I remember when fuzzing was just sending long strings to RPC programs, and tapping the cloaca of all Unix programs, the signal handler, to see what came out. But now, to be a hacker, you have to be a scientist.
Computer science is a real thing. But most computer scientists I know can't explain how to do it because it comes out sounding like a deep dive into a dungeons and dragons campaign run by toddlers. And perhaps, the hardest thing with computer science is knowing when you're stuck, when the noise inherent in your system has overwhelmed the signal, and hence, you.
Really I lied. The hardest thing is knowing when someone else on your team is stuck and being able to reach into their understanding of the System and unstick them. Because science, like digestion, is a team sport.
You can, if you want, undertake fun experiments. For example, you could as a hacker just say publicly what 0day you know are sitting around, waiting to be found. You can be as loud and annoying about it as possible, then just wait a few years and see if there are any cool BlackHat talks on the
subject or not, and if the market makes any particular changes to how it deals with that technology. There will not be any. This might make you ask more questions - more uncomfortable ones.
"What is an acceptable parasitic load in a system?" you might ask in this way. In the animal kingdom,
it is an astonishing 40%. In computers, it is probably the same, where the science of hacking is equally ignored and reviled, both profitable and prophetless.
Most hackers you know are specialized in the mystic art of Transformation. A heap overrun becomes an information leak which becomes code execution. A denial of service becomes a side channel attack becomes a local privilege escalation. Sometimes it's hard to see the science in this. A friend of yours will look down upon it as "just engineering". But it's not enough to just find one bug anymore, or even one transformation of a single bug. Every bug must pass through multiple slits at the same time now, like a lost waveform. This takes some science.
My point is this: If you think you are defending against Engineers, but really you are defending against Scientists, you've already lost. And if a country wants to build and maintain offensive power in cyberspace, it has to understand how to care for and nurture the places that treat it as a science.
-dave