About me

I'm a researcher at the UC Berkeley Center for Long-Term Cybersecurity, where I direct the Daylight Lab. I work at the intersection of human-computer interaction (HCI) and computer security.

I blog here. That means, “less than peer reviewed, but more than half-baked.”

Google scholar

My research

Lately, I'm interested in developing better ways for people to identify and address security risks.

  • mlfailures - For students and data scientists, these labs teach you to identify (and fix) bias, fairness and security issues in machine learning algorithms.

  • Internet fragmentation - For policymakers, I've been working on ways to measure Internet fragmentation and its effects on geopolitics (trade, alliances, etc). (More here soon).

  • Security games - For everyone else, I've been working on accessible games to help groups identify security risks matter to them [ 1 ].

Theoretically, I'm interested the social process of threat identification: how and why people identify particular risks with particular technologies [ 234 ]. My perspective is heavily informed by science and technology studies (STS) and my methods draw heavily from design research/research-through-design.