So, this post is not strictly security related (even though I will be touching on morals and ethics). I’ve been asked to speak to a class of students when I get home about my experiences while studying abroad and my current internship. I’ve been racking my brain for topics to speak about, as well as the best advice I can give for the individuals that are in the position I was just a year and a half ago. The following is that advice that I have come up with thus far on my journey through life, and in the field of information technology.
This may seem obvious, but I would like to make a few points on the topic of research. Obviously establishing a base ground for security and any research has to be established through researching topics that have already been done must be done initially when starting out, however, my best advice in this area is try new things, break new things, research topics that nobody has touched on before. This is where you will innovate, compete and amaze. Simply put, I feel that a lot of material online concerning the topic of information security is half baked, and/or taken from previous research conducted. It is simply a regurgitation of someone’s previous work. Don’t go and write a paper about using strcpy() to achieve a buffer overflow and execute shellcode. CHALLENGE yourself to the best of your abilities, and show the world what you have, and can do with your talents. Take what you know best and run with it, who knows where it can take you.
Critical thinking has become a very important aspect of my life. Now too much of a good thing can always be a bad thing, and it always does have its place, but I do feel that it is always important to question things that you are told, think critically about information that is given to you through anyone. I have been told wrong facts my university professors on certain topics, to which I thought critically about as in “Hmm, that doesn’t make any sense…” and moved on to prove that it indeed was not the case. There are a lot of facts that are fed to everyone on a daily bases, and social media, and the internet in general feeds a large amount of inaccurate facts to the eyes and ears constantly. Look for proof of claims; do your research. Take most things lightly, and question things, even those of certain authority (in certain circumstances, I do not believe in distrust of everything, which seems to have become a fad with todays youth - that being said this has probably always been the case but I do not believe in thinking critically in an irrational fashion). Society is here to guide you, and generally our societal/political/economical views (in Canada) are to put you in the right place, and keep you safe.
Teach Others, and Let Them Teach You
I heard once (I can’t exactly remember where) some advice from a very talented Saxophone player that when he meets someone new (who is also talented at what they do) he asks “What’s something you do really, really well?”, which naturally typically yields a response, and upon receiving it he asks for them to teach him what they are great at. As my child hood hero Bill Nye once said “Everyone you meet knows something that you don’t”. My advice is to take what you can from everyone you meet, and add it to your toolset of knowledge. Let others teach you and influence you knowledge in areas (even areas that you think you are an expert in). I have learned a lot myself through teaching others a number of topics, even topics that I feel that I understand, I sometimes find that I have not grasped them to the extent of being able to teach them, and typically go back to the drawing board. You should teach others everything you can, for their benefit and yours.
Always Keep Morals and Ethics By Your Side
This topic is a difficult one, but always keep morals and ethics by your side. Morals and ethics of an individual are typically constructed and shaped throughout a lifetime of experiences, societal influences, and many other aspects of life that may be influential. Having a sound, and solid grasp with your inner self and what you believe is the “right thing to do” is extremely important. Being a security researcher, and an individual involved with information technology I have a number of responsibilities. I abide by those in my own fashion, but do concretely recognize the need for structure and having my actions positively impact those around me. There are times in life where a company, co-worker, high powered individual, etc. can set you astray from your personal ethical and moral belief systems but I believe when working in this field it is very important to abide by what you believe in and “do the right thing” for those around you.
Well, that’s my two sense, if I can think of more things I will be updating this accordingly. Take care everyone, and remember to follow your dreams.