Whether it was doing security testing of [Cisco] products or commercial webapp assessments or conducting some sort of critical infrastructure security research -- the "middle third" was always the worst.
You are stuck between the initial thrilling period of a whole lot of learning and the final culmination of the project where you are wrapping up the deliverables or presenting them to a client -- or to the community. This middle phase is sheer drudgery. Nothing makes sense, everything is up in the air, and you wish you never started the project. But eventually but you will experience enough angst to be able to pull the project together and in the end it will have been all worth while.
And you will repeat the cycle all over again.
I have not yet figured out the curve yet for operational security work, responding to unplanned outages, or administering behind the scenes gear that folks only care about when it is breaking or broken. But it does not follow this pattern. Or if it does the curve is dramatically compressed (perhaps the bipolar cycling patterns of adults vs. children is analogous) so that the initial excitement of kicking off what you thought would be a minor upgrade and the terrifying spiral of unexpected events to the moment of relief when you are back on steady ground and you manage to scrape together some solution to the problem -- all in a matter of a few hours.
Unlike consulting or R&D work this "middle third" is where you find clarity, where you realize in quite concrete terms some of the information (or assumptions) you had was incorrect and you know you would do things differently next time. This is wear the real learning occurs, where mistakes become crystal clear, where things become concrete.
So, yeah its been a busy week and I had to pull another early-morning upgrade today. And I'm exhausted. And how many more weeks of Edens construction?
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment