When our next game is released into the wild to be played by the masses, we hope you’ll all play it the way it was meant to be played. None of you would ever try to hack our code or cheat the system. Right? Wrong! Bungie knows all about the evildoers who will try to bend our rules to their advantage. Some of you might even pull it off. Fortunately, it won’t be easy, thanks to unsung heroes like this guy…
Who are you, and what do you do at Bungie?
My name is Mike Forrest and I’m a new Senior Engineer at Bungie, but I’m also known around here as “The New Security Guy.” I was hired to bring extra firepower to everything security-related, and that covers a lot of areas: game code, servers, design & code reviews, networking, cryptography, hack/cheat detection, beefing up the banhammer, and so on.
Nice to meet you. Tell us about yourself before you tell us about your work in terms that are vague-enough to deprive would-be hackers of clues about your secret weakness. When you’re not fortifying our new game universe, what might we find you doing?
Gaming, programming, and exploring the area with my two dogs.
Can those doggies sniff out a cheater as well as you can? Where did you develop such a sensitive nose to guide the hands that wield the dreaded Banhammer?
I’ve worked as an IT guy and software developer in a bunch of non-game-related industries. My most recent job was at a hedge fund writing financial trading systems. Part of my responsibilities there included security design and code reviews. Before that I worked for an online auction site writing code and doing anti-fraud work, and prior to that I worked for a software startup that builds authentication systems.
So you’ve gone from busting actual criminals to helping us root out video game villains? Did you always want to be a digital crime fighter?
I’ve always wanted to be a programmer. I started with Apple II Basic in probably around 2nd or 3rd grade and never looked back.
You couldn’t have learned everything from that Apple. Where else did you hone your skills as a coder for the forces of good?
When it comes to programming, I’m largely self-taught with some more formal education scattered around. I learned a lot at computer camp: including Pascal, C, and 6502 and 8086 assembly language. While in high school I took more advanced classes in data structures and algorithms, things no programmer can do without.
How did you first approach us about lending your counter-fraud skills to keep the world safe for honest gamers?
Like many, I emailed in my resume through the link on the web site. It’s hard to say what caught their eye, but the best advice that I got was to focus on what I’m passionate about doing and make sure that it came through in my resume.
Passion will get you started, but it doesn’t win the race. Are the rumors true about the marathon that is the Bungie interview loop? How did you go the distance?
It’s a long day, so staying focused and in the moment can be difficult. It’s not always easy to clear your mind of what happened earlier in the day. It’s also important to not get flustered when the solution to a problem doesn’t immediately pop into your head. I’ve conducted enough engineering interviews to know that the interviewer is often more interested in seeing how you work through the problem than they are whether or not you get to the solution correct. How you think is very often more important than what you know. But it’s easy to lose sight of that when you’re on the other end of it.
I like the way you think, and the fact that we’re having this little chat is evidence that Bungie did, too. What’s the best thing about your new role on our team?
The knowledge that I’m helping make life more difficult for cheaters and more enjoyable for honorable players.
You make writing code sound so glamorous and exciting, but what is one day really like inside our secure location?
I started the day before Bungie Day, so my first week was pretty interesting. But it turns out that getting knighted and playing games all afternoon isn’t your typical Tuesday.
You’re right. We usually save the knightings for Wednesday. Aside from being issued a wooden sword, what’s the one thing we do that makes you feel noble and mighty?
So far it’s the mountains of Bungie swag. And they pay me to work on games.
We pay you to defend games from malicious attacks. I still have nightmares about the Halo 2 weapon that launched trains instead of rockets. Have you made progress in locking those ne’er-do-wells out of our next game?
I’m still getting my feet wet so my contributions have been limited so far. My favorite work so far has been learning about the low level architecture of the Xbox 360 while optimizing various bits of encryption code. I’ve always enjoyed squeezing performance out of systems and working within the confines of a console game engine is a great excuse to exercise that muscle.
Pardon me while I extend your metaphor just a little farther. How do you exercise that muscle until it reaches super hero levels of strength?
I try to stay current with what’s going on in my field. “Security” encompasses such a broad variety of areas that being an expert in all of them is impossible. So I try to keep up with the latest developments and techniques so I at least know what to look out for and where to look for assistance if there’s something that could help or hurt us.
If hackers never stop adapting, than neither can we, eh? Imagine that an aspiring programmer is reading these words, and has become inspired to join your fight. What sage lessons of mentorship would you provide?
I’m new to the industry, but it seems to me that game companies are pulling in people with an ever widening variety of backgrounds. Games are transforming into online, multimedia, social experiences. There’s a need for a lot of different skills so don’t be discouraged if you don’t fit into one of the traditional game developer roles.
We’ve kept you from your crucial work for long enough. I can almost sense the hackers getting stronger while we jabber on like this. Before you go, give us some perspective on your priorities: Experience, Work Ethic, or Talent? Rank them in order of importance to your role.
Security is a mindset more than anything, and that mindset is built up with experience. If you’re in a security-related field and you’re not constantly learning, then You’re Doing It Wrong.
Sitting still is obviously an occupational hazard for Mike, so we will release him to his post. His story reveals that there are many in-roads to the industry that makes games, and not all of them are obvious. A pretty comprehensive roadmap is emerging in the form of the Breaking In
archive, if you’d like to explore all of the unseen highways that lead to our halls of justice.