the field I wanted to study. It was an easy answer for my admissions
officer who then recommended I be admitted to a MS program.

There's a lot of reasons why you wouldn't finish a degree that are valid. Have
you considered _asking_ rather than assuming? What if someone had serious
depression or social anxiety? You're making a lot of assumptions on being
"serious" and it's honestly pretty naive and silly, borderline offensive, and
very common in academia.

~~~
hacym
> why are you missing them? Why didn't you go back and make them up?

Pretty sure that's asking, and if you find that _borderline offensive_ then
you probably need a little bit thicker skin. If you're applying for a top-tier
institution, they are going to look for red flags in your transcript, and not
finishing your education, no matter the reason, is a red flag that needs to at
least be explored. They aren't going to simply _assume_ you had some
legitimate excuse for not finishing because many people don't.

I don't think it's fair for you to call it naive and silly for someone to
understand your background. No one is saying that your serious depression or
social anxiety isn't a legitimate reason, but it's also something that has to
be considered. Academic institutions have a graduation rate to protect, and
they aren't keen on letting someone in that is a risk to drop out after a
couple of semesters -- no matter the reason.

If depression or social anxiety are holding you back in your life that much,
it's time to seek help, by the way. As someone who has experienced the same,
that is a really good indication that it has gone past a simple mood thing
into a serious medical condition.

Best of luck.

------
PostOnce
Is it a "Master's Degree" or is it an "Online Master's Degree" because they
keep saying online, and OMS instead of MS, etc.

I suspect that will be stigmatic, or is already.

If that is the case, then why waste $10K on a degree that is no more valuable
than "self taught"?

Is an OMS from Georgia Tech more convincing than "I read some books and here's
a good portfolio of personal projects" ? It's a hard sell.

~~~
ctdonath
You're paying for certification, acceptably proving you've learned what an
accredited institution expects you to learn.

The problem I've seen with "I don't need a degree!" people is gaping holes in
their self-taught education, missing things that every degreed person learns.

Yes, I'd trust an OMS from Georgia Tech over "I read some books and here's a
good portfolio of personal projects". I'd be seriously concerned that the
latter missed stuff any MS in the subject should know.

~~~
toomanybeersies
> The problem I've seen with "I don't need a degree!" people is gaping holes
> in their self-taught education, missing things that every degreed person
> learns.

I know people with degrees who have gaping holes in their knowledge.

Remember the old adage "C's get degrees"? You only need to understand 50% of
the material (C- grade point average in my country) to get your degree. That's
not to mention people cheating or bullshitting their way though their degree.
I knew plenty of people at university who were lacking basic skills, but
managed to get pulled through by group assignments.

A degree certifies that you've been taught a body of knowledge, not that
you've learned a body of knowledge.

~~~
MattSayar
Is it fair to say that self-taught people are more likely to have holes vs
university-educated?

------
techjuice
Hopefully they will have something more advanced in the future, possibly
calling it Masters of Science in Cyber Engineering with course work similar to
the following:

    
    
      [*]Introduction to Graph Design and Theory
      [*]Secure Network Design, Theory and Implementation
      Introduction to Analog and Digital Signal Processing
      [*]Assembly for IA-32 and x86_64
      Assembly for PowerPC, MIPS and ARM
      [*]C/C++ Programming for Windows, Linux and MacOS
      C/C++ Programming for Android, iOS and Embedded Systems
      [*]Python Programming
      [*]Advanced Python Programming
      [*]Automated Testing Theory and Implementation
      Advanced Graph Theory
      Introduction to Game Theory
      Advanced Game Theory
      Building Secure Scaleable Systems and Networks
      Building Big Data Analytics Systems
      [*]Automated Defense and Offensive Systems Theory and Implementation
      [*]Information Assurance Policy
      [*]Reverse Engineering Windows, Linux and MacOS
      Reverse Engineering Mobile Devices and Embedded Devices
      Reverse Engineering SCADA Systems
      Advanced Analog and Digital Signals Processing
      Cryptography for Engineers
      [*]Vulnerability Research Theory and Methods
    

Updated - [*] Core courses.

If the individual could make it through the above, they would be very
knowledgable, experienced and ready for many of the hard problems in the realm
of cyber that employers are wanting in extremely high demand.

~~~
ams6110
Your list strikes me as significantly more than a typical master's degree
would cover.

~~~
suyash
Yes, that list does look bit overblown. Most MS in US need you to take 12
classes, each of 3 credits = 36 credits to graduate.

~~~
techjuice
Yeah, many would probably have to be broken down into electives, but if all of
them were taken the graduate would be an extremely strong cyber engineer
versus the current easy cyber degrees that are available now that do not
really cover what cyber engineering employers are looking for. Most of the
degrees are very general and do not go into depth or build a strong engineer
during the process.

------
lucb1e
Is that supposed to be cheap or affordable? As far as I knew online courses
are up to a few hundred to get an official certificate. And I just graduated
last week from a similar master's for €2k in a brick and mortar school. What's
special about "under 10k" for an online study?

Edit: from elsewhere in the thread, I understand that a degree is more usually
more expensive than 10k in the USA? I guess a lot more, since this is making
headlines? Is that also the typical case for online degrees?

~~~
icelancer
10k is extremely affordable at an elite CS school worldwide. No offense to
wherever you went, but Georgia Tech is almost assuredly higher rated for US
private sector by quite a bit. This even applies if you went to TU Delft based
on your bio.

Worldwide it holds less prestige but in the USA for the major companies, GT is
very highly regarded and the students are heavily recruited.

~~~
mmirate
lol no.

Job market for GT BSCS grads is the same bollocks as most anywhere else. I
say, save your money and go someplace else (or self-teach) and then use a
recruiter that knows wtf they're doing; that's what will make the difference.

~~~
hacym
It sounds like you just have no regard for a formal education -- which is
fine. However, for many, it's still a great indicator that you have had at
least some training on the fundamentals of your practice area.

The job market for GT grads is the same as everyone else, yes, because it's
unlikely a job is going to magically open just for a GT grad. However, I
guarantee saying you hold a GT BSCS catches the eye of recruiters more than a
certificate from Udemy or no education but some experience.

~~~
mmirate
I spoke and speak from personal experience; and I'm not going to copy-paste my
HN profile.

I do in fact hold rigorous formal education in high regard. But I doubt that
more than about 70% of GA Tech BSCS holders have actually received such a
thing; and a result from a 70/30 binary distribution is not a very informative
piece of evidence.

I don't doubt that a Udemy cert alone is as close to bubkes as you claim. I do
doubt that an Anytown State University degree is in the same bucket as Udemy
certs, rather than the same bucket as a BSCS from GA Tech. I have also seen
recruiters that can very easily convert autodidacts' and Udemy grads' raw
experience and competence into employer signals.

------
karmajunkie
I'd really like to see them do this for an undergrad. I never finished mine,
which hasn't really held me back in my career except for wanting to pursue a
masters. I've looked around, and I've never really found what I consider to be
a respectable online undergrad for less than about 50k worth of tuition.

~~~
wittjeff
GA Tech does admit some students to the Masters programs who don't have
bachelor degrees. The Micro Masters programs at edX may be a way in to the
MSCS programs without the undergrad step. One benefit of the MM programs is
that they're basically open access. You do what is essentially 1/4 of the
degree online first, and if you do well you may be admitted to either the
residential Masters program or the online program. Disclosure: I work at edX.

~~~
barry-cotter
[https://www.omscs.gatech.edu/prospective-
students/faq](https://www.omscs.gatech.edu/prospective-students/faq)

Unless I misread the below they prefer a Math, CS or Engineering Bachelor’s
and a Bachelor’s of some kind is an absolute requirement.

> Preferred qualifications for admitted OMS CS students are an undergraduate
> degree in computer science or related field (typically mathematics, computer
> engineering or electrical engineering) from an accredited institution with a
> cumulative GPA of 3.0 or higher. Applicants who do not meet these criteria
> will be evaluated on a case-by-case basis; significant professional or other
> work experience with supporting recommendations may qualify as an adequate
> substitute for the appropriate academic credentials, however work experience
> will not take the place of an undergraduate degree

~~~
swuecho
For Gatech, BS is required for sure, because that is the basic required of on
campus program.

~~~
icelancer
Not an absolute truth. I know this for a fact.

------
jcrawfordor
I'm currently in an online MS Information Assurance program offered by Iowa
State University. It's both more expensive than this offering (although not by
a lot) and from a university with a lot less name recognition. I mean, besides
that it's probably in Iowa.

So on the surface the GATech offering looks superior. However, I can't help
but wonder how the "at-scale" model changes that. At IA State I'm "in" rather
small classes and have very ready access to the instructor by email and phone.
My work is also almost all graded by the instructor directly, most courses
aren't big enough for a TA to have been hired. So I feel like it's a fairly
personal experience, despite my physically being several states away and
watching lectures recorded. I'm working on forming a committee for my thesis
this semester so I'll be conversing directly with the faculty even more.

I wonder how an "at-scale" program like this, which seems to get built more on
a MOOC model, will compare. Will it feel nearly as much like receiving direct
instruction from an expert, which is what I would want a graduate program to
be, or will it feel more like an off-the-shelf mass produced training package?
That's a big concern to me.

Edit: I also feel like it's worth noting that my program confers an MS, with
either thesis or creative component at student choice. I suspect this will be
viewed more favorably by employers and others than an "OMS," even with a big
name on it.

~~~
ironjunkie
I looked quickly at some online master offering and you are exactly describing
the struggle.

Some places seem to charge an enormous amount of money (>40k$) and some other
a fairly small amount of money (<5k$).

Unrelated to the price, some are simply a glorified version of a Coursera MOOC
with a non personalized experience while some other seem to offer a lot of 1:1
and side project opportunities directly with the TAs and teachers.

This field is in full revolution, but it feels like a lot of universities see
this as an easy way to get a couple thousands extra dollar for only posting
the lecture videos online.

------
plaidfuji
Enrollment only available to those who can SQL inject themselves into the
class registries

~~~
czbond
That should be pretty easy.

[https://techcrunch.com/2018/08/12/hacking-the-websites-
respo...](https://techcrunch.com/2018/08/12/hacking-the-websites-responsible-
for-election-information-is-so-easy-an-11-year-old-did-it/)

------
jbkly7
This is positive. More quality online degrees please.

~~~
anonymous5133
You would still have to look into how these courses are structured. A lot of
these online courses/MOOCs tend to be heavily watered down, even when they're
offered by major universities.

~~~
wufufufu
So you're saying I can get an MSCS from a top tier school AND it won't be as
hard as normal?

~~~
alexgmcm
Yeah - but employers will see online and give it as much credit as if you'd
watched a few youtube videos.

~~~
jbkly7
Where would employers see online?

------
josephmosby
This is a phenomenal field choice for an online degree. I'm a little surprised
that they didn't have a professional institution co-sponsoring it (like AT&T
did for another GT program). One of the big players like Splunk or Symantec
seems like an ideal fit for this.

------
znpy
Still sad that Coursera/Udacity etc didn't really solve the course
accessibilty problem though.

Master's degrees are cool, but what about Bachelors' degrees ?

~~~
lemonghost
There's an online BS CS on Coursera. I can't really imagine how that works
though because a BS typically isn't as specialized as an MS.

[https://www.coursera.org/degrees/bachelor-of-science-
compute...](https://www.coursera.org/degrees/bachelor-of-science-computer-
science-london)

~~~
toupeetape
It is offered by a British university. Undergrad degrees are more specialized
here than in the US, a BSc in Computer Science is a completely normal thing
and is what the majority of British CompSci grads would have.

------
cwkoss
Has anyone here taken this degree program on campus? Would love to hear your
thoughts about it.

~~~
lemonghost
This program was just announced. So the first cohort hasn't started yet. There
are a bunch of OMSCS students in this thread though who have taken some of the
classes.

~~~
auiya
The online program has actually been available since 2010 or 2011 I believe,
the on-campus program since the 00's. The difference now is the price.

------
Thriptic
At the risk of topic hijacking, I was looking at Northeastern's cybersecurity
masters program the other day. What do people think of this?

[https://webcache.googleusercontent.com/search?q=cache:2ygsHH...](https://webcache.googleusercontent.com/search?q=cache:2ygsHHstqxkJ:catalog.northeastern.edu/graduate/computer-
information-science/information-assurance/cybersecurity-
ms/+&cd=1&hl=en&ct=clnk&gl=us)

------
all_usernames
GATech brought in $68M from their $6,800 CS degree?

"OMS Cybersecurity is Georgia Tech’s third at-scale online degree program. It
will follow the same model as the groundbreaking online Master of Science in
Computer Science (OMSCS) program, which launched in 2014 on Udacity with
support from AT&T and has enrolled approximately 10,000 students overall for
the $6,800 degree."

~~~
ralmidani
Some of that goes to Udacity.

~~~
rootusrootus
Also, $6800 is on the optimistic side, probably achievable only by maxing out
the number of courses that can be taken simultaneously (I believe the
concurrent limit just went down, too). For the average person taking it one-
class-at-a-time, it's a bit over $8K.

~~~
nkozyra
It comes out higher than that. Mine was about $10k all-in.

~~~
rootusrootus
Textbooks? I've been paying $811/class so far.

~~~
Delfino
Same here. Did the degree previously require 12 courses instead of the current
requirement of 10? I feel like when I first started looking into the program
before I joined it was 36 credit hours, not 30.

~~~
rootusrootus
Good call, it looks like that is exactly what happened [0]. I wonder what
drove that change?

[0]:
[https://www.reddit.com/r/OMSCS/comments/2ydahe/how_long_time...](https://www.reddit.com/r/OMSCS/comments/2ydahe/how_long_time_how_many_hours_per_week/)

------
Communitivity
As the home site I used to go to for the hacking zine Phrack, it seems very
appropriate they would do this. The courses though seem more generic than I'd
expect. I tried to find the old gatech.edu site for phrack to ad the url here,
but all I find now is phrack.org.

------
CryoLogic
Another poster listed the curriculum. As a security professional from a top
software company I am not really impressed.

The curriculum is as follows (tech specialization, the others are worse):

1 intro to security

1 intro to policy

1 hands on lab

1 crypto

1 netsec

2 it security

choice of (2):

basic CS courses (i.e. mobile apps, operating systems)

None of that will help you get a job at any company with a serious security
org. All of those courses from what I could find are the same introductory
level electives you can get in your BS degree in CS.

It is not a specialized program, it is more of an introduction to security and
CS at the MS level.

Things that would help:

Client XSS, Authentication / Session Management, Secure client/server
architecture, defining access boundaries, phishing / social engineering, red
team / blue team setup, automated vulnerability regression tests, SSDL, threat
modeling, etc.

~~~
beambot
Your list of "things that would help" are topics that (I imagine!) should be
covered in intro to security, netsec, or IT security -- e.g. as 1-week or
2-week sections during the respective courses. Very few of your topics should
be dedicated courses.

~~~
dronemallone
Agreed. Those topics are very specific instances of general principles that
are usually taught in a security course.

What did OP mean by "secure client/server architecture" though? What are the
basic/fundamental principles behind it, that are NOT covered in cybersec
education?

------
tptacek
Here's the requirements for GATech's standard Cybersecurity MS:

    
    
        Core:
         
        CS 6035	Intro To Info Security	
        PUBP/CS/MGT 6725 Info Security Policies	
        CS/ECE/PUBP 6727 Cyber Sec Practicum	
        Elective (CS/PUBP/ECE 6000-level)	
         
        Tech Specialization:
        CS 6260 Applied Cryptography	
        CS 6238 Secure Computer Systems	
        CS 6262 Network Security	
        CS 6265 Information Security Lab	
        Any 2:
        CS 6210 Adv Operating Systems	
        CS 6250 Computer Networks	
        CS 6255 Network Management	
        CS 6300 Software Dev Process	
        CS 6310 Software Arch & Design	
        CS 6340 Software Analysis & Test	
        CS 6365 Intro Enterprise Comput.	
        CS 6390 Programming Languages	
        CS 6400 DB Sys Concepts& Design	
        CS 6675 Advance Internet Comput	
        CS 7210 Distributed Computing	
        CS 7230 Software Dsgn,Impl& Eval	
        CS 7260 Internet Arch& Protocols	
        CS 7270 Networked Apps&Services	
        CS 7292 Reliable Secure Comparch	
        CS 8803 Mobile Applications and Services
         
        Energy Systems Specialization:	
        ECE 8813 Smart Grids	
        ECE 8813 Introduction to Cyber-Physical Electric Energy Systems	
        ECE 8813 Introduction to Cyber-Physical Systems Security	
        ECE 8803 Computational Aspects of Cyber-Physical Systems	
        And any 2:
        ECE 6550 Linear Sys and Controls	
        ECE 6607 Computer Comm Networks	
        ECE 6615 Sensor Networks	
        ECE 6102 Dependable Distribut Sys	
        ECE 6320 Power Sys Ctrl&Operation	
        ECE 6323 Power System Protection	
        ECE 8813 Advanced Computer Security
        ECE 8813 Network Forensics
         
        Policy Specialization:	
        Select 4 courses:	
        PUBP 6502 IT/Comm/Telecom Policy	
        MGT 6726 Privacy Tech Policy Law	
        PUBP 6111 Internet & Public Policy	
        INTA 6014 Scenario and Path Gaming	
        INTA 8803 Data Analytics and Security
        PUBP 6501 Information Policy & Mgt	
        INTA 8803 Challenge of Terrorism in Democratic Societies
        And any 2: 
        PUBP 6701 Energy Technol & Policy	
        PUBP 6014 Organization Theory	
        PUBP 6401 Sci,Tech & Public Policy	
        INTA 6103 International Security	
        INTA 6015 Technology& Military Org
    

I'm pretty meh about this. In particular: when we think about the
"cybersecurity talent shortage" (I don't believe that one exists, but
whatever), we're thinking about what this degree program considers "technical
specialization" roles. I don't look at that course list and think of a
consistent cohort of people it produces that are especially ready to take on
jobs in my field.

I'm also: why do they make Cybersecurity MS candidates take that pointless
Applied Cryptography class? I read the lecture slides for it, and, like most
university crypto classes, it's "just enough cryptography to make you
dangerous, with just enough math notation to make you think you learned
something really hard that you didn't really learn".

The MS core classes are an intro to computer security that might be workable
as a 100-level class in a serious CS program, a "policies" class that looks
_just absolutely deadly_ (1 week on "HIPAA, GLBA, FISMA", then a week on the
"NIST cybersecurity framework", then a week on "cybercrime and cyberwar"), and
a capstone independent study program.

My advice: get an internship and skip the MS. They'll pay _you_ to learn this
stuff.

~~~
czbond
Not commenting on the class, but the talent shortage. It is definitely real.
However, it is actually easier to find security engineers than product
managers FOCUSING on security, leaders who are also good at security & can
speak "past security" to the business. Security is often a dead end in the
C-suite area... because of the personality quirks.

~~~
jxsonl
Can you elaborate more on product managers focusing on security? I just
graduated with B.Sc in CS but am in a networking job now there is a lot to
learn, am planning to branch into the security field after getting more
experience (2-3 years)

------
wilsonfiifi
Any way of getting scholarships for these online degrees?

------
CitizenTekk
It all makes sense to me. You received Master's online, because it
Cybersecurity. Hacking between you and the mentor would be much of fun.

------
ralmidani
edX has a bunch of upcoming online Master's degrees:

[https://www.edx.org/masters](https://www.edx.org/masters)

I wonder which schools will be offering the CS, EE, and Accounting Master's.
Hopefully MIT, MIT, and UT-Austin, respectively. Does anyone know anything
beyond what's already posted?

~~~
technofiend
Man I would go back to get a brass rat! Wonder why Rensselaer Polytechnic
Institute isn't on your list? Then again an online degree takes all the fun
out of living in the "asshole of the universe" as the students allegedly dub
Troy, NY.

~~~
ralmidani
Not to berate other schools but the ones I listed are top in their respective
fields.

------
auiya
I completed this online MS InfoSec program in 2013 back when it cost $40k (out
of state). Who do I talk to in order to get a refund for the difference since
now Georgia Tech are effectively admitting they were price gouging me by $30k?

~~~
MoBattah
How was it?

~~~
auiya
I thought it was a fantastic and quite challenging program from a curriculum
standpoint. From a logistical standpoint organizing group project work across
time zones was difficult at times. Not being able to ask the professor follow-
ups in real time is a bit of a bummer, but they were all very responsive via
email. Best of all is being able to kick back with a beverage in comfy clothes
to watch the lectures in the comfort of your home. Worst part was the prices.
I double checked and it cost me exactly $55,080 in total. So at $10k this is
an absolute steal. I just wish they'd refund me the difference now.

------
blueprint
If it was so cheap to produce then why does it cost $10k?

~~~
marcinzm
Because someone figured that they will make the most profit at that price
point taking costs into account. Keep in mind that there are also presumably
per student costs for things like grading assignments, exams, virtual office
hours, etc.

edit: Profit as institution, not just on this program, devaluing their in-
person MS programs by charging very little for the online version would be a
net negative in profit for example.

~~~
blueprint
It was a joke

~~~
hacym
Good one.

~~~
blueprint
thx

------
insertcredit
This is a complete waste of time and money with the usual bullshit material
taught by people who don't really have a clue and completely-out-of-touch-
with-reality academic focus (write a buffer overflow!).

If you really want to learn invaluable cybersecurity skills, start playing
wargames. I suggest (1) which is one of the best. If you manage to reach level
25 on your own, then you are elite and the knowledge you gained doing so is
not only extremely valuable but something you can be proud of.

(Sidenote: I would hire anyone who reached vortex level 25 on the spot and pay
him a six figure salary, without looking at any of his other
qualifications/degrees/past experience)

Additionally, read every single phrack (2) magazine from the past 20 years and
try to understand most of the material within.

(1)
[http://overthewire.org/wargames/vortex/](http://overthewire.org/wargames/vortex/)

(2) [http://phrack.com](http://phrack.com)

~~~
danesparza
Thanks for sharing. Just out of curiosity, are you in a position to hire
somebody -- or are you just suggesting that you would be a willing teammate
for somebody with these criteria?

~~~
eganist
I am, and I disagree with a lot of what the OP put forward.

Security academics, self-taught pentesters, and people who simply gained hard
security experience in their day to day jobs each bring something unique to
the table. I'm far more likely to pick up the principal engineer with a
security MS for a security architect role than I am someone who can prove to
me they passed an OSCE.

That said, for the person who can prove to me they passed an OSCE, I'll knock
two years off the pentest experience requirement for any such role.

------
mandelken
Or move to Belgium/Germany where university education costs less than a
thousand per year.. And you may enjoy a proper beer as a student.. Afterwards
universal health insurance and unionized labour.. All debt free.. Cheers!

~~~
rootusrootus
Maybe those German universities should get in on this online action! I could
do an online masters from Germany just as easily as I do one in Georgia...

~~~
stochastic_monk
That's actually a very interesting idea for a country with socialized
education wanting a large academic footprint in the world: also open up your
classes to online and service the world. I don't know how expensive it might
be, but it's got to be a lot cheaper per student for the university.

~~~
rootusrootus
As someone currently working my way through OMSCS, I imagine that the
incremental cost of adding students is very low. I don't know exactly what
ratio GT uses, but the only non-digital scaling they do is TAs. With more
polishing of the online content and improvement of the auto-graders, they
could probably push the ratio down pretty low. Just have to figure out how to
do it without compromising the perceived quality of the education. And TAs
aren't expensive in any case, I'm pretty sure they are compensated pretty
poorly.

~~~
ajdlinux
I'm led to believe their student-TA ratio is about 50:1.

The US$15/hr TA pay rate is absolute garbage - when I TAed as a 3rd year
undergrad in Australia, I was paid double that.

------
ConfSibi
Just asking to gauge the community: I'm about to start a full time in person
MS CS program at an Ivy League school. The school I'm studying at is not
recognized as having an elite CS program, but it is top 20. Will the general
prestige of the school I'm studying at help with getting internships and jobs
after graduation?

~~~
apapli
Totally as an aside, but for what it’s worth, 20 years ago when I did my
degree I gave myself a rule that I would do 1 extracurricular activity every
year that I could talk to for 5 minutes in a job interview.

I theorised that over the course of 4 years (5 as it turned out) would give me
20 minutes of talking time.

It worked. Even with average scores (and a handful of fails) I got a well
paying job at a top company. Even back in the late 90’s many hiring managers
valued experience and personality equally to academic transcripts.

The extracurricular activities were: * organised LAN gaming days for 100
people to teach myself networking, event management, marketing etc. Quake was
the game by the way :) * half a day a week work experience for a year at a
relevant employer * involvement in a paid capacity at the student association,
taking on leadership roles * something else I cannot remember now!

Best wishes for your studies!

------
DanielGee
Cybersecurity is something that I feel is best self-taught.

Set up a small network at home. Go crazy with nmap. Set up a few VMs. Go crazy
with gdb or windbg. The best way to learn is to break things.

If you have an old application or game with serial #. Try to crack it.

Set up an webserver + sql backend, try injections or other exploits.
Profile/audit it to see what is happening.

There are websites that document OS, Database, Webserver, etc vulnerabilities.
Install older versions and try these vulnerabilities.

Then you can look into worms, trojans, etc. See their code and how they work.
And see if you can come up with ways to stop it. Then see how you would bypass
your fix.

You can also look at security ( white hate/black hat ) software that audit,
pentest, etc. If it is open source, read the source.

The only reason to shell out the $10K is if you are looking for a job.

~~~
chc4
"The only reason to shell out the $10K is if you are looking for a job."

That's a pretty big "if". If you're considering a cyber security Masters
degree, you're probably interested in doing it for a career.

------
loblollyboy
cybersecurity + higher education - a meeting of memes!

------
PakG1
Looking at all the comments here, I imagine this is more of just a cash grab.
They see the trend and the opportunity to make some money using their name.
Serious employers would look for OSCP, less serious employers would look for
CISSP, or either one for management positions.

~~~
itronitron
I agree that employers are looking for those certifications, but I doubt they
are finding them as frequently as they would like. In addition those
certifications don't guarantee that a person is the right fit for a particular
organization.

~~~
PakG1
So would this Master's degree be a better alternative in an employer's eye or
show that someone is a good fit? That's the important question. Otherwise why
not get the certifications instead?

~~~
itronitron
It would show that someone is a good fit. I think the certifications might be
a lot harder to get, but I could be wrong.

------
56chan4
NordVPN use these guys as a node along with MIT, plenty of businesses and
plenty of *.io domains to pop out in different parts of the world. Would not
be surprised to learn there are various analysis of the traffic popping out of
NordVPN's openVPN vpn's. Of course if you have 14 eyes, you can watch the
encrypted traffic passing along the wires like waves travelling an ocean.

