Security and finding ways to breach it interests me. I do not have much knowledge about it at all, but dabbled in rudimentary XSS enough to know how to get into some stuff.
One college major that has loads of scholarships everywhere is Cybersecurity. Upon first glance, the label sounds exciting and I could use scholarships. When I looked at some of the required courses for the major, it looked like some courses were training for law enforcement. If a kidnapper was endangering innocent hostages, I would be happy to engage in tracking mission. Unfortunately, I see law enforcement as a shady field. The Department of Homeland Security is violating civil liberties and it scares me. Prohibition and drug wars are a mess. Censorship attempts are piling in. Unwinnable wars are not being openly admitted. I refuse to put some frail hacker geek in prison with rapists and killers. I could continue for hours. Basically, I think the government is too backwards for me to consider working for them. I would rather work for a private company. Do you think Cybersecurity is good major for job opportunities in the private sector?
None of the things you mentioned should be tied down with Information Security, it is a vast field and there are many aspects and divisions to it. It all really just depends on how you apply it. I personally view hacking more as mental excercise as it becomes a challenge having to understand how something works better than the developer does and using that knowledge to find its weaknesses. I don't see it so much as the government/enemy of the state scenario you described. But to answer your question, most people working in Information Security are in the private sector, so you should be fine.
@idisappear - the way you describe it, you seem to be destined for a job in management.
As lightos said (and you'd be wise to listen to him and look at his tutorials in various areas), security is not just XSS or db injection, there are hundreds of aspects to security that most people miss. In the old days the saying was "I have a firewall, I'm safe!", obviously this was management speak, not real security. Now management is saying that they're secure because they have a firewall, IPS and a WAF.. again, this is not correct.
Security is a way of life, not a career choice that you make by taking some stupid courses. If to take courses is all you want, again, look for a job in management.
--thrill
---
It is not the degrees you hold, but the mind you possess. - thrill
Headed for management? lol that sounds awful. I like codes, math, and the eurphoria of gaining unintended privileges.
I think you painted a false dichotomy. A degree and a "way of life" are not mutually exclusive. I did not mean to imply XSS and db injection are the only domains of security, nor that completion of academic courses is my only objective.
I can not agree with the message in your signature more. Nonetheless, credentialism exists and I am just trying to play the game. Thank you for the input.
Edited 1 time(s). Last edit at 03/27/2012 08:52PM by idisappear.
