‘We owe him so much… People who will never know his name owe Dan’

Dan Kaminsky: Tributes pour in for security researcher who died after short illness

The information security community has lost another leading light, after it was announced that prominent security researcher and DNS specialist Dan Kaminsky has died.

The news was confirmed by Kaminsky’s niece yesterday (April 25), who said her uncle had passed away after a short illness due to complications arising from diabetes, a condition he had “struggled [with] for years”.

Kaminsky, 42, was known for his many contributions including the discovery of a serious DNS cache poisoning vulnerability in 2008, early work in developing a framework to address SQL injection and cross-site scripting (XSS) attacks called Interpolique, and much more.

The US-born hacker was a frequent speaker at security conferences worldwide including Black Hat and DEF CON. Respect among his peers led to his nomination as one of the trusted community representatives for the DNSSEC root zone.

What differentiated Kaminsky from other figures who might be considered to be among the “elders of the internet” was his kindness and the help and encouragement he offered to other hackers – particularly those making their start in the industry.

A positive force for change

Almost immediately after yesterday’s announcement, tributes came pouring in from those close to Dan and others who had felt his influence despite never meeting face to face.

Sharing a video of her speaking with Kaminsky on coordinated vulnerability disclosures back in 2008, hacker and Luta Security founder Katie Moussouris said: “Dan... was the catalyst for the formal creation of Microsoft Vulnerability Research. We owe him so much, we all do. People who will never know his name owe Dan.”

“Dan Kaminsky’s passion, creativity, desire to learn and teach really help influence both #defcon and @BlackHatEvents in the early years,” read an announcement from the DEF CON management team.

“He became an icon in all the positive ways and we look up to him. RIP Hacker.”

Security researcher Mohammad Aldoub said: “Dan helped me a lot personally with guidance and advice when I first entered this field, he was such an empowering figure.”

“No one that knew Dan Kaminsky well is talking about DNS today,” said security pro and Black Hat board member Matt Devost. “They are talking about kindness, boundless energy and positivity, spontaneous adventures, and how hard he worked to lift others up.

“Want to emulate one of the greatest hackers of all time? Let that be your guide.”

“Dan Kaminsky was one of smartest people I’ve ever known,” said former Cyberscoop editor-in-chief Greg Otto. “He wrote an op-ed for @CyberScoopNews the day it debuted, where he called for a better way to guard the internet.”

“Many people are remarking on all those in their timelines [who] are talking about [Dan Kaminsky],” said infosec’s most popular anonymous commentator, SwiftOnSecurity.

“This is the impact you can have with effervescent intrigue and kindness. It matters on the level of human society. We need to advertise this and reward it – not regret ‘what could have been’.”

Our thoughts and condolences go out to Dan’s loved ones.

Additional words by John Leyden.