Remembering Dan Kaminsky: The Hacker Who Secured the Internet

On Saturday, security researcher Marc Rogers announced on Twitter that Dan Kaminsky, a leading figure in information security, had passed away at age 42.

Kaminsky was chief scientist and founder of White Ops and former director of penetration‑training at IOActive. He graduated from Santa Clara University in 2002 and consulted for many Fortune‑500 companies.

Discovery of the DNS vulnerability

In 2008 Kaminsky identified a fundamental flaw in the Internet's Domain Name System (DNS) that could allow attackers to redirect users to forged sites, disrupt email, and break SSL certificate issuance, threatening the stability of the global Internet.

He warned that an attacker could launch up to 65 000 queries in ten seconds. Rather than exploiting the flaw for profit, Kaminsky coordinated a secret collaboration with 16 DNS software developers and major vendors such as Microsoft and Cisco to create and deploy a patch.

The coordinated effort protected roughly 120 million broadband users; initial testing showed vulnerability prevalence dropping from 84 % to 30 % after the patch.

The flaw later became known as the “Kaminsky vulnerability.”

Kaminsky’s niece clarified that he suffered from chronic diabetes and died from complications, not from a COVID‑19 vaccine, despite unfounded rumors.

Colleagues and industry leaders praised his kindness, energy, and dedication to teaching, calling him one of the brightest lights in information security.