Hacking and Linux

Ever since taking an interest Linux, with the specific aim of better understanding and enhancing my personal digital security, I have been fascinated by hacker conferences. As soon as I learned of their existence, I made a point of keeping tabs on the major conferences so I could browse through the latest videos in their archive once each one wraps up. I thought that was the closest I would get to such an event, but a couple of weeks ago, I had the chance to attend one for the first time: Chicago’s THOTCON. While I’m definitely still swimming in all the experiences I had, I wanted to share a few of my observations and insights. At this point I can practically hear you asking, “Wait, you said hacker conference? For security?” So, before I go on, I should explain a bit about the interrelationship between hacking and security.

The information security, or InfoSec, field is built on hacking. Without the latter, the former would be both impossible and pointless. This is because there are two sides to hacking. The more sensationalized of the two, often called “black hat” hacking, refers to malicious actors breaching a system without authorization either for personal gain or just to cause mayhem. The far more common variety of hacking is “white hat” hacking, often more formally known as “penetration testing,” in which experienced, professional hackers are hired by a company to hack it, without inflicting any permanent damage, in order to audit the company’s security.

Obviously, there would be no need for white hat hackers if there were no black hat hackers, but because the ranks of the white hats far outnumber the black hats, we are able to enjoy what computers and the Internet have to offer in relative security. The other reason these two approaches are related is because they depend on each other. In order for the white hats to fend off the black hats, they need to understand the tactics of the black hats. Correspondingly, the black hats can operate only where the white hats have yet to probe. It’s a perpetual cat-and-mouse game, but it’s one we have to play in order to make use of the modern Internet.

So what happens at a hacker conference? As I found out, quite a lot. Mainly, though, leading figures in the hacking/security community give presentations on their latest research so that attendees can hone their craft. Like at any professional gathering, there’s also a lot of networking. That might sound boring, but I can tell you from experience that it’s anything but! The professionals, both presenting and attending, are at the leading edge of a field which — as the recent global ransomware attack demonstrated affects all of us every day.

A Whole New World

As I said, there was a lot to take in, but here are some of the aspects of the hacker con experience that made an impression on me for one reason or another. The most immediate aspect that stood out to me was the sheer amount of stimulation to be found there. In addition to a choice of three simultaneously scheduled talks to attend at any given time, attendees had the option of touring an exhibition room full of vendors, participating in a lockpicking tutorial, socializing at a full bar, or last but not least taking part in a con-wide scavenger hunt that included debugging the conference badge and deciphering hidden messages scattered throughout the area. In short, there was so much to choose from that it was overstimulating, but in a good way. Everywhere I looked, there was something new to take in, and that’s exactly why we were all there. Another thing that impressed me was the considerable range in the topics of the talks themselves. In just the presentations I saw, I heard speakers delve into everything from current vulnerabilities in Internet of Things devices to the philosophy of red team testing; from evaluating your ideas and models by attacking them from the outside to how the military is training soldiers to conduct hacking operations in open, state-on-state warfare.