Connect with us


The cyber warrior ‘princess’ who guards Google



Meet Parisa Tabriz, the 31-year-old computer whiz kid paid to hack into Google. The self-styled ‘Security Princess’ finds bugs in the software before attackers. Her job is to hack into the most popular web browser on the planet, trying to find flaws in the system before the “black hats” do.

Indeed, much like the good and bad witches of the Wizard of Oz, hackers are described as having “white” or “black” hats. To defeat Google’s attackers, Tabriz must firstly think like them.

In this cyberspace battle, the data of around a billion Chrome users hangs in the balance — and Tabriz wasn’t going to settle for any old moniker.

“When I started, my official job title was ‘Information Security Engineer,’ which I thought was a bit boring and not really meaningful,” said the Iranian-Polish-American.

“So I changed it to ‘Security Princess’ as more of a tongue-in-cheek thing. I’ve never been exceptionally girly or fit the stereotype of a princess, so it was a bit ironic for me to go by that name — and then it stuck!”

Tabriz’s role has evolved dramatically in the eight years since she first started working at Google. Back then, the young graduate from Illinois University was one of 50 security engineers — today there are over 500.

“Our users include presidents of foreign countries — I hope Obama uses Chrome too. It includes really highly-targeted individuals, political dissidents, journalists, and people who just want to casually use the internet,” she said.

“Google depends on those users trusting us with their data. So if we can’t protect it, we have no business.”

Cybercrime has come a long way in the past decade — from the clichéd Nigerian Prince Scam to credit card theft, and suspected government surveillance over emails.

Tabriz’s biggest concern now is the people who find bugs in Google’s software, and sell the information to governments or criminals.

To combat this, the company has set up a Vulnerability Rewards Program, paying anywhere from $100 to $20,000 for reported glitches.

“What we’ve seen in the last couple of years is what we suspect to be governments trying to intercept communications,” said Tabriz. “In one case, there were Iranian-region Gmail users whose connection was being intercepted.

“These incidents are especially scary since they seem to be carried out by large, well-funded organizations or governments,” she added.

It’s a world away from Tabriz’s computer-free childhood home in Chicago. The daughter of an Iranian-American doctor father, and Polish-American nurse mother, Tabriz had little contact with computers until she started studying engineering at college.

Gaze across a line-up of Google security staff today and you’ll find women like Tabriz are few and far between. She admits there’s an obvious gender imbalance in Silicon Valley, but for once is stumped on the fault.

“Clearly the numbers make you think ‘what is the problem that there aren’t more women working in security, that there aren’t more women working in technology?” she said.

“And it does make me think what is the problem here? Is it the culture or the atmosphere?”

Funnily enough, during training sessions Tabriz first asks new recruits to hack not a computer, but a vending machine.

“There’s this idea that you need to be a super genius computer geek to be a hacker. But in reality, I think anybody can be a hacker in the real world — just think of all the non-software examples,” said Tabriz.

“A lot of people ask me what’s the best answer I’ve been given to the vending machine problem, and the real answer is there is none. Some people think about how they’d steal their favorite snack; some people figure out how to steal the entire machine of snacks; and some people figure out how they could add some sort of functionality to the machine that wasn’t there before”

Tabriz’s job is as much about technological know-how, as understanding the psychology of attackers.

“Anybody who’s working in defense — police officers, security, or law enforcement — has to stop and think ‘what is the enemy, or the attacker going to do?'” she said.

“Because you always want to stay one step ahead of them.”


Join the conversation


Support Ripples Nigeria, hold up solutions journalism

Balanced, fearless journalism driven by data comes at huge financial costs.

As a media platform, we hold leadership accountable and will not trade the right to press freedom and free speech for a piece of cake.

If you like what we do, and are ready to uphold solutions journalism, kindly donate to the Ripples Nigeria cause.

Your support would help to ensure that citizens and institutions continue to have free access to credible and reliable information for societal development.

Donate Now