The Didactic Side of Information Security
Explaining complicated topics with a lot of dependencies is hard. Even the operation of devices such as computers, telephones, or cloud(ed) applications can’t be described in a few sentences. Well, you can, if you use the tried and true lie-to-children method coined by Jack Cohen and Ian Stewart. If you really want to dive into a subject, you need a good start and a tour guide who knows where the terrain gets rough and helps you through it.
Information technology and its security is hard to learn. The basics are surprisingly simple. Once you get to the implementation and the actual parts that need to be touched, it gets a lot more complicated. Modern IT combines various technologies, most taken from computer science, others taken from other fields of research. The starting point defines how far you get when trying to understand what’s going on. Getting behind the scenes of hardcore exploits by juggling processor op-codes requires knowledge of operating system basics, processor architecture, data structures, memory management, and even more details. The same is true for every other topic in information security.
For DeepSec 2016 we like to explore the didactic side of information security. We had presentations in the past covering how to train hacking skills. Everybody praises the skills of hackers, but no one talks about where these skills come from. Education is a tricky business. Every one of us has a different approach to learn and to practice skills. We would like to hear about your approach. Take advantage of the open Call for Papers of DeepSec 2016 and tell us!