Steve Gibson
Encyclopedia
Steve Gibson is a computer enthusiast, software engineer
and security researcher who studied Electrical Engineering and Computer Science at the University of California, Berkeley
. Gibson currently lives in Laguna Hills, California
. In 1985, Gibson founded Gibson Research Corporation, which is best known for its SpinRite
software.
graphics system for the Apple II.
Gibson is an advocate of assembly language
programming, and prides himself on writing smaller applications mostly in Intel x86 assembly language, including much of the code of the SpinRite
hard disk utility used from the beginning of the PC era. He is one of several advocates of optimizing computer programs and reducing the size of their executables.
In the 1990s, Gibson began to move into the computer security field, developing and distributing a number of free security tools, including the ShieldsUp! port-scanner, and the LeakTest firewall tester. In 2000, Gibson created one of the first adware
removal programs, OptOut.
Gibson's latest publicly released works are SecurAble, last updated January 14, 2007 and more recently, DNS Benchmark, released September 30, 2010. SecurAble is a program that will tell the user if their CPU supports 64-bit computing, DEP (Data Execution Prevention
) and hardware level virtualisation. DNS Benchmark is a utility used for obtaining DNS nameserver performance characterization, profiling and comparison.
Gibson is currently working on the DNS Nameserver Spoofability Test, an online utility used to test whether the systems configured nameservers are vulnerable to DNS spoofing
. Steve's future plans include work on his forthcoming VPN product CryptoLink.
, and publicly speculated both on a podcast called Security Now!
as well as on his web site that Microsoft may have intentionally included this vulnerability because of the use of an API called SetAbortProc which was originally intended as a mechanism for canceling print jobs, which in his view made no sense. When Slashdot, a technology news web site, picked up the assertion, an Internet rumor that Microsoft intentionally built a back-door to its operating systems was promulgated.
Gibson has been associated with a number of more minor controversies in the computer security field, including his prediction of the "XP Christmas of Death" in 2001 describing the outcomes of Microsoft's implementation of the SOCK RAW
protocol.
Gibson is also known for attempting to replicate functionality of a tool called SYNcookies written by Dan Bernstein and Eric Schenk rebranded by Gibson as GENESIS as a preventative mechanism for SYN-flood attacks.
firm founded in 1985 by Gibson. The company is registered in Laguna Hills, California
. GRC has created a number of niche utilities
over the years, the foremost of which is SpinRite
, a hard disk
scanning and data recovery
utility.
As of mid-2009 GRC has three employees; Steve Gibson, Greg (technical support) and Sue (bookkeeper). Gibson also founded Gibson Laboratories, Inc. in 1981, a predecessor to GRC.
with Leo Laporte
called Security Now!
. Gibson has appeared on Leo Laporte's technology podcast, This Week in Tech
. Gibson also used to occasionally appear on The Lab with Leo Laporte
on G4techTV Canada
.
Steve Gibson was a contributing editor to InfoWorld
magazine. He reported on the world of hackers and crackers
. He considers himself to be a hacker.
In April 2006, Gibson made an acting appearance alongside technology columnist John C. Dvorak
in the video podcast Up in Smoke.
Software engineer
A software engineer is an engineer who applies the principles of software engineering to the design, development, testing, and evaluation of the software and systems that make computers or anything containing software, such as computer chips, work.- Overview :...
and security researcher who studied Electrical Engineering and Computer Science at the University of California, Berkeley
University of California, Berkeley
The University of California, Berkeley , is a teaching and research university established in 1868 and located in Berkeley, California, USA...
. Gibson currently lives in Laguna Hills, California
Laguna Hills, California
Laguna Hills is a city located in southern Orange County, California, United States. Its name refers to its proximity to Laguna Canyon and the much older Laguna Beach. Other newer cities nearby—Laguna Niguel and Laguna Woods—are similarly named.-Geography:...
. In 1985, Gibson founded Gibson Research Corporation, which is best known for its SpinRite
SpinRite
SpinRite is a computer software program for scanning magnetic data storage devices such as hard disks, recovering data from them and refreshing their surfaces. It is proprietary and commercial software written by Steve Gibson of Gibson Research Corporation. The first version was released in 1988....
software.
Works
Gibson has had a very long career in the technology field; his resume lists jobs he had held back to the age of 13. He began in hardware projects but moved more toward software development in the 1980s. One of his early successes during this period was a light penLight pen
A light pen is a computer input device in the form of a light-sensitive wand used in conjunction with a computer's CRT TV set or monitor. It allows the user to point to displayed objects, or draw on the screen, in a similar way to a touch screen but with greater positional accuracy...
graphics system for the Apple II.
Gibson is an advocate of assembly language
Assembly language
An assembly language is a low-level programming language for computers, microprocessors, microcontrollers, and other programmable devices. It implements a symbolic representation of the machine codes and other constants needed to program a given CPU architecture...
programming, and prides himself on writing smaller applications mostly in Intel x86 assembly language, including much of the code of the SpinRite
SpinRite
SpinRite is a computer software program for scanning magnetic data storage devices such as hard disks, recovering data from them and refreshing their surfaces. It is proprietary and commercial software written by Steve Gibson of Gibson Research Corporation. The first version was released in 1988....
hard disk utility used from the beginning of the PC era. He is one of several advocates of optimizing computer programs and reducing the size of their executables.
In the 1990s, Gibson began to move into the computer security field, developing and distributing a number of free security tools, including the ShieldsUp! port-scanner, and the LeakTest firewall tester. In 2000, Gibson created one of the first adware
Adware
Adware, or advertising-supported software, is any software package which automatically plays, displays, or downloads advertisements to a computer. These advertisements can be in the form of a pop-up. They may also be in the user interface of the software or on a screen presented to the user during...
removal programs, OptOut.
Gibson's latest publicly released works are SecurAble, last updated January 14, 2007 and more recently, DNS Benchmark, released September 30, 2010. SecurAble is a program that will tell the user if their CPU supports 64-bit computing, DEP (Data Execution Prevention
Data Execution Prevention
Data Execution Prevention is a security feature included in modern operating systems.It is known to be available in Linux, Mac OS X, and Microsoft Windows operating systems and is intended to prevent an application or service from executing code from a non-executable memory region. This helps...
) and hardware level virtualisation. DNS Benchmark is a utility used for obtaining DNS nameserver performance characterization, profiling and comparison.
Gibson is currently working on the DNS Nameserver Spoofability Test, an online utility used to test whether the systems configured nameservers are vulnerable to DNS spoofing
DNS cache poisoning
DNS cache poisoning is a security or data integrity compromise in the Domain Name System . The compromise occurs when data is introduced into a DNS name server's cache database that did not originate from authoritative DNS sources. It may be a deliberate attempt of a maliciously crafted attack on a...
. Steve's future plans include work on his forthcoming VPN product CryptoLink.
Controversies
Steve Gibson was involved with a notable controversy over the Microsoft WMF vulnerability, an issue raised in 2006 where a Windows Metafile image could trigger execution of arbitrary code. Gibson analyzed an unofficial patch issued by Ilfak GuilfanovIlfak Guilfanov
Ilfak Guilfanov is a software developer, computer security researcher and blogger. He became well known when he issued a free hotfix for the Windows Metafile vulnerability on 31 December 2005. His unofficial patch was favorably reviewed and widely publicized because no official patch was...
, and publicly speculated both on a podcast called Security Now!
Security Now
Security Now! is a weekly podcast hosted by Leo Laporte and Steve Gibson. The first episode was released on 19 August 2005.Released each Thursday, Security Now! consists of a discussion between Gibson and Laporte of issues of computer security and, conversely, insecurity...
as well as on his web site that Microsoft may have intentionally included this vulnerability because of the use of an API called SetAbortProc which was originally intended as a mechanism for canceling print jobs, which in his view made no sense. When Slashdot, a technology news web site, picked up the assertion, an Internet rumor that Microsoft intentionally built a back-door to its operating systems was promulgated.
Gibson has been associated with a number of more minor controversies in the computer security field, including his prediction of the "XP Christmas of Death" in 2001 describing the outcomes of Microsoft's implementation of the SOCK RAW
Raw socket
In computer networking, a raw socket is a socket that allows direct sending and receiving of network packets by applications, bypassing all encapsulation in the networking software of the operating system. Most socket application programming interfaces , especially those based on Berkeley sockets,...
protocol.
Gibson is also known for attempting to replicate functionality of a tool called SYNcookies written by Dan Bernstein and Eric Schenk rebranded by Gibson as GENESIS as a preventative mechanism for SYN-flood attacks.
Gibson Research Corporation
Gibson Research Corporation or GRC is a computer software developmentSoftware development
Software development is the development of a software product...
firm founded in 1985 by Gibson. The company is registered in Laguna Hills, California
Laguna Hills, California
Laguna Hills is a city located in southern Orange County, California, United States. Its name refers to its proximity to Laguna Canyon and the much older Laguna Beach. Other newer cities nearby—Laguna Niguel and Laguna Woods—are similarly named.-Geography:...
. GRC has created a number of niche utilities
Utility software
Utility software is system software designed to help analyze, configure, optimize or maintain a computer. A single piece of utility software is usually called a utility or tool....
over the years, the foremost of which is SpinRite
SpinRite
SpinRite is a computer software program for scanning magnetic data storage devices such as hard disks, recovering data from them and refreshing their surfaces. It is proprietary and commercial software written by Steve Gibson of Gibson Research Corporation. The first version was released in 1988....
, a hard disk
Hard disk
A hard disk drive is a non-volatile, random access digital magnetic data storage device. It features rotating rigid platters on a motor-driven spindle within a protective enclosure. Data is magnetically read from and written to the platter by read/write heads that float on a film of air above the...
scanning and data recovery
Data recovery
Data recovery is the process of salvaging data from damaged, failed, corrupted, or inaccessible secondary storage media when it cannot be accessed normally. Often the data are being salvaged from storage media such as internal or external hard disk drives, solid-state drives , USB flash drive,...
utility.
As of mid-2009 GRC has three employees; Steve Gibson, Greg (technical support) and Sue (bookkeeper). Gibson also founded Gibson Laboratories, Inc. in 1981, a predecessor to GRC.
Media
Gibson co-hosts a weekly computer security-focused podcastPodcast
A podcast is a series of digital media files that are released episodically and often downloaded through web syndication...
with Leo Laporte
Leo Laporte
Léo Gordon Laporte is an Emmy Award winning, American technology broadcaster, author, and entrepreneur. A former resident of Providence, Rhode Island, he now lives in Petaluma, California with his wife Jennifer and two children, Abby and Henry....
called Security Now!
Security Now
Security Now! is a weekly podcast hosted by Leo Laporte and Steve Gibson. The first episode was released on 19 August 2005.Released each Thursday, Security Now! consists of a discussion between Gibson and Laporte of issues of computer security and, conversely, insecurity...
. Gibson has appeared on Leo Laporte's technology podcast, This Week in Tech
This Week in Tech
This Week in Tech–casually referred to as TWiT, and formerly known as Revenge of the Screen Savers–is the weekly flagship podcast of the TWiT.tv network...
. Gibson also used to occasionally appear on The Lab with Leo Laporte
The Lab with Leo Laporte
The Lab with Leo Laporte was a technology-based television program hosted by Leo Laporte. Episode #1 debuted on April 23, 2007 on G4techTV Canada and HOW TO Channel Australia. The program was produced by Greedy Productions in Vancouver, BC. Production was overseen by the show's producer, Matt...
on G4techTV Canada
G4techTV Canada
G4 Canada is a Canadian English language Category A specialty channel owned by Rogers Media. The name is licensed from NBCUniversal, who formerly owned a stake in the channel...
.
Steve Gibson was a contributing editor to InfoWorld
InfoWorld
InfoWorld is an information technology online media and events business operating under the umbrella of InfoWorld Media Group, a division of IDG...
magazine. He reported on the world of hackers and crackers
Hacker (computer security)
In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...
. He considers himself to be a hacker.
In April 2006, Gibson made an acting appearance alongside technology columnist John C. Dvorak
John C. Dvorak
John C. Dvorak is an American columnist and broadcaster in the areas of technology and computing. His writing extends back to the 1980s, when he was a mainstay of a variety of magazines. Dvorak is also the Vice-President of Mevio and well known for his work for Tech TV...
in the video podcast Up in Smoke.
External links
- GRC.com - main page
- Security Now! - Steve Gibson and Leo LaporteLeo LaporteLéo Gordon Laporte is an Emmy Award winning, American technology broadcaster, author, and entrepreneur. A former resident of Providence, Rhode Island, he now lives in Petaluma, California with his wife Jennifer and two children, Abby and Henry....
's podcast on computer security - Steve Gibson - Official TWiT wiki page