Dan Kaminsky

Kaminsky died on April 23, 2021 of diabetic ketoacidosis at his home in San Francisco. He had been frequently hospitalized for the disease in prior years. After his death, he received tributes from the Electronic Frontier Foundation, which called him a "friend of freedom and embodiment of the true hacker spirit", and from Jeff Moss, who said Kaminsky should be in the Internet Hall of Fame. On Dec 14, 2021, that wish came to fruition.

Kaminsky was also an outspoken privacy rights advocate. During the FBI–Apple encryption dispute, he criticized comments by then-FBI director James Comey, saying "what is the policy of the United States right now? Is it to make things more secure or to make them less secure?" In a 2016 interview, Kaminsky said, "the Internet was never designed to be secure. The Internet was designed to move pictures of cats ... We didn’t think you’d be moving trillions of dollars onto this. What are we going to do? And here’s the answer: Some of us got to go out and fix it."

Kaminsky was known among computer security experts for his work on DNS cache poisoning, for showing that the Sony Rootkit had infected at least 568,000 computers, and for his talks at the Black Hat Briefings. On June 16, 2010, he was named by ICANN as one of the Trusted Community Representatives for the DNSSEC root.

In June 2010, Kaminsky released Interpolique, a beta framework for addressing injection attacks such as SQL injection and cross-site scripting in a manner comfortable to developers.

On March 27, 2009, Kaminsky discovered that Conficker-infected hosts have a detectable signature when scanned remotely. Signature updates for a number of network scanning applications are now available, including NMap and Nessus.

In 2009, in cooperation with Meredith L. Patterson and Len Sassaman, Kaminsky discovered numerous flaws in the SSL protocol. These include the use of the weak MD2 hash function by Verisign in one of their root certificates and errors in the certificate parsers in a number of Web browsers that allow attackers to successfully request certificates for sites they do not control.

On July 28, 2009, Kaminsky, along with several other high-profile security consultants, experienced the publication of their personal email and server data by hackers associated with the "Zero for 0wned" online magazine. The attack appeared to be designed to coincide with Kaminsky's appearance at the Black Hat Briefings.

In April 2008, Kaminsky realized a growing practice among ISPs potentially represented a security vulnerability. Various ISPs have experimented with intercepting return messages of non-existent domain names and replacing them with advertising content. This could allow hackers to set up phishing schemes by attacking the server responsible for the advertisements and linking to non-existent subdomains of the targeted websites. Kaminsky demonstrated this process by setting up Rickrolls on Facebook and PayPal. While the vulnerability used initially depended in part on the fact that Earthlink was using Barefruit to provide its advertising, Kaminsky was able to generalize the vulnerability to attack Verizon by attacking its ad provider, Paxfire.

In 2008, Kaminsky discovered a fundamental flaw in the Domain Name System (DNS) protocol that could allow attackers to easily perform cache poisoning attacks on most nameservers (djbdns, PowerDNS, MaraDNS, Secure64 and Unbound were not vulnerable). With most Internet-based applications depending on DNS to locate their peers, a wide range of attacks became feasible, including website impersonation, email interception, and authentication bypass via the "Forgot My Password" feature on many popular websites. After discovering the problem, Kaminsky initially contacted Paul Vixie, who described the severity of the issue as meaning "everything in the digital universe was going to have to get patched." Kaminsky then alerted the Department of Homeland Security and executives at Cisco and Microsoft to work on a fix.

Kaminsky worked with DNS vendors in secret to develop a patch to make exploiting the vulnerability more difficult, releasing it on July 8, 2008. To date, the DNS design flaw vulnerability has not been fully fixed.

Kaminsky had intended not to publicize details of the attack until 30 days after the release of the patch, but details were leaked on July 21, 2008. The information was quickly pulled down, but not before it had been mirrored by others. He later presented his findings at the Black Hat Briefings, at which he wore both a suit and rollerskates.

The actual vulnerability was related to DNS only having 65,536 possible transaction IDs, a number small enough to simply guess given enough opportunities. Dan Bernstein, author of djbdns, had reported this as early as 1999. djbdns dealt with the issue using Source Port Randomization, in which the UDP port was used as a second transaction identifier, thus raising the possible ID count into the billions. Other more popular name server implementations left the issue unresolved due to concerns about performance and stability, as many operating system kernels simply weren't designed to cycle through thousands of network sockets a second. Instead, other implementers assumed that DNS's time to live (TTL) field would limit a guesser to only a few attempts a day.

Daniel Kaminsky (February 7, 1979 – April 23, 2021) was an American computer security researcher. He was a co-founder and chief scientist of WhiteOps, a computer security company. He previously worked for Cisco, Avaya, and IOActive, where he was the director of penetration testing. The New York Times labeled Kaminsky an "Internet security savior" and "a digital Paul Revere".

Daniel Kaminsky was born in San Francisco on February 7, 1979 to Marshall Kaminsky and Trudy Maurer. His mother told The New York Times that after his father bought him a RadioShack computer at age four, Kaminsky had taught himself to code by age five. At 11, his mother received a call from a government security administrator who told her that Kaminsky had used penetration testing to intrude into military computers, and that the family's Internet would be cut off. His mother responded by saying if their access was cut, she would take out an advertisement in the San Francisco Chronicle to publicize the fact that an 11-year-old could break military computer security. Instead, a three-day Internet "timeout" for Kaminsky was negotiated. In 2008, after Kaminsky found and coordinated a fix for a fundamental DNS flaw, he was approached by the administrator, who thanked him and asked to be introduced to his mother.