Matt, I agree broadly with this.
Although I would argue that security is more of a perspective then a specialism. Security/Risk really underpins anything and everything we do. In the physical world, you have martial arts, in the similar fashion as anti-virus in the computer world. I'm not trying to compare the two examples, but rather showing that the perspective is similar in concept in two very different environments. This is a sweeping statement, but I think this is what makes security people think different and more open. We don't have to focus on the same areas to understand each others perspective and/or direction. Shane 2009/8/18 Matt Hillman <[email protected]>: > I'm surprised no one has made the argument that security IS a specialisation > within computing hehe. Guess that goes to show how far the field has come > (both computing in general, and computer security). There has to be a > computer scientist laughing at this somewhere. > > Anyway, my 2 cents is this: being on the offensive side of security, its > important for me to know as wide a spectrum of things as possible. Every > aspect of security (and even many other things!) enriches my overall > perspective and ability. Things might not be directly connected, but having > a level of understanding and proficiency in seemingly unrelated things can > still help a great deal. This is kind of being a generalist. > > However, that doesn't mean I can't specialise as well. To me the real > question is how much to specialise in each thing. And the best balance > depends a lot on what it is you are doing or want to be doing. Now the > original question seemed more focused around how > specialisation/generalisation benefits an individual, but it also helps to > see it in the context of a team. A good team has people with broad knowledge > overall, with certain people who knows certain things in more depth. You can > all pretty much do most jobs, but there are goto guys for stuff too. If you > want to bring it back to an individual level, think about how you could > benefit such a healthy team. Would you be too narrow to deliver different > work, or would you lack an edge of specific knowledge you could bring to the > table, or suitable depth of knowledge. > > Another question is how specific a specialisation is. If you have something > highly specific, like Tims example of "forensic analysis of devorak > keyboards for AS/400 systems emulating Apple IIc systems", you probably want > to balance that out with some more generalist tendencies. "reverse > engineering for x86 linux" is less specific, and "reverse engineering" is > less specific again. > > Looked at in this way, "specialise or not" doesn't seem to black and white. > Kind of like an ecosystem of skills. > > Plus, the hacker in me does whatever is funnest regardless, so a certain > level of generalism isn't a decision, its a curious compulsion ;) > > > On Sun, Aug 16, 2009 at 9:30 PM, Michael Douglas <[email protected]> > wrote: >> >> I've been pretty surprised, but things went well. I'm starting to >> believe that most people want to do what's right (provided that it's >> not *that* hard) but they just don't know how. >> >> Full disclosure: I've finally found a big element of success is social >> engineering the folks who I need to attend. For instance, Clueless >> Carl is an eager eBay buyer, and was one of the first to sign up for a >> talk I titled "eBay the safe way" and the content was mainly just what >> you'd expect... but then toward the end I took a swerve and started >> talking about malicious browser objects and how attackers might steal >> your eBay logins... I saw a dramatic reduction in the number of folks >> who got drive-by downloads. >> >> I'm starting to work on another class about how devs need to sanitize >> user input, we'll see how that goes! (fingers crossed!) >> >> >> >> On Sun, Aug 16, 2009 at 1:11 PM, Jason Wood<[email protected]> wrote: >> >> And that's why I now offer up network 101 classes (and a series of >> >> others) to *anyone* who wants to attend. >> > >> > Mick, >> > I'm glad you made this comment and that you've started doing this. How >> > are >> > the classes going >> > and what impact has it had on Carl and the organization? >> > >> > I've thought a lot about this idea right here, but never gotten off my >> > butt >> > to put one together. >> > I've worked with a few Clueless Carls and while I can cuss about them >> > real >> > good, I've never >> > done much other than give a terse lecture on why X was a really bad >> > idea. >> > >> > So to jack the thread even further, perhaps I'm not doing enough to make >> > sure Carl doesn't >> > remain clueless. Carl has the major portion of that responsibility, but >> > for >> > the good of my >> > sanity and the organization, some 101 classes may be in order. >> > >> > Jason >> > >> > On Sun, Aug 16, 2009 at 8:38 AM, Michael Douglas <[email protected]> >> > wrote: >> >> >> >> Yes, specialists with a lack of skill in other areas can be truly >> >> dangerous. >> >> >> >> Funny & true story (details of where this happened omitted to protect >> >> the guilty) >> >> >> >> One day I saw our IDS system explode with alarms about some truly >> >> horrific network traffic, at the same time, our host monitoring system >> >> started showing web servers winking out of existence. Evil was afoot. >> >> >> >> As I was about to run to the server room, a DBA we'll call Clueless >> >> Carl came over. And asked the most horrifying question I've ever >> >> heard. >> >> >> >> Carl: "Mick, I just ran into a strange ping problem. When I send >> >> pings that are over 2.5 meg in size I'll get a response back once... >> >> but then the rest time out." >> >> Me: (I made a squeaking "urk" type sound) ... what? >> >> Carl: You know ping. I need to test the network. Ping's how you do >> >> it. >> >> Me: well... sometimes. Did you say 2.5 Meg? As in megabytes? via >> >> ping? >> >> Carl: (clearly exasperated) YEAH! We're having trouble with the TPS >> >> reports... some of the results don't display in the browser right. >> >> Looking at the table the result set is a bit under 2.5 Meg. So I >> >> wanted to see why the network can't handle data sets that large. We >> >> have a problem here! >> >> Me: You have no idea! (evil grin) >> >> >> >> >> >> And that's why I now offer up network 101 classes (and a series of >> >> others) to *anyone* who wants to attend. >> >> >> >> >> >> Sorry to thread jack, but it was too good to pass up! >> >> - Mick >> >> >> >> >> >> On Sun, Aug 16, 2009 at 10:07 AM, Raffi >> >> Jamgotchian<[email protected]> wrote: >> >> > That's precisely what's wrong about your argument. Your asumption is >> >> > that the generalist doesn't have deep understanding in any subject. >> >> > >> >> > A good generalist can do the work of many people. But the same good >> >> > generalist needs to know when to call in for help. >> >> > >> >> > In my experience, present company excluded of course, specialists >> >> > that >> >> > are typically so narrow in thinking cause more issues than not. >> >> > Because they don't completely understand the affects on surrounding >> >> > disciplines. >> >> > >> >> > ---- >> >> > Raffi >> >> > >> >> > On Aug 16, 2009, at 8:49 AM, Shane Kelly <[email protected]> >> >> > wrote: >> >> > >> >> >> I think you are going to have incompetent people at either side of >> >> >> the >> >> >> spectrum. >> >> >> You could argue that generalists are multi-handed specialists / or >> >> >> that specialists do not have sufficient understanding of surround >> >> >> areas. >> >> >> You could also argue that generalists do not have enough technical >> >> >> understanding or patience to pursue a given specialism. >> >> >> >> >> >> It ultimately comes down to how must time and effort people are >> >> >> willing to invest in understanding their acclaimed subject. IMHO, >> >> >> you >> >> >> can not encapsulate peoples skill level at a 100 foot view of there >> >> >> depth into the subject. You need people in both sides of the field. >> >> >> Generalists to have enough knowledge to understand where >> >> >> organisations >> >> >> should focus efforts. >> >> >> Specialists to focus on that area and have deep technical knowledge >> >> >> of >> >> >> that area to ensure a quality work is performed. >> >> >> >> >> >> In my view, generalists make good sales people, specialists get >> >> >> recognised in the security field for there technical achievements. >> >> >> >> >> >> Shane >> >> >> >> >> >> >> >> >> 2009/8/16 Raffi Jamgotchian <[email protected]>: >> >> >>> Hear hear. Whether a generalist or a specialist, hubris will bite >> >> >>> you. >> >> >>> >> >> >>> ---- >> >> >>> Raffi >> >> >>> >> >> >>> On Aug 15, 2009, at 10:35 PM, Michael Douglas <[email protected]> >> >> >>> wrote: >> >> >>> >> >> >>>>> jack of all trades messed up the environment >> >> >>>> >> >> >>>> OK this is the one area where I wasn't too clear on the earlier >> >> >>>> thread. I'm assuming that you are competent in everything that >> >> >>>> you >> >> >>>> say you're going to do. Unfortunately, this isn't the case. >> >> >>>> There >> >> >>>> are many Jerks of All Trades who will mess things up badly. >> >> >>>> >> >> >>>> >> >> >>>> For those who mentioned it above, yes being a generalist does tend >> >> >>>> to >> >> >>>> get you in the small and medium sized businesses... but there are >> >> >>>> exceptions... take my day job for instance. For those of you who >> >> >>>> don't know, I work at OCLC -- a non-profit library coop. We're >> >> >>>> what >> >> >>>> I'd consider large. We have over 72,000 libraries in our >> >> >>>> collective. >> >> >>>> We have a database with holdings information on about 1.2 billion >> >> >>>> (yes >> >> >>>> billion) records (books and other stuff). We have a few thousand >> >> >>>> servers... yet they hired me... A generalist! >> >> >>>> >> >> >>>> I'm a generalist... but a big part of my ability to get things >> >> >>>> done is >> >> >>>> admitting what I don't know. For instance, a big part of my skill >> >> >>>> with forensics is how I DON'T mess up data. If things get to >> >> >>>> hairy >> >> >>>> for me, I can wrap things up and call in folks who are better than >> >> >>>> me >> >> >>>> (and remember, there ALWAYS is someone better than you -- thinking >> >> >>>> otherwise is the first step on the path to destruction) >> >> >>>> >> >> >>>> knowing when to sit down and hack or when to walk away is probably >> >> >>>> the >> >> >>>> greatest skill anyone in computers can have! >> >> >>>> >> >> >>>> - Mick >> >> >>>> >> >> >>>> >> >> >>>> On Sat, Aug 15, 2009 at 2:42 PM, John Navarro<[email protected]> >> >> >>>> wrote: >> >> >>>>> Good point Tim! >> >> >>>>> Robert, I do think that a "jack of all trades" type will fit in >> >> >>>>> better to >> >> >>>>> smaller companies, whereas the specialized, from my experience, >> >> >>>>> seem to have >> >> >>>>> a better chance at getting into larger corporations. It was never >> >> >>>>> my >> >> >>>>> intention to be "specialized", but having worked at a firewall >> >> >>>>> vendor it was >> >> >>>>> just easier to find those opportunities that required a specific >> >> >>>>> skillset. >> >> >>>>> Of course it could be that the jack of all trades messed up the >> >> >>>>> environment >> >> >>>>> and they needed someone specialized to come in and clean it up ;) >> >> >>>>> >> >> >>>>> On Sat, Aug 15, 2009 at 8:16 AM, Tim Krabec <[email protected]> >> >> >>>>> wrote: >> >> >>>>>> >> >> >>>>>> Don't forget your specialization does not have to be computer/ >> >> >>>>>> program >> >> >>>>>> related >> >> >>>>>> >> >> >>>>>> You don't have to specialize in "forensic analysis of devorak >> >> >>>>>> keyboards >> >> >>>>>> for AS/400 systems >> >> >>>>>> emulating Apple IIc systems" >> >> >>>>>> You could specialize in database recovery for small businesses. >> >> >>>>>> Or BCP & >> >> >>>>>> DR for law offices or real estate companies. >> >> >>>>>> >> >> >>>>>> -- >> >> >>>>>> Tim Krabec >> >> >>>>>> Kracomp >> >> >>>>>> 772-597-2349 >> >> >>>>>> smbminute.com >> >> >>>>>> kracomp.blogspot.com >> >> >>>>>> www.kracomp.com >> >> >>>>>> >> >> >>>>>> _______________________________________________ >> >> >>>>>> Pauldotcom mailing list >> >> >>>>>> [email protected] >> >> >>>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> >>>>>> Main Web Site: http://pauldotcom.com >> >> >>>>> >> >> >>>>> >> >> >>>>> _______________________________________________ >> >> >>>>> Pauldotcom mailing list >> >> >>>>> [email protected] >> >> >>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> >>>>> Main Web Site: http://pauldotcom.com >> >> >>>>> >> >> >>>> _______________________________________________ >> >> >>>> Pauldotcom mailing list >> >> >>>> [email protected] >> >> >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> >>>> Main Web Site: http://pauldotcom.com >> >> >>> _______________________________________________ >> >> >>> Pauldotcom mailing list >> >> >>> [email protected] >> >> >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> >>> Main Web Site: http://pauldotcom.com >> >> >>> >> >> >> _______________________________________________ >> >> >> Pauldotcom mailing list >> >> >> [email protected] >> >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> >> Main Web Site: http://pauldotcom.com >> >> > _______________________________________________ >> >> > Pauldotcom mailing list >> >> > [email protected] >> >> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> > Main Web Site: http://pauldotcom.com >> >> > >> >> _______________________________________________ >> >> Pauldotcom mailing list >> >> [email protected] >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> Main Web Site: http://pauldotcom.com >> > >> > >> > >> > -- >> > >> > irc: Tadaka >> > Twitter: Jason_Wood >> > jwnetworkconsulting.com >> > >> > _______________________________________________ >> > Pauldotcom mailing list >> > [email protected] >> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> > Main Web Site: http://pauldotcom.com >> > >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
