Talk:Steve Gibson (computer programmer)

Complaints Against Steve Gibson
User: Could you better explain the nature of the complaints against Steve Gibson? It is important to address them specifically. --Alexwcovington 08:53, 2 Dec 2004 (UTC)

Credited with coining the term spyware by who? First time ive heard it.... The article is POV and needs to be rewritten - for a start some discussion of what Gibsons critics (virtually the entire security industry) have said or the whole syn cookies debacle might help balance it a bit. Gibson is wonderfull at public relations but Id like to see any article that was a bit more honest than this fawning statement....

The GPA is more proof of this being written by a GRC acolyte - and gibsons written exactly one software program - Spinrite - and thats it - so i also question his credentials as a software engineer.

POV and boldly so —Preceding unsigned comment added by 220.237.206.85 (talk) 08:21, 8 January 2006 (UTC)
 * I agree with Alexwcovington, the section on critism needs sourcing. In the links are two pages, but they don't really seem like great sources. "Secruity Experts" are mentioned over and over, but not who they may be. To quote WP:NPOV, If a viewpoint is held by a significant minority, then it should be easy to name prominent adherents;. This needs to be done. --Falcorian | Talk 05:22, 15 January 2006 (UTC)
 * In my experience, the majority of security professionals take the view that Steve Gibson is a media darling rather than a security expert. The relevant section of WP:NPOV is "If a viewpoint is in the majority, then it should be easy to substantiate it with reference to commonly accepted reference texts;". Unfortunately this is not the case as expertise in computer security is invariably gathered through experience rather than reference texts (That's to say that there is no single text which can be referred to; one requires an appreciation of the entire field). Additionally most but not all controversies surrounding this man stem from failure to communicate vital nuances or from massively overplaying the importance of insignificant aspects rather than outright misinformation. --DanPope 23:05, 24 January 2006 UTC

Regarding the bullet under the Criticism section that discusses his Windows Metafile vulnerability conclusions from episode 22 of Security Now: in the next episode of the same podcast, he retracts many of his allegations against Microsoft and takes a much more conciliatory tone about the whole issue. His comments on episode 22 are certainly an example of him irresponsibly jumping to a conclusion without having done sufficient research, but it seems unfair to mention that episode without also mentioning the other. --Silpertan 02:55, 11 August 2006 (UTC)
 * Where is the issue with the windows metafile exploit explanation by Steve Gibson? Of course it was intentionally put in Windows in a time when nobody thought about people surfing the net with Windows (back then Windows 3.x). Windows in the early days just wasn't an operating system with multiples users and thus security in mind. I think steve gibson excellently explained that in security now. That is why I slightly changed the first sentence of that section. --Julian Bartholomeyczik —Preceding unsigned comment added by 193.101.168.110 (talk) 06:42, 1 September 2006 (UTC)

Please do not remove the part about excessive plugging of SpinRite in Podcasts. The new issue of Security Now has just been released and the plugging has already started to get complaints so is valid in the Criticism section. BackStagePass 09:52, 9 March 2007 (UTC)
 * I didn't remove the section that you re-added because it was criticism, instead I removed it because it cites a user that makes a post to a public forum. This really does not fall within the guidelines of what is considered to be a relaible source, which is required in order to verify such claims per Attribution.  However, if a journalist wrote an article, or some review which could be cited then this criticism gains some verifable status, rather than being from just some guy.  --  malo (tlk) (cntrbtns) 15:41, 9 March 2007 (UTC)

Have looked again at complaints made by Security Now listeners and along with edits by 'Zarek' I think we have covered the use of SpinRite mentioning in podcasts. BackStagePass 02:47, 10 March 2007 (UTC)
 * I still question how one or two users who complain on a web forum are considered to be noteworthy criticism. -- malo (tlk) (cntrbtns) 16:54, 10 March 2007 (UTC)
 * Is the source supposed to be the posts made in the comment section? If so, I'm certain those don't pass WP:RS. If Leo mentioned in the show however, that he got complaints, then that might be enough. --Falcorian (talk) 16:59, 10 March 2007 (UTC)
 * To the best of my knowledge Leo never acknowledged any complaints of that sort. I still believe that this should be removed from the criticism section on the basis of unreliable sources.  -- malo (tlk) (cntrbtns) 23:39, 15 March 2007 (UTC)
 * I'm going to remove it, the sources provided aren't clear as to what it's referencing, and if it's simply referencing the comments, it doesn't pass WP:RS. --Falcorian (talk) 03:13, 16 March 2007 (UTC)

Just went to transcript of show 83 and Spinrite was only said twice so looks like comments were taken on board. Looking back on this. In SN80 Leo said he did not want SN81 to be one big advert for Spinrite. When it came out 'Spinrite' got mentioned 29 times so probably what got some peoples backs up. BackStagePass 11:13, 16 March 2007 (UTC)

POV Dispute
This article needs ALOT of work. It reads like a back and forth argument right now. --Falcorian | Talk 05:07, 15 January 2006 (UTC)
 * I think the article has come a long way in a short time. I think Copysan put in a particularly good edit.  I'm a little concerned of the direction Kupci is moving the article... Equating this article to the Seigenthaler debacle, especially after the recent improvements is a step backward, and I do believe that Gibson's critics have bases for their accusations and deserve a measure of consideration in this article.  -- A l e x W C o v i n g t o n  (talk) 18:37, 18 January 2006 (UTC)
 * I agree the article has come along way. I do agree with Kupci's removal of GRCSucks.com, because regardless of the merit of the claims against Gibson on it, it does have a title that doesn't seem appropriate. However, his edits seem to be pushing the article a little into the NPOV zone.Oh yes, his comparing this to Seigenthaler seems way off base as well. --Falcorian | Talk 23:41, 18 January 2006 (UTC)
 * GRCSucks.com should not be removed. 'A title that doesn't seem appropriate'? Oh get a life. GRCSucks has more and more benevolent factual information on the charlatan than anyone. Anyone duped to think otherwise is a - dupe. talk —Preceding unsigned comment added by 213.170.201.79 (talk) 17:28, 28 January 2006 (UTC)
 * Immaturity doesn't strengthen your case. --Falcorian(talk) 17:40, 28 January 2006 (UTC)
 * As a practitioner, and a reasonably well-known one, I'm going to assert that GRCSUCKS.COM has as much *or more* notability in the security industry as GRC Research does. I added it back; the whole point of having that page is to centralize criticism of GRC, which means most of the good-faith criticism of GRC revolves around it. You can't lose a vital source because the word "sucks" appears in it. Tqbf —Preceding undated comment added at 00:23, 17 March 2007 (UTC)

I'm wondering what purpose the Radsoft links serve. Both are either POV and/or out of date. If the content there is verifiable, wouldn't it be better to place the links in context as a part of the article?Sschinke 02:21, 2 February 2006 (UTC)
 * They serve the purpose of... Well... Nothing really. Frankly though, I was too lazy to read through them and decided to let someone else make the call as I didn't want to be seen as monopolizing the links section. ;) --Falcorian (talk) 04:29, 2 February 2006 (UTC)

I agree - article is rather weighted against Steve. I'm adding POV tags. -- XPMaster 00:30, 31 October 2007 (UTC)
 * Can you take a second and document your current POV issues with this article, so we know why the tag belongs there? --- tqbf 03:39, 31 October 2007 (UTC)

Links Removed
I have removed three links, they are as follows: --Falcorian(talk) 18:21, 28 January 2006 (UTC)
 * Why Assembly Language Is BAAAD - This article has nothing to do with Gibson. Yes, he codes in Assembly but that's the only real link. I'd suggest Assembly language if you want to include information from the article. Frankly, this link is like putting a "Ford is BAD!" link at the bottom of random articles of people who drive Fords.
 * Web-myth debunker's life threatened by Steve Gibson Groupie - I skimmed this article, and it seems to be about a random fan, not Gibson. I may have missed the line where it says "It turns out it was Gibson that sent the death threat", but I don't think I did.
 * Steve Gibson Criticism - Removed for the above reason. I also don't believe that sites that at least try to pass themselves off as smear sites help Wikipedia's credibility, and further I think criticism of Gibson has been thoroughly covered by the previous links.
 * I think GRCsucks.com may deserve a link in the criticism section, but I agree the other links are unnecessary. -- A l e x W C o v i n g t o n  (talk) 21:58, 2 February 2006 (UTC)
 * I seem to be in the minority on removing it, so by all means throw it back up. --Falcorian (talk) 00:17, 3 February 2006 (UTC)
 * Agreeing with Alexwcovington here. GRCSucks.com, while having an unfortunate name, does have some excellent and well thought out analysis of Gibson's claims and assertions. Copysan 21:14, 3 February 2006 (UTC)
 * So, if there are no objections, can we put the "Steve Gibson Criticism" link back up? --68.230.70.235 23:37, 23 August 2006 (UTC)
 * It's late and I can't re-read the site tonight, but I will tomorrow. Until I do, I still object. --Falcorian (talk) 05:27, 24 August 2006 (UTC)
 * Have you read the site yet? If so, do you still object?--68.230.70.235 02:46, 6 September 2006 (UTC)

I should point out that GRCSucks.com is already linked to in the Criticism section. Adding another link at the end of the page would be treating it more like a neutral source. --AlexWCovington  (talk) 03:57, 6 September 2006 (UTC)

Something I completely missed... Thank you for pointing it out. --Falcorian (talk) 03:44, 7 September 2006 (UTC)

Still POV?
Falcorian, do you feel the article has improved sufficiently to remove the NPOV tag? If not, What still needs to be done? -- A l e x W C o v i n g t o n  (talk) 21:58, 2 February 2006 (UTC)
 * Looks better now. The only real thing I can think of left is those two radsoft articles, which I don't really feel like reading through, but which on the surface seem rather POV as pointed out above. I think the tag can safely come off. --Falcorian (talk) 00:16, 3 February 2006 (UTC)

I disagree, I think it is still POV... the reference links at the bottom smack of bias, linking to sites critical of Gibson. I still dispute this article's neutrality. Deltwalrus 13:21, 31 January 2007 (UTC)

NPOV and 62.103.255.73's Edits
62.103.255.73, please provide sourcing for your edits. The only sources I could find for some was radsoft.com, and even then it was wild speculation on the writers part. --Falcorian (talk) 16:33, 3 February 2006 (UTC)
 * What radsoft edits are you referring to? Are you talking about the ZoneAlarm promotion thing? Copysan 21:17, 3 February 2006 (UTC)
 * Yes. The Zonealarm thing, so far as I could tell with a quick google search, is based on a radsoft article, which, if my brief read of it is correct, basicly says "This seems likely so it is!". But also in reguards to the number of people working there, and a few other changes.--Falcorian (talk) 21:54, 3 February 2006 (UTC)
 * Agree. I read the radsoft articles, and I could not find any objective evidence. The radsoft articles compare Gibson to Hitler. While I'm not a member of Gibson's Gestapo, I can see that the radsoft article should not be used as a source. From this evidence and Falcorian's search, I think that any unsourced further mention about ZoneAlarm and Gibson should be regarded as vandalism. Copysan 23:32, 3 February 2006 (UTC)

Does Gibson hold an Engineer's degree ?
I would like to add this information into the introduction, similar to the one on the Leo Laporte page, to clarify the use of the word engineer in this article:

Gibson studied EECS at UC Berkeley, but did not earn a degree.

I couldn't find any evidence that Gibson holds an Engineer%27s degree, List of University of California, Berkeley alumni says "attended", but does not mention any academic degree. Please comment. --Ministry of Truth 06:09, 14 June 2006 (UTC)
 * I'm not seeing any such claims in the article at present -- it seems that Gibson dropped out to pursue his career. Besides, in the United States most schools have B.S., M.S., and Ph.D or D.Eng programs rather than engineering degrees in the sense described in the article.  --AlexWCovington  (talk) 15:56, 14 June 2006 (UTC)
 * Given the use of Engineer, whether he obtained an academic title is relevant information and the same information about Leo Laporte is therefore included on his page. As you think he dropped out too, I'll add this information unless proof of any academic titles earned is provided here over the next couple of days. --Ministry of Truth 17:33, 14 June 2006 (UTC)
 * I believe you may be suffering from a bit of culture shock here; in the United States the term "Engineer" is used a bit more loosely than in other countries; perhaps this is unfortunate but we can't redact Wikipedia to reflect what we think the world should be; Gibson could be described as an engineer, at least by US standards, by his body of work. --AlexWCovington  (talk) 18:43, 14 June 2006 (UTC)
 * I agree with you that WP should take its worldwide audience into account and as neither the factual truth nor the added value of such a mention have been disputed so far, I contemplate to make the edit as worded above soon. --Ministry of Truth 12:05, 15 June 2006 (UTC)

If I may throw in my two cents before running off for two weeks: I'd have to see the evidence that he did not graduate, as the only bit that has been brought up so far is a site that is not all inclusive. Since there has been no good evidence either way, I think the current "Attended" works perfectly. --Falcorian (talk) 20:35, 15 June 2006 (UTC)
 * Fair point. I see you're an assistant at the University of California, Berkeley, would you kindly share your inside knowledge how to verify this fact one way or the other without actually going there as I don't live nearby ? That might also give us the opportunity to put "attended" back into the list where you removed it, which tends to contradict the above "works perfectly" a bit:http://en.wikipedia.org/w/index.php?title=List_of_University_of_California%2C_Berkeley_alumni&diff=prev&oldid=58823514 --Ministry of Truth 21:51, 15 June 2006 (UTC)
 * I'm not even sure how one would check it at Berkeley, it seems like that kind of info would require a reason to access, but I can look into when I get back, no promises though. ;) As for attended on the list of alumni, I would consider that a different case from here. On the list graduation years are given, so saying "attended" seemed to lean more towards the not graduating point of view, while nothing seemed more neutral (case in point, the other 'attended's on the list that I can see are all from non-graduates while there are a few blank entries for unsure cases already). Here though there is no president set by other entries in a list, and so it sounds perfectly neutral. --Falcorian (talk) 22:57, 15 June 2006 (UTC)
 * Thank you for your eagerness to help and unprompted reversal of your edit to the alumni list. --Ministry of Truth 00:19, 16 June 2006 (UTC)

It does not matter if an engineering degree is held or not. Self taught people are almost always the foremost in their field, only idiots need spoon feeding by professors at a university, who largely themselves are failures in their field and can only find employment "teaching". It is quite clear that Gibson is widely envied amongst the security industry due to his genius, and te fact that he has been proven correct in almost every situation. - John Farr —Preceding unsigned comment added by 82.6.30.112 (talk) 23:47, 28 December 2006 (UTC)

SYN Cookies
Minitruth, could you please add how it is inferrior or source? Simply putting "It is inferrior" is rather POV and unverified. Thanks. --Falcorian (talk) 20:38, 15 June 2006 (UTC)
 * Falco, no sweat, would word from The Man Himself do:
 * "SYN Cookies had some useful features I hadn't considered
 * My own invention (as described on the following pages) was less than a day old and, of course, had never been implemented. By comparison, the details of SYN Cookies were years old and had the benefit of extensive open-source community experimentation and tweaking. So SYN Cookies had evolved some useful improvements that I had never considered, as well as some unnecessary (TCP Option) complications that were not required by my security scanning NanoProbe / RSVP application." http://www.grc.com/r&d/nomoredos.htm ?
 * --Ministry of Truth 21:58, 15 June 2006 (UTC)
 * Perfect! --Falcorian (talk) 22:44, 15 June 2006 (UTC)

You're welcome, Falcorian, always glad to oblige ;-) . While we're at it, would you help me find appropriate language to include the following facts into the syncookie story:
 * djb, modest as usual, crossposted his idea to no less than five newsgroups in 1996 (alt.security,comp.security.unix,comp.security.misc,comp.security,comp.protocols.tcp-ip) http://cr.yp.to/syncookies/idea, started a mailinglist dedicated to the subject the same month: http://cr.yp.to/syncookies/archive and posted to the linux netdev mailing list.
 * Linux had syncookie support from 1997 on: Eric Schenk himself did a reference implementation in February 1997 http://www.uwsg.iu.edu/hypermail/linux/net/9702.3/0070.html

With this amount of exposure freely available to anybody interested in the field, Gibsons claim to have independantly re-invented the wheel is, to put it mildly, surprising. How could a NPOV version of this possibly look like ? --Ministry of Truth 00:00, 16 June 2006 (UTC)

Steve Gibson does NOT claim to have invented SYN Cookies. Also, Steve DID talk to Dan Bernstein (from the same source) "I exchanged some eMail with Dan to discuss his implementation...". This whole section should just be removed. —Preceding unsigned comment added by 70.249.222.63 (talk) 19:37, 26 September 2009 (UTC)

Computer Engineer
I've discussed this briefly in Leo Laporte as a side issue and it prompted me to check here, is there any support (or sensible opposition) to stating Steve as a Journalist and dropping the computer engineer description? I'd even favour a Computer Engineering Journalist description. Steve is widely criticised for any of his products or services in computer engineering having been written by ghost writers and has no formal qualifications or notable experience in IT as and of itself. A journalist he may be, a DJ, a internet personality even, but he is not a computer engineer without verifiable education, experience, resultant products or services or something else that points to achievements of any note in the field. Elomis 05:24, 5 September 2006 (UTC)
 * Well, if you believe Gibson's resumé, he has worked on many projects throughout his career that constitute electrical, computer, and software engineering. We can accuse the guy of padding, but unless there's proof otherwise, there's no reason to call him a charlatan in the article -- he claims to be a computer engineer, and the burden of proof is on us to show that he is not. --AlexWCovington  (talk) 06:13, 5 September 2006 (UTC)

Ok. I guess the only way to settle this is to define what the minimum allowable threshold is to declare someone to be anything professionally. I would imagine that having done a year of law school years ago before I dropped out I would be publicly flogged for declaring myself an attorney. That's an example of an industry that has clear guidelines and IT perhaps due to it's infancy has much more lax considerations. I would personally consider Steve Gibson to be an computer engineer under the conditions that he either holds (perferably) or has held, an employment contract stating his title or function as such, held a diploma or higher in a computer engineering related discipline or industry certifications granted by information technology companies in line with their associated educational programs. It is widely accepted that Gibson studied computer engineering, like I studied law and with much the same result (no degree awarded). Gibson's resume available on his website shows no position in his employment history where he was a computer engineer, he was a Director of Engineering at one point, VP of Development at another and beyond that he has held consultative roles. He has in fact held no computer engineering position of a company he did not found personally, and therefore his employment as a computer engineer cannot in my opinion be validated. I have no intention of outting the guy as a charlatan, I just don't think that particular wording of the article is accurate. Elomis 06:57, 5 September 2006 (UTC)
 * This has been a very contentious point. It was a contentious point when the article called him a "computer expert" rather than a "computer engineer."  It will probably still be contentious if it describes him as any number of titles -- Gibson is not universally well-liked in any particular capacity.  Feel free to change it if you feel a particular description will play better; I'm not going to be a voice holding back the article. --AlexWCovington  (talk) 14:15, 5 September 2006 (UTC)

Ok I don't particularly like him but it's best settled with neutrality, not editing the page into a hate page which is why I checked first. It's been changed to enthusiast which is much easier to verify. Funny thing is I think expert is actually even better than engineer, an engineer is a very specific thing whereas expert probably has a lower burden of proof and can be more subjective (I consider my wife an expert cook, but not a Chef). I think enthusiast describes Steve most accurately. Elomis 20:41, 5 September 2006 (UTC)
 * Ah! That's something I didn't think of.  I was focused on a job description-- I never thought of hobby terms like enthusiast.  It works well! --AlexWCovington  (talk) 04:02, 6 September 2006 (UTC)

Well, I hate to stir the pot again, but may I suggest that "enthusiast" may not be the best term either? It's very broad and generic, for one thing. (In fact, one could easily argue that Leo, Steve, and the entire audience of the "Security Now!" podcast are "computer enthusiasts." What's needed is some adjective that describes why Steve is hosting the show and not any other random guy (like me) who also calls himself an "enthusiast".)  I'd really rather go back to the "engineer" (or "software engineer") description. "Security expert" is probably too contentious to use, which is perhaps understandable since the term conveys a high level of qualification that not everyone wants to concede to Steve. But "software engineer" seems to be a much lower bar to reach. I think it's a fair term to use, especially given that 1) Steve has obviously written a lot of software and 2) gets a significant portion of income from his commercial product "Spinrite". The term "lawyer" (to address an earlier discussion) denotes what a person IS (as certified by a law school), but "software engineer" is more of a description of what one actually DOES. Based on that, I think it's fair for Steve to be described as an "engineer", and not simply an "enthusiast". Motley Fool 17:19, 7 September 2006 (UTC)
 * I selected it for broadness and for being generic. I honestly (and I think, fairly) assert that the reason Steve Gibson is hosting the technology podcast is not because he is a computer engineer, or enthusiast even, but because he is in some opinions rather good at hosting a technology podcast.  He is a technology podcaster, it's what he does and arguably who he is.  Security Expert is entirely inappropraite, it is something that is very easily defined and verifiable as someone who is an ISC2 CISSP, someone who has worked for a considerable period of time in the technology security industry as a security expert (and not say, VP of Security Operations), someone who has been awarded Security+ certification by the Computing Technology Industry Association (CompTIA), has made significant public contributions to security industry bodies (Bugtraq, SecurityFocus...) that were widely accepted by those communities as valid and accurate or a combination of any or all of those things.  I don't think anyone could objectively and fairly concede any of those to Steve Gibson.  Steve hasn't written a lot of software, he contends that he has written a handful (and with opinions that he employed ghostwriters only marginally substantiated) and has not produced anything for some years. SpinRite which is hotly contended as Nadaware (software which doesn't do anything or anything useful) (a program which repairs physical damage to disks?).  Even if all of that is misinformation or some sort of vendetta against Gibson, I used to be a 5th grader years ago, I haven't done much 5th grade stuff since so it's inaccurate to call me a 5th grader at this point even if I issue a podcast called "5th Grade Now!".  I understand the contention that computer engineer isn't what someone is but is something someone does, Steve Gibson doesn't do it.

Elomis 00:07, 8 September 2006 (UTC)
 * Yes, Spinrite does repair and revive defective disks. I've used it in 1990 and successfuly optimized the interleave of an MFM hard disk (newer versions don't do that because there aren't MFM hard disks anymore) to make it faster. I also used it in 2000 to repair a hard disk. Finally in 2005 to revive a hard disk which lived another year. Google "spinrite success stories". Steve Gibson did it. Vyx (talk) —Preceding undated comment added 16:49, 13 July 2009 (UTC).

How about the term "pundit", as in a source of vocal opinion on a subject matter. -- Tomlouie | talk 03:14, 8 September 2006 (UTC)
 * Works for me after reviewing the definition, doesn't upset fans by inferring that he is not qualified or skilled and doesn't upset me by inferring that any qualification or skill he has is anything but the result of generalised involvement in journalism.

Elomis 07:42, 8 September 2006 (UTC)

I guess what I'm trying to feel around for here is some word that indicates Steve Gibson is more than just a talking head or a random guy who likes to play with computers. Let's think about it in this way - ask yourself "Why do people go to grc.com? What do people want from Steve Gibson?" The answer is "software" (Shields Up, Spinrite, Unplug 'n' Pray, etc.) It's not "technology opinions" or "journalism". I think of John C. Dvorak as a "pundit" - not in a derogatory way, but simply as an acknowledgement that his specialty is opinion technology journalism, not necessarily in diving deep into code, operating systems, etc. Steve certainly has his opinions (e.g. the debate over raw sockets, the origin of the WMF vulnerability, etc.) but his main "gig" is his software. I'm aware of the old feud with John Navas, but I don't think that disqualifies him as being described as a "software engineer". And unless someone can demonstrate that the software on his activity page is fraudulant, I think we have to take him at his word that he actually wrote (and still maintains) that stuff. Finally, I think it's reasonable to ask "What is Steve Gibson's day job?" I don't think he's making any money off his Security Now podcast, so it's probably fair to say that the Steve Gibson Corporation (and related software and/or consulting activites) IS his job. That's far more than "pundit" or "enthusiast", IMHO. -- Motley Fool 16:31, 8 September 2006 (UTC)
 * Replying to myself, how about "software developer"? Since GRC is a software development firm, and it's safe to say that Steve has a large part in writing that software, would this not be a fair description of him, while avoiding any more grandiose titles that seem to raise controversy?  -- Motley Fool 16:52, 8 September 2006 (UTC)
 * I don't think I could disagree with you more, and for all the reasons you have stated. I've deliberatley avoided citing John Navas because counter-trolling is trolling but in answer to your statements; I think Steve Gibson is a random guy who likes to play with computers, I think he is a talking head.  He's certainly notable enough to have a page on Wikipedia, he's certainly notable enough to have the Securirty Now! podcast but I'd contest that GRC is solely a software product marketing firm and verges on being Steve Gibsons personal homepage.

I'll take software developer as being accurate from an encyclopedic perspective, I honestly believe (along with a wide community) that Gibson has probably not written more than 20 lines of code in his life but anybody with a clue will concede that developing software is not neccessarily writing code. If you agree with me and mine that he didn't write the software, or you agree with others who insist he did, he certainly markets, supports, commentates, manages and version controls the software and according to any sensbile definition that is development of software. I've added it, rather than replaced enthusiast, to the article. I imagine in adding descriptions of him we will wind up with an average that is accurate :-) Elomis 23:06, 10 September 2006 (UTC)
 * Elomis - On what fact do you base your wild and inaccurate assertions regarding Gibson's abilities. I personally believe you are not qualified to speak on this subject or to judge Gibson in any way. Please cite this "wider community" that along with you believe Gibson "has not written more than 20 lines of code in hs life" as this can easily be disproved by visiting news.grc.com where Gibson clearly is shown in his efforts of coding software from the ground up. —Preceding unsigned comment added by 82.6.30.112 (talk) 13:19, 14 January 2007 (UTC)
 * Works for me. -- Motley Fool 17:36, 11 September 2006 (UTC)
 * While I agree that there does seem to be a lot of unexplainable enmity for Gibson, I don't think insulting other contributors is the best way to address it. In fact, I think it makes the position look weaker. --Falcorian (talk) 08:22, 14 January 2007 (UTC)

Falcorian – Point taken, perhaps too much of an ill conceived rant on my part, I have removed it. I fail to see why there is such speculation regarding Gibson’s credentials when anyone familiar with his work should know that he clearly knows his onions. This discussion page reads like a page from grcsucks.com, which, after all of Gibson’s “controversial claims” were proven to be correct suddenly stopped being updated. Perhaps the author of the site had a little too much egg on his face. I challenge anyone here to offer cold hard proof that Gibson is not all what he claims. He does not have to provide proof of an Engineering degree to be called an engineer here. In fact, one does not need an engineering degree to call themselves an engineer at all. —Preceding unsigned comment added by 82.6.30.112 (talk) 13:07, 14 January 2007 (UTC)

Regarding : "He does not have to provide proof of an Engineering degree to be called an engineer here. In fact, one does not need an engineering degree to call themselves an engineer at all." AND

This issue was discussed on the live recording of SG's show/pre show "Security Now E225: Same Origin Troubles" at 19:39, 2 December 2009 (UTC) between Leo Laporte and Steve Gibson. They essentially contend that by virtue of SG having used engineering techniques to develop product(s), and receiving kudos from Steve Wozniak of Apple SG is an engineer.

It is the case in most of the world that the title of engineer is reserved for persons with appropriate formal education and license. The United States is no exception as per []; though in the US it make not be illegal to use the title without qualification as in other locales. Based on the fact that Steve Gibson is not licensed, and is not an engineering graduate he should not use the title engineer or any derivatives. Instead the term "Technologist" should be used. --67.230.128.133 (talk) 19:45, 2 December 2009 (UTC)

Merge from Gibson Research Corporation
For the discussion see Talk:Gibson Research Corporation. Greenshed 22:10, 13 September 2006 (UTC)

OT: I met him...
... at Call for Help, during the taping of episode 282. He talked with me, I didn't have a clue in the world who he was, let alone he coined the term spyware. Geez, so weird. That, and I had now clue in the world who Amber MacArthur and Leo Laporte were. Oh, blissful ignorance. -- Zanimum 15:33, 8 January 2007 (UTC)

Coined the term 'spyware'
I think he did claim this in a recent episode of Security Now... but I can't remember which one. I'll try and look it out. MartinBrook t'' 10:49, 26 February 2007 (UTC)

Yup, here it is (Security now episode 44 (transcript): "'it was during beta testing of the very first version of ZoneAlarm which offered outbound port blocking, which is to say application-level port blocking, that I discovered the very first piece of spyware on my machine and coined the term 'spyware." MartinBrook t 11:03, 26 February 2007 (UTC)

Except that he has no proof of this, and Zone Lab's press release beats him to any of his claims. He can't retroactively claim credit. —The preceding unsigned comment was added by 74.194.140.83 (talk) 15:56, 26 February 2007 (UTC)

I know - I was just making the point in response to Malo's recent edit, "rv to previous, gibson doesn't claim it, the register simply reported it" - the point being that Gibson does claim it. Not sure if this point should be in the article though. MartinBrook t'' 18:06, 27 February 2007 (UTC)

User:myststixI just edited the spyware page, removing the reference to Gibson 's claim that he coined the term. If it can't be proven beyond a reasonable doubt, it should not be presented as fact. In fact, I find that most likely his mention was inserted so that he would get some traffic to his website, as the page reads just fine after removing his mention. Also, the Wiki page on SpinRite is full of the same technobabble as on Gibson's commercial site, leading me to believe it was planted on Wiki by him or cronies. Again, I would question the validity of having a SpinRite page at all. —Preceding unsigned comment added by Myststix (talk • contribs) 22:49, 14 June 2007 (UTC)

Criticism section
The article section list Gibson's request that listener's vote for his Security Now podcast and his review of the Kindle as criticisms but provides not source as to what notable person(s) criticized him for these actions. Since I don't believe everyone would agree those actions are wrong then I think to be NPOV, a notable source making such criticisms should be added. The current sources only verify that he did make these requests but not that he was criticized for it. --Cab88 (talk) 00:39, 2 January 2008 (UTC)

To be fair on the unregistered Wikipedia users the other three criticisms are not sourced either, what makes them any more valid? --BackStagePass (talk) 21:23, 3 January 2008 (UTC)

Have re-added it as the other three criticisms do not source the criticism so vote rigging on Security Now is perfectly valid. --BackStagePass (talk) 22:08, 3 January 2008 (UTC)
 * You're right. If you can't source criticisms, they don't belong on the page. Please don't make me revert criticisms out of the Steve Gibson article; I'm as critical of him personally as anyone else. --- tqbf 22:10, 3 January 2008 (UTC)
 * Oh, the relevant policies you're looking for are WP:V and WP:BLP. Note that BLP articles are held to a higher standard than other articles. --- tqbf 22:11, 3 January 2008 (UTC)

I've renamed this section "controversy". There is a slightly lower bar for citing controversies than criticisms: you still need to provide verifiable sources to establish that the statement is controversial --- and, especially, that some reliable source has noted the controversy --- but you don't need to establish that someone was criticizing Gibson for it. This still doesn't allow the "vote rigging scandal"; Intgr and Cab88 are right: nobody has verified that this is at all unusual or untoward. --- tqbf 22:16, 3 January 2008 (UTC)
 * Note that to show something is controversial, you need to actually show some controversy. Someone lying or saying something wrong is not itself controversy unless other people have specifically noted the person was lying or was wrong. Similarly, making a statement unsupported by others is not in itself controversial without evidence that there is a controversy there (for example, if a source has specifically noted that the statement is unsupported by any evidence). It is OR and a violation of BLP to to include a statement and then say there is controversy there because he was wrong or there is no evidence to support the claim. To put it a different way, a controversy only exists when other sources say there is a controversy, not because wikipedians find something controversial. I know for some people, this may seem strange, but even if someone were to say, for example, all people of X race should be exterminated, there is still no controversial unless sources say there is a contrversy. Nil Einne (talk) 21:10, 17 April 2008 (UTC)
 * In particular, editors should take a look at this version . While the 2nd controversy seems fine, the first and third are not. While it may be true SG's statement about SYNcookies was wrong, there is no evidence for a controversy there. Similarly while there is no evidence to support the claim the WMF backdoor was included on purpose, there is also no evidence that there is a controversy there. I've added sources from the external links section which establishes some degree of controversy. Nil Einne (talk) 21:10, 17 April 2008 (UTC)

I don't think The Register constitutes a reliable source for this article. The guidelines restrict news sources in biographical articles on living persons to "high-quality news organizations," but The Register often publishes satire. The cited articles are opinion pieces and not at all professional journalism. Mdavidn (talk) 00:59, 19 April 2008 (UTC)

The Register is sort of the National Enquirer of the tech world. Their stories are often based on rumors and leaks, they cannot be considered 100% accurate or unbiased. All of the Register stories were written by the same person - Thomas C Greene. See link here: http://www.theregister.co.uk/2006/01/24/letters/ The author of http://radsoft.net/news/roundups/grc/ seems to have a personal grudge against Steve Gibson. Why does he have a page just filled with anti-Gibson stories? It seems to me that this is a clear BLP violation — Preceding unsigned comment added by 72.196.199.168 (talk) 04:27, 2 March 2012 (UTC)

I did a little editing of the page, and I know it needs verification. I have been conversing with Steve via e-Mail and this is the gist of what the "InfoWorld" section came from:

Hi James,

> I do understand, I was even considering not asking for that very reason.

I'm glad, thanks.

> If you've got anything else to add to it, feel free to do so. I think it's okay so far, I didn't write most of the article, although I am cleaning it up.

One thing I noted is that for eight years (1986-1995) I *was* a contributing editor and columnist for InfoWorld magazine, but I am no longer.

> Thanks for the support of Wikipedia...

Of course! Wikipedia has become a phenomenal resource on the web. I'm glad to see it so highly ranked by Google. I use and depend upon it a lot.

> ...as well as a very decent photograph. Might I ask what that photo's circumstances are for the caption?

I was in Toronto in April of '07 appearing on and taping four episodes of Leo Laporte's "Call for Help" television program on TechTV for Rogers Cable. I went up to Toronto every few months to appear as a guest on Leo's show to talk about technology, security, privacy, and such.

Love, Wikijimmy (talk) 04:48, 12 June 2008 (UTC)

Merge from Security Now!
In a recent deletion discussion it was suggested the Security Now! may be merged with this article. Please read that AfD discussion and carry on here - Nabla (talk) 19:45, 4 August 2008 (UTC)
 * So, I think the article should remain as is. It has 100,000 listeners a week, won the 2008 PodcastAward, and it was one of .Net Magazines Top 10 Tech podcasts, and has two notable hosts. *Shrug* If people still think it needs to be split, it should probably be merged across two articles, TWiT.tv (network) and Gibson. --Falcorian (talk) 05:16, 5 August 2008 (UTC)

Advertisement -> NPOV
I've changed the advertisement tag to a NPOV tag because half the artice is very pro and half is very anti. --h2g2bob (talk) 18:25, 12 December 2008 (UTC)

Information about "DNS Benchmark" is outdated
The information about "DNS Benchmark" is outdated, for example, "Gibson is currently working on DNS Benchmark". DNS Benchmark has been released - http://www.grc.com/dns/benchmark.htm --Mortense (talk) 07:11, 12 November 2010 (UTC)

Gibson Research Corp Employees
FYI: Elaine is not an employee (as the term is normally used) of Gibson Research Corporation. She is a for-hire transcriptionist who runs her own company. Steve Gibson is one of her clients, hiring her to transcribe the Security Now podcasts. Her company, On-Site Media Transcription Services, can be found here: http://www.on-sitemedia.com/ Steve Gibson talks about using her services here: http://www.grc.com/sn/sn-186.htm (search for "On-Site Media")  Rn86 (talk) 04:59, 25 January 2011 (UTC)
 * Checking the sources on the article and the ones you provided it clear that Elaine is not employed by Gibson Research Corporation. I also tried to confirm her being an employee on grc.com but could not. It would be a stretch of the word employee to include her so I will go ahead and delete her from the article. I am certain a case could be made for her inclusion in the Security Now! article.  — Rɑːlɑːjər  talk 07:07, 25 January 2011 (UTC)

Reference to Hackers movie?
Imho a note about the movie "Hackers" ( http://en.wikipedia.org/wiki/Hackers_(film) ) would be appropriate. A quote from the movie - "Hack the gibson" already became a meme. In the movie the young hackers break into a "Gibson computer" which is a specially guarded high security system. It is obviously a cameo to Steve Gibson. —Preceding unsigned comment added by MasterKyodai (talk • contribs) 21:17, 6 May 2011 (UTC)
 * There may something to that but unless that connection is shown by a reliable source to be referring to the article's subject inclusion would be original research or worst yet false. An interview with the director or writer stating why they used Gibson would probably be enough. IMHO I doubt it. — Rɑːlɑːjərtalk² 00:50, 7 May 2011 (UTC)

Umm, no, it's neither obvious nor correct. The phrase is an homage to the sci-fi writer William Gibson. Nathanm mn (talk) 04:32, 9 May 2011 (UTC)

This is not a forum for general discussion of the article's subject.
... but I don't care. Just had to say that I used to have a lot of respect for Gibson, but after following the M.I.C.E. link and reading his twisting and slippery pseudo-explanations that would do any politician proud, it's just a smouldering crater now.

Now that I've got that off my chest, feel free to revert. 101.118.174.51 (talk) 17:17, 29 February 2012 (UTC)

Middle Name?
Does anyone know Steve's middle name? — Preceding unsigned comment added by LurryKiss (talk • contribs) 09:06, 8 November 2012 (UTC)

California's Business Search
California Secretary of State's Business information of record database Search

under construction
please back off. I am working this article over to source it properly. I'l be done in an hour or so. I tagged it under construction to keep things cool while I work. Thanks. Jytdog (talk) 22:04, 8 February 2015 (UTC)
 * done Jytdog (talk) 00:23, 9 February 2015 (UTC)

COIN discussion
Just FYI: Conflict_of_interest/Noticeboard Jytdog (talk) 00:24, 9 February 2015 (UTC)

TWIT.TV
The TWIT network is a reliable source because it has a reputation for accuracy and fact-checking and features experts all across the IT industry including journalists from the Chicago Sun-Times, ABC News and many other respected news organizations. In any case, even if TWIT was not a reliable source (which I don't agree with), WP:SPS applies: surely, Steve Gibson is a reliable source on his own birth date. A Quest For Knowledge (talk) 22:56, 25 March 2015 (UTC)
 * i would never do this. it is absolutely shit scholarship, to rely on a talk show where people are joking around. i will not edit war over it.  chalk this up to another "whatever". Jytdog (talk) 22:57, 25 March 2015 (UTC)
 * For fact-checking, could you please transcribe what is being said in the podcast about his birth date, including context? I really couldn't bear sitting through 2 hours of this. -- intgr [talk] 09:29, 26 March 2015 (UTC)
 * That's a shame. I find security fascinating.  In any case, itt's about 8 minutes in.  They always post transcriptions, but since the show just aired, I don't think it's up yet.  When they upload it, I can added to the reference.  A Quest For Knowledge (talk) 11:45, 26 March 2015 (UTC)
 * While it may be a reliable source for some things, I would not consider the TWIT network to be totally reliable. The Security Now podcast host has regularly (and jokingly) referred to Mr Gibson's middle name as 'Tiberius' - something that I understand subsequently found its way onto this article. Ambiguosity (talk) 04:25, 3 November 2017 (UTC)

No mention of controversy
I noticed that this page makes no mention of the controversy surrounding Steve Gibson and his claims. — Preceding unsigned comment added by 64.223.162.78 (talk) 05:33, 27 December 2015 (UTC)

I recall that roughly a decade ago I edited a section on criticism of Steve's claims, as well as descriptions of GRC products in the article which were marketing copy. It looks the article's NPOV problems eventually caused the baby to be thrown out with the bathwater: it has lost all references to the controversies which were one of the most noteworthy features of this person (and possibly the main justification for having an article in the first place). Triskelios (talk) 06:27, 7 June 2019 (UTC)

I am also here for the controversies after hearing of his abhorrent AES password generator. We should probably find some reliable sources to resurrect the section. Artoria2e5 🌉 09:14, 16 October 2021 (UTC)

Is Gibson still alive?
Spinrite and his site haven't been updated since 2013. Verdana ♥ Bold 05:26, 4 March 2017 (UTC)
 * Gibson continues to participate in his Podcast with Leo Laporte on the TWiT network, Security Now, published weekly. — Preceding unsigned comment added by 2601:249:100:659F:BD5C:DB37:B428:A21C (talk) 21:26, 31 August 2017 (UTC)
 * Why would someone be dead just because they've given up on an old website? Given how fast linkrot happens, I would think that they entire world population would be counted as dead by now, since the number of dead websites probably outnumbers the head-count of humans on the planet.  — SMcCandlish ☏ ¢ 😼  02:02, 9 March 2021 (UTC)

Requested move 9 March 2021

 * The following is a closed discussion of a requested move. Please do not modify it. Subsequent comments should be made in a new section on the talk page. Editors desiring to contest the closing decision should consider a move review after discussing it on the closer's talk page. No further edits should be made to this discussion. 

The result of the move request was: No Consensus User:Ceyockey ( talk to me ) 00:57, 24 March 2021 (UTC)

Steve Gibson (computer programmer) → Steve Gibson (programmer) – Per WP:CONCISE, WP:DAB: don't use a longer disambiguation term than is necessary. — SMcCandlish ☏ ¢ 😼  02:03, 9 March 2021 (UTC) —Relisting. ~  Aseleste  (t, c, l) 05:02, 16 March 2021 (UTC)
 * Prefer Steve Gibson (software engineer), per the lede. He is more than the teenage programmer that he was.  This much better matches his degree and various job titles.  --SmokeyJoe (talk) 03:12, 9 March 2021 (UTC)
 * Comment. Possibly applicable parenthetical qualifiers may be consulted among those used for the entries under parent Category:Computer scientists by field of research as well as under Category:Software engineers and Category:American computer programmers, which lists a considerable number of those disambiguated as either "(computer programmer)" or simply "(programmer)". —Roman Spinner (talk • contribs) 05:39, 9 March 2021 (UTC)
 * I'm all for improvement of consistency. Talking from a position of no particular expertise, I think that an "engineer" has built things, and a "programmer" just used keyboards (but allow for connecting wired, or punching holes).  I'm also all for having parenthetical disambiguators, which are title, match the lede description.  --SmokeyJoe (talk) 06:21, 9 March 2021 (UTC)
 * I have no real objection to Steve Gibson (software engineer). While it's not more WP:CONCISE it is certainly more WP:PRECISE. My only quibble would be that Gibson is most notable to the typical reader for programs he or his company have created. But a counter would be that the RS, which really determine notability, are often more interested in his other work. Given the breadth of that work, we could almost go with Steve Gibson (technologist), which gains concision at the cost of precision. I don't really care, as long as we don't use "computer programmer" which is redundant ("programmer" isn't regularly used in contemporary English in any other sense, even television program[me] management, government program[me] administration, etc.).  — SMcCandlish ☏ ¢ 😼  10:30, 13 March 2021 (UTC)
 * Comment. Support changing it to "Steve Gibson (software engineer)" per SmokeyJoe. Gnominite (talk) 17:58, 14 March 2021 (UTC)
 * Relisting comment: Looks like the article is watched by many. Extra opinions will be helpful here to ensure stability of the title.  ( Non-administrator comment )  ~  Aseleste  (t, c, l) 05:02, 16 March 2021 (UTC)
 * Comment Since the software programmer is WP:PRIMARYTOPIC, why not moved it to just plain title without any disambiguator and DAB page moved to "Steve Gibson (disambiguation)" without leaving a redirect. 36.77.74.149 (talk) 06:39, 16 March 2021 (UTC)
 * I don't think that's a sure thing. Steve Gibson (businessman), the owner of a professional football/soccer club, would have a good claim. Major sports and the politico-economics in their background generate far more press and public awareness than various geeky proposals and technical wizardry (as much as I wish that were reversed).  — SMcCandlish ☏ ¢ 😼  19:15, 16 March 2021 (UTC)