Ever since taking an interest Linux, with the specific aim of better understanding and enhancing my personal digital security, I have been fascinated by hacker conferences. As soon as I learned of their existence, I made a point of keeping tabs on the major conferences so I could browse through the latest videos in their archive once each one wraps up.
I thought that was the closest I would get to such an event, but a couple of weeks ago, I had the chance to attend one for the first time: Chicago’s THOTCON. While I’m definitely still swimming in all the experiences I had, I wanted to share a few of my observations and insights.
At this point I can practically hear you asking, “Wait, you said hacker conference? For security?” So, before I go on, I should explain a bit about the interrelationship between hacking and security.
Ebony and Ivory?
The information security, or InfoSec, field is built on hacking. Without the latter, the former would be both impossible and pointless. This is because there are two sides to hacking. The more sensationalized of the two, often called “black hat” hacking, refers to malicious actors breaching a system without authorization either for personal gain or just to cause mayhem.
Obviously, there would be no need for white hat hackers if there were no black hat hackers, but because the ranks of the white hats far outnumber the black hats, we are able to enjoy what computers and the Internet have to offer in relative security.
The other reason these two approaches are related is because they depend on each other. In order for the white hats to fend off the black hats, they need to understand the tactics of the black hats. Correspondingly, the black hats can operate only where the white hats have yet to probe. It’s a perpetual cat-and-mouse game, but it’s one we have to play in order to make use of the modern Internet.
So what happens at a hacker conference? As I found out, quite a lot. Mainly, though, leading figures in the hacking/security community give presentations on their latest research so that attendees can hone their craft. Like at any professional gathering, there’s also a lot of networking (literally as well as figuratively).