Parisa Tabriz, who is responsible for Chrome web browser security and Project Zero, credits much of this to the company’s approach to access control.
“We’re evolving Google’s infrastructure to assume that maybe some employee has been hacked. How do we mitigate the risk of that?” Tabriz said during a panel discussion at TechCrunch Disrupt on Thursday. “Part of this is access control; sometimes people ask me ‘can you help me debug this thing in Gmail’ and I can’t help because I don’t have access.”
“We’re very proud to stay out of the headlines, but that doesn’t mean that there aren’t issues that we work on and address,” Tabriz said.
Tabriz doesn’t just have to worry about Google being hacked, as she also has the security of Google Chrome’s three billion-plus users to consider.
“We have a wide range of users, each with different personal preferences or even the kind of threats that they’re thinking. We also have users that want to make sure they’re opting into the most advanced security protection so they have a higher threat profile, such as journalists,” said Tabriz. “It can be challenging supporting that range of users and making it simple to use in a way that doesn’t result in crappy software.”
Another challenge for Tabriz and her team of thousands of engineers is balancing security and privacy: It’s no secret that Google makes its money from data and advertising, how can this be balanced with the security of users?
“It’s super top of mind. Ads are an important part of the web and are related to Google’s mission of universal access to information,” Tabriz said. “I remember for a while that ads were a vector for drive-by malware — so we are investing to make sure that ads also are not introducing security risks.”
While Google has successfully fended off hackers, for the most part, Tabriz acknowledges that if she could go back and re-architect Chrome, there are things she would do differently.
“As an organization, you constantly need to invest,” Tabriz said. “One of the things we’re focused on right now is memory safety issues. In some ways, C++ is a very powerful language that you can really optimize for performance, but it’s also a language that can lead to a lot of problems. We’re looking at how can we experiment with Rust and other memory safe languages — and it’s hard to kind of retroactively do that.”