Steve Gibson (computer programmer)

Template:Short description Template:Other people Template:Lead too short Template:Use mdy dates Template:Infobox person

Steven<ref>Template:Cite web</ref> M.<ref>Template:Cite web</ref> Gibson (born March 26, 1955) is an American software engineer, security researcher, and IT security proponent. In the early 1980s, he worked on light pen technology for use with Apple and Atari systems, and in 1985, founded Gibson Research Corporation, best known for its SpinRite software. He is also known for his work on the Security Now podcast.<ref>Template:Cite web</ref>

Gibson started working on computers as a teenager, and got his first computing job with Stanford University's artificial intelligence lab when he was 15 years old.<ref name=MillarGuardian/> He then studied electrical engineering and computer science at the University of California, Berkeley.Template:Cn

Gibson was hired as a programmer for California Pacific Computer Company in 1980, where he worked on copy protection for the company's products.<ref>Template:Cite journal</ref> He then founded Gibson Laboratories in Laguna Hills, California, in 1981, which developed a light pen for the Apple II, Atari, and other platforms before going out of business in 1983.<ref name=GibsonResume>Template:Cite web</ref><ref>Template:Cite news</ref><ref>Template:Cite web</ref>

In 1985, Gibson founded Gibson Research Corporation (GRC), a computer software development firm,<ref name=GibsonResume/> and from 1986 to 1993, he wrote the "Tech Talk" column for InfoWorld magazine.<ref>Template:Cite news</ref>

In 1999, Gibson created one of the first adware removal programs, which he called OptOut.<ref>Template:Cite web</ref> In 2001, he predicted that Microsoft's implementation of the SOCK_RAW protocol in the initial release of Windows XP would lead to widespread chaos by making it easier for Windows XP users to create denial of service (DoS) attacks.<ref>Template:Cite news</ref><ref>Template:Cite AV media</ref><ref>Template:Cite news</ref> That year, his company's website was brought down by DoS attacks<ref name=MillarGuardian /> which continued for two weeks. Gibson blogged about the attacks and his (ultimately successful) efforts to track down the hacker.<ref name=MillarGuardian>Template:Cite news</ref> Three years after the Windows XP release, Microsoft limited raw socket support in Service Pack 2.<ref>Template:Cite news</ref>

In 2005, he launched a weekly podcast called Security Now with Leo Laporte on TWiT.tv, with its archives hosted on GRC's website.<ref>Template:Cite web</ref><ref>Template:Cite news</ref> In November 2024, the podcast hit 1,000 episodes, more than Gibson ever had intended.

In 2006, Gibson raised the possibility that the Windows Metafile vulnerability bug was actually a backdoor intentionally engineered into the system.<ref>Template:Cite web</ref> A response by Microsoft,<ref>Template:Cite news</ref> and by Mark Russinovich on Microsoft's Technet blog,<ref>Template:Cite news</ref> stated that the bug appeared to be coding error and that Gibson's reasoning was based upon Microsoft's abort procedure documentation being misleading.

In 2013, he proposed SQRL as a way to simplify the process of authentication without the risk of revelation of information about the transaction to a third party.<ref>Template:Cite web</ref>

GRC has created a number of utilities, most of which are freeware.<ref>Template:Cite news</ref><ref>Template:Cite news</ref>

• DNS Benchmark, freeware that lets users test the performance of the domain name servers used by their internet service providers.<ref>Template:Cite news</ref>
• Securable, freeware to test whether a pre-Windows 7 computer is 64-bit compatible. It also tells the user whether Data Execution Prevention is enabled.<ref>Template:Cite book</ref>
• ShieldsUP, a free browser-based firewall testing service; one of the oldest available<ref>Template:Cite web</ref><ref>Template:Cite book</ref>
• SpinRite, a hard disk scanning and data recovery utility first released in 1988.<ref name="pcmag1">Template:Cite news</ref> Template:As of the current version was 6.0,<ref name=SpinRite>Template:Cite web</ref> which was first released in 2004.<ref>Template:Cite news</ref> SpinRite is a commercial product, costing Template:US$ Template:As of.<ref name=SpinRite/> Gibson's work on SpinRite has led to him being considered an expert on hard drive failure.<ref>Template:Cite news</ref>
• Spoofarino, freeware released in 2006 and promised since the controversy over the launch of Windows XP in 2001, it enables users to test whether their internet service providers allow them to send forged or "spoofed" packets of data to Gibson's web site.<ref name=SpoofarinoLaunch>Template:Cite news</ref>
• Never10, standalone freeware program that toggles registry values in Windows 7, 8, and 8.1, which either disables or enables Microsoft's Get Windows 10 app and automatic OS upgrade. As of version 1.3, it also triggers the removal of any previously downloaded Windows 10 upgrade files as part of the disable function.<ref>Template:Cite news</ref><ref>Template:Cite news</ref>
• InControl, stops automatic upgrading of Windows 10 and 11.
• InSpectre, a utility that examines a computer's vulnerability to the Meltdown and Spectre attacks.<ref>Template:Cite web</ref>
• InitDisk, a tool that was developed for GRC's SpinRite (6.1), is a safe USB drive formatter that allows the user to reformat any USB device and make it bootable.<ref>Template:Cite web</ref>
• ReadSpeed, an accurate benchmark for PC mass storage. The tool measures stability and repeatability to a precision of more than 4 significant digits.<ref>Template:Cite web</ref>
• ValiDrive, a tool that validates whether or not USB flash drives or other Removable media are actually capable of storing the amount of data that they claim to. <ref>Template:Cite web</ref>
• Ultra-High Entropy PRNG (Pseudo-Random Number Generator) which are critical to any and all computerized operation.Template:Promotion-inline<ref>Template:Cite web</ref>
• SQRL Login Technology (Simple Quick Reliable Login, pronounced “squirrel”) is an open, free, intellectual property unencumbered, complete and practical system to cryptographically authenticate the identity of individuals across a network (..) it can replace all other systems while offering dramatic improvements in usability and security.Template:Promotion-inline<ref>Template:Cite web</ref>

Template:Refbegin

• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book

Template:Refend

Template:Reflist

• Template:Official website
• Template:Triangulation
• http://www.computerhistory.org/collections/catalog/102674112

Template:TWiT podcasts Template:Authority control