Eric Grosse |
![]() grosse@gmail.com
I'm pursuing infosec through simple, yet still general purpose, systems. I recognize modern computing has moved in a different direction, but the widescale breaches and systemic risks convince me that for resiliency it is worth personally pursuing a different approach. This was motivated by working with people in strategic risk reduction, the diplomacy term for trying to avoid world war three. Under the umbrella of the CATALINK project, I argued for building a multi-lateral open-source version of the classic Moscow - Washington hotline, so that national leaders have fewer misunderstandings. But the geopolitical situation has turned unfavorable for non-proliferation. I retired in 2017 from the role of Google's VP Security & Privacy Engineering, after ten wonderful years working with a team of passionate and talented people committed to being good stewards of our users' data. There is a workshop keynote that reflects on some of that experience and recently I wrote a screed on our experience with authentication.
We refused to accept the status quo of crime and espionage
and helped move industry best practices from a "fire code" model of checklists to a "red team" model of testing against adversaries,
focusing on defense, detection, and response:
But life is short and I wanted to spend more of it with Brenda, exploring our beautiful country by air in a Cessna 182, N945G. As they say, "responsibility of the pilot is to fulfill the dreams of the countless millions of earthbound ancestors who could only stare skyward ...and wish." (Unfortunately Brenda's autoimmune treatment and the covid pandemic and MAGA intervened and I had to abandon that dream.) For my public service component, I'll be submitting patches upstream to harden open source systems. Earlier as a Bell Labs Fellow, I worked on algorithms for numerical approximation, simulation, domain decomposition, floating point, visualization, and networked computing and tried to make the netlib collection a useful aid for scientific computing. |