Skip to Navigation Skip to Content

Hot 20: Google's Security Princess, Parisa Tabriz

"I always find the most random stuff at Scrap in Bayview:mannequin heads and postcards and old calendars. If I have an hour to kill, that's where I go." Photograph by Zach Gross.

HOT. The word carries so many meanings: passionate, sizzling, trendy, intense, and yes, sexy. But for us, it signals our favorite month. Meet the 20 movers and shakers that have us fired up this year.

For the head of the Chrome security team—yes, security princess is her actual title—the road to Google started with art. " alt="<--break->">Growing up in Chicago, Parisa Tabriz loved to paint and draw, but at college, web design became her medium. “I probably redid my website dozens of times,” she says.

Which led, naturally, to hacking her computer’s operating system—so she could restyle the interface—and joining a hacker group. “There were no university classes in security then,” she points out. “Everything we knew, we learned from each other.” Then came an internship at Livermore’s Sandia Labs and, in 2007, a job with Google’s tiny “hired hacker” team. “Now we have more than 220 people working on security full time. Sometimes that means finding bugs, other times it means helping engineers fix bugs, writing tools to detect attacks, or teaching developers to think like hackers.”

For someone whose day job is devoted to risk reduction, the Mountain View resident has an interesting way to relax: rock climbing. But maybe it’s not so surprising. “With climbing, you have an end goal, but you have to figure out how to get there.” There’s no road map. Which should feel very familiar to Tabriz.

 

Parisa Tabriz explains how to stay safe on the Internet:

“I actually think there’s way too much security advice out there. I’m the only person that works in tech in my family—everybody works in the sciences, bio, or medicine—but they’re excited about using computers to do cool things. They know nothing about security and they have no interest in learning about security, so they’re really good for a reality check about what I can expect users to do. My dad has gotten his account compromised a couple times too, and it sucks, but I don’t feel like people should need to love or care about security to be secure on the Internet. We should make it easy and it should be by default—people should just be secure without actually having to do anything. There’s a lot of really bad and wrong advice out there, and it’s something that I feel very passionate about, and that’s why I want to give only three recommendations: 1. Use Chrome! I guess I’m biased, but it’s the most secure way to browse the web. 2. Pick strong passwords, and don’t share or reuse them. 3. Be wary of suspicious emails and offers. If it sounds too good to be true, it probably is.”