Mr. Vixie asked Mr. Kaminsky if he had a fix in mind. “He said, ‘We are going to get all the makers of DNS software to coordinate a fix, implement it at the same time and keep it a secret until I present my findings at Black Hat,” Mr. Vixie said, referring to an annual hacking conference in Las Vegas.
Mr. Kaminsky, then the director of penetration testing at IOActive, a security firm based in Seattle, had developed a close working relationship with Microsoft. He and Mr. Vixie persuaded Microsoft to host a secret convention of the world’s senior cybersecurity experts.
“I remember calling people and telling them, ‘I’m not at liberty to tell you what it is, but there’s this thing and you will need to get on a plane and meet us in this room at Microsoft on such-and-such date,’” Mr. Vixie said.
Over the course of several days, they cobbled together a solution in stealth, a fix that Mr. Vixie compared to dog excrement. But given the threat of internet apocalypse, he recalled it as being the best dog excrement “we could have ever come up with.”
By the time Mr. Kaminsky took the stage at Black Hat that August, the web had been spared. Mr. Kaminsky, who typically donned a T-shirt, shorts and flip flops, appeared onstage in a suit his mother had bought for him. She had also requested that he wear closed-toed shoes. He sort of complied — twirling onto the stage in roller skates.
When his talk was complete, Mr. Kaminsky was approached by a stranger in the crowd. It was the administrator who had kicked Mr. Kaminsky off the internet years earlier. Now, he wanted to thank Mr. Kaminsky and to ask for an introduction to “the meanest mother he ever met.”
While his DNS fix was Mr. Kaminsky’s most celebrated contribution to internet security, it was hardly his only contribution. In 2005, after researchers discovered Sony BMG was covertly installing software on PCs to combat music piracy, Sony executives played down the move. Mr. Kaminsky forced the issue into public awareness after discovering Sony’s software had infected more than 568,000 computers.