WIRED:DAN KAMINSKY is not, by nature, a person who shirks publicity. A gregarious, cherubic and sometimes hilarious young computer expert, he's often to be found talking loudly in the corner of bars at security analyst gatherings, surrounded by fans eager to buy him the next drink - and hear his next story.
Kaminsky has plenty of stories, because he is paid to think them up. His job is almost like that of a science fiction writer: he takes existing internet technologies and tries to imagine how they might be warped and misused in the wrong hands.
Sometimes the results are entertaining: for instance, when he showed a crowded room of internet experts how you could fool the domain name system (DNS, ie, the service that acts as the internet's phone book, turning www.google.com and yahoo.co.uk into the numerical addresses that computers need to route data) into streaming music and video instead of answering dull address queries.
Some tales are rather more dangerous. Kaminsky has spent the past six months unable to dine out on his best anecdote yet, because even a simple, two-sentence precis would have led to millions of people losing potentially billions of euro.
In one of his thought experiments, Kaminsky stumbled on another misuse of DNS: one that could lead to anyone in the world redirecting aib.ie, ebay.com, paypal.com or any other domain to their own machines.
Unlike most security problems, this wasn't a bug in someone's code. Kaminsky didn't need to check anyone's programming to realise what he had invented. He had uncovered a flaw in the DNS protocol itself - the definition of how machines providing DNS are supposed to behave. Even if they were obeying all the rules of the internet, these computers would still be vulnerable to attack.
As soon as any security problem is known in the computer world, the experts are in a race against time. Even if Kaminsky had gone to the grave with his secret, it would only take one devious mind to come up with the same idea, and the compromise would be public. And while Kaminsky is on the side of the good guys, there are plenty of shadier computer hackers who would have been willing to sell their story to the highest bidder.
Instead, Kaminsky told almost no one: just a few trusted figures from the very beginnings of internet history.
In turn, they organised a small meeting at Microsoft of 16 people from the top internet companies, including Microsoft itself, Cisco and their competitors.
Between them, they worked out a plan that would minimise the time window between announcing that there was a problem and fixing the problem.
Part of that agreement was to keep the problem absolutely secret. And that, everyone knew, would be a problem. Not because anyone in the room might leak it. Plenty of security problems online are dealt with confidentially, and all of the experts had experience dealing with dangerous secrets.
No, the problem was that, in the security world, nobody trusts secrets. Think of it as being like the boy who cried wolf. Even the smartest internet experts make mistakes, and the internet community is suspicious of blanket statements made without scientific back-up.
Plenty of professionals before now have claimed that the internet was about to collapse. Bob Metcalfe, the famed inventor of Ethernet, announced that the internet would "in 1996 catastrophically collapse", and had to literally eat his words (he put his paper into a blender, and ate it with a spoon on stage).
To fix this particular problem, almost every system administrator on the internet was going to have to put in overtime. Why should they trust a laughing boy like Dan Kaminsky? Why should they even trust Microsoft?
So, 48 hours before almost every major DNS vendor was going to demand that their customers upgrade, Kaminsky started to tell his story to a select few. He phoned security researchers - his competitors in the taletelling stakes - and, swearing them to secrecy too, revealed the vulnerability.
When the sceptics questioned Kaminsky, they also had to doubt the very figures who would have been first in line to pour scorn.
Since then, almost every network administrator has been racing to fix the mysterious problem, following the expert's instructions without really knowing what the problem might be. There are a few clues as to what the Kaminsky bug is: it's been known for a while that if you can find a computer asking a legitimate domain name server for an address and send it enough incorrect responses from a crooked machine before the real server replies, one fake response might stick. Kaminsky's approach apparently severely reduces the number of fake replies a criminal server needs to send. The agreed fix attempts to counteract that by making the DNS more sceptical about potentially fake responses, restoring the odds in the legitimate domain name server's favour.
It's another race against time, and Kaminsky and his colleagues have worked to stack the odds on the side of the good guys. You can check whether your internet service provider is vulnerable by going to Kaminsky's website at www.doxpara.com and clicking the "Check My DNS" button.
Kaminsky's statistics show that half the servers out there are still vulnerable. And while they are, the vendors will keep up the pressure, and Kaminsky will have to keep his story quiet for another few weeks.
