I've been attending shmoocon since 2005. I enjoy it for a few reasons. It whips me out of complacency and reminds me why I enjoy what I do. It's a chance to remove the organizational weight that you carry during the day and allows you to refocus on the true complexities. It's also a fun time and I get to hang out with everyone.
I jotted down 2 one liner notes to myself during the con. This is a brief expansion of those.
First, my perspective on Mudge's hackerspace talk (or what I've named "The l0pht mindset infiltrates DARPA"). Have you read esr's Cathedral and Bazaar? You should. Both black markets as well as certain nation-states have fully embraced the bazaar concept. Hackerspaces offer a potential avenue for Mudge to leverage the same strength of the bazaar from within DARPAs Cathedral. This is the asymetric advantage that I believe Mudge eluded to near the end of his talk.
Secondly, I also noted an upward trend of talks and mentions of "defense" or "offense". Not black or white hat, and not researcher. We need more love for defenders, and this is a great trend. There's also a trend of increasingly discussing the active usage of intel as part of the security program. Certainly the Mandiant guys mentioned it, but also Mudge, Richard Rushing, and the INTERSECT guys also keyed in on it.