Chicago's hacker conference

Most underground-ish hacking/security conferences take place in New York and Las Vegas, but last week Chicago got a chance to host one of its very own. Enter: Thotcon.

After hearing about it a little too late from a friend, I entered and won Thotcon’s twitter essay contest and was donated a ticket from an incredibly generous security professional in Massachusetts. Considering that the conference was sold out, people from all over the US were attending and many of them were legitimate security professionals, I felt a bit intimidated.

Until I found out it was being held at Joe’s Bar.

Joe’s Bar is actually set up for concerts with a stage, tables, and ample barstool seating, so I jest. The venue was rather appropriate. There were 150 attendees or so. A lot them appeared to be professionals but a sizable percentage were under-21s as well. Thotcon’s organizers did a fantastic job for their first conference. The single track, no breaks format should be changed, but the gift bag was memorable, there were no glaring technical problems, and everything was very organized.

Well thought out, the badge is metal.

The talks themselves varied widely in terms of depth, length, style and quality. I would say that with my broad background in IT I was able to follow about 50%-75% of the content. From the look of the crowd it seemed to be the same. Most likely the minors found it difficult to follow in-depth coding examples or the rapid fire slides on wireless spectrum hacking.

A running theme throughout the conference was “Look at how I’m smarter than these people,” which I found to be a bit boastful but natural, given that Thotcon is a hacker conference. It was wearing thin towards the end of the day. Apparently hackers do not admire developers or marketing people.

Not all talks were pure hacking demonstrations though, some wrapped up by asking for change on a larger scale. Many of these identified that end users were the real security flaw. In particular, I enjoyed the talks on social engineering.

Although overall, I felt that the presenters didn’t do enough to bring their topics out of the security bucket and into the world as a whole. Nobody stretched themselves and identified whether or not that extra bit of security was actually worth it or how hacking and security actually affects the customers or businesses.

For instance, one talk devoted 15 minutes on hacking Flash game files by decompiling the downloaded scripts on your machine in order to obtain the prize links, which were free coupons or “secret websites”. This was one of the more popular talks and the presenter and crowd laughed at the developers for not realizing that any semi-skilled hacker can cheat their game.

But the joke is really on the hackers. Why are they going to such great lengths to retrieve coupons or secret websites? The game is nothing but a marketing tool to drive people to these stores and sites in the first place. If I were a VP I would never instruct my development team to fix this. I would be ecstatic if someone made a program which printed out my coupons with a single click.

To be fair, the talk did later go on to use the same methods to connect to databases which could be of some value to a malicious hacker.

All in all Thotcon was an eye opening experience that I thoroughly enjoyed. I wish the best to the organizers and hope they keep this as a Chicago tradition. It would be great to some year give a talk.

I just got back from the Nielsen Norman Group’s Usability Week conference in Chicago.  It was a week long seminar covering usability and user-centered design. I attended the Intensive 3-Day Camp where the guru Jakob Nielsen presented in part.
 
First off, he is a fantastic speaker with an enthusiastic style like you’d expect from a professor discussing a new breakthrough with a student over coffee.  A common struggle amongst usability professionals is getting developers and managers to understand that the user experience is important, but I feel that Jakob Nielsen could sell the field to anyone anywhere.
 
My favorite talk by Nielsen was given on the first day, when he brought in a 3 page front-and-back brochure from a Starbucks in Australia that instructed users how to order coffee.  It was a cute example, he acknowledged, but asked us: “How can Starbucks get away with labeling their medium size ‘Grande’ which doesn’t mean medium in any language on Earth?”  The answer to why you didn’t let this stop you from patronizing Starbucks is three parts and has nothing to do with how ubiquitous Starbucks is:
 
1) You’ve already invested a lot of relative effort to get to Starbucks.  You drove there, got out of the car, and waited in line, so you might as well figure out the coffee situation.  On a website, people can and do get fed up with not being able to figure things out and simply quit.
 
2)  It’s hard to switch to a competitor, which is the alternative to quitting.  Not because the coffee is better at Starbucks, but because it takes a lot of effort to go to a different coffee shop once you’re already in Starbucks.  You can’t just teleport someone else with two clicks.
 
3) Even if you never learn Starbucks’ terminology, there is a human at the cash register who knows what you mean if you say “Medium”.  You could really just go in and point at what you wanted every time.
 
The take-away is that web usability is more critical than in the traditional areas of user experience like industrial design and software.  It all boils down to the fact that on the web, your company typically only gets the money at the end of the user’s work flow.  There is ample opportunity to turn off the user to your product or cause at any point up to then.
 
Another thing Jakob Nielsen said is that for any given website about 90% of Usability principles hold true.  He did mention that he loves checklists, but said that the 10% is where testing and expertise come in; you need to know when it’s okay to break the rules.
 
This is something I think most of the Internet doesn’t understand.  Whenever an Alertbox comes out, a lot of bloggers like to parade around examples of where Jackob’s latest principles don’t hold true.  This is sophism at best.  Sometimes it’s really okay not to have blue links and Jakob Nielsen knows this.
 
Overall, I would say the conference was well run and I picked up an incredible amount of best practices and methods which I’ll need to digest in the next few weeks.  It would be nice to attend some of the other classes on UI design, but perhaps next year.

Today the Clarendon Hills Historical Society Website launched, a historical archive, event brochure, and webstore for one of the newer organizations in my home town.  I served as a combination project lead and website administrator to an amazingly talented team that made the site turn out better than I ever imagined.

Tech-wise, the website is built on a wordpress back end, with a custom theme based off a standard wordpress template. You’ll find a cute dinosaur mascot on the website in some places, made by Jenny Kimball. The site also takes advantage of the WP framework and uses several plug-ins, mostly for organizing the large amount of pages we have because of the history archive section.

The Historical Society is hoping to make this site a complete resource on Clarendon Hills History in the future with more articles and mentions of some of the artifacts in the collection.  There’s a lot to write, with already two dozen static pages and historical articles all written by Ben Dahl.

We’ve also got a fully functional webstore built by Tian Ma using PayPal’s API and a separate donations section built by Rob Orwin who also delt with all the tax, bank account, and payment details.  Other future projects include a membership form and the capability to automate ticket sales.

It’s kind of a big vision for the website of a small dozen person Historical Society and town of only 7,000.  We’ve got the historian Chris Helms for guiding us there and acting as the liaison.

In the future, I’ll continue as a website administrator and take over most of the other roles along with Ben Dahl and Chris Helms.  There’s actually a lot of fascinating history in Clarendon Hills, check it out.