Steve Gibson (computer programmer)

Infobox Person
name = Steve Gibson


caption = Steve in between shots on Leo Laporte's Call For Help in Toronto April, 2007.
birth_name =
birth_date = March 1955
birth_place = Dayton, Ohio, United States
death_date =
death_place =
death_cause =
resting_place =
resting_place_coordinates =
residence = Laguna Hills, California
USA
nationality = U.S. American
other_names =
known_for = Security Now! audio podcast on TWiT.tv (network)
education = EECS at UC Berkeley
employer =
occupation = Software Engineer and
Security Analyst
title = Computer Programmer
salary =
networth =
height =
weight =
term =
predecessor =
successor =
party =
boards =
religion =
spouse =
partner =
children =
parents =
relatives =


website = [http://www.grc.com/ GRC.com]
footnotes =

Steve Gibson (born March 1955, Dayton Ohio) is a computer enthusiast, software engineer and security commentator based in Laguna Hills, California. Gibson founded Gibson Research Corporation in 1985, which currently has three employees.

Gibson studied EECS at UC Berkeley.

Works

Gibson has had a very long career in the technology field - his resume lists jobs he has held back to the age of 13 [http://www.grc.com/resume.htm] . He began in hardware projects but moved more towards software development in the 1980s. One of his early successes during this period was a light pen graphics system for the Apple II.

Gibson is an advocate of assembly language programming, and prides himself on writing smaller applications mostly in Intel x86 assembly language, including much of the code of the SpinRite hard disk utility used at the beginning of the PC era. He is one of several advocates of optimizing computer programs and reducing the size of their executables.

In the 1990s, Gibson began to move into the computer security field, developing and distributing a number of security tools, including the "ShieldsUp!" port-scanner, and the "LeakTest" firewall tester. In 2000, Gibson created one of the first adware removal programs, [http://www.grc.com/optout.htm OptOut] .

Gibson's latest work is "SecurAble", which is a program that will tell the user if their CPU supports 64 bit, DEP (Data Execution Prevention) and hardware level virtual machines.

Gibson Research Corporation

"Gibson Research Corporation" or "GRC" is a computer software development firm founded in 1985 by Gibson. The company is registered in Laguna Hills, California [ [http://www.techadvice.com/help/company/g/gibson-r.htm Gibson Research Corporation] , "Techadvice.com". Retrieved on 2 February 2007.] . GRC has created a number of niche utilities over the years, the foremost of which is SpinRite, a hard disk scanning and data recovery utility.

As of mid 2008 GRC had three employees, including Gibson.

Media

Steve Gibson is a contributing editor to InfoWorld magazine. His writings try to provide visibility into the world of "hackers" and "", of which he counts himself one of the former.

Gibson co-hosts a weekly computer security-focused podcast with Leo Laporte called "Security Now!". Gibson appears sometimes on Leo Laporte's technology podcast, "This Week in Tech". Gibson also used to occasionally appear on "The Lab with Leo Laporte" on "G4techTV Canada".

In April 2006, Gibson made an acting appearance alongside technology columnist John C. Dvorak in the video podcast [http://cigarvideopodcast.com/ "Up in Smoke"] .

Controversy

Gibson has generated controversy by taking unusual positions on security and other technical issues, and for doing so with a demeanor often perceived as self-aggrandizing. He is a contentious figure even among his fellow InfoWorld columnists. [cite web|url=http://www.infoworld.com/articles/op/xml/01/07/16/010716opsecurity.html |title= Another hole in XP |accessdate=2006-06-25 |author=P.J. Connolly |publisher= InfoWorld]

Notable examples of criticism include:
* Is known to have worked closely with John McAfee on the marketing of the ZoneAlarm firewall and to have begun his ShieldsUp! application at McAfee's behest. This collaboration extended through the followup "leak test" when McAfee began tooling ZoneAlarm with egress control. Gibson also hosted extensive forums for McAfee's ZoneAlarm, all the while claiming he wasn't selling anything (and incurring the ridicule of the mainstream media). His techniques were cited as reminiscent of what McAfee and he had done a generation earlier with the antivirus industry. [cite web |url=http://radsoft.net/resources/software/reviews/za/19990913154900.shtml |title=13 Sep 1999 15:49:00 - Steve Gibson begins work on Shields Up |accessdate=2008-07-15 |author=Radsoft |publisher=Radsoft]
* Claimed to have "independently invented" SYN cookies, a SYN flood denial of service avoidance technique invented by Daniel J. Bernstein. [cite web |url=http://cr.yp.to/syncookies.html |title=SYN cookies |accessdate=2006-06-25 |author=D. J. Bernstein |publisher=D. J. Bernstein] SYN cookies have been supported in Linux since 1997. SYN cookies are widely known among programmers involved in the field Fact|date=August 2008. Steve states that he was previously unaware of Daniel's technique until it was pointed out to him in a forum posting. After exchanging emails with him to confirm, he now attributes Daniel as the "principal originator" of the idea several years before him. [http://www.grc.com/r&d/nomoredos.htm]
* Stated that raw sockets in Windows XP could be the "enabling factor for the creation of a series of 'Ultimate Weapons' against which the fundamentally trusting architecture of the global Internet currently has no effective defense". [cite web |url=http://www.grc.com/dos/grcdos.htm |title=The Strange Tale of the Denial of Service Attacks on GRC.com |accessdate=2006-06-25 |author=Steve Gibson |date=2005-09-17 |publisher=Gibson Research Corporation] No such "weapons" have surfaced. Fyodor, the author of the Nmap Security Scanner, stated that Gibson's "'findings' are not new, are always filled with massive hyperbole, and are frequently completely false". [cite web |url=http://seclists.org/nmap-hackers/2001/0025.html |title=Nmap Hackers: Re: Steve Gibson vs. Microsoft |accessdate=2006-12-24 |author=Fyodor |authorlink=Gordon Lyon |publisher=Nmap Hackers] Microsoft limited raw socket support in Windows XP Service Pack 2 in favor of their own interface, "NetMon", a move described by some as "crippling". It is believed that Microsoft's decision was influenced by criticism from Steve Gibson, among others. On episode #155 of the Security Now podcast, Steve states that because Windows XP SP2 and later does not have raw-socket support, the danger from a DNS vulnerability announced in August 2008 was mitigated. "Windows-based bot fleets" taking advantage of the vulnerability by spoofing UDP packets were not possible, because Windows XP is not able to build it's "own UDP packet and put any source IP in it" [http://www.grc.com/sn/sn-155.txt] . The attacks could only be launched from a raw-sockets-enabled OS, which limits XP's potential danger to the internet if the system was commandeered for malicious purposes. [http://www.grc.com/sn/sn-008.txt]
* Claimed that the Windows Metafile vulnerability was intentionally engineered into Windows by somebody at Microsoft as a backdoor for their use. [cite web |publisher=Gibson Research Corporation |url=http://12078.net/grcnews/article.php?group=grc.news.feedback&id=60006 |title=grc.news.feedback |accessdate=2007-11-06 |author=Steve Gibson |date=2006-01-12 "The only conclusion that can reasonably be drawn is that this was a deliberate backdoor put into all of Microsoft's recent editions of Windows."] He maintains that the backdoor was intentional, though not necessarily officially mandated by Microsoft (e.g. a rogue employee may have put it in). Gibson also suggested in episode 22 of his Security Now podcast that Microsoft's reason for patching the vulnerability was due to an "industrious hacker" finding out about it and using it. [cite web |url=http://www.grc.com/sn/SN-022.htm |title=Security Now! Episode 22 "The Windows MetaFile Backdoor?" transcript |accessdate=2006-06-25 |author=Steve Gibson |coauthors=Leo Laporte |date=2006-01-13 |publisher=Gibson Research Corporation] No evidence has been presented by any other researcher suggesting that the WMF vulnerability was a backdoor. Microsoft denies the allegations [http://www.informationweek.com/news/windows/security/showArticle.jhtml?articleID=177100970] .
* Claims to have coined the term spyware. In many Security Now! episodes he is introduced by co-host Leo Laporte as "the man who discovered spyware, coined the term, wrote the first anti-spyware program" [cite web |url=http://www.twit.tv/sn142 |title=Security Now! episode 142 |accessdate=2008-05-23 |publisher=Twit] Although he was the first to use the term to describe advertising software, the word "spyware" has been around since 1995Vossen, Roland (attributed); October 21, 1995; [http://groups.google.com/group/rec.games.programmer/browse_thread/thread/86a426b0147496d8/3b5d1936eb4d0f33?lnk=st&q=&rnum=8#3b5d1936eb4d0f33 Win 95 Source code in c!!] posted to rec.games.programmer; retrieved from groups.google.com November 28, 2006.] , when it was used in a joke about Microsoft's networking stack.

ee also

*Shields Up
*Security Now!
*SpinRite

References

External links

* [http://www.grc.com/ GRC.com] - main page
* [http://www.grc.com/securitynow.htm Security Now!] - Steve Gibson and Leo Laporte's podcast on computer security