I was hired as a Software Engineering intern as part of the College Football team for Electronic Arts this summer. The internship period ran from the 23rd of May until the 12th of August. I was lucky enough to be granted an extension until the 9th of September to finish my work on the project.
The way the intern experience at EA works is each intern is assigned a project to work on for the duration of their internship. The project I worked on during my internship was Linking PreAuth Splunk Logs. The project is a method to safeguard the use of personally identifiable information, also referred to as PII. It uses telemetry, which is a collection of user data, and encryption to hash a user’s gamertag or persona. This was the perfect project for me, as it combined my majors into one project. I was assigned as a software engineer, but the project itself was cybersecurity based.
Once the project is complete, the client will take the gamertag/persona of any user and hash it using a specific one-way hash. The tool is created to form a hash value of the gamertag/persona. Telemetry data is pulled from a given time, and an authCode/token for the hashed value is given. Then in Splunk, this authCode or token provides access to user-specific logs.
The main reason behind this project and why it is important is that before it, there was no way of linking the first-party user to a specific set of Splunk logs. This tech allows each user to have their data in logs specific to each gamertag or persona.
This is useful when users complain on social media and WWCE that they cannot authenticate with Blaze servers and play the game online. When this happens, MCC notifies the game team, and a group of 10-30 people get together for 8-12 hours to find the reason behind the issue. Most of this time is spent hunting through the massive amounts of Splunk logs, looking for the right one for the problem.
With this program, when a user alerts us about an issue, we have a way to link the log to the user in minutes, saving people time and EA thousands to tens of thousands of dollars per incident.
Another reason behind this project is that it is a more secure way to store user data. The encryption method we use is so secure that it is GDPR compliant. To be GDPR compliant, the encryption technique must meet the requirements for adequately handling personal data as defined in the law.
The program’s security allows only the required individuals to decrypt the data once a user’s information has been encrypted. The hashing would be one way, so there is no need to worry about keys to decrypt the data. Without keys, the data is more secure because there is nothing to be leaked for anyone else to gain the ability to decrypt user info from the logs. Using the hash, even we at EA would not be able to determine the identity of a user using only the hash.
Overall, I learned so much during the internship. Outside of my work with my specific project, I got to work on both my oral and written communication skills in the intern fair. The intern fair is the biggest event, company-wide, of the internship held at the end of the summer. The purpose of the intern fair is to share what each of us did during our internship via a presentation over zoom.
Specific to my work, I gained knowledge in different technologies used in the field that will help to benefit me overall. With just the first-year curriculum under my belt, there was a lot that I did not know right away. Most of it was more advanced C++ than what is taught during the first year, but there was also Splunk and Wireshark are not formally taught, but I learned during my time in the Cyber club.
I also strengthened my critical thinking and problem-solving skills through coding and
debugging all summer. The most important skill a programmer can have is the ability to problem solve when there is something they do not understand. This was very important to me this summer because a lot did not go as planned. First, I could not get into my virtual machine, and once I was able to, I could not build and run the game or bots. Many of my issues were solved by clearing my depot and starting over, but the rest were from reaching out to others and problem-solving together about what could be done to fix my issues.