Wednesday, September 2, 2020

A VALORANT Portfolio

I'm changing jobs (after almost 7 years at Riot, that's a long run!) and I wanted to post a bunch of links to public facing stuff from my time at Riot, mostly VALORANT stuff from the past year, this is very self indulgent but think of it as a portfolio of sorts.

Writing

Riot Tech Blog - Fog of War

Game Update 01: ON RAZE AND ANTI-CHEAT

Game Update 02: ON VANGUARD ERRORS/SOLUTIONS, GUN SKINS, AND AGENT PROGRESSION

Game Update 04: ON PEEKER’S ADVANTAGE & RANKED

Ask Valorant #5

Dev Blog: Anti-cheat What, Why, and How

Dev Blog: VALORANT ANTI-CHEAT: CHEATER, REPORTED!

Reddit comment about the first cheaters banned

Reddit comment about running a driver at boot

Reddit comment about a performance regression

My Riot Reddit Account history

Tweet about how many cheaters exist in games and how that feels for players:


Interviews / News clips


I did a lot of interviews and got asked for quotes many times, I didn't do a good job keeping track of how those quotes and interviews were used but here are some of them that I could find after the fact.

Polygon: Valorant: How Riot finally made something new

InvenGlobal: Valorant has prepared to deal with hacks from the very beginning

Polygon: Valorant team bans over 8,000 cheaters in closed beta

ChinaJoy Keynote Video

VICE: The Vigilante Hunting Down Cheaters in Video Games

Riot: A Message About Vanguard From Our Security & Privacy Teams


Valorant Game Features

Most of what I build for Valorant was behind the scenes technical systems there are some more visible features that I want to highlight below.

Fog of War

Map targeted abilities

omen ultimate minimap

Minimap footstep audio circles

Valorant: Beginners guide – Gameplay mechanics you need to know

Player facing no-hud/cinematic mode



Early grenade physics (~2015 version)


Character select (the first version ~2015)

VALORANT Early Thoughts | Phantom Distillery

Security error messages / ban messages (UI and plumbing)

https://twitter.com/arkem/status/1193343334636326912

https://twitter.com/Ninja/status/1278388868534894599


Lots of behind the scenes stuff 

Anti-cheat and security systems, network encryption, performance optimization, UI tweaks, gameplay telemetry system, engine upgrades, middleware integrations, code analysis tools and lots more that I've already forgotten.


Tuesday, June 2, 2020

VALORANT released!

It's been many years in the making but VALORANT has been released!

More information here https://playvalorant.com or watch this animated trailer.




Tuesday, April 14, 2020

VALORANT is here!

The VALORANT closed beta is open in NA and EU and the response has been overwhelmingly positive!

However, the interest from cheaters has also been very high and we had to ban our first cheaters during the first week of the closed beta.


There's also been a lot of interest around the details of the Riot Vanguard anti-cheat system, especially the kernel component. I ended up talking on reddit about it a fair bit and even got some interest from the gaming press (I sent written statements to some outlets, don't know if they'll run the articles though Edit: Ars TechnicaKotaku and Polygon).

I also wrote a big article about the VALORANT Fog of War system that I'm really proud of. It has some gameplay clips and some illustrations I made as well as a good overview of the road we took to shipping that system.


It's been a really busy first week but it's all looking really promising!

Wednesday, November 13, 2019

What have I really been doing these last few years?

In addition to everything mentioned in the last post, I've been busy making a character based tactical shooter code-named "Project A". I'm the lead for anti-cheat and security but I've also put a lot of effort into many other parts of the game.

Here's me getting banned by my own anti-cheat system.
Chances are the next few blog posts here will be about my work on Project A as the game gets closer to launch, there's not much I can share right now but more details are coming in 2020.

If you're interested in more information about Project A, here's our first announce video: Project A: Riot’s Tactical FPS Announcement

Friday, November 23, 2018

What have I been doing these last few years?

I've been relatively quiet on this blog since I started working at Riot Games in 2013 in part because my day job has been more on the game development side than the security side so there haven't been a lot of security topics worth writing about. I thought since it has been five years now I'd do a round up now that I have a few years of bits and pieces that have some security crossover!

When I started at Riot I worked on the infosec team on a variety of things (primarily incident response and bug bounty) here's some of the cool work that team did:

Running a Bug Bounty Program - Blog post about Riot's approach to bug bounties
The Evolution of Security at Riot - Overview of Riot's infosec program
Cloud Inquisitor  - Security monitoring and policy enforcement tool for AWS (open source)

After I left Riot infosec I moved onto League of Legends where I worked on cheat detection and prevention systems as well as some networking and metrics collection changes. I wrote code that was deployed to hundreds of millions of computers and eventually led to some of things described in these articles:

Removing Cheaters From LoL - Player facing overview of Riot's anti-cheat activities
Riot's Approach to Anti-cheat - A good overview of Riot's anti-cheat strategies and tech
Riot Games wins $10 million in LeagueSharp suit - A tech and legal battle I influenced
Riot’s anti-cheat team just took down a huge scripting provider - Another battle for the team

Eventually I left League of Legends and its anti-cheat team behind. I entrusted it to the extra-ordinarily talented Nemi and Michael who by day build great anti-cheat systems and by night run the blog https://www.triplefault.io/.

In particular check out these great posts from them:
Spurious #DB exceptions with the "MOV SS" and "POP SS" instructions (CVE-2018-8897)
Enumerating process, thread, and image load notification callback routines in Windows
Detecting debuggers by abusing a bad assumption within Windows

So if I haven't been working on League of Legends what have I been doing? I've been exploring game development (and a helping of security/anti-cheat work) for on a new game at Riot, it's a project that I'm super excited about but one that's not ready for the limelight. There's a good chance my next blog post here will be pointing you all at the project so stay tuned!