Last month, I had the pleasure witnessing a birth. No, not of a child. What I’m talking about is something far rarer, though arguably, just as loud and danger fraught — the birth of a new hacker convention.
The very first JawnCon took place on October 19th and 20th at Arcadia University, just outside of Philadelphia. If you’re in the Northeast US and suddenly find yourself surprised to learn that a hacker con managed to slip under your radar, don’t be. The organizers, who previously helped launch the WOPR Summit back in 2019, wisely decided to keep the scale of this first outing in check. Just a single track of talks, a chill out room, and 130 or like-minded individuals.
Although, even if they’d hatched a more ambitious plan, it’s hard to imagine they’d have had enough time to pull it off. Due to various circumstances, JawnCon had to come together at a breakneck pace, with less than 100 days separating the con’s inception and kickoff. That an event such as this could not only be organized so quickly, but go off without a hitch, is a testament to the incredible folks behind the scenes.
As for what a Jawn is…well, that might take a bit more explaining. It’s regional slang that’s perhaps best described as a universal noun in that it can be used to refer to basically anything or anyone. Think “smurf” or “da kine”. According to organizer Russell Handorf, the all-encompassing nature of the word describes not only his personal ethos but the spirit of the event. Rather than focusing too closely on any one aspect of hacking, JawnCon set out to explore a diverse array of tech topics from both the new and old schools. It would be an event where you could listen to a talk on payphone remote management, try your hand at lock picking, and learn about the latest in anti-drone technology, all under the same roof.
To that end, the team did an incredible job. Everyone I spoke to, young or old, newbie or vet, had a fantastic time. What’s more, as revealed in the Closing Remarks, the con actually managed to stay in the black — no mean feat for a first attempt. With a little luck, it seems like JawnCon is well on its way to becoming one of the Northeast’s can’t-miss hacker events.
School’s in Session
I’ll admit to being a bit skeptical of Arcadia University as a venue at first. It wouldn’t be the first time a hacker con took place on a university campus, and the results can sometimes be mixed. Unsurprisingly, the schools don’t want a bunch of rowdy nerds roaming around disrupting things, so there’s usually pretty strict limits on what you can do or where you can go. That tends to aggravate said rowdy nerds, who occasionally act out and cause mischief — ultimately, the whole thing turns into a self-fulfilling prophecy that leaves everyone unhappy.
But reflecting back on the event, you really couldn’t have asked for a better location. Not only is the Arcadia campus beautiful, but the Commons Building in which JawnCon was held ended up being particularly well-equipped for this sort of event.
The presentation room was huge, the chill out area was just an elevator ride away, and perhaps best of all, the building also contained a cafeteria that offered affordable food and drinks all day. You could literally spend the entire day in the Commons Building and have everything you needed.
From what I was able to gather, it sounds like the school was happy with how things went as well. Much of the credit is due to the JawnCon attendees, who were well behaved and kept their antics to the designated areas. The only complaint appeared to relate to the teletype that was operating in the hallway outside the chill area. In a particularly clever hack, it had been rigged to bang out a live-transcript of the talks being presented downstairs, which naturally caused it to make quite a racket during the first day of the event. Despite the regular application of high-grade motor oil, its rapid-fire machinations were loud enough to disturb students who were studying in the building, so it was voluntarily turned off on the second day.
All that being said, the best part of holding JawnCon at Arcadia University is that it came with a built-in audience. The organizers wisely offered up free tickets to anyone with a .edu email address, and some of the professors had been told to invite their students down to the Commons Building to check out what was going on. This lead to a fairly steady stream of younger attendees, many of which were eager to get involved. While I did overhear at least one student who seemed indignant to find himself surrounded by old computers and payphones, on the whole it was a fantastic ploy to bring some fresh blood into the community, and something JawnCon should be commended for.
Hackers At Play
The JawnCon chill room wasn’t just a hub for networking (both in the social and copper contexts), but also an exhibit hall of sorts. Much of the hardware was “official” in that it was referenced on the website ahead of time, but as you might expect from a hacker con, several attendees brought along whatever piece of gear has most recently been keeping them up into the wee hours.
Of particular note was the Ferris WarDrive, a gloriously overengineered wireless scanning rig built by [BusySignal]. Now in its third iteration, this portable rig boasts sixteen wireless interfaces split between a pair of PCI Express equipped ZIMABoard single-board computers (SBCs). It also includes an i7 Intel NUC, a Hak5 WiFi Coconut, a CradlePoint IBR200 cellular router, and naturally, a whole bunch of antennas. As you might imagine, it takes a lot of power to feed all the components of the Ferris WarDrive, but the automotive-style 12 V wiring looks more than up to the task.
Another highlight was the payphones on display from the PhilTel project. They were rigged up to create their own private telephone network, which attendees could explore in a way that’s not really practical in the real-world these days. Calls could be made to other phones dotted around JawnCon or to external numbers, and thanks to a link to PhreakNet, there were even special numbers you could call to hear music or the current weather conditions. For some, this exhibit would be the first time they’d ever used a payphone, but it wasn’t just a historical curiosity. PhilTel aims to collect and modify old payphones into free-to-use public VoIP phones, and distribute them to interested businesses and venues around Philadelphia as a public service.
Of course, it wouldn’t be a hacker con without some talks. JawnCon managed to fit 11 talks, not counting the closing and opening remarks, into two days. And since there was only the one stage, you never found yourself having to pick one talk over another.
Many of the the talks had a strong infosec leaning, with several of them addressing professional development within the security field. Others focused on more general software topics, such as Linux Secure Boot with TPM and FDE by David Collins and High Availability in MySQL using Group Replication from Shayan Patel.
But for my money, I thought the most fascinating talk of them all was The Payphone You Have Dialed Has Been Disconnected — The State (and Revival) of Payphones in 2023. Presented by Mike Dank and Naveen Albert, this talk detailed an effort to determine how frequently payphones across the United States are actually being utilized by way of their unsecured telemetry interfaces.
It turns out that if you call a modern payphone, you’ll often be connected to a modem that spits out a string of data. One of the fields it returns is how much money is currently in the coin box, so if you pull the telemetry every day and keep track of that value, you can actually see how many calls were placed on each phone. By automating this process and giving it a list of around 450 payphones, they were able to determine that 75% of them were still being used daily.
Jawn to the Future
The future isn’t guaranteed, and in the past we’ve seen small hacker cons come and go. But at the end of the two-day event, it was clear that there’s incredible potential for JawnCon going forward. Everyone, whether they were there as an attendee or working behind the scenes, had a blast and was eager for more. In a short time, a real sense of community had developed around the event — I’ve been to plenty of hacker cons, and it’s not often that paying ticket holders hang around to fold chairs and load up the trucks at the end.
Baring an unexpected global pandemic, there’s every indication that JawnCon will come back bigger and better for 2024. I certainly plan on being there, and if you’re in the Philly area, so should you.