Hi all,
I am getting the feeling what I would like to do, or the position I would ultimately want might not be something that would be practical or available? So hear me out please.
So I strongly believe we need to start designing systems to be performant and secure off the bat, now for security you also need the system to be reliable (chaos engineering needed here as well). I so often see that people will neglect those areas, and only once the application is up and running we sit with something that is slow, and ultimately to fix the performance issues, a redesign might be needed. Same for the security holes.
So my question is, what type of role would look at this? An architect with a focus on performance and security? Something like a CASE (Certified Application Security Engineer). Or would it be better to maybe go into SRE? Or do you become a specialist in something like application security. I am not looking to do pentests, but I would want those against my system.
I have some natural ability to always somehow ending up exposing the weak points of a system, or finding the flaws, naturally I end up fixing those, so I get blamed for just breaking everything. Performance optimization is fun for me, and designing solutions that are meant to perform well is challenging. Then making sure a system is secure while still being fast, is something I would really like to achieve.
So thoughts on where I should maybe focus? I have seen the diaries of architects and no thanks, they never get time for actual code, or do sit down and design systems.
I don't have any knowledge about that, but maybe you can try to find someone working in security (e.g. at Google, Valve, Epic...) and ask them ?
Hi. Former game hacker here. I reverse engineered and developed automation engines targeting MMORPG titles for years. Most of the friends I picked up during that time, of which many I worked with, moved on to application security positions or anti-cheat.
Hacking games is an extremely good way to learn how to analyze incredibly complex pieces of software. This doesn't mean you need to be the bad guy, though. That typically ends with a lawsuit, I advise against that.
FPS games are easy and typically all the same (barring engines from a few specific titles. Overwatch's engine, TANK, is extremely interesting). I wouldn't bother much here.
MMORPG titles are very fun to reverse engineer, though.
Game hacker -> professional non-incarcerated lightly-sued individual is a decent pipeline.
Edited by stonespirits
on