Which Steve Gibson?
I'm referring to the Steve Gibson who founded GRC.
The one that calls himself a "security researcher" but has never posted anything pertinent to any of the security mailing lists, and hasn't even posted in the larger ones. The one that has never attended a security conference, published a paper, discovered a vulnerability, or written proof of concept code.
The one who claimed that the Windows WMF exploit involving AbortDoc was a "deliberate backdoor", something which wasted the time of far more competent individuals such as
Mark russinovich. To show how insane his theory was.
The one that made Spinrite, which doesn't doesn't live up to any of his grandiose claims about it's capability. Something best observed
here.
The one that said, when XP was released- "When those insecure and maliciously potent Windows XP machines are mated to high-bandwidth Internet connections, we are going to experience an escalation of Internet terrorism the likes of which has never been seen before.". Did we? No. Was he full of crap? Yes.
He has certainly found success. I cannot argue that. The key to his success is that there are people more ignorant and dumber than he is, just like any charlatan.