I’m tired of being noob in software security stuff. Now that the deadline for paper submission has passed, I’m willing to put much more effort into it. I’m gonna sacrifice the ICPC stuff and won’t train much for it. After all, it’s all about priorities, isn’t it? My first milestone is:
- Complete Andreas Zeller’s fuzzing book
- Read the recent papers of the famous fuzzing research groups
- Solve pwncollege exercises for orange belt
- Solve the 10 challenges in that fuzzing Github repo
The first item wasn’t that hard. I did it almost in a day. I think I’ve learned to deal with my perfectionism. Instead of going through the book sentence by sentence, I just scanned its chapters and got the general idea of each. Or maybe it’s not about dealing with my perfectionism, but about feeling more confident about my brain’s power to fill the empty gaps by itself.
One thing I’ve recently realized, is that most of the people in our neighboring groups, are afraid of the theoretical computer science stuff. They are highly focused on practical parts. But I’m not like them. So, I hope it helps me to do more attractive projects combining the theoretical stuff with the practical part. I’m currently learning a lot of those theoretical things in program analysis course, and I believe I’ll learn even more after doing its project. Let’s see what happens.
Currently, my knowledge is so shallow. Almost all of the ideas that come to my mind have been implemented and published recently, if not a long time ago. I hope I can have some more novel ideas after reading the recent papers.