Dan Kaminsky

from Wikipedia, the free encyclopedia
Dan Kaminsky (2015)

Dan Kaminsky (born February 7, 1979 in San Francisco , California ; † April 23, 2021 there ; full name Daniel Kaminsky) was an American computer scientist , specialist in computer security and co-founder and head of scientific research at Human Security (formerly known as White Ops). He worked for Cisco , Avaya and the penetration testing company IOActive . In the latter, he was head of the pentesting division.

Dan Kaminsky was a celebrated hacker and security researcher. He was well known for his discoveries of security-critical DNS failures and was a regular speaker at the Chaos Communication Congress and the Black Hat Briefings .

He died in April 2021 at the age of 42 from complications from ketoacidosis caused by his diabetes .

Life

Young years

Dan Kaminsky was born on February 7, 1979 to Marshall Kaminsky, auditor, and Trudy Maurer, CEO of a medical company. He got access to computers at the age of 4 when his father gave him a RadioShack computer . By the age of 5 he had taught himself to code .

When Dan was 11 years old, his mother received a call from a United States system administrator that a military computer had been broken into from her Internet address . Unbeknownst to her, her son Daniel had inspected military computers. The administrator threatened to block their internet access. She replied that if this happened , she would post an ad in the San Francisco Chronicle that the security of military systems was so poor that an 11-year-old could break into the systems. They agreed that Dan would be off the internet for 3 days.

Kaminsky attended St. Ignatius High School in San Francisco and studied at Santa Clara University , where he earned a bachelor's degree in Operations and Management of Information Services in 2002 .

Profession as a researcher

Kaminsky initially worked for the technology companies Cisco Systems , Avaya and the penetration testing company IOActive , where he was head of the pentesting division (pentesting is the abbreviation for penetration testing) and found the fundamental flaw in the domain name system . In 2012 he co-founded White Ops (now Human Security ), where he was head of scientific research until his death.

He has received many offers from large IT companies in Silicon Valley to work as their Chief Information Security Officer, which he kindly declined in order to be able to pursue basic research into Internet security.

effect

Dan Kaminsky was a celebrated hacker and security researcher and was widely known for his discoveries of critical DNS errors. He lectured regularly at the Chaos Communication Congress and the Black Hat Briefings .

In addition to his technical work (see chapter Services ), Kaminsky was characterized by his empathy. He despised escalating accusations Twitter ( English Twitter pile-ons ), conversely, he took frequent travel accounts of needy colleagues via RedHat . When one of his co-workers split up with her boyfriend, he bought her a plane ticket to meet him because he believed they belong together (they later got married).

When it came to privacy or security, he took a clear position: James Comey, then director of the FBI , testified before Congress in 2016:

"That he was not asking for a backdoor, but for Apple to 'take the vicious guard dog away and let us pick the lock'."

"He's not asking for a back door, he is expecting Apple to remove the devilish watchdog and [the FBI] to pick the lock."

- James Comey : New York Times

Kaminsky replied:

"I am that vicious guard dog, and that used to be a compliment [...] The question for Mr. Comey is: What is the policy of the United States right now? Is it to make things more secure or to make them less secure? "

“I'm that devilish watchdog, and that's a compliment […] The question to Mr. Comey is, what is the United States policy? Should things be made safer or less secure? "

- Dan Kaminsky : New York Times

DNSSEC root key

In June 2010 Dan Kaminsky was named one of the seven people who keep a smart card for ICANN to access a backup of the root DNSSEC key. If the hardware security modules with the root DNSSEC key fail, a backup can be decrypted using five of the seven smart cards.

death

Dan Kaminsky died of ketoacidosis in his San Francisco apartment on April 23, 2021 . His family ruled out emerging rumors of a link to his COVID-19 vaccination. The underlying diabetes had already forced him to take regular hospital stays in previous years.

Services

Sony rootkit

In 2005 when it was announced that the by Sony BMG copy protection used XCP a rootkit has functionality, used Kaminsky DNS cache snooping to explore the distribution of XCP. He counted 568,200 public name servers that had cached domain names, were also related to XCP and that indicated the existence of at least one potentially infected computer.

Those responsible at Sony-BMG had downplayed the importance of the rootkit functionality. Kaminsky's publication of these figures made the problem known to the public.

Earthlink and DNS lookup

In April 2008, Kaminsky published a previously discovered vulnerability in the handling of failed DNS lookups by Earthlink . He was also able to identify this gap with other Internet service providers . Many providers experimented with intercepting reply messages from non-existent domain names and replacing them with advertising content. Phishers can attack the servers that deliver the advertisements and use non-existent subdomains and display a phishing form instead of the advertisements. Kaminsky demonstrated this by showing Rickrolls on Facebook and PayPal . While this security vulnerability initially came from the BareFruit software used by Earthlinks, Kaminsky was able to generalize the vulnerability and thus attack the advertising provider Paxfire used by Verizon. Kaminsky went public with this vulnerability after reports that Network Solutions was offering a service similar to Earthlink.

Error in the domain name system

In July 2008, the US-CERT announced that Kaminsky had discovered a fundamental vulnerability in the domain name system that would allow attackers to easily carry out cache poisoning attacks against most name server implementations. Kaminsky previously worked with developers of DNS software on a patch that made it difficult to exploit the vulnerability. It was released on July 8, 2008. Since the DNS draft did not consider the attack scenario “cache poisoning”, the vulnerability was not closed, but only made more difficult to misuse.

Kaminsky didn't plan to reveal details of the attack until 30 days after the patch was released. However, the information leaked on July 21, 2008. The information was quickly switched off, but some websites had already set up a mirror .

The weak point found widespread coverage outside of the specialist press. At the 2008 Black Hat Conference, Kaminsky received the Pwnie award for “Most overhyped security vulnerability”.

Automatic detection of the Conficker virus

On March 27, 2009, Kaminsky discovered that Conficker -infected computers have a detectable signature when they are scanned. Signature updates for network scanners such as B. Nmap or Nessus .

Vulnerabilities in the X.509 Internet infrastructure

In 2009, Kaminsky, in collaboration with Meredith L. Patterson and Len Sassaman, discovered numerous gaps in SSL , for example that Verisign used MD2 in one of their root certificates and that parsing errors made it possible to issue unverified certificates.

"Zero For 0wned" attack

On July 28, 2009, Kaminsky and other security experts were attacked by hackers who published private e-mails, passwords, chat logs and other private information. The attack coincides with Kaminsky's participation in the Black Hat Briefings and DEFCON .

Phreebird Suite

At the Black Hat conference in Abu Dhabi, Kaminsky announced the release of version 1.0 of Phreebird. at. This tool set should make it easy to create digital signatures based on DNSSEC . The automatic key change should be supported in the next versions. The additional tool Phreeload offers the possibility of replacing X.509 certificates in OpenSSL with DNSSEC signatures.

Web links

Individual evidence

  1. a b c d e f g h i j k Nicole Perlroth: Daniel Kaminsky, Internet Security Savior, Dies at 42. In: New York Times . April 27, 2021, accessed April 27, 2021 .
  2. a b We are White Ops. In: whiteops.com. Archived from the original on July 15, 2019 ; accessed on April 25, 2021 (English).
  3. a b c d e f Security Researcher Dan Kaminsky Passes Away. In: securityweek.com. April 24, 2021, accessed April 25, 2021 .
  4. a b c Ryan Singel: ISPs' Error Page Ads Let Hackers Hijack Entire Web, Researcher Discloses. In: Wired . April 19, 2008, archived from the original on April 4, 2009 ; accessed on April 25, 2021 (English).
  5. a b c Michael S. Mimoso: Kaminsky on DNS rebinding attacks, hacking techniques. In: Search Security. April 14, 2008, archived from the original on July 5, 2008 ; accessed on April 25, 2021 (English).
  6. a b Security Researcher Dan Kaminsky Has Died. In: CircleID. April 24, 2021, accessed April 27, 2021 .
  7. a b 21st Chaos Communication Congress: Speakers and moderators: Dan Kaminsky. Chaos Computer Club, archived from the original on January 30, 2009 ; accessed on August 3, 2010 . 22nd Chaos Communication Congress Private Investigations - Dan Kaminsky. Chaos Computer Club, January 15, 2007, accessed August 3, 2010 . 23rd Chaos Communication Congress: Who can you trust? - Dan Kaminsky. Chaos Computer Club, January 30, 2007, accessed August 3, 2010 . 24th Chaos Communication Congress: Full steam ahead! - Dan Kaminsky. Chaos Computer Club, January 10, 2008, accessed April 25, 2021 . 25th Chaos Communication Congress: Nothing to hide - Dan Kaminsky. Chaos Computer Club, January 10, 2009, accessed April 25, 2021 . 26th Chaos Communication Congress: Here be dragons - Dan Kaminsky. Chaos Computer Club, January 9, 2010, accessed April 25, 2021 .
  8. a b c Tom Cleary: Dan Kaminsky's Sudden Death Wasn't Related to COVID-19 Vaccine: Family. In: heavy.com. April 25, 2021, accessed on April 26, 2021 : "Kaminsky died at the age of 42 on April 23 in California."
  9. Tracy Connor: Trolls Falsely Blame Vaccine After Prominent Security Researcher Dies of Diabetes. In: The Daily Beast . April 25, 2021, accessed April 26, 2021 .
  10. Ki Mae Heussner: Brotherhood of the Internet Keys: Who Are the Chosen Seven? In: ABCNews . July 28, 2010, accessed April 26, 2021 . Lucas Timmons: Canadian holds rare Internet key. In: The Vancouver Sun . August 1, 2010, archived from the original on August 15, 2010 ; accessed on April 26, 2021 (English).
  11. ^ ICANN: Trusted Community Representatives - Proposed Approach to Root Key Management. (pdf; 102 kB) In: root-dnssec.org. April 8, 2010, archived from the original on August 10, 2010 ; accessed on April 26, 2021 (English).
  12. Andreas Wilkens: Security expert: Sony BMGs rootkit in networks of the US military. In: heise online . January 17, 2006, accessed April 26, 2021 . Stefan Krempl , Peter-Michael Ziegler: 22C3: Hackers complain of “digital trespassing” by Sony BMG. In: heise online. December 29, 2005, accessed April 26, 2021 .
  13. ^ Quinn Norton: Sony Numbers Add Up to Trouble. In: Wired. November 15, 2005, archived from the original on January 9, 2013 ; Retrieved August 3, 2010 . Dan Kaminsky: Black Ops Of TCP / IP 2005.5 - New Explorations: Large Graphs, Larger Threats. (mp4 video; 490 MB; 60:15 minutes) Lecture at the 22nd Chaos Communication Congress , Berlin Congress Center. In: tu-ilmenau.de . December 28, 2005, accessed April 26, 2021 .
  14. ^ John Leyden: Shocker DNS spoofing vuln discovered three years ago by a student: The mad woman in the attic. In: theregister.co.uk . July 9, 2008, accessed April 26, 2021 .
  15. Nathan McFeters: ToorCon Seattle 2008: Nuke plants, non-existent sub domain attacks, muffin diving, and Guitar Hero - Zero Day. In: ZDNet . April 21, 2008, archived from the original on August 1, 2008 ; accessed on April 26, 2021 (English).
  16. ^ Brian Krebs: More Trouble With Ads on ISPs' Error Pages. In: Washington Post. April 30, 2008, archived from the original on May 3, 2011 ; accessed on April 26, 2021 (English).
  17. Robert McMillan: EarthLink redirect service Poses Security Risk, Expert Says. In: PC World. April 19, 2008, accessed April 26, 2021 .
  18. Multiple DNS implementations vulnerable to cache poisoning: Vulnerability Note VU # 80011. In: cert.org . April 14, 2014, accessed April 26, 2021 . Jürgen Schmidt: A massive DNS security problem is putting the Internet at risk. In: heise online. July 9, 2008, accessed April 26, 2021 .
  19. ^ Paul Vixie : Not a Guessing Game. In: CircleID. July 14, 2008, accessed April 26, 2021 .
  20. ^ Joe Barr: Patches coming today for DNS vulnerability. In: Linux.com. July 8, 2008, archived from the original on January 27, 2013 ; accessed on April 26, 2021 (English).
  21. Nathan Keltner: Kaminsky's DNS Issue Accidentally Leaked? In: Invisible Denizen. July 21, 2008, accessed April 26, 2021 .
  22. DNS bug leaks. In: LiveJournal . July 22, 2008, accessed April 26, 2021 .
  23. The 2008 Pwnie Award For Most Over-Hyped bug CVE-2008-1447: Dan Kaminsky. In: pwnies.com. Archived from the original on October 24, 2020 ; accessed on April 26, 2021 (English).
  24. Dan Goodin: Busted! Conficker's tell-tale heart uncovered. In: The Register. March 30, 2009, accessed August 3, 2010 .
  25. ^ Ron Bowes: Scanning for Conficker with Nmap. In: SkullSecurity. March 30, 2009, accessed April 26, 2021 .
  26. Paul Asadoorian: Updated Conficker Detection Plugin Released. In: Tenable Security. April 1, 2009, archived from the original on September 26, 2010 ; accessed on August 3, 2010 .
  27. ^ Rodney Thayer: Dan Kaminsky Feels a disturbance in The Internet. In: SemiAccurate. August 2, 2009, accessed April 26, 2021 .
  28. Uli Ries, Christiane Rütten: Crackers target hacker celebrities. In: heise online. July 30, 2009, accessed April 26, 2021 .
  29. Black Hat; Technical Security Conference: Abu Dhabi 2010 // Welcome. In: BlackHat.com. Accessed April 26, 2021 .
  30. a b Monika Ermert, Dusan Zivadinovic: New tool should make digital DNS signatures child's play. In: heise online. November 16, 2010, accessed April 26, 2021 .
personal data
SURNAME Kaminsky, Dan
ALTERNATIVE NAMES Kaminsky, Daniel (full name)
BRIEF DESCRIPTION American computer scientist and computer security specialist
DATE OF BIRTH 7th February 1979
PLACE OF BIRTH San Francisco , California
DATE OF DEATH April 23, 2021
PLACE OF DEATH San Francisco , California