October 10-14
Parisa Tabriz is well-known as Google’s first line of defense—a paid hacker who leads a team of hackers dedicated to finding weaknesses in Google’s software.
She is commonly known as the “security princess.” Most people take that as an in-house joke. But during a recent interview with The Daily Telegraph of London, Tabriz pulled out her calling card and there was her title just beneath her name: “Security Princess.”
Perhaps in keeping with her role as a hacker, Tabriz wears black. It is the only color she ever wears. And she doesn’t wear a white hat with it, although she is a white-hat hacker, paid to attack her own employer so the “bad guys,” known as the black hats, do not get there first.
Her task is to protect the nearly one billion users of Google Chrome – the most-used Internet browser on the planet.
Tabriz, unmarried at 31, is something of an anomaly in Silicon Valley. Not only is she a woman, she is a boss heading up a mostly male team of 30 experts in the US and Europe.
That status gave her the authority to choose her own title. She said she came up with “Security Princess” while preparing to attend a conference in Tokyo. “I knew I’d have to hand out my card,” she said, because the Japanese treat calling cars as a handshake—they are essential on first meeting. “And I thought Information Security Engineer sounded so boring. Guys in the industry all take it so seriously, so security princess felt suitably whimsical.”
Earlier this year, Google became the first firm in Silicon Valley to publish figures on the diversity of its workforce. They showed only 30 out of every 100 staff members are female.
“Fifty years ago, there were similar percentages of women in medicine and law; now thankfully that’s shifted,” Tabriz said. “Technology is one of the fastest-growing fields, but in that respect it has a lot of catching up to do.”
While she says she has never encountered overt sexism at Google since she joined in 2007, when she was offered the job while still at college a male fellow student told her, “You know you only got it cuz you’re a girl.”
Tabriz commented, “He said it to my face, but I’m sure a lot of others were thinking it. The jerks are the ones that tend to be the most insecure, but that didn’t stop me worrying he might be right.”
Tabriz grew up in the suburbs of Chicago with her Iranian-immigrant father, a doctor, and Polish-American mother, a nurse. She says both were incredibly smart, but computer illiterate.
As the oldest child with two younger brothers, she was used to bossing boys around from an early age.
“They’d say I was a bully, but I played them at their own game—in sports on the field, and at video games,” she says. “I was older and used to beat them up all the time.”
But when her brothers grew up and she was not able to do that anymore, she felt she had to beat them some other way.
“I didn’t know what I wanted to do at first,” she says. “I remember taking a careers test in high school to see which job would suit me, I got police officer. I laughed at the time, but I realize now it wasn’t all that far off. After all, I’m in the business of protecting people.”
Her ability to get inside the minds of the “bad guys” has seen her put in charge of the in-house training of Google engineers wanting to get into security. In her seminars she starts by asking them to think of a way to hack a vending machine for chocolate – but without the use of technology.
She knows immediately from their answers who has the curiosity and the mischievousness needed to make it.
One idea—from a European employee—was to insert a 10-baht Thai coin instead of a 2-euro coin as both are the same size and weight while the Thai coin is worth just a fraction of the euro coin.
Google now offers outside hackers cash rewards of up to $30,000 if they are able to find bugs, or faults, on Chrome, in an attempt to stop them reaching the wrong hands. To date they have awarded $1.25 million, fixing more than 700 bugs.
Tabriz says the incentive of money can turn black hats white. “There’s a fine line between the two,” she said. “You want these people on your side, not against you.