Skip Navigation

Privacy @lemmy.ml youmaynotknow @lemmy.ml 2mo ago

Fuck Hilton: Black Hat USA 2024, DEF CON 32 attendees treated like children – or criminals – with invasive hotel room checks

cybernews.com Attention Required! | Cloudflare

This is absolutely ridiculous. Imagine some fuckers just coming into your room while you're with your SO making love or something.

55 comments

A hotel confiscating random stuff would be considered theft and the hotel employees arrested in any civilized country.
- The US stopped being civilized a while ago.
How fucking stupid.

“Resorts World Las Vegas is dedicated at all times to ensuring a safe, secure, and comfortable environment for all of our valued guests,” the statement begins.

Resorts World said the latest policy was established “in light of recent events in Las Vegas, and the increasing ransomware threats to casinos and hotels on the Strip,”

Hard to see this absurd invasion of privacy as being for anything but that last bit. Hope this results in significantly fewer guests, but it feels like the vote-with-your-wallet part of capitalism stopped working some time ago.
- The ransomware threat is coming from INSIDE THE HOTEL!
  
  Room service now!! or kiss your data goodbye
- I wouldn't be surprised if somebody does end up pwning them with a ransomware out of spite.
- Thank you for your service, good sir.
  
  This is the proper take here, IMHO
I was there. It was really weird. The people doing the inspections didn’t even know what they were looking for. What, a USB drive? It was clear to me that they had a very basic, normal persons understanding of technology.

This was mainly motivated by the MGM hacks so they could show that they were doing something in case they got hacked later for liability.
We have confiscated all the laptops we could find sir. They had a TERMINAL open. Filthy hackers!
- Bold of you to assume they know what a terminal is.
  
  But they were hacking all the IPs simultaneously!
- "is that arch Linux?!"
- I can also imagine some talks getting disrupted after the speakers demonstration gets confiscated
Barges into room.

Them: “Are you hacking, son?

Me: “No.”

Them: “Cool. I’m just a hotel employee, and I only have understanding of computers at an end-user level. Plus, I see you’re not wearing a hoodie and sunglasses while being hunched over a laptop. Have a nice day and enjoy your stay at the Hilton!”
- most accurate portrait
People you dont want to piss off:

Mother in-law

Worlds greatest hackers

The IRS
- For real, this convention has been around for a long time without issue, we should poke the bear.
- They should boycott the hotel next time. I'm sure there are plenty of other places that would accept them
All hotels reserve the right to inspect your room whenever they need to. The privacy sign just means you don’t want room service, it’s not some magical lock.

They’d still knock, not just burst into your room to catch you in flagrante.

That said seeing the black hat conference in this way is daft.
- Not to mention the metal hook lock on most room doors I've seen that can prevent anyone from entering while you're still inside.
  
  Every hotel with those has a tool they can use to easily unlatch that lock.
Your title is terrible. Use the article's title.
- Agreed. I really dislike editorialised titles.
- It's not a title, it's an opinion. Having said that, I agree, it's terrible as a title. Fixed (I think).
That sounds like a good way to get their employees shot.
I like to walk around with a open bathrobe, hope no one walks in.
- Just put your hands on your hips and smile
That's kind of silly honestly. I can see where they are coming from but the people at the conference are the good guys. If I were them I would get some of those security professionals to give suggestions on how to have better security. Also random room checks aren't going to catch anything. Anyone who wants to cause harm isn't going have such bad opsec. You will end up catching people with legitimate and highly dangerous stuff like routers, network switches and vacuum cleaners
- Just FYI, you need very little skill to clone the WiFi access gateway of a hotel WiFi, and then blast their SSID from your router, to lure close guests into your honeypot. Once people are on your malicious gateway, the fun starts.
  
  In a hotel with hundreds of hackers on alcohol, it's not unlikely for people to fuck around.
  
  There is also no requirement to be a "good guy" to attend the conference.
  
  There is also no requirement to be a "good guy" to attend the conference.
  
  Correct. But it's kind of the inevitable outcome that only "good guys" attend. Why would any bad actor go there and risk being exposed / caught...
  
  Hopefully that would get flagged. If you start broadcasting that will show up under rouge ap detection
  
  Isn't also a game at defcon to spread a harmless package to as many devices as possible?
- vacuum cleaners
  
  Why would someone bring their own vacuum cleaner in a hotel room?
  
  The automatic vacuum cleaners have lots of security issues and are often a common target at blackhat
  
  https://y.yarn.co/3d47dd3a-f3d2-4e4b-9d88-4c87bed33876_text.gif

55 comments