back to article Et tu, Brute? Then fail, Caesars: When it's hotel staff, not the hackers, invading folks' privacy

The hacking world's summer camp has ended. The last of the Black Hat USA, BSides Las Vegas, and DEF CON attendees and organizers have now left Sin City after a week of lectures, networking, and partying. What unfolded over those seven or so days will have knock-on effects for years to come – not just from researchers and …

ciaran

Security Theater

Yes, its obviously just theater. Surely one of the attendees could have found a way to infer the amount of metal in a room? Or inconspicuous metal detectors in the hallways? Then they could bring the police along to a search when there was an actual suspicion.

So did any random foreign infosec hero get detained at the airport on the way out?

Great article, thanks.

Richard 12
Silver badge

Caesars have proven themselves incompetent

I'll be kind and assume that firearms are banned by policy, so an innocent guest isn't likely to open fire on an intruder.

What if there actually had been someone in that hotel who genuinely did intend harm via gunfire?

What exactly is going to happen when someone barges in on them unannounced?

It seems to me that's an effective way to get your employees shot dead. Along with a few innocent bystanders.

And what are the thousands of normal paying guests going to think when a couple of burly someones bursts into their room unannounced with no ID?

That's a ****ing terrifying experience.

Are they ever going to want to stay there again?

Pascal Monett
Silver badge

Forget about staying there again. I've just read the article and now I don't even want to go there.

Warm Braw
Silver badge

I reached much the same conclusion from watching an episode of CSI! I assume it's not the history of Mob corruption and violence, the 171 murders (excluding the 58 in the mass shooting) of 2017, the brutal climate, the permanent twilight of the casinos or the fact the entire town only exists to separate people from their money that makes it such a desirable destination. Because, if it is, DEF CON might as well pack up and go home: humanity has chosen a different path.

Destroy All Monsters
Silver badge
Paris Hilton

Re: Caesars have proven themselves incompetent

What if there actually had been someone in that hotel who genuinely did intend harm via gunfire?

What if there actually had been someone in that hotel who did not intend harm via gunfire but was packing and a bit nervous about unannounced visits?

Matrix_Lobby_Scene.mov

Edward Clarke

Re: Caesars have proven themselves incompetent

"It is legal to carry concealed or openly in a bar or restaurant, even while consuming alcohol. One cannot possess a firearm if their blood alcohol content is more than .10 BAC (NRS 202.257). It is legal to carry openly or concealed inside a casino, on the Las Vegas Strip, or at the Fremont Street Experience."

https://www.nevadacarry.org/

https://www.nevadacarry.org/open-carry.html

But wait, there's more - Nevada is a "Stand Your Ground" state.

https://www.shouselaw.com/blog/nevada-stand-ground

That naked lady in the shower would have been legally able to shoot both of those guys. Might have lost her room deposit though.

Androgynous Cupboard
Silver badge

Re: Caesars have proven themselves incompetent

Well now that I know everyone can be armed in the hotel and you're allowed to shoot people if you feel threatened, I for one would be able to sleep soundly in my hotel bed. Dreaming of cinder-block walls.

ZPO

Re: Caesars have proven themselves incompetent

It is highly unlikely that firearms are banned by policy in the hotel space. Firearms are banned from the floors of casinos (at least they were last time I was there). There are thousands of people quite legally carrying concealed firearms in Las Vegas on a daily basis. Spoiler alert - nobody gets hurt.

People forcing their way into hotel rooms while not wearing obvious uniforms and presenting legitimate identification (verified with the front desk) are going to get shot at some point. It will be an interesting court case when that happens. The policies needs to be modified. Hopefully the video of hotel "security" doing a lot more than a visual check will result in actual change instead of a couple BS press releases.

Teiwaz
Silver badge

Re: Caesars have proven themselves incompetent

Spoiler alert - nobody gets hurt.

Until lots of people do, then there's a short period of angst, followed by a long period of paranoia after the NRA kicks the usual up a gear. Then business as usual until it happens again, few lessons, seemingly learnt.

Chez

Re: Caesars have proven themselves incompetent

>People forcing their way into hotel rooms while not wearing obvious uniforms and presenting legitimate identification (verified with the front desk) are going to get shot at some point.

Not terribly likely, unless entry was genuinely forcible; gun owners are fairly responsible about these sorts of things, specifically when deadly force can and cannot be used.

A man in Texas was acquitted of manslaughter charges after killing several deputies during a no-knock raid in which the police failed to announce that they were actually police, making the raid indistinguishable from a well-coordinated home invasion. Hotel staff opening your door with a keycard is fairly different from that sort of forceable entry.

Doctor Syntax
Silver badge

Re: Caesars have proven themselves incompetent

"That naked lady in the shower would have been legally able to shoot both of those guys. Might have lost her room deposit though."

And a surcharge for cleaning the blood off the carpet.

Doctor Syntax
Silver badge

Re: Caesars have proven themselves incompetent

"Hotel staff opening your door with a keycard is fairly different from that sort of forceable entry."

DEF CON attendees probably don't assume that unlocking the door requires official sanction. If there's a next year they'll probably ensure the locks only open for their own keys.

phuzz
Silver badge

Re: Caesars have proven themselves incompetent

Spoiler alert - nobody gets hurt.

In 2017 there were 155 deaths and 165 injuries due to firearms in Las Vegas. That's not including the 59 dead and 441 injured in the Mandalay shooting that year.

(source)

BillG
Silver badge
FAIL

Re: Caesars have proven themselves incompetent

Minimum wage security people.

JohnFen
Silver badge

Re: Caesars have proven themselves incompetent

"DEF CON attendees probably don't assume that unlocking the door requires official sanction."

Given that the majority of hotel locks are ludicrously insecure, nobody should assume that unlocking the door can only be done by authorized personnel. It doesn't even require above-average hacking skills.

JohnFen
Silver badge

Re: Caesars have proven themselves incompetent

Damn, Edward, that's scary stuff. I think you've convinced me to expand my avoidance of Vegas to include the entire state of Nevada.

Anonymous Coward
Anonymous Coward

Re: Caesars have proven themselves incompetent

> And a surcharge for cleaning the blood off the carpet.

No. That was of Caesars own doing, from the actions of their incompetent staff.

LucreLout
Silver badge

Re: Caesars have proven themselves incompetent

A man in Texas was acquitted of manslaughter charges after killing several deputies during a no-knock raid in which the police failed to announce that they were actually police, making the raid indistinguishable from a well-coordinated home invasion. Hotel staff opening your door with a keycard is fairly different from that sort of forceable entry.

It is, but I'm not sure you can expect a young lady who is naked in the shower on a night to make the same determination we can from the safey of our (hopefully) fully clothed desks with the facts in evidence.

BuggerOff

Re: Caesars have proven themselves incompetent

"opening your door with a keycard is fairly different from that sort of forceable entry."

Because counterfeiting key-cards wasn't demonstrated 5 minutes after the technology was rolled out.

Androgynous Cupboard
Silver badge

Re: Caesars have proven themselves incompetent

Thank you phuzz, for pointing out the nine hundred pound pink tapdancing elephant that ZPO is wilfully ignoring.

Sgt_Oddball
Silver badge

Re: Caesars have proven themselves incompetent

Do none of these doors have a chain or latch to prevent external access when occupied? I was fairly certain they're a standard thing. But if the staff are circumventing these then it'd be no surprise if someone vented them for this at some point unless they announce their visit.

gc23

Re: Caesars have proven themselves incompetent

Chances are good few, if any, of those deaths resulted from a permitted gun carrier (they don't like to publish all the facts).

Korev
Silver badge

Staff cost reductions maid

the hotel promotes skipping maid service to save staff costs

fixed that for you...

ChrisElvidge

Re: Staff cost reductions maid

I would have thought skipping maids were more expensive than the non-skipping variety.

Teiwaz
Silver badge

Re: Staff cost reductions maid

I would have thought skipping maids were more expensive than the non-skipping variety.

What about the cost benefit analysis on stripping maids, bet they're cheaper than the skipping ones (especially when booked from guys in flamboyant costumes).

Warm Braw
Silver badge

Re: Staff cost reductions maid

bet they're cheaper

Probably cheaper than maids-a-milking whose number is strictly limited and who are to be found only for a short time each year.

Korev
Silver badge
Terminator

This year was a stroke of genius: the badges contained a retro roleplaying game you could access via USB, 30 LEDs, and other IO ports. You could unlock new RPG levels if you connected your badge to another badge types – human, press, speaker and so forth – with the lights telling you if the link was successful.

Baring in mind the target audience, wouldn't many of them just "help themselves" to the extra levels?

imanidiot
Silver badge

Seeing at to what the point of DefCon IS, if you can get yourself the levels by hacking your badge than props to you. IT is however encouraged to share your methods and attack vectors if you are successful so that others may learn.

Anonymous Coward
Anonymous Coward

"Et tu Bruté"

Not sure if the title was meant to mean something in french. The accent hints at a yes ...

Be insured it makes no sense at all.

You guys need to try harder at french :)

Sixtysix
FAIL

Re: "Et tu Bruté"

Caeser Palace... Brute... stabbed in the back

The classics? Latin? Roman Emprire?

...Ohhhhh I get it.- look everyone! Look! See the troll in it's natural habitat: the Interwebs!

Credas
Silver badge

Re: "Et tu Bruté"

Be insured it makes no sense at all.

Rather like your English. :)

Wensleydale Cheese
Silver badge

Re: "Et tu Bruté"

"You guys need to try harder at french"

Try Latin.

Def
Silver badge
WTF?

Re: "Et tu Bruté"

Be insured it makes no sense at all.

Given the general level of grammar and spelling on the Internet these days, I really don't know if that was an extremely clever comment or a monumental fuck up. :) I'll give you the benefit of the doubt this time, but next time remember to end your sentence with a smiley face and/or use an appropriate icon. ;)

Warm Braw
Silver badge

Re: "Et tu Bruté"

Be insured

Toujours de bons conseils

sw guy

Re: "Et tu Bruté"

Yes, this was a attempt to write Latin, though a failed one:

No accent (no diacritic at all) in Latin.

iron
Silver badge

Re: "Et tu Bruté"

I'm surprised your stunningly ignorant comment doesn't have more down votes.

Anonymous Coward
Anonymous Coward

Re: "Et tu Bruté"

"You guys need to try harder at french"

Try Latin.

It's all Greek to me

Unep Eurobats
Coat

Re: "Et tu Bruté"

Shakespeare got it wrong. It's actually a corruption of 'Et tu, brew tea', meaning that Caesar wanted his trusty lieutenant Brutus to bring him a nice cuppa, sharpish. However the only thing sharp in the vicinity is Brutus's dagger, which he proceeds to bury in the imperial ribcage, thereby allowing Caesar to utter his actual last words which, as any fule kno, are 'Infamy, infamy, they've all got it in for me!'

Robert Carnegie
Silver badge

Infamy! Infamy!

Or of course "en famille"...

They've all got it - oh, no they haven't.

dwieske

Re: "Et tu Bruté"

Hilarious example of someone exposing their stupidity while trying to be smart :)

imanidiot
Silver badge

Re: "Et tu Bruté"

Strictly speaking the words "Et tu, Brute" come from Shakespears Julius Ceasar. Some have also said the words to be "Kai su, teknon" meaning either the same: You too, my son? or alternatively the slightly more colorfull: Screw you, young man!

Anonymous Coward
Anonymous Coward

Re: "Et tu Bruté"

'It's actually a corruption of 'Et tu, brew tea''

The full story (as any fule kno) is:

Caesar adsum iam forte

Brutus aderat

Caesar sic in omnibus

Brutus sic inat

Doctor Syntax
Silver badge

Re: "Et tu Bruté"

Kids!

What do they teach in schools these days?

PK

Re: "Et tu Bruté"

I've now got this image of Ceasar's last words being "Brutus that's sick innit"

Mycho
Silver badge

Re: "Et tu Bruté"

Wait.

All these posts complaining about people's linguistic errors...

Oh, well plaid!

gc23
FAIL

Re: "Et tu Bruté"

It's "ensured", not "insured".

If you're going to make comments like that, make sure you're not making a fool of yourself while doing so.

Fruit and Nutcase
Silver badge
Thumb Up

Re: "Et tu Bruté"

@imanidiot/@AC

Strictly speaking the words "Et tu, Brute" come from Shakespears Julius Ceasar...

That's more or less what Natalie Haynes eluded to in "Wordaholics" Series 2, Episode 2 on Radio 4 Extra, yesterday! And whilst The Bard used Latin, "Kai su, teknon" is Greek - as AC rightly stated It's all Greek to me

Fruit and Nutcase
Silver badge

Re: Infamy! Infamy!

Rank stupidity!

Michael Wojcik
Silver badge

Re: "Et tu Bruté"

It's "ensured", not "insured".

Are you sure? I think OP was going for "assured".

Doctor Syntax
Silver badge

Re: "Et tu Bruté"

"If you're going to make comments like that, make sure you're not making a fool of yourself while doing so."

Given the gist of the comment a little confusion between near homonyms doesn't add much to the folly.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018