A team of engineers, researchers, advocates, and hackers who make the Internet safer for all users.
Security, Privacy and Abuse
Our team brings together experts from systems, networking, cryptography, machine learning, and user experience to advance the state of security, privacy, and abuse research. Our mission is straightforward:
Make the world’s information trustworthy and safe. We strive to keep all information on the Internet free of deceptive, fraudulent, unwanted, and malicious content. Users should never be at risk for sharing personal data, accessing content, or conducting business on the Internet.
Defend users, everywhere. Internet users can face incredibly diverse threats, from governments to cybercrime and sexual abuse. We approach research, design, and product development with the goal of protecting every user, no matter their needs, from the start.
Advance the state of the art. Making the Internet safer requires support from the public, academia, and industry. We foster initiatives that shape the direction of security, privacy, and abuse research for the next generation.
Build privacy for everyone. It’s a responsibility that comes with creating products and services that are free and accessible for all. This is especially important as technology progresses and privacy needs evolve. We look to these principles to guide our products, our processes, and our people in keeping our users’ data private, safe, and secure.
Thirteenth Symposium on Usable Privacy and Security (SOUPS), Usenix (2017)
CHI '17 Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, ACM, New York, NY, USA (2017), pp. 2189-2201
Proceedings of the Eleventh Symposium On Usable Privacy and Security, USENIX (2015), pp. 327-346
In collaboration with the Cryptology Group at Centrum Wiskunde & Informatica (CWI) - the national research institute for mathematics and computer science in the Netherlands we have broken SHA-1 in practice.
Learn how Google’s Project Zero team discovered serious security flaws caused by “speculative execution,” a technique used by most modern processors (CPUs) to optimize performance. Independent researchers separately discovered and named these vulnerabilities “Spectre” and “Meltdown.”
Google Play Protect's suite of mobile threat protections are built into more than 2 billion Android devices, automatically taking action in the background. We're constantly updating these protections so you don't have to think about security: it just happens.
We are making the encryption on Google Pixel 2 devices resistant to various levels of attack—from platform, to hardware, all the way to the people who create the signing keys for Pixel devices.
We expanded the scope of our transparency reporting about the “right to be forgotten” and added new data going back to January 2016. Our goal with this project was to inform an ongoing discussion about the interplay between the right to privacy and the right to access lawful information online.
Emily Schechter talks about "The Trouble with URLs, and how Humans (Don't) Understand Site Identity"
Some of our people
Abuse research blends technology, policy, and enforcement to address the most important threats that our users face.
Usability and security have long been considered to be two opposite sides. I like pushing the boundary on usable security, to make systems both usable and secure.