Pretty please?

Can I not telnet to facebook.com on port 80 and make a request by hand? Sorry, but their copyright ends after they distribute a URI over HTTP. What I do with the response is my prerogative. My browser does anything it wants to with your data... even if I'm not using a browser to connect to tcp/80 at the time.

We have had a request out for a Security Researcher with a clearance for over a year now. Not a single candidate with a military background has come through yet with the right skillset for exploitation development. The Military is only cranking out operations people, which aren't really that hard to come by.

I've seen the NSA recruiting at Defcon and making it a point to say that you would still be accepted even if you had drug convictions. Playing to the crowd for sure :P

About 20% of the best people I know employed as Security Researchers did not even graduate high school, including myself. I see this trending downward as more and more schools now have something of a security curriculum, but its still very much an industry of self-motivated voodoo programming. Universities have always been decent at training operational security people (configuring/monitoring security appliances and policy issues), but I've yet to hear of a school with a good program on vulnerability discovery, exploitation, and reverse engineering code. For me, at least, its much more of a mindset thing more than a skillset thing, which is a lot harder to teach.

I'm not so keen on my IDE being reliant on all those static code analysis tools to determine your code's structure. For the most part they find all your methods just fine, but so many times they fall short, especially when you are not using Java.

This is a great site with a good bit of introductory information. I implemented their LED flasher tutorials when I was playing with my Xylinx Spartan board. fpga4fun.com