SteelCon 2023: diary of a conference goon

Earlier this month, one of our Swarm members, Paul Williams, had the privilege of volunteering at one of the most prestigious hacker conferences in the UK, SteelCon, where cybersecurity professionals, hackers, researchers and enthusiasts from all corners of the country converged to share knowledge, hone their skills, and collaborate on the latest cybersecurity advancements.

Known for its inclusive and community-driven atmosphere, SteelCon serves as a platform for individuals interested in various aspects of cybersecurity to share knowledge, collaborate, and discuss emerging trends and challenges in the field.

The conference focuses on a wide range of topics, including but not limited to penetration testing, ethical hacking, secure coding, cryptography, privacy, and information security. It features talks from renowned experts in the industry, interactive workshops, hands-on demonstrations, and engaging panel discussions.

SteelCon is run completely by volunteers, which Paul was keen to take part in and practice one of CovertSwarm’s values of giving back to the cybersecurity community. Here, he tells his story.

How it began

I first heard about Steelcon in Spring 2017. I was speaking to “int eighty” from Dual Core, a hip hop duo, and he said they had been booked to play at the after party so I immediately tried to get tickets, but they unfortunately were sold out. Guess I have to wait for the next ticket drop.

I managed to grab tickets in the next drop but due to a misunderstanding on Twitter, those tickets ended up getting returned to the ticket pool. I then managed to get a ticket from someone else who could not make it and attended my first real security conference.

My first conference

Registration started at 08:30. There was breakfast in the form of bacon and sausage paninis as well as veggie options. Coffee, tea, and fruit juice were also available. The conference swag bag was a tote bag with the conference program which included information about all the talks as well as a crossword CTF.

The opening talk was at 09:00 after which people split off into the three tracks as well as the atrium to talk to sponsors and vendors.

I watched a talk on deserialization attacks by Nicky Bloor (which can be found here)and a talk by Achim D. Brucker on browser extensions (which can be found here) in the morning. These talks are all on YouTube thanks to the wonderful work by Cooper and his team of AV volunteers.

I then went for a wander around Sheffield and attempted the CTF crossword and chatted with some of the crew.

The Crew

After chatting with some of the SteelCon crew, I wanted to see if I could get involved. I already volunteer for my local hackerspace  so I know how rewarding volunteering can be. I joined the Steelcon Slack channel after the event and got chatting with the organisers but as it was two days after the conference they were probably decompressing and relaxing!

Once the post conference dust had settled and people had started to plan things, I threw my hat in the ring to join the crew. I was not sure what I wanted to help with at this point, I just knew I wanted to help. 

I ended up helping with the kids track where I met the kids track crew. I was a little nervous as there were quite a few kids, but the crew reassured me we would all be fine, and I was! It was great seeing the kids’ faces when they were doing the various activities.

This year

This year was my 4th year on crew for the kid’s track. We had lots of interesting things on including archaeology, robot making, T-Shirt printing, and a laser demonstration using a 3W laser. If you want to check out some of those pictures you should be able to find them on SteelCon’s Facebook and Twitter accounts.

We started the day with a safety briefing at 07:30 which meant an early-ish night on Friday night. (There’s normally a pre-con gathering on Friday night at the Roebuck Tavern, where people catch up before the conference).

Tanya, the kid’s track boss, briefed us, organised cover for people who wanted to see talks and posted the volunteer’s timetable. I checked my timetable and it was looking like a super busy day for me which was fine as I did not mind covering as I know the talks were all being recorded so I can watch them later.

My activities for the day were helping set up the computer room for the music track, which is a web app like Sonic Pi that allows you to write code that makes music. I also helped the kids build their battle bots, which involved lots of children asking me to hot glue feathers, googly eyes and coloured ice lolly sticks to 3D printed robot cases as well as ensuring they’d safely connected the LiPo batteries. 

My final task of the day was helping smash plaster fossils containing dinosaurs and treasures with a stubby hammer:

This allowed the children to use smaller, less dangerous hammers to break the smaller chunks down and reveal the gems, coins and dinosaur fossils hidden within… They loved making a mess!

We even have some evidence of actual dino’s being unearthed:

Excellent discovery from one of the young archaeologists! 

The final activity of the day that I saw was the laser display – the children LOVED it, although after being advised of the dangers of lasers, some of them were a little scared of it! However, they soon forgot about the danger when they got to project drawings that they had done on a wall with it – they all commented about how beautiful it was.

Volunteering for the kid’s track is great for two reasons. On the one hand it allows the children’s parents to attend the conference, which they might not have been able to do otherwise.

More importantly though, I loved the way the children got excited about different things that are not necessarily security related but mostly STEAM related. My ultimate hope is to inspire them to be curious about technology around them and who knows, one day they might be hackers like us working the conference so the next generation can enjoy the things that they enjoyed.

We are already looking forward to next year!