

Advice to Aspiring Computer Security Engineers/Scientists - some_furry
https://defuse.ca/advice-to-aspiring-computer-engineers.htm

======
sarciszewski
Taylor Hornby (the person behind Defuse Security) is probably one of the most
brilliant people I know. His advice makes sense and boils down to: Spend more
time doing (and enjoying what you do) and you'll get more out of it.

Read, try delving into a lower level than you're comfortable with, build your
own computer, take the time to learn to do things the hard way (manage your
own VPS versus pay someone else to do it for you).

------
some_furry
Although this advice is geared towards high school students interested in a
career in computer security, it's also a reflection on how one brilliant
hacker (I believe he posts here as 'earthrise) taught himself to be as good as
he is today.

You might know him as the guy behind crackstation.net

------
rilita
Point 1: Don't focus on just computers. If you can succeed with computers you
can succeed with other things.

Response 1: This would be better stated as "Be well rounded". The article goes
on to say some gibberish about understanding the size of the universe which is
only related in the idea of "big" being more than "narrow".

Point 2: Learn to learn. Be well rounded. If you don't understand something,
figure it out.

Response 2: As opposed to what? Accepting solutions? This is a very hackerish
mentality. It can teach you many things... counterpoint is that sometimes you
should just accept good advice or answers and not reinvent the wheel.

Point 3: Don't bother with formal education.

Response 3: Formal education helps a lot of people. Not me personally, but
many people's learning style requires them to have help. Not all hackers are
crazy self taught maniacs.

Point 4: Build your own computer

Response 4: There is nothing much to building your own PC these days. IMO you
really aren't going to learn much from it any more than assembling some legos.
A better idea would be to build your own 3d printer; that will teach you a lot
more and give you better hands on skills.

Point 5: Run your own Web, DNS, and email servers.

Response 5: I've written my own DNS server from scratch. It was interesting
sure. I've dealt with the low level packaging of emails; it is a pita. I think
coding exercises are better advice than this, especially dealing with logic
puzzles. It is much more fun, and you will get more out of exercising your
brain that way. Web, DNS, and email servers are boring as shit.

Point 6: Read science papers

Response 6: This should just say "Read books that interest you and make you
thing". Why only sciene papers?

Point 7: Watch security conference talks and learn the culture.

Response 7: This is fine and reasonable.

Point 8: Listen to podcasts

Response 8: Isn't this the same as point 7?

Point 9: Read a lot

Response 9: Point 6 broadened?

Point 10: Use LaTeX

Response 10: If you intend to teach math perhaps. Otherwise I'm not
understanding what one will get out of this.

Point 11: Use Vim or Emacs, not an IDE

Response 11: I've met a lot of "hackers newb morons" who suggest this. I know
how to use Vim, and also use Vimdiff when needed. IDEs don't hide anything.
Prolific use of jEdit, IntelliJ, Eclipse, Visual Studio, etc are very helpful
and will teach you more than using Vim. This is stupid advice imo.

Point 12: Use Linux or Unix as your main OS

Response 12: Who actually uses branded Unix as their OS. This is silly. Say
"Use Linux." Additionally, throwing out OSX as bad here is ignorant.

Point 13: Dale Carnegie.

Response 13: Fuck that. The person who recommended most for me to read this
book was a total asshole, and frankly manipulating people is not going to
improve your technical abilities.

~~~
some_furry
> Point 13: Dale Carnegie. > > Response 13: Fuck that. The person who
> recommended most for me to read this book was a total asshole, and frankly
> manipulating people is not going to improve your technical abilities.

With emphasis:

> manipulating people is not going to improve your technical abilities

Citation needed. Software was written by and for people. If you can figure out
how to trick people, you can use this knowledge to figure out what assumptions
an application's developer makes and leverage this advantage to find areas
where their logic is flawed. You might uncover vulnerabilities that nobody
else has found this way.

And since the post is about _computer security_ , this is incredibly important
and useful.

