Resorts World freaks out over DEFCON hacker convention, invades rooms

[Dan Druff]

Hackers scare people. They make non-hackers uneasy. Often fueled by unrealistic hacker portrayals in television and film, people enter hyper paranoid mode when hackers are present.

This appears to be the case at Resorts World.

DEFCON has taken place in Las Vegas since the early 1990s. It's a convention for hackers to show off their devices, share information, and even engage in contests with one another. Most of the hackers in attendance are of the "white hat" variety -- generally good-hearted people who are simply interested in the topic of system security. Admittedly, there are some attendees who use their skills to either wreak havoc for fun, or in some cases, seek monetary gain or cause malicious harm.

As in all communities, the hackers at DEFCON are a diverse bunch, and their presence doesn't indicate evil any more than the presence of poker players at the WSOP.

It is reasonable for hotels to shore up system security and plug loopholes prior to the DEFCON convention. If there's a time when people will be probing around to see what they can do, it would be DEFCON.

However, some idiot managers at Resorts World decided to panic, and have now both pissed off the hacker community (never a good thing) and created somewhat of a PR nightmare.


On August 4, Resorts World put out a memo stating that they would be conducting unannounced, random room searches:

Embedded Tweet

https://twitter.com/McGrewSecurity/status/1820206740392345686



But it got worse. Read on next post...

[Dan Druff]

They also put the same notice on the TV, hoping people click "Acknowledge", thus essentially giving consent:

Embedded Tweet

https://twitter.com/austeregrim/status/1821595871471136991



Someone else reported that they got in a standoff with Resorts World security over the matter, before ultimately backing down:

Embedded Tweet

https://twitter.com/TracketPacer/status/1821939503281664394



This even made the Las Vegas Review Journal: https://www.reviewjournal.com/busine...ndees-3121350/



Laughably, security at Resorts World had no idea what they were looking for. They claimed to be inspecting rooms for "hacking devices", not understanding at all what such "devices" would look like. They were probably expecting large, obvious, sinister looking devices with huge screens, taking up half the room like a mainframe. In reality, most hackers simply use their normal laptop computer to accomplish their goals, and the few external "devices" they might use tend to be small and not easy to find during a quick room search, such as the Flipper Zero.

These inspections were NOT done by cybersecurity experts, but rather just by normal security who were instructed to look for anything scary and out of the ordinary. Dumb. It's the illusion of security, but in reality is just simple paranoia and invasion of privacy.

[Dan Druff]

Despite my participation in the 1980s hacker community, as well as a general interest in the topic since then, I have never been to DEFCON. This is despite having lived in Vegas for 8 years, as well.

Why? I just never made it there. Each year I say, "Oh, I should go", and then I don't. I even had loose plans to go with khalwat one year, which didn't pan out for either of us.

One problem is that it's a few weeks after the WSOP ends, and by that point I want to get the fuck out of Vegas. In fact, even when I lived in Vegas, I would leave for awhile after WSOP, to escape the heat, which was why I tended not to be around when DEFCON would roll in.

Maybe in 2025. Maybe sonatine and I can break bread there.

[garrett]

Despite my participation in the 1980s hacker community, as well as a general interest in the topic since then, I have never been to DEFCON. This is despite having lived in Vegas for 8 years, as well.

Why? I just never made it there. Each year I say, "Oh, I should go", and then I don't. I even had loose plans to go with khalwat one year, which didn't pan out for either of us.

One problem is that it's a few weeks after the WSOP ends, and by that point I want to get the fuck out of Vegas. In fact, even when I lived in Vegas, I would leave for awhile after WSOP, to escape the heat, which was why I tended not to be around when DEFCON would roll in.

Maybe in 2025. Maybe sonatine and I can break bread there.

Sonatine is a fat waste on your site get it through your head, and he clogs up the board constantly with non-sense..

Have a nice day

[sonatine]

Despite my participation in the 1980s hacker community, as well as a general interest in the topic since then, I have never been to DEFCON. This is despite having lived in Vegas for 8 years, as well.

Why? I just never made it there. Each year I say, "Oh, I should go", and then I don't. I even had loose plans to go with khalwat one year, which didn't pan out for either of us.

One problem is that it's a few weeks after the WSOP ends, and by that point I want to get the fuck out of Vegas. In fact, even when I lived in Vegas, I would leave for awhile after WSOP, to escape the heat, which was why I tended not to be around when DEFCON would roll in.

Maybe in 2025. Maybe sonatine and I can break bread there.

you know whats funny, ive never been to a defcon. i have zero interest in it or any other security conference. if theres a good presentation, ill watch it online. and i know me, if i went id spend exactly zero time socializing with peers and just bunker down at the 20/40 bellagio stud game every waking hour.

also im seeing a lot of complaints from people that this year was a superspreader event, so theres that as well.

but to the original topic, this all reminds me of when the feds raided micon's apartment and punched holes in the walls looking for his hidden stash of bitcoins.

putting on my industry glasses and squinting, im assuming the room searches are part of some ludicrous mandate from whomever is insuring RW against breaches/incidents currently.

[Dan Druff]

Despite my participation in the 1980s hacker community, as well as a general interest in the topic since then, I have never been to DEFCON. This is despite having lived in Vegas for 8 years, as well.

Why? I just never made it there. Each year I say, "Oh, I should go", and then I don't. I even had loose plans to go with khalwat one year, which didn't pan out for either of us.

One problem is that it's a few weeks after the WSOP ends, and by that point I want to get the fuck out of Vegas. In fact, even when I lived in Vegas, I would leave for awhile after WSOP, to escape the heat, which was why I tended not to be around when DEFCON would roll in.

Maybe in 2025. Maybe sonatine and I can break bread there.

you know whats funny, ive never been to a defcon. i have zero interest in it or any other security conference. if theres a good presentation, ill watch it online. and i know me, if i went id spend exactly zero time socializing with peers and just bunker down at the 20/40 bellagio stud game every waking hour.

also im seeing a lot of complaints from people that this year was a superspreader event, so theres that as well.

but to the original topic, this all reminds me of when the feds raided micon's apartment and punched holes in the walls looking for his hidden stash of bitcoins.

putting on my industry glasses and squinting, im assuming the room searches are part of some ludicrous mandate from whomever is insuring RW against breaches/incidents currently.

Funny that neither of us have been to defcon, despite an interest in the topic and being old enough to have attended any of the 32 versions of it. And both having lived in Vegas for some time.

I understand your lack of interest in it. To me, it's one of those things which partially seems cool/fun, and also partially seems annoying/cringe. So every time I think, "Yeah, I'm totally going next year", I just can't bring myself to set it up, nor drive back to Vegas to spend more time in the blistering heat.

I do think it would be more fun to go with someone who also has an interest in the topic, which was why I was mentioning it to khalwat, who also had about the same level of interest as me. It's more difficult for him, as he lives across the country. But walking around with him (or someone similar to him) and seeing the exhibits would probably be a lot more tolerable than wandering around by myself.

You also might be right about the Resorts World searches. Perhaps it is some weird legal or insurance requirement. Or it could simply be the mandate of some idiot who saw one too many "hacker" themed TV shows and movies, and thinks that searching rooms will yield something useful. It's often hard to tell which idiocy du jour is motivating today's casino suits.

[lol wow]

funny enough the moment you arrive together at gaycon 2024 could cause some time vortex and ruin the entire world so dont todd and toddsine jr

[lol wow]

be proactive not merging ur gay timelines TINE I HEAR YOU TRYING TO SAY SHIT DONT SPEAK UP I'd like to avoid the apocalypse

[TheXFactor]

Resorts World should've done this during the Adult Entertainment Expo that was held in January.

Dildos are dangerous.

[ftpjesus]

Despite my participation in the 1980s hacker community, as well as a general interest in the topic since then, I have never been to DEFCON. This is despite having lived in Vegas for 8 years, as well.

Why? I just never made it there. Each year I say, "Oh, I should go", and then I don't. I even had loose plans to go with khalwat one year, which didn't pan out for either of us.

One problem is that it's a few weeks after the WSOP ends, and by that point I want to get the fuck out of Vegas. In fact, even when I lived in Vegas, I would leave for awhile after WSOP, to escape the heat, which was why I tended not to be around when DEFCON would roll in.

Maybe in 2025. Maybe sonatine and I can break bread there.

you know whats funny, ive never been to a defcon. i have zero interest in it or any other security conference. if theres a good presentation, ill watch it online. and i know me, if i went id spend exactly zero time socializing with peers and just bunker down at the 20/40 bellagio stud game every waking hour.

also im seeing a lot of complaints from people that this year was a superspreader event, so theres that as well.

but to the original topic, this all reminds me of when the feds raided micon's apartment and punched holes in the walls looking for his hidden stash of bitcoins.

putting on my industry glasses and squinting, im assuming the room searches are part of some ludicrous mandate from whomever is insuring RW against breaches/incidents currently.

The stud thing is kinda funny. I had this weird dream I was dealing a Stud 7 game with a bunch of big name pros including DNegs Kessler and some others. Was just weird and arbitrary that it was a stud game not PLO or HOLD’EM.

[incognito81]

They will now almost certainly get hacked

[Dan Druff]

Embedded Tweet

https://twitter.com/d0rkph0enix/status/1822814018643374260

[Dan Druff]

Another account of what occurred.

Note that the "Hilton" is referring to the Hilton tower of Resorts World. It is NOT referring to the former Las Vegas Hilton, now called the Westgate.

Embedded Tweet

https://twitter.com/eevblog/status/1824374758408065302

A friend of mine got booted out of the Hilton Hotel at DEF CON after room searches and here is his story and what they were looking for:

--

So during Def Con 32, the Hilton Hotel did raids on the rooms of people it thought were hackers. Here is a post of someone's experience and the photos of what the guards were given:

"Before I explain what happened, let me clarify that this was my personal own experience and I'm not talking on behalf of the other people affected by this incident.

There's this hotel that's engaging in random room inspections specifically to Def Con 32 attendees. They're targeting attendees on the grounds of "making sure [we] are not a threat or have devices that can compromise their network security".

In a very aggressive way, they demanded us to open our rooms to go through all of our stuff. We asked them give us time to confirm what they were asking was legit and legal, and they got mad and demanded to open the door or else they were going to call the police and charge us with trespassing.

Things escalated very quickly and armed security guards came with the intention of breaking the door to get us out. Since they wouldn't reason, I decided to just open the door. They aggressively asked for our IDs, started reading some policy out loud, and then escorted us out of the property without a care in the world.

On our way down the hall there were many more security personnel knocking on doors and getting people out, just like a drug raid.

I'm still nervous by this unnecessary and I bet unlawful situation, but I know nothing about laws and how things work in Vegas for visitors. The only thing I can recommend is to STAY AWAY from the Las Vegas Hilton at Resorts World. They are discriminating against Cybersecurity professionals and attendees to the Def Con convention.

I can't do anything else, but to tell you my experience, so you don't go through similar situations.

If you know how to help in any way, legally, awareness, etc, please do.

Cybersecurity professionals must stick together to make things right for the good of everyone. DISCRIMINATION cannot be tolerated."

Other people had their badges confiscated by security, and were hassled and threatened for even walking through the hotel.