Daniel Kaminsky, a security researcher known for his discovery of a fundamental flaw in the fabric of the internet, died Friday at his home in San Francisco. He was 42.
The cause was diabetes ketoacidosis.
In 2008, Kaminsky was widely hailed as a digital Paul Revere after he found a serious flaw in the internet's basic plumbing that could allow skilled coders to take over websites, siphon off bank credentials or even shut down the internet. Kaminsky alerted the Department of Homeland Security, Microsoft and Cisco executives, and other internet security experts and helped spearhead a patch.
He was a respected practitioner of "penetration testing," the business of compromising computer security at the behest of owners who want to protect their systems. It was a profession that his mother, Trudy Maurer, said he first developed a knack for at age 4 after his father gave him a computer from Radio Shack. By 5, his mother said, the boy had taught himself to code.
His childhood paralleled the 1983 movie "War Games," in which a teen, played by Matthew Broderick, unwittingly accesses a U.S. military supercomputer. When Kaminsky was 11, his mother said, she received an angry phone call from someone who identified himself as a network administrator for the Western United States. The administrator said someone at her residence was "monkeying around in territories where he shouldn't be monkeying around."
Without her knowledge, her son had been examining military websites. The administrator vowed to "punish" him by cutting off the family's internet access. Maurer warned the administrator that if he made good on his threat, she would take out an ad in the San Francisco Chronicle denouncing the Pentagon's security.
They settled on a compromise punishment: three days without the internet.
Nearly two decades after he lost his access to the internet, Kaminsky wound up saving it. What he discovered in 2008 was a problem with the internet's basic address system, known as the Domain Name System, or DNS, a dynamic phone book that converts human-friendly web addresses into their machine-friendly numeric counterparts. He found a way that thieves or spies could covertly manipulate DNS traffic so that a person typing the website for a bank would instead be redirected to an impostor site that could steal the user's account number and password.
While his DNS fix was Kaminsky's most celebrated contribution to internet security, it was hardly his only one. In 2005, after researchers discovered Sony BMG was covertly installing software on PCs to combat music piracy, Sony executives played down the move. Kaminsky forced the issue after discovering Sony's software had infected more than 568,000 computers.
The Electronic Frontier Foundation, a group that promotes civil liberties, said in a tweet Saturday that Kaminsky was a "friend of freedom and embodiment of the true hacker spirit."