Vegas local here, after Oct 2017 no Vegas hotel room on the strip is going 24 hours without hotel staff seeing the inside of a room - every hotel has this policy. I don’t know why people expect privacy in Vegas, there are more cameras and technology watching you here than anywhere else in the US.
Since the festival shooting Vegas hotels have a policy of entering every room every 24 hours. If you skip housekeeping, they get suspicious and then they send security to check on you.
Some clever hackers figured out how to use the phone system to make them think housekeeping had been there[0], so now they do inspections when BlackHat/DefCon is in town because they don't trust their own tracking systems.
[0] One of the hotels had housekeeping dial *5 on the room phone when they entered the room to clean, and then *5 again when they left. So some hackers would put out their "do not clean" sign and then just dial *5 twice 10 minutes apart so no one would get suspicious.
Holy shit, there are hotels that still do housekeeping every day post COVID? Please name names, I want to stay there! Even better if there are ones that still do real room service where someone wheels a cart into your room, not leaving a bag at the foot of your door.
Last time I traveled the concierge looked at me as if I was some horrible person because I requested daily housekeeping, not this "on demand" nonsense which has sadly become pervasive.
still do housekeeping every day
They don't change sheets or towels ("for the environment")... just inspect the room, then leave.
Wait, then how do you dry yourself off the next day? Is washing towels really too much effort for them? Why would I accept worse service in a hotel than in my own home?!
You wash your towels after every use?
Yes? Why does everyone here seem to think that’s bizarre.
Because it is bizarre. Most normal people hang their towel on a towel rack after using it, and it dries in time for the next time they take a shower.
Washing your towel after every use is incredibly wasteful, and unnecessary. If the towel is "dirty" after you've bathed and used it to dry yourself off, then you probably should do a better job cleaning yourself while bathing.
Only true if you’re washing solely your towel. If you wash your clothes regardless, you might as well throw in the towel too. Why’d I choose to use a used towel when it can be washed.
What I suspect is that people here have massive washer/dryer combos that slurp oodles of energy, and use them only infrequently?
We can only fit one day of the clothes for the entire family in a single wash, therefore washing happens every day.
Since you wash your towels so excessively, I am going to assume you likely do the same with your clothes. If you cut down on the amount of stuff you "have to" put in your washer, you might be able to fit several days worth of clothes that actually need to be washed in the washer.
Sure, if you want to re-wear those sweat soaked shirts and pants you wore while it was 33 degrees celsius outside, be my guest. I’ll take clean ones.
Sure we could wash less if we really wanted to, but it just doesn’t signify. The washer uses like 40L of water over 30m of runtime and then it’s done. We hang the clothes (and towels) outside, and by evening everything is fresh.
The shower runs at about 10L a minute. I think you can see how the washing quickly becomes irrelevant, and the shower needs to be heated too, unlike the washer.
That actually makes a lot of sense. Big family + small washer = daily washes. Sounds nice, actually.
But on the other hand: If you didn't have to wash everyone's towels every night, would you still have to do laundry daily?
Bigger washer/dryers are not necessarily more wasteful, for what it's worth... it really depends on their efficiency (both for water and dryer heat). Sometimes doing it in bulk all at once can save water/energy per item even if it uses more overall. And newer machines tend to be a lot more efficient than older ones, especially if they are load-sensing front-loaders. Anyway, that's not really the point.
It's just interesting that your laundry patterns are different than anyone I've ever known. Thanks for explaining, that's all :)
What do you mean? If you hang them on the towel rack, they dry (mostly) and can be reused. They do get gross after a while (a week or two) but not daily.
Do you really wash your towels after each use? Why? How?
How?
Presumably the same as everyone else, by putting them in the washer.
Are there people who do laundry daily? Most people I know do it every week or two.
Regular people don't change towels every day. That's probably reserved for people with a phobia, the real solution there is to seek help though.
They don't have the thing anymore that you can leave the towels on the floor if you want them changed?
No, that has been replaced with the thing where you leave the towels on the floor if you don't want to have usable towels the next morning.
I hate the new thing
Most of them still have signs up that if you leave the towels in a particular place (like on the floor in the bathroom), they'll replace them.
Hell, a lot of hotels were doing that before the pandemic. I thought it was a really good thing. I certainly don't need my towels replaced every day; that's just pointless and wasteful.
Sorry I’m from the UK. Do you mean if you leave the sign for cleaning they don’t clean the room? Or if you leave no sign they don’t clean the room? Or they just never clean the room if you stay for more than one day?
Thanks for clarification
I have never seen a hotel which wouldn't do housekeeping every day.
Haven't been to the US though...where is the connection to COVID?
During covid, many (most? all?) hotels stopped housekeeping while you were there. They would only come after you've checked out altogether. If you needed additional supplies, you'd go ask the front desk for them. Sometimes the rooms would also be staggered (nobody else would be there for a few days after you, in case the virus is still lurking)
After covid, many hotels never fully returned to daily housekeeping, often opting for every other day or so. Some still don't offer it until you check out. Guess they rode the covid coattails for the cost savings.
I travel 6-7 times a year and I think every hotel I stay at does daily housekeeping service. Only in the USA have I encountered them not doing it.
That's simply not true. I've stayed at PH, TI, and the Venetian over the last 3 years for conferences and personal travel, I pass on housekeeping the whole week, and there have been no security checks like you describe.
How would you know, unless you were in the room the whole time?
They might have stayed in the room the whole time. Or implemented one of many surveillance tools. Use your imaginator.
Use your imaginator.
I use my imagination. The most likely answer is that there was a check and they haven't noticed because they were out and about.
Never heard about the crispy snack under the rug or any of the other hacks people to detect of people have been there?
I heard of many things. There is an infinite repertoire of possible techniques how they could have verified that nobody entered their room. Ranging from the low tech (dust, crisps, hair stuck to the door frame, filling the room with angry bobcats), through the social engineering (befriended the head of security who told them), to ultra high tech (lidar triggered camera array reporting to a satellite ).
On a balance of probabilities without hearing more on how they specifically verified it I will still assume the alternate hypothesis. Which is that someone on the internet is very sure about something and they are wrong.
It is not due to a lack of imagination. Or because I haven't heard some cool spy trick you have heard about. It's because I find it (in the absence of other information) the most likely explanation given a lifetime of observations about human nature.
Personally, I don’t believe they check every room every day for the simple reason that no hotel is going to pay (or properly supervise) the manpower required to actually do that, unless they really have to. Which even the most paranoid of them would realize was unnecessary after a month or two.
C’mon.
These are the same people that started to not change linens or provide new clean towels unless you ask (or infrequently) for ‘environmental reasons’. (Aka profit margins)
And yes, back in the day it was normal for housekeeping to clean every occupied room every day, unless you told them not to. Unless you were in a roach motel or something.
Crispy snack under the rug is a new one for me but I like it
So you used the same towels an entire week? How did you not run out of TP and soap?
I don't understand why you would not want them to clean your room as it's included in the price.
Are you not aware you can ask the front desk for more TP, soap or whatever the hell you want?
Whats the catch?
Er, what? You swap out your towels at home more than once a week? That seems pretty wasteful water- and electricity-wise.
Most hotels I've stayed at give you at least 2 or 3 rolls of TP, and while the soap bars they give you are small, they last more than a week, easy.
You usually get 2-3 full sets at a hotel for towels. You swap towels more frequently than once a week?
Most hotels stock at least two rolls of toilet paper too. I’ve personally never run out of toilet paper this quickly.
I also stayed at Planet Hollywood with no housekeeping, although I wasn't around during the day to determine if there was an inspection.
I'm white, blue eyed and speak without an accent but I do have friends of shall we say Mediterranean complexion who have run into problems with hotel security.
It's all in the small print too which nobody reads (these hotels have legal advisors).
I think your post contradicts itself. It sounds like they "do inspections" every day of the year.
Since the festival shooting Vegas hotels have a policy of entering every room every 24 hours
so now they do inspections when BlackHat/DefCon is in town because they don't trust their own tracking systems
What's the difference between these two statements? It sounds to me like the only point is that they have a manual ledger to track inspections, which is probably for the best, given that any would-be domestic terrorist would surely know how to use Google and find this information too.
What's the difference between these two statements?
One describes the policy. Which is what they want to achieve. They want to achieve that a hotel employee checks on every room every 24 hour.
The other describes that they don't trust their usual implementation during BlackHat/DefCon.
which is probably for the best, given that any would-be domestic terrorist would surely know how to use Google and find this information too.
The whole thing provides probabilistic protection anyway. (Also known as a security theatre, if you want to be uncharitable.) A determined attacker will appear as a model hotel guest up until the point they want to attack. Then they wait until housekeeping is done with their room and move their weapons in the room only after. Hotels are full of people moving luggage around at all hours so this won't be suspicious to anyone.
The policy will probably catch some would be attackers (the dumb ones). It will also probably uncover a lot more drug overdoses/suicides/murders/sudden heart attack victims, several days earlier than they would be uncovered otherwise.
I bet that for every Stephen Paddock found there is at least a hundred "oops this room has a dead person in it for some reason".
One describes the policy. Which is what they want to achieve. They want to achieve that a hotel employee checks on every room every 24 hour.
I find it puzzling how you (and all the other commenters here) accept this rule like sheeps. Normally, you US citizens cannot stop boasting how the USA is supposedly "the land of the free".
So don't take this personally, I'm replying to this as to all the others that appear like they find it totally normal that some security guy or hotel cleaning can enter a rented room. Every 24 hours, or at all. It's not normal. And IMHO not even needed / helpful.
No 24h check will ever hinder a mass-shooter. The criminal would just wait until room cleaning made their job, then go to his car and get the big suitcase with all the guns and ammunition one can buy entirely too easy in the US. And then he can shot from his room, minutes after this compulsory do-nothing 24h "security" check.
Here, were I am (Germany), things are completely different.
First, it's not so easy to get weapons. Not even at gun exhibitions. That in itself helps tremendously getting a less violent society.
Second, here we have the right, upheld by courts, that a hotel tenant can make the hotel not enter his room. A "do not disturb" sign is everything that is needed. If you want, you can look it up under "Frankfurter Landgerichts aus dem Jahr 2009 (AZ 2-19 O 153/08)".
Sure, there are other rulings that landlords (including hoteliers) have under some circumstances the right to enter a property they rented out. Like fire, or water pipe broken. Actual, imminent danger. Not hypothetical danger! But they even cannot get a general "you can always enter" term signed, that would be null and void over here.
the USA is supposedly "the land of the free".
The more free private entities are from government oversight, the more carefully they have to read contracts. For example, even the US is not quite so free as to allow people to sell their organs. If it were, citizens would have to carefully read room rental contracts at hotels, to make sure there were no conditions which included forfeiture of a kidney.
(FWIW, I'm now living in Germany, and it's significantly more relaxing with a bit less freedom. There's definitely different tradeoffs which make more sense for different people).
Could you explain '...relaxing with a bit less freedom'?
The most illuminating example is, unfortunately, in a controversial area; so please take this as descriptive rather than normative: Back in my city in America, when I heard a loud bang in the night, 4/5 of the time it was fireworks or a car backfiring, and 1/5 of the time it was gunfire. I found an expended 9mm round while walking my dog one morning. It wasn't even a particularly dangerous city, by American standards; but every year I had a 3/100k chance of being killed by gunfire; even accidentally, even while just sitting in my living room.
Here in Germany, I'm not magically immune to crime, but the base rates of gun crime are so low that I never worry about loud bangs. That comes at the cost of the freedom granted by the Second Amendment in America.
Another, slightly less salient & serious example: Germany has strict laws about public photography. Take a look at any "embarrassing pratfalls" or "annoying Karens" video reel: They may be US-weighted, but they come from all over the world--but not Germany. The lack of freedom to document the people around you on video trades off with the security of knowing you can slip on a banana peel without being known worldwide as "the banana peel guy."
you (and all the other commenters here) accept this rule like sheeps
What do you mean "accept this rule like sheeps"? Do you expect violent resistance? Do you want to sue someone because a security guy poked their head in the room for 30s? How would "I do not accept this rule like sheeps" look like in your opinion? How far would you go resisting it?
you US citizens
Wrong assumption.
So don't take this personally,
I won't. Clearly you don't know anything about me.
appear like they find it totally normal
I can explain what is a fact of life (they have this policy) without expressing my opinion about it.
No 24h check will ever hinder a mass-shooter.
As clearly stated in my comment.
The criminal would just wait until room cleaning made their job, then go to his car and get the big suitcase with all the guns and ammunition one can buy entirely too easy in the US. And then he can shot from his room, minutes after this compulsory do-nothing 24h "security" check.
Yes. Exactly this is described in my comment.
that would be null and void over here.
Thank you. Interesting addition to the conversation about how it is in Germany. Different places have wildly different legal norms and expectations.
For me it is hard o get upset about this either way. A hotel is a different type of arrangement than renting.
https://x.com/d0rkph0enix/status/1822814018643374260
The protocol for non-DefCon rooms:
* Housekeeping services the room.
* If housekeeping was unable to service the room, security will come take a look.
The protocol for DefCon rooms:
* Security comes and takes a look no matter what, and is, from reports, particularly invasive.
I don't know what's worse in that thread:
* They have to visually inspect upwards of 1000 rooms every day looking for vaguely electronic looking things
* They have to use Microsoft Teams
Poor Hilton employees...
And to think that they never included any of this in Hilton Garden Inn: Ultimate Team Play...
LOL, I can't believe that was a real thing... https://en.wikipedia.org/wiki/Hilton_Garden_Inn:_Ultimate_Te...
I think they mean that cleaning services will passively do inspections, but past cons have marked their rooms as being already cleaned in their system. They do manual inspections during Defcon because they can't rely that cleaning services have gotten to their room.
This is has nothing to do with the behavior in question.
Sure it does. The reason they do security sweeps is because they don't trust the attendees. Normally they mostly leave it up to the housekeepers. They only do sweeps when big conferences with known "tech nerds" are in town.
That’s not the behavior that’s in question.
What then is the behavior in question?
One theory is some kind of attempt at getting rid of people as fast as possible, because they sold the rooms for "too cheap"?
(Not GP)
That’s the explanation for the behavior not the behavior itself.
They had that rule, every 24-hour room checks, for a few years after the Mandalay Bay mass shooting in 2017. Since Covid they removed that rule and don't do the room checks every 24 hours, unless, I guess, they really want to do it.
Room service counted as a room check so security only did it if you refused room service.
Why does DEF CON have to happen in Vegas? I can understand staying after Caesars Palace abruptly terminated their contract, but in future years, is there any real glue that keeps people there? I mean supposedly this is one of the most paranoid groups of people congregating in one place. Wanting hotel room privacy should be something that should be factored into the venue-search in-general, right?
Are there any huge advantages to staying in Vegas? Why not another city, perhaps with negotiated privacy for rooms at choice hotels?
Las Vegas has a uniquely scalable infrastructure for conventions. Lodging, restaurants, meeting spaces, entertainment.
Surely DEFCON has more limited attendance than any number more mainstream conferences.
Search results are saying that defcon sees some 30k people. The 2023 Chicago Auto Show had 300k. Major city with all the amenities.
https://www.chicagoautoshow.com/the-2023-chicago-auto-show-c...
Does the Chicago Auto Show host 300k people on a single day?
Nah, it’s about 30,000 per day for a week a half.
The Mccormick center is also hosting the DNC. (Alongside the United Center)
It's very capable to handle large conferences and does throughout the year.
There are other US cities that can support a convention DefCon's size.
Historically, Vegas had a cost advantage. I don't know if that's still the case.
Orlando could probably handle it, but DefCon seems a bit off-brand for Disney.
I agree that it's probably the best situated for that, but most conferences don't need the best.
Let's look at San Francisco. A city that is not as well-suited for conventions as Las Vegas. Dreamforce (Salesforce's annual conference) draws 40,000 people. DEFCON drew 30,000 this year. DEFCON could easily be held in SF. I'm not suggesting they'd want to or should move to SF, but it would be... fine.
As someone who (very) occasionally goes to conferences, Vegas is fun! I get that. I enjoy Vegas, at least for a few days before I get sick of it. There are good restaurants and shows, and virtually no puritanical laws around alcohol consumption like you find in nearly all other places in the US. It's a 24/7 city, the only one in the US. I see the appeal. (And also get why many people dislike it, largely for the same reasons many people like it.)
But c'mon, there are plenty of other US cities that have the infrastructure to support a conference like DEFCON. Conference organizers pick Vegas because they like it, not because other cities can't support them.
They've stated the reason: Vegas is the only true 24/7 city in the US.
You can get more things at more hours in NYC than Vegas.
Except hotel rooms. NYC is infamously short on hotel rooms these days, and what few they have are horrifically high-priced.
Why can't they just move these conferences out of the US? Dmitry Sklyarov was arrested at one of these Vegas hacker conventions, in case people have forgotten after all these years. There are many other countries where these conferences could be held, and where all this security BS isn't much of a factor.
there is a shit-ton of hacker cons outside of the US, the most famous one being the CCC (Chaos Computer Club Convention) in Leizpieg/Hamburg, Germany just before new year's eve.
You mention Dmitry Sklyarov but more recently Marcus Hutchins (MalwareTech) has been also arrested by the FBI following its appearance at Blackhat or Defcon
Nyc has a hard shutdown at 4am. By law. With most things shutting down at 12/2. Especially post-covid.
If you're going to make such a wild statement where the laws are against you any any Google search of hours is against you, you've got to give a much longer and in depth explanation.
Vegas is a fantastic bang/buck proposition if you can stay away from gambling. It isn't that vegas has the absolute best of everything, it's that the average in vegas bests everyone else's mid-high end options.
Also understand that, the conference, no matter which conference mind, is half the draw, the other half is being in vegas itself. Move it elsewhere and it'll be much, much smaller for that reason alone.
With all the lines at def con, is it really a bad thing to be smaller?
BSides, BlackHat, and DEFCON happen yearly on the same week in August in Las Vegas, and many people attend more than one.
I would be happy if the location or date of all 3 changed. The peak temperature outside was around 110° all week this year.
Because August was historically Vegas's off-season, being a bajillion and a half degrees outside, and they could get a good deal on conference space.
The surface of the sun was booked.
Also, it’s always been in Vegas, so there’s inertia, and part of the draw is the attendance synergy with the rest of the hacker summer camp events like black hat, bsides, and others. There’s no good reason to change, and a lot of good reasons to stay.
I wonder what happened in the past to create these policies. Seems like some crazy things.
They outright don't trust this group. Property damage?
What happened in the past was the 2017 Las Vegas mass shooting [1] - the deadliest mass shooting by a lone gunman in American history. It was conducted by shooting out of a hotel room window. The shooter had 24 guns and over a thousand rounds of ammunition in the hotel room - which went unnoticed partly because the guest put up the 'do not disturb' sign.
The hotel owners have presumably decided that the high-probability-minor-damage risk to their business from a few paranoid types avoiding their hotel is not as great as the very-low-probability-enormous-damage risk from a copycat mass shooting.
And so, ignoring the do-not-disturb sign and snooping on guests' rooms is the norm in Vegas these days.
And if they happen to have a large block booking of particularly privacy-conscious people and so a noticeable fraction of the rooms are declining maid service, I can understand why they'd want to be ready to carry out some supplemental checks.
I aee a lot of disagreement here. It's not that it's specific to DEFCON of "hacking equiptment". It's that the prior attack has given hotels the will and potential legal cover to do room checks/searches. They can now apply this to anything, such as "hacking" equiptment, guns, hotplates, etc. There are even examples of hotels handing over property from rooms or valets to law enforcement without a warrant.
There are even examples of hotels handing over property from rooms or valets to law enforcement without a warrant.
Do you have evidence of that happening?
Here's one where they handed over a key fob.
https://www.nytimes.com/2018/10/07/travel/when-guests-want-t...
I would expect any hotel to do the same under the circumstances. Here are the details of what happened:
https://storage.courtlistener.com/recap/gov.uscourts.dcd.187...
Update: I just found that his license to practice medicine in Pennsylvania was reinstated in 2022. Interesting. I hope he is doing better.
You asked for an example and I gave you one. If this was an expected outcome, then why ask for the example?
If this is true then why does the hotels list of what to search for include USB drives, breadboards and wifi routers, not guns?
And defcon dates? That shooting wasn’t during defcon, if I recall correctly..
The guns are on a separate list for an existing protocol. This is just an extention, probably temporary and only applied to DEFCON guests. The point is that the prior attack has chance how the industry views room privacy vs guest safety (liability) for any type illegal activity (even if there's no indication the tools are being used illegally).
I fail to see how this is relevant for DEFCON specifically. If this was a general policy sure.
A small number of Walter Mitty types believe hotel maids are planning to hide undetectable snooping devices inside their electronic devices - a so-called "evil maid attack" - and so choose not to have their room cleaned.
In the normal operation of a hotel, such guests are uncommon - but I expect defcon attracts several orders of magnitude more such people.
Perhaps DEFCON should be hosted in a safer country :^)
I wonder what happened in the past to create these policies. Seems like some crazy things.
Caesar's Palace and the MGM got hacked.
+1
There's always the chance of some idiot who thinks they're going to take down society with nmap and metasploit. The hotel's safe, but I'd be worried about some other legitimate customers getting mixed up in it.
Though I also really don't want to be the one reviewing reports from housekeeping. "Yes, that's a laptop running hacky stuff, because it's a speaker rehearsing slides. Not a visually identical laptop running visually identical tools against slightly different numbers."
I think this was in response to the shooting a few years ago where the shooter put his DND on for days and had his guns and ammo out all over the room.
I’ve had “room checks” at many hotels since then and they said it was for security purposes.
I posted it above, but it's a combination of the festival shooting and DefCon attendees hacking the maid tracking system to make it look like their rooms were cleaned/inspected when they were not.
1. It is not daily room searches. It’s daily room checks by the cleaning crew even when asked to not disturb.
2. The policy is for the cleaning staff to scrupulously applies the usual policy with more attention than usual and reports out of the ordinary things to a support group with IT and security, which seems, well, fine? They are hosting a large group of people specialising in hacking. It is indeed more likely that something fishy with their IT will happen then than at any other point in time.
The whole thing is just pretty much asking staff to be extra vigilant. There are plenty of precedents allowing me to suggest it’s a very reasonable and good idea.
The Twitter thread then quickly goes into crazy conspiratorial territory when they somehow think that the pictures shared imply search and seizure. Hotels never seize things and they don’t rummage through your stuff. The whole thing is about security getting involved proactively if they see things in the open especially if they are plugged where they shouldn’t be.
Still amusing to see people who spent their whole careers arguing about extra invasive provisions to shield against potential sometime fairly remote security risk extremely spooked by room checking - a fairly standard procedure in every hotel.
Edit: Downvoting me to death because you dislike what I say is not going to make it stop being common sense. At least, if you disagree, please have the courage to engage in honest discussion. Also please read the thread, 90% of the reply at the time of my edit are completely pointless because they didn’t bother checking what the hotel is looking for and prefer trying (and predictably failing) to look smug.
Well, when guests put the "do not disturb" sign on the door, hotels should respect their wishes, right? If I put that sign on the door and then find out that my room was entered nevertheless, I would also think really hard before booking a room at that hotel (chain) again, not because I had something to hide, but out of principle. Also, what are they hoping to find? An unlocked laptop with some kind of hacking software running? I don't think hackers worth their salt would be so naive (except maybe if they leave the laptop there as a "honeypot")?
[flagged]
HN guidelines
Please don't comment on whether someone read an article. "Did you even read the article? It mentions that" can be shortened to "The article mentions that".
[flagged]
You forgot " ... you didn’t bother reading."
No, that’s not how hotels work. Do not disturb is a courtesy afforded to you. Every hotel checks room regularly as a matter of compliance. You don’t notice because these people are professional. The truth is you are not a guest but a customer.
In the US? There are several countries where that would be illegal.
There are pictures in the thread you didn’t bother reading.
Apparently you need to be logged into X to see this. I did not see any thread under the post (a good reminder to use proper language when pointing such things out, the other person might not have seen there there is a thread).
Regardless, I am not a user of X so I won't be able to see the thread. Thanks for inlightening with some examples!
Hotels don't care about a laptop left around running. My guess property damage or simply disgusting room.
Or attempts to access any place not usually accessed. Wiring in general, but also questionable devices connected to networking or phone lines, if there is those around...
If the worry is IT issues, what’s a room check going to do? Are they going to report people for having laptops?
That’s not what these checks are for. These started in response to the mass shooting at Mandalay Bay, and they’re looking for an arsenal.
That... makes more sense, actually. But, if they want to prevent something like that from happening again, they have to take a look at every room in every hotel whenever there is an event going on that could be targeted - which, in Las Vegas, I think is pretty much all the time?
Yes, they do. The policy is not new. If you read the fine print you sign when you check into any hotel you will probably find it gives them the right to enter your room at any time.
After the Mandalay Bay shooting MGM settlesd an $800 million case. They were sued for negligence because had any employee just gone in the guys room they would have stopped the whole thing.
After that daily checks have been the policy in a whole lot of places.
Wrong. https://www.secjuice.com/defcon-hotel-security-fiasco/
2018, so as part of the same new security since the mass shooting.
Hotel security are also confiscating attendees lock picks, although we can kind of see why they would do that. The sight of a hacker with lock picks in your five star hotel must scare the bejeesus out of any security guard. But still, lockpicks are part of hacker culture and organizers are trying to get them back for you.
Its not just confiscating items that they can see in rooms, there are reports of hotel security going through attendees personal belongings too, they have very clearly been searching through suitcases, an unnaceptable violation of their guests privacy.
"Hotels never seize things and they don’t rummage through your stuff."
This absolutely happens today, although it is rare. Hotels have turned over a client's property from rooms or valet to police without a warrant. Some hotels will actually search your bags if you use their luggage room service. This started happening after the Vegas shooting and seems to be only a Vegas practice (or at least I haven't read articles on it happening elsewhere).
They are hosting a large group of people specialising in hacking. It is indeed more likely that something fishy with their IT will happen then than at any other point in time.
Yeah, and a daily room check will help with that how exactly? Are they going to take laptops away from guest? Flipper zeros? SDRs?
Sure, I'm certain that the cleaning staff know the difference between an nmap directed at your raspberry pi vs the one targetting the TV vlan of the hotel. smh
I was walking through resortsworld when a security guard started walking next to us. After about 50 feet, he demanded our ID, informed us we were on private property, and threatened to have us arrested for trespassing, all in the same sentence. The issue was that my colleague was one of the amateur radio VE for the ham radio village and happened to have his handheld with him. The guard was aggressive, entitled, and arrogant.
Yesterday, I poked another friend to see where they were at the conference. They were not at the conference. They were stuck at resorts world three hours after the conference had started. Their conference badges had been confiscated by security. The security team had tried to force them to throw them in the garbage, and for a while it appeared that security had thrown them away after they had confiscated them. It’s literally just a fancy gameboy!
This isn’t a safety issue, it’s deliberate, malicious abuse by a vendor who knowingly sold a discounted room block to defcon conference attendees and then, through persistent and abusive behavior, tried to force those customers to leave once they checked in. The issue was mentioned early in closing ceremonies as something that will be addressed with the vendor once all conference attendees have been checked out of the hotels. This wasn’t random room check for caches of weapons. It was not a safety search. It was luggage contents searches for the lulz, seemingly intended as harassment. Either they didn’t want us there in the first place, or they wanted the revenue for the rooms forfeited. This was not behavior in good faith and the specific acts that I witnessed personally and others whom I trust communicated to me that they had experienced directly, could only be intended as harassment or profoundly extreme incompetence.
For 20 years, I’ve stayed almost exclusively at Hilton properties when I travel, with the exception of Vegas for HSC. I’m almost certain to switch to another company after this, unless they issue a really, really, excellent apology.
Quit your BS excuses about how this was a legitimate safety issue. This was almost entirely limited to one hotel. Somehow another 10+ major hotels, including Caesars who non-renewed the conference contract, managed to not do any of this.
Edited for spleling.
From other reports, it sounds like hotel security was trained about hackers carrying the Flipper Zero. Maybe they thought the badges were something like that?
If the Flipper is what you worry about at DEF CON, you really did not understand it.
its hotel security though. they will not know what a flipper is apart from being a "hacking tool", and maybe they heard some other terms associated like "radio", "wifi", and whatever. They're just doing what they've been instructed to do to retain their job
yeah, their boss is the one I am mad at
The hotel general manger who probably spent less than 10 minutes thinking about how to differentiate ‘hacking tools’ from random electronics?
And that’s assuming they thought about it all, instead of just forwarding a vaguely remembered email.
Their conference badges had been confiscated by security. The security team had tried to force them to throw them in the garbage, and for a while it appeared that security had thrown them away after they had confiscated them.
I'd consider calling the police in a situation like this. "Officer, these men stole my conference pass, which I paid ($$) for, and they won't give it back."
Police in large American cities are not likely to be of much assistance in this situation. Assuming they attend at all, I would expect them to not understand the nature of the issue and probably proceed to make it much worse.
Then the cops will take some of your stuff, too
They won’t change their behavior unless it affects the bottom line. Time to lobby your corp travel departments to blacklist Hilton properties.
My understanding was that every hotel chain brand was basically a franchising operation. You'd probably want to look up the property owner and whoever was operating that specific hotel. They might own hotels of other brands which you'd want to boycott as well.
The irony here is that they have undoubtedly undermined their overall security posture in a meaningful way here.
Imagine singling out a group of people who previously had no ill will towards you for targeted harassment and that this exact same group of people also had the capability to fuck with you in unpredictable ways without getting caught.
This is literally the most fundamental 101 intel / LEO thinking of: means, motive and opportunity.
If I were them I’d be doing my best to make up for this starting with some serious apologies and firing whoever came up with this idiotic idea.
Time to email exec team
For instances where security gets that egregious, you may want to consider not just complaining to the hotel. Especially where people have an incident well documented, it may be worth filing a complaint with the state licensing agency. In Nevada, private security personnel and agencies fall under jurisdiction of the Nevada Private Investigator's Licensing Board (PILB). As a heads up, their website is a bit of a kludge to navigate through.
Annoying a bunch of black hats, there have to be easier ways to go out of buisness.
Unbelievable what the hotel is doing here, why would anyone stay there next time or in a hotel that is part of their company.
More images are included by the same poster at this URL, disclosing what the hotel considers hacking tools: https://x.com/d0rkph0enix/status/1822879409126162779
Seems like whoever drafted this policy has no idea what they're talking about given USB drives and empty breadboards are on here
I blame Hollywood, not the hotel staff. They can’t be expected to know what each and every stray circuitboard is/does. Not all circuitboards are bombs, but almost all modern bombs have circuit boards.
Anybody who gets their worldview from the movies deserves a big, hearty chunk of any resulting blame.
More and more I feel that most if not all people get a good portion if their world views from media.
I remember a thread, either Twitter or Reddit where quotes from the book Lolita was used as evidence that most/all men are scum and perverts....
I think most bombs are hand grenades or similar, and don't have circuitry as far as I know. Just mechanicals and chemistry.
All bombs contain matter, yet "matter" managed to escape the list. Perhaps there is a flaw in this logic?
Where are all the "modern bombs" you're talking about?
Since when is a soldering iron a hacking tool? When I saw that picture on the internet I legitimately thought it was a joke (similar to those magazines telling the parents to look out for "hacking software")
Having "unusual" technical skills.
You need to remember that America is stupid enough that working on calculus problems on a plane, is enough to delay the plane and get searched because the person next to you thinks you're a terrorist: https://www.washingtonpost.com/news/rampage/wp/2016/05/07/iv...
Wow.
(This comment was originally posted to another thread, but we merged it hither)
DEFCON attendees having mandatory daily room searches by conference block hotels - https://news.ycombinator.com/item?id=41222930
I guess they're trained that electrical engineers are the same as pedophiles.
Since these are apparently being done while people are out of their rooms, according to the article, what do they expect to find? Surely everyone planning on doing something malicious would leave their tools behind...
Also why aren't they targeting laptops? That's probably the #1 "hacking tool" in anyone's arsenal.
But, hey, I bet this looks great on a Powerpoint presentation to the board of directors.
> what do they expect to find?
Hopefully nothing!
But there was a 2017 mass shooting so they're looking out for travellers carrying fourteen AR-15 rifles, 1600 rounds of ammunition and 50 pounds of explosives.
IDK what the mentions of "hacking tools" are. But if I was running a hotel and I was hosting defcon, I'd give all staff refresher training on "don't plug in that USB stick you found dropped in the parking lot" and suchlike.
AR-15 rifles, 1600 rounds of ammunition and 50 pounds of explosives.
All of which can be fit into a handful of suitcases that staff are not opening to inspect. 1600 rounds of ammunition is not very much.
Wikipedia tells me "with help from hotel bellmen, he brought five suitcases to his room on September 25, seven on the 26th, two on the 28th, six on the 30th, and two on October 1."
I'm sure someone could perform a mass shooting without twenty suitcases.
But I can see how it would be embarrassing, from the hotel's point of view, that this guy set up the attack right under the noses of security, with bellhops taking twenty suitcases of guns and ammo up to his hotel room.
Sure, but the point is that now that a potential shooter knows that these daily inspections happen, they're not going to bring twenty suitcases full of guns and ammo. They're going to bring two or three suitcases full of guns and ammo, and still have enough firepower to do the same amount of damage the guy in 2017 did.
This is all just security theater. And like most security theater, it infringes on what should be legally-mandated privacy rights. But of course we don't have those here in the US.
Weird how their was no clear motive for the shooter, has that changed?
The cargo culting demonization of arbitrary components, devices, and supplies by people who believe hacking is unlimitedly-powerful magic is laughable.
Laptops will be next. And they will want to check the OS:
Linux=Evil Hacker.
Windows=Harmless Muggle.
Hope nobody tells them about WSL...
I think Mac OS is far more powerful than wsl …
I stayed at a hotel directly behind the convention center, no room searches...
Your room was certainly searched (effectively required in all the big strip hotels after the 2017 shooting) but those searches are mostly housekeeping crew phoning in anything particularly "problematic looking" during regular cleaning and a separate set of dedicated staff doing random walk-ins every day or other day (generally without touching anything) where they step in look around for 30 seconds and go to the next room. It's designed to be exactly the thing you never notice while you are there unless you don't leave your room.
Interesting! Except I put a game camera in my room facing the door. I couldn't even get fresh towels without calling 4 times. Maybe I was just lucky.
Same here.
Been using a little fake phone charger that's actually a hidden camera in Hotels for years now, and didn't see anyone come in.
Sure, its possible the maids are secretly 31337 h4xx0rs and noticed the device, pulled it, plugged it into their computers, deleted the video, and replaced it, but I somehow doubt it.
Per the image in the linked post daily room searches are mandatory for people staying on property who booked as part of the DEFCON room block
I’m not sure what the hotel is hoping to gain here, and the argument in this thread is very weird.
The argument for this in the comments below seems to be justifying this saying that the hotel is doing safety checks because of a prior mass shooting, which was unrelated to DEFCON, or that they’re looking for “suspicious networking equipment” which none of the staff is trained on how to go find let alone even identify.
Moral implication of do not disturb aside, this seems very poorly executed and meaningless. If the management of the hotel for some reason is paranoid and doesn’t like these guests, then don’t accept their business.
I noticed that a hotel I stayed at reworded their door signs to say “cleaning not required,” which seemed to me a sensible way to reframe expectations.
Legal obligations aside, how would a provider of public accommodation figure out who to refuse the business to? Do they size up guests at checkin to see if they look hacker-ish?
Is that more fair than a bumbling effort at deterrence by advertising your existing security policy, of casting eyes in every room every day—a policy you apply uniformly to every member of the public who wants to rent a room?
My understanding from some other conversation was that these rooms were sold as a discounted block to the conference; they knew it was going to be defcon people.
If they don't want to be an attractive lodging option for DEFCON attendees, maybe they shouldn't reserve a discounted block of rooms for DEFCON attendees.
The argument is this has been going on for a long time and isn't anything new or surprising. It's even happened at past events and has always been known to the organizers as commonplace. It isn't justifying the behavior, but attempting to put it into context.
They have to know the glorified mall cops doing such inspections have no ability to differentiate "hacking tools" from typical laptops and thumb drives (because they are the same thing).
So the real goal must simply be intimidation. Of course, given the audience, that tactic is unlikely to have the desired effect.
The flipper zero is pretty distinctive, but I think the folks who would go to these conferences would leave it at home in a drawer.
Nevada is one where I would avoid having a flipper with me at all.
https://www.toool.us/lockpicking-laws.php
1. Every person who makes or mends or causes to be made or mended, or has in his possession in the day or nighttime, any engine, machine, tool, false key, picklock, bit, nippers or implement adapted, designed or commonly used for the commission of burglary, invasion of the home, larceny or other crime, under circumstances evincing an intent to use or employ, or allow the same to be used or employed in the commission of a crime, or knowing that the same is intended to be so used, shall be guilty of a gross misdemeanor.
Having lock picks in your possession coupled with the circumstances that suggest you intend to use them would be a crime.
It wouldn't be a stretch to find someone with a flipper poking at things could run afoul of this law.
It is in the "a flipper is legal, but be very cautious having it... and if you were some place where you shouldn't be and had a flipper, it could make things worse."
Having lock picks in your possession coupled with the circumstances that suggest you intend to use them IN THE COMMISSION OF A CRIME would be a crime.
Having them with the intent of drumming up sales, or teaching use, is not a crime (based on the wording of the law you supplied).
Its not a "don't have it" but don't walk around with one and fiddling with it / sniffing / doing replay attacks."
The thing that you don't want to do is go walking down a hallway in a hotel (which are of course under video surveillance) and have a utility room door pop open.
Teaching people how to pick locks in Vegas isn't a problem ( https://youtu.be/J5t9uPnXemU ).
If you have a legitimate use - go for it. If its "I brought mine because I'm going to a hacking convention in Vegas" it is now a "think about if you really want to be carrying it around" - its more likely to borrow trouble and if you "accidentally" open up some place you shouldn't have access to, it makes things worse.
Easy fix: Just co-schedule the hacker convention with a furry con, then the hotel staff will think twice before barging into rooms unannounced...
I think the venn diagram of attendees is already overlapping quite a bit, that could be both good and bad
Yeah, I figure 1/3 of the attendees would book both cons anyway.
Being aboveboard about the evil maid... this can be a new pwning vector for the conference.
I wonder how many attendees social engineered their way into other people's rooms pretending to be room inspection goons?
(I wonder if the NSA collected a bunch of zero days by copying every usb drive their undercover operatives found in rooms while "employed" as hotel security?)
wonder how many devices they lost to devices like usbkill trying to copy other peoples random usb drives at defcon
Well I remember the times I went to (single digit) Def Cons. Cement in the toilet, sizable portions of the hotel lost power, haxors taking the event room doors off their hinges, those plotting to exploit the digital signage.
Vegas + hacker cons, everything one might expect.
As a more recent attendee, it's not like that at all anymore. The edgiest you'll get is some graybeard thinking they're "alt" and "punk" while advocating for checking IDs at registration and having quite literally identical political views to Brenda from HR. The attendees have overall been insanely passified, I presume a side-effect of the rapid growth and number of straight-lace SWE guys there because of their employers.
Even this year, you will be trespassed from the con for putting up _googly eyes_ and there are 4-6 different villages dedicates to "break-times" and inclusivity.
Probably for the best, no way a truly "edgy" and zany hacker con would've been able to find venues to host at nowadays anyway.
Probably for the best, no way a truly "edgy" and zany hacker con would've been able to find venues to host at nowadays anyway.
Best for business, perhaps. I stopped going several years ago when the conference got too soft. Yes, the antics were sometimes too much and it's understandable why SOME THINGS would need to be reigned in. For example, concrete in the toilets, flares in the elevators, windows getting broken, ATMs being hacked etc. 100% understandable.
The defcon today is completely sterilized. It's an extension of corporate culture in it's truest sense. There's no interesting things going on anymore. The noted "inclusivity" breakouts and villages are growing, the goons are more serious, the "hackers" are mostly Joe's From Accounting, etc. Part of the allure of old defcon was everyone was just a hacker. It never, ever mattered who you identified as or what you were. Can you hack? Great, you're in. Everyone serious never gave names and cameras were very seriously frowned upon. Oh, how the mighty have fallen.
If I'm being honest it's gone from the high point of my year to something I'm glad is just a memory for me. I went for ~15 years. It's sad to watch it turn into this sterilized "dont offend anyone or anything" after being counter-culture for decades. But, you either die a hero or live long enough to see yourself become the villain. I'm once again glad I didn't spend the money to go.
Is DEF CON still requiring IDs to attend?
Defcon has never required IDs to attend. They were requiring negative Covid tests in 2021, but that is no longer required.
Not true; DEF CON 29 required a valid COVID vaccine card with at least two vaccines listed, paired with an ID (most of us used our passports) to be given a little silver wristband before you got your badge.
and that year, the goons were searching for attendees without the silver wristband more closely than even attendees without a badge, they weren't joking around.
The "inspection" was reportedly carried out in a threatening and illegal manner that held attendees against their will and coerced them to give up private belongings.
The DA should prosecute the "security staff" for their illegal acts and make an example out of them. This is not the first time a hotel has done this, and they will continue to act outside the law until those responsible face felonies and prison time.
The DA should prosecute the "security staff" for their illegal acts
Ha ha. In _Vegas_? Not in this timeline. The DA is _not_ on your side in this fight.
That's okay. That's what the Feds are for when there is state-level corruption.
(When Spotting the Fed may actually also be useful.)
Undoubtedly some ‘security’ higher up trying to build their little fiefdom and expand their corporate influence. The absolute hilarity of the mere concept of this does distract me a bit from how invasive it is. Like, what do you think that you’re looking for? What’s cause for suspicion? They’re almost certainly just looking for large quantities of ‘computer stuff’ in a single room. Aside from like, large antennas, I really can’t imagine what correctly ‘looks’ sketchy.
What is the problem with having lots of computers in a room anyway?
God help them during Re:Invent.
This sounds common for Vegas conventions. The same thing happens every year at Venetian/Palazzo during AWS:Reinvent. They come by 2-3 times during the week.
The excuse I got is that they are trying to prevent another Las Vegas shooter situation.
Ahhhh....2nd and 4th amendments. As an EU people, I get it now...freedom. I guess I've been watching too many 1st Amendment auditors.
The constitution doesn't apply to things that happen between private individuals. I don't have to allow guns in my hotel, hate speech in my newspaper, or have a warrant to search people as a condition of being on my property.
The solution, as always, is to vote with your wallet.
Wasn't this a thing last year too?
Yes, they've been doing it for a while.
It's been an issue in the past, and the articles mention it.
why not actually, attend the convention, and learn how to perform security related procedure, rather than alienate the people most apt to help, and educate in the context of computer security.
start with learning what hacking is, and talk about "living off the land" using field expedient improvised tools and materials.
Sure, educate the mall cops about USB thumb drives.
DEFCON conference attendees have a history of hacking hotel room keys, property management systems, filling pools with bubbles and doing all kind of mostly harmless but annoying shenanigans in hotels they reside during the conference. The conferences have changed a lot but something always happens.
The right policy would be to always respect customer privacy and if they can't be trusted to behave, refuse them.
In this case, then, you feel that the right policy would be to deny them accommodation outright rather than accommodating them on the condition that you’ll glance in the room once a day?
Another fine upper management execution of the Politician's Syllogism [1].
1. https://en.wikipedia.org/wiki/Politician's_syllogismThe fallacy employed is even dumber than that: Ban or destroy all nerd magic wands and hacking happening anywhere and everywhere else in the world will stop.
Sounds DefCon has become an unpleasant conference to go to. Other conferences don't merit such scrutiny.
They could just meet elsewhere, in a different city. It's not that hard to book a hotel with a speaker podium.
Then again, you won't be able to gamble and get prostitutes elsewhere as easily..
Lol, that statement from Resorts World reeks of ChatGPT. They don't even know why they're doing what they're doing. I'm not sure if they even know what they're trying to do.
Someone in management is trying to look like they're getting shit done.
Fight back: 1) Get video of everything 2) Try to get video of their in room search 3) Get names of the security people and upper management 4) Share facts on line 5) The find the legal entity's ownership. Find out who. Publish 6) Put videos online 7) Warn all hotels and conference companies of this vendor. 8) Look for intel links. It may cost them far more in security and lost of future revenue for any revenue they gain this week. This is likely not done for more revenue. Look for other reasons it is being done 9) Publish all. Have fun with it.
So, they launch a mass Evil Maid attack against DEF CON convention attendees?
Remember this cartoon of some bloke standing at airport arrival hall with a placard "Mr.. bin Laden". That was before he was found.
He says seems as good idea as any.
Guess this too.
Room inspections are nothing new in Las Vegas, being the norm at many on-strip properties since 2017. In that way, the article perhaps misses the point.
What was new this year were many reports of aggressive, confrontational behavior by security at Resorts World specifically. In particular, there are quite a few stories of Resorts World security staff actively escalating confrontations and of calling over armed colleagues over resistance as minor as asking to see ID. This kind of thing is extremely worrying from a licensed security force with armed members, and suggests a serious defect in the training and security leadership at Resorts World. The problem was not room checks per se, it was the incompetence the people doing the checks repeatedly demonstrated.
I think the press may have been reticent to level accusations at specific resort operators, but I hope journalists will put some pressure on Resorts World. Do they normally mount this type of response to high-risk events? Who planned their handling of DEFCON? Are their security staff trained in deescalation? What is their policy on when and how trespass threats should be issued?
The overall feeling was that the Resorts World security department was exceptionally unprofessional and, through their confrontational behavior, made this into far more of a scandal than it should ever have been. Caesars security, by contrast, is downright militarized, but seems to have been far better trained and more graceful in their handling of similar situations.
Is the hotel/franchise aiming to become a target of hackers? because that's the right way to go about it
The Venetian conference rooms and suites were used to ‘hack’ a satellite last year during Hack a Sat Finals. There were no issues. It is right next to the Caesars Convention Center. I know this is a new venue so maybe they are a little trigger happy
Here I remember my first DEFCON (6) at the Plaza Hotel. Someone literally started a road flare on some higher floor, then sent the flare down to the casino level in the elevator, filling the floor with smoke.
I feel like the attendees these days are much less dangerous, but these searches seem ridiculous and over the top compared to any past year I can remember.
I don’t know much about Def Con but the drama coming out of this conference is really entertaining.
DEF CON should just permanently move to somewhere awesome like Santa Fe NM or San Marcos TX.
This was first talked about at the 2018 Defcon after the 2017 Las Vegas shooting, it seems exactly the same -
https://www.csoonline.com/article/566069/vegas-hotel-room-ch...
Disney also started a "Room Check" after the shootings - https://touringplans.com/blog/disney-in-a-minute-what-is-a-r...
The sooner we have "The Raven Hotel" the better, but until then I'm not totally sure what you can do? Know it will happen and keep guns and laptops in locked bags when you are not there I guess?
The man-children of HN are the first to cry when big corporations don't protect them, there's some irony this site is crying about it.
wtf are they hoping to achieve with inspections for thumb drives?
Find one with a convenient label on it that says Evil Plan?
I was just here a few weeks ago for the pure storage conference and never saw a single security guard (unless they were plain clothes maybe?). The majority of the building was near empty on the convention floor besides the pure storage conference. My experience was very different and its weird for me to think only a few weeks apart they went from practically no security to police state tactics.
The gun crowd gets upset about this, too.[1]
[1] https://www.firearmsnews.com/editorial/2nd-amendment-nightma...
Probably the most fun is almost all on strip hotels have access to lots of Ethernet cables in your room… maybe the VoIP phone, maybe an access panel in the closet. Maybe nothing in my network for windows users but you can start digging into vlan’s pretty quick
The obvious question is "would these inspections have stopped Route 91?" I strongly suspect that would have had NO impact. The guest was known to them, was a high roller, known to get comps, and used the service elevator over several days to load the room with weapons hidden in cases. All for the purpose of attacking a large outdoor festival next to the hotel.
The other obvious question is, did the people who "cyberattack" them do so from _inside_ their own hotel? Is there some reason to think simple visual room inspections are going to help prevent their networks from being attacked?
None of these are logical responses to the stated problems. They're just ways to reduce privacy with a very thin corporate liability excuse tacked onto the end of it. I don't trust that they can people safe, and I don't trust their motivations in deploying these "techniques."
I'd rather sleep in the tunnels with the homeless at this point.
I agree with you that it probably would not have stopped it, but Steve Wynn at the time was convinced his staff would have discovered him.
He claims they implemented policies in 2015 to enter and inspect all rooms after more than 12 hours of DnD. In other interviews he admits they "profile" everyone that enters their hotel.
https://nypost.com/2017/10/08/vegas-shooting-wouldnt-have-ha...
Its all about the security theatre.
If they really have "more cameras than anywhere else" and if that even mattered, then its already covered.
It would be orders of magnitude cheaper to put cameras in every single room, with a big sign saying this camera turns on every 4 hours with a big red light, and then if you cover it up a physical presence will occur.
Instead they go with: SHOW ME ALL YOUR USB DRIVES. Same shit as covid, if you make it normal for "officials" to touch and make copies of everything all the time everywhere, then there is no such thing as crime anymore yay
If the objective is to check whether anyone's hiding an AR-15 in their hotel room, presumably you have to check under the bed and in the closet and in the bathroom, which a fixed camera couldn't do.
Also I think the average hotel guest is completely fine with maids entering during the day when the room's unoccupied, but would not appreciate a camera in the bedroom, with or without a big sign and a big red light.
Why single out a rifle? Handguns are cheaper, concealable, and used in most mass shootings already. Demonize the actor not the tool.
“Why single out a rifle”? C’mon, man. The shooting being discussed in this thread would have been orders of magnitude less devastating with just a handgun, and you know it. Don’t make it a weird 2A thing.
The objective is not “make sure nobody in Vegas has a gun” the objective is “prevent a mass casualty event like the previous one”
Obviously the “tool” makes a difference, otherwise the tool wouldn’t have been used.
There are collapsible and even folding ARs. They wouldn't be impossible to get into a regular travel suitcase.
You don't need anything special - most of them can be easily disassembled, with most components fitting a purse, not even suitcase. The barrel probably would be the biggest one - it has to be 16 inches long AFAIK or the law is going to have questions (of course if you're about to commit a crime anyway, it may be not that big of a deal, but most places won't sell you an illegal firearm). Still will fit a standard carryon suitcase, or most common backpacks.
A rifle can be disassembled in relatively small components, and re-assembled in minutes. You'd have to do a pretty invasive and thorough search to detect it - and still, the criminal could just keep it in their car, which is not checked, and bring it in 10 minutes before the time, assemble it and do the deed.
sounds like someone needs to have USBKill amongst their drives for when these clowns try to check them.
So, potential future shooters will be limited to the number of guns that they can bring in to the hotel in 24 hours (or however many hours they have between the last inspection and their "event".) I'm sure that will help a lot.
I couldn't find the exact interview, but I distinctly remember Wynn saying they have devices that can detect guns in bags and on persons.
I found an interview where he just mentions "devices" amongst other extreme security measures.
- "Devices" at every entrance that the public can't see
- 40 Plain clothed, armed, former Marines trained specifically for guarding US embassy's at each entrance.
- Seal team and CIA agents that form private counter terrorism that have direct communication with FBI etc.
https://www.youtube.com/watch?v=ZkpTRYhFN9c
Video is from 2016, so tough to say how much of that is or ever was implemented. The NYC subway is just now piloting metal detector type devices which are poles which detect "signatures" of common items and weapons. I have no idea how often these detect weapons or false positive on a laptop or lacrosse stick, and the press has not been interested in the science of it so far.
He had 10 guns and thousands of rounds of ammo. Killed 60+ and wounded 400+. Yes this would be a fraction but still possible to cause a lot of harm in 24hr.
Eh, I guess I'd trip flags there. I typically put up the DnD on checking in at a hotel and leave it up until I check out. It's not a principled stance or anything, I'm just never staying for an amount of time (i.e. more than a week) where I'd need housekeeping services so figure I can save the housekeeping staff some effort and save some water.
Yeah, same here. I'm happy to save the housekeeping staff some time and effort for something I don't really need, and I just don't like people coming into the room while I'm gone. Including security-theater room inspectors.
“ Authorities have said he brought 23 weapons in 10 suitcases into the room and set up cameras inside and out to watch for police closing in on him.”
If they are looking through everyone’s rooms I would hope they find this now as he took days to get all of the guns and ammo up to his suite. I am not law enforcement and can’t say for sure though. The US has done a lot worse in the name of terrorism (I believe this was a terrorist act).
Why did he need 23 weapons? Seems like someone could have done just as much damage with one weapon and a bunch of ammo. I feel like it would be pretty trivial to bring a couple luggage cases in with that, plus some cameras, without hotel staff being suspicious, especially if you didn't bring any "normal" luggage with clothes or toiletries or the usual stuff people bring, to keep the total number of luggage pieces down.
Hotel staff certainly wouldn't find that with room inspections; they'd just see three or four pieces of luggage, which shouldn't raise any eyebrows. Then when the shooter decides to get started, they take everything out of the cases and set things up.
Like... this isn't rocket science. The only kind of room inspection that would actually stop these kinds of attacks would be if they do room searches, including opening and going through people's luggage. But I hope we can all agree that would be a huge invasion of privacy that no one should accept.
Of, course the actual way to stop -- or at least drastically reduce -- these sorts of attacks would be much stronger gun, ammo, and accessory controls. But of course the mouth-breathing 2A crowd (including most of SCOTUS) think guns are more important than people's lives.
Guns overheat when a large volume of ammunition is discharged in a short amount of time. *edit for grammar
He did this in broad daylight. The guns were disguised in cases. He used the service elevator with staff help. In one case the staff helped move his guns on a rack.
If he leaves the guns in the cases it just looks like he has a lot of luggage. He had a huge suite. If it didn't look odd to them in the first place I can't imagine how it would in retrospect:
https://www.youtube.com/watch?v=uci5Ar2HFr0
I believe that is why the policy we are discussing changed.
of course they wouldn't have, but if they don't change their policies at all, they have 2 new problems: some patrons will perceive your property as not taking security seriously if other hotels have "beefed up security" while yours doesn't. Secondly, if there were another shooting, even if it wasn't nearly as big as the Route 91 massacre, in court they could point to your lack of doing anything whatsoever "in the face of the nations worst shooting".
Is it not possible to create new policies that are effective while not compromising the privacy of your guests?
not really, no. I'm sure they considered everything, like having airport-style security to go up to the rooms, which is even more invasive. This way if there is another incident they can point to their policy and say "see? we inspect every room every 24 hours. We can't have a security guard in every room, but we at least tried"
Likely, if there were another terrorist (which is not very likely, they usually don't repeat the same thing over and over) the housekeeping would report something weird, and then somebody would file it somewhere, and would sit on it for hours if not days, and then when the shit hits the fan, everybody would trade the blame and claim it wasn't their job to do something about it. I mean, the US Secret Service works this way, do you expect hotel security to be better?
Yes because nobody can sue the Secret Service for billions but they successfully got $800m out of MGM for that incident.
This policy by itself: perhaps not. He did skip a room cleaning one day before the shooting, but he quite probably could have worked around one if he knew it was coming as a matter of policy. It is, however, just one of many changes made, all of which in concert (no pun intended) would make something like that at least significantly harder to do.
For instance, he had bell desk bring 22 large suitcases to his room over a few days. That's a huge red flag that would not go unnoticed now (and there's likely some procedure about logging/reporting since then). Prior to that event, nobody logged or even paid attention to such things. When you work with whales in Vegas, you just get used to eccentric rich people being eccentric rich people. Now you're at least aware of threats from people posing as them.
It is absolutely astonishing to me that Americans call their country "the land of freedom" while at the same time their society keeps on producing more and more bizarre ways to control the citizens, paralleled only by communist regimes. Usually when I try pointing this out they act confused and explain to me that I'm misunderstanding their idea of freedom. "You know what, no adult can be trusted to be left alone in their own room for 24 hours, the official policy is to make regular inspections" turns into "the hotel has freedom to check on their guests, if you don't like it you're free to go to a different hotel (closest one is 10h drive away)"
Some pretty bizzare things happen at UK airport security.
Our government is currently trying to use the recent riots as an excuse for even more surveillance and censorship.
The arguments include "the rioters used social media". That is one reason its going to be easy to catch them. They themselves were posting photos and videos - self-surveillance.
what’s the alternative? treat the use of social media to create a country-wide fascist mob as a normal occurrence?
The "alternative" is to arrest people who commit violent crimes, not people who write provocative messages.
Unfortunately for the recipient of the violence, we can't bring people back from the dead, or unslash their faces with machetes, so not everyone's gonna be on board with your alternative.
Violence actually being followed up on would have a deterrent effect though protecting subsequent would-be victims.
You are framing it to sound very scary when its a short lived breakdown in law and order. A lot of people involved were not motivated by any particular ideology, but were just taking the opportunity to do things like looting. There is nothing that I can see in fascist ideology that motivates people to loot a Greggs.
It is very much what the media are doing: one local news website compared what happened in their town to Kristalnacht when what happened was 12 houses had windows broken and some cars were vandalised. Nasty, but hardly a fascist takeover.
On the other hand, the media do not balance it with equally wide reporting of things such as local builders doing free repairs on mosque in Southport, or the far larger crowds that turned out for counter protests.
Crime IS a normal occurrence. Riots will happen. You should not compromise human rights to deal with it.
There are blatantly racist social media posts - FB is infested, and I agree showing such posts so widely (no doubt because they get high engagement because people feel impelled to disagree with them) shows FB in a bad light.
One alternative is using the huge footprint people have left on social media (to say nothing of phone location data) to catch the people involved.
As a brown British person the riots have not caused me any great concern (contrary to what some posturing politicians may claim). Yes, it might be different if I lived in an area very close to where a riot occurred, but most people do not. I still think the UK is a lot less racist than the other countries I have lived or worked in, or no anything about, and a lot less racist than if was when I was young.
Check into a hotel room in Idaho and this won't happen. Check in to one of the hotels in the city who makes its money on tourism where the worst shooting in the US occurred and here we are. We are talking about 5 Miles of Las Vegas Blvd.
The fact that it can happen at all, anywhere, even on just 5 miles of Las Vegas Blvd, is a stark reminder that the US has very little in the way of legally-mandated privacy protections.
Mass shootings happen because the US has one of the most-armed citizenry in the developed world, and because we have ridiculously backward views about how easy it should be to put deadly weapons in the hands of anyone who wants one.
Daily room inspections are not going to stop any mass shooting where the shooter is aware of the inspections. The 2017 case was egregiously bad, certainly, with the shooter able to bring an insane amount of weaponry up to his room. But he could have been just as deadly with the contents of two or three regular-looking suitcases, something that wouldn't have raised any red flags during daily room inspections.
It's security theater, plain and simple.
There hasn’t been another mass shooting on the strip in the following 7 years and this policy makes the scale much harder to replicate. I don’t know if this policy is responsible or what else is being done but to dismiss it as security theater seems too easy. If it is a deterrent, it is working and if it limits the scale of a future attack as mentioned I understand the policy.
I'm waiting for the introduction of anal cavity checks. Someone could be smuggling a grenade in there!
that’s quite the obsession for the word anal, isn't it?
You sure you're allowed to post this? You better double-check with your department of censorship.
Remember that you're also free to open a hotel that doesn't have this policy and there's plenty of cheap land to be had very near Vegas. If you're right that this is something people want then it should be quite successful, maybe it can host the next DefCon. That's the American way to solve the problem.
Additional regulation generally yields less overall freedom.
Yeah I can't imagine ever willingly going there (eg unless my work forces me to). It's a very curious choice for a community with so many privacy activists. The shooting excuse for the inspections is stupid. Anyone could walk in and set up in 10 minutes.
"the shooting excuse" implies that the hotels have some ulterior motive for wanting to enter rooms at least once per 24 hours?
what motive would they have that is so important that they insist on spending money on low skill headcount to enter thousands of rooms per day?
honestly i'm struggling to sort out what scheme they're running that makes this headcount investment worthwhile.
95% of these rooms are being cleaned anyway by low-wage staff. The added 5% is such a small percentage.
But the shooting excuse is an excuse because they're not even liable for this. Any idiot can do the same from their private apartment. A mass shooter has no survival expectancy anyway. They can just rent a private flat and do it. Or they can just rent a room, bring their guns in and start shooting during the first day. It doesn't actually solve the problem at all. Only 24/7 video surveillance would do that which is obviously untenable in a hotel. Or strict gun controls which is why this isn't a problem in Europe but the US just can't get that into their heads.
The other reason I consider it an excuse is that in this case they are not causing hassle about firearms but about technical devices. Nothing to do with shootings at all. If the motive was purely looking for guns they wouldn't be harrassing unarmed defcon visitors.
I don't think they actually care about shootings but that it's dumb security theater to make customers feel safer which they probably see as a monetary benefit.
Knowing this now I definitely will refuse to visit Vegas even if my company tries to send me there on a business trip. Although to be fair I kinda have this policy already for the entire US because I'm not willing to give up my devices or my social media accounts to border patrol either.
https://www.nbcnews.com/news/us-news/court-approves-800m-set...
A settlement is not admission of liability. It's done to avoid a determination on this. But I think it's ridiculous that they even tried to sue the venue.
Some knowledgeable lawyers must have concluded that there is a likelihood of some liability (whether rightly or wrongly) to result in willingly parting with $800M. So in practice, there is liability.
Or that the court case would end up costing that much, or that staying in the news because of the court case would end up costing that much. There's plenty of costs besides just what the actual judgement might end up being.
In the context of this discussion, there is no reason to distinguish liability from the judgment itself, or liability from legal costs of preventing the judgement.
The liability in this context is money leaving the business’s pocket due to performing or not performing X action, regardless of who the money goes to.
The motivation could merely be a desire to capriciously wield power over others. You see this in physical security careers from mall security up to actual law enforcement. Plenty of people get into these security-related roles simply for the ability to unaccountably bully and intimidate others, and will eagerly do so if given the chance, regardless of monetary cost or reward. I wouldn't be surprised if a hotel security apparatus were in favor of being allowed to enter rooms at will just because they want to.
Finding dirt for blackmail ? :)
I expect privacy in any home where I live, whether it's for a decade or for a day.
When the door closes, it's "my personal space" for the duration I paid for.
Of course, now Vegas begs to differ.
Then you must not rent your home. I've lived in rented apartments my entire adult life and while not daily inspections, everywhere I've lived the management has mandatory inspections every few months to check on fire alarms and other maintenance issues as well as making sure residents aren't violating policy by having more than two pets, trashing the apartment, allowing roaches and other pests to fester, etc. It can be annoying, but if I don't own it, it's not really "my" home.
I’ve been a renter my whole adult life and never had an inspection like that.
Same here. Landlords do inspections when moving out. Maybe they come, with notice, once or twice a year to repair something or show the place to potential buyers.
I have had one. Just one over several years though.
In the UK. The law requires notice.
Landlords are legally obligated to give 24 hours of notice, if not multiple days of notice, depending on jurisdiction.
And they can’t come do inspections day after day.
These aren’t landlords and notice is typically given as part of the room registration process. That’s not the behavior in question.
That's not even remotely the same thing at all. In the US, a landlord (or their agent) cannot legally enter a tenant's unit without 24 hours notice (or more, depending on local laws), unless there is an emergency. And for the non-emergency visits, the tenant has the option to be present for the visit. That is completely unlike a hotel doing random daily room inspections without your knowledge or presence.
Yes, a property you rent is your home. It's not your property, though.
I feel I have privacy in my home here in the Las Vegas suburbs. Surveillance stops at the strip for the most part. But the strip is not “home” for anyone I know and I would never call a hotel * stay at anywhere home. Strangers have access to your room at all times, that is why they provide safes.
Strangers have access to hotel rooms at all times, but the expectation is that they'll only enter for agreed-upon reasons (like daily housekeeping, if you don't put up the do-not-disturb sign), and emergencies.
The safe is there because they acknowledge that quite a few people have access to the room and they can't be 100% sure that all their employees are good people who wouldn't steal, even if they expect them not to. Not because they intend to send randos into your room at all hours of the day.
(And it's not clear how many employees have access to override the locks on the in-room safes... I've always thought of those safes as borderline security theater.)
I wouldn't call a hotel stay "home" either, but I expect the privacy situation to be only slightly weaker than an apartment rental.
Hell, I own a unit in a condo building, and our building insurance requires annual inspections of the sprinklers and fire alarm horns. I know someone who owns a condo in another city, and the building does (required) quarterly spraying for cockroaches, and replacements of the air conditioning filters. None of us feel like we don't own these spaces.
https://x.com/d0rkph0enix/status/1822814018643374260
The protocol for non-DefCon rooms:
* Housekeeping services the room.
* If housekeeping was unable to service the room, security will come take a look.
The protocol for DefCon rooms:
* Security comes and takes a look no matter what, and is, from reports, particularly invasive. E.g. asked to look for USB sticks as evidence of "hacking tools": https://x.com/d0rkph0enix/status/1822879409126162779
So does this mean that housekeeping is conducting covert surveillance? Searching my personal effects? To whom do they report their findings ?
As I understand, housekeeping is instructed to look around the room to see if a bunch of guns are lying around. This is a result of the incident that happened there in 2017, where there were two dozen guns in a hotel room, unnoticed, because housekeeping respected the do not disturb sign indefinitely.
Housekeeping is neither trained nor spending time to performing a deep search of anyone’s room. But they do know what a pile of guns look like, and they’re instructed to escalate the situation to their superiors if they discover it.
And yet, housekeeping is directed to look for soldering irons and USB sticks, among other things. God forbid some maniac brings a loaded thumb drive into the premises - some of those high-capacity rounds can hold 1TB or more!
In this thread above, it was claimed that security was doing that, not housekeeping.
The third protocol:
* Housekeeping is optional, and not preferred. Housekeeping never shows up. * Security is never seen once on any floor above the ground level.
This has been my experience in Las Vegas in 5 different hotel rooms in the same hotel this year. These were 3 to 4 day stays. If the stay is longer than that then maybe a visit from security is more likely, but I didn't see them at all in the afternoons, evenings, mornings, any time. There was a security guard at the elevators on 1 day out of all the days I stayed.
The "protocol" probably depends on the hotel, where it's located, the events going on around Las Vegas at the time, and probably what the budget for security is.
The reports of mandatory security coming from "locals" and others in the comments here seem pretty wild to me, and far outside of what I've experienced in Las Vegas in the last year.
How do you know that security didn't inspect your room while you were out, though?
Are they invisible people? If Security had to check 4,000+ rooms in each hotel building every day, they would be busy from sunup to sundown, throughout the hallways. The chance of seeing them would be very high, but they were nowhere to be found and we didn't even leave the hotel for a whole day, visiting people on multiple floors. Some hotels have over 5,000 rooms in one building. There are 154,000 hotel rooms in Vegas. You can do more research on the matter if you wish, but from my experience, and from the numbers I've found, I seriously doubt anyone claiming every hotel room in Vegas is checked once a day.
For clarity, these are the two protocols listed in the documents shared, purportedly from Resorts World, for stays during Def Con, stating how security would act in block vs. not-obviously-convention-attendee rooms.
For those who don't want to follow a X link: Soldering irons, breadboards, USB sticks, and WiFi access points are called out as "hacking tools." What clowns!
This comes as news to me! I’ve stayed in Vegas numerous times since then, and I almost always decline housekeeping. I’ve never had anyone come into the room (to my knowledge, anyway). I wonder how selectively this is enforced.
Were you there 24/7? In DC they barged in (well, knocked and then went away when I answered before they could get in) around 4 PM.
They don't have physical barriers on the door? Or they intend to break it if you don't answer?
The security devices on the door are easily and quickly bypassed with the specialty tools.
There's no way someone is "barging in" with a door chained (with normal-style chain or a bar-style chain) in under 30 seconds, probably a minute or more of finagling the long tool into place to get it undone.
While this is happening, the person on the inside can totally thwart the attack by just blocking the tool physically - it's hard enough to do this while you're not being interfered with.
Sure, but I imagine the security guy checking in on you doesn't just say everything's okay and leave if you do that.
The idea behind forcibly stopping someone from barging into your room is to slow down the interaction and gain control.
The goal is then to establish identity, purpose, and ultimately deescalate. And then if need-be call the police and/or chargeback your credit card later.
Until otherwise verified, this intruder is no different than a random burglar breaking-and-entering in the middle of the night.
I'm not sure. I didn't even open the door all the way for the guy, he seemed to just be checking a box that whoever was in the room was alive. If they can't get in because the door is jammed and there's no answer, I'd guess they assume there's an emergency and call whoever at the hotel has the tools to get in.
Because it's part of the United States, where personal freedoms are supposedly respected. Reading so many comments describing daily room searches at hotels as just the new normal state of affairs makes me sick. I hadn't been aware that the terrorizing mass media had ruined hotels even harder than they ruined air travel.
The Las Vegas Strip and its hotel casinos are famously one of the most surveillance-heavy areas in the world due to the casinos ostensibly looking for casino cheaters but it goes way beyond that now in the name of "safety"
Sure, they have cameras up in public spaces, on the casino floors, etc. No one is going to argue with their right to place cameras on their private property like that.
Hotel rooms are a different matter, though. People should and do expect levels of privacy similar to that of a rented apartment. (Lower levels, but similar.)
Landlords can access their property with 24 hour notice everywhere I has lived in the US.
Way too much American individual freedom has been destroyed by the regressive embrace of corporate freedom, but there are still some strong distinctions between being passively surveilled in a public venue and being actively searched in a private room.
Yeah...this is nauseating.
Are other hotels near popular places in the US following the same procedure? Or is Vegas at higher risk?
I had never in my life heard of this before now and I am no stranger to hotels.
I would go straight to the front desk, demand my money back for that day and then never stay with hotel again along with making sure the corporate office got a nice email about their bullshit policy.
Maybe over priced Vegas hotels can do this but any hotel I have ever stayed at needs to make the customer happy because the competition is so fierce. Most hotels will go out of their way to make sure you are happy. Not randomly inspect your room like you are a child.
Maids have access to your room if you stay at a hotel, along with most staff members. Many brands you are familiar with follow the Vegas model of 24 hours no access, someone is gonna see the room.
Most hotels should be doing it every 2 or 3 days at the latest. Maybe every 7 days if it is a hotel catering to long term guests.
Any longer than 7 days for inspecting and cleaning every room is asking for pest infestations, or worse.
As a hotel customer, I would not want to stay in one that does not a policy of frequent room inspections.
It supposedly is a policy for major chains. Hilton in DC did it to me and claimed the whole chain does it.
I'm fascinated by the juxtaposition of the idea that "what happens in Vegas stays in Vegas" and the assumption that your bedroom should be searched every 24 hours because of a policy.
I expect privacy in any hotel room, regardless of where I am. Certainly not the same level of privacy I'd expect in my own home, whether purchased or rented. But daily security checks? No way, that's unreasonable. If I've put up the "do not disturb" sign, I expect no one to enter my room, at all, except in an emergency, or in a non-emergency where I'm present and have agreed to let someone in. That seems to me... entirely normal and reasonable to expect.
What does that have to do with it? Just because casinos want to watch what's going on to prevent cheating (or just too-good play), that doesn't mean the hotel-room privacy situation should go to shit.
My last few trips to Vegas I stayed in Airbnbs; I guess I will continue doing that for the foreseeable future when I visit.