Steve Gibson (computer programmer)

From Wikipedia, the free encyclopedia

For other people named Steve Gibson see Steve Gibson (disambiguation)
Steve Gibson

Steve in between shots on Leo LaPorte's Call For Help in Toronto April, 2007.
Born March 1955
Dayton, Ohio, United States
Residence Laguna Hills, California
USA
Nationality U.S. American
Education EECS at UC Berkeley
Occupation Software Engineer and Security Analyst
Title Computer Programmer
Known for Security Now! audio podcast on TWiT.tv (network)
Website
GRC.com

Steve Gibson (born March 1955, Dayton Ohio) is a computer enthusiast, software engineer and security commentator based in Laguna Hills, California. Gibson founded Gibson Research Corporation in 1985, and currently has three employees.

Gibson studied EECS at UC Berkeley.

Contents

[edit] Works

Gibson has had a very long career in the technology field -- his resume lists jobs he has held back to the age of 13. He began in hardware projects but moved more towards software development in the 1980s. One of his early successes during this period was a light pen graphics system for the Apple II.

Gibson is an advocate of assembly language programming, and prides himself on writing whole applications exclusively in assembly language, including the SpinRite hard disk utility. He is one of several advocates of optimizing computer programs and reducing the size of their executables.

In the 1990s, Gibson began to move into the computer security field, developing and distributing a number of security tools, including the ShieldsUp! port-scanner, and the LeakTest firewall tester. In 2000, Gibson created one of the first adware removal programs, OptOut.

Gibson's latest work is SecurAble, which is a program that will tell the user if their CPU supports 64 bit, DEP (Data Execution Prevention) and hardware level virtual machines.

[edit] Gibson Research Corporation

Gibson Research Corporation or GRC is a computer software development firm founded in 1985 by Gibson. The company is registered in Laguna Hills, California[1]. GRC has created a number of niche utilities over the years, the foremost of which is SpinRite, a hard disk scanning and data recovery utility.

GRC also offers a few free utilities for Internet security such as a port scan test for firewalls.

As of early 2006 GRC had three employees, including Gibson.

[edit] Media

Steve Gibson is a contributing editor to InfoWorld magazine. His writings try to provide visibility into the world of hackers and crackers, of which he counts himself one of the former.

Gibson co-hosts a weekly computer security-focused podcast with Leo Laporte called Security Now!. Gibson appears sometimes on Leo Laporte's technology podcast, This Week in Tech. Gibson also occasionally appears on The Lab with Leo Laporte on G4techTV Canada.

In April 2006, Gibson made an acting appearance alongside technology columnist John C. Dvorak in the video podcast Up in Smoke.

[edit] Controversy

Gibson has generated controversy by taking unusual positions on security and other technical issues, and for doing so with a demeanor often perceived as self-aggrandizing. He is a contentious figure even among his fellow InfoWorld columnists.[2]

Notable examples of criticism include:

  • Claimed to have "independently invented" SYN cookies, a SYN flood denial of service avoidance technique invented by Daniel J. Bernstein.[3] SYN cookies have been supported in Linux since 1997. SYN cookies are widely known among programmers interested in the field.
  • Stated that raw sockets in Windows XP could be the "enabling factor for the creation of a series of 'Ultimate Weapons' against which the fundamentally trusting architecture of the global Internet currently has no effective defense".[4] No such "weapons" have surfaced. Fyodor, the author of the Nmap Security Scanner, stated that Gibson's "'findings' are not new, are always filled with massive hyperbole, and are frequently completely false".[5] Microsoft limited raw socket support in Windows XP Service Pack 2 in favor of their own interface, NetMon, a move described by some as "crippling", probably due to criticism from users influenced by Steven Gibson.
  • Claimed that the Windows Metafile vulnerability was intentionally engineered into Windows by somebody at Microsoft as a backdoor for their use.[6] Gibson also suggested in episode 22 of his Security Now podcast that Microsoft's reason for patching the vulnerability was due to an "industrious hacker" finding out about it and using it.[7] No evidence has been presented by any other researcher suggesting that the WMF vulnerability was a backdoor.
  • Claims to have coined the term spyware. In many Security Now! episodes he is introduced by co-host Leo Laporte as "the man who discovered spyware, coined the term, wrote the first anti-spyware program"[8]. The word spyware has been around since 1995[9].

[edit] See also

[edit] References

  1. ^ Gibson Research Corporation, Techadvice.com. Retrieved on 2 February 2007.
  2. ^ P.J. Connolly. Another hole in XP. InfoWorld. Retrieved on 2006-06-25.
  3. ^ D. J. Bernstein. SYN cookies. D. J. Bernstein. Retrieved on 2006-06-25.
  4. ^ Steve Gibson (2005-09-17). The Strange Tale of the Denial of Service Attacks on GRC.com. Gibson Research Corporation. Retrieved on 2006-06-25.
  5. ^ Fyodor. Nmap Hackers: Re: Steve Gibson vs. Microsoft. Nmap Hackers. Retrieved on 2006-12-24.
  6. ^ Steve Gibson (2006-01-12). grc.news.feedback. Gibson Research Corporation. Retrieved on 2007-11-06. "The only conclusion that can reasonably be drawn is that this was a deliberate backdoor put into all of Microsoft's recent editions of Windows."
  7. ^ Steve Gibson; Leo Laporte (2006-01-13). Security Now! Episode 22 "The Windows MetaFile Backdoor?" transcript. Gibson Research Corporation. Retrieved on 2006-06-25.
  8. ^ Security Now! episode 142. Twit. Retrieved on 2008-05-23.
  9. ^ Vossen, Roland (attributed); October 21, 1995; Win 95 Source code in c!! posted to rec.games.programmer; retrieved from groups.google.com November 28, 2006.

[edit] External links

Languages