Do a lot of practice problems. There are plenty in the book "Cracking the Coding Interview"
Use the tools you'll be expected to use for an interview with one of the top 4 companies (i.e. internet text pad, pen and paper, whiteboard)
Do several problems every day and you'll be ready in a few months. Make it your 9-5 and you can be ready in a few weeks.
It's all about practice! Good luck!
Also, if you can get in touch with a recruiter at those companies, they'll give you tons of helpful tips (mostly just how to practice and what to practice)
Thanks! I was contacted by a recruiter couple years ago and they sent me the practice list, but it seemed super generic and intimidating so I never replied back.
I've heard really good things about CTCI so I'll pick that up. Having a Github checklist and a study plan would be super useful (I'm sure there's other people asking this question). I wonder if something like this exists already?
Don't neglect the non-coding parts of the interview, as well. Be pleasant and friendly, be engaging, smile and laugh, tell stories of past projects, show real interest in the work.
UBI would cause hyper inflation if it came from 'new' money. As in, if the fed just started printing out 5k/mo/person. Most theoretical implementations of UBI suggest the money coming from taxes (taken from larger corporations) or from a reduction of funding in another area (military)
Just wanna add that we used C0 for a subset of the class, and most of the students jump into a more rigorous course which involves actually implementing malloc.
I agree with you that learning the ins and outs of memory is super important, but the methodology of this course doesn't imply the lack of teaching memory management
To answer your first question, the data is hosted on devices part of the distributed network.
For example, if you have a static webpage it may either be present on every node in the network (so anyone else accessing your webpage would only be making a local request to their copy of the data) OR the webpage would be split up into many pieces distributed amongst all the nodes, so say your webpage is split into n chunks you fetch each chunk from Node_1 ... Node_n and use some algorithm to stitch it back together.
These are obviously over simplifications, but you should take a look at how Gnunet, Freenet, and Zergnet(?) and how they approach the distributed web. Also, looking at p2p networks might give you an idea of how this works as well.
Kind of like torrenting, right? But how stable is that data then? Isn't it too complicated, to find all that data and piece it together, and not lose any of it?
Ansible, because I like having an agentless configuration management tool. In my experience, Ansible also seems the most readable (obviously subjective). I've used Puppet, and Chef but only through AWS OpsWorks.
That said, I've been playing around with Kubernetes lately and trying to move a lot of our infrastructure onto Kubernetes. The use of Dockerfiles kind of nullifies the need for a full fledged configuration management tool for me and I've been relying on bash scripts and distributed kv stores to manage state and environment variables (using 12 factor approach and managing environment variables with consul and secrets with vault)
Really?! Writing pseudo-Bash scripts in YAML? And why do you need this in the age of Docker and Kubernetes and Immutable Infrastructure? For AWS with no cloud-neutral goal on the roadmap, I'd use native services: Declarative Infrastructure via CloudFormation, and HashiCorp's suite for everything else.
Oh, but Ansible is not agentless. You do have an agent, and the worst kind at
that: the one that you easily cut off by a single configuration mistake,
because it serves both to send configuration commands and for diagnostic
access. And then, whole Ansible run breaks on first problem on any host, even
if it was a planned downtime.
Kubernetes also has a built-in configmap and secrets api. You can inject them as env vars or even mount files inside the container filesystem via the pod manifest
The best advice I can give you is to join a Security CTF team (your college may or may not have one, but there are others that are open to all).
Internships and jobs will open up from being part of a CTF group. It's also A LOT of fun* (*opinion).
netsec might not necessarily be what you're looking for. A position as a Security Researcher is probably what you most fit into... finding the right recruiter can also help you out a lot.
Another (and honestly, easier to get into) security industry is the public sector. Intelligence agencies, military intelligence branches, etc. They'll hire you based on personality and potential, and will train you further. This (in my limited experience) usually means less pay.
You're absolutely right, but people are willing to consider CTF work as experience. If you can go into depth how you solved a problem, no one will question your conceptual understanding.
I think it's definitely easier if your interviewer actually knows what security ctf's are.
Can you please explain what you think differentiates someone working in netsec from security researcher? And where do you think a Security Engineer position would fit in?
Thanks for the public sector advice. Although, I think I won't be a good fit.
So, take this with a grain of salt because I do not actually work in the security industry.
My understanding of security researchers is limited to an academic setting. Many PhD students, masters students, professors, etc at my school were technically security researchers. Usually this consists of a lot of theoretical exploration. Check out this paper, I think it's pretty accurate to what a security researcher does: https://www.tau.ac.il/~tromer/acoustic/
So that's the academic side. Companies like Google, Microsoft, Red Hat, etc. will also hire Security Researchers where your job is a bit more open ended and focused on outside-the-box work (finding new vulnerabilities, testing software, maybe some offensive security work).
Please correct me if I'm wrong, but my understanding of a netsec person is someone who's job is to implement and maintain secure systems. While this can definitely involve experimentation, it seems like more of a defensive approach to security.
A job description might say things like: "Protect critical systems from attacks", "incident response", "disaster recovery".
I think a Security Engineer is much closer to a Security Researcher, but in a more 'applied' way... for example, as a security engineer at Dropbox your job might be to actually implement (write code for) cryptographic communication between the client and server. So, to me, a Security Engineer is much closer to a software engineer. Whereas a Security Researcher is much closer to an academic.
I hope this helps clarify things. There are other great responses on this thread.
Also, I completely understand public sector not being a good fit.
It's all about practice! Good luck!
Also, if you can get in touch with a recruiter at those companies, they'll give you tons of helpful tips (mostly just how to practice and what to practice)