aggregator

Mozilla Removes 23 Firefox Add-Ons That Snooped On Users

Slashdot - Your Rights Online - Pt, 2018-08-17 16:00
An anonymous reader writes: Mozilla has removed 23 Firefox add-ons from its add-on store that snooped on users and sent data to remote servers, a Mozilla engineer told Bleeping Computer Friday. The list of blocked add-ons includes "Web Security," a security-centric Firefox add-on with over 220,000 users, which was at the center of a controversy this week after it was caught sending users' browsing histories to a server located in Germany. "The mentioned add-on has been taken down, together with others after I conducted a thorough audit of [the] add-ons," Rob Wu, a Mozilla Browser Engineer and Add-on review, told Bleeping Computer via email. "These add-ons are no longer available at AMO and [have been] disabled in the browsers of users who installed them," Wu said.

Read more of this story at Slashdot.

Google Employees Protest Secret Work On Censored Search Engine For China

Slashdot - Your Rights Online - Pt, 2018-08-17 00:40
According to The New York Times, "Hundreds of Google employees, upset at the company's decision to secretly build a censored version of its search engine for China, have signed a letter demanding more transparency to understand the ethical consequences of their work (Warning: source may be paywalled; alternative source)." In the letter, the employees wrote that the project and Google's apparent willingness to abide by China's censorship requirements "raise urgent moral and ethical issues." They added, "Currently we do not have the information required to make ethically-informed decisions about our work, our projects, and our employment." From the report: The letter is circulating on Google's internal communication systems and is signed by about 1,000 employees, according to two people familiar with the document, who were not authorized to speak publicly. The letter also called on Google to allow employees to participate in ethical reviews of the company's products, to appoint external representatives to ensure transparency and to publish an ethical assessment of controversial projects. The document referred to the situation as a "code yellow," a process used in engineering to address critical problems that impact several teams.

Read more of this story at Slashdot.

Melbourne Teen Hacked Into Apple's Secure Computer Network, Court Told

Slashdot - Your Rights Online - Cz, 2018-08-16 18:00
A Melbourne private schoolboy who repeatedly broke into Apple's secure computer systems is facing criminal charges after the technology giant called in the FBI. From a report: The teen, who cannot be named for legal reasons, broke into Apple's mainframe from his suburban home on multiple occasions over a year because he was such a fan of the company, according to his lawyer. The Children's Court heard on Thursday that he had downloaded 90GB of secure files and accessed customer accounts. His offending from the age of 16 saw him develop computerized tunnels and online bypassing systems to hide his identity until a raid on his family home uncovered a litany of hacking files and instructions all saved in a folder titled "hacky hack hack."

Read more of this story at Slashdot.

To Catch A Robber, The FBI Attempted An Unprecedented Grab For Google Location Data

Slashdot - Your Rights Online - Cz, 2018-08-16 17:20
Back in March, as it investigated a spate of armed robberies across Portland, Maine, the FBI made an astonishing, unprecedented request of Google, Forbes reports. The feds wanted the tech giant to find all users of its services who'd been within the vicinity of at least two of nine of those robberies. They limited the search to within 30-minute timeframes around when the crimes were committed. But the request covered a total space of 45 hectares and could've included anyone with an Android or iPhone using Google's tools, not just the suspect. From a report: The FBI then demanded a lot of personal information on affected users, including their full names and addresses, as well as their Google account activity. The feds also wanted all affected users' historical locations. According to court records, while Google didn't provide the information, the cops still found their suspect in the end. Outside of concerns around government overreach, the FBI's remarkable attempt to force Google to assist in its investigation will likely worry all who were disturbed by an Associated Press investigation published on Monday that claimed Google continued to track people even when they turned location features off. The court warrants unearthed by Forbes indicate some at the FBI believe they have a right to that location data too, even if it belongs to innocents who might be unwittingly caught up in invasive government surveillance. And the government feels such fishing expeditions are permissable; it issued the warrant on Google without knowing whether or not the suspect used an Android device or any of the company services at all.

Read more of this story at Slashdot.

Police Bodycams Can Be Hacked To Doctor Footage, Install Malware

Slashdot - Your Rights Online - Cz, 2018-08-16 02:03
AmiMoJo shares a report from Boing Boing: Josh Mitchell's Defcon presentation analyzes the security of five popular brands of police bodycams (Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc) and reveals that they are universally terrible. All the devices use predictable network addresses that can be used to remotely sense and identify the cameras when they switch on. None of the devices use code-signing. Some of the devices can form ad-hoc Wi-Fi networks to bridge in other devices, but they don't authenticate these sign-ons, so you can just connect with a laptop and start raiding the network for accessible filesystems and gank or alter videos, or just drop malware on them.

Read more of this story at Slashdot.

SEC Sends Subpoena To Tesla In Probe Over Musk's Take-Private Tweets

Slashdot - Your Rights Online - Cz, 2018-08-16 00:40
The U.S. Securities and Exchange Commission sent Tesla a subpoena regarding Elon Musk's effort to take the company private, "indicating the regulatory scrutiny of his statements have reached a more serious stage," reports Bloomberg. Last week, Musk tweeted he was considering taking Tesla off the market and had "funding secured" for the deal. From the report: Musk exposed himself to legal risk by tweeting Aug. 7 that he had the funding for a buyout. Almost a week later, the chief executive officer said the basis for his statement was conversations with Saudi Arabia's Public Investment Fund, which first expressed interest in helping take the company private in early 2017. Tesla's board has since clarified that it hasn't received a formal proposal from Musk, who's also chairman, nor has it concluded whether going private would be advisable or feasible. Tesla may face potential regulatory challenges beyond the SEC investigation. The company probably will need approval of U.S. national security officials if Saudi Arabia finances the effort to take the company private, and President Donald Trump's administration has been stepping up scrutiny of foreign investment in American technology.

Read more of this story at Slashdot.

Investor Sues AT&T Over Two-Factor Security Flaws, $23 Million Cryptocurrency Theft

Slashdot - Your Rights Online - Cz, 2018-08-16 00:00
An anonymous reader quotes a report from Fast Company: Crypto investor Michael Terpin filed a $224 million lawsuit against AT&T in California federal court Wednesday alleging that the phone company's negligence let hackers steal nearly $24 million in cryptocurrency from him, Reuters reports. He's also seeking punitive damages. Terpin says hackers were twice able to convince AT&T to connect his phone number to a SIM card they controlled, routing his calls and messages to them and enabling them to defeat two-factor authentication protections on his accounts. In one case, he says hackers also took control of his Skype account and convinced one of this clients to send money to them rather than Terpin. The second hack came even after AT&T agreed to put an additional passcode on his account, when a fraudster visited an AT&T store in Connecticut and managed to hijack Terpin's account without providing the code or a "scannable ID" as AT&T requires, he says.

Read more of this story at Slashdot.

Mobile Internet Goes Free, National For a Day In Cuba

Slashdot - Your Rights Online - Śr, 2018-08-15 12:00
More than 5 million cellphone users in Cuba received free internet on Tuesday, in an eight-hour test before the government launches sales of the service. The test marks the first time internet services were available nationwide. Reuters reports: Cuba is one of the Western Hemisphere's least connected countries. There are hundreds of Wi-Fi hotspots in Cuba but virtually no home penetration. Dissident blogger Yoani Sanchez, considered the country's social media pioneer, raved that she had directly sent a tweet from her mobile. In another tweet, she called the test a "citizen's victory." On the streets of Havana, mobile users said they were happy about the day of free internet, even as some complained that connectivity was notably slower than usual. Hotspots currently charge about $1 an hour although monthly wages in Cuba average just $30. The government has not yet said how much most Cubans would pay for mobile internet, or when exactly sales of the service will begin. But [the state-run telecommunications monopoly ETECSA] is already charging companies and embassies $45 a month for four gigabytes. Analysts have said broader Web access will ultimately weaken government control over what information reaches people in a country where the state has a monopoly on the media.

Read more of this story at Slashdot.

WWV Shortwave Time Broadcasts May Be Slashed In 2019

Slashdot - Your Rights Online - Śr, 2018-08-15 03:25
New submitter SteveSgt writes: A forum thread on QRZ.com indicates that the shortwave time broadcasts by the National Institute of Standards and Technology (NIST) from stations WWV (Colorado) and WWVH (Hawaii) may be slashed in budget year 2019. [One of the proposed reductions includes "$6.3 million supporting fundamental measurement dissemination, including the shutdown of NIST radio stations in Colorado and Hawaii."] While the WWV broadcasts may seem like an anachronism to some Slashdotters, they remain a crucial component in many unexpected services, from over-the-air broadcasters and traffic signals, to medical devices, wall clocks, and wrist watches. The signals serve as standard beacons for radio propagation, and as a frequency reference for alignment of a broad range of communications equipment. It's easy to imagine that not even the NIST knows every service and device that could be impacted by this decision.

Read more of this story at Slashdot.

California Officials Admit To Using License Plate Readers To Monitor Welfare Recipients

Slashdot - Your Rights Online - Śr, 2018-08-15 01:20
According to a report from the Sacramento Bee, officials in Sacramento County have been accessing license plate reader data to track welfare recipients suspected of fraud. The practice dates back to 2016. Gizmodo reports: Sacramento County Department of Human Assistance Director Ann Edwards confirmed to the paper that welfare fraud investigators working under the DHA have used the data for two years on a "case-by-case" basis. Edwards said the DHA pays about $5,000 annually for access to the database. Abbreviated LPR, license plate readers are essentially cameras that upload photographs to a searchable database of images of license plates. If a driver passed by an LPR four times throughout a city, an officer with access would know where and at what time of day. Anyone with access to that data could use it track where someone drove and when, provided they were scanned by the LPR. It's not immediately clear how travel patterns might reveal welfare fraud. As noted by the Electronic Frontier Foundation, welfare fraud is statistically speaking, extremely rare. In 2012, the DHA found only 500 cases of fraud among Sacramento's 193,000 recipients. Following an inquiry from the EFF, the DHA has instituted a privacy policy (one that didn't exist before their initial inquiry) requiring investigators to justify each request for LPR data. The Sacramento Bee reports the DHA accessed the data over a thousand times in two years.

Read more of this story at Slashdot.

Tinder Founders Sue Dating App's Owners For At Least $2 Billion

Slashdot - Your Rights Online - Śr, 2018-08-15 00:00
An anonymous reader quotes a report from TechCrunch: A group of Tinder founders and executives has filed a lawsuit against parent company Match Group and its controlling shareholder IAC. The plaintiffs in the suit include Tinder co-founders Sean Rad, Justin Mateen and Jonathan Badeen -- Badeen still works at Tinder, as do plaintiffs James Kim (the company's vice president of finance) and Rosette Pambakian (its vice president of marketing and communications). The suit alleges that IAC and Match Group manipulated financial data in order to create "a fake lowball valuation" (to quote the plaintiffs' press release), then stripped Rad, Mateen, Badeen and others of their stock options. It points to the removal of Rad as CEO, as well as other management changes, as moves designed "to allow Defendants to control the valuation of Tinder and deprive Tinder optionholders of their right to participate in the company's future success." The lawsuit also alleges that Greg Blatt, the Match CEO who became CEO of Tinder, groped and sexually harassed Pambakian at the company's 2016 holiday party, supposedly leading the company to "whitewash" his actions long enough for him to complete the valuation of Tinder and its merger with Match Group, and then to announce his departure. In response, the plaintiffs are asking for "compensatory damages in an amount to be determined at trial, but not less than $2,000,000,000." IAC and Match Group issued a statement denying the allegations: "...Match Group and the plaintiffs went through a rigorous, contractually-defined valuation process involving two independent global investment banks, and Mr. Rad and his merry band of plaintiffs did not like the outcome. Mr. Rad (who was dismissed from the Company a year ago) and Mr. Mateen (who has not been with the Company in years) may not like the fact that Tinder has experienced enormous success following their respective departures, but sour grapes alone do not a lawsuit make. Mr. Rad has a rich history of outlandish public statements, and this lawsuit contains just another series of them. We look forward to defending our position in court."

Read more of this story at Slashdot.

Banks and Retailers Are Tracking How You Type, Swipe and Tap

Slashdot - Your Rights Online - Wt, 2018-08-14 18:00
When you're browsing a website and the mouse cursor disappears, it might be a computer glitch -- or it might be a deliberate test to find out who you are. The way you press, scroll and type on a phone screen or keyboard can be as unique as your fingerprints or facial features. To fight fraud, a growing number of banks and merchants are tracking visitors' physical movements as they use websites and apps. From a report: Some use the technology only to weed out automated attacks and suspicious transactions, but others are going significantly further, amassing tens of millions of profiles that can identify customers by how they touch, hold and tap their devices. The data collection is invisible to those being watched. Using sensors in your phone or code on websites, companies can gather thousands of data points, known as "behavioral biometrics," to help prove whether a digital user is actually the person she claims to be. To security officials, the technology is a powerful safeguard. Major data breaches are a near-daily occurrence. Cyberthieves have obtained billions of passwords and other sensitive personal information, which can be used to steal from customers' bank and shopping accounts and fraudulently open new ones.

Read more of this story at Slashdot.

Trump Signs Defense Bill With Watered-Down ZTE Sanctions

Slashdot - Your Rights Online - Wt, 2018-08-14 15:00
An anonymous reader quotes a report from CNET: President Donald Trump on Monday signed a $716 billion defense policy bill that weakened efforts to punish Chinese telecom giant ZTE for violating trade laws. The bill, named for ailing Arizona Sen. John McCain, prohibits the U.S. government and its contractors from buying certain telecommunications and video surveillance equipment from ZTE, Huawei and a handful of other Chinese communications companies. The ban covers components and services deemed "essential" or "critical" to any government system. Some lawmakers had hoped to use the bill to reinstate tough penalties against ZTE, but the compromise bill removed a provision that would undo a deal the Commerce Department struck in June for ZTE to pay a $1 billion penalty to resume business with U.S. suppliers. But lawmakers agreed to abandon that effort in late July. Huawei called the inclusion of its products in the bill "ineffective, misguided and unconstitutional." They added: "It does nothing to identify real security risks or improve supply chain security, and will only serve to stifle innovation while increasing internet costs for U.S. consumers and businesses. We believe that the American people deserve equal access to the best possible connections and smart device options, and will keep working to make this happen."

Read more of this story at Slashdot.

California May Become First State To Require Companies To Have Women On Their Boards

Slashdot - Your Rights Online - Wt, 2018-08-14 04:30
Two female state senators from California are spearheading a bill to require companies to have women on their boards. "SB 826, which won Senate approval with only Democratic votes and has until the end of August to clear the Assembly, would require publicly held companies headquartered in California to have at least one woman on their boards of directors by end of next year," reports TechCrunch. "By 2021, companies with boards of five directors must have at least two women, and companies with six-member boards must have at least three women. Firms failing to comply would face a fine." From the report: "Gender diversity brings a variety of perspectives to the table that can help foster new and innovative ideas," said Democratic Sen. Hannah-Beth Jackson of Santa Barbara, who is sponsoring the bill with Senate President Pro Tem Toni Atkins of San Diego. "It's not only the right thing to do, it's good for a company's bottom line." Yet critics of the bill say it violates the federal and state constitutions. Business associations say the rule would require companies to discriminate against men wanting to serve on boards, as well as conflict with corporate law that says the internal affairs of a corporation should be governed by the state law in which it is incorporated. This bill would apply to companies headquartered in California. [A] legislative analysis of the bill cautioned that it could get challenged on equal protection grounds, and that it would be difficult to defend, requiring the state to prove a compelling government interest in such a quota system for a private corporation.

Read more of this story at Slashdot.

Court Blocks FCC's Attempt To Take a Broadband Subsidy Away From Tribal Areas

Slashdot - Your Rights Online - Wt, 2018-08-14 03:10
Jon Brodkin reports via Ars Technica: The FCC decision, originally slated to take effect later this year, would have made it difficult or impossible for Tribal residents to obtain a $25-per-month Lifeline subsidy that reduces the cost of Internet or phone service for poor people. But on Friday, a court stayed the FCC decision pending appeal, saying that Tribal organizations and small wireless carriers are likely to win their case against the commission. "Petitioners have demonstrated a likelihood of success on the merits of their arguments that the facilities-based and rural areas limitations contained in the Order are arbitrary and capricious," said the stay order issued by the U.S. Court of Appeals for the District of Columbia Circuit. "In particular, petitioners contend that the Federal Communications Commission failed to account for a lack of alternative service providers for many tribal customers." The tribes and small carriers that sued the FCC "have shown a substantial risk that tribal populations will suffer widespread loss of vital telecommunications services absent a stay," the court said. The FCC hasn't proven that its plan won't result in "mass disconnection," the court also said. The court ruling was welcomed by the Crow Creek Sioux Tribe and Oceti Sakowin Tribal Utility Authority, which are among the groups suing the FCC. Several small carriers and the non-profit National Lifeline Association are also plaintiffs in the lawsuit.

Read more of this story at Slashdot.

FBI Warns of 'Unlimited' ATM Cashout Scheme

Slashdot - Your Rights Online - Wt, 2018-08-14 01:50
The FBI is warning banks about a global fraud scheme known as an "ATM cash-out," in which criminals hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours. "The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an 'unlimited operation,'" reads a confidential alert the FBI shared with banks privately on Friday. Krebs on Security reports: The FBI said unlimited operations compromise a financial institution or payment card processor with malware to access bank customer card information and exploit network access, enabling large scale theft of funds from ATMs. "Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities," the alert continues. "The FBI expects the ubiquity of this activity to continue or possibly increase in the near future." Organized cybercrime gangs that coordinate unlimited attacks typically do so by hacking or phishing their way into a bank or payment card processor. Just prior to executing on ATM cashouts, the intruders will remove many fraud controls at the financial institution, such as maximum ATM withdrawal amounts and any limits on the number of customer ATM transactions daily. The perpetrators also alter account balances and security measures to make an unlimited amount of money available at the time of the transactions, allowing for large amounts of cash to be quickly removed from the ATM.

Read more of this story at Slashdot.

Australia To Pass Bill Providing Backdoors Into Encrypted Devices, Communications

Slashdot - Your Rights Online - Wt, 2018-08-14 01:10
An anonymous reader quotes a report from The Register: The Australian government has scheduled its "not-a-backdoor" crypto-busting bill to land in parliament in the spring session, and we still don't know what will be in it. The legislation is included in the Department of Prime Minister and Cabinet's schedule of proposed laws to be debated from today (13 August) all the way into December. All we know, however, is what's already on the public record: a speech by Minister for Law Enforcement and Cybersecurity Angus Taylor in June, and the following from the digest of bills for the spring session: "Implement measures to address the impact of encrypted communications and devices on national security and law enforcement investigations. The bill provides a framework for agencies to work with the private sector so that law enforcement can adapt to the increasingly complex online environment. The bill requires both domestic and foreign companies supplying services to Australia to provide greater assistance to agencies." Apart from the dodgy technological sophistry involved, this belief somewhat contradicts what Angus Taylor said in June (our only contemporary reference to what the government has in mind). "We need access to digital networks and devices, and to the data on them, when there are reasonable grounds to do so," he said (emphasis added). If this accurately reflects the purpose of the legislation, then the Australian government wants access to the networks, not just the devices. It wants a break-in that will work on networks, if law enforcement demands it, and that takes us back to the "government wants a backdoor" problem. And it remains clear that the government's magical thinking remains in place: having no idea how to achieve the impossible, it wants the industry to cover for it under the guise of "greater assistance to agencies."

Read more of this story at Slashdot.

Facebook Bans the Sale of All Kodi Boxes

Slashdot - Your Rights Online - Pn, 2018-08-13 23:30
An anonymous reader quotes a report from TorrentFreak: Facebook previously banned the sale of fully-loaded pirate streaming devices, as did Amazon and eBay, but the social network appears to have expanded this to all Kodi-powered hardware now. This is made clear in the prohibited content section of the company's commerce policies, as shown below. Facebook states that users are no longer allowed to promote "the sale or use of streaming devices with KODI installed." In addition, jailbroken or loaded devices are also banned from the platform. The issue was first noticed by CordCuttersNews which notes that sellers who violate the policy may have their Facebook accounts banned. Interestingly, Facebook will still permit the sale of "add-on equipment for KODI devices," including keyboards and remotes. However, selling any devices with the software itself is no longer allowed.

Read more of this story at Slashdot.

Hackers Who Attended Black Hat and DefCon Conferences Say Hotel Security Personnel Demanded Access To Their Rooms

Slashdot - Your Rights Online - Pn, 2018-08-13 16:40
More than two dozen hackers and security experts who attended security events last week say security personnel at the Mandalay Bay, Luxor, Caesars Palace, Flamingo, Aria, Cromwell, Tuscany, Linq, or Mirage hotels had entered their rooms. Security news site The Parallax reports: Except for Tuscany, which is independent, all of these hotels are owned by either Caesars Entertainment or MGM Resorts International. And of the three hotel companies, only Caesars returned a request for comment. Richard Broome, executive vice president of communications and government relations for Caesars Entertainment, whose Caesars Palace is co-hosting DefCon this year with the Flamingo, said that following the deadliest mass shooting in U.S. history last year, "periodic" hotel room checks are now standard operating procedure in Las Vegas. On October 1, 2017, from his room at the Mandalay Bay, Stephen Paddock used semiautomatic weapons he'd outfitted with bump stocks to kill 58 people and wound at least 527 others attending a gated country music concert on the Strip below. [...] Two apparent Caesars security officers wearing hotel name tags displaying only the first names "Cynthia" and "Keith," respectively, as well as sheriff's style badges that looked like they came out of a Halloween costume kit, visited my room while I was writing this story. Cynthia told me that they are instructed to refer to the front desk guests who decline to allow their room to be searched. After Cynthia and Keith declined to disclose their last names to me, I asked what they intended to do in the room. They told me that they would enter it, type a code into the room's phone line to signal that it's been checked, and then do a visual spot check. When I asked what they would be looking for, Cynthia replied, "WMDs -- that sort of thing." Other conference attendees reported similar but less pleasant interactions. Katie Moussouris, CEO of Luta Security, wrote on Twitter that two hotel security personnel were "banging" on her room door and "shouted" at her. She also said the hotel's security team supervisor "dismissed" her concerns over how the hotel was treating single, female travelers. Google security engineer Maddie Stone tweeted that a man wearing a light-blue shirt and a walkie-talkie entered her Caesars Palace room with a key, but without knocking, while she was getting dressed. "He left when I started screaming," she wrote, adding that a hotel manager, upon her request, said Caesars would look into whether the man was actually an employee. Stone tweeted that she left DefCon early because of the incident.

Read more of this story at Slashdot.

Hackers Who Attended Black Hat and DefCon Conferences Say Hotel Security Personnel and Las Vegas Strip Demanded Access To Their Rooms

Slashdot - Your Rights Online - Pn, 2018-08-13 16:40
More than two dozen hackers and security experts who attended security events last week say security personnel at the Mandalay Bay, Luxor, Caesars Palace, Flamingo, Aria, Cromwell, Tuscany, Linq, or Mirage hotels had entered their rooms. Security news site The Parallax reports: Except for Tuscany, which is independent, all of these hotels are owned by either Caesars Entertainment or MGM Resorts International. And of the three hotel companies, only Caesars returned a request for comment. Richard Broome, executive vice president of communications and government relations for Caesars Entertainment, whose Caesars Palace is co-hosting DefCon this year with the Flamingo, said that following the deadliest mass shooting in U.S. history last year, "periodic" hotel room checks are now standard operating procedure in Las Vegas. On October 1, 2017, from his room at the Mandalay Bay, Stephen Paddock used semiautomatic weapons he'd outfitted with bump stocks to kill 58 people and wound at least 527 others attending a gated country music concert on the Strip below. [...] Two apparent Caesars security officers wearing hotel name tags displaying only the first names "Cynthia" and "Keith," respectively, as well as sheriff's style badges that looked like they came out of a Halloween costume kit, visited my room while I was writing this story. Cynthia told me that they are instructed to refer to the front desk guests who decline to allow their room to be searched. After Cynthia and Keith declined to disclose their last names to me, I asked what they intended to do in the room. They told me that they would enter it, type a code into the room's phone line to signal that it's been checked, and then do a visual spot check. When I asked what they would be looking for, Cynthia replied, "WMDs -- that sort of thing." Other conference attendees reported similar but less pleasant interactions. Katie Moussouris, CEO of Luta Security, wrote on Twitter that two hotel security personnel were "banging" on her room door and "shouted" at her. She also said the hotel's security team supervisor "dismissed" her concerns over how the hotel was treating single, female travelers. Google security engineer Maddie Stone tweeted that a man wearing a light-blue shirt and a walkie-talkie entered her Caesars Palace room with a key, but without knocking, while she was getting dressed. "He left when I started screaming," she wrote, adding that a hotel manager, upon her request, said Caesars would look into whether the man was actually an employee. Stone tweeted that she left DefCon early because of the incident.

Read more of this story at Slashdot.