To protect the world’s one billion citizens nameless heroes interview Google Security Princess Parisa Tabriz. Tabriz is an Iranian-Polish-American computer security expert who works for Google as an information security manager and “Security Princess”.
Earlier Google “Princess Princess” Parisa Tabriz came to Hong Kong, with the Disney animation is different from the “security princess” is not only not uncomfortable, but also led himself to lead more than 30 teams, as Chrome “castle” the most solid The security line. Parisa Tabriz is the director of the Google product security team, the so-called “white hat hackers”, every day to protect the world up to 1 billion Internet users.
Not ordinary princess, not ordinary white hat hackers
The name “Security Princess” is not fake because it is indeed the title on her business card.Silicon Valley technology company full of funny humorous business card title, and “security princess” and how to? Saying that Parisa Tabriz was at a meeting, it was found that the title of “Information Security Engineer” was too boring, so he switched to the name “security princess” and has been in use ever since.
Oscar film “NASA nameless heroes” is being released, the story of three black women in different capacities to support NASA’s manned space program. Recently, the United States seems to be re-blowing racial and gender discrimination, especially Silicon Valley technology company more President Trump’s “immigration ban” and bruised, and Google is one of the anti-Trump policy one of the Silicon Valley giant.
In fact, the hacker world is absolutely “the strength of the first”, the most respected are the strength of hackers, with your age, gender, color no relationship, after all, we are all across the screen. Although the Parisa Tabriz also set the identity of young, female and colored people, but she was the strength to become the 2012 “Forbes” selected 30 30 years of age must pay attention to one of the scientific and technological figures, is the real strength to send.
About 1 billion Internet users around the world are being protected by her
Since Trump came to power, the United States blew up an exotic atmosphere, although the visit did not answer their own views on the recent events, but I believe Parisa Tabriz feel pretty deep. She is born from a health care family, although born in the United States, but the father is an Iranian, the mother is a Polish, is a typical immigrant family, especially Iran is one of the seven countries of the Trump ban, saying that no pressure is probably false.
But in fact Parisa Tabriz responsible for the Chrome browser security, every day to protect the United States and the global Internet users. According to “NetMarketShare” the latest statistics, in January 2017 Chrome browser market share reached 57.94%, about 1 billion Internet users are being her protection. And she is one of the members of the USDS, which was founded in 2014, to provide information security advice to the government and the US military.
In other words, the security of information in the United States is in fact protected by descendants of non-whites.
The future of everyone online, to protect Internet users than the protection of operating system is more important
At first she was not learning computer engineering, saying that “only with the brothers playing game experience”, until the university to learn web design, the site was hacked, she wanted to figure out what happened and began to contact information security. She every Friday night to attend a hacker party, by not completely understand the deep addiction, from then to find their own duty.
University Parisa Tabriz participated in the internship of technology companies, is to participate in Google. Although the Internet in the ascendant, but people still have access to Windows and other systems more opportunities, if you want to protect more people is not the choice of Microsoft? But she looks more long-term, that people may not use Google services in the future, but certainly can not access the Internet, to protect Internet users, in fact, more difficult than the protection of an operating system and more protection of more objects.
In 2007 she officially joined Google, but Silicon Valley is still a male and female places, even if Google is only about three percent of employees are women and let alone engineers. So there has been male colleagues ridicule, Parisa Tabriz is because the identity of women will be employed, but she was in the months after joining a complete study on the safety of wireless Internet access, with the strength of people shut up.
Chrome’s security is the security of the Internet
Mentioned in front of the Oscar film “NASA Nameless Hero”, the story not only explores the 1960s American racial and gender discrimination, in fact, also praised a group of hero behind the scenes. In fact, even the textbook will only record that John Glenn is the first American astronaut to enter the Earth orbit (that is, the astronauts in the movie), and not many people remember more behind the hero/heroine contribution.
In fact, the information security itself is not a wonderful work before the scenes. Like the iPhone everyone just remembers Steve Jobs, Facebook only remembers Mark Zuckerberg, new products or new features when consumers will only remember the radiant developers. In comparison, do information security will not only become the focus, if it is really attention, almost certainly what security loopholes.
So that Parisa Tabriz is the real “nameless hero” is not an over. But she did not feel any bad, but very enjoy the work now. Parisa and the team’s job is to attack Chrome and Google online services, rob the hackers to find loopholes to repair, she believes that white hat hackers can apply the technology in a good way, or even reward 30,000 US dollars to find a loophole Hackers, and she and the team to find the loopholes on more than 1,000.
She thought that not so many people know that the network is actually full of danger, to protect the average person from attack, the browser can be said to be the first line of defense, so she will say “Chrome security is the security of the Internet.” In fact, many people because of her and escaped the attack, through the “safe browsing site” function to prevent users from accessing the risk of web pages, compared to the browser faster, perhaps the significance of these features more important.
On the Internet to protect Internet users, Google can take on more roles
Parisa Tabriz frankly there is no perfect system, loopholes must continue to exist, even if the browser did not find loopholes, but if the site itself is a problem, Internet users are still exposed to danger. “The browser is just a window of access to the Internet, and the user goes to the site in fact, through the router, ISP, and many different nodes, each link has a man-in-the-man attack (Man-in-the-Middle Attack) risk. Say.
As a web crawler, Google can take on more roles, such as having the opportunity to see the search results next to the site that may be at risk. And Chrome users have more protection, the “Safe Browsing website” feature to collect a large number of web data, if the user to open a fishing, Trojan or malicious software site will appear when the red warning page reminder.
Another way to protect a user is to encrypt the browser. The latest version of Chrome to add new features, if you want to log into the site you must use HTTPS encrypted connection. In recent years, there are often used to attack people to steal Internet users information, and the countermeasure is an encrypted connection because the Internet does not actually point to point, to avoid halfway hackers or government interception must ensure that the process of encryption.
Try to be protected by the user without being aware of it
According to the Parisa figures, there are 44 of the 100 largest sites in the world with HTTPS, 54 for HTTPS, and by default, because it means that the browser is encrypted at all times, with or without a password. Enter the credit card and other information. Compared to 2015 only 39 default and 24 site support, growth has been great.
Parisa admitted that many sites do not attach importance to encrypted connections, in addition to cost, maintenance and performance considerations, more of the situation is that “no need”: “Many sites do not think there are sites worth using encrypted links to confidential content, Do not feel the need for HTTPS, which is the biggest obstacle to promoting HTTPS. ”
But try to imagine that most people will only enter the URL directly in the URL bar, do not add their own additional HTTPS, so the site defaults to use HTTPS to ensure that users need to be encrypted when the encrypted connection in the state. In addition to Chrome’s red icon reminder, Google also encourages more sites to use HTTPS-encrypted connections by upgrading search sites that support encrypted connections.
“Google is trying to be protected by users without being aware of it, such as keeping the latest version of the browser, one of the keys to secure Internet access, and Chrome’s design is fully automated, and the browser updates automatically The background is complete, the user does not need to update himself, or even not aware that it has been updated, “she said.
Educating the public is always an important part
Although Google has blocked a lot of danger behind, but if the Internet users are still insisted on browsing after a dangerous site, the problem is still not resolved. As every security expert says, any firewall is not as important as the user’s own security awareness, so it is important to educate the public that there is a safe browser to truly secure a secure Internet environment.
Whether it is an information security expert to educate the public, or as a female engineer want more women to participate in this industry, Parisa has been involved in different groups of network security education, such as personal participation in girls or children’s hackers loose activities, so that they Personally feel the importance of network security, nurture the future of network security engineers.
Finally, Parisa Tabriz gave a few suggestions to the Internet users, although it is cliche, but still worth repeating:
● Cheap Mo greedy: a variety of concessions or free to attract the site or download, should pay attention to whether fishing or malware.
● Do not re-use the password: the password used may be leaked by the site information and hackers know that hackers will try to use the old password to log into your other online services. In fact, Mark Zuckerberg’s Twitter account is because it was invaded. If you forget your password, Parisa recommends using the Chrome Password Manager feature.
● Avoid using public computers and regularly checking account security: If you have to log in using a public computer, Parisa recommends using multiple sign-in authentications, making it difficult to log into your account even if hackers steal passwords.
● Carefully downloaded software and applications: In recent years, the common blackmail software and Trojans are using Internet users inadvertently invaded, Parisa suggested that Internet users check Google account has no suspicious login.
● Keep the software in the latest version: even if the vulnerability was discovered and fixed, but the user did not install the update is useless. Although Chrome will automatically update, but other browser plug-ins or software is not the case, so still have to pay attention.
Summary: the true sense of the nameless heroine
Perhaps Parisa Tabriz for their own “security princess” title is not just fun, after all, information security is never the kind of star under the stars, to let the public attention to the importance of information security, just need such a “topic” To attract attention. In fact, if you search for information security on the web, almost all accident news, find loopholes, not many people will notice their efforts. So with the “nameless heroes” to describe the Parisa Tabriz, not just the author to play, but that she is a real unknown hero.