When Parisa Tabriz, a Director of Engineering at Google and head of Google Project Zero took to the stage at this year’s Black Hat USA conference, no one knew the stir that her comments would make throughout the event.
Time to party
Her first point was a little reminder that letting loose and partying now and then wasn’t such a bad idea, as writing secure code, and the task of protecting systems is a challenging and exhausting task which can be made a little easier if successes are regularly celebrated with a party or two.
This method keeps everyone motivated, and ensures that things get done, Tabriz claimed.
When the Google Project Zero boss moved on to talk about blockchain technology things got a bit awkward, as she claimed that “Blockchain is not going to solve security problems.”
This comment didn’t sit too well with the many vendors who were set up in the nearby expo hall, some of whom had large signs and business models that express the exact opposite of the Google Project Zero head.
Tabriz continued –
“We have made great strides in the past decade, but the threat landscape is becoming increasingly complex, and our current approach is insufficient.”
Four year project
As an example, Tabriz pointed out the completion of Google’s four-year project last month, which was the aim of having Chrome categorize all non-HTTPS webpages as insecure.
When this move was initially proposed there was a considerable amount of pushback, mainly because sites who were not considered secure by Chrome standards would effectively be “named and shamed,” but the internet giant pushed on regardless, and the project finally came to a conclusion last month.
Google Project Zero has also come in for criticism for their enforcement of a 90-day disclosure rule, which sees platforms notified of any vulnerabilities in its website or project, with Google going public with the details if the issues aren’t dealt with within 90 days.
Building a culture around defense
The Black Hat event founder Jeff Moss commented that “We have to build a culture around defense.”
“It’s up to us to put pressure on companies. We can change the security posture for the entire world.”
I think most would agree with him on that, but I’m not sure that too many would agree with Google Project Zero chief Parisa Tabriz that blockchain isn’t going to solve security issues.
It may not be the sole miracle answer to the tech worlds security issues, but it’s laying the blueprint for how we go about implementing a system of transparency and openness that will go a long way to securing data in the years to come.
Lover of all things crypto, blockchain and AI, professional tech scribe & part of the editorial team at Crypto Disrupt.