Hacker News new | past | comments | ask | show | jobs | submit login
Dan Kaminsky has died (twitter.com/marcwrogers)
1414 points by rincebrain 20 days ago | hide | past | favorite | 176 comments

I will miss him terribly. He was the guy who let me crash in his room at Defcon when I was a minor and was too young to book my own room. This kicked off 20 years of friendship. He was brilliant, zany, ADD x 1000, and always endearing and loving.

In 2008 I was lucky to collaborate on DNS issues with Dan when he discovered a new form of DNS cache poisoning and spent years helping the Internet upgrade and defend against a serious and significant vulnerability. We all owe him a debt of gratitude for this and so much of his other work.

He was a hacker's hacker, and the guy you want in your corner. Very sad to hear this news.

"I was lucky to collaborate on DNS issues with Dan when he discovered a new form of DNS cache poisoning"

A really good, and really detailed, overview of what Kaminsky found: http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.htm... Kaminsky references this from the sidebar in his blog.

Wait, they only made this attack 2000 times harder? That was the whole fix?

Dan's work pushed the adoption of BCP38, segmentation of authoritative and recursive resolvers, and better source port randomization. Entirely new mitigations were developed like 0x20, source address randomization, and double response detection.

Additional mitigations started to come in to play after that to make it both impractical, detectable, and improbable. It's just shy of impossible now, and in the very unusual scenarios where it's possible, it's so easily detectable.

I saw him speak at BlackHat in 2008 when he presented that work -- _everyone_ was there. It was an amazing presentation, and I was properly filled with respect for Dan.

So very sad that he's gone so young.

I was there that year, too. And the year before and after. And at ToorCon that year, which was tiny and it was great to talk to him there. Many of my journeys to conferences were because he was on the docket.

A true inspiration in infosec.

Was this talk recorded?

It was. Well, his Defcon version is an identical talk given the same week.


Thanks for the link; would you like to submit that as a separate HN submission as well, including [video] in the title? (I think that'd be within the site guidelines[1])

Might post it myself if you'd prefer not to; I figured it might make sense for you to claim the credit/karma.

[1] - https://news.ycombinator.com/newsguidelines.html

Feel free.

Someone else got to it before I did; thank you anyway.

RIP, Dan. I work with a lot of very smart people. So, I've gotten a bit used to it and don't normally find myself in awe of many people's intelligence. Dan was a person that I was absolutely in awe of. The fist time I met him very long ago (almost 20 years), he showed me code he wrote to share movies through abused DNS slaves... building a p2p network like Napser/Gnutella from the technology. No one had ever thought of such a thing. I don't think anyone else in the world knew DNS well enough to be inspired to think of it. He was so kind and friendly to everyone. It was fun to talk with him about tech/security because he had such enthusiasm and excitement... like a little kid on Christmas or a puppy. :) I learned a lot from him. I have nothing but great memories of him. I remember once when someone hacked him. He even took that in good humor and didn't let it bother him.

I remember attending Dan Kaminsky’s talk at DEFCON 12 and being blown away by it. Three years later, I went on the original “Hackers on a Plane” trip and ended up seated next to Dan on one of the flights. We quickly became friends. His mentorship over the years had an enormous impact on me.

We both went back to CCCamp in 2011. I excitedly told him about a reverse DNS scanning project ( in 12 hours on AWS for like $50), and then we ended up talking about the Debian RNG bug and password security, walking around camp watching the lightning in the distance.

When I was doing my original brainwallet research back in 2013 and cracked the woodchuck wallet the first thing I did after showing my ex (then girlfriend) was call him. I told him I’d found something but didn’t feel comfortable discussing over the phone. He invited me over.

My ex and I hopped on BART headed into SF and met him at the loft he was living at above a motorcycle shop. We talked and carefully planned and then I accidentally made 250 BTC vanish.

Dan looked at me and said “[my ex] and I are going to go for a walk and return with burritos. You’re going to calm down and have this fixed by the time we get back. It’ll be okay.”

It was, and I did. I’d simply forgotten about change addresses for a brief moment of terror.

I think the first time he mentioned wanting to hire me was a few months later at a Bitcoin conference in San Jose. He believed in me. I went on to work alongside him at White Ops (now known as Human Security) in 2014. He brought me on stage with him at DEFCON that year.

He spent a lot of time helping me put together a CFP submission about my brainwallet research for DEFCON the following year and then helped me put together slides, rehearse, and had a professional help me refine everything. I couldn’t have done it without him.

My wedding was about six weeks before DEFCON - Dan showed up in an Uber, about an hour late. He explained that he’d confused Menlo Park for Morgan Hill when planning to leave. I was just thrilled to have him there.

Dan was a supportive friend, a great mentor, and a delightful colleague. I really can’t overstate what a positive impact he had on my life. It’s hard to believe he’s really gone. That I’ll never get to swap stories about our respective side projects with him again.

I miss him.



This space above the motorcycle shop is my office now. It’s such a trip to read about this story. Thank you for sharing. If you ever want to come by and tell Dan stories, I’d be happy to host you.

> It’ll be okay.

That's just terrific. Thank you for sharing.

I'm sorry for your loss.

Apart from the DNS cache poisoning attack, Dan did some vital followup work on the Sony CD rootkit discovered by Mark Russinovich. Sony's early defence was that it wouldn't affect the Internet. Dan showed using DNS caches that it had already affected over half a million networks on the Internet: https://web.archive.org/web/20080423212131/http://www.wired....

A smart man and a nice man. RIP.

I met Dan at FooCamp in 2004. I was a college kid at the time and a weekend event of people like Larry Wall or Ester Dyson was super intimidating.

I was feeling a little isolated and lonely when I saw this guy in a black 2600 tshirt over by the “FooBar” bar and thought “finally someone I can talk to!” He was so welcoming and engaging it broke the ice and made the whole weekend worth it. We started talking about tunneling various protocols over DNS and ended up doing a midnight stroll with Fyodor all around Sevastopol looking for “interesting” things.

That’s the kind of guy Dan was. Everyone felt his warmth.

Dan was a rare mix of genius with an over the top personality. Seeing what crazy RFC-bending project Dan was doing was one of the best things about going out to Blackhat, DEFCON, or RSA. He is easily one of the best presenters I’ve ever seen: a perfect blend of compelling story, esoteric tech details, and those classic Dan mischievous grins.

I will miss you dearly Dan

Dan was like family to me. I remember so many evenings talking to him with all the stops out for countless hours about a universe of topics. Interacting with his brain was like what I imagine it would feel like to be caught between a supernova and a black hole. He was such a generous soul.

There are so many things that existed because Dan sprinkled some magic here and there. He was incredibly charming, making electrons dance in ways I never thought possible. The man was a technomage, a grey-hatted magician.

Dan was far from perfect but I am thankful for every moment I spent with him. He was the first person to tell me that he believed in me when I was starting a hard technology company (I had never really managed any software project before).

I will miss Dan’s kind and generous soul until my dying breath. A true titan in all senses of the word.

Dan was at Santa Clara in the spring of 1998 when I was there on an exchange. Unbeknownst to me, I was watching South Park in the dorm’s TV lounge next to a future internet legend. We later made the connection through mutual friends and he became a technical advisor to my startup.

Dan was always generous with his time and expertise. He was the kind of person whom you could expect could easily become very rich, but was entirely unmotivated by money. Dan was fascinated to learn the inner workings of things we all take for granted - such as the DNS. A true hacker.

He sounds like a real role model.

Thank you for sharing.

"Of the seven Recovery Key Shareholders who possess the ability to restore the DNS root keys, Dan is the American representative." -https://dankaminsky.com/bio/

I wonder what the procedures are to change the Recovery Key Shareholders in the event of a death like this.

Interesting article here https://www.icann.org/en/blogs/details/the-problem-with-the-....

Currently being assessed, given current global issues it poses come additional challenges but the community will find a way.

Wow, your first comment since 2014! Are you deeply involved with ICANN? It seems you know are well-informed about the internals.

I lurk a lot =) Yes have been involved in various capacities for many years now (not staff for the record)

You can watch one of his talks here: https://www.youtube.com/watch?v=RAGwol-keXM and here: https://www.youtube.com/watch?v=xneBjc8z0DE

He always had a certain eccentricity to him. I never met him in person. He always was the prototypical nerd judging from his talks and mannerisms.

For the interested, someone [1] is putting together a collection of videos of him, so you can probably find a whole lot more in the replies to that thread even if you don't wait for the playlist to be made.

[1] - https://twitter.com/thedarktangent/status/138595909778312806...

That’s the founder of DEFCON and Black Hat.

I'm aware, the specific identity of the person doing the collecting just didn't seem relevant.


I briefly met him at Toorcon in the early 2000s and was impressed with how he combined that eccentricity with high-energy: if the internet didn't get more secure, it wasn't for lack of trying on his part.

December 2019. I flew out to SF, and we hacked for ten days.

He saved our company from extinction. I won't discuss the sequel to that, because it doesn't reflect well on some people who don't deserve that in this eulogy. But I will say that we retained our friendship through it all.

I'm absolutely gutted at this news. What a shining human being. A terrible loss.

My memory of Dan is seeing him speak on-stage at SF security b-sides, some time in the mid 2010s.

He'd enjoyed a few drinks by the point he spoke to everyone, and the resulting honesty (accompanied by what I sensed as trepidation from the audience, about seeing a respected speaker in a vulnerable state) left a mark on me.

He was right: software security nowadays is a swiss-cheese mess, and the industry isn't addressing it.

His speech instructed me and perhaps others in the audience to deal with that new reality and adjust to it. It's tough for the original hacker / cypherpunk / purist mentality to adjust to. But it's where we are now, and it's a mindset that'll never die even if all of us that subscribe to it do.

RIP Dan.

The parent comment was written early into my reaction to the news and I think I was a bit histrionic in my commentary about the security industry. People are helping, and that's commendable.

It can be difficult when it appears that we are building and deploying so much more software than we are maintaining and securing.

I don't know exactly what mindset will win out - either an assumption that information always leaks and that that's helpful to catch people when they might fall, and/or a mindset that believes it's necessary to be able to create private channels -- if perhaps not private spaces, for safety reasons (is there a digital distinction there? could there be?). Fragmentation and/or consensus are two possible paths forwards (that different communities are already exploring).

Maybe you weren't histrionic enough?

I couldn't name one class of software or hardware, nor one layer in the 'stack' that hasn't been compromised. The only conclusion is to admit failure (as an industry) and rebuild everything from the ground up.

We always have to do compromises designing these things. Either we don't have the talents, we disagree on the methods, we ignored a chunk of the problem, we don't have the ressources, we deliberately degrade to please the senders of a letter-we-cant-talk-about... I prefer the approach where we solve problems incrementaly as we discover them because in the long term it addresses all of those shortcomings eventually.

I agree. There will always be an attacker who knows more or who used methods that you would not choose.

It's inevitable that some things will leak. Defense in depth will help mitigate the risk and contain the fallout.

(extreme paranoia, perhaps bred of experience, doesn't hurt either!)

No, you were correct. Some people are helping here and there but overall every aspect of the software industry is an absolute mess. Most infosec pros will not point this out, either because they are tunnel visioned on their niche, are trying to sound politically correct, or just trying to not start shit (but nothing will be solved ever if people keep pretending everything's all and well).

Dan was a great soul and genius, this is very sad to hear. Dan made life fun, my stomach would hurt from laughing so hard with him. I am looking over our chats, and found a video he sent me that I can’t stop watching. He was working on streaming VM state to the cloud and decided a mouse wasn’t fun, so busted out a turntable to control it in realtime. It totally worked and was way better! He even starts making record scratching sounds. I love how someone posted the DEFCON shot of his nap, that made me smile! Remember those moments of joy.

Much love to his family and friends.

I first met Dan in Santa Clara at some event when he came over to our table and showed off some ssh fu. We’d reconnect at events every so often and he’d always share his latest interest. I recall once Dan turning me on to the unique world of software produced and shared primarily by doctors who code by opening a video of a jet engine crash landing in an MRI viewer app. The time after that, he was telling me about going to see the new Star Trek movie that had just come out and how his friend couldn’t see the green alien lady, which led him to build one of the first truly useful applications of augmented reality with his colorblindness app.

When people say Dan Kaminski was a hacker’s hacker, it’s with good cause. Not only did he defend the Internet from itself, but he changed the way people see the world. He put a noticeable dent in the universe.

Dan was basically the best example of "infectious enthusiasm" combined with being really smart and interested in a lot of stuff. He was one of the first "security people" who got interested in bitcoin as a network, plus all his DNS stuff, and a lot of other things. He's going to be missed by a lot of people around the world for a long time.

It's so sad to lose Dan. I met him back in 2008, I think it was, at a Barcamp in L.A. I was lucky enough to precede his talk, and he was gracious enough to sit through mine. He was a blast to talk to and to learn from. Even his questions were educational.

For me, he was one of my earliest examples of what a hacker was and should be. I aspire to his level of curiosity, openness, and kindness, and he'll be missed.

I’m shocked. I didn’t know Dan except via Twitter. What happened?

He was so curious about everything that it caught my attention, and I’m not just saying that. He pointed out how good the GPT-Neo samples were, which I hadn’t seen before.

I didn’t know he was anything except an enthusiastic person interested in AI. He even tried to help me with my M1 build of tensorflow. https://twitter.com/search?q=from%3Adakami%20to%3Atheshawwn&...

I’ll miss him.


I was just in mild shock. I clicked through his Twitter profile and saw his icon, and my heart dropped.

Perhaps appreciate the people around you, I suppose. Never know when they’ll be the last words you exchange with them.

Seeing him present his work on stage at DC was one of those things I'll never forget: the technical excellence, the dazzling visualizations, his comfortable and confident style, and whether you agreed with it or not -- his own point of view, not a thinly veiled corporate / gov / academic shill.

Dan: streams a tv show over DNS

Crowd: goes wild

He was one of the ones who I aspire to be: to show others they can do .*

Kind, generous, warm, infectiously enthusiastic, and always curious. I have long held kindness and curiosity as the highest of virtues and that's what comes to mind when I think of Dan, together with a crushing sadness at what we have lost.

This is a lovely moment I captured of Dan having a good time. I like 0:29 in particular, and wanted to share it with you. https://www.youtube.com/watch?v=D4jRaetW7k0

I first met Dan on Slashdot over 20 years ago. Over a decade after I first met him on Slashdot I got into information security and had the opportunity to share a few meals and hangout with Dan now and again. His natural curiosity about all technology is what I always will remember about Dan. He was such a good technologist. RIP.

Edit: plus watching him and tqbf argue on Twitter about stuff was always fun.

Dan is a legend and great defender of the internet. His research made us safer, and his guidance made us more secure. We will miss you Dan, and may your memory and spirit resolve and soar through the clouds.

Wow... I remember recreating his DNS cache poisoning attack in one of the courseworks I did in my second year of university. I always thought it was incredibly clever...

I did too, and it makes me so sad to read the news just now.

A shock for sure. I'm sure he will be sorely missed to all of us who attend CCC.

You can see many of his CCC talks here:


I loved the complexity of his thoughts, and the nonlinearity of our conversations. The way I could plop down next to him, ask him what he was doing, working on, or thinking, and he always had the time and inclination to talk without a hint of condescension. I'll miss his infectious excitement, the way he could weave narratives from lines of code, and his goofy sense of humor.

So many different stories in this thread from people about how much of a mentor, friend, and inspiration he was. There's a simple Yiddish word for this kind of person: mensh.

That's a great tribute.

Short tribute from Elonka Dunin earlier today, https://www.facebook.com/elonka/posts/10164920101840459

Oh no! I met Dan during my time first working on DNS in 2008. He came to many of us with the cache poisoning bug he discovered and pulled us together to address the vulnerabilities before it became public. I remember thinking thank god this guy is using his powers for good, because the damage he could easily do would be significant. After that I ran into him numerous times over the years, at conferences and airports (we seemed to always be leaving or arriving from different places at the same time), and he was always so kind, interesting and interested. I feel lucky to have known him. The works is a sadder, emptier place today.

What a shame. I had many enjoyable conversations with him over the years at various events. He was a hacker's hacker and a gentleman.

Dan always went out of his way to do nice things based on his resources and connections to benefit me, when he totally didn't need to. A lot of the great things and people in my life came from him.

The world is worse off without him.

Does anyone have a copy of the sources for Paketto Keiretsu? It seems to have disappeared from his website(s) some years ago and I kept meaning to ask him for a copy.

It was an early inspiration for a lot of my L3-in-userspace work.


I'm not sure whether I got it directly from him or if I had a saved copy, but that's the most recent version.

This version is also available from archive.org: https://web.archive.org/web/20070702232113/https://www.doxpa...

It's where I learned about stateless scanning. Without scanrand and its stateless scanning technique Shodan wouldn't have been possible.

Yeah, I have a copy.

Dan was a wonderful human. I truly cannot believe that he took the time to help create something with me.

Absolutely god damn heart breaking.

A wonderful reminder that true brilliance and humanity can coexist.

Thank you for everything

I met Dan at BarcampLA, and his talks stuck with me. I’ve relived moments from those talks throughout my career, and I’m a more security conscious person because of it. He was one of those rare security folks that still retained his fundamentally optimistic view of humanity, though I think that may be rare of any human now that I think about it. If Tomorrowland were an actual thing, Dan definitely would’ve been invited. I hope he knew how much he inspired.

Let us take a moment to slow down and think about how fragile life really is. Dan was a bright person and loved by many. The value he added to this world will not be forgotten and let us take comfort in the fact that some of us had the great fortune of meeting him. Rest in peace Dan.

I’m not in the industry. But I instantly recognize the name from the occasional touches I have with info sec. that tells me all I need to know About how big of a loss this is.

Condolences to those who knew him.

I’m one of those people who never knew you. Ironically, Your death brought forth your achievements for me. I’m impressed and I wish I had interacted with you. RIP

Dan will be missed. I am saddened by his passing and my heart goes out to his family.

Dan sublet my apartment a number of years ago, and it was a thrill to see the impact of his work over time. I'm very sad to hear this news.

I had a few hours with Dan at a Think Conference, back in 2008. I was working on a Smalltalk implementation of SSL, and it was having connection issues to different servers. So someone pointed me at him, and he walked me through how to troubleshoot it. Didn't find the problem then, but it made it a lot easier later.

He was one of the good guys. I'll miss him.

H was a wonderful person who was always generous with his time. I’m so sad that he is gone. It isn’t hyperbolic to say that we as a tech community are better because of him.

This really hits me hard. Dan was the kind of guy you read about and were almost intimidated by his work. Then you met the guy and realized he's just an awesome guy.

This just insanely sad. I'm really sick of hearing about my friends passing - especially when they're brilliant.

RIP Dan. Dan was one of the great reasons to attend in person the Vegas security circus (B Sides, Black Hat and Defcon). My other favorite presenters ranged from Barnaby Jack (also deceased) to Moxie.


Loss of a legend, CCC and Blackhat will never be the same.

Dan answered earnestly and generously to some uninformed questions I emailed him at random one day.

He was a good man. My condolences to his friends and family.

My very first memory of the in-person security world is from watching Dan talk outside of the Alexis Park back in 2004. I was drinking bourbon from a plastic water cup. He was doing a live demo showing streaming audio proxied by DNS servers. I will never forget the sense of wonder I felt listening to that talk.

Dan was exceptionally good at explaining his complex work, and he always did so with 100% passion. He will be missed.

Heard of him since his DNS vulns. Never read or watched his presentations until recently. It was a breath of fresh air seeing him talk. I thought "this is a true hacker. no corporate BS". Damn.

Through it all, there were those who fought valiantly against the tsunami of fakery and fabrication, generating new methods and protocols to hold back the tide undermining consensus reality.

Rest in peace Dan.

RIP thank you Dan for making the internet a safer place.

I met him at Defcon 21 and ran across him again when I was running a developer hardware access project in my last job just a couple years back. He struck me as incredibly curious (as a hacker must be!) and was a pleasure to work with. The friends who introduced me to him at Defcon are devastated for a reason... rest in peace.

Rest in peace Dan Kaminsky and prayers for his family and friends. He was a very good colleague and someone who I am honored to have interacted with.

(Context here: He publicized a big DNS security hole which my MaraDNS never had, because I read Daniel Bernstein’s writings)

You will deeply be missed @dakami

A sad day. A legend has passed - legendary for his skills, for his generosity, and for his personality. He was a true renaissance man - hacker, writer, presenter, philantropist, piano-player, composer, and good guy.

I did not know him (but I have heard his name for years), but, from the comments here, I feel that the industry has lost a great humanitarian, as well as a skilled and talented person.

So sorry for the loss.

I am among the people who met him at a conference (CCC 2006 for me) and at the after party. I remember he was super friendly. I'm very sad to hear that news. RIP

I was fortunate enough to meet Dan in the flesh at RSAC and engage in Twitter conversations after that. He didn’t suffer fools gladly, or at all. No higher praise than that.

Aw poop. Nicest guy I ever met in the hacker scene. Sending best wishes and love to his friends and family.

Damn, we are all worse off for it.


I had dinner with Dan once, he ”social engineered” me and claimed he forgot to bring money. I knew what he was doing, but also knew that if picking up the tab was the price i had to pay for getting to hang out with him, I got the better end of the Deal. Rest In Peace

You may have misread the situation.

I have known him for decades, and I have never seen him take advantage of another person. Not ever. Not even once.

If he said he forgot to bring money, then he probably did.

Let us raise a cup to his name. A kind soul and an inspiration to us all.

For what it’s worth, he had left his wallet elsewhere at a large dinner where a friend ended up paying for the group anyway.

They didn’t expect him to pay and yet he paid them back fairly promptly and actually gave a few cents more than he technically owed - which he claimed was interest at the prevailing rate.

I certainly don’t see him “hacking” his way to a free dinner on a(n) (un)suspecting victim.

Agreed. I've eaten and had many drinks with Dan. He was generous. Never cared about throwing a few bucks down to help someone else eat or drink. We often had very large group dinners at conferences and Dan typically threw in a few extra to cover those who weren't as well off. (Standard practice for these things.) Definitely feels like a misread.

> You may have misread the situation.

Very true. Either way, I didn't feel taken advantage of. He truly was special, and I'm incredibly happy I got to spend some time with him.

Given the sheer number of things I've seen Dan space out, I strongly suspect you're dead wrong about this one.

I don't know how many years ago this was, but he's been a man of independent means for longer ago than whenever this happened.

I think you intended this as a sharing of a cool moment you had with the recently deceased, but you thoroughly missed the mark.

I agree, this was clearly voiced very respectfully and with good intentions, but I’m astonished the commenter couldn’t see what a classless thing this is to imply – especially about someone who just died. I was pretty dumbfounded reading this.

It is a funny moment. When I die, if people care, may they reminisce on all my quirks and roast me for moments like this. I won't care, I'll be dead.

I think you got the better end of the deal. Similar things have happened to me and I am happy to have known them and the joy they added to our transient lives.

I read comments like this and wonder whether--after I die--everybody will mock me for every moment I forgot my wallet.

I maybe forget my wallet once per year, but I'd like to think that my friends have forgiven me for it. (And I always Venmo my share of the bill anyway.)

I guess there really is no such thing as a free lunch.

Oh no.

Has anyone else noticed the thin black bar across the top of the HN pages today? I think it may be because of this.

RIP Dan, he was a legend.

He will be dearly missed. :(

He gave the best Defcon talks.

I hope when I die people care

Isn't affecting that outcome, for good or ill - the primary work product of our lives?

What else can we do?


Kindness, generosity and wonder transcend biology.

Not if you don’t exist

Damn. Fuck.

RIP to a legend

you'll be missed Dan Kaminsky

:( RIP

I really wish HN had the black bar linked to an obituary or an article about the person (or some other method of distinguishing who it is for). It isn't always obvious who is being recognized or memorialized. Getting the black bar isn't that common

‘dang, can we get a black bar for Dan? I can’t think of many people who deserve it more.


@dang can we get a black bar please?



I agree with @omnibrain here and second his request. @dang, can we get a black bar?


agreed as well

And if any of you had simply e-mailed dang, it might have already happened.

Technically this was his final tweet:



I'm curious too. So sad he died and I'm totally in shock.



Unfortunately this is always an unrealistic request for anyone with a public profile. Those that have no desire to speculate won’t, and it’s not going to stop the curious. Frankly I tend to agree it is moreover an unreasonable request as long as no one is actively invading the privacy of the family.


yea it was an example supporting the reason why I think they suggested not to speculate, sounds like it must have been a good example :)

A Facebook post linked in another comment says it’s complications with diabetes. That is usually blood clot-related. He took the vaccine 6 days prior.



>Presumably his family already knows so it's not going to shock them.

Or only some of his family know, and it may be best that for those that haven't heard yet the best people to tell them would be the other family members that do know.

or you could respect the families wishes, instead of prioritizing your curiosity.

Families choose to hide AND lie about suicide and addiction deaths. I know from multiple first hand experiences.


Yes, it's embarrassing for the family (though it shouldn't be) because they feel like they can do more.

But, it the prevalence needs to made public so we treat these things like the crisis they are!

And worse, in this case, people are even drawing ties to the vaccine!?!? What an insane intellectual lottery to play. But that speculation WILL cause direct negative outcomes!

Ugh, just ranting b/c as mentioned I have first hand experience with "it wasn't alcohol/drugs/suicide, it was cardiac arrest."

/End rant

This is a complete non sequitur as a reply. The commenter you're replying to asked people to prioritise his grieving family's wishes over your own curiosity. He/she was absolutely right to do so.

Your reply talks about other families who lie and state a false cause of death, which would be morally wrong but in this case is completely irrelevant because that's not what's happened.

The one bit of your comment which is relevant, I think, is wrong: namely "the prevalence needs to made public so we treat these things like the crisis they are". We have anonymised statistics on suicide and overdose deaths. That is not the same as demanding a specific person's cause of death - and the sense of generalised academic interest you're alluding to is plainly not the reason for which people are curious about how he died. I wish we would get a grip on ourselves here, because it must be upsetting for anyone who knew him and is reading these comments, as surely some of those people are.

Edit: I died of a heroin overdose, briefly, before I was resuscitated. If I'd died permanently, my family may well have wanted to keep that information off the record permanently (easier in my case of course because I'm not a public figure). It's easy to think in the age of Wikipedia that all information is in the public domain and belongs to everyone. It's not, and it doesn't.

Look at everyone else in this thread, celebrating the life and accomplishments of an amazing hacker that is no longer with us. Then read your comment again and ask yourself if this is the time and place to rant. Maybe not?

> Presumably his family already knows

That's a bit of an assumption. Working out how someone died can be tricky.

It feels wrong to upvote a story of somebody dying. How about such stories are pinned and don't have to be voted on to stay on the front page, at least for a couple of days?

I just wanted to say I agree with you and I don’t know why you were downvoted. This seems to me a well-intentioned and quite reasonable request.

You are simply upvoting to say “this submission is important”.

Are you telling me why I upvoted, or (by implication) why his original post was downvoted by others? Because yes, I’d argue it was important. (I’m sorry if I’m not familiar with the rules here quite yet.)

Sorry my bad grammar there. By you I meant the collective “you” of HN not you specifically. While any person can individually upvote for any reason they like. I suspect most upvote a death announcement as a sign of respect for the person - a kind of anonymous electronic “hear hear”

I had never heard of Dan Kaminsky because I’m a typical 9-5 app dev who knows as much about security as I need to but never watch black hat or defcon presentations. It’s really interesting to peak into this world and discover someone who seemed to be a hero to many and unwittingly to me as it sounds like he has helped make the internet more secure. I appreciate the work of people who bring the issues to our attention. I’m beginning to go down the privacy rabbit hole (Pi holes etc.) as a result.

Does anyone know what happened?

The tweet specifically asks us not to speculate and the parent article makes mention that the conditions of his death have not been made public.

I’m not sure how others feel, personally I am conflicted: respect the death of an icon and not pry (even if others are speaking on his behalf) or satisfy my curiosity.

I’m going to go with the former, for now.

There's plenty of time for one then the other.

I don't think the curiosity to know is just for curiosity alone. I think it serves a purpose for everyone to bear witness to the kinds of things that take us.

Unless he was killed by a bear and that bear is still on the loose, or something like that, then I think we can probably wait a few days for his family to be informed.

There are a lot of people here making very high-minded comments about how it’s deeply important to the sum total of human knowledge that we learn the cause of his death so that we can reflect on our mortality, and so on and so forth. I can’t help but feel those comments are a bit insincere. It’s morbid curiosity, let’s be honest, and it’s not enough to justify speculating when his family and friends are probably reading these comments and possibly haven’t found out.

> It’s morbid curiosity

I guess it's the caveman in all of us who really needs to know what happened to his buddy so that he can avoid it. And I guess those without this curiosity in their DNA died out rather soon... So it might not be insincerity but genetics.

This is certainly an inventive argument! But I would argue in response that your odds of being killed by whatever killed Dan Kaminsky, in the next 24 hours or so, purely because you weren't told soon enough how he died, are rather low!

May you live until tomorrow and may your genes prosper to fight another day ;)

Asking for facts is not speculating, it might be the opposite.

I'd like to know what happened to my friend, who was himself always in pursuit of the truth.

https://twitter.com/dakami/status/1171643896750755840 - he was diabetic, not that it was a cause but it is a complication in covid.

I'm aware, we were pretty close.

Speculation is precisely what I don't want, though. If you don't have the data, please hold your tongue.

> Dan struggled for years with diabetes and was even recently hospitalized because of it. This tragedy has nothing to do with the COVID-19 vaccination and unfortunately everything to do with diabetic ketoacidosis.


Read the tweet

The tweet says “Please keep speculation to yourself”. Whether you think it’s appropriate or not, asking if anyone knows what happened is not the same as asking for speculation.

The former inevitably asks for speculation, especially given the short timeframe and lack of information involved.

I think it also unfortunately fuels the darker speculations rather than quells them.

His last twitter activity was April 18

Him along with Aaron Schwartz, two great hackers cut down too early.

It's Aaron Swartz fyi.

The tweet is a strange announcement. Usually an announcement like this is by or refers to next of kin sharing the news.

Is Marc Rogers Dan's family, or close friend?

It was the most authoritative report I could find at the time, albeit a reaction to other people having shared the news on Twitter first (I found a number of people complaining at the one or two people who first tweeted about it, saying it shouldn't have been shared so soon.)

In the interim, obviously a great many additional people and sources have reported it that could be chosen instead.

Marc knew Dan very well. He's as close as almost anyone that isn't Dan's family and his family would like some privacy.

Marc is among other things longtime DEFCON staff.

Could we respect the wish of those close to the deceased to keep speculation as to the cause of death private?

If they don't want speculation, they need to give facts. Otherwise all we have is wondering, which naturally leads to speculation.

I don't mind them not giving facts. I just think it's silly to not give facts and then tell people not to speculate.

They don’t need to do anything. People aren’t morally entitled to demand information from a grieving family just because it would sate their curiosity.

Which is precisely what I said:

"I don't mind them not giving facts."

I demanded nothing. I simply pointed out that lack of information will always produce curiosity. If they don't want people curious, they have it in their power to stop them from being curious. Or they can be silent and leave people curious.

Perhaps I've missed the actual point of their request. As I think about it further, I wonder if they are simply requesting that people not spread baseless rumors, which is certainly a legitimate reminder for anybody to give at any time. Still, speculation seems to me to be more along the lines of an educated guess, rather than a baseless rumor.

Oh I see, you mean you were just making the descriptive statement that people will speculate if they are not given information? I took you to be saying that they (the family or whoever has the right to give out that information) were actually obliged to tell people.

In that case, sorry about the misunderstanding. I agree with you in that descriptive sense, that people will speculate.

I also think they ought not to speculate or demand information, and that it's quite l̶u̶r̶i̶d̶ [edit: morbid, rather] of them to do so. I understand the psychology behind it, because generally information is transparent and accessible by default these days. And generally that's a good thing. But people may not want to share certain information when grieving a loved one's death - and when they may still need to tell people who were close to him, rather than letting them find out from a trending Twitter topic. They may even never want the manner of their loved one's death to be an open fact on Wikipedia, like for instance David Carradine's family might have wished. I'm sympathetic in either case. I think we internet people as a whole really ought to be sympathetic too. Some of the comments on this thread are appalling in their sense of entitlement to know this information.

> they need to give facts.

How do you know they have facts? It takes some time for a coroner / medical examiner to produce a report. The death certificate will have minimal information.

And your claim that speculation is reduced by releasing details is incorrect. Imagine a person dies a self-inflicted death -- there will then be speculation about whether or not this is suicide or misadventure, and what the causes were.

There's nothing silly about requesting decent behavior, even if not everyone will agree to the request.

It's quite decent to wonder why such a talented person, with such a bright future, and so well-known, died prematurely.

The story of how he died could be a valuable cautionary tale for people, as much as his talent and work was inspirational.

It's human nature and not reprehensible to wonder what happened when someone you care about dies.

I don’t think anyone questioning is reprehensible. I simply don’t think it’s too much to ask to keep that discussion to less public channels in the aftermath of his death, as it’s a fairly reasonable and low burden request.

A reasonable wish, but it's hardly surprising that such a request is only going to invite more speculation.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact