screenshot courtesy thotcon.org

THree One Two con.

There is a “super secret” hacker conference that has been held for the last 8 years in chicago. This is an information security conference akin to Defcon, Shmocon, and Derbycon. These conferences, are basically a whole bunch of information security nerds gathering together to talk about their trade, share some tips and tricks, swap stories, drink beer and generally not cause too much of a ruckus. However, the news would have you believe otherwise with a clickbait headline like:

What is Thotcon then? It is a grassroots conference much like any other professional conference. There are a few major differences that sets Thotcon apart from everyone else.

None of the talks are recorded. This allows for sensitive topics to be discussed without lawyers being worried, about proper disclosures and whatnot. There are no corporate sponsorships for the conference itself, this helps keep corporate bias out of the conference. this helps keep it grassroots and grassroots is part of the draw. The afterparty is sponsored, but that is for entertainment and cost purposes. Location is only disclosed to attendees and speakers but its in Chicago. This adds to the super secret hacker persona, but it is also just fun.

I have attended this conference for 5 years and this year was the 8th year that the conference has existed. I have been a speaker at a worldwide conference with 3000 attendees (shameless splunk conf plug) The in house mini confs, mini hacks and full fledged hackathons for my company.

c7five is the main OPER(ater) of the conference, he puts his heart into the conference and believes in it. It is refreshing to see someone that has been doing this for 8 years still have the passion driving the conference. I have been on many sides of the conference/meetup/event curtain. I have given a talk at a worldwide multi thousand person conference I can relate to some of the difficulties that a large event can be, there are months of planning that are involved. https://conf.splunk.com/speakers/2014.html#search=fettis&

The logistics are scary complicated, and you want all of the talks to be amazing. Even when I put on a small meetup with only 20–30 people in the confines of my office the work was more than I could anticipate.

The main problem is with the tech/security sector, the bleeding edge is all on twitter or reddit or irc. When a call for papers happens, it has to be months before the conference actually happens. By that time the bleeding edge is already forgotten about. This presents a difficult decision to try and host a technology conference that still has all of the drive and enticement to get people in the doors.

What are the talks about then? Luckily Thotcon retains its hacker and devious roots, hackers love to talk and to brag. One of the benefits about the eyes only aspect of the conference is that government type or contractors can come in and talk about the really cool things they have done that they are not allowed to talk about, not even on twitter. Then, there are philosophical, ethical and theoretical type topics that spark debates, even more so once a couple beers are consumed and the real fun stories begin to flow. Also the conference attracts a wide range of attendees, some still in college and some with 20+ years of experience. If we are talking about a technological field this is about as diverse as it gets.

Having a diverse audience can make networking a little difficult. This year a couple of times during the conference announcements were made instructing folks hiring to announce themselves and then people looking for a job to go flock to them. This was a novel idea and I think one that needs to be furthered again at the conference and at other conferences. Sometimes people are in fact attending to find a job, while others are just looking to hang out with friends. Then the people like me who attend and then only talk to a couple people, well because I’m shy like that. It can be difficult for people in my situation to get out of their shell, and if I had a good solution to that I would share it. Finally there is a final networking event known as the after party, where everyone comes back to the conference space, there is beer food and music, and everyone has a grand time. I am writing this post while that party is happening so I bet you can guess who did not attend and get their drink on?

Every conference has a badge. The Thotcon badge for the last 4 years have been a microcontroller built in to the badge with a purpose or a game. A standard microcontroller is used in the badge that allows rewrite and reuse of badge, this also allows for fun badge games and exploration of the badge’s code through all the means available to a group whose skillset is exactly that. There is also another puzzle in the program with hints and clues hidden throughout it. The first person to solve it each year receives a gold badge that entitles them free admission to Thotcon for life.

badge 7 is missing (its in my desk elsewhere)

In order to attend a conference you need a badge, the badges are assembled locally at workshop88 which is a hackerspace/makerspace in the western suburbs of chicago http://workshop88.com/ While, they are designed and assembled locally Thotcon is also contributing to supporting local business by doing all of the badge work through workshop88. This is another facet of the hacker community that goes unnoticed to anyone on the outside. Hackers really do care about each other and there truly is that community around them.

Finally the conference is one of the more unique and fun conferences that I attend yearly. On day 1 (4-may-2017) I was greated at the registration booth by a woman dressed in star wars leggings saying “May the fourth be with you”. Then, day 2 kicks off with mariachi band playing in honor of cinco de mayo, and the tequila is already flowing.

why? because its cinco de mayo, thats why.

I have been calling myself a hacker for over 15 years and I am never more proud to be on than when I get to attend such an event with other kin.