[lawnchair_larry]

It's hard to say this without sounding like one of those condescending security people, but I highly recommend avoiding that guy.

http://attrition.org/errata/charlatan/steve_gibson/

To balance that with something constructive, if you are already comfortable with software development, I'd suggest checking out these to get started with playing around:

https://www.corelan.be/index.php/2009/07/19/exploit-writing-... - Part 1, they go to 11.

https://google-gruyere.appspot.com/ - for web app sec

[dtromero]

Those are some great links. Do you follow any security related podcasts? I don't work in security but like to stay relatively up to date.