It's Black Hat and DEF CON in Vegas this week. And yup, you know what that means. Hotel room searches for guns

Because it's America, it's 2019, and after more mass shootings, let alone Mandalay Bay, no one's taking chances

Black Hat If you're heading off the Black Hat and DEF CON security conferences in Las Vegas, USA, this week, be prepared to have your hotel room searched if - for any reason - you shoo maid service away and stop staff from cleaning your room.

Most hotels in the city enforce mandatory checks within their rooms following the October 1, 2017 mass shooting from the Mandalay Bay hotel, now the home of the Black Hat conference. A murderer, whose name isn't worth recording, killed 58 people and wounded 422 after hauling an arsenal of weapons into his hotel room, and raining bullets on a music festival crowd below.

In the aftermath, the Las Vegas police and hotel chains became more security minded, enacting policies that took hackers and infosec professionals visiting Sin City by surprise. These policies included mandatory searches of rooms for guns and suchlike, and zero tolerance for any kind of talk of threats against people.

As such, last year, a jokey tweet about attacking tourists got one senior Googler temporarily banned from Caesars; by attack, he meant a cyber-attack, not a physical one, and he was speaking hypothetically. Meanwhile, other folks were shocked when, without warning, hotel security barged into and rifled through their rooms to check for firearms, weapons, and illicit gear.

Women were particularly concerned: one infosec expert was naked in the bathroom when security guards forced their way in. During these searches, the staffers were not carrying anything like proper identification, and so guests feared they were about to be seriously assaulted by these mystery intruders. More than a few have decided to stay away from the conferences this year, or at least move to accommodations off the strip.

An angry mob

Black Hat USA axes anti-abortion congressman as keynote speaker after outcry – and more news from infosec land


The events colored DEF CON so much so that the event's head of security offered his resignation, though he was buoyed by a huge wave of support from attendees and so stayed on in his volunteer role. You would hope the hotels would be a little bit clearer about their policies of room searches this year. Sadly, that hasn't been the case for everyone.

We contacted the two big hotel chains that control many strip hotels: MGM and Caesars. MGM flat-out refused to comment, saying it doesn't discuss security procedures. Caesars, possibly mindful of last year's kerfuffle, was more forthcoming.

"In an effort to ensure the safety of our guests and employees, certain hotel team members may periodically enter guest rooms to perform standard wellness checks, if – and only if – a room has not otherwise been serviced or accessed by a team member for an extended period," a spokesperson told The Register.

"In other words, even if a team member accesses your room, by opting out of housekeeping services or posting a room occupied sign on the door, for example, team members may still periodically enter the room. This policy applies to all guest rooms and is intended to help us ensure guests and employees are safe."

Other hotels contacted by The Register had similar policies or refused to say one way or the other. The venue for Bsides, the Tuscany, will be searching rooms, we're told. We did find an off-strip Motel 6 which said it wouldn't be checking unless a complaint was made but, let's face it: who really wants to stay in a Motel 6?

Dark Tangent's advice

Naturally the DEF CON organizers were more than a little concerned about last year's problems.

According to conference founder Dark Tangent, aka Jeff Moss, all the hotels involved in the event promised to write up an official set of guidelines in time for this year's hacker summer camp and, in the case of Caesars, this appears to have happened – albeit at the last minute.

In a forum posting late last week, Moss said hotel security would not carry out room checks; instead, that will be left to housekeeping. A staffer of the same gender can be requested by guests to carry out the inspection, and the hotel said it will be doing visual searches only.

Then again, they said that last year, and hackers who claim to have rigged cameras in their rooms say that wasn't true and that staff had rummaged through drawers and belongings. The Reg did not see any of this claimed footage, however.

Certain items deemed a fire hazard have been banned from rooms, such as hot pots, soldering irons, rice cookers, and camp stoves. If found, they will be confiscated and stored before being handed back to guests when they leave.

Quite a few guests bring firearms for the ever-popular DEF CON Shoot, an event out in the desert where attendees fire off everything from handguns to small artillery. Coordinator Deviant Ollam said that guns are (understandably) not allowed in rooms but can be checked into hotel secure storage so long as they are in their proper cases, although space is limited.

Also, be advised that both the police and hotels seem to be keeping a close eye on social media during the show. So no "joke" tweets about violence or hacking please, or you may well find yourself in hot water. ®

Other stories you might like

  • US weather forecasters triple supercomputing oomph with latest machines
    NOAA makes it rain for General Dynamics IT, HPE, AMD

    Predicting the weather is a notoriously tricky enterprise, but that’s never held back America's National Oceanic and Atmospheric Administration (NOAA).

    After more than two years of development, the agency brought a pair of supercomputers online this week that it says are three times as powerful as the machines they replace, enabling more accurate forecast models.

    Developed and maintained by General Dynamics Information Technology under an eight-year contract, the Cactus and Dogwood supers — named after the fauna native to the machines' homes in Phoenix, Arizona, and Manassas, Virginia, respectively — will support larger, higher-resolution models than previously possible.

    Continue reading
  • Google said to be taking steps to keep political campaign emails out of Gmail spam bin
    Just after Big Tech comes under fire for left and right-leaning message filters

    Google has reportedly asked the US Federal Election Commission for its blessing to exempt political campaign solicitations from spam filtering.

    The elections watchdog declined to confirm receiving the supposed Google filing, obtained by Axios, though a spokesperson said the FEC can be expected to publish an advisory opinion upon review if Google made such a submission.

    Google did not immediately respond to a request for comment. If the web giant's alleged plan gets approved, political campaign emails that aren't deemed malicious or illegal will arrive in Gmail users' inboxes with a notice asking recipients to approve continued delivery.

    Continue reading
  • China is trolling rare-earth miners online and the Pentagon isn't happy
    Beijing-linked Dragonbridge flames biz building Texas plant for Uncle Sam

    The US Department of Defense said it's investigating Chinese disinformation campaigns against rare earth mining and processing companies — including one targeting Lynas Rare Earths, which has a $30 million contract with the Pentagon to build a plant in Texas.

    Earlier today, Mandiant published research that analyzed a Beijing-linked influence operation, dubbed Dragonbridge, that used thousands of fake accounts across dozens of social media platforms, including Facebook, TikTok and Twitter, to spread misinformation about rare earth companies seeking to expand production in the US to the detriment of China, which wants to maintain its global dominance in that industry. 

    "The Department of Defense is aware of the recent disinformation campaign, first reported by Mandiant, against Lynas Rare Earth Ltd., a rare earth element firm seeking to establish production capacity in the United States and partner nations, as well as other rare earth mining companies," according to a statement by Uncle Sam. "The department has engaged the relevant interagency stakeholders and partner nations to assist in reviewing the matter.

    Continue reading

Biting the hand that feeds IT © 1998–2022