It is a difficult task honoring a man who, quite literally, saved the internet. How do we continue the legacy of a hero to so many of us in the cybersecurity community? One of the ways we saw fit to do this at HUMAN was with the Dan Kaminsky Fellowship. Dan was a Human who believed in the good that could be done with this internet - especially within open-source work. A hacker at heart, Dan wanted to do everything in his power to move the world forward using his gifts.
We caught up with the first recipient of the Dan Kaminsky Fellowship, Jonathan Leitschuh, to discuss his experience as the first Fellow, his passion for his open-source project, and his future in open-source.
What has been the highlight of your time as the Dan Kaminsky Fellow?
It’s not so much as one moment, but the experience itself. I’m given, for the first time in my professional career, the freedom and flexibility to work on what I’m passionate about, and that is the power of open-source. I have the flexibility, time, and resources to be productive on my projects while getting paid a full time salary. That’s really rare to find, and I feel lucky and honored to get this opportunity.
How did it feel to have the time and resources to dive into your open-source work? What was the feeling of being picked for this fellowship?
To be honest it was stressful early on, but now that I'm fully working on the project, the biggest thing for me is the sense of astonishment at getting paid a full time salary to do the thing I love and am passionate about. I am happy that I can sit down and solve the problems I want to work on. There is also a sense of surprise that I get to convince others to work on projects I am really passionate about as well. The feeling of “I can solve these things, I can do these things” and thanks to the fellowship I have the time now. It is more than a side-gig I am doing in my spare time; it is now my work.
I was very, very excited when I got accepted. I called my girlfriend and she was in the silent section of the library. I remember being on the phone and I told her very excitedly I got accepted. She was beyond happy for me but still had to be quiet because of her location. That was a life changing moment for me, the realization of it all.
What is the thing you're most proud of that you accomplished during your Fellowship?
During this fellowship I have learned so much about myself and how in certain aspects I enjoy working with others. I have accomplished so much. My next step is hiring an intern to help with all of this. I am really proud of the conversations I have gotten to be a part of. I have been able to have talks around the open source security foundation and vulnerability discourse guide. My thoughts are becoming reality.
It has been a great process of learning about myself while doing this. I have ADHD which means at times I do this thing I call “Chasing the Squirrel”. If I get bored I will get distracted. This open-source project used to be one of the things that would distract me, but now, I get to fully commit myself to looking through every nook and cranny of my project. I get to chase the squirrel! So, it is amazing to focus on something I love to pursue. As far as what’s next I am really looking forward to seeing the fruits of my labor in the coming months - especially presenting my work at Black Hat this August. That is a dream come true.
Do you have any advice for humans interested in applying to be the next Fellow?
It’s as simple as being honest, and submitting something that you're truly passionate about. I have genuine love for my project, and the problem was I didn’t have the time and the resources to dedicate to solving it. The fellowship solved that problem. Make sure you have a project you think will make the world a better place.
I had watched a bunch of Dan’s talks prior to this opportunity and he had such a way of not blaming users. His feeling was let's build software so people can stop shooting themselves in the foot and blaming users for exploitation. We built a system that’s fundamentally insecure. So, it is on us to fix it. He had this whole mentality on the state of software that was pure. He was a bit of an idealist and I appreciated that. I was inspired by him. When I heard he passed away it was the 1 year anniversary of my mom passing away. So that was a hard day for me. I knew how important he was. I never met him in person, I wish I could’ve. One time he sent me an email when I disclosed the Zoom vulnerability that just read “Nice job, no need to respond”. He was always supporting and cheering on others in the community for their work. He was one of those role models I wanted to emulate in the world. I feel truly honored to do something cool in his name to help show that we can make the world a better place, we can move this internet forward. We have the tech to solve these problems and people who want to do it.
Legacy is how you are remembered after you are gone. Even though he has gone far too soon, Dan Kaminsky’s legacy will live on forever. The beauty of it is that it will live on the very thing he used his talents to protect; this internet. This fellowship is not solely about Jonathan, HUMAN or even Dan himself. It’s about what Dan represented throughout his entire journey: doing what's right, believing in humans, and using technology to move the world forward. Dan inspired all of us. Jonathan, whose open source project is progressing everyday will be going into more details about it with upcoming talks at DEFCON and Black Hat in regards to “Scaling the Security Researcher to Eliminate OSS Vulnerabilities Once and For All”. What he is accomplishing as our initial fellow when it comes to OSS research has made every Human proud. We are excited to see what future Dan K Fellowship recipients will produce as well. All they will do to make this internet a better place. If you have an idea you want to make into a reality and want to be a part of Dan’s legacy- applications for the next Dan K Fellowship recipient are open until August 15th, 2022.