Learning Mindset

Way of Thinking

The field of information security is massive. We can compare it to programming: there are hundreds of programming languages, and it wouldn't be logical to learn all of them. Rather, we need time to learn different technical principles, structures, and processes, but we don't need to spend our lives learning every programming language. The main reason why we don't need to learn every single programming language is that all of them follow the same principles. Similarly, in information security, we have to learn and understand principles, structures, and processes. Then we adapt our knowledge to the various environments we encounter.
An important point to consider is our knowledge level. As previously mentioned, the problem in this field is the huge volume of information available to us. We can learn about every topic and still not master any one area, or we can learn about just one topic and become an expert in it. Another option, which I believe is superior, is developing our research methodology, the learning process, and how to use this to improve our knowledge. We will be successful if we know how to search for the required information on the internet and how to learn quickly and adapt it to the environment we are working in.
Always keep in mind that you will become a good penetration tester only through considerable practice. There is no other way to improve your practical skills. For example, you can read 50 books about programming, and you will understand how to read code. This is the process of passive learning. This can be useful. However, if you need to write your own program, you have to practice active learning, which means you have to write code and test it on your own.
As a hacker, you should always think outside the box. Thinking outside the box helps us cross imaginary boundaries and access possibilities and options that were not recognizable to us at first.

Occam's Razor

The Occam's Razor principle is beneficial for simplifying complicated circumstances, and it is one of the central principles of modern scientific theory. The principle is based on the following definition:

The most straightforward theory is preferable to all others of several sufficient possible explanations for the same state of facts. In other words: The simplest explanation is always the most probable.

Using Occam's Razor in theory sounds easier than it is in practice. We can state that the simplest explanation is the most probable. However, the fact is that apart from that, it is not always so.

Learning Concepts or Steps

We must also distinguish between the individual details and mechanisms and the general picture or concept. In our learning phase, we will encounter many situations in which we learn something new. However, it is crucial to understand the overall concept rather than the individual steps involved.
For example, once we are familiar with SQL injection and how it occurs, we may find the individual steps difficult at first. However, once we understand the overall concept, it will be easy for us to discover when a web application is vulnerable to SQL injections. This is because what remains the same is the concept. Thus, the concept is the main focus when learning new topics.
Suppose we have only learned the individual steps. In that case, we will have difficulty adapting them to new situations because we do not understand their impact on the systems and their applications.

Talent

We should keep in mind that we are not born with our talents/skills. A newborn baby will not suddenly start speaking in five different languages or explain to the doctor which laws were not adequately followed during childbirth. However, if we have a guitarist who has been playing guitar for years, it will be much easier for that person to learn to play bass guitar than for someone who has never played a string instrument.
Besides the fact that genetics influence our thinking processes, talent itself is not innate—the ability to solve particular problems with excellence results from thought processes developed primarily in early childhood. Such talents, or rather the ability to solve specific problems and challenges with high efficiency, arise from the constant or persistent confrontation with the corresponding situations and the problems that arise. However, it does not have to be precisely one situation to develop talent but rather the thinking pattern to solve problems.
In essence, talent is a trained and adapted thought process and the associated thought patterns for specific fields and situations.

PreviousLearning Process NextLearning Dependencies

Last updated 3 months ago

Way of Thinking

The field of information security is massive. We can compare it to programming: there are hundreds of programming languages, and it wouldn't be logical to learn all of them. Rather, we need time to learn different technical principles, structures, and processes, but we don't need to spend our lives learning every programming language. The main reason why we don't need to learn every single programming language is that all of them follow the same principles. Similarly, in information security, we have to learn and understand principles, structures, and processes. Then we adapt our knowledge to the various environments we encounter.

An important point to consider is our knowledge level. As previously mentioned, the problem in this field is the huge volume of information available to us. We can learn about every topic and still not master any one area, or we can learn about just one topic and become an expert in it. Another option, which I believe is superior, is developing our research methodology, the learning process, and how to use this to improve our knowledge. We will be successful if we know how to search for the required information on the internet and how to learn quickly and adapt it to the environment we are working in.

Always keep in mind that you will become a good penetration tester only through considerable practice. There is no other way to improve your practical skills. For example, you can read 50 books about programming, and you will understand how to read code. This is the process of passive learning. This can be useful. However, if you need to write your own program, you have to practice active learning, which means you have to write code and test it on your own.

As a hacker, you should always think outside the box. Thinking outside the box helps us cross imaginary boundaries and access possibilities and options that were not recognizable to us at first.

Occam's Razor

The Occam's Razor principle is beneficial for simplifying complicated circumstances, and it is one of the central principles of modern scientific theory. The principle is based on the following definition:

The most straightforward theory is preferable to all others of several sufficient possible explanations for the same state of facts. In other words: The simplest explanation is always the most probable.

Using Occam's Razor in theory sounds easier than it is in practice. We can state that the simplest explanation is the most probable. However, the fact is that apart from that, it is not always so.

Learning Concepts or Steps

We must also distinguish between the individual details and mechanisms and the general picture or concept. In our learning phase, we will encounter many situations in which we learn something new. However, it is crucial to understand the overall concept rather than the individual steps involved.

For example, once we are familiar with SQL injection and how it occurs, we may find the individual steps difficult at first. However, once we understand the overall concept, it will be easy for us to discover when a web application is vulnerable to SQL injections. This is because what remains the same is the concept. Thus, the concept is the main focus when learning new topics.

Suppose we have only learned the individual steps. In that case, we will have difficulty adapting them to new situations because we do not understand their impact on the systems and their applications.

Talent

We should keep in mind that we are not born with our talents/skills. A newborn baby will not suddenly start speaking in five different languages or explain to the doctor which laws were not adequately followed during childbirth. However, if we have a guitarist who has been playing guitar for years, it will be much easier for that person to learn to play bass guitar than for someone who has never played a string instrument.

Besides the fact that genetics influence our thinking processes, talent itself is not innate—the ability to solve particular problems with excellence results from thought processes developed primarily in early childhood. Such talents, or rather the ability to solve specific problems and challenges with high efficiency, arise from the constant or persistent confrontation with the corresponding situations and the problems that arise. However, it does not have to be precisely one situation to develop talent but rather the thinking pattern to solve problems.

In essence, talent is a trained and adapted thought process and the associated thought patterns for specific fields and situations.