Caesars Palace Ejected Matt Linton Over A Lousy Tweet

Last year Hutchins, now Linton targeted Black Hat/DEF CON At midnight on Thursday Matt Linton, a senior Google engine

Adobe Patches Zero-Day Vulnerability in Flash Player
Jon Oberheide on Perimeter Security
Study: Attack on KrebsOnSecurity Cost IoT Device Owners $323K

Last year Hutchins, now Linton targeted

Black Hat/DEF CON At midnight on Thursday Matt Linton, a senior Google engineer who was one of the key players in sorting out the Spectre security hole mess, went to his hotel room in Caesars Palace and found his room key no longer worked.

When he went to reception to find out what the problem was he was met by two security guards who took him to the room, told him pick up his stuff and escorted him off the premises. He was also given a written warning that he would be prosecuted if he stepped foot in the hotel again, which considering it’s the main venue for this year’s DEF CON hacking conference, is a considerable embuggerence, considering the show is one all hardcore hackers try to get to.

According to the hotel’s security director “They don’t take kindly to threats,” he said. “Sir, your speech has consequences so you better think about that in the future before you threaten,” was another comment from the security team.

This apparently stemmed from a jokey tweet earlier in the week, which you can read in full below:

While somewhat off-colour, anyone with an ounce of security knowledge could see that this was a joke about how hackers attack the dumbest and easiest low-hanging fruit. But it was enough to earn him a visit from the Las Vegas Police Department the next day.

By the account of one person who was there, the matter was quickly and amicably resolved. Once Linton explained the context of the comment the LVPD were completely satisfied and even liked and retweeted his explanation online.

Things get weird

So the matter appeared settled. But then Linton was booted out by Caesars and, to add insult to injury, he was charged half of the day rate for his room, despite being ejected into Las Vegas in the early hours of the morning with little hope of finding a hotel room.

Linton told The Register that “[the hotel] definitely told me that the conference organizers were worried about my ‘threat to their venue’”. This seems highly unlikely – DEF CON organisers would be able to see the tweet for what it was and understand the joke.

It’s doubly unlikely the organisers objected because the Black Hat and DEF CON hacking conferences have plenty of members who were persecuted by law enforcement in the early days of the industry. Nowadays the NSA, CIA and defense contractors routinely recruit at the two shows because they recognise the talented people who attend have skills that are needed.

What’s more likely is that the recent history of Las Vegas had something to do with this. On October 1 last year the city suffered one of the worst mass shootings in American history when a scumbag whose name isn’t worth remembering killed 58 people and injured 851 others shooting from his room in the Mandalay Bay hotel – which coincidentally hosts the Black Hat conference Linton spoke at this year.

The atrocity hit the city hard and inspired the #vegasstrong movement but also put the police on high alert to prevent any repeat of the incident. Noted security writer Kim Zetter, who was also attending this year’s conferences, had her room at the Mandalay Bay forcibly searched because she didn’t want housekeepers rummaging through her room.


Given it’s the wee hours of the morning here in Las Vegas there has been no response from the hotel about the situation.

DEF CON organisers tell El Reg they haven’t seen any mention about the incident and are checking to see what happened. But this looks suspiciously like this is another case of overzealous big corporate butt-covering leading to blowback.

“I don’t actually think anyone at DEF CON complained – I think [the hotel employee] was just trying to make me feel like nobody was on my side so I would stop asking for escalations,” Linton told The Reg.

It was only last year that the FBI arrested Marcus Hutchins, the youthful hacker who killed off the mass Wannacry ransomware attack that nearly crippled the UK’s National Health Service, as he left DEF CON – on charges that alleged he might have written some malware as a teenager.

Thumbs up for Spectre-Meltdown protection

Revealed: El Reg blew lid off Meltdown CPU bug before Intel told US govt – and how bitter tech rivals teamed up


Hutchins has since been stranded in the US for a year while the Wisconsin department of the FBI tries to get its case together that he’s a dangerous criminal, seemingly on the evidence of a single stool pigeon. Linton’s case isn’t as serious, but it seems to be part of a pattern of paranoia.

In the opinion of this vulture someone at the Caesars probably panicked and decided to kick Linton out just to be on the safe side. This is, after all, the land of the lawsuit and corporates are terrified of getting sued.

After the Mandalay Bay murders, the litigation started flying and MGM, which runs the hotel, actually sued the survivors of the abomination so that it could get legal protection from legal suits against those who survived – the first time such a tactic had been seen.

Linton is well respected in the security industry – not just for his Spectre work but also because he does important work mentoring younger security talent. He is also is a volunteer emergency medical technician who heads to disaster zones when the need is there. His banning from DEF CON threatens to cast a shadow over the conference, and won’t help convince the elite hackers who attend that they are in a friendly environment. ®

Splunk Software As a SIEM

Go to Source