LLMpediaThe first transparent, open encyclopedia generated by LLMs

Dan Kaminsky

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: DEF CON Hop 3
Expansion Funnel Raw 39 → Dedup 6 → NER 3 → Enqueued 2
1. Extracted39
2. After dedup6 (None)
3. After NER3 (None)
Rejected: 3 (not NE: 3)
4. Enqueued2 (None)
Dan Kaminsky
Dan Kaminsky
Dan_Kaminsky.jpg: Dave Bullock derivative work: Emdee (talk) · CC BY 2.0 · source
NameDan Kaminsky
Birth date1979
Birth placeSan Francisco, California, U.S.
Death date2021-04-23
Death placeSan Francisco, California, U.S.
Alma materUniversity of California, San Diego
OccupationComputer security researcher, entrepreneur
Known forDNS cache poisoning mitigation, security research

Dan Kaminsky was an American computer security researcher and entrepreneur known for discovering a fundamental vulnerability in the Domain Name System and coordinating a large-scale mitigation effort in 2008. He contributed to practical cryptography, vulnerability disclosure practices, and security tooling while engaging with industry, academic, and policy communities. His work influenced protocols, incident response, and public discussion on cybersecurity risk and resilience.

Early life and education

Born in San Francisco and raised in California, Kaminsky attended public schools before pursuing higher education at the University of California, San Diego. At UCSD he studied computer science and developed an early interest in network protocols and Internet Engineering Task Force standards. During this period he engaged with communities around USENIX, DEF CON, and regional hacker spaces that connected students, practitioners, and researchers.

Career and cybersecurity research

Kaminsky worked across academia, startups, and established technology firms, including roles that interfaced with Cisco Systems, Microsoft, and venture-backed security companies. He contributed to projects involving Domain Name System, Transport Layer Security, and practical exploits used to illustrate systemic weaknesses. He was active in conferences such as Black Hat USA, RSA Conference, and CanSecWest, and collaborated with figures from CERT Coordination Center, SRI International, and independent researchers like Bruce Schneier and Mudge (computer security). His research combined reverse engineering, applied cryptography, and coordinated disclosure with stakeholders including representatives from VeriSign, ICANN, and major Internet service providers.

DNS vulnerability and 2008 mitigation

In 2008 Kaminsky identified a pervasive vulnerability in the Domain Name System that enabled cache poisoning attacks affecting resolvers operated by entities such as Akamai Technologies, Google Public DNS, and major telecommunications providers. He worked discreetly with vendors including Microsoft and registry operators such as VeriSign to design a mitigation strategy that involved coordinated patching and emergency protocol hardening. The disclosure process involved coordination with policy bodies like ICANN and technical groups including the IETF DNS working groups, and he presented findings at Black Hat USA to ensure broad awareness after mitigations were in place. The incident accelerated deployment of measures such as source port randomization and informed later proposals like DNSSEC adoption.

Later work and advocacy

Following the 2008 DNS disclosure Kaminsky cofounded and advised security ventures and research initiatives, engaging with organizations including White Ops, Akamai Technologies, and independent labs. He explored supply chain threats, secure protocol design, and threat modeling relevant to OAuth and OpenID ecosystems, collaborating with engineers from Google, Facebook, and startups in Silicon Valley. Kaminsky advocated for coordinated vulnerability disclosure practices alongside entities like CERT Coordination Center and civilian organizations such as Electronic Frontier Foundation. He provided testimony and briefings to industry consortia and participated in panels alongside representatives from Department of Homeland Security-linked initiatives and international standards bodies.

Awards and recognition

Kaminsky received numerous accolades from professional and community organizations, appearing on lists curated by Wired (magazine), receiving honors at conferences such as Black Hat USA and recognition from institutions including USENIX and ACM-affiliated events. Peers in the security community, including Dan Geer and Charlie Miller, cited his impact on practice and disclosure norms. His work was widely covered in outlets like The New York Times and The Washington Post, and his technical contributions informed curricula in university programs at institutions such as Carnegie Mellon University and Massachusetts Institute of Technology.

Personal life and death

Kaminsky was known in hacker and security communities for mentoring researchers at gatherings including DEF CON and regional meetups, and he engaged with arts and cultural organizations in the San Francisco Bay Area. He died in April 2021 in San Francisco; his passing was noted by peers across industry, academia, and civil society, including statements from ICANN and major technology firms. Tributes highlighted his technical achievements and community leadership.

Category:Computer security researchers Category:1979 births Category:2021 deaths