Agreed. Most startup founders I've seen "complain" about having to work 12 hour days, 6 days a week but in reality they are wasting a lot of time doing nothing and could get the same amount of work done in a 40 hour week. They then go on to complain about it but in reality they think it shows how tough they are for being able to do this.
I think they are probably referring to "whiteboarding" in the sense of asking somebody to implement a heap sort algorithm on a whiteboard using psuedocode or something along those lines.
In my experience certificates like this are considered pretty useless by most software engineers. Anybody can do a certificate and have their hand held all the way through it. Real world experience in much more valued. Also software dev is both an applied skill and a fast developing field too in which not everybody agrees on the right way to do things, so its hard for universities to keep up with the changing times. Plus whatever job you get after university will probably require you to learn a ton of new stuff anyway. Basically I don't believe that software engineering is a field in which you can go off to study for a year and then be considered better at your job because of it. (This could be different if you were to study a more specific subset of computer science like security, computer graphics, machine learning etc.)
That said you've been a developer for three years so are in a pretty good position to try moving to a company which does more advanced stuff and further your career. This of course has the added benefit that you don't have to make any financial sacrifices, in fact you will probably get paid more by doing this.
Finally you mentioned getting into Appsec, if you want to specialise in a field like this then I would highly recommend that. As I said earlier spending time to specialise in a field like this would be worth while, you could do a degree or do a certification like the OSCP (unlike software dev, certifications in info sec are actually valued if you do the right ones). This is what I'm currently doing myself after 5 years as a developer now specialising in security.
Thanks for responding. Yeah I’ve heard mixed things about obtaining certificates — in this case it’s considered a “degree” despite having the ‘Certificate...’ label. Nonetheless, I know what you’re saying. I’ve decided to do the one year course in security as I’ll find the structured learning and exams a good way to discipline my learning, and as a result I’ll have more time to apply those foundations industry experience rather than spending two years in college. In the meantime I’m trying to find somewhere else to work that’ll hopefully help me apply what I’m leaning. I guess the need for validation in what I’m already doing is more a confidence issue that’s always made me reluctant to apply anywhere else - a mentality I really need to escape! Thanks for your feedback and good luck with the AppSec!
You will get paid more with the right paper in a lot of companies, for equal experience (and even 5+ years more in some cases). The degree is important, and in the right company a certificate can be too.
> a knowledgable user will most likely check the content first
Really? Are they going to read every line of code and every line of code in every dependency that the install script installs?
The bash detection is clever but I think its a solution to a problem that doesn't exist.. Its already very easy to install hide malicious code in plain sight, why go to all this trouble to detect if the user is piping to bash?
For example, see how easy it is to publish a fake npm package or a .deb package:
I have no problem with the layout, design or lack of javascript, in fact i like it, but think I there are several real functional flaws in this site which are annoying.
Why is there no search function? You have to go to a third party site to search hacker news. Why can you only go back 3-4 pages of articles? Why is there no mention of the formatting available to you when writing a post? I think you have to browse the FAQs to get that data?
Even just now I had to login after writing this post and clicking "add comment", once I logged in the post I had written was no longer in the form! This is basic stuff guys.
Those are some issues which would be as true today as they were 10 or 20 years ago.
