Secret Geek A-Team Hacks Back, Defends Worldwide Web (or How Dan Kaminsky saved the internet)

In June 2005, a balding, slightly overweight, perpetually T-shirt-clad 26-year-old computer consultant named Dan Kaminsky decided to get in shape. He began by scanning the Internet for workout tips and read that five minutes of sprinting was the equivalent of a half-hour jog. This seemed like a great shortcut — an elegant exercise hack — so he bought some running shoes at the nearest Niketown. That same afternoon, he laced up his new kicks and burst out the front door of his Seattle apartment building for his first five-minute workout. He took a few strides, slipped on a concrete ramp and crashed to the sidewalk, shattering his left elbow.He spent the next few weeks stuck at home in a Percocet-tinged haze. Before the injury, he’d spent his days testing the inner workings of software programs. Tech companies hired him to root out security holes before hackers could find them. Kaminsky did it well. He had a knack for breaking things — bones and software alike.But now, laid up in bed, he couldn’t think clearly. His mind drifted. Running hadn’t worked out so well. Should he buy a stationary bike? Maybe one of those recumbent jobs would be best. He thought about partying in Las Vegas … mmm, martinis … and recalled a trick he’d figured out for getting free Wi-Fi at Starbucks.As his arm healed, the details of that Starbucks hack kept nagging at him. He remembered that he had gotten into Starbucks’ locked network using the domain name system, or DNS. When someone types google .com into a browser, DNS has a list of exactly where Google’s servers are and directs the traffic to them. It’s like directory assistance for the Internet. At Starbucks, the port for the low-bandwidth DNS connection — port 53 — was left open to route customers to the Pay for Starbucks Wi-Fi Web page.To read the rest of this story in Wired, see www.wired.com/techbiz/people/magazine/16-12/ff_kaminsky.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.