Dan Kaminsky


Dan Kaminsky

Posthumous Recipient

Dan Kaminsky was a renowned Internet security researcher who, in 2008, discovered a fatal flaw in the Internet’s Domain Naming System (DNS) and spearheaded the fix, coordinating resources and contributors who worked in stealth to patch DNS servers worldwide. Dan’s quick action and engineering know-how resolved the immediate issue and led the way to the adoption of a more secure DNS.

A childhood computer enthusiast, Kaminsky taught himself to code before beginning elementary school. At the age of 11, he attracted the ire of the U.S. government by hacking into its military sites.

Dan was a 29-year-old penetration tester hacking for good at a Seattle security firm when he discovered the DNS flaw. As it came to be known, the Kaminsky Bug would have allowed attackers to intercept email, bypass password authentication and impersonate websites, among a wider range of cache poisoning attacks. 

Since nearly every DNS server was vulnerable, a coordinated response to fixing it was required. Dan quickly and quietly revealed the problem to a small group of DNS and security leaders and the Department of Homeland Security. A secret meeting of cybersecurity experts at Microsoft headquarters was convened, with Dan leading the effort. The resulting patch was applied simultaneously worldwide within a few months of Dan’s discovery. 

Dan was an outspoken advocate of Internet security and privacy and a determined digital sleuth. He outed music giant Sony BMG for secretly installing software on half a million computers and helped invent a scanner to determine the presence of the Conficker worm, which was estimated to have affected more than nine million computers. Dan also frequently launched projects related to health concerns, including an app for people with colorblindness and telemedicine technology for refugees with AIDS-related conditions. 

His untimely death at the age of 42 cut short a brilliant career that had by then already made the Internet stronger and more secure.