Don't forget that RTFM only works when a definitive (or at least high-quality) M exists, and it's hard for that to happen when dealing with humans. If we had the M, we would have a much better idea of how to model human thought processing in AI systems. While I'm also a strong RTFM supporter especially because it helps one be thorough in many cases, there are definitely limitations.

Yes, it could if you're talking about fuzzers. Having made fuzzers for a few programs, it really is amazing how many bugs they catch, how many crashes they cause, and how often they suggest the ability to control execution based on matching up the data in registers with data in the fuzzed input file. There should definitely be some fuzz testing done. I never really thought about it in the context of open-source software-- anybody know what practices are for different projects or where they would get compute time?

I am currently finishing up an undergrad in CS at a "major research university", and take classes with the masters students. I have also done "research" at the "graduate" level, and it was an easier A than almost any other 3-credit endeavor, even though I ended up putting more time into it because I did enjoy it a bit.

The claim that professors at research universities don't focus on education is, in my case, completely wrong even if correct in general. I have lunch with my professors, they go out of their way to make sure people understand issues, and they are generally amiable people (although occasionally distracted by research deadlines of course). During employment this past summer I was appreciated for leveraging information I had gathered from various classes--some say that school is just for the degree, but if you try hard enough you can get the practical experience from people who care.

Yes, but those with passion and a good education are better yet. There is a lot that can be learned in a class that allows for quicker and more thorough education than someone who is completely self-taught. How many people who teach themselves go out of their way to do things like understand the apriori algorithm or look into advanced dynamic programming techniques and distributed locking protocols?

Quite honestly, drop-outs aren't all that special. I'm a high school drop-out, but only so I could start college early. Seriously. People can put effort into their assignments, add functionality, focus on clean code and even write test suites for the more complex ones (and yes, it helps quite a bit because they're typically much more complete than what the underpaid TA uses).

And finally, "doing it the hard way" is typically the uneducated way. There's a reason the slogan for google scholar is "stand on the shoulders of giants"--learning from others' advances is the way to go. Unless, of course, you're convinced you can sort stuff in faster than O(n) time and figure out if an arbitrary program will halt; then you have something, or maybe just never had the educated prompting required to realize they are horribly futile.

But you are definitely right that CS education has a problem. I was absolutely floored when a co-worker couldn't write a recursive algorithm, and just wondered how he ever got past his data structures class!

I definitely hear that a lot from interviewers, but have also heard that a strong interest in advanced classes combined with something above a 3.0 helps a good deal

I am graduating in May and happen to be able to second your opinion that NYC is a great place for tech employment. I had multiple offers around the city--as long as one is willing to consider "applied" CS jobs as well as the pure tech like Microsoft/Google, etc. there are definitely options out there for people who are flexible and entry-level.

This is just more evidence of what is already widely known: people are generally lax about security matters. What we really need is some way of getting the point across that things like reasonable passwords are turning into a necessity of every-day life.

Both the twitter and Palin e-mail "hackers" just guessed passwords or researched PII to get in. This also shows we definitely need some better form of authentication, and that authorization policies inside organizations should be more paranoid. Of course I'm still lost as to alternatives to passwords, so perhaps people will just have to suck it up and put a bit of effort into it.

There are always the trade-offs between effort and the value of what one is protecting. If the public finds these data breaches unacceptable, why not make the consequences more serious so that from a business standpoint it is more worthwhile to spend on security? This may lead to corporations developing an atmosphere of security awareness, which will keep people actively thinking about important steps to take in typical day-to-day activities.

I think "computer literacy" is more in order. In fact, just the other day I helped yet another person who didn't understand that documents written with a specific program didn't live exclusively inside that program. Understanding fundamentals like this are necessary to interact in a competent manner with computers, which are becoming a necessary tool for more and more fields.

Without these basics, "Computer Science" is somewhat hopeless; I would rather have these basics be required. One thing that needs to be improved is the ability for people inclined towards computer science ideas to be exposed to advanced concepts . . . but it should not be compulsory. I am a CS major, but had my first programming class my 2nd semester and thought I was really computer-savvy specifically because I knew that files were independent of the program that created them. However, I was interested in programming for a while before that and just never had the opportunity to explore it.