Originally Posted by salasi
This is an excellent point. I know this is a little off-topic (maybe deserves its own thread), but have you noticed how many of the 'Get up and running with <insert CMS name> in 24 Hours' style books that say anything worthwhile about security? At least in the bookshops in which I have looked, it is more-or-less zero. This (imnvho) is seriously reprehensible, and must be, in part, responsible for the issue.
I haven't noticed what's out there in terms of books myself, but I've never read a book about CMS before. I've used several CMS systems and I've been administering sites for over 15 years. To me, competent system administration comes before doing all this, especially in this day and age.
One thing about easily getting started is it gives feedback and success to new people. They will get hacked and learn. There's something to be said for the learning process. We all have to go through it at some point. We can't all be experts right out of the gate.
If the books are too thick and complicated, they won't sell and the number of people learning will narrow. It's already a problem in general in our industry. People are not bothering to go into Information Technology because of the work involved in getting started. I guess that's good for our salaries, but bad for the industry because we don't have enough workers to keep up with the expected progress.
I don't think there are any shortcuts or quick answers to things like this. It will always be an ongoing issue. It is the reason why experience pays well when it comes to looking for work and marketing yourself. So I don't have a problem with books that help people get started and learn. Likewise, I don't have a problem with people complaining about those said books because they miss important things about security and such. Both have their place and both are needed.
So, I say to people like salasi... keep educating users/administrators! They need it and we will need them some day. And newbies should continue to try and fail. They need encouragement too. Even if a particular book or shortcut falls short, we are, in general always learning. I know I am!