How Should We Honor the Legacy of Dan Kaminsky? 27
Last week came the news that Dan Kaminsky, security researcher (and popular speaker at security conferences), had passed away at the age of 42. In a half hour the DEF CON security convention will hold a special online memorial for Dan Kaminsky on Discord.
But interestingly, Kaminsky was also one of ICANN's "Trusted Community Representatives," part of a small community involved in a ceremonial root key generation, backup and signing process. (Since 2010 Kaminsky was one of the seven "Recovery Key Share Holders" entrusted with a fragment of a cryptographic key and reporting in for its annual inventory.)
So who will take Dan's place? Slashdot contacted ICANN's vice president of IANA Services, Kim Davies. His response? We maintain an open invitation for volunteers who believe they are qualified, and review those volunteers when a vacancy arises. The selection process is documented, but in essence means we try to maintain a balance of skills and geographic location so that in the aggregate the TCRs are diverse.
The selection is not in chronological order, and will not necessarily result in selecting someone who most matches Dan's attributes. Ultimately the replacement will be a volunteer that the evaluation panel feels best contrasts and complements the attributes of the remaining TCRs.
Davies also shared this remembrance of Dan Kaminsky: He played a critical role in the evolution of the DNS by bringing attention to the practical cache poisoning vulnerability he discovered. He was a greater collaborator who worked closely with us to rapidly address the issue in critical infrastructure, and then worked to promote technologies like DNSSEC that can mitigate it effectively in the long term. He really provided a significant catalyst that resulted in DNSSEC being put into widespread production in 2010.
His service as a Trusted Community Representative was just a part of his commitment to these issues, and while his work on the DNS is perhaps his most famous contribution, he has an amazing resume of accomplishments throughout his career.
Personally I found him a delight to work with and we are deeply mourning the loss.
Of course, there's another way to follow in Dan's footsteps. Long-time Slashdot reader destinyland writes: Jeff Moss, founder of DEF CON and Black Hat, has proposed nominating Kaminsky for the Internet Hall of Fame, or even creating a Kaminsky award to honor "the core ideals" of the security researcher. But there's another complementary direction to go in... Black Hat board member Matt Devost tweeted last weekend that, "No one that knew Dan Kaminsky well is talking about DNS today. They are talking about kindness, boundless energy and positivity, spontaneous adventures, and how hard he worked to lift others up. Want to emulate one of the greatest hackers of all time? Let that be your guide."
And last week a self-described hacker named Dr. Russ even tweeted, "In an effort to honor Dan Kaminsky's character and legacy, we should all make a random act of Kaminsky weekly. Make it a point to be kind and helpful to someone, friend or stranger. Legit helpful and kind, take it over the finish line. Be the persistent guide he was. Then do it again."
I propose we call that "pulling a Kaminsky."
Presumably in the way later generations in William Gibson's Count Zero talked of "pulling a Wilson...."
But interestingly, Kaminsky was also one of ICANN's "Trusted Community Representatives," part of a small community involved in a ceremonial root key generation, backup and signing process. (Since 2010 Kaminsky was one of the seven "Recovery Key Share Holders" entrusted with a fragment of a cryptographic key and reporting in for its annual inventory.)
So who will take Dan's place? Slashdot contacted ICANN's vice president of IANA Services, Kim Davies. His response? We maintain an open invitation for volunteers who believe they are qualified, and review those volunteers when a vacancy arises. The selection process is documented, but in essence means we try to maintain a balance of skills and geographic location so that in the aggregate the TCRs are diverse.
The selection is not in chronological order, and will not necessarily result in selecting someone who most matches Dan's attributes. Ultimately the replacement will be a volunteer that the evaluation panel feels best contrasts and complements the attributes of the remaining TCRs.
Davies also shared this remembrance of Dan Kaminsky: He played a critical role in the evolution of the DNS by bringing attention to the practical cache poisoning vulnerability he discovered. He was a greater collaborator who worked closely with us to rapidly address the issue in critical infrastructure, and then worked to promote technologies like DNSSEC that can mitigate it effectively in the long term. He really provided a significant catalyst that resulted in DNSSEC being put into widespread production in 2010.
His service as a Trusted Community Representative was just a part of his commitment to these issues, and while his work on the DNS is perhaps his most famous contribution, he has an amazing resume of accomplishments throughout his career.
Personally I found him a delight to work with and we are deeply mourning the loss.
Of course, there's another way to follow in Dan's footsteps. Long-time Slashdot reader destinyland writes: Jeff Moss, founder of DEF CON and Black Hat, has proposed nominating Kaminsky for the Internet Hall of Fame, or even creating a Kaminsky award to honor "the core ideals" of the security researcher. But there's another complementary direction to go in... Black Hat board member Matt Devost tweeted last weekend that, "No one that knew Dan Kaminsky well is talking about DNS today. They are talking about kindness, boundless energy and positivity, spontaneous adventures, and how hard he worked to lift others up. Want to emulate one of the greatest hackers of all time? Let that be your guide."
And last week a self-described hacker named Dr. Russ even tweeted, "In an effort to honor Dan Kaminsky's character and legacy, we should all make a random act of Kaminsky weekly. Make it a point to be kind and helpful to someone, friend or stranger. Legit helpful and kind, take it over the finish line. Be the persistent guide he was. Then do it again."
I propose we call that "pulling a Kaminsky."
Presumably in the way later generations in William Gibson's Count Zero talked of "pulling a Wilson...."
Update your god damn computer (Score:3)
Re: (Score:2)
The majority of slashdot posters are boomers.
Really? I've got a pretty low ID and I'm not a boomer by a few years.
Re: Update your god damn computer (Score:1)
Why? Why not just fix things?
It is not as though the amount of crap in software has decreased by pushing out the next release.
Re: (Score:2)
Why? Why not just fix things?
Updating your computer *is* how we fix things. We are fixing things all the time, but when people don't apply the fixes, they choose to stay with the broken. Sure, different people have different ideas of "broken" and others prefer "broken" (or just how it is) to the change induced by the "fix", but in general the consumers of software are asking for new features, and with new features come new bugs. A given software application only becomes more stable over time if there aren't new features added and there
Re: (Score:2)
Boomers have been online for a long time, many of them since before Gen X. They were the ones who built the network, and designed all the protocols we use. They were using internet before anti-virus programs existed.
In the olden days, people absolutely did not trust network-provided code. Javascript had a slow early adoption curve. In the 90s, it was pretty standard to leave javascript turned off.
A lot of younger people are used to just trusting technology, and expect their phone or their computer to protec
Update your god damn computer (Score:2)
Re:Update your god damn computer (Score:5, Interesting)
> Looking at you boomers
The kind that double post the same thing minutes apart? This is prime performance art!
IIRC Dan supported the ICANN community process. Who else here was a community member before ICANN decided to become autocratic and wipe out almost all of the community involvement?
Given that ICANN can't be democratic at this point, to honor the intent of the community effort, we can honor Dan by supporting secure and decentralized web technologies that take the power away from corporate interests. He had NO problem giving Sony a huge black eye for their social malfeasance. So it should be for any who would abuse their power to make the Internet a worse place for the little guy.
Re: (Score:2)
No, that was posted by a bot from his account. He clicked on a phishing email link, see.
Re: (Score:1)
Random acts of kindness (Score:3)
Re: (Score:3)
Sadly, it is in our world today.
Otherwise, we wouldn't be sitting here talking about it as a differentiator.
Re: (Score:2)
8 years before he was born? That would be a neat trick.
You're new here? - on Earth? (Score:2)
You seem to be unfamiliar with the kind of people GP is referring to, and the things they do.
Just last week right here on Slashdot AmiJo was insisting that Stallman knew about things Epstein had done - years before he did them.
In that very same thread, the same people asserted that a particular underage woman had been trapped on Epstein's island at the time she was a married, 23 year old mother.
Facts don't matter. Effects are "caused" by thing that happen years later. Logic and reason are not only irreleva
Re: (Score:2)
Stallman was creeping out on people he had academic power over for decades before the public found out about Epstein.
I assume you like defending these guys because you're a bit rapey.
Re: (Score:2)
Great demon thanks. That's EXACTLY how they act.
"You're claiming 2007 is BEFORE 2012? You're a racist and a rapist!"
* demo (Score:2)
Great impersonation of a crazy "woke".
Breaking and entering. (Score:3)
In the spirit of security research I declare today as pentesting slashdot day.
DNS cache spoofing? (Score:2)
The concept of dns cache spoofing was around long before kaminsky publicised it...
Here is a link to code that exploits the same attack he talked about:
https://web.archive.org/web/20... [archive.org]
It was written in 1999, although the earliest instance caught by web.archive.org was in 2001.
Re:DNS cache spoofing? (Score:5, Informative)
Bruce Schneier's thoughts, from a long time ago, that kinda address this:
https://www.schneier.com/essay... [schneier.com]
There may be more info in these stories:
https://it.slashdot.org/story/... [slashdot.org]
https://developers.slashdot.or... [slashdot.org]
https://it.slashdot.org/story/... [slashdot.org]
Kaminsky's slashdot id:
https://slashdot.org/~Effugas [slashdot.org]
"May his memory be for a blessing" (Score:5, Insightful)
That's a Jewish mourning phrase. I'm not Jewish so there's a good chance I don't get the full meaning, but as I understand it it doesn't mean passive recollection, but instead means all the ways the person's actions continue to change the world after they are gone. It can mean accomplishments that have lasted, or lives they have changed for the better, or actions by the living inspired by their example.
If his legacy is to inspire acts of kindness that will be sweet and fitting.
Jews will not be unanimous about that interpretation but the sentiment resonates with me.