The Mindset When Climbing the Mountain

Climbing Mount Kilimanjaro is no easy feat.

Seriously. I’ve no doubt that unless you’re some type of mountain sherpa, you’d agree with me on that one. However, I’d like to paint a slightly different perspective, with references, of course.

The Kilimanjaro climb consists of 2 main parts: the trail, and the high camp.

The time on the trail, including lunch and rest breaks, averages around six hours per day. This is a leisurely pace of less than one mile per hour on an established trail. ¹

The trail section of the climb is the majority time wise, yet it stands that someone with no training can realistically complete this section. However, we’ve yet to talk about the high camp…

The ascent is made in the dark, around midnight. Climbers eat an early dinner and retire in their tents for four or five hours. At an altitude of 15,000 feet, it is not easy to sleep well. So the day begins with most people being excited and sleep deprived. (…) The hike to the summit takes 6-8 hours with an elevation gain of 4,000 feet (8-10 for slower people). It is almost always cold and windy. After reaching the summit and a joyous celebration, there is a long descent down to 10,000 feet, which takes 4-6 hours normally, but can be as long as 10 hours for slower people. ¹

The high camp, or the summit as some prefer to call it, is the reason you train before attempting a climb. Relatively, the trail seems easy compared to the summit. Yet the trail is equally as important in climbing the mountain. You don’t see people fasttracking up to the top via helicopter to purely attempt the high camp, because you’d be dangerously unprepared.

As pretty as the sights of Mount Kilimanjaro are ², I should probably bring this back to Infosec now, huh?

Infosec is a mountain.

only I would come up with something this far of a stretch

I know this might seem like I’m talking out of /dev/urandom, but here me out. I wholeheartedly believe that Infosec training shares a lot with Mountain training. Nearly anyone can learn a programming language, or networking fundamentals. But once you start approaching the “high camp”, or higher level stuff, you realise how important the trail that led you there was. There is no fast track. You might be able to get away with it for a bit on the trail, but the high camp is the true test.

Takeaway point 1: Everything you learn on the journey is just as important as the destination.

---

The learning process itself.

Infosec is in a very nice position being digital, as it means you pretty much have guaranteed access to the biggest library / training center possible: the Internet. Granted, it takes some time to fully understand how to best utilize Google (or any alternative search engine, you do you), but this initial time investment is definitely worth it. I’d even consider it essential.

Far too often I see people dependent on others to compile the information they need for them, when it is easily accessable via Google. You’d almost think they were working off of Cunningham’s Law if you had’nt experienced it before:

Cunningham’s Law states “the best way to get the right answer on the internet is not to ask a question; it’s to post the wrong answer.” ³

In an attempt to keep you, yes you: the reader, interested, I will now cite an XKCD comic. ⁴

The above figure near perfectly illustrates how some people act on the internet, a trait which given the wrong scenario can actually set people back. Sooner or later, a person exploring Infosec has to learn how to research for themselves; how to act for themselves and not have everything spoon-fed to them. There is, however, a balance in this: an art, even. Simply telling someone, ice-cold, “Learn how to use Google” or using a Let Me Google That For You (LMGTFY) link creates a breeding cess pit for toxicity, something the Tech industry could use less of overall. Yet saying nothing and enabling spoon-feeding will likely make the person you’re feeding dependent on people to research for them.

There’s a balance to maintain: personally, if someone can show that they’ve researched a topic themselves yet they still cannot understand it, I will happily try to explain the topic further for them. The key is seeing the effort that they have put in. I’m not suggesting that we ban help channels in Discord servers, as they are an incredibly good resource when used correctly.

Takeaway Point 2: Google is your No. 1 friend, consult it before other friends.

---

Crystal balls and know-it-alls.

I want to quickly talk about issues I see when people do ask others in help channels or such, as it was the catalyst for me writing this piece, and the source of the header image. As much as people on the internet might like to tell you:

Nobody magically knows everything about every issue, nor can anyone read your mind through the screen.

I cannot stress this enough. Not even with the boldest bold text in size 72. I can go into a lot more detail here, but the YouTuber and Security Researcher LiveOverflow has a perfect video on this. It’s ~8 minutes long, and I highly recommend watching it: ⁵

Takeaway Point 3: Nobody can read your mind. Help those attempting to diagnose your issues.

---

Summary

I think that just about does it for now. A follow up isn’t out of the question for this topic, I’ve no doubt something else will rear it’s head that I’ll want to talk about.

Takeaway Points

1. Everything you learn on the journey is just as important as the destination.
2. Google is your No. 1 friend, consult it before other friends.
3. Nobody can read your mind. Help those attempting to diagnose your issues.

#:~ init 0

---

1. Cited from https://www.ultimatekilimanjaro.com/blog/can-an-unfit-person-climb-mount-kilimanjaro/ ↩︎

2. Sourced from: https://www.andbeyond.com/experiences/africa/tanzania/kilimanjaro/climb-mount-kilimanjaro/ ↩︎

3. Cited from: https://meta.wikimedia.org/wiki/Cunningham%27s_Law ↩︎

4. Sourced from: https://xkcd.com/386/ ↩︎

5. Linked: https://youtube.com/watch?v=53zkBvL4ZB4. Credit LiveOverflow ↩︎