My apologies for misstating this. According to the internet archive, he stopped complaining about this problem sometime in 2008, a mere four years after the raw sockets restrictions were added to XP.
Do keep in mind, however, that his entire reason for continuing to publicize this was because it allowed him to continue making foolish claims like "Microsoft Does Not Understand Security," and to pretend that the eventual restrictions (not removal) of raw sockets in XP were proof that he was right. They were not.
In fact, the entire issue was over his own misunderstanding of security. You can't secure a network by asking client operating systems to restrict their own behavior on some kind of honor system (guess what: the bad guys' computers will not have these restrictions). The use of raw sockets did not disappear and the internet still exists. The claim that this was "a tremendous threat to the global Internet" basically amounted to "the sky is falling and only I can see it because none of the other security experts 'get it' like I do." Which is entirely bogus.
I always imagine all the Gibson haters are still stuck on this drama from the XP days. Not sure why it was so polarizing, but for what it's worth I don't think "Microsoft understands security." It's not any one person or one thing, it's the culture. It's the laissez-faire attitude. It's the lack of investment. And the ubiquity of their software compounds all of it.
> I always imagine all the Gibson haters are still stuck on this drama from the XP days.
Has he done anything of note since? I mean, other than the extremely timely spinrite podcast? Honest question; I browsed through the website and it still seems to be mostly filled with questionable security alarmism from the 200x era.
SQRL and SpinRite are current, and his main works. SpinRite has a new version on the horizon supporting UEFI.
Shields Up is timeless, but doesn't do IPv6 and probably never will. There are some smaller apps that were done recently, less notably. Security Now podcast is ongoing.
Do keep in mind, however, that his entire reason for continuing to publicize this was because it allowed him to continue making foolish claims like "Microsoft Does Not Understand Security," and to pretend that the eventual restrictions (not removal) of raw sockets in XP were proof that he was right. They were not.
In fact, the entire issue was over his own misunderstanding of security. You can't secure a network by asking client operating systems to restrict their own behavior on some kind of honor system (guess what: the bad guys' computers will not have these restrictions). The use of raw sockets did not disappear and the internet still exists. The claim that this was "a tremendous threat to the global Internet" basically amounted to "the sky is falling and only I can see it because none of the other security experts 'get it' like I do." Which is entirely bogus.