Steve Gibson (computer programmer): Difference between revisions

For other people named Steve Gibson, see Steve Gibson (disambiguation).

Steve Gibson
Steve in between shots on Leo Laporte's Call For Help in Toronto April, 2007.
Born	March 1955 Dayton, Ohio, United States
Nationality	American
Education	EECS at UC Berkeley
Occupation(s)	Software Engineer and Security Analyst
Known for	Security Now! audio podcast on TWiT.tv (network)
Title	Computer Programmer
Website	GRC.com

Steve Gibson (born March 1955, Dayton Ohio) is a computer enthusiast, software engineer and security researcher who studied EECS at the UC Berkeley. Gibson currently lives in Laguna Hills, California. In 1985, Gibson founded Gibson Research Corporation, which is most well known for its SpinRite software.

Works

Gibson has had a very long career in the technology field - his resume lists jobs he has held back to the age of 13 ^[1]. He began in hardware projects but moved more towards software development in the 1980s. One of his early successes during this period was a light pen graphics system for the Apple II.

Gibson is an advocate of assembly language programming, and prides himself on writing smaller applications mostly in Intel x86 assembly language, including much of the code of the SpinRite hard disk utility used at the beginning of the PC era. He is one of several advocates of optimizing computer programs and reducing the size of their executables.

In the 1990s, Gibson began to move into the computer security field, developing and distributing a number of security tools, including the ShieldsUp! port-scanner, and the LeakTest firewall tester. In 2000, Gibson created one of the first adware removal programs, OptOut.

Gibson's latest work is SecurAble, which is a program that will tell the user if their CPU supports 64 bit, DEP (Data Execution Prevention) and hardware level virtual machines.

Gibson Research Corporation

Gibson Research Corporation or GRC is a computer software development firm founded in 1985 by Gibson. The company is registered in Laguna Hills, California^[2]. GRC has created a number of niche utilities over the years, the foremost of which is SpinRite, a hard disk scanning and data recovery utility.

As of mid 2008 GRC had three employees, including Gibson. Gibson also founded Gibson Laboratories, Inc. in 1981, a predecessor to GRC^[1].

Media

Steve Gibson is a contributing editor to InfoWorld magazine. His writings try to provide visibility into the world of hackers and crackers, of which he counts himself one of the former.

Gibson co-hosts a weekly computer security-focused podcast with Leo Laporte called Security Now!. Gibson appears sometimes on Leo Laporte's technology podcast, This Week in Tech. Gibson also used to occasionally appear on The Lab with Leo Laporte on G4techTV Canada.

In April 2006, Gibson made an acting appearance alongside technology columnist John C. Dvorak in the video podcast Up in Smoke.

Controversy

Gibson has generated controversy by taking unusual positions on security and other technical issues, and for doing so with a demeanor often perceived as self-aggrandizing. He is a contentious figure even among his fellow InfoWorld columnists.^[3]

Notable examples of criticism include:

• Is known to have worked closely with John McAfee on the marketing of the ZoneAlarm firewall and to have begun his ShieldsUp! application at McAfee's behest. This collaboration extended through the followup "leak test" when McAfee began tooling ZoneAlarm with egress control. Gibson also hosted extensive forums for McAfee's ZoneAlarm, all the while claiming he wasn't selling anything (and incurring the ridicule of the mainstream media^{[citation needed]}). His techniques were cited as reminiscent of what McAfee and he had done a generation earlier with the antivirus industry.^[4]
• Claimed to have "independently invented" SYN cookies, a SYN flood denial of service avoidance technique invented by Daniel J. Bernstein.^[5] SYN cookies have been supported in Linux since 1997. SYN cookies are widely known among programmers involved in the field ^{[citation needed]}. Steve states that he was previously unaware of Daniel's technique until it was pointed out to him in a forum posting. After exchanging emails with him to confirm, he now attributes Daniel as the "principal originator" of the idea several years before him. ^[6]
• Stated that raw sockets in Windows XP could be the "enabling factor for the creation of a series of 'Ultimate Weapons' against which the fundamentally trusting architecture of the global Internet currently has no effective defense".^[7] No such "weapons" have surfaced. Fyodor, the author of the Nmap Security Scanner, stated that Gibson's "'findings' are not new, are always filled with massive hyperbole, and are frequently completely false".^[8] Microsoft limited raw socket support in Windows XP Service Pack 2 in favor of their own interface, NetMon, a move described by some^[who?] as "crippling". It is believed that Microsoft's decision was influenced by criticism from Steve Gibson, among others^{[citation needed]}. On episode #155 of the Security Now podcast, Steve states that because Windows XP SP2 and later does not have raw-socket support, the danger from a DNS vulnerability announced in August 2008 was mitigated. "Windows-based bot fleets" taking advantage of the vulnerability by spoofing UDP packets were not possible, because Windows XP is not able to build its "own UDP packet and put any source IP in it"^[9]. The attacks could only be launched from a raw-sockets-enabled OS, which limits XP's potential danger to the internet if the system was commandeered for malicious purposes.^[10]
• Claimed that the Windows Metafile vulnerability was intentionally engineered into Windows by somebody at Microsoft as a backdoor for their use.^[11] He maintains that the backdoor was intentional, though not necessarily officially mandated by Microsoft (e.g. a rogue employee may have put it in). Gibson also suggested in episode 22 of his Security Now podcast that Microsoft's reason for patching the vulnerability was due to an "industrious hacker" finding out about it and using it.^[12] No evidence has been presented by any other researcher suggesting that the WMF vulnerability was a backdoor. In fact, one researcher, John Graham-Cumming has posted a detailed refutation of Gibson's backdoor claim^[13]. Microsoft denies the allegations^[14].
• Claims to have coined the term spyware. In many Security Now! episodes he is introduced by co-host Leo Laporte as "the man who discovered spyware, coined the term, wrote the first anti-spyware program"^[15] Although he was the first to use the term to describe advertising software, the word "spyware" has been around since 1995^[16], when it was used in a joke about Microsoft's networking stack.
• A site focused on gather material to "expose Steve Gibson" was grcsucks.com. This site is offline since of July 2007, however a copy of it can be accessed trough the Internet Archive. The hype-free blog started the grcsucks.com revival project, which aims to ultimately serve as a mirror for all the content from the original site.

See also

• Shields Up
• Security Now!
• SpinRite

References

1. http://www.grc.com/resume.htm
2. Gibson Research Corporation, Techadvice.com. Retrieved on 2 February 2007.
3. P.J. Connolly. "Another hole in XP". InfoWorld. Retrieved 2006-06-25.
4. Radsoft. "13 Sep 1999 15:49:00 - Steve Gibson begins work on Shields Up". Radsoft. Retrieved 2008-07-15.
5. D. J. Bernstein. "SYN cookies". D. J. Bernstein. Retrieved 2006-06-25.
6. http://www.grc.com/r&d/nomoredos.htm
7. Steve Gibson (2005-09-17). "The Strange Tale of the Denial of Service Attacks on GRC.com". Gibson Research Corporation. Retrieved 2006-06-25. {{cite web}}: Check date values in: |date= (help)
8. Fyodor. "Nmap Hackers: Re: Steve Gibson vs. Microsoft". Nmap Hackers. Retrieved 2006-12-24.
9. http://www.grc.com/sn/sn-155.txt
10. http://www.grc.com/sn/sn-008.txt
11. Steve Gibson (2006-01-12). "grc.news.feedback". Gibson Research Corporation. Retrieved 2007-11-06. {{cite web}}: Check date values in: |date= (help) "The only conclusion that can reasonably be drawn is that this was a deliberate backdoor put into all of Microsoft's recent editions of Windows."
12. Steve Gibson (2006-01-13). "Security Now! Episode 22 "The Windows MetaFile Backdoor?" transcript". Gibson Research Corporation. Retrieved 2006-06-25. {{cite web}}: Check date values in: |date= (help); Unknown parameter |coauthors= ignored (|author= suggested) (help)
13. http://www.jgc.org/blog/2006/01/wmf-setabortproc-problem-is-not.html
14. http://www.informationweek.com/news/windows/security/showArticle.jhtml?articleID=177100970
15. "Security Now! episode 142". Twit. Retrieved 2008-05-23.
16. Vossen, Roland (attributed); October 21, 1995; Win 95 Source code in c!! posted to rec.games.programmer; retrieved from groups.google.com November 28, 2006.

External links

• GRC.com - main page
• Security Now! - Steve Gibson and Leo Laporte's podcast on computer security