natas is probably a good start. The first several levels are pretty simplistic, but it starts to ramp up eventually.

http://www.overthewire.org/wargames/natas/

Disclosure: I was a student in the first round of this course and prior to enrolling, only vaguely knew of Cody as 'that guy who hacked hotel locks'.

For anyone considering this course, it's well worth the price of admission. Especially if your company pays :) Cody challenges each student to think like a breaker. The course is very hands on. I'd plan to spend at least 5 hours a week on the coursework.

As a result of what I've learned, I've found numerous bugs within internal apps at my company, bugs within random email survey links, bugs within vendor code. Bugs, bugs everywhere!

My only nitpick with the course was that there were some unforeseen scheduling issues that affected the pace and caused it to extend out to > 12 weeks in length. But I attribute most of those to being part of the first/beta run. I have confidence that Cody will get everything worked out in future iterations.

It doesn't take long to see that Cody really does have a genuine interest in teaching others about security. His willingness to share his knowledge is a benefit to anyone willing to learn.

As a satisfied user of the latest CyanogenMod nightlies on a 2 year old Galaxy S2, this is great news! CM has breathed new life into my outdated hardware.

However, I have to echo the concerns in the post's comments about Gapps[1] (Gmail, Maps, Play Store). I wouldn't say the dependency is as strong as something like Zynga/Facebook, but if Google ever chose to lock Gapps down, I don't know that I'd stick with CM.

[1] http://wiki.cyanogenmod.org/w/Gapps

You can roll your own Gapps quite easy (before flashing a custom ROM) if at some point Google starts going after anyone and everyone distributing it (which is what they would potentially target if they did). I've done it before when compiling the AOSP source and there's nothing out yet because it's a new AOSP version.

Google currently has no incentive to lock down those apps. The one place that they have the least incentive to lock down is the Play Store, as CM users will still be sending money their way.

right but they do lock them down. As it says on the parent url, "Due to licensing restrictions, these [GApps] apps cannot come pre-installed with CyanogenMod and must be installed separately." Google heavily licenses GApps.

The incentive for them is to stop folks like Amazon installing Google Apps on their Android fork, and to encourage Chinese/3rd party/etc indie OEMs (the kind no-name tablets you see on eBay for $100) to establish a relationship with Google in return for then being able to supply GApps on their devices.

Holding the keys to GApps is what allows Google to give away the rest of the castle (Android) and still maintain control.

Except, much like Apple's walled garden approach, they want to ensure that what is in their app store works. Because if I pay for a product at your store, and it doesn't work, I complain loudly, demand things, etc. That's a headache to deal with, for Google, for the app developer and for someone using a stock phone looking at an app with terrible reviews.

So in a way, they do have an incentive to make sure that unknown builds can't access their app store.

Google does lock down the Google Play services, and their incentive for doing is the license fee$$$ they can charge to the compliant device manufacturers.

This is unfortunate but hopefully their experience helps them as they get back into the working world.

In the past 3 months, I signed up and canceled an account. The issue I have with internet points is that whatever the algorithm is that powers the score is ultimately arbitrary. A few days ago I noticed my score dropped by ~10 points and I couldn't figure out why so I canceled. Similar situations have happened on StackOverflow in the past.

This used to upset me until I realized that there's no counter stocked full of silly putty and plastic frogs where I could redeem my points. In hiring instances, I definitely see value in SO and Github because they can expose you to how someone communicates (in both English and code). But I imagine it's a hard sell to market an aggregated score from unaccredited sources.

I'll admit it, I'm skeptical. I'm also a bit jealous that I can't seem to find 10 spare minutes a day for learning.

Some quick internet sleuthing led me to https://angel.co/grapefeed which appears to show that she's the co-founder of a social-sharing website that just happens to be written in Rails.

If that's the case, then she likely has access to the other co-founder/Rails developer. Not to take anything away from her work, but it doesn't seem quite the same to me as the "One day I woke up and decided to learn web development on my own" tone that I took away from the blog post.

Isn't it likely that Monster has some sort of "freshness" indicator that might rank new profiles higher than old ones that haven't been updated in a while?

A better experiment would have been to create two similar profiles at the same time with the only difference being the name and diversity questionnaire.

At some point her real resume was fresh, and it doesn't sound like she experienced the same level of response then that she received on her fake fresh resume. Of course maybe the insurance industry wasn't hiring as eagerly when her real resume was fresh. Oh well, let's just assume it's experiment error and her conclusions are baseless. There, I feel better.

I understand discrimination is real and I wasn't implying otherwise. But I also worked in the past for a monster competitor and I can say that at least at the company I worked for "new" candidates were promoted much more than existing candidates.

Hiring managers would much rather see an email titled "20 new candidates for your XYZ position!" than "20 people who haven't updated their profile in 2 years for your XYZ position".

Creating two profiles at the same time would eliminate this issue, although employers might then wonder why 2 candidates have the exact same profiles...

I actually added this link to run an experiment. I have been playing around a lot with the nltk package and after I saw the one link similar to this on the front page, I remembered that this story got flagged for not being techie enough. So now that we are getting a discussion going I can run sentiment analyses on the comments to text for variances on different levels.

I look forward to seeing the results. This story is already off the front page despite clearly deserving to be there from vote counts. Feel free to email me if I can help.

You've now contaminated your experimental results.

Well, dismissing her experience based on a "freshness rating" hypothesis wouldn't be justified, but she does say that she had "used [Monster] in the past and...been successful in obtaining jobs through it."

To me, part of the issue is that there are two audiences (event planners/event related services vs. someone who needs help planning an event) and the homepage attempts to market to both at the same time. The subheading and the call to action seem to contradict each other. "Jellifi is looking for event planners" vs. "Plan Event Free"...huh?

That said, I do think it's an interesting concept and suggested it to a friend who does event photo booths and he seemed very interested in signing up.

I've found that the small companies I've worked for ignore the HR related policy issues for as long as possible with a mostly negative impact on employee morale.

Owners/management say things like "we're small so we don't have a set vacation policy." Which sounds cool and works out fine until Willy starts coming in at 11 am and leaving at 3 pm and you wonder why you're stuck at the office on a holiday.

IMO It's much better to have set policies so everyone knows where they stand. Another option is to find a company that doesn't hire/tolerate those types of Willys, but that's difficult to know beforehand.

I agree -- I've turned down a job before I received a formal offer (was told one was in the works) partly because no one could tell me what the vacation policy was. Not that I'm only interested in time off work, but I do live a few states away from the rest of my family (and many friends) and I'd like to visit them once in a while and not feel guilty.

Playing http://theverge.com with my Android phone - the final path just before the end of the level reads "Why Andy Rubin and Android called it quits".