Google’s Parisa Tabriz on how the company stays ahead of hackers


Share post:

Google is constantly under attack. But while hackers have compromised gaming giants, casinos and other technology giants in recent months, Google has so far remained largely unscathed.

Parisa Tabriz, who is responsible for Chrome web browser security and Project Zero, credits much of this to the company’s approach to access control.

“We’re evolving Google’s infrastructure to assume that maybe some employee has been hacked. How do we mitigate the risk of that?” Tabriz said during a panel discussion at TechCrunch Disrupt on Thursday. “Part of this is access control; sometimes people ask me ‘can you help me debug this thing in Gmail’ and I can’t help because I don’t have access.”

“We’re very proud to stay out of the headlines, but that doesn’t mean that there aren’t issues that we work on and address,” Tabriz said.

Tabriz doesn’t just have to worry about Google being hacked, as she also has the security of Google Chrome’s three billion-plus users to consider.

“We have a wide range of users, each with different personal preferences or even the kind of threats that they’re thinking. We also have users that want to make sure they’re opting into the most advanced security protection so they have a higher threat profile, such as journalists,” said Tabriz. “It can be challenging supporting that range of users and making it simple to use in a way that doesn’t result in crappy software.”

Another challenge for Tabriz and her team of thousands of engineers is balancing security and privacy: It’s no secret that Google makes its money from data and advertising, how can this be balanced with the security of users?

“It’s super top of mind. Ads are an important part of the web and are related to Google’s mission of universal access to information,” Tabriz said. “I remember for a while that ads were a vector for drive-by malware — so we are investing to make sure that ads also are not introducing security risks.”

While Google has successfully fended off hackers, for the most part, Tabriz acknowledges that if she could go back and re-architect Chrome, there are things she would do differently.

“As an organization, you constantly need to invest,” Tabriz said. “One of the things we’re focused on right now is memory safety issues. In some ways, C++ is a very powerful language that you can really optimize for performance, but it’s also a language that can lead to a lot of problems. We’re looking at how can we experiment with Rust and other memory safe languages — and it’s hard to kind of retroactively do that.”

Source link

Lisa Holden
Lisa Holden
Lisa Holden is a news writer for LinkDaddy News. She writes health, sport, tech, and more. Some of her favorite topics include the latest trends in fitness and wellness, the best ways to use technology to improve your life, and the latest developments in medical research.

Recent posts

Related articles

Tesla releases the Cybertruck, Sam Altman officially returns to OpenAI, and Evernote cripples its free plan

Hi, folks, welcome to Week in Review (WiR), TechCrunch’s newsletter that highlights some of the more noteworthy...

Shein a light

Welcome to the TechCrunch Exchange, a weekly startups-and-markets newsletter. It’s inspired by the daily TechCrunch+ column where...

Deal Dive: Betting on beauty fads is big business

As a woman in her 20s with an Instagram account, I’ve witnessed the explosive rise and destigmatization...

I’m watching ‘AI upscaled’ Star Trek and it isn’t terrible

For years, dedicated Star Trek fans have been using AI in an attempt to make a version...

Robotics Q&A with Meta’s Dhruv Batra

For the next few weeks, TechCrunch’s robotics newsletter Actuator will be running Q&As with some of the...

It’s time for a heat check on the subscription economy and its proposed value to customers

Vijay Sundaram Contributor Vijay Sundaram is chief strategy officer at Zoho, where he drives corporate strategy, execution, channel management,...

23andMe says hackers accessed ‘significant number’ of files about users’ ancestry

Genetic testing company 23andMe announced on Friday that hackers accessed around 14,000 customer accounts in the company’s...

Ev startup Fisker cut its 2023 production target for the fourth time

Fisker, the California-based EV startup, cut its annual production guidance in an effort to free up $300...