Forget "ShieldsUp!" This is the guy who still sells SpinRite for $90 when it hasn't seen an update since 2004. It's old enough to vote at this point and Steve Gibson is always spouting off blatant lies about how it's great for recovering SSDs. He's claimed that it can magically read uncorrectable sectors on modern drives (SATA, not SAS, no SCSI READ LONG here and no ancient IDE drives that still supported READ LONG for ATA) and compare results to figure out what the original data was. He claims that it's data recovery software and that people should run it on a failing hard drive before trying to copy data off of it with a real data recovery program! That piece of garbage doesn't even support writing data to a separate disk, the only thing it can do is write the data the drive was able to read back to the failing drive itself.
The technical documentation claims stuff like that it disables bad sector allocation. That's actually a thing, but if you read the man page for some reputable software like hdparm you'll see a nice little note:
> Control of this feature via the -D option is not supported for most modern drives since ATA-4; thus this command may fail.
ATA-4 was standardized in 1998. It can probably actually disable write caching, but it's not like that's unique to SpinRite in the slightest. It's even trivial to change that on Windows which is otherwise horrible for anything low level involving disks. SpinRite doesn't even use LBA48 addressing so if your drive can't address the full capacity in ye olde CHS then too bad, but SpinRite will try to spin that as a problem with your BIOS, a problem with your SATA controller, etc.
I don't see why anyone respects anything he says given his long history of selling snake oil and other shyster tactics. Even the Wikipedia page for SpinRite looks astroturfed and the talk section has a bunch of responses from an unregistered user that all seem to have a similar tone and be suspiciously supportive of some of SpinRite's dubious claims.
If Steve Gibson told me that the sky was blue I think I'd have to go outside and check.
Doesn't sound like you have used Spinrite, but if you don't think it's worth the money don't buy it. Not sure what makes you think a developer has to reduce the price of their software, just because it's old. Adobe has done no such thing. The software still does what it did when it was first made. If you have a bug report, file it, my guess is that you don't.
And I doubt you've ever bought the Brooklyn Bridge but that doesn't mean you can't call out the con artist trying to sell it. The price of the snake oil isn't the problem. The problem is that he's scamming people out of money making a bunch of claims that fundamentally do not apply to modern drives. If you have a MFM hard drive that still spins after all this time and you want to do whatever low level interleave Spinrite supports on it then sure, it probably works just as well as it did back when that hardware didn't qualify as antique. Most people getting suckered into buying Spinrite aren't going to have anything that ancient and for what Spinrite can actually do on somewhat modern drives, you might as well just use ddrescue, it'll do a better job.
> If you have a bug report, file it, my guess is that you don't.
This is extra hilarious in light of the fact that there have been plenty of bug reports against 6.0 reported well over a decade ago. Steve promised they'll be fixed in 6.1 which is totally coming out any day now.
I don't know if there's anything wrong with Sheildsup (other than my recollection of it being a pretty run of the mill tool for reporting open ports), but the guy who makes Shieldsup is, in my opinion, basically a charlatan. He writes loads and loads of technical-sounding blather on his website that is very transparently designed to make him look like an expert on security to people who don't know any better. He's made a career out of selling tools people don't need but which are hyped up to make them sound critically important.
Here's an example of some hype I just found about a device he "invented" that is supposed to really put home routers through their paces, because he's the only one looking out for us. [1] Of course, it maybe doesn't exist, and his claims of what it's going to do sound far-fetched and misguided, but it sure does seem aimed to make him sound like a real security expert. Not sure if he ever made any claims about having evaluated any routers with it.
I feel like what you're describing is just marketing, in the sense of exaggerating the necessity of a product that works but which you really can do without. Or do you mean Gibson's products don't really work?
Sure, it's "just marketing," but it's particularly egregious marketing because it relies heavily on fear and borderline lies about his expertise. And he puts out baloney like the "CSPRNG" in the OP that's not even sound. You may note that it's been 5 years since he was notified of the flaws in it, but it's still promoted in exactly the same irresponsible way.
One of his most infamous crusades was how he yelled about Windows XP raw sockets -- a fake problem that he hyped up as if the sky was falling -- well after Windows XP was EOL'd.
My apologies for misstating this. According to the internet archive, he stopped complaining about this problem sometime in 2008, a mere four years after the raw sockets restrictions were added to XP.
Do keep in mind, however, that his entire reason for continuing to publicize this was because it allowed him to continue making foolish claims like "Microsoft Does Not Understand Security," and to pretend that the eventual restrictions (not removal) of raw sockets in XP were proof that he was right. They were not.
In fact, the entire issue was over his own misunderstanding of security. You can't secure a network by asking client operating systems to restrict their own behavior on some kind of honor system (guess what: the bad guys' computers will not have these restrictions). The use of raw sockets did not disappear and the internet still exists. The claim that this was "a tremendous threat to the global Internet" basically amounted to "the sky is falling and only I can see it because none of the other security experts 'get it' like I do." Which is entirely bogus.
I've always been curious why people so fervently dislike Gibson. I think the most genuine criticism is that Spin-Rite is not a backup solution and people may rely on it as such. Ideally, no one should need it since all data should be replicated and backed up. Any drive can fail at any time for any reason and it may be totally unrecoverable.
[Side Note: He also once claimed in a "testimonial" that a special ops team recovered data off of a hard drive during a mission in which they hit a terrorist with a computer.]
That being said, he produces a free security podcast which is quite good. He knows his stuff.
> Any drive can fail at any time for any reason and it may be totally unrecoverable.
While in principle this is true, I have been using hard drives for more than 30 years now in PCs and I have never had one fail. I still back things up to separate drives since there's always a first time, but I've never used SpinRite or any other extra "protection" over and above what my OS provided.
There are stats on failure rates and bathtub curves. Consumer hard drives these days have an AFT of ~1.41%. Never used SpinRite and I don't know if there is evidence for it but I suggest you backup your data.
The podcast is great. Provides great information and is more than happy to provide corrections when some calls him on it. Takes a very scientific approach to issues.
I agree. Not sure why all the hate. I’ve used SpinRite to recover some bad drives of mine and friends/family over the years and it’s worked quite well. Had one Windows box that was failing to boot before the login screen, ran SpinRite and it found / fixed some issues. Rebooted and the machine was fine. At least fine enough to copy everything to a new drive and ditch the old one. Haven’t tried it on an SSD though.
You can take or leave the relevance of this "old" information, but there are dozens of pages on his current website that speak for themselves.
Most of it is just self-aggrandizing technobabble trying to appear authoritative and "educate" people on security issues with hilariously dumb content like the page that recommends checking Facebook's cert hash on his site before trusting it. His number one goal appears to be to convince people he is an "influential voice" in the security community (he uses that phrase to describe himself repeatedly). I just find it sad when I encounter people who buy it. Luckily, it mostly seems to appeal to a certain kind of misinformed enthusiast that I rarely encounter these days.
Note that this isn't to say all his info is bad. I particularly like stuff like his explanation of how NAT works. That's great content. If it wasn't mixed in with the chicken little snake oil stuff, I'd actually refer people to it.
Yep, that's what it does. A person can just use whatever DNS is provided by their ISP, which is the fastest in some cases. Or they can test and find out for sure.
The technical documentation claims stuff like that it disables bad sector allocation. That's actually a thing, but if you read the man page for some reputable software like hdparm you'll see a nice little note:
> Control of this feature via the -D option is not supported for most modern drives since ATA-4; thus this command may fail.
ATA-4 was standardized in 1998. It can probably actually disable write caching, but it's not like that's unique to SpinRite in the slightest. It's even trivial to change that on Windows which is otherwise horrible for anything low level involving disks. SpinRite doesn't even use LBA48 addressing so if your drive can't address the full capacity in ye olde CHS then too bad, but SpinRite will try to spin that as a problem with your BIOS, a problem with your SATA controller, etc.
I don't see why anyone respects anything he says given his long history of selling snake oil and other shyster tactics. Even the Wikipedia page for SpinRite looks astroturfed and the talk section has a bunch of responses from an unregistered user that all seem to have a similar tone and be suspiciously supportive of some of SpinRite's dubious claims.
If Steve Gibson told me that the sky was blue I think I'd have to go outside and check.
http://www.hddoracle.com/viewtopic.php?f=181&t=2929