- Steve Gibson (computer programmer)
name = Steve Gibson
caption = Steve in between shots on
Leo Laporte's Call For Helpin TorontoApril, 2007.
birth_date = March 1955
Dayton, Ohio, United States
Laguna Hills, California
nationality = U.S. American
Security Now! audio podcaston TWiT.tv (network)
EECSat UC Berkeley
website = [http://www.grc.com/ GRC.com]
Steve Gibson (born March 1955,
Dayton Ohio) is a computer enthusiast, software engineerand security commentator based in Laguna Hills, California. Gibson founded Gibson Research Corporation in 1985, which currently has three employees.
EECSat UC Berkeley.
Gibson has had a very long career in the technology field - his resume lists jobs he has held back to the age of 13 [http://www.grc.com/resume.htm] . He began in hardware projects but moved more towards software development in the 1980s. One of his early successes during this period was a
light pengraphics system for the Apple II.
Gibson is an advocate of
assembly languageprogramming, and prides himself on writing smaller applications mostly in Intel x86 assembly language, including much of the code of the SpinRitehard disk utility used at the beginning of the PC era. He is one of several advocates of optimizing computer programs and reducing the size of their executables.
In the 1990s, Gibson began to move into the computer security field, developing and distributing a number of security tools, including the "ShieldsUp!" port-scanner, and the "LeakTest" firewall tester. In 2000, Gibson created one of the first
adwareremoval programs, [http://www.grc.com/optout.htm OptOut] .
Gibson's latest work is "SecurAble", which is a program that will tell the user if their CPU supports 64 bit, DEP (
Data Execution Prevention) and hardware level virtual machines.
Gibson Research Corporation
"Gibson Research Corporation" or "GRC" is a computer
software developmentfirm founded in 1985 by Gibson. The company is registered in Laguna Hills, California[ [http://www.techadvice.com/help/company/g/gibson-r.htm Gibson Research Corporation] , "Techadvice.com". Retrieved on 2 February 2007.] . GRC has created a number of niche utilities over the years, the foremost of which is SpinRite, a hard diskscanning and data recoveryutility.
As of mid 2008 GRC had three employees, including Gibson.
Steve Gibson is a contributing editor to
InfoWorldmagazine. His writings try to provide visibility into the world of "hackers" and "", of which he counts himself one of the former.
Gibson co-hosts a weekly computer security-focused
podcastwith Leo Laportecalled " Security Now!". Gibson appears sometimes on Leo Laporte's technology podcast, " This Week in Tech". Gibson also used to occasionally appear on " The Lab with Leo Laporte" on " G4techTV Canada".
In April 2006, Gibson made an acting appearance alongside technology columnist
John C. Dvorakin the video podcast [http://cigarvideopodcast.com/ "Up in Smoke"] .
Gibson has generated controversy by taking unusual positions on security and other technical issues, and for doing so with a demeanor often perceived as self-aggrandizing. He is a contentious figure even among his fellow InfoWorld columnists. [cite web|url=http://www.infoworld.com/articles/op/xml/01/07/16/010716opsecurity.html |title= Another hole in XP |accessdate=2006-06-25 |author=P.J. Connolly |publisher= InfoWorld]
Notable examples of criticism include:
* Is known to have worked closely with
John McAfeeon the marketing of the ZoneAlarmfirewall and to have begun his ShieldsUp! application at McAfee's behest. This collaboration extended through the followup "leak test" when McAfee began tooling ZoneAlarmwith egress control. Gibson also hosted extensive forums for McAfee's ZoneAlarm, all the while claiming he wasn't selling anything (and incurring the ridicule of the mainstream media). His techniques were cited as reminiscent of what McAfeeand he had done a generation earlier with the antivirusindustry. [cite web |url=http://radsoft.net/resources/software/reviews/za/19990913154900.shtml |title=13 Sep 1999 15:49:00 - Steve Gibson begins work on Shields Up |accessdate=2008-07-15 |author=Radsoft |publisher=Radsoft]
* Claimed to have "independently invented"
SYN cookies, a SYN flooddenial of service avoidance technique invented by Daniel J. Bernstein. [cite web |url=http://cr.yp.to/syncookies.html |title=SYN cookies |accessdate=2006-06-25 |author=D. J. Bernstein |publisher=D. J. Bernstein] SYN cookies have been supported in Linuxsince 1997. SYN cookies are widely known among programmers involved in the field Fact|date=August 2008. Steve states that he was previously unaware of Daniel's technique until it was pointed out to him in a forum posting. After exchanging emails with him to confirm, he now attributes Daniel as the "principal originator" of the idea several years before him. [http://www.grc.com/r&d/nomoredos.htm]
* Stated that
raw socketsin Windows XPcould be the "enabling factor for the creation of a series of 'Ultimate Weapons' against which the fundamentally trusting architecture of the global Internetcurrently has no effective defense". [cite web |url=http://www.grc.com/dos/grcdos.htm |title=The Strange Tale of the Denial of Service Attacks on GRC.com |accessdate=2006-06-25 |author=Steve Gibson |date= 2005-09-17|publisher= Gibson Research Corporation] No such "weapons" have surfaced. Fyodor, the author of the Nmap Security Scanner, stated that Gibson's "'findings' are not new, are always filled with massive hyperbole, and are frequently completely false". [cite web |url=http://seclists.org/nmap-hackers/2001/0025.html |title=Nmap Hackers: Re: Steve Gibson vs. Microsoft |accessdate=2006-12-24 |author=Fyodor |authorlink=Gordon Lyon |publisher=Nmap Hackers] Microsoft limited raw socket support in Windows XP Service Pack 2 in favor of their own interface, "NetMon", a move described by some as "crippling". It is believed that Microsoft's decision was influenced by criticism from Steve Gibson, among others. On episode #155 of the Security Nowpodcast, Steve states that because Windows XP SP2 and later does not have raw-socket support, the danger from a DNS vulnerability announced in August 2008 was mitigated. "Windows-based bot fleets" taking advantage of the vulnerability by spoofing UDP packets were not possible, because Windows XP is not able to build it's "own UDP packet and put any source IP in it" [http://www.grc.com/sn/sn-155.txt] . The attacks could only be launched from a raw-sockets-enabled OS, which limits XP's potential danger to the internet if the system was commandeered for malicious purposes. [http://www.grc.com/sn/sn-008.txt]
* Claimed that the
Windows Metafile vulnerabilitywas intentionally engineered into Windows by somebody at Microsoftas a backdoorfor their use. [cite web |publisher= Gibson Research Corporation|url=http://12078.net/grcnews/article.php?group=grc.news.feedback&id=60006 |title=grc.news.feedback |accessdate=2007-11-06 |author=Steve Gibson |date= 2006-01-12"The only conclusion that can reasonably be drawn is that this was a deliberate backdoor put into all of Microsoft's recent editions of Windows."] He maintains that the backdoor was intentional, though not necessarily officially mandated by Microsoft (e.g. a rogue employee may have put it in). Gibson also suggested in episode 22 of his Security Nowpodcast that Microsoft's reason for patching the vulnerability was due to an "industrious hacker" finding out about it and using it. [cite web |url=http://www.grc.com/sn/SN-022.htm |title=Security Now! Episode 22 "The Windows MetaFile Backdoor?" transcript |accessdate=2006-06-25 |author=Steve Gibson |coauthors= Leo Laporte|date= 2006-01-13|publisher= Gibson Research Corporation] No evidence has been presented by any other researcher suggesting that the WMF vulnerability was a backdoor. Microsoft denies the allegations [http://www.informationweek.com/news/windows/security/showArticle.jhtml?articleID=177100970] .
* Claims to have coined the term
spyware. In many Security Now!episodes he is introduced by co-host Leo Laporteas "the man who discovered spyware, coined the term, wrote the first anti-spyware program" [cite web |url=http://www.twit.tv/sn142 |title=Security Now! episode 142 |accessdate=2008-05-23 |publisher=Twit] Although he was the first to use the term to describe advertising software, the word "spyware" has been around since 1995Vossen, Roland (attributed); October 21, 1995; [http://groups.google.com/group/rec.games.programmer/browse_thread/thread/86a426b0147496d8/3b5d1936eb4d0f33?lnk=st&q=&rnum=8#3b5d1936eb4d0f33 Win 95 Source code in c!!] posted to rec.games.programmer; retrieved from groups.google.com November 28, 2006.] , when it was used in a joke about Microsoft's networking stack.
* [http://www.grc.com/ GRC.com] - main page
* [http://www.grc.com/securitynow.htm Security Now!] - Steve Gibson and
Leo Laporte's podcast on computer security
Wikimedia Foundation. 2010.
Look at other dictionaries:
Steve Gibson — may refer to: *Steve Gibson (businessman) (born 1958), English entrepreneur and chairman of Middlesbrough Football Club *Steve Gibson (computer programmer) (born 1955), American computer engineer and journalist *Steve Gibson (educator), founder… … Wikipedia
Hutton Gibson — Hutton Peter Gibson (born August 26, 1918), is a writer on religion, a staunch sedevacantist Traditional Catholic, and the father of eleven children, one of which is actor/director Mel Gibson.Gibson s place of birth is a matter of debate; he has… … Wikipedia
Hacker (computer security) — This article is part of a series on … Wikipedia
Laguna Hills, California — City of Laguna Hills City Seal … Wikipedia
The Matrix — For the series, see The Matrix (franchise). For other uses, see Matrix. The Matrix Theatrical release poster Directed by Andy Wachowski Larry Wachowski … Wikipedia
List of programmers — This list is incomplete; you can help by expanding it. This is a list of programmers notable for their contributions to software, either as original author or architect, or for later additions. Contents: A B C D E F G H I J K L M N … Wikipedia
Paranoia (role-playing game) — Paranoia 25th Anniversary Troubleshooters Edition Designer(s) Greg Costikyan, Dan Gelber, Eric Goldberg, Allen Varney (current edition) … Wikipedia
PDP-8 — A PDP 8 on display at the Smithsonian s National Museum of American History in Washington, D.C.. This example is from the first generation of PDP 8s, built with discrete transistors and later known as the Straight 8. The 12 bit PDP 8 was the… … Wikipedia
WkD Bot — is a Trojan horse that was created in 2001 by a script kiddie using the nickname Wicked (born March 1988). It is a tool used to DDoS persons, servers or websites. Recent insights have revealed that WkD Bot was only an editor to hexedit the… … Wikipedia
Todd Rundgren — Infobox Musical artist Img size = 150 Name = Todd Rundgren Background = solo singer Born = Birth date and age|1948|06|22 Origin = Upper Darby, PA, United States Genre = Progressive rock, Soft rock, Power pop, Pop rock, Hard rock, Blue eyed soul… … Wikipedia