Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Tag Archives: peter kleissner

Peter Kleissner on TV Total (revised)

After 2 months, I’ve finally had a few minutes to complete a translation of Peter Kleissner’s TV-Total interview I posted about back in November. I’ve posted the text of the interview below, and tried to work it into a Closed Caption for YouTube (see link below). It’s rough, but you get the idea.

If the susbtitles are a little large and don’t fit the screen, please click the video and view it directly on YouTube’s site.


09 November 2009

Stefan Raab (Host/SR): Now we have a young man with us that, How should I say, some people may see him as a criminal, but he’s a hacker. He’s a very very sincere hacker. He was the youngest hacker to speak before Microsoft and CIA experts at the worldwide hacker conference in Las Vegas. please welcome, Mr Peter Kleissner.

<entrance music>

SR: Hello Peter, you’re 18 years old ?

Peter Kleissner (PK): Yes that’s right.

SR: So how criminal are the things you do ?

PK: Half criminal

SR: Not criminal at all ?

PK: Half criminal

SR: Oh, half criminal ! Have you already had problems with the authorities ?

PK: Partially, but nothing really serious

SR: Why what have you done ?

PK: Because I haven’t done anything very criminal such as hacking into bank accounts…

SR: But you could when you wanted ?

PK: Theoretically

SR: Theoretically ?

PK: Yes

SR: Na na na <roughly translates to tsk tsk, naughty>

<crowd laughs>

SR: So how endangered are normal computer users without much awareness ?

PK: Well I’ve also hacked your website. Yesterday.

SR: You’ve hacked our website ? What have you hacked ? what can you do with it ?

PK: Well when you go on my blog, or on twitter, there’s a link to the TV Total website that says that the program is cancelled.

SR: You can do things like that ?

PK: Yep. The people read that

SR: And then ?

PK: Then they think the program’s cancelled.

SR: Oh ok. You can do that of thing. Very interesting. Do you already know how long you have to spend in jail for that ? or …

PK: Ui <surprised>

SR: .. hasn’t it arrived in the post yet ?

PK: It’s on its way

SR: Can you only do that kind of thing on websites, or could you get access to the private… the private email account of… “Angela Merkel”

PK: Yes, with enough equipment and time

SR: Really ?

PK: It happens all the time that famous people have their accounts hacked and their emails made public. It happens a lot.

SR: What do you have to take care of if you’re a normal computer user ?

PK: When you get an email from me, I wouldn’t open the attachment.

SR: So that means you have to open the email ?

PK: Yes thats the vulnerability.

SR: So if you don’t open up the email from unknown senders then nothing can happen ?

PK: Yes

SR: or is it enough when I’m just online ?

PK: It depends. There are various possibilities.

SR: So you sit in a car with an antenna looking for wireless networks to hack into, so that you can see which porn sites the other people are looking at currently ?

PK: Yes

SR: You could do that ?

PK: Yes. But I don’t

SR: <laughs> Do people think that you don’t do it ?

PK: No

SR: This opens up loads of possibilities. How did you get into it ? what did you have to learn to be able to do it ? Was it hard to learn ? you’re only 18 after all. How long have been look into this subject ?

PK: I started about 2 years ago, I worked for an Anti-virus company and I learnt everything about viruses there.

SR: You have recently done a presentation at the world-wide hacker conference in Las Vegas, and spoken there with Microsoft and CIA experts. Can they learn something from you ?

PK: definitely !

<crowd laughs>

SR: So they can learn something from me, I can tell you how I got into your website and how to prevent it.. as long as you give me money. Is that your business model ?

PK: My business model is that I tell software developers how to secure their systems.

SR: That’s what I said.

PK: Yeah well, kinda.

SR: So you first find a potential customer and show them the failures in their software. In cases where it might happen again you can sell them a system/process to prevent it ?

PK: Exactly

SR: Isn’t that blackmail ?

PK: No. Only the way you say it.

SR: So it’s a business model…

PK: Yes

SR: .. you would say

PK: definitely

SR: Is that how you want to earn money in the future ?

PK: Yes, I already do like this. It works well

SR: Putting all this aside, the hacking of a website is already a criminal act !

PK: Yes

<Peter looks for nearest exit / crowd laughs>

PK: That’s right.

SR: What kind of fines would you have to pay if you got caught ?

SR: If you hack a site like TV-Total and write that the programs cancelled for example !

PK: But normally nobody is interested in that

<crowd laughs>

SR: If nobody goes to court, then there’s no crime ! <proverb>

<crowd laughs>

PK: There’s still foreign countries I can escape too

SR: Ok, but then you’re never allowed back !

PK: <laughs>

SR: That’s not so… Ah yes, you have to go back to Austria. Austrians look forward to going home !

SR: So what does the future hold for you ? You’re still in school correct ? You’re doing your A-Levels ?

PK: Yes

SR: And then ?

PK: I want to go to University. To study Computer Science (Informatik)

SR: I thought you already knew everything  ?

PK: Not everything, there’s still something to learn.

SR: Ok

PK: … and to brag !

SR: To brag ?

PK: Yes. I have to spend my time somehow.

SR: Do you need some special equipment for what you’re doing ?

PK: No a normal notebook is enough.

SR: A normal notebook ? and then the right knowledge.

PK: Exactly.

SR: Understood. So I wish you, at the very least with your legal activities, every success… and keep your fingers away from illegal stuff. Promise me that ?

PK: Yes

SR: Peter Kleissner ladies and gentlemen.

<entrance music>


Peter Kleissner on TV Total

Even I had to double check when I saw Peter Kleissner (from Stoned Bootkit fame) talking about appearing on TV Total in Austria. It’s not often that Security Researchers get TV time over here in Austria, and I’m sad to say, I doubt this interview is going to help that situation much.

kleissner Rough translation – “We’ll see who disses who”

I’ve met Peter a couple of times now, as I’ve seen him present over in Las Vegas, as well as at HAR2009 in the Netherlands. He also did a presentation of the Stoned Bootkit at one of the CERT.AT meetings in Vienna. I didn’t really talk that much with him at these events, but he seemed an ok guy. A little young and idealistic, but that’s not a bad things most of the time.

I didn’t manage to catch the segment live, although a couple of colleagues watched. The reviews they gave were not particularly shining. So after getting back from work today I decided to take a few minutes to search YouTube for a link and see what  was discussed. There’s a lot I could say about the interview, but I wont. Right now there isn’t an English translation, and I’ve not really got the time to make one. I’d much rather leave people to form their own opinions before I give mine.

For those interested here is the YouTube version of the TV Total interview (6:28) in the original German. If anybody out there wants to do a German/English translation, please let me know. It might be a while before I can get round to writing one up.

The caption on the video roughly translates to “When I grow up, I’ll be a hacker”

EDIT: Youtube video fixed.