Google Spectre whizz kicked out of Caesars, blocked from DEF CON over hack 'attack' tweet
'Chaos specialist' Linton's e-quip backfires
Updated At midnight on Thursday, Matt Linton, a senior Google bod who was one of the key players in sorting out the Spectre CPU security hole mess, went to his hotel room in Caesars Palace, Las Vegas – and found his key no longer worked.
When he went to reception to find out what the problem was, he was met by two security guards who took him to the room, told him pick up his stuff, and escorted him off the premises. He was also given a written warning that he would be prosecuted if he stepped foot in the hotel again, which, considering it’s the venue for this year’s DEF CON hacking conference in the US, is an almighty embuggerence. The event is the one conference all hardcore hackers try to get to, and now he's effectively barred from attending.
According to the hotel’s security director, “they don’t take kindly to threats,” according to Linton. "Sir, your speech has consequences, so you better think about that in the future before you threaten," was another comment from the security team, the Googler recalled.
This all stemmed from a jokey tweet emitted by Linton on Wednesday, which you can read in full below:
If I had the time, budget, and motive to launch really good attacks in Vegas, I would:— Matt Linton 🐦👨💻⚕️⚒️🥋🎻 (@0xMatt) August 8, 2018
❌ Attack random Defcon nerds who are probably mostly broke and powerless
✔️ Attack ppl at BlackHat who are way more likely to be in positions of power somewhere with 💰 to drop on tickets
While somewhat off-color, anyone with an ounce of sense could see that this was a joke about how hackers prefer to go after lucrative targets. And by "attack," the Googler – whose job title is "chaos specialist" – meant "hack," not physically beat someone up. Yet, it was enough to earn him a visit from the Las Vegas Police Department the next day, hours before his eviction from Caesars.
By the account of one person who was there, the matter was quickly and amicably resolved between Linton and the cops. Once the techie explained the context of the quip, the officers were said to be completely satisfied.
A clarification for the nice @LVMPD officers who came to discuss this tweet with me:— Matt Linton 🐦👨💻⚕️⚒️🥋🎻 (@0xMatt) August 9, 2018
"Attack" in this context refers to the theoretical risk of having ones _phone hacked_ by #DEFCON attendees. It's hacker lingo.
I've spent decades training to save lives. I don't take them. https://t.co/K3uGLGGxbW
So the matter appeared settled. Then, at around 12am on Friday, Linton was booted out by Caesars. He was charged the half-a-day rate for his room before being unceremoniously ejected onto the Las Vegas Strip in the early hours of the morning, with little hope of finding another room.
Linton told The Register that “[the hotel] definitely told me that the conference organizers were worried about my ‘threat to their venue’.” This seems highly unlikely: you'd have thought the DEF CON organizers would be able to see the tweet for what it was, and understand the joke even though it was poking fun at DEF CON attendees.
What’s more likely is that the tweet was taken literally by police and hotel staff amid heightened tensions in Las Vegas over gun violence. On October 1 last year, the city suffered one of the worst mass shootings in American history when a scumbag whose name isn’t worth remembering shot and killed 58 people and injured 851 others from his window in the Mandalay Bay hotel – which, coincidentally, hosts the Black Hat USA conference Linton spoke at earlier this week.
The atrocity hit Sin City hard, and inspired the #vegasstrong movement. It also put the police on high alert to prevent any repeat slayings. Noted security journalist and author Kim Zetter, who was also attending this year’s conferences, had her room at the Mandalay Bay forcibly searched by hotel security after she declined to allow housekeeping in.
Because I declined to have maid service in my hotel room at BlackHat, two security guys came to my room and demanded I open my door and let them do a walkthrough search. The hotel never gave me a headsup and the two guys thought I should just believe that they are hotel security.— Kim Zetter (@KimZetter) August 10, 2018
Given it’s the wee hours of the morning here in Las Vegas, at time of writing, there has been no response from the hotel's PR bods about the situation.
DEF CON organizers told El Reg they haven't seen nor made any complaints about Linton's tweet. "I don't actually think anyone at DEF CON complained – I think [the hotel employee] was just trying to make me feel like nobody was on my side so I would stop asking for escalations," Linton told The Reg.
In the opinion of your humble vulture, someone at Caesars probably panicked, and decided to kick Linton out just to be on the safe side. This is, after all, the land of the lawsuit, and corporations are risk adverse.
After the Mandalay Bay mass-murder, the litigation paperwork started flying, and MGM, which runs the hotel, actually sued the survivors to shield itself from liability – the first time such a tactic had been seen.
Linton, a member of Google's security incident response and forensics team, is respected in the infosec industry – not just for his Spectre cleanup effort, but also because he does important work mentoring younger security talent. He is also is a volunteer emergency medical technician who heads to disaster zones when the need is there. Locking him out of DEF CON threatens to cast a shadow over the conference, and won’t help convince those who attend that they are in a friendly environment. ®
Updated to add at 2230 UTC (1530 PT)
Linton has been unbanned from Caesars properties, and thus will be allowed to attend DEF CON within the hotel complex, The Register understands.