News and info about the con.
The Friday workshops are being held in rooms in level 2 of the Norfolk building. For anyone who has been to the con before, this is where track 3 usually is.
Head into the main Owen Building entrance.
Head straight on, if you need to use the lifts, you are heading to level 2. You need to request the floor before you get into the lift – Good luck, use the stairs if you can, they are much easier!
Take the stairs all the way to the bottom (level 2) or come out of the lifts and head into the Atrium (Big open space, you can’t miss it).
Head diagonally longways across the Atrium towards this door behind the pool table. The red square in the picture above.
Through the door, turn right, through the next door and you’ll find us all there.
For those who want to know more about what content they will get on the weekend, this is a provisional list of talks and workshops. Not all selected speakers have confirmed, and things change even at the last minute, so please don’t attend just for a single talk and get annoyed it if not happen.
Talks are on Saturday 23rd July.
|Andy Gill and Neil Lines||Paving The Way To DA – A Live(Hopefully) Path of Pwnage|
|Ian Thornton-Trump||How to kill a Russian Commander in 20 minutes or less & other cyber stories from the war in Ukraine|
|Chris Pritchard||Murder! Mossad? Watching SE experts in the real world, literally getting away with murder.|
|Jess Amery||Friend or Foe?|
|Sadi Zane||Deep dive into Kubernetes Attack Surface and how to defend against cloud native ecosystem?|
|Soroush Dalili||Hacking a treadmill for fame and profit|
|Sina Kheirkhah||Taming horses for combat|
|Nishaanth Kumar G||Debugging Cordava Applications|
|Paul Williams||X-Com: Editing Savegame Files is Still Strategy: Redux|
|David Lodge||Security Vulnerabilities that (Mostly) Aren’t|
|Keith Learmonth||Windows Credential Theft: A Primer|
|James Boland||“I’ll take hacking for $100.” Keeping your CTF costs out of jeopardy|
|Peter O||Can you detect this? Inside The Ransomware Operator’s Toolkit|
|Manish Kishan Tanwar||Catch me if you can – Hiding web shell from WAF|
|Noman Riffat||Finding zero days in WordPress Plugins & Themes and Testing Beyond WPScan|
|Rad Kawar||Writing Tiny, Efficient, and Reliable Malware|
Workshops are between 10 and 4 (ish) on Friday 22nd July. To attend a workshop you must book and have a conference ticket. Booking will be opened closer to the day.
|Roxana Kovaci||Azure Red Team Attack and Detect workshop|
|Sina Kheirkhah||Offensive .NET Reversing|
|David Lodge||Introduction to GEOINT|
|Soroush Dalili||Finding, Abusing, and Exploiting Deserialization Flaws in .NET Framework|
|Brian Whelton||Network Noob to Ninja|
Tl;dr: Probably no con this year.
The longer version:
By this point in the year we usually have all the sponsors booked, the majority of the cash in, and a lot of it back out again paying for goody bags, badges, shirts and putting deposits on things. This year, none of that is done.
With all the uncertainty, sponsors were interested, but reluctant to commit, we were also reluctant to accept any money, because if we spent it and then had to cancel we would have to replace it somehow.
Our venues were also not sure what was going on and if they would be open or not. Hallam has to commit to it’s students first and so even if they were allowed to open they may not have been able to accept us. Imagine having everything in place then not having anywhere to put everyone.
Other cons have moved online and have done a very good job in doing it. We could have followed, but as we’ve said before, we are an in-person event and while we could do something big and flashy online, it isn’t our style.
So, at this present time, the event is not happening, but we may review this closer to July, and if we think we can put something small on we will see what we can do. If something is going to happen, we will make a big noise about it, you won’t miss it. No promises though.
PS, for any of you who normally attend the after con Quasar, I randomly bumped into the owner who handles our morning. He said despite not being open for nearly a year, they are surviving and and looking forward to having us back whenever we are ready.
Unless you know him well, you’ll be surprised to know that one of our longest standing supporters, Scott “Lord Helmet” Helme turns fifty this July. To celebrate this momentous day, we have decided to declare July 15 “SSLv3 Appreciation Day”.
As we can’t be with Scott to celebrate this year, we are asking for as many people as possible to set their WiFi ESSID to “Scott loves SSLv3” for at least five minutes at some point during the day and send us photos or screenshots so we can make an album to give to him as a gift at next year’s con.
For extra credit, upload a packet capture to WiGLE so the day will be recorded for ever more. Remember though, only do so if it is safe to do this while retaining your regular high level of OPSEC.
It is with deep regret, that after a lot of discussions, we have decided to cancel this year’s event due to the coronavirus.
At the time of writing this, we are exactly four months away from main weekend, and we know a lot can happen in that time. We hope, for everyone’s sake, that the outbreak is taken under control very soon, and that by July, it is just a memory along with the bad winter weather, but we can’t take that risk.
We could hold off and make this decision in April or May, but our first priority is to our attendees. We don’t want people booking holiday from work, paying for hotels and travel, and then, at the last minute, having to cancel them and fight to get refunds.
We also have to think about our sponsors and spending commitments. We bring in quite a bit of cash from our sponsors, but most of it goes straight back out again on hosting costs. Making this decision now will limit those costs and not end up with us taking sponsor money, spending it, and then having to find ways to pay it back or to take a hit on next year’s event.
We have looked at other alternatives, the main one being a virtual event. A few people have said that they would be OK with that, but it wouldn’t be SteelCon. People come to Sheffield for the atmosphere, for meeting old and new friends, and for downing shots of odd things they will probably regret in the morning. We have had quite a few submissions of both talks and workshops and we will be contacting everyone who has submitted to see if we can help them get their work out there in some other way, possibly with another conference that is doing some form of virtual event.
For those of you who managed to grab a ticket in the test run, you’ll all get contacted as well to give you your options.
So lets hope that with hindsight, this is the wrong decision, and that by July everything is back to normal and that the con would have run as it has for the last six years. But with the foresight we have now, we can’t take that risk.
Pinching a line from @javvad, stay safe our friends, and look forward to 2021, where we will be back twice as strong to make up for it all.
For those of you who have lost their programs but still want to fry your brains at the challenge that is Woody’s Wonder Cube, here are the instructions from the brochure.
If you need a reminder of what to do, solve the crossword, decode the cube, solve the cube so it matches the crossword.
We had two solves on the day so we know it can be done. If you think you’ve got it, feel free to email photos and we can check it and add you to the Hall of Fame.
Hall of Fame
Can you find or answer the following:
- Enough coloured paper to make a rainbow – 1 point per colour
- What is the next film showing in the Hallam cinema? – 3 point
- Any piece of swag from a previous years conference – 5 points
- A used postage stamp – 3 points
- Your best score from a game in the C64 arcade – 1 point
- A solved Woody’s Wonder Cube – 10 points
- Find the age of the youngest attendee – youngest age found gets 5 points
- A wireless packet (be creative) – 5 points
- What are the seven layers of the OSI stack? – 1 point per layer
- Name the two songs used on the crew t-shirts – 2 points per song
- Name as many university buildings as you can – 1 point per building
- Name the 7 main rivers of Sheffield – 1 point per river
- What is the oldest football club in the world? – 3 points for the club name, 2 points for the year it was set up
All the following are for conference speakers or close friends:
- Where was Andy Gill born? – 5 points
- What was Scott Helme’s first pet? – 5 points
- Draw a picture of Woody (Mike Woodhead) – 5 points
- What is Neil Richardson allergic to? – 5 points
- What is Tanya’s favourite colour? – 5 points
For those attending SteelCon and staying in Sheffield for a few days, you’re in luck! Sheffield is an increasingly foodie city, with a great selection of food to suit different tastes. Here are just a few selections from the SteelCon team that we particularly like.
BBQ – Smoke BBQ https://www.smokebbq.co.uk
A fixture on SteelCon recommended lists, this is proper BBQ cooked low and slow with plenty of wood smoke. Don’t go here for a light meal, this is hearty portions and heavy on the meat. The ribs are some of the best you’ll find this side of the Mason-Dixon line.
Coffee – Tamper Sellers Wheel https://tampercoffee.co.uk
Just a couple of minutes walk from our Sheffield Hallam location, Tamper’s New Zealand-influenced cafes brought the flat white to Sheffield, and is a fantastic, smooth caffeine shot for those who want more then espresso, but not a heavy latte (though those are also excellent). Up front is a take away counter with pastries from Depot bakery, while grab a table and enjoy a good breakfast or lunch.
Tea – Birdhouse Tea Bar and Kitchen https://www.birdhouseteacompany.com/visit-us/tea-bar-kitchen/
If your tastes are more tea than coffee, a few minutes away is Birdhouse’s new tea bar. Birdhouse have been blending tea in Sheffield for several years (and their blends have names like Kelham Island, Peace Gardens, and Seven Hills) and now you can try their tea, try different drinks like a Matcha Latte, and have something to eat. It’s also a great place to explore their different teas and try something new.
Cocktails – Botanist, Leopold Square https://thebotanist.uk.com/locations/sheffield
A huge range of spirits, garnishes and bitters don’t mean much unless you’ve got good bartenders who can make the most of them, and the Botanist delivers. Don’t be afraid to ask for substitutions or something off menu too. There’s a good restaurant upstairs too that’s almost worth a visit for the décor alone.
Mexican – Street Food Chef http://streetfoodchef.co.uk
With several outlets around Sheffield, Street Food Chef has made a great name for itself doing classic Mexican dishes really well. Close to Hallam University is their cantina, with seating to eat in and enjoy hot salsa and a cold cerveza. Their beef burrito is amazing, but the El Bastardo challenge is only for the brave.
Something Different – Ambulo http://weareambulo.com
Taking up home in the Millennium Gallery, opposite SteelCon’s Hallam University location, Ambulo does both classic dishes like Eggs Benedict or a Fish Finger Sandwich and ones with their own twist. A particular favourite is the Korean Fried Chicken Crumpet, big enough for a lunch, beautifully fried chicken and a sauce that is tangy without being overpoweringly chilli. They also have cocktails like Negronis and Old Fashioneds on tap.
I’m Not Sure – Kommune http://kommune.co.uk
A short walk from SteelCon, on the ground floor of an old Co-op department store, is Sheffield’s latest food hall. This is a great option for groups as each can pick from pizza, Indian street food, burgers and others and then all sit together and enjoy. The food is really good with small vendors specialising in one style to great effect. The space also incorporates a book shop, an occasional pop-up cinema, and just next door is the National Videogame Museum too!
Craft beers and real ales – Sheffield Tap, Sheffield Train Station http://www.sheffieldtap.com
A highly regarded pub with a dizzying array of beers from around the world, their own brewery on site, and all housed in beautifully renovated Edwardian rooms.
Ice cream – Our Cow Molly http://www.ourcowmolly.co.uk
A fixture since the first SteelCon, we love Our Cow Molly! Going to the farm and seeing their herd of cows on one side of the yard while their milk and ice cream is being sold on the other really brings home how good local produce can be, with the milk being pasteurised and bottled on site, as well as the ice cream being made there too! It can get very busy on a sunny afternoon, so it’s good to go early doors. It’s also known for experiencing some of the highest winds in Sheffield when the weather’s bad!
International Variety – London Road
Just past the ring road, London Road is a melting pot of international cuisines. Some come and go, while others have become well known over the years. From Turkish to Japanese, hot pot to satay and beer, London Road rewards the curious and is always changing. It’s also well worth a visit to shop for ingredients that you won’t find in a normal supermarket!
The New – Kelham Island
Kelham Island to the north of the city centre is undergoing a huge change. There’s still companies there doing powder coating, fixing, welding and casting, but it’s become so, so much more than that. At the heart is the Kelham Island Museum – an interesting trip through Sheffield’s industrial heritage and a chance to see a cocking massive steam engine running – and the Kelham Island Brewery. The brewery opened thirty years ago, and was the first in Sheffield for a hundred years before that. However two more have opened recently in the area, joining Sheffield’s first food court, a monthly street food market, a cheese maker, a retro gaming bar serving great vegan fast food and more. There’s a great intro to the area here: https://www.youtube.com/watch?v=TiCQN77R1go