Ex-TLM at Google on Android Platform Security | Co-lead for Security/Privacy on Exposure Notifications.
I do security for privacy and my posts are my own.
¯\_(ツ)_/¯
he/him
I want to give a shout out to exposure notifications, the API Apple and Google created at the beginning of the pandemic. Well scoped. In close collaboration with domain experts. Privacy protecting. Measurably helped, maybe not as much as hoped, but still. And now being responsibly shut down, as promised.
We should praise folks when tech is done right. I want to see more of this responsible deployment of tech.
From ~Twitter~:
I'll be speaking at ACM Wireless Security (@/acm_wisec) on what it's been like doing cellular security work @ Android these last few yrs (among other things, alongside @/yongdaek & @/drogersuk) during the Tuesday May 29 3:30 PM panel.
In personal news in two weeks it'll be my 10 year anniversary since I started working on Android -- so I decided it's a good time switch gears and leave Google!
Owning (among many other things) design reviews, security models, and helping all sorts of Android projects design and build good, secure, and private products has been awesome. Getting to really demonstrate that way of design and engineering thinking in Exposure Notifications as one of the security and privacy leads will probably be a highlight of my life (we better not have to deal with something like that again).
Doing all that while helping build and maintain an extremely successful, inclusive and welcoming team culture in security was the best part. Couldn't be more proud of all the people on my teams and all the great things they've done. I tried to leave security a few times early in my career because of not liking the broader scene, so I'm glad to have demonstrated at least to myself that it's way better all around without all the flair and toxicity.
No idea what I'll do next, going to spend some time sailing tallships and doing guest lectures to try this relaxing thing and then I'll go find some more ways to help protect real people and enable good things while preventing bad.
The Android Team has open sourced our internal Rust Training! It's a four day course covering the full spectrum of Rust, from basic syntax to advanced topics like generics and error handling. It also includes Android-specific content on the last day such as:
- Building Android components in Rust.
- AIDL servers and clients.
- Interoperability with C, C++, and Java.
1/ Another article on the "next big thing" after the smartphone: https://www.theverge.com/2022/11/23/23474090/smartphone-next-big-thing-ar-vr-metaverse-alexa
To understand this, I think it is useful to rephrase this to what they are really asking: "what is the next big computing platform after mobile platforms?"
That is, we have seen mobile platforms disrupt PCs, so what is going to disrupt mobile?
Spoiler: I don't see anything on the horizon. I'll go through how I have been looking at this.
Hello not-bird site!
I'll keep up my occasional professional-but-sarcastic posts about security, but starting with a personal update:
After I got really bad post-COVID brain fog (ironic) I took a leave of absence from work to spend some time actually resting and focusing on my main hobby -- sailing. I spent every weekend (bar the ones I was out with COVID) this year sailing on Matthew Turner, and almost the entirety of my 3 months of leave as well, it was great.
I did lose a phone to the ocean though, goodbye Pixel 4a5g you are now perfectly secure and perfectly useless in your new home.
Frédéric Jacobs
Ben Adida
yomna
jeffvanderstoep
Dianne Hackborn