There are a lot of people already blogging about their perspectives of Shmoocon this year so go check them out if you're interested. I wanted to dump some thoughts for posterity.

Shmoocon rocked. I haven't really heard any perspectives that would disagree. Most of the people that went, knew what to expect and I think it lived up to those expectations.

Shmoo VS Defcon

Every year 9000 hackers - er I mean security professionals - turn out for Defcon. The culture ranges from script kiddies to 1337 h@x0rz and from overpaid business men to Feds. It's all over the board. Usually once you get there, the crowd partitions off into separate factions. Skiddies look for things to hack (see steal), 1337's start working on the challenges, business men keep track of their receipts, and Feds quietly hover in a cloud of self-content. Good times are had by all that know how to have good times and the technical information in the talks is very informative.

In contrast, Shmoocon had a gathering of 1300+ people with less skiddies and Feds, and more of the in between. There were a lot of black shirts and alot of business casual. The aren't as many talks as Defcon but there seems to be more of an open community. In my opinion it seems friendlier.

What seemed to be the best part was the smaller amount of people in a smaller area which made it more likely for the same people to be in the same place over and over. Same thing with the parties. Smaller parties, same people attending. But anyone that can throw a party in a church is pretty awesome in my book

Lessons Learned

1. Script the registration to get lower costs - it's very unlikely that someone clicking register now over and over again can beat a multi-threaded instance of curl.
2. Play the contests - there are a lot of cool contests and games that not a lot of people play. If you're good at that stuff, you're likely to place somewhere
3. Don't make fun of the Steel Workers Union's Mullets - learned the hard way (sorry Sysmin)