GRC Viewpoint

Daniel Kaminsky: A Security Researcher with Integrity (1979-2021)

The year 2021 was a year of irreplaceable losses for the American cybersecurity industry. First, in November 2021, Alan palmer, an American cyber security pioneer who dedicated his life to enhancing U.S defense technologies, passed away. Then, a few months ago, in April 2021, Daniel Kaminsky, a reputed security researcher, succumbed to diabetic-related health problems. He was 42.

Kaminsky co-founded WhiteOps, a computer security firm. He also had a stint as the chief scientist of the company. He also worked for other top firms like IQActive, Avaya, and Cisco.

He will always be remembered by the security sector for discovering the flaws associated with the DNS, the Domain Name System way back in 2008. Cyber hackers were in a position to easily leverage the presence of the fault to access passwords, accounts, or even close down the internet totally. He immediately alerted the Department of Homeland Security and worked hard for a fix.

Early Life:

Kaminsky was born in San Francisco in 1979. He was given a RadioShack computer at 4. According to close sources, it just took merely a year for him to be able to use coding. When he was 11, he was able to leverage penetration testing to invade military computers. The family was intimated about the incident by government officials and warned of a possible internet closure for the family. However, finally, it was reduced to a three-day cut-off of the internet for the family.

Technically, the government couldn’t overlook the reality that an 11-year-old boy was able to leverage his coding knowledge to penetrate a military system.

He completed his studies and began professional life with big names in the industry, such as Cisco and Avaya. After a long stint with such enterprises, he co-founded an anti-fraud firm in 2012 named WhiteOps.

WhiteOps is now HUMAN and offers services as pro-human and pro-privacy enterprises. The firm’s privacy-oriented code identifies bots, and there is no tracking of humans. Such a privacy-oriented approach has been instrumental in bringing the firm among the top names. The HUMAN code is now a part of countless websites and applications.

Bot attacks continue to influence businesses, and several firms are yet to realize the enormity of how destructive bot attacks could be. The firm’s Human Verification Engine is designed in such a manner that it safeguards APIs, Digital Media, and applications from the various types of bot attacks with an aim to prevent losses and enhance the overall digital experience for all humans.

The DNS Episode:

Kaminsky will always be remembered for his discovery of a fundamental flaw in the DNS. In 2008, he successfully identified the highly critical and widespread Domain Name System susceptibility. Leveraging this flaw, hackers could easily have caused havoc. The fault was an excellent opportunity for hackers to redirect users to totally malicious websites and even hijack emails at the Black Hat, an information security conference. In fact, the vulnerability could have been highly disastrous if hackers tried to impersonate legitimate websites and establish massive theft of vast amounts of data.

This fundamental design flaw enabled arbitrary DNS cache poisoning, which could impact almost every DNS server available on earth. This might include products and vendors that are associated with the DNS.

A malicious hacker can easily inject insufficient data into the recursive nameserver cache that spreads data to regional clients. The hostnames might be authentic, but the users may be redirected to malicious servers.

Whenever a cache poisoning incident takes place, a user is redirected to malicious websites. Consequently, a cyber attacker can easily install malware or cause theft of data from users.

Kaminsky found that the specific DNS vulnerability would allow cyber hackers to introduce cache poisoning threats against their nameservers. While caching enables a faster CDN/Internet experience, it can easily be exploited in this DNS incident. It almost took two days to identify that this exploit could apply to every nameserver available on the planet.

The concerned officials were informed at the earliest, and the works towards fixing the issues began immediately. The team, including Dan, dedicated themselves to resolving the issue before it was made public, with vendors parallelly releasing patches for their products on July 8th, 2008.

Later, Kaminsky had disclosed more details on the incident. However, according to Dan, the team was unable actually to repair the DNS issue. Instead, the team was able to take a 16-bit transaction identifier besides using UDP source pots to get a 32-bits transaction identifier. As a direct consequence, an earlier attack that took 10 seconds will now take days, hours, or weeks, taking much longer than before. In other words, the complete elimination of the attack was not materialized. What the team could initially achieve was curbing instantaneous attacks. The cyber security industry is yet to develop a full-fledged or complete solution for the DNS vulnerability. But, without the discovery and urgent corrective measures, the security world would have been subjected to a never-before dilemma.

The central DNS servers had implemented the Source Port Randomization to deal with the issue, as PowerDNS and djbdns had done earlier. As a result of such a widespread implementation, the DNS attacks turn about 65,536 times harder as compared to the initial days of the attack.

After the DNS susceptibility was exposed, Kaminsky had to deal with a substantial amount of mainstream press. In one of the interviews, Kaminsky was asked why he didn’t utilize the DNS flaw for his own benefit. Kaminsky replied that it would be against his moral values.

Kaminsky was also a reputed advocate for privacy rights. Unfortunately, he had been suffering from diabetes-related complications for some time. He passed away on 23rd April 2021 in San Francisco.

Related Articles

Latest Articles