Re: To go to University - For the CISSP etc. - Good idea/Bad idea???

["Adriel T. Desautels" <ad_lists () netragard com>]

You've stated an assumption as a fact and that doesn't make it a  
fact.  Show me the proof and I'll eat my socks (with lots of dressing).

Also, don't take what I said out of context.

I never suggested that getting a degree was pointless, I only  
suggested that one should get a degree in something useful like law,  
medicine, or maybe business.  The knowledge earned with those studies  
would be very helpful and wouldn't be outdated by time you graduated.   
Getting a degree in Computer Science and similar areas of study is  
almost pointless because the knowledge that you collect will be dated  
by the time you graduate.  Can you argue that point? Can you tell me  
that its not true?

From the perspective of the penetration tester, a degree in law or  
business would be very useful wouldn't it?


On Aug 7, 2009, at 4:15 PM, R. DuFresne wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>
>
> 0>  fact. most companies, and those include IT/tech companies  
> require a degree these days, or vast amounts of experience to  
> replace the degree.
>
>
> so, most folks this day in age are better of doing the college thing  
> and getting a degree.  As many have mentioned it might not have to  
> be a comp-sci degree, to end up in the field.  Love is the main rule  
> of the game as pointed out by many as well.  And a side degree has  
> advantages to the main course of study being comp-sci.  Encouraging  
> someone young, and lacking in real experience is almost bordering on  
> criminal in this day in age.
>
> Thanks,
>
> Ron DuFresne
>
> On Fri, 7 Aug 2009, Adriel T. Desautels wrote:
>
> > 1-) Fact, technology evolves so quickly that "new" technology is  
> > considered "old" within the course of one year.
> > 2-) Fact, security is one of the most rapidly evolving areas of  
> > technology.
> > 3-) Fact, most degrees take at least 4 years to attain.
> >
> > If you are interested in becoming a security professional, what you  
> > learn in school will be out-dated by the time you graduate.  The  
> > only thing that you will have that will be of any real value will  
> > be your experience in performing research or in delivering security  
> > services, or maybe in the creation of security technologies.  A  
> > degree can not, and will not make you a security expert... only  
> > hands on experience and bleeding edge exposure can do that.  You  
> > get that exposure by doing and universities don't "do" all that well.
> >
> > When I was in college I was also working full time making the  
> > salary of a senior software engineer.  In doing that I quickly  
> > realized that college was useless for me as it wasn't teaching me  
> > anything that I needed to know.  I found that I was learning about  
> > the real and current technology world while at work, and learning  
> > about the old and dusty technology world while at school.  Most of  
> > the skills that they were teaching us at school, especially with  
> > respect to security, were dated or becoming dated.  The only thing  
> > that I found useful was C, C++, and the other programming languages  
> > that I learned.  Mind you, I wasn't taught by anyone, I was given a  
> > book and told to study it.  I don't need to pay $45,000/year to be  
> > told to read a book, I can do that on my own.  If you feel that you  
> > need to pay that much to read a book then give me a call, I've got  
> > a lot of good reading material for you.
> >
> > With regards to technology, most of the time the only thing that a  
> > degree will satisfy is the emotional and political requirement of  
> > the old school mindset.  The truth is that some of the best talent  
> > doesn't come with a degree.
> >
> > Naturally, degrees are required for doctors, lawyers, etc.  I'm not  
> > suggesting that they don't have a place.  I am saying that specific  
> > to security they are nearly useless when compared to real world  
> > experience.
> >
> >
> >
> > On Aug 6, 2009, at 9:22 PM, Adam K wrote:
> >
> > > Right, Gates doesn't have a degree, but his career path is an  
> > > exception.
> > > I liken him to a baseball player... Ball players that get drafted  
> > > early (standout players with skills and sometimes luck) usually  
> > > don't get to finish their degree. Those drafted later (not  
> > > standout players) have time to finish their degree.
> > > I have never met an individual that regrets their time spent in  
> > > college or their work toward a degree. I know countless people  
> > > that regret not getting a degree. Not too mention you typically  
> > > make social connections that will last a lifetime.
> > > On Thu, Aug 6, 2009 at 5:32 PM, Adriel T. Desautels <ad_lists () netragard com 
> > > > wrote:
> > > Bill gates doesn't have a degree.
> > > On Aug 6, 2009, at 3:11 PM, James Copeland wrote:
> > > What I have found is that school is the way to go.  People will look
> > > at you with your certifications but without the college degree to
> > > "back them up" that is all that they will do.  Another good reason  
> > > for
> > > college is that some employers will bump that pay up for just  
> > > having a
> > > degree, no matter even if it is underwater basket weaving.  Good  
> > > luck.
> > > Jimmy
> > > On Thu, Aug 6, 2009 at 03:26, Hy Zaret<hyzaret () gmail com> wrote:
> > > Greetings & Salutations to all!
> > > I've been training myself for a while, and have recently came to the
> > > conclusion that University would be my best choice.
> > > The main reasons I made this decision are;
> > > ? Social reasons
> > > ? Educational advantages
> > > ? Takes years off the experience needed to take the CISSP
> > > I'm writing on these mailing-lists for two reasons;
> > > ? To find out what you think of my choice (not locked in yet!!!)
> > > ? For advice on which course to go for (Sydney, NSW, Australia)
> > > I am wishing sometime in the future to begin a career in IT  
> > > Security.
> > > Although being under 18, I have still found time to achieve various
> > > certifications; including CompTIA's Security+, three Cisco
> > > certifications & a Microsoft accreditation.
> > > Also, for the last 4 months I've been working full-time on the 1st
> > > Level of an IT Helpdesk.
> > > Am very open to ideas, so would be interested in reading & answering
> > > your replies!
> > > Thank you for reading this,
> > > Hy Zaret
> > > ------------------------------------------------------------------------
> > > This list is sponsored by: Information Assurance Certification  
> > > Review Board
> > > Prove to peers and potential employers without a doubt that you  
> > > can actually do a proper penetration test. IACRB CPT and CEPT  
> > > certs require a full practical examination in order to become  
> > > certified.
> > > http://www.iacertification.org
> > > ------------------------------------------------------------------------
> > > ------------------------------------------------------------------------
> > > This list is sponsored by: Information Assurance Certification  
> > > Review Board
> > > Prove to peers and potential employers without a doubt that you  
> > > can actually do a proper penetration test. IACRB CPT and CEPT  
> > > certs require a full practical examination in order to become  
> > > certified.
> > > http://www.iacertification.org
> > > ------------------------------------------------------------------------
> > >
> > >      Adriel T. Desautels
> > >      ad_lists () netragard com
> > >      --------------------------------------
> > >
> > >      Subscribe to our blog
> > >      http://snosoft.blogspot.com
> > > ------------------------------------------------------------------------
> > > This list is sponsored by: Information Assurance Certification  
> > > Review Board
> > > Prove to peers and potential employers without a doubt that you  
> > > can actually do a proper penetration test. IACRB CPT and CEPT  
> > > certs require a full practical examination in order to become  
> > > certified.
> > > http://www.iacertification.org
> > > ------------------------------------------------------------------------
> >
> >
> >
> >         Adriel T. Desautels
> >         ad_lists () netragard com
> >      --------------------------------------
> >
> >         Subscribe to our blog
> >      http://snosoft.blogspot.com
> >
> >
> > ------------------------------------------------------------------------
> > This list is sponsored by: Information Assurance Certification  
> > Review Board
> >
> > Prove to peers and potential employers without a doubt that you can  
> > actually do a proper penetration test. IACRB CPT and CEPT certs  
> > require a full practical examination in order to become certified.
> > http://www.iacertification.org
> > ------------------------------------------------------------------------
>
> - -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>        admin & senior security consultant:  sysinfo.com
>                        http://sysinfo.com
> Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629
>
> These things happened. They were glorious and they changed the  
> world...,
> and then we fucked up the endgame.    --Charlie Wilson
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (GNU/Linux)
>
> iD8DBQFKfItmst+vzJSwZikRAjLZAKDQvZ3/5h3MXlQifj2S4bSfZdRhFACfZd73
> 1z33oHuBvgeOhBqWeiB7jzA=
> =ovOi
> -----END PGP SIGNATURE-----



        Adriel T. Desautels
        ad_lists () netragard com
        --------------------------------------

        Subscribe to our blog
        http://snosoft.blogspot.com


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------