In June 2005, a balding, slightly overweight, perpetually T-shirt-clad
26-year-old computer consultant named Dan Kaminsky decided to get in
shape. He began by scanning the Internet for workout tips and read that
five minutes of sprinting was the equivalent of a half-hour jog. This
seemed like a great shortcut -- an elegant exercise hack -- so he
bought some running shoes at the nearest Niketown. That same afternoon,
he laced up his new kicks and burst out the front door of his Seattle
apartment building for his first five-minute workout. He took a few
strides, slipped on a concrete ramp and crashed to the sidewalk,
shattering his left elbow.
He spent the next few weeks stuck at home in a Percocet-tinged haze.
Before the injury, he'd spent his days testing the inner workings of
software programs. Tech companies hired him to root out security holes
before hackers could find them. Kaminsky did it well. He had a knack
for breaking things -- bones and software alike.But now, laid up in bed, he couldn't think clearly. His mind drifted. Running hadn't worked out so well. Should he buy a stationary bike? Maybe one of those recumbent jobs would be best. He thought about partying in Las Vegas ... mmm, martinis ... and recalled a trick he'd figured out for getting free Wi-Fi at Starbucks.
As his arm healed, the details of that Starbucks hack kept nagging at him. He remembered that he had gotten into Starbucks' locked network using the domain name system, or DNS. When someone types google .com into a browser, DNS has a list of exactly where Google's servers are and directs the traffic to them. It's like directory assistance for the Internet. At Starbucks, the port for the low-bandwidth DNS connection -- port 53 -- was left open to route customers to the Pay for Starbucks Wi-Fi Web page.
To read the rest of this story in Wired, see www.wired.com/techbiz/people/magazine/16-12/ff_kaminsky.