Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

06:10 PM
Connect Directly

In Appreciation: Dan Kaminsky

Beloved security industry leader and researcher passes away unexpectedly at the age of 42.

"We're hackers: we're not afraid to get into how things work. Let's use that knowledge and fearlessness and make things work better."  —Dan Kaminsky, 2015

The security industry is reeling over news of the death of an iconic industry leader and innovator who shaped a generation of ethical hacking and security technologies, Dan Kaminsky.

Kaminsky, 42, passed away suddenly on April 23 due to complications from diabetes, and word of his death spread online Saturday as friends, colleagues, and industry admirers shared tributes on Twitter about his groundbreaking and prolific security research, the personal touch he applied to all of the work he did and shared — and his signature generosity and enthusiastic passion for the work and industry he so loved.

His work spanned nearly every aspect of cybersecurity: network security, Web security, cryptography, clickjacking defense, online ad-fraud prevention with the co-founding of HUMAN (formerly White Ops), and more. He even wrote a mobile app called DanKam that uses a form of augmented reality for helping with color blindness. But his best-known research was the discovery of the massive DNS cache poisoning flaw in 2008 that could be exploited to redirect victims to a malicious website without their knowing. Kaminsky helped engineer a then-unprecedented emergency patching effort among vendors and service providers to protect domain servers worldwide, including internal email systems, from the attack.

Kaminsky stumbled onto the bug while working with his friend Artur Bergman — who later founded Fast.ly — on brainstorming ways to speed up content delivery networks by getting the Domain Name System to use faster servers. A neat trick he found to speed up the Internet led to his discovery of the dangerous design flaw in DNS.

Credit: Dan Kaminsky
Credit: Dan Kaminsky

For years, he hosted the famous "Black Ops" series of talks at Black Hat, where he shared his latest research and insights, including the impact of the DNS cache poisoning bug. His very first one in 2001, "The Black Ops of TCP/IP," came together while he was studying for his business computing degree at Santa Clara University and was on "some random things I was working on instead of doing homework," he once recalled. "My family was not happy with me."

Family was always a part of Kaminsky's professional life. His grandma famously attended his Black Hat talks, bringing along her homemade cookies in a Tupperware container to share with attendees after the presentations, and other family members also regularly attended his talks. He produced a DNS security "PSA" video for "non-geeks" in 2008 with his young niece, Sarah, on the importance of DNS security. "Kids, talk to your parents about DNS. They'll be glad you did," Kaminsky quipped at the end of the video.

Katie Moussouris, founder and CEO of Luta Security, says Kaminsky looked at security problems differently — and with optimism, often a rare sentiment in security. "He was not transactional in his approach of security. He was a long-game thinker," she says. "We really don't have too many folks in our industry who have a long track record as he had, and with as much impact — and [also] as much hope for the future" as Kaminsky had, she says. "That was something precious."

Security researcher David Maynor says he was always inspired by Kaminsky's enthusiastic embrace of security challenges and research, and to life: Kaminsky remained true to his pure love of his work throughout his accomplished career. He was eager to share his knowledge and excitement about his work. "He made it okay to be passionate about what you do every day," Maynor says of his longtime friend. "I do a bunch of stuff, such as CTFs [capture the flag] that's not work-related, that I don't think I would be doing if not for Dan."

Security expert Robert Graham described Kaminsky as "a nerd's nerd."

"Most conference talks have five minutes of content surrounded by 40 minutes of background material. So a couple times, Dan would rent a suite in a hotel and invite techies who already understood the background material to give the five-minute version of the talk. Everyone invited was expected to present," Graham recalls. "This then included questions and answers from techies who thoroughly understood the material."

Labor of Love
Kaminsky landed at his first Black Hat conference in 2000 at age 20 after winning a free ticket in a security treasure-hunt competition. He recalled that he had raised his hand to answer — correctly — a security question famed L0pht member Mudge (aka Pieter Zatko) posed to the audience during a panel presentation. Mudge gave him some advice that Kaminsky said he took to heart: "He said, 'never tell anyone your age. That way you will always be old enough for them to believe what you are saying.'"

After working as an intern at Cisco and co-writing the book Hack Proofing Your Network, he decided to go back to school to finish his college degree.

"I took business classes, because you don't naturally know how money works. I think finance should be a mandatory class for everyone," he said. If you build an expensive but great security system that no one actually uses, he said, that's worse than doing nothing at all.

He didn't consider his security work as labor: It was fun for him and he embraced being a self-professed "nerd." Kaminsky wrote his first code at the age of five, when he programmed the Tandy 80 computer he had back then. "I could tell the turtle to walk around, and make it do spirograph patterns," he said.

Editor's Note: Dan was always so very generous with his time for us, and we are the better for it. We will always remember his excitement  and pure joy  when he shared his groundbreaking work with us. We will miss him terribly.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-06
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel i...
PUBLISHED: 2021-05-06
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to arbi...
PUBLISHED: 2021-05-06
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap.
PUBLISHED: 2021-05-06
The administrator application on ASUS GT-AC2900 devices before allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_chec...
PUBLISHED: 2021-05-06
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating authorisation tokens which resulted in GraphQL mutation being executed.