Computer Systems Security 6.566 / Spring 2024
80 points
9 hours ago
| 4 comments
| css.csail.mit.edu
| HN
tptacek
7 hours ago
[-]
It's a fun class; worth keeping in mind that several topics with 1-2 units here are whole specializations in the field, including:

* memory safety and exploitation (the "buffer overflow" section is about 20 years out of date, though super appropriate for a first course)

* the WebPKI/certificates thing

* messaging security and messaging cryptosystems,

* microarchitectural security and hardware side channels.

Multiple full courses on each of these subjects would bring you up to "practitioner" levels of expertise.

reply
SoftTalker
4 hours ago
[-]
Considering an undergraduate course is about 3-4 months in duration, there's only so much it can cover in any depth. Even the most rigorous are still pretty shallow compared to what someone with years of work in the field would know.
reply
ethical
3 hours ago
[-]
What they don't tell you. Everyone in the company will hate you, no one will fix the bugs you find, HR will want to sack you for fun, and the execs are all psycho's. Find a better career, like watching paint dry, or become a monk. Its fun, but not worth it. People are twats.
reply
blazex344
3 hours ago
[-]
Sucks being a cost center. I've come to realize that a lot of what makes security fun for me still boils down to engineering problems that isn't only found in security teams.
reply
bikeshaving
6 hours ago
[-]
Seeing this makes me miss the salad days of MOOCs. I learned programming in the 2010s through MIT’s EDX Introduction to Programming course, and then a course on Coursera by Martin Odersky on Functional Programming through EPFL, and I feel like that ladder has been kicked away due to MOOC monetization policies. I wonder if we could return to these days.
reply
g947o
4 hours ago
[-]
I took the EPFL course as well, although did not finish it. As someone who only had experience working with imperative programming and OOP stuff, it blew my mind -- I never knew you could write code like this. The course was great but a bit too fast for me at the time (part of the reason I did not complete it).
reply
Obscurity4340
6 hours ago
[-]
Dont many of them end up as Youtube playlists anyways?
reply
TZubiri
4 hours ago
[-]
Yeah, there were 2 golden ages:

1- When this internet thing came out

2- When this covid thing came out

On the first era, here's a Java lecture from Stanford, if it's too basic for you, it still has historical value, iirc it's something like Java 6. And it also reinforces the basics.

https://www.youtube.com/watch?v=KkMDCCdjyW8&list=PLA70DBE71B...

It's a bit harder to follow along with online materials since you have to use the Internet Archive, and download older compilers or use options to target older versions, but it's all the more fun for it.

reply
jrflowers
3 hours ago
[-]
I like that the MIT CSAIL CSS website (https://css.csail.mit.edu/) has a link to a Russian online gambling site due to what I’m assuming is a typo (click on the Foundations of Cryptography class)
reply