pull down to refresh

Security hacking prodigy Dan Kaminsky (1979-2021) proved himself in his field to his family very early on. Later, in 2008, his hacker credentials were obvious to the world by discovering, and fixing, a fatal security flaw in the internet.
His mother, as you will see, proved quite a star too...
Dan's technological odyssey started when he was four after getting a computer from Radio Shack by his father. At just five years old he'd taught himself to code. Later, at eleven, Dan's computer know-how had been sensed by experts - but it wasn't welcome:
When Daniel was 11, his mother said, she received an angry phone call from someone who identified himself as a network administrator for the Western United States. The administrator said someone at her residence was “monkeying around in territories where he shouldn’t be monkeying around.” Without her knowledge, Daniel had been examining military websites. The administrator vowed to “punish” him by cutting off the family’s internet access. Mrs. Maurer warned the administrator that if he made good on his threat, she would take out an advertisement in The San Francisco Chronicle denouncing the Pentagon’s security. “I will take out an ad that says, ‘Your security is so crappy, even an 11-year-old can break it,’” she recalled telling the administrator, in an interview on Monday. They settled on a compromise punishment: three days without internet.¹
Thanks to his mom's moma bear tenacity, instincts and quick thinking, Dan kept the internet and kept on honing his skills.
In 2008, after already becoming known for revealing several security vulnerabilities, Dan discovered a further, far bigger problem - a fundamental flaw in the Domain Name System (DNS). Dan realized that this meant that bad actors could manipulate DNS traffic and redirect it to impostor sites.
[Dan's] first call was to Paul Vixie, a longtime steward of the internet’s DNS system. The usually unflappable Mr. Vixie recalled that his panic grew as he listened to Mr. Kaminsky’s explanation. “I realized we were looking down the gun barrel of history,” Mr. Vixie recalled. “It meant everything in the digital universe was going to have to get patched.”
Mr. Vixie asked Mr. Kaminsky if he had a fix in mind. “He said, ‘We are going to get all the makers of DNS software to coordinate a fix, implement it at the same time and keep it a secret until I present my findings at Black Hat,’” Mr. Vixie said, referring to an annual hacking conference in Las Vegas. Mr. Kaminsky, then the director of penetration testing at IOActive, a security firm based in Seattle, had developed a close working relationship with Microsoft. He and Mr. Vixie persuaded Microsoft to host a secret convention of the world’s senior cybersecurity experts. “I remember calling people and telling them, ‘I’m not at liberty to tell you what it is, but there’s this thing and you will need to get on a plane and meet us in this room at Microsoft on such-and-such date,’” Mr. Vixie said. Over several days they cobbled together a solution in stealth, a fix that Mr. Vixie compared to dog excrement. But given the threat of internet apocalypse, he recalled it as being the best dog excrement “we could have ever come up with.” By the time Mr. Kaminsky took the stage at Black Hat that August, the web had been spared. Mr. Kaminsky, who typically donned a T-shirt, shorts and flip flops, appeared onstage in a suit that his mother had bought for him. She had also requested that he wear closed-toed shoes. He complied, sort of — twirling onto the stage in roller skates.
When his talk was complete, Mr. Kaminsky was approached by a stranger in the crowd. It was the administrator who had kicked Mr. Kaminsky off the internet years earlier. Now he wanted to thank Mr. Kaminsky and to ask for an introduction to “the meanest mother he ever met.”¹
¹ Daniel Kaminsky, Internet Security Savior, Dies at 42 New York Times, April 29, 2021 https://archive.today/20210429051943/https://www.nytimes.com/2021/04/27/technology/daniel-kaminsky-dead.html
I'm always so jealous of people who found programming early. Type 1 might've been what gave him so much computer time at a young age.
I haven't been able to get past archive.* bot defenses lately but I found an unpaywalled link: https://www.seattletimes.com/nation-world/daniel-kaminsky-internet-security-savior-dies-at-42/
reply
Thanks for adding the other one k00b.
Wasn't aware that archive.it (etc) would be a problem to see the old Times piece.
Maybe I should post wayback links instead...
reply
Great post!
reply
haha, moms are rad.
reply