Take a Moment to Hug Your Friends & Family: RIP Dan Kaminsky - Security Boulevard

Take a Moment to Hug Your Friends & Family: RIP Dan Kaminsky

The security world was rocked this weekend when word came out that one of the best of us, Dan Kaminsky, passed away. Dan was only 42 years old. To say he’s gone way too soon doesn’t even come close here. According to a message posted on Twitter by his niece, Sarah, the cause of Dan’s death was complications from diabetes, for which he was recently hospitalized. “This tragedy has nothing to do with the COVID-19 vaccination and unfortunately everything to do with diabetic ketoacidosis,” she wrote.

Most of you reading this have probably heard of Dan and some of the things he worked on. He was one of the most accomplished security researchers in the industry. Among his accomplishments, Dan brought to light the threat of DNS cache poisoning, which led to the DNSSEC spec. He also showed just how widespread the Sony rootkit attack was. In addition, Dan spent time exposing the inherent vulnerabilities in the Microsoft Office “Clippy” assistant—so many, in fact, that it is said Microsoft retired Clippy because it would have been too difficult to fix. The world is a better place without Clippy; for that alone, we should all be grateful to Dan.

FinConDX 2021

But the world is a far better place because of Dan—and for so much more than forcing Clippy’s retirement or exposing the many other security vulnerabilities and hacks. In an industry too often defined by people’s egos—those not willing to help those who look different or act different, or perhaps aren’t as accomplished or smart as others—Dan was a breath of fresh air.

Photo credit: Dan Kaminsky’s blog

Dan was a role model and mentor to so many in the security industry; both his peers and those new to the field idolized his accomplishments. They all found Dan to be approachable, helpful and an overall good person.

I interacted personally with Dan only a few times at RSA Conference and at Hacker Summer Camp, Black Hat/DEFCON/BSides. But I was always struck by what a real, great person he was—approachable, willing to share, just really loving what he did and the people he got to interact with.

The outpouring of grief, sadness and remembrances of all the good times from the community on all of the social media platforms is unlike anything I remember seeing before. I am sure some of it is due to the fact that after more than a year of grieving so many lost, a year of not being able to gather with our friends at the cons and other gathering opportunities, we realize that so much will never be the same. The last time we saw Dan is truly the last time we will see him.

Perhaps my friend, the one and only Jack Daniel, said it best:

“Why does this hurt so bad? It’s not like we were all that close.

Because we are all dealing with our private struggles and losses, the public ones bring us together, and all the grief pours out.”

That is part of it for sure. For me, this is just another cruel twist in a year of twisted tragedy. We may never get the time back with friends and family who we all have missed this past year. As we emerge from our cocoons with vaccines and dream about seeing our friends and colleagues, take nothing for granted. Live your life remembering that tomorrow is promised to no one.

As I have gotten older, I struggle to come to terms with my own mortality. I think it is something we all do and it is something we all have to do because death is part of life and it will happen to all of us. But in this case, I am reminded of the adage, “The candle that burns brightest doesn’t burn as long.” Dan was surely a bright candle.

The security industry will go on. There are many brilliant people doing good work. But we are all a little poorer, a little less than we were before, with the loss of Dan Kaminsky. RIP Dan, gone too soon.

Like a comet
Blazing ‘cross the evening sky
Gone too soon

Like a rainbow
Fading in the twinkling of an eye
Gone too soon

Shiny and sparkly
And splendidly bright
Here one day
Gone one night

Like the loss of sunlight
On a cloudy afternoon
Gone too soon

Like a castle
Built upon a sandy beach
Gone too soon

Like a perfect flower
That is just beyond your reach
Gone too soon

Born to amuse, to inspire, to delight
Here one day
Gone one night
Like a sunset
Dying with the rising of the moon
Gone too soon

Gone too soon
~ Michael Jackson, “Gone Too Soon”

Featured eBook
7 Must-Read eBooks for Security Professionals

7 Must-Read eBooks for Security Professionals

From AppSec to SecOps, Security Boulevard eBooks deliver in-depth insights into hot topics that matter to the Cybersecurity and DevSecOps professionals. Our staff of writers are the best in the business, with decades of practical and award-winning experience and credentials. We are excited to share our 2019 favorites. Take a look and download some of ... Read More
Security Boulevard

Alan Shimel

Throughout his career spanning over 25 years in the IT industry, Alan Shimel has been at the forefront of leading technology change. From hosting and infrastructure, to security and now DevOps, Shimel is an industry leader whose opinions and views are widely sought after.

Alan’s entrepreneurial ventures have seen him found or co-found several technology related companies including TriStar Web, StillSecure, The CISO Group, MediaOps, Inc., DevOps.com and the DevOps Institute. He has also helped several companies grow from startup to public entities and beyond. He has held a variety of executive roles around Business and Corporate Development, Sales, Marketing, Product and Strategy.

Alan is also the founder of the Security Bloggers Network, the Security Bloggers Meetups and awards which run at various Security conferences and Security Boulevard.

Most recently Shimel saw the impact that DevOps and related technologies were going to have on the Software Development Lifecycle and the entire IT stack. He founded DevOps.com and then the DevOps Institute. DevOps.com is the leading destination for all things DevOps, as well as the producers of multiple DevOps events called DevOps Connect. DevOps Connect produces DevSecOps and Rugged DevOps tracks and events at leading security conferences such as RSA Conference, InfoSec Europe and InfoSec World. The DevOps Institute is the leading provider of DevOps education, training and certification.

Alan has a BA in Government and Politics from St Johns University, a JD from New York Law School and a lifetime of business experience. His legal education, long experience in the field, and New York street smarts combine to form a unique personality that is always in demand to appear at conferences and events.

alan has 57 posts and counting.See all posts by alan