Brian Krebs is conducting a series of interviews with computer experts on how they got into the field and what they'd advise others to do if they want to break in themselves. The first one, an interview with Thomas Ptacek, ran last month. The latest is from Bruce Schneier:
In general, though, I have three pieces of advice to anyone who wants to learn computer security:
* Study: Studying can take many forms. It can be classwork, either at universities or at training conferences like SANS and Offensive Security. (These are good self-starter resources.) It can be reading; there are a lot of excellent books out there — and blogs — that teach different aspects of computer security out there. Don’t limit yourself to computer science, either. You can learn a lot by studying other areas of security, and soft sciences like economics, psychology, and sociology.
* Do: Computer security is fundamentally a practitioner’s art, and that requires practice. This means using what you’ve learned to configure security systems, design new security systems, and — yes — break existing security systems. This is why many courses have strong hands-on components; you won’t learn much without it.
* Show: It doesn’t matter what you know or what you can do if you can’t demonstrate it to someone who might want to hire you. This doesn’t just mean sounding good in an interview. It means sounding good on mailing lists and in blog comments. You can show your expertise by making podcasts and writing your own blog. You can teach seminars at your local user group meetings. You can write papers for conferences, or books.
How to Break Into Security, Schneier Edition
Earlier this month, I gave the afternoon keynote at the Internet Archive’s Decentralized Web Summit, and my talk was about how the people who founded the web with the idea of having an open, decentralized system ended up building a system that is increasingly monopolized by a few companies — and how we can prevent the same things from happening next time.
Corrections Corporation of America (CCA) is one of the world’s largest private jailers; it runs prisons and immigration detention centers across the USA (and is diversifying into halfway houses, mental health center, and surveillance for poor neighborhoods). Mother Jones’s Shane Bauer went undercover at CCA’s Winn Prison in Louisiana, the state with the highest incarceration […]
Steven Levy is in characteristic excellent form in a long piece on Medium about the internal vogue for machine learning at Google; drawing on the contacts he made with In the Plex, his must-read 2012 biography of the company, Levy paints a picture of a company that’s being utterly remade around newly ascendant machine learning […]
Some truths are universal. For one, your phone will always run out of power when you most need it. For another, the charging cords that come packaged with your Apple device will fray, split, and rip faster than Usain Bolt in a game of tag.Instead, pick up a charging cord that anyone would have a tough […]
Some people say magic tricks are nerdy and best left to your 12-year-old asthmatic cousin. But others see value in perfecting the slight of hand and showmanship associated with a perfectly executed routine. We’re firmly in the latter camp. And now, we’re giving you the ability to put a few parlor tricks up your sleeve with the Penguin […]
Bluetooth speakers may be convenient to use, but many of them just aren’t that powerful. Sure, it may be fine if you’re seated in front of the speaker. But move across the room, and you may strain to hear what’s coming from those tiny drivers.There’s a reason why the G-BOOM Wireless Bluetooth Boombox (now $79.99 in the Boing […]