A childhood computer enthusiast, Kaminsky taught himself to code before beginning elementary school. At the age of 11, he attracted the ire of the U.S. government by hacking into its military sites.
Dan was a 29-year-old penetration tester hacking for good at a Seattle security firm when he discovered the DNS flaw. As it came to be known, the Kaminsky Bug would have allowed attackers to intercept email, bypass password authentication and impersonate websites, among a wider range of cache poisoning attacks.
Since nearly every DNS server was vulnerable, a coordinated response to fixing it was required. Dan quickly and quietly revealed the problem to a small group of DNS and security leaders and the Department of Homeland Security. A secret meeting of cybersecurity experts at Microsoft headquarters was convened, with Dan leading the effort. The resulting patch was applied simultaneously worldwide within a few months of Dan’s discovery.
Dan was an outspoken advocate of Internet security and privacy and a determined digital sleuth. He outed music giant Sony BMG for secretly installing software on half a million computers and helped invent a scanner to determine the presence of the Conficker worm, which was estimated to have affected more than nine million computers. Dan also frequently launched projects related to health concerns, including an app for people with colorblindness and telemedicine technology for refugees with AIDS-related conditions.
His untimely death at the age of 42 cut short a brilliant career that had by then already made the Internet stronger and more secure.
