It’s way easier to combat alternate accounts than the exploiter itself.
You sure about that? I am seeing many complaints.
Yes, I am sure about that. I expected another response from the community, but they have a point.
This system is just, not good. Flat out.
Alternative accounts are not the issue when it comes to exploiters, it’s the vulnerabilities in the game!!
Banning players because they might be an exploiter is just not a good idea, false positives are something that should be avoided at all costs.
If you must ban alt accounts, use a different system, I remember seeing an alt account detector that use CPU start up time and time zones to correlate accounts to each other, if I can find it ill put it on this post.
Edit: @FxllenCode already linked to a similar system (or maybe the one I was looking for)
Regardless it’s just better to have a good anti-cheat rather than blindly banning accounts that have the potential to be an exploiter (or you don’t want players to abuse systems with alternate accounts) with a high rate of false positives
5 Likes
Hello everyone. Due to the negative response from the community (which I haven’t expected), I’ve decided to publish an article on what we had in mind when we created Atherum (Google Blogger - safe link);
You shouldn’t be trying to track players across accounts to begin with since it’s against the ToU (That includes @krissynull’s demonstration of a privacy vulnerability).
You’ve misinterpreted what the true source of where what you referred to as “ToS-breakers” come from. Poor game design and code architecture are the real culprits and playing offensive is going to go nowhere. I know this sounds cliche, but you really are overengineering the problem here.
If you want to help people with securing their games, research about exploits and vulnerabilities not just specific to Roblox but across the web and compose a tutorial going over the basics. Learn how to mitigate spamming and trolling in your game design. Support feature requests that would improve developer control over networking.
5 Likes
Realistically, none of this information matters. Every check you’ve mentioned here can be automated through botting services and varies highly per user. If anything, it just sounds unfriendly to younger audiences, or people who perhaps don’t play Roblox as much as someone else - nothing really indicative of alternate accounts.
Account Age: Irrelevant - the user could be new, old, returning, lost account, etc. So many factors could affect this.
Friends: Irrelevant - the user could be new, old, returning, lost account, etc. So many factors could affect this.
Groups: Irrelevant - the user could be new, old, returning, lost account, etc. So many factors could affect this.
Are you seeing the pattern here? Your checks are setup on a ‘ready to fail’ basis. Atherum wants to be the defense, but really, it is going on the offense… wanting you to fail, you know? Doing such primitive checks tells us nothing about a user.
5 Likes
Perhaps you are right. Thanks for making it clear.
No worries, I hope it doesn’t come off as standoffish - it’s just that anything that relies on client information isn’t really telling of anything than what it is at face value. You’re right - trollers, exploiters, whatnot… they don’t spend their time collecting badges, joining groups, etc. But neither does your average player, really - I know I don’t. Sure, I will join groups for extra benefits, perhaps if the game offers them, but I don’t actively go out and join a bunch of them to seem less suspicious - and the only time I ever get badges nowadays is ‘You played!’ badges.
1 Like
Small suggestion, to make the system almost unbypassable, you could make a system that ALSO checks whether you are whitelisted in a discord server (the server itself uses anti-alt which can only be bypassed by spoofs and vpns). In the game you will then be verified with a discord account or already verified (there are various bots that can verify your account). The only thing that has to be done is the verification system on the game, I can’t do something like that myself because I’m VERY bad at discord in connection with roblox/luau.
I hope you get it, best regards
Thank you for the suggestion. We’ve thought about something like this too, but many Roblox players don’t have Discord due to the age limitations.
But thank you once again!
1 Like
Is it possible to make a report in the webhook, with checks that he [did not] pass
Example: a player was kicked
[email - not verified]
[id - not verified]
[friends - 2]
[groups 0]
[account age - 5 years]
This would make it easier to fix a sudden erroneous kick
Atherum has an API where you can see how many points he has, if they’re an alt, what checks they passed, what checks they failed, so you can integrate this yourself!
@InfiniteBlackPIX I want you to understand how things could work with your module and how they might not work. First of all, I would say that yes your module has customizability but it has a decent potential for false positives and false negatives. I think that this system can benefit developers in specific use cases but for many use cases, it is just better to have a good moderation and anti-cheat system.
1 Like
Thanks. I got the point that most people think Atherum is unreliable. I still stand with my point that it can detect some alternate accounts, but as you said yourself and as I mentioned, there are false positives/negatives.
2 Likes
This is against roblox’s ToS and a privacy violation. DO NOT USE THIS OR YOU MIGHT GET BANNED.
1 Like
Which rule is violated here? If roblox gives the possibility to get this information from other players then you can use it in your games on roblox I think?
It can detect alternative accounts in some use cases I 100 percent agree with you. I think that this module is not useful in every use case but it is useful in specific ones. I think that good moderation and good anti-cheat is the best way to prevent hackers. This module feels like a blanket solution for a bigger problem. In conclusion, I don’t know why people are completely ripping you apart for the module just because it doesn’t fit their use case. Furthermore, I’d like to point out that in the proper use case this module can be super effective and it’s well made so I dropped a like on it.
2 Likes
Thanks for some positive thoughts. 
I agree with you.
2 Likes
I like how some guy’s username in this forum is “SpamBot”, he knows he’s gonna get caught lol.
2 Likes