Steve Gibson (computer programmer): Difference between revisions

In 1999, Gibson created one of the first [[adware]] removal programs, which he called OptOut.<ref>{{cite web |author=Lavasoft |url=http://www.lavasoft.com/mylavasoft/securitycenter/articles/spyware-history |title=The History of Spyware |work=Lavasoft.com |access-date=February 8, 2015 |archive-date=May 8, 2017 |archive-url=https://web.archive.org/web/20170508021736/http://www.lavasoft.com/mylavasoft/securitycenter/articles/spyware-history |url-status=dead }}</ref> In 2001, he predicted that Microsoft's implementation of the [[raw socket|SOCK_RAW]] protocol in the initial release of [[Windows&nbsp;XP]] would lead to widespread chaos by making it easier for Windows&nbsp;XP users to create [[denial of service]] (DoS) attacks.<ref>{{cite news |first=Deborah |last=Radcliff |work=Computerworld |date=October 22, 2001 |url=http://www.computerworld.com/article/2585406/operating-systems/windows-xp--is-it-safe-.html |title=Windows XP: Is it safe?}}</ref><ref>{{cite AV media |type=video |url=http://www.vpwsys.net/download/grc_low.wma |title=Raw Sockets Debate: Steve Gibson with Tom C. Greene |year=2001 |work=Online Tonight with David Lawrence |archive-url=https://web.archive.org/web/20160304040855/http://www.vpwsys.net/download/grc_low.wma |archive-date=March 4, 2016 |url-status=bot: unknown |access-date=February 7, 2015 }}</ref><ref>{{cite news |first=Seth |last=Fogie |work=InformIT |date=June 21, 2002 |url=http://www.informit.com/articles/article.aspx?p=27289 |title=Raw Sockets Revisited: What Happened to the End of the Internet?}}</ref> That year, his company's website was brought down by DoS attacks<ref name=MillarGuardian /> which continued for two weeks. Gibson blogged about the attacks and his (ultimately successful) efforts to track down the hacker.<ref name=MillarGuardian>{{cite news |first=Stuart |last=Millar |work=The Guardian |date=June 5, 2001 |url=https://www.theguardian.com/technology/2001/jun/05/hacking.security |title=Teenage hackers}}</ref> Three years after the Windows&nbsp;XP release, Microsoft limited raw socket support in [[Windows XP#Service Pack 2|Service Pack&nbsp;2]].<ref>{{cite news |first=Ian |last=Griffiths |work=IanG on Tap |date=August 12, 2004 |url=http://www.interact-sw.co.uk/iangblog/2004/08/12/norawsockets |title=Raw Sockets Gone in XP SP2}}</ref>

 

 

In 2006, Gibson raised the possibility that the [[Windows Metafile vulnerability]] bug was actually a [[Backdoor (computing)|backdoor]] intentionally engineered into the system.<ref>{{cite web |url=https://www.grc.com/sn/sn-022.htm |title=Security Now! Episode Archive |work=GRC.com |publisher=Gibson Research Corporation |access-date=December 12, 2017}}</ref> A response by Microsoft,<ref>{{cite news|last=Toulouse|first=Stephen|date=January 13, 2006|title=Looking at the WMF issue, how did it get there?|work=Microsoft Security Response Center|url=http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx|url-status=dead|access-date=October 29, 2021|archive-url=https://web.archive.org/web/20060116042756/http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx|archive-date=January 16, 2006}}</ref> and by [[Mark Russinovich]] on Microsoft's ''Technet'' blog,<ref>{{cite news|last=Helweg|first=Otto|date=January 18, 2006|title=Inside the WMF Backdoor|work=Mark Russinovich's Blog|url=http://blogs.technet.com/markrussinovich/archive/2006/01/18/inside-the-wmf-backdoor.aspx|access-date=October 29, 2006|archive-url=https://web.archive.org/web/20061218003852/http://blogs.technet.com/markrussinovich/archive/2006/01/18/inside-the-wmf-backdoor.aspx|archive-date=December 18, 2006}}</ref> stated that the bug appeared to be coding error and that Gibson's reasoning was based upon Microsoft's abort procedure documentation being misleading.