The “value” of college can be measured in many ways: knowledge, problem-solving experience, emotional growth, vocational training and preparation, social growth and network building, credentials, and more.
The cost of college education is still reasonable when community college options are used for at least the first couple of years, regardless of the course of study.
Universities should bolster their cooperative education departments by extending internships and coop job placements for all majors, not just engineering, computers, math and science.
Community colleges could also provide valuable post-graduate job training options for those who major in the humanities/liberal/fine arts and are looking to apply their education in unique ways to job fields that need people the most.
College is important and valuable. Some changes are needed, but the market should drive those changes in a positive direction.
From what I can tell, with perspectives from professors and administrators who are unhappy with the status quo, universities have become very administrative and non-education initiative top heavy.
A much leaner focus on teaching & research might help lower tuitions for a start.
And more flexible STEM degrees, I.e. customized skill path degrees, to address student (and employer) demand for specialization.
Also a problem I have seen: You know a university is run by the wrong people (managers instead of leaders), when the higher up’s are hiring consultants to tell them what they should be doing to address all the changes going on.
> The “value” of college can be measured in many ways
Neat, but it rarely is because we live in a society of high wealth inequality.
> Universities should bolster their cooperative education departments by extending internships and coop job placements for all majors, not just engineering, computers, math and science
Why? You would need to show how that would increase shareholder profit. If it won't, it's a liability at best.
> Some changes are needed, but the market should drive those changes in a positive direction.
I would love to know what was going through your head when you wrote this.
Thank you for commenting. It is important to know that all public colleges and universities and most private institutions are not “owned” by anyone. So they don’t have shareholders, and profit is not a consideration.
There are some for-profit degree mills in the US that are owned by corporations, but these businesses are not the focus of my comments nor were they the focus of the original article.
Even though most colleges and universities are not businesses focused on profit, they are indeed focused on growth and development. They do this (theoretically) for several reasons: 1) to protect the good name of the institution for the benefit of the students and alumni; 2) growth is better than stagnation or decline; and 3) administration is required and incentivized to do it. This costs money.
Where does the money come from? Students (tuition), research (government and industry), and donations from alumni and industry.
There is stiff competition between institutions to 1) attract students and 2) attract funding and donations.
This competition creates a market. The universities and colleges have to provide value to students and donors-more perceived value than other institutions-to gain their interest and dollars.
There used to be more government subsidies for public institutions, but those days are gone.
Not all institutions are successful in the marketplace. My comment was that ultimately, students (and their parents) have the power to change the way that colleges and universities serve them by voting with their wallets.
Personally I don't think software engineers need colleges. You could find everything you ever need to know online but one needs to have dedication and will not to get distracted.
Most companies I've worked at don't give two shits about backend complexity, let alone owasp level security. They'd buy some compliance tool and be done.
This industry doesn't care too much about quality.
> This industry doesn't care too much about quality.
Generally because there's just no consequences for it. Got compromised and lost millions of customer data to a hacker? An "Oops, we're sorry." is enough and everyone moves on.
This is inadvertently an advertisement against the value of college (and I say that as someone who didn't go to college, but does see some value in it)
Someone without college wouldn't have been distracted into thinking injection attacks boil down to needing to teach people better. Not because they inherently 'know better', but the entailment wouldn't even have a chance to register.
That leaves leaves them free to think in a different direction than that... maybe on the clear misalignment between the cost of vulnerabilities and cost benefit of underfunding software development: which translates to hiring fewer people, overloading them on tighter deadlines and poorly defined scope, and just generally increasing the chance they will code "improperly".
_
Now there are people who went to college and know better than to fall for that entailment, but this might demonstrate why people are losing faith in the system: Education isn't the end all-be-all it sometimes is billed as to younger folks, and the real world is not as linear as a college syllabus.
Imagine a company culture where everyone has the same line of thought you just did? Those are the companies spending millions of random CYA security trainings and still letting any potential improvements to product management languish. Essentially "beatings will continue until morale improves".
> Imagine a company culture where everyone has the same line of thought you just did?
What is this strange intellectual posturing you are doing? If you wanted to say you think I’m an idiot, just say it without spending 300 words to subtly imply it.
Look, unlike your comment, mine doesn’t require you to imagine any hypothetical worlds. I don’t have to imagine a hypothetical world where cybersecurity professionals are undervalued and undereducated, I see it every day. People doing extremely dumb shit because they don’t know better. At least they’re “free to think in a different direction”!
They don’t need handholding. They don’t need to hire a “consultant” for $300/hr to read NIST documents for them. They need education, whether that’s college or some other model I don’t care.
Your comment was about a need to change education.
> cybersecurity professionals are undervalued and undereducated, I see it every day.
Which is more effective at changing that situation?
- changing the education system
- increasing the cost of laissez-faire hiring practices
If a breach cost 100x as much, does the value of qualified professionals go up or down? Do incentives to upskill go up or down? Do oversight and vetting of hires go up or down?
You can educate professionals until you're blue in the face: if the cost of hiring people who are underqualified doesn't change, the industry will even settle for unqualified people.
If anything you'll just devalue the ones you educated even further: Their time and effort isn't free, meanwhile there's no increase in demand for them because you didn't change the cost of hiring someone dumber. You just took their time without giving them a way to actually get a return on it... unless thanklessly fighting to apply their newfound knowledge in a system that already undervalues them is your idea of a return.
_
Of course, you're free to draw whatever pivot/conclusion/aberration/perceived slight you want from here: my father is a PhD, my mother holds a doctorate and they're both from the 3rd world. I've experienced what higher education can do for people better than most, there was no posturing.
In my line of work (government contracting) undervaluing of cybersecurity is a direct consequence of ignorance. You have no idea how many times I’ve given the same scare brief to a decision maker who on Slide 1 said “We are already safe, we don’t need this crap” and on Slide 200 is clamoring to hire more people. But they can’t find any; qualified professionals are few and far between, and too expensive for GS scale.
> one needs to have dedication and will not to get distracted.
This is something often overlooked when people say you don't need college. Tutorials and exams — along with spending a few years with peers also engaged in study — is a good way to not get distracted. Not everybody has ironclad discipline.
Depends on what you mean. A lot of my “college” was not CS-related at all. Things like humanities were nice to have, and I believe e.g. Philosophy 101 made me a more well-rounded person, but I think it’s a bit presumptuous to ask people to take out non-defaultable loans to pay for that. Anyone who disagrees should ask themselves why some schools don’t consider humanities necessary.
As far as college-level CS, I think it’s necessary. Maybe it’s not the best way in a vacuum, but it’s the best that currently exists.
Commercial applications do not need college, that is absolutely true.
Personally, I’ve tried to do cutting edge things periodically and I’m pretty sure I would have been far too intimidated to go that deep without some prior exposure in college. Topics like assembly level work or bitshifting within a single byte to cram storage into unassuming places. The resources are definitely out there to learn, if you know what you’re looking for, but its like scaling a wall. Somethings look insurmountable until you have prior exposure doing it.
Disclaimer: I have an EE/CS degree from a "top 50" public university where there was no grade inflation, it was fairly expensive ($20k net debt), and a sink-or-swim treatment of students.
In industry, I've experienced much unprofessionalism and ignorance emanating mostly from coders (they're definitely not engineers) who lack knowledge and experience. Most don't understand big-O notation, never had vector calculus, don't understand cryptographic primitives, couldn't design an algorithm or data structure from scratchm and don't have familiarity with fundamentals. The fundamental they're missing are programming language implementations (lexers vs. parsers), NFA->DFAs, operating systems, and network protocols. This is a problem because such coders also tend to lack curiosity because they're just there for the paycheck, don't understand how to profile their code, and tend to put up barriers about things above and below their niche in the stack. In summary, they tend to not adopt the pride of craftsmen with understanding, mastery, and excellence, and this makes them difficult to tolerate because shit ensues.
19 comments
[ 0.39 ms ] story [ 59.3 ms ] threadThe cost of college education is still reasonable when community college options are used for at least the first couple of years, regardless of the course of study.
Universities should bolster their cooperative education departments by extending internships and coop job placements for all majors, not just engineering, computers, math and science.
Community colleges could also provide valuable post-graduate job training options for those who major in the humanities/liberal/fine arts and are looking to apply their education in unique ways to job fields that need people the most.
College is important and valuable. Some changes are needed, but the market should drive those changes in a positive direction.
A much leaner focus on teaching & research might help lower tuitions for a start.
And more flexible STEM degrees, I.e. customized skill path degrees, to address student (and employer) demand for specialization.
Also a problem I have seen: You know a university is run by the wrong people (managers instead of leaders), when the higher up’s are hiring consultants to tell them what they should be doing to address all the changes going on.
Neat, but it rarely is because we live in a society of high wealth inequality.
> Universities should bolster their cooperative education departments by extending internships and coop job placements for all majors, not just engineering, computers, math and science
Why? You would need to show how that would increase shareholder profit. If it won't, it's a liability at best.
> Some changes are needed, but the market should drive those changes in a positive direction.
I would love to know what was going through your head when you wrote this.
https://collegeaftermath.com/university/who-is-the-owner-of-...
There are some for-profit degree mills in the US that are owned by corporations, but these businesses are not the focus of my comments nor were they the focus of the original article.
Even though most colleges and universities are not businesses focused on profit, they are indeed focused on growth and development. They do this (theoretically) for several reasons: 1) to protect the good name of the institution for the benefit of the students and alumni; 2) growth is better than stagnation or decline; and 3) administration is required and incentivized to do it. This costs money.
Where does the money come from? Students (tuition), research (government and industry), and donations from alumni and industry.
There is stiff competition between institutions to 1) attract students and 2) attract funding and donations.
This competition creates a market. The universities and colleges have to provide value to students and donors-more perceived value than other institutions-to gain their interest and dollars.
There used to be more government subsidies for public institutions, but those days are gone.
Not all institutions are successful in the marketplace. My comment was that ultimately, students (and their parents) have the power to change the way that colleges and universities serve them by voting with their wallets.
So why have they been one of the top 10 worst vulnerabilities for nearly a decade? Because people don’t know about them and how they work.
Maybe we need more than two week JavaScript boot camps.
This industry doesn't care too much about quality.
Generally because there's just no consequences for it. Got compromised and lost millions of customer data to a hacker? An "Oops, we're sorry." is enough and everyone moves on.
Someone without college wouldn't have been distracted into thinking injection attacks boil down to needing to teach people better. Not because they inherently 'know better', but the entailment wouldn't even have a chance to register.
That leaves leaves them free to think in a different direction than that... maybe on the clear misalignment between the cost of vulnerabilities and cost benefit of underfunding software development: which translates to hiring fewer people, overloading them on tighter deadlines and poorly defined scope, and just generally increasing the chance they will code "improperly".
_
Now there are people who went to college and know better than to fall for that entailment, but this might demonstrate why people are losing faith in the system: Education isn't the end all-be-all it sometimes is billed as to younger folks, and the real world is not as linear as a college syllabus.
Imagine a company culture where everyone has the same line of thought you just did? Those are the companies spending millions of random CYA security trainings and still letting any potential improvements to product management languish. Essentially "beatings will continue until morale improves".
What is this strange intellectual posturing you are doing? If you wanted to say you think I’m an idiot, just say it without spending 300 words to subtly imply it.
Look, unlike your comment, mine doesn’t require you to imagine any hypothetical worlds. I don’t have to imagine a hypothetical world where cybersecurity professionals are undervalued and undereducated, I see it every day. People doing extremely dumb shit because they don’t know better. At least they’re “free to think in a different direction”!
They don’t need handholding. They don’t need to hire a “consultant” for $300/hr to read NIST documents for them. They need education, whether that’s college or some other model I don’t care.
> cybersecurity professionals are undervalued and undereducated, I see it every day.
Which is more effective at changing that situation?
- changing the education system
- increasing the cost of laissez-faire hiring practices
If a breach cost 100x as much, does the value of qualified professionals go up or down? Do incentives to upskill go up or down? Do oversight and vetting of hires go up or down?
You can educate professionals until you're blue in the face: if the cost of hiring people who are underqualified doesn't change, the industry will even settle for unqualified people.
If anything you'll just devalue the ones you educated even further: Their time and effort isn't free, meanwhile there's no increase in demand for them because you didn't change the cost of hiring someone dumber. You just took their time without giving them a way to actually get a return on it... unless thanklessly fighting to apply their newfound knowledge in a system that already undervalues them is your idea of a return.
_
Of course, you're free to draw whatever pivot/conclusion/aberration/perceived slight you want from here: my father is a PhD, my mother holds a doctorate and they're both from the 3rd world. I've experienced what higher education can do for people better than most, there was no posturing.
This is something often overlooked when people say you don't need college. Tutorials and exams — along with spending a few years with peers also engaged in study — is a good way to not get distracted. Not everybody has ironclad discipline.
As far as college-level CS, I think it’s necessary. Maybe it’s not the best way in a vacuum, but it’s the best that currently exists.
Personally, I’ve tried to do cutting edge things periodically and I’m pretty sure I would have been far too intimidated to go that deep without some prior exposure in college. Topics like assembly level work or bitshifting within a single byte to cram storage into unassuming places. The resources are definitely out there to learn, if you know what you’re looking for, but its like scaling a wall. Somethings look insurmountable until you have prior exposure doing it.
In industry, I've experienced much unprofessionalism and ignorance emanating mostly from coders (they're definitely not engineers) who lack knowledge and experience. Most don't understand big-O notation, never had vector calculus, don't understand cryptographic primitives, couldn't design an algorithm or data structure from scratchm and don't have familiarity with fundamentals. The fundamental they're missing are programming language implementations (lexers vs. parsers), NFA->DFAs, operating systems, and network protocols. This is a problem because such coders also tend to lack curiosity because they're just there for the paycheck, don't understand how to profile their code, and tend to put up barriers about things above and below their niche in the stack. In summary, they tend to not adopt the pride of craftsmen with understanding, mastery, and excellence, and this makes them difficult to tolerate because shit ensues.