Friday, November 23, 2018

What have I been doing these last few years?

I've been relatively quiet on this blog since I started working at Riot Games in 2013 in part because my day job has been more on the game development side than the security side so there haven't been a lot of security topics worth writing about. I thought since it has been five years now I'd do a round up now that I have a few years of bits and pieces that have some security crossover!

When I started at Riot I worked on the infosec team on a variety of things (primarily incident response and bug bounty) here's some of the cool work that team did:

Running a Bug Bounty Program - Blog post about Riot's approach to bug bounties
The Evolution of Security at Riot - Overview of Riot's infosec program
Cloud Inquisitor  - Security monitoring and policy enforcement tool for AWS (open source)

After I left Riot infosec I moved onto League of Legends where I worked on cheat detection and prevention systems as well as some networking and metrics collection changes. I wrote code that was deployed to hundreds of millions of computers and eventually led to some of things described in these articles:

Removing Cheaters From LoL - Player facing overview of Riot's anti-cheat activities
Riot's Approach to Anti-cheat - A good overview of Riot's anti-cheat strategies and tech
Riot Games wins $10 million in LeagueSharp suit - A tech and legal battle I influenced
Riot’s anti-cheat team just took down a huge scripting provider - Another battle for the team

Eventually I left League of Legends and its anti-cheat team behind. I entrusted it to the extra-ordinarily talented Nemi and Michael who by day build great anti-cheat systems and by night run the blog https://www.triplefault.io/.

In particular check out these great posts from them:
Spurious #DB exceptions with the "MOV SS" and "POP SS" instructions (CVE-2018-8897)
Enumerating process, thread, and image load notification callback routines in Windows
Detecting debuggers by abusing a bad assumption within Windows

So if I haven't been working on League of Legends what have I been doing? I've been exploring game development (and a helping of security/anti-cheat work) for on a new game at Riot, it's a project that I'm super excited about but one that's not ready for the limelight. There's a good chance my next blog post here will be pointing you all at the project so stay tuned!