Pretty Pictures
Wow, this is pretty cool 🙂 Post in comments if I should throw on the HD version.
Red — Unpatched
Yellow — Patched, but the NAT is screwing things up
Green — OK
(Update: HD Version, thanks to Clarified Networks!)
Leave a Reply Cancel reply
Major Projects
Phreebird: Zero Configuration DNSSEC
Interpolique: Easy Cross Language Injection Defense For The Web
DanKam: Augmented Reality for Color Blindness
Security Talks
2014
Yet Another Dan Kaminsky Talk: Hard Drive Operating Systems, Storage XOR Execution, Secure Random By Default, Cryptomnemonics, Ending Use After Free in Browsers, Fast Spoofed DDoS Tracing, NSA Crypto Fallout
Slides
2012
Black Ops: Practical System-Wide Timing Attack Defense, Real World Entropy Generation For Devices, Safe String Interpolation, Image Loads For Censorship Detection, Certificate Extraction w/ Flash Sockets, Stateless TCP Sockets
Slides
2011
Black Ops of TCP/IP 2011: Bitcoin Cloud Deanon/Data Embedding, External Interface UPNP, TCP SEQ# Attacks Revisted, Generic Password to Asymmetric Key Generation, Net Neutrality Validation
Slides
2010
Introducing The Domain Key Infrastructure:
Zero Configuration DNSSEC Serving, End-To-End Client Integration w/ UI Via OpenSSL and Secure Proxies, Federated OpenSSH, DNS over HTTP/X.509, Self-Securing URLs, Secure Scalable Email (Finally!)
Slides
Code (Phreebird Suite)
Black Hat USA Slides
Interpolique:
Where's The Safety in Type Safety?, Preventing Injection Attacks (XSS/SQL) With String Safety, Why Ease Of Use Matters, Automatic Query Parameterization, How LISP Was Right About Dynamic Scope, Dynamic DOM Manipulation For Secure Integration of Untrusted HTML
Slides Audio
Code
Realism in Web Defense:
Why Security Fails, What's Wrong With Session Management On The Web, The Failure Of Referrer Checking, Interpreter Suicide, Towards a Real Session Context, Treelocking, The Beginnings of Interpolique
Slides
2009
Staring Into The Abyss:
Middleware Fingerprinting, Firewall Rule Bypass, Internal Address Disclosure, Same Origin Attacks Against Proxied Hosts, TCP NAT2NAT via Active FTP And TCP Spoofing
Slides Paper
Black Ops Of PKI:
Structural Weaknesses of X.509, Architectural Advantages of DNSSEC, ASN.1 Confusion, Null Terminator Attacks Against Certificates
Slides Video
Financial Cryptography Paper
2008
It's The End Of The Cache As We Know It:
DNS Server+Client Cache Poisoning, Issues with SSL, Breaking “Forgot My Password” Systems, Attacking Autoupdaters and Unhardened Parsers, Rerouting Internal Traffic
Black Hat Slides
BH Fed Slides (Adds Drupal, DNSSEC)
Video Audio
"Illustrated Guide To The Kaminsky Bug"
Sarah on DNS
Ad Injection Gone Wild:
Subdomain NXDOMAIN injection for Universal Cross Site Scripting
Slides
2007
Design Reviewing The Web:
DNS Rebinding, VPN to the Browser, Provider Hostility Detection, Audio CAPTCHA Analysis
Slides Video
2006
Pattern Recognition:
Net Neutrality Violation Detection, Large Scale SSL Scanning, Securing Online Banking, Cryptomnemonics, Context Free Grammar Fuzzing, Security Dotplots
Slides
Weaponizing Noam Chomsky, or Hacking with Pattern Languages:
The Nymic Domain, XML Trees For Automatically Extracted Grammar, Syntax Highlighting for Compression Depth, Live Discovered Grammar Rendering, "CFG9000" Context Free Grammar Fuzzer, Dotplots for Format Identification and Fuzzer Guidance, Tilt Shift Dotplots, Visual Bindiff
Slides Video Code
2005:
Black Ops of TCP/IP 2005.5:
Worldwide DNS Scans, Temporal IDS Evasion, the Sony Rootkit, MD5 Conflation of Web Pages
Slides Video
2004:
MD5 To Be Considered Harmful Someday:
Applied Attacks Against Simple Collisions Via Malicious Appendage, Executable Confusion, Auditor Bypass, Bit Commitment Shirking, HMAC Implications, Collision Steganography, P2P Attacks Against Kazaa Hash
Slides Paper
Code (Confoo)
Code (Stripwire)
Black Ops of DNS:
Tunneling Audio, Video, and SSH over DNS
Slides Audio
Code (OzymanDNS 0.1)
Code (OzymanDNS 0.1 for Windows)
2003:
Stack Black Ops:
Generic ActiveX, SQL for Large Network Scans, Bandwidth Brokering, SSL for IDS’s
Slides Audio
Code (Paketto Keiretsu 2.00pre5)
2002:
Black Ops of TCP/IP:
High Speed Scanning, Parasitic Traceroute, TCP NAT2NAT
Slides Audio 1 Audio 2
Code (Paketto Keiretsu 1.01)
2001:
Gateway Cryptography:
SSH Dynamic Forwarding, Securing Meet-In-The-Middle, PPTP over SSH
Slides Audio
SSH Cheat Sheet
Dan Kaminsky's Blog 
HD version would make this look awesome on my TV. I plan on making it my screensaver if you post the HD version. Hope your having fun in Vegas see you this weekend.
-C
Interesting indeed. Personally, I would really like to see the HD version.
Sure, let’s see the HD version. 🙂
Hey Dan,
Really cool animation, I like it!!
I would love to see an HD version
yeah HD version must rock
HD would be shiny!
How was this generated? it’s a nice way to show this kind of thing.
Hy Dan,
i would like to see an HD version
🙂
I’d love to see the HD version. what’s the time span on this?
Interesting how Europe seemed to patch much earlier than the US.
please post the HD version
Yes on the HD version.
Anyone notice how Europe seemed to get green sooner and faster than the US? I hope its cuz we’re more cautious and do more testing first? Anyway – cool animation, very creative!
Hey cool, I would like to see the HD version too.
This is very nice.
HD Please! Thanks for the animation it is wonderful.
Thiết kế web, thiet ke web, Thiết kế website, thiet ke website, design
Dude that is a really good article indeed.
JT
http://www.FireMe.To/udi
I love how towards the end it shows “waves” of servers being updated from east to west, showing the typical hours of the day the network admins are in their offices around the world patching the servers 🙂
Dan;
Where’d the data come from?
_decode
Wow. That is really cool. Really interesting that Eastern Europe patched noticibly faster (maybe just b/c of the lack of traffic?) than western Europe and the US.
HD would be awesome, and I was just out of vegas and wanting to go, but I had a road trip that was just a wee-bit off of timing.
YE let´s see the HD version
Hi Dan,
that’s pretty awesome. Great Work.
Let’s see the HD version 😉
hope to see you at the 25C3.
Big vote for the HD version!
We are witnessing, and building, something truly profound.
Neat. I’ve never seen a map showing the discord between the “west” and the rest of the world. That big swath over South America, Africa, the Middle East, and the Far East is just depressing.
Hi,
I’d like to see a colour blind version. My stoopid eyes can’t see the difference in this animation.
Looks cool though. Would like to follow the information though.
\o/ comments again \o/
Do you have any automatics deployed on when to go static? ;o)
Yes we totally want the HD version.
Very nice animation! One question on the HD version, what codec does it use? For some reason i cannot play it…
Very inspiring animation.
If I think myself into the situation: what in the WAN isn’t affected by DNS – and what on the globe is working without Internet access any more?
Nuclear power stations offer remote administration, VPNds need DNS… who uses an IP nowadays? Very few suspect individuals as I’d say. The rest of the world doesn’t look through the RFCs like that.
So Dan: you found the krown-vulnerability. Sign my PGP key for me *g* at 25c3 🙂
No seriously: the animation shows how a nightmare has been prevented by good and IT-work as it should be.
I think you could have sold this knowledge as a weapon. – Could have worked. And even if there envious people or dump ones. Good work from my point of view.
The HD version may give folks using QuickTime fits. If they go to http://perian.org/ they can download a free prefs file that will let them view it.
You are welcome Dan! It was a pleasure 🙂 Let us know if anyone needs some special versions: we already did a zoom-in of Finland synced with CERT-advisories.
wow, nice
Thank you for posting this web clip.