A humorous tweet about the lack of money in white-hat hacking and cyber-security research nearly stopped a Googler from attending the ongoing DEF CON hacking conference in Las Vegas, Nevada. According to reports, Google Engineer Matt Linto was kicked out of the iconic Caesars Palace hotel in sin city after jokingly tweeting about wanting to ‘attack’ the wealthy attendees of BlackHat, a more commercial cyber-security conference that takes place right before DEF CON.
If I had the time, budget, and motive to launch really good attacks in Vegas, I would:
Attack random Defcon nerds who are probably mostly broke and powerless
Attack ppl at BlackHat who are way more likely to be in positions of power somewhere with
to drop on tickets
— Matt Linton
(@0xMatt) August 8, 2018
The ‘attack’ here seemingly referred to cyber-attack/hacking, and not a violent physical ambush against unsuspecting victims in the real world. The tweet was posted in response to a fellow DEF CON attendee who tweeted about the questionable security of the Wi-Fi network at the venue, given that more than 20 thousand hackers were expected to be present at the event.
However, Linton got into trouble because the person he was replying to had a ‘protected account’, which means that user’s tweets were private and inaccessible to people who were not following them. In the absence of context, his tweet about launching an ‘attack’ didn’t go down well with either the hotel or the city’s law-enforcement. He was questioned by the police, and had to clarify that he was talking about the “theoretical risk of having one’s phone hacked by DEF CON attendees”, rather than mounting an actually attack either in the real or in the virtual world.
For more context, here's the tweet I was replying to. I didn't realize it was a protected tweet & wouldn't show for most people, leaving my tweet looking pretty odd hanging out there by itself. That's my error & I definitely regret my careless verb choice! pic.twitter.com/N09pSnyQrI
— Matt Linton
However, the damage had been done, and the word ‘attack’ automatically triggered a flurry of activity from those in charge of the hotel’s security. With last year’s tragic massacre at the nearby Mandalay Bay Hotel still fresh in everyone’s memory, Ceasars Palace apparently was taking no chances, and before throwing Linton out of their property, gave him a written warning that he’d be prosecuted if he stepped foot in the hotel ever again.
A clarification for the nice @LVMPD officers who came to discuss this tweet with me:
"Attack" in this context refers to the theoretical risk of having ones _phone hacked_ by #DEFCON attendees. It's hacker lingo.
I've spent decades training to save lives. I don't take them. https://t.co/K3uGLGGxbW
— Matt Linton
Thankfully, though, the confusion was eventually cleared up, and Linton was cleared of any wrongdoing. He was also eventually allowed to return to the hotel, and was able to attend the conference.