Through my higher learning endeavors as well as personal experience, I can say I've learned a few things when it comes to learning a few things. Recently, I've taken a lot of my old techniques for picking up new techniques to the next level and I've come to realize that it comes down to three things; Time, Experience, and Application. Sure, I'm primarily referring to programming, system, and security concepts, but this "learning framework" can be applied to anything I imagine.
However, when it comes to the work I do, I find that a little bit of applied initiative is all it takes. I was inspired to write this blog a couple of weeks ago when I had lunch with an old friend of mine. Him and I met 10 years ago when I was in college, when we both worked at an AT&T/DSL call center. Back then I used to spend my downtown between calls writing Python code and exploring the network. I never let a moment go by where I wasn't learning or tinkering with something. Anyway, this friend of mine has always had an interest in computers and programming, but just like a lot of other guys I know, he never does anything -- he only talks about it.
I've always found this peculiar. Not just with him, but with anyone that has an interest in a subject that wants to learn and develop a skill but somehow fails to get motivated enough to do it. I don't think there's been a better time in history than right now, to learn anything you possibly could want to learn. Anything one wants information on is a Google search away. In the 10 years I've known him, he's only ever made excuses as to why he's not coding or developing the games he so passionately talks about.
In this day and age, at this time, having an interest isn't enough. One thing I learned early on in my 20's is that WANT is the most powerful force in our lives. You have to literally want something in order to put the pieces in place to acquire it. Without specified, simplified WANT, you'll never get anywhere and you'll continue to grow old and not accomplish anything. I've learned that anything can be learned and/or accomplished if you dedicate enough time to the building blocks that will get you there. That's the time aspect of this model.
Time is relative when it comes to learning. Depending on what it is you're trying to pick up, it may only take 10 minutes, it may take 2 years. The point is, the time has to be allocated and it has to be utilized. SMART goals are goals that are specific, measurable, attainable, realistic, and of course, time based. Programmers are exceptionally skilled at breaking complex problems into small pieces so they can be incrementally completed, and I find that approach to be an effective methodology when it comes to accomplishment. Something as simple as an hour a day can produce amazing results. This is why it's important to focus on personal Time allocation.
Experience and application go hand in hand, but I find that experience by far, makes things so much easier. It rings true that things you've done before, become easier and easier as you continue to do them. This isn't anything new, but it's a valuable lesson when being confronted with a new concept that you haven't exposed yourself to. Anything relative new to you is going to be a little bit difficult -- but that's how you learn. There's always going to be a curve or a hump to get over or around before the road straightens and flattens out. The hard part is sticking it out so the next time you approach it, you've got some famailiarity.
One inkling of experience calms the mind, and reassures you that you've done this before so it can't be that hard. One inkling of experience also allows you to open up other cognitive channels (because you're not fully focused and frustrated on what you're trying accomplish) so you can adapt to things that you've haven't experienced before. This is why I stress the stress. It's supposed to be hard at first, but if you stick with anything, it becomes easier. And that's what separates the winners from the losers -- the decision not to give up when things get difficult.
Finally, the application aspect of this model is how you solidfy what you've learned. You absolutely have to apply what you've picked up to something that matters to you. If you're not personally or emotionally invested in what you're learning, you have to apply it to something that matters to you. For example.. you dedicate an hour a week to learning the inner workings of SSL. By Saturday morning, you can explain the SSL handshake neogotiation with ease. You've broken down the handshake in wireshark and tcpdump a couple of times, ensuring that you can identify a handshake in a pcap without flinching. Good enough? Not quite. Now you have to apply it to something that gets you going. Personally, I would set up a client/server situation and perform an SSLstrip/MITM attack, and do it a couple of times. At that point, not only do you have a firm understanding of the protocol, but you've also solidified an SSL/MITM attack into your arsenal.
This process works for development as well, only with development there should be a clear endgoal in mind (which is typically the end product).
Okay, now that I've gotten this out of the way, I must get back to my Android development...