Recent revelations about the Heartbleed bug were deja vu for security researcher Dan Kaminsky, who has spent 15 years finding flaws for companies like Cisco, Avaya and Microsoft. Back in 2008 he discovered a massive vulnerability in the DNS protocol, the mechanism that matches URLs with the right IP addresses and underpins the Internet. He worked with a team of researchers to secretly create a patch for the bug, then unveiled it at a press conference.
News of the DNS security weakness drew attention to problems that are more troubling than ever in the aftermath of Heartbleed. Mr. Kaminsky argues that the most important million lines of computer code underlying our digital infrastructure need to be overseen in a much different way than they are today.