Adrienne Porter Felt, Staff Software Engineer, Google Chrome
Everyone wants to build software that's both usable and secure, yet the world is full of software that falters at this intersection. How does this happen? I experienced the disconnect firsthand, when the Chrome security team redid Chrome's security UI to conform to best practices for usable security. In the process, we learned how hard it is to actually adhere to oft-cited wisdom about usable security when faced with real-world constraints and priorities. With a set of case studies, I'll illustrate the limitations we encountered when trying to apply common wisdom to a browser with more than a billion users—and discuss what has actually worked for us in practice, which might work for other practitioners too.
Adrienne Porter Felt leads Google Chrome's usable security team, whose goal is to help people make safe decisions while using Chrome. Along with her team, Dr. Felt is responsible for building and improving the security warnings, indicators, and settings that you see in Chrome today. Previously, Dr. Felt was a research scientist on Google's security research team, where she examined how browser users react to security warnings. She received a Ph.D. in computer science from the University of California, Berkeley; for her dissertation, she evaluated whether Android and Chrome permissions are useful for either developers or end users.
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.