About 20% of the best people I know employed as Security Researchers did not even graduate high school, including myself. I see this trending downward as more and more schools now have something of a security curriculum, but its still very much an industry of self-motivated voodoo programming. Universities have always been decent at training operational security people (configuring/monitoring security appliances and policy issues), but I've yet to hear of a school with a good program on vulnerability discovery, exploitation, and reverse engineering code. For me, at least, its much more of a mindset thing more than a skillset thing, which is a lot harder to teach.
This is a great site with a good bit of introductory information. I implemented their LED flasher tutorials when I was playing with my Xylinx Spartan board. fpga4fun.com
Software Patents
I'll start off with a notice to those who would say that I am out to
undermine all the work of programmers everywhere, in hopes that I may
receive a free lunch: I am a programmer, I understand what it is to
see a project through to its completion and hope for it's continued
success. A free ride has never been my goal. Furthermore, it is
another misstatement to say that abolishing software patents would
somehow make software available at zero cost.
"I am your density." -- George McFly in "Back to the Future"