984:"We worked with vendors on a coordinated patch," said Kaminsky, noting this is the first time such a coordinated multi-vendor synchronized patch release has ever been carried out. Microsoft, Sun, ISC's DNS Bind, and Cisco have readied DNS patches, said Kamisnky. "The patch was selected to be as non-disruptive as possible." ... Lack of an applied patch in the ISP infrastructure would mean "they could go after your ISP or Google and re-direct them pretty much wherever they wanted." Both current and older versions of DNS may be vulnerable, Kaminsky says, and patches may not be available for older DNS software. He says Yahoo was vulnerable because it uses an older version of BIND but had committed to upgrading to BIND 9.0.
501:
399:, author of djbdns, had reported this as early as 1999. djbdns dealt with the issue using Source Port Randomization, in which the UDP port was used as a second transaction identifier, thus raising the possible ID count into the billions. Other more popular name server implementations left the issue unresolved due to concerns about performance and stability, as many operating system kernels simply weren't designed to cycle through thousands of
566:, saying "what is the policy of the United States right now? Is it to make things more secure or to make them less secure?" In a 2016 interview, Kaminsky said, "the Internet was never designed to be secure. The Internet was designed to move pictures of cats ... We didn’t think you’d be moving trillions of dollars onto this. What are we going to do? And here’s the answer: Some of us got to go out and fix it."
531:, Mr. Kaminsky stood out for his empathy." He was known for regularly paying for hotels or travel bills for other people going to Black Hat, and once paid for a plane ticket for a friend of his after she had broken up with her boyfriend; the pair later married. At various points in his career, Kaminsky shifted his focus to work on projects related to his friends' and family's health, developing an app that helps
42:
264:
475:
On July 28, 2009, Kaminsky, along with several other high-profile security consultants, experienced the publication of their personal email and server data by hackers associated with the "Zero for 0wned" online magazine. The attack appeared to be designed to coincide with
Kaminsky's appearance at the
411:
not only include information for itself, but for the target as well. By using many "sibling" names in a row, he could induce a DNS server to make many requests at once. This tactic provided enough opportunities to guess the transaction ID to successfully spoof a reply in a reasonable amount of time.
364:
were not vulnerable). With most
Internet-based applications depending on DNS to locate their peers, a wide range of attacks became feasible, including website impersonation, email interception, and authentication bypass via the "Forgot My Password" feature on many popular websites. After discovering
279:
was found to be covertly installing anti-piracy software onto PCs, Kaminsky used DNS cache snooping to discover whether servers had recently contacted any of the domains accessed by the Sony rootkit. He used this technique to estimate that there were at least 568,000 networks that had computers with
230:
to publicize the fact that an 11-year-old could break military computer security. Instead, a three-day
Internet "timeout" for Kaminsky was negotiated. In 2008, after Kaminsky found and coordinated a fix for a fundamental DNS flaw, he was approached by the administrator, who thanked him and asked to
410:
Kaminsky's attack bypassed this TTL defense by targeting "sibling" names like "83.example.com" instead of "www.example.com" directly. Because the name was unique, it had no entry in the cache, and thus no TTL. But because the name was a sibling, the transaction-ID guessing spoofed response could
391:
Kaminsky received a substantial amount of mainstream press after disclosing this vulnerability, but experienced some backlash from the computer security community for not immediately disclosing his attack. When a reporter asked him why he had not used the DNS flaw for his own financial benefit,
288:
In April 2008, Kaminsky realized a growing practice among ISPs potentially represented a security vulnerability. Various ISPs have experimented with intercepting return messages of non-existent domain names and replacing them with advertising content. This could allow hackers to set up
414:
To fix this issue, all major DNS servers implemented Source Port
Randomization, as djbdns and PowerDNS had done before. This fix makes the attack up to 65,536 times harder. An attacker willing to send billions of packets can still corrupt names.
383:
Kaminsky had intended not to publicize details of the attack until 30 days after the release of the patch, but details were leaked on July 21, 2008. The information was quickly pulled down, but not before it had been
997:
467:
in one of their root certificates and errors in the certificate parsers in a number of Web browsers that allow attackers to successfully request certificates for sites they do not control.
1027:
224:
to intrude into military computers, and that the family's
Internet would be cut off. His mother responded by saying if their access was cut, she would take out an advertisement in the
220:
computer at age four, Kaminsky had taught himself to code by age five. At 11, his mother received a call from a government security administrator who told her that
Kaminsky had used
548:
293:
schemes by attacking the server responsible for the advertisements and linking to non-existent subdomains of the targeted websites. Kaminsky demonstrated this process by setting up
1705:
The cybersecurity world woke up
Saturday to news of the sudden passing of Dan Kaminsky, a celebrated hacker who is widely credited with pioneering research work on DNS security.
887:
1907:
1452:
431:-infected hosts have a detectable signature when scanned remotely. Signature updates for a number of network scanning applications are now available, including
395:
The actual vulnerability was related to DNS only having 65,536 possible transaction IDs, a number small enough to simply guess given enough opportunities.
1882:
961:
1671:
419:, which Kaminsky spoke in favor of, has since been widely (but not universally) deployed, bringing cryptographic assurance to results provided by DNS.
1005:
369:, who described the severity of the issue as meaning "everything in the digital universe was going to have to get patched." Kaminsky then alerted the
272:
1366:
153:
researcher. He was a co-founder and chief scientist of Human
Security (formerly White Ops), a computer security company. He previously worked for
573:
at his home in San
Francisco. He had been frequently hospitalized for the disease in prior years. After his death, he received tributes from the
380:
Kaminsky worked with DNS vendors in secret to develop a patch to make exploiting the vulnerability more difficult, releasing it on July 8, 2008.
802:
1902:
1872:
1857:
656:
1057:
1035:
1877:
1852:
920:
1821:
187:
752:
897:
280:
the rootkit. Kaminsky then used his research to bring more awareness to the issue while Sony executives were trying to play it down.
608:
559:
324:
Kaminsky went public after working with the ad networks in question to eliminate the immediate cross-site scripting vulnerability.
551:. According to his mother, "he did things because they were the right thing to do, not because they would elicit financial gain."
235:
1525:
370:
1652:
574:
1458:
1211:
1185:
1082:"Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor Patch Released (Securosis.com) [LWN.net]"
1892:
1423:
1262:
723:
392:
Kaminsky responded that he felt it would be morally wrong, and he did not wish for his mother to visit him in prison.
388:
by others. He later presented his findings at the Black Hat
Briefings, at which he wore both a suit and rollerskates.
210:
Daniel Kaminsky was born in San Francisco on February 7, 1979, to Marshall Kaminsky and Trudy Maurer. His mother told
1340:
856:
1717:
1634:
857:"ToorCon Seattle 2008: Nuke plants, non-existent sub domain attacks, muffin diving, and Guitar Hero | Zero Day"
1897:
1247:
1609:
1481:
971:
1887:
1862:
509:
456:
1696:
1129:
1099:
226:
666:
239:
101:
1867:
582:
570:
484:
In June 2010, Kaminsky released Interpolique, a beta framework for addressing injection attacks such as
448:
1847:
1842:
1775:
489:
361:
1504:
1395:
1064:
892:
191:
183:
123:
661:
578:
460:
333:
212:
171:
692:
1160:
939:"CERT Vulnerability Note VU#800113: Multiple DNS implementations vulnerable to cache poisoning"
310:
1802:
830:
604:
436:
150:
111:
1581:
762:
1797:
1743:
1553:
825:
757:
697:
577:, which called him a "friend of freedom and embodiment of the true hacker spirit", and from
221:
166:
784:
500:
21:"Daniel Kaminsky" redirects here. For the actor and singer born David Daniel Kaminsky, see
532:
513:
337:
1242:
313:
to provide its advertising, Kaminsky was able to generalize the vulnerability to attack
555:
400:
1836:
1672:"Dan Kaminsky: Tributes pour in for security researcher who died after short illness"
1317:
998:"Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor Patch Released"
966:
485:
396:
69:
41:
1558:
1530:
1509:
1400:
540:
452:
404:
1215:
563:
536:
385:
263:
176:
366:
341:
217:
73:
22:
1806:
1792:
1638:
1219:
834:
820:
1586:
428:
374:
306:
1429:
1270:
305:. While the vulnerability used initially depended in part on the fact that
864:
693:"ISPs' Error Page Ads Let Hackers Hijack Entire Web, Researcher Discloses"
250:, before founding his own firm White Ops (later renamed Human Security).
600:
524:
464:
357:
349:
298:
294:
290:
276:
247:
162:
938:
1768:
528:
353:
318:
314:
1295:
1243:"Seattle security expert helped uncover major design flaw on Internet"
416:
345:
302:
199:
1081:
512:
reading "I ♥ Color". Kaminsky developed an app helping people with
182:
Kaminsky was known among computer security experts for his work on
860:
505:
499:
262:
243:
195:
190:
had infected at least 568,000 computers, and for his talks at the
158:
154:
1137:
1107:
1189:
544:
432:
407:(TTL) field would limit a guesser to only a few attempts a day.
1826:
941:. United States Computer Emergency Readiness Team. July 8, 2008
1367:"DNS 2008 and the new (old) nature of critical infrastructure"
175:
labeled Kaminsky an "Internet security savior" and "a digital
921:"EarthLink redirect service poses security risk, expert says"
1582:"Real Black Hats Hack Security Experts on Eve of Conference"
1341:"Hacker History: How Dan Kaminsky Almost Broke the Internet"
336:(DNS) protocol that could allow attackers to easily perform
523:
wrote that "in a community known for its biting, sometimes
1783:
403:
a second. Instead, other implementers assumed that DNS's
135:
803:"GENESIS, The St. Ignatius College Preparatory Magazine"
198:
as one of the Trusted Community Representatives for the
1829:- security company, of which Dan Kaminsky was a founder
1822:
DNSSEC: What it Means for DNS Security and Your Network
1764:
1653:"Kaminsky Issues Developer Tool To Kill Injection Bugs"
724:"Kaminsky on DNS rebinding attacks, hacking techniques"
657:"Daniel Kaminsky, Internet Security Savior, Dies at 42"
332:
In 2008, Kaminsky discovered a fundamental flaw in the
1793:"Secret Geek A-Team Hacks Back, Defends Worldwide Web"
821:"Secret Geek A-Team Hacks Back, Defends Worldwide Web"
785:"IANA — DNSSEC Project Archive - Launch TCR Selection"
549:
Academic Model Providing Access to Healthcare (AMPATH)
242:. After graduating from college, he worked for Cisco,
597:
Hack proofing your network : internet tradecraft
585:. On December 14, 2021, that wish came to fruition.
149:(February 7, 1979 – April 23, 2021) was an American
1820:Dan Kaminsky; Scott Rose; Cricket Liu; (June 2009)
1241:Lathrop, Daniel; Shukovsky, Paul (August 3, 2008).
746:
744:
130:
118:
107:
97:
81:
51:
32:
1482:"Dan Kaminsky Feels a disturbance in The Internet"
717:
715:
18:American computer security researcher (1979–2021)
1505:"Wildcard certificate spoofs web authentication"
516:, inspired by a friend of his with the disorder.
1396:"Busted! Conficker's tell-tale heart uncovered"
686:
684:
1697:"Security Researcher Dan Kaminsky Passes Away"
562:, he criticized comments by then-FBI director
8:
888:"More Trouble With Ads on ISPs' Error Pages"
650:
648:
459:protocol. These include the use of the weak
455:, Kaminsky discovered numerous flaws in the
427:On March 27, 2009, Kaminsky discovered that
1718:"Security Researcher Dan Kaminsky Has Died"
1454:Updated Conficker Detection Plugin Released
1186:"Kaminsky's DNS Issue Accidentally Leaked?"
962:"Major DNS flaw could disrupt the Internet"
646:
644:
642:
640:
638:
636:
634:
632:
630:
628:
365:the problem, Kaminsky initially contacted
40:
29:
1703:. Wired Business Media. April 24, 2021.
1526:"Crackers publish hackers' private data"
1290:
1288:
273:Sony BMG copy protection rootkit scandal
1908:St. Ignatius College Preparatory alumni
1554:"Security elite pwned on Black Hat eve"
624:
492:in a manner comfortable to developers.
1744:"INTERNET HALL of FAME - Dan Kaminsky"
1028:"Network Security podcast – Episode 7"
443:Flaws in Internet X.509 infrastructure
1339:Rashid, Fahmida Y. (April 23, 2018).
722:Mimoso, Michael S. (April 14, 2008).
581:, who said Kaminsky should be in the
7:
1610:"Security Gurus 0wned by Black Hats"
1608:Constantin, Lucian (July 30, 2009).
569:Kaminsky died on April 23, 2021, of
194:. On June 16, 2010, he was named by
1791:Davis, Joshua (November 24, 2008).
1428:. Skullsecurity.org. Archived from
919:McMillan, Robert (April 19, 2008).
855:McFeters, Nathan (April 21, 2008).
819:Davis, Joshua (November 24, 2008).
751:Norton, Quinn (November 15, 2005).
655:Perlroth, Nicole (April 27, 2021).
216:that after his father bought him a
1883:Deaths from diabetes in California
1457:. Tenable Security. Archived from
1451:Asadoorian, Paul (April 1, 2009).
1318:"Measures to prevent DNS spoofing"
14:
1058:"Securosispublications - Article"
1670:Walker, James (April 26, 2021).
1425:Scanning for Conficker with Nmap
1422:Bowes, Ronald (March 30, 2009).
753:"Sony Numbers Add Up to Trouble"
423:Automated detection of Conficker
236:St. Ignatius College Preparatory
1218:. July 22, 2008. Archived from
1136:. July 11, 2008. Archived from
960:Messmer, Ellen (July 8, 2008).
886:Krebs, Brian (April 30, 2008).
691:Singel, Ryan (April 19, 2008).
554:Kaminsky was also an outspoken
371:Department of Homeland Security
165:, where he was the director of
92:San Francisco, California, U.S.
1394:Goodin, Dan (March 30, 2009).
1106:. July 9, 2008. Archived from
1100:"An Astonishing Collaboration"
575:Electronic Frontier Foundation
317:by attacking its ad provider,
1:
1903:Santa Clara University alumni
1873:Computer security specialists
1858:American computer specialists
1580:Zetter, Kim (July 29, 2009).
1552:Goodin, Dan (July 29, 2009).
1503:Goodin, Dan (July 30, 2009).
1159:Vixie, Paul (July 14, 2008).
996:Mogull, Rich (July 8, 2008).
504:Kaminsky in 2012, wearing an
447:In 2009, in cooperation with
231:be introduced to his mother.
1878:Computer systems researchers
1853:Activists from San Francisco
1524:Ries, Ulie (July 31, 2009).
599:(1 ed.). Rockland, MA:
560:FBI–Apple encryption dispute
373:and executives at Cisco and
1320:. Ds9a.nl. November 2, 2006
1212:"DNS bug leaks by matasano"
539:technology, and developing
1924:
1750:. ISOC. December 14, 2021.
1248:Seattle Post-Intelligencer
471:Attack by "Zero for 0wned"
20:
1480:Rodney (August 2, 2009).
39:
1635:"Interpolique Home Page"
510:pseudoisochromatic plate
284:Earthlink and DNS lookup
496:Personal life and death
227:San Francisco Chronicle
186:, for showing that the
595:Russell, Ryan (2000).
517:
268:
240:Santa Clara University
102:Santa Clara University
1748:Internet Hall of Fame
1461:on September 26, 2010
1222:on September 17, 2008
1161:"Not a Guessing Game"
583:Internet Hall of Fame
571:diabetic ketoacidosis
558:advocate. During the
503:
476:Black Hat Briefings.
449:Meredith L. Patterson
266:
122:Discovering the 2008
1786:on January 24, 2000.
1188:. Invisible Denizen
974:on February 13, 2009
508:T-shirt depicting a
490:cross-site scripting
1263:"Pwnie Awards 2008"
1070:on August 27, 2008.
1038:on January 29, 2011
893:The Washington Post
547:among refugees for
535:people, working on
222:penetration testing
192:Black Hat Briefings
184:DNS cache poisoning
167:penetration testing
124:DNS cache poisoning
1893:Internet activists
662:The New York Times
521:The New York Times
518:
377:to work on a fix.
334:Domain Name System
269:
234:Kaminsky attended
213:The New York Times
172:The New York Times
1898:Privacy activists
1641:on June 18, 2010.
867:on August 1, 2008
765:on April 23, 2008
669:on April 29, 2021
543:tools related to
463:hash function by
151:computer security
144:
143:
112:Computer security
1915:
1817:
1815:
1813:
1787:
1782:. Archived from
1780:DoxPara Research
1752:
1751:
1740:
1734:
1733:
1731:
1729:
1724:. April 24, 2021
1714:
1708:
1707:
1693:
1687:
1686:
1684:
1682:
1667:
1661:
1660:
1659:. June 14, 2010.
1649:
1643:
1642:
1637:. Archived from
1631:
1625:
1624:
1622:
1620:
1605:
1599:
1598:
1596:
1594:
1577:
1571:
1570:
1568:
1566:
1549:
1543:
1542:
1540:
1538:
1521:
1515:
1514:
1500:
1494:
1493:
1491:
1489:
1477:
1471:
1470:
1468:
1466:
1448:
1442:
1441:
1439:
1437:
1432:on April 2, 2009
1419:
1413:
1412:
1410:
1408:
1391:
1385:
1384:
1382:
1380:
1371:
1362:
1356:
1355:
1353:
1351:
1336:
1330:
1329:
1327:
1325:
1314:
1308:
1307:
1305:
1303:
1292:
1283:
1282:
1280:
1278:
1269:. Archived from
1259:
1253:
1252:
1238:
1232:
1231:
1229:
1227:
1208:
1202:
1201:
1199:
1197:
1182:
1176:
1175:
1173:
1171:
1156:
1150:
1149:
1147:
1145:
1140:on July 15, 2008
1134:DoxPara Research
1126:
1120:
1119:
1117:
1115:
1110:on July 14, 2008
1104:DoxPara Research
1096:
1090:
1089:
1078:
1072:
1071:
1069:
1063:. Archived from
1062:
1054:
1048:
1047:
1045:
1043:
1034:. Archived from
1024:
1018:
1017:
1015:
1013:
1008:on July 11, 2008
1004:. Archived from
993:
987:
986:
981:
979:
970:. Archived from
957:
951:
950:
948:
946:
935:
929:
928:
916:
910:
909:
907:
905:
896:. Archived from
883:
877:
876:
874:
872:
863:. Archived from
852:
846:
845:
843:
841:
816:
810:
809:
807:
799:
793:
792:
781:
775:
774:
772:
770:
761:. Archived from
748:
739:
738:
736:
734:
719:
710:
709:
707:
705:
688:
679:
678:
676:
674:
665:. Archived from
652:
614:
340:attacks on most
267:Kaminsky in 2014
140:
137:
88:
66:February 7, 1979
65:
63:
46:Kaminsky in 2007
44:
30:
1923:
1922:
1918:
1917:
1916:
1914:
1913:
1912:
1888:Ethical hackers
1863:Avaya employees
1833:
1832:
1811:
1809:
1790:
1774:Kaminsky, Dan.
1773:
1761:
1756:
1755:
1742:
1741:
1737:
1727:
1725:
1716:
1715:
1711:
1695:
1694:
1690:
1680:
1678:
1669:
1668:
1664:
1651:
1650:
1646:
1633:
1632:
1628:
1618:
1616:
1607:
1606:
1602:
1592:
1590:
1579:
1578:
1574:
1564:
1562:
1551:
1550:
1546:
1536:
1534:
1523:
1522:
1518:
1502:
1501:
1497:
1487:
1485:
1479:
1478:
1474:
1464:
1462:
1450:
1449:
1445:
1435:
1433:
1421:
1420:
1416:
1406:
1404:
1393:
1392:
1388:
1378:
1376:
1369:
1365:Kaminsky, Dan.
1364:
1363:
1359:
1349:
1347:
1338:
1337:
1333:
1323:
1321:
1316:
1315:
1311:
1301:
1299:
1294:
1293:
1286:
1276:
1274:
1261:
1260:
1256:
1240:
1239:
1235:
1225:
1223:
1210:
1209:
1205:
1195:
1193:
1192:. July 21, 2008
1184:
1183:
1179:
1169:
1167:
1158:
1157:
1153:
1143:
1141:
1128:
1127:
1123:
1113:
1111:
1098:
1097:
1093:
1080:
1079:
1075:
1067:
1060:
1056:
1055:
1051:
1041:
1039:
1026:
1025:
1021:
1011:
1009:
995:
994:
990:
977:
975:
959:
958:
954:
944:
942:
937:
936:
932:
918:
917:
913:
903:
901:
885:
884:
880:
870:
868:
854:
853:
849:
839:
837:
818:
817:
813:
805:
801:
800:
796:
783:
782:
778:
768:
766:
750:
749:
742:
732:
730:
728:Search Security
721:
720:
713:
703:
701:
690:
689:
682:
672:
670:
654:
653:
626:
621:
611:
594:
591:
514:color blindness
498:
482:
473:
445:
425:
401:network sockets
338:cache poisoning
330:
286:
261:
256:
208:
147:Daniel Kaminsky
134:
98:Alma mater
93:
90:
86:
77:
67:
61:
59:
58:
57:
56:Daniel Kaminsky
47:
35:
26:
19:
12:
11:
5:
1921:
1919:
1911:
1910:
1905:
1900:
1895:
1890:
1885:
1880:
1875:
1870:
1865:
1860:
1855:
1850:
1845:
1835:
1834:
1831:
1830:
1827:Human Security
1824:
1818:
1788:
1771:
1760:
1759:External links
1757:
1754:
1753:
1735:
1709:
1688:
1676:The Daily Swig
1662:
1644:
1626:
1600:
1572:
1544:
1516:
1495:
1484:. SemiAccurate
1472:
1443:
1414:
1386:
1357:
1331:
1309:
1284:
1273:on May 6, 2021
1254:
1233:
1203:
1177:
1151:
1121:
1091:
1073:
1049:
1019:
988:
952:
930:
911:
900:on May 3, 2011
878:
847:
811:
808:. Spring 2022.
794:
776:
740:
711:
680:
623:
622:
620:
617:
616:
615:
609:
590:
587:
556:privacy rights
497:
494:
481:
478:
472:
469:
444:
441:
424:
421:
329:
326:
285:
282:
260:
257:
255:
252:
207:
204:
142:
141:
132:
128:
127:
120:
119:Known for
116:
115:
109:
105:
104:
99:
95:
94:
91:
89:(aged 42)
85:April 23, 2021
83:
79:
78:
68:
55:
53:
49:
48:
45:
37:
36:
33:
17:
13:
10:
9:
6:
4:
3:
2:
1920:
1909:
1906:
1904:
1901:
1899:
1896:
1894:
1891:
1889:
1886:
1884:
1881:
1879:
1876:
1874:
1871:
1869:
1866:
1864:
1861:
1859:
1856:
1854:
1851:
1849:
1846:
1844:
1841:
1840:
1838:
1828:
1825:
1823:
1819:
1808:
1804:
1800:
1799:
1794:
1789:
1785:
1781:
1777:
1772:
1770:
1766:
1763:
1762:
1758:
1749:
1745:
1739:
1736:
1723:
1719:
1713:
1710:
1706:
1702:
1701:Security Week
1698:
1692:
1689:
1677:
1673:
1666:
1663:
1658:
1654:
1648:
1645:
1640:
1636:
1630:
1627:
1615:
1611:
1604:
1601:
1589:
1588:
1583:
1576:
1573:
1561:
1560:
1555:
1548:
1545:
1533:
1532:
1527:
1520:
1517:
1512:
1511:
1506:
1499:
1496:
1483:
1476:
1473:
1460:
1456:
1455:
1447:
1444:
1431:
1427:
1426:
1418:
1415:
1403:
1402:
1397:
1390:
1387:
1375:
1368:
1361:
1358:
1346:
1342:
1335:
1332:
1319:
1313:
1310:
1297:
1296:"DNS forgery"
1291:
1289:
1285:
1272:
1268:
1264:
1258:
1255:
1250:
1249:
1244:
1237:
1234:
1221:
1217:
1213:
1207:
1204:
1191:
1187:
1181:
1178:
1166:
1162:
1155:
1152:
1139:
1135:
1131:
1125:
1122:
1109:
1105:
1101:
1095:
1092:
1087:
1083:
1077:
1074:
1066:
1059:
1053:
1050:
1037:
1033:
1032:hw.libsyn.com
1029:
1023:
1020:
1007:
1003:
999:
992:
989:
985:
973:
969:
968:
967:Network World
963:
956:
953:
940:
934:
931:
926:
922:
915:
912:
899:
895:
894:
889:
882:
879:
866:
862:
858:
851:
848:
836:
832:
828:
827:
822:
815:
812:
804:
798:
795:
790:
786:
780:
777:
764:
760:
759:
754:
747:
745:
741:
729:
725:
718:
716:
712:
700:
699:
694:
687:
685:
681:
668:
664:
663:
658:
651:
649:
647:
645:
643:
641:
639:
637:
635:
633:
631:
629:
625:
618:
612:
610:1-928994-15-6
606:
602:
598:
593:
592:
588:
586:
584:
580:
576:
572:
567:
565:
561:
557:
552:
550:
546:
542:
538:
534:
530:
527:discourse on
526:
522:
515:
511:
507:
502:
495:
493:
491:
487:
486:SQL injection
479:
477:
470:
468:
466:
462:
458:
454:
450:
442:
440:
438:
434:
430:
422:
420:
418:
412:
408:
406:
402:
398:
397:Dan Bernstein
393:
389:
387:
381:
378:
376:
372:
368:
363:
359:
355:
351:
347:
343:
339:
335:
327:
325:
322:
320:
316:
312:
308:
304:
300:
296:
292:
283:
281:
278:
274:
265:
258:
253:
251:
249:
245:
241:
237:
232:
229:
228:
223:
219:
215:
214:
205:
203:
201:
197:
193:
189:
185:
180:
178:
174:
173:
168:
164:
160:
156:
152:
148:
139:
133:
129:
126:vulnerability
125:
121:
117:
113:
110:
106:
103:
100:
96:
84:
80:
75:
71:
70:San Francisco
54:
50:
43:
38:
31:
28:
24:
16:
1868:Cisco people
1810:. Retrieved
1796:
1784:the original
1779:
1765:Dan Kaminsky
1747:
1738:
1726:. Retrieved
1721:
1712:
1704:
1700:
1691:
1679:. Retrieved
1675:
1665:
1657:Dark Reading
1656:
1647:
1639:the original
1629:
1617:. Retrieved
1613:
1603:
1591:. Retrieved
1585:
1575:
1563:. Retrieved
1559:The Register
1557:
1547:
1535:. Retrieved
1531:heise online
1529:
1519:
1510:The Register
1508:
1498:
1486:. Retrieved
1475:
1463:. Retrieved
1459:the original
1453:
1446:
1434:. Retrieved
1430:the original
1424:
1417:
1405:. Retrieved
1401:The Register
1399:
1389:
1377:. Retrieved
1374:blackhat.com
1373:
1360:
1348:. Retrieved
1344:
1334:
1322:. Retrieved
1312:
1300:. Retrieved
1275:. Retrieved
1271:the original
1266:
1257:
1246:
1236:
1224:. Retrieved
1220:the original
1214:. beezari's
1206:
1194:. Retrieved
1180:
1168:. Retrieved
1165:Circleid.com
1164:
1154:
1142:. Retrieved
1138:the original
1133:
1124:
1112:. Retrieved
1108:the original
1103:
1094:
1085:
1076:
1065:the original
1052:
1040:. Retrieved
1036:the original
1031:
1022:
1010:. Retrieved
1006:the original
1001:
991:
983:
976:. Retrieved
972:the original
965:
955:
945:November 27,
943:. Retrieved
933:
924:
914:
902:. Retrieved
898:the original
891:
881:
869:. Retrieved
865:the original
850:
838:. Retrieved
824:
814:
797:
789:www.iana.org
788:
779:
767:. Retrieved
763:the original
756:
731:. Retrieved
727:
702:. Retrieved
696:
671:. Retrieved
667:the original
660:
596:
568:
553:
541:telemedicine
525:misogynistic
520:
519:
483:
480:Interpolique
474:
453:Len Sassaman
446:
426:
413:
409:
405:time to live
394:
390:
382:
379:
331:
323:
287:
270:
259:Sony rootkit
233:
225:
211:
209:
188:Sony rootkit
181:
170:
146:
145:
87:(2021-04-23)
34:Dan Kaminsky
27:
15:
1848:2021 deaths
1843:1979 births
1488:January 25,
1324:January 25,
1302:January 25,
1216:LiveJournal
1170:January 25,
1130:"Ow My Toe"
1042:January 12,
871:January 25,
564:James Comey
537:hearing aid
342:nameservers
328:Flaw in DNS
271:During the
177:Paul Revere
136:dankaminsky
1837:Categories
1298:. Cr.yp.to
1267:pwnies.com
619:References
533:colorblind
367:Paul Vixie
309:was using
218:RadioShack
206:Early life
114:researcher
108:Occupation
74:California
62:1979-02-07
23:Danny Kaye
1807:1059-1028
1776:"Welcome"
1728:April 24,
1681:April 28,
1619:April 28,
1614:Softpedia
1587:Wired.com
1436:March 31,
1407:March 31,
1379:April 30,
1350:April 28,
1277:April 28,
1002:securosis
925:InfoWorld
835:1059-1028
673:April 27,
579:Jeff Moss
429:Conficker
375:Microsoft
311:Barefruit
307:Earthlink
295:Rickrolls
1722:CircleID
1593:July 31,
1565:July 31,
1537:July 31,
1465:April 2,
1226:July 30,
1196:July 30,
1144:June 14,
1114:June 14,
1012:June 14,
978:June 14,
601:Syngress
465:Verisign
386:mirrored
358:Secure64
350:PowerDNS
299:Facebook
291:phishing
277:Sony BMG
275:, where
248:IOActive
163:IOActive
1769:Twitter
1345:Duo.com
1086:lwn.net
904:May 19,
769:May 19,
733:May 19,
704:May 19,
529:Twitter
362:Unbound
354:MaraDNS
319:Paxfire
315:Verizon
131:Website
1812:May 1,
1805:
840:May 1,
833:
607:
506:ironic
437:Nessus
417:DNSSEC
346:djbdns
303:PayPal
254:Career
246:, and
202:root.
200:DNSSEC
161:, and
76:, U.S.
1798:Wired
1370:(PDF)
1068:(PDF)
1061:(PDF)
861:ZDNet
826:Wired
806:(PDF)
758:Wired
698:Wired
589:Works
244:Avaya
196:ICANN
159:Avaya
155:Cisco
1814:2021
1803:ISSN
1730:2021
1683:2021
1621:2021
1595:2009
1567:2009
1539:2009
1490:2013
1467:2009
1438:2009
1409:2009
1381:2021
1352:2021
1326:2013
1304:2013
1279:2021
1228:2008
1198:2008
1190:blog
1172:2013
1146:2021
1116:2021
1044:2022
1014:2021
980:2021
947:2008
906:2008
873:2013
842:2021
831:ISSN
771:2008
735:2008
706:2008
675:2021
605:ISBN
545:AIDS
488:and
451:and
435:and
433:NMap
360:and
301:and
238:and
138:.com
82:Died
52:Born
1767:on
461:MD2
457:SSL
297:on
179:".
1839::
1801:.
1795:.
1778:.
1746:.
1720:.
1699:.
1674:.
1655:.
1612:.
1584:.
1556:.
1528:.
1507:.
1398:.
1372:.
1343:.
1287:^
1265:.
1245:.
1163:.
1132:.
1102:.
1084:.
1030:.
1000:.
982:.
964:.
923:.
890:.
859:.
829:.
823:.
787:.
755:.
743:^
726:.
714:^
695:.
683:^
659:.
627:^
603:.
439:.
356:,
352:,
348:,
321:.
169:.
157:,
72:,
1816:.
1732:.
1685:.
1623:.
1597:.
1569:.
1541:.
1513:.
1492:.
1469:.
1440:.
1411:.
1383:.
1354:.
1328:.
1306:.
1281:.
1251:.
1230:.
1200:.
1174:.
1148:.
1118:.
1088:.
1046:.
1016:.
949:.
927:.
908:.
875:.
844:.
791:.
773:.
737:.
708:.
677:.
613:.
344:(
64:)
60:(
25:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.
