[_b8r0]

On a more technical note regarding the described background, "Kayla" apparently started by learning how to break software and exploit bugs by her dad and grew up learning about the Linux Kernel... then moved to SQL injection.

That last bit makes absolutely no sense. It's easier to learn SQL injection than the many, many different ways that memory management can go wrong. References to her memorising Windows Opcodes sound like a random phrase thrown in for credibility (you do after a while remember certain functions - 11 years after writing my first ARM shellcode I still remember it, even though I'll probably never use it).

The whole description of how she progressed just doesn't sound right. You can be up and running with SQL injection in less than an hour, learning buffer overflows and understanding them properly probably takes about a day and a bit at best (and that's assuming that you know C, how to use a debugger and how a compiler works). The Micro-SD strategy also seems a little extreme (but is viable, our testing gets done under a VM, there's no reason why that couldn't go on a micro SD card).

I'm calling BS on Kayla being a girl, mainly because the story just doesn't fit right compared to the application of Occam's Razor - that this is someone else trying to cover their tracks.

[sophacles]

When you have an expert parent (or other adult influence) you can, and frequently do, learn things in a "weird" order. Further study after study from teaching land shows that "the natural order" to learn things is not nearly as fixed as one would think, the order you learned in is not the only way. The order you were taught in is not the only alternative way.

I remember I started learning in C, reading security and working on perl all the same time. I didn't even know about SQL for a couple years after that. This was in the late 90's and early 00's tho, things were a bit different, but it isn't improbable nor impractical to have this learning curve in a semi-self taught way. It is even less improbably given that her dad probably taught what he knew best, C and Kernel stuff.

When I was a kid, my grandfather was an electrician. I grew up learning about house wiring, and how to do it properly and quickly. I learned how to solder and do stuff with wires long before I ever did basic electronic theory stuff. It never occurred to me that 120VAC was any more dangerous than a small fire. Imagine my surprise when in college I first encountered these professors who were terrified of wall current ('of course it will hurt you, just don't be stupid' is still how i think of both fire and electricity, the stuff isn't magic). I was confused when we went over stupid "this is how a dpdt switch works" and annoyed that we never played with any circuits more advanced than I grew up doing for over a year. I had never had any basic electronic theory at that point.

So: do you disbelieve me because I didn't learn in some natural progression as an electrician apprentice would? Because I didn't learn in the order the courses laid out in college?

tl; dr -- the idea of a "natural progression" in learning is just bunk.