This is my 3 minute pitch at the Google Security Summit, making a case for what I think academia and Google should be doing more of. The basic premise is, rather than creating new security mechanisms, let's look more at getting people to adopt best practices and features we've already created.