Clarification on code flagged for safety review

This does feel like a violation of privacy, even if Roblox is within its rights to do so. There is little to no basis for moderating source code.

And if this “specially-trained” group of moderators could mess up so badly (taking down a game for a secondary chat filter) one has to wonder how well-trained they are.

32 Likes

im so close to quitting roblox rn

21 Likes

I look forward to a response on this. :slightly_smiling_face::+1:

3 Likes

Can’t wait for the free model republishers from 1 to 4 years ago to get banned because the model had a backdoor and they didn’t even knew what is a backdoor or that they had one.

14 Likes

I agree with everything you said completely. I had just recently started to put together an external API for a game. Due to this announcement, I have stopped working on that until I have a more secure solution to store keys and endpoints. I and many other developers are not comfortable having some Joe Blow that Roblox hires view our source code for no reason. If this moderation system only applied to public plugins and open sourced assets I would be okay with it, however it doesn’t seem like that is the case, especially when Roblox hasn’t replied to any of the feedback this announcement has received.

This announcement is disheartening and worrisome at the least. I hope Roblox will listen to developers this time and come to a better solution.

13 Likes

While I recognize Roblox has no ill intentions with this policy, I think we need more clarification as to why it’s needed. As brought up above by other people, there are huge security issues associated with the existence of this feature.

Imagine if someone working at Roblox unrelated to the development of Roblox’s web backend or engine could snoop around and view all of the private database keys. There is some understandable discomfort associated with that.

I guess one thing people here haven’t considered up until this point is that Roblox has backend access to all our places/code and their contents, albeit under intense scrutiny, but its there nonetheless.

Like @crazyman32 suggested, I think there should be some sort of secret storage API so that Roblox’s snooping tools deliberately clear them out before allowing them to be analyzed by humans.

60 Likes

If it’s my code, in my private game, I should be able to write whatever I want in my code.

When it comes to places that are accessible by others, there are still issues as said before.

  • I shouldn’t have to be scared to define variables under names that may be flagged even though they have everything to do with my game and nothing to do with someone’s personal information.
  • What about the privacy of things like API keys?
  • How can developers be expected to just trust this “specially-trained team” when we know nothing about them, and have consistently seen issues with moderation on other content in the past?
11 Likes

Based on Section 13 of the Roblox Community Rules, “Offsite website links, services, and additional 3rd party content are not permitted on Roblox with the following exceptions: YouTube, Twitter, Twitch.”

If developer code is subject to these restrictions, then any game using an external analytics service or web server is technically in violation of the Community Rules. In other words, many of the top games on the platform can immediately have their proprietary code sent for review and have potentially sensitive API keys and other data leaked. Will this happen? Probably not. Nevertheless, the possibility of moderation abuse is very high and this policy, in general, is rather alarming.

16 Likes

I’m sorry, but no. I think this is probably about as invasive as you can get. If I’m writing server-sided code in a non-team-create game then I fully expect to be the only one reading said code.

The increasingly ridiculous moderation on this platform is giving me an intense desire to move on to other things. Maybe I’ll try my hand at Unity or the Unreal Engine.

38 Likes

Looks like I’ve gotta censor myself in my own closed-source code. :woozy_face:

12 Likes

I 100% agree with @Maximum_ADHD and @Crazyman32 both. and a bunch of others.
But when it comes to my code, I don’t want to have to worry about moderation while writing. I already have enough to worry about when it comes to making sure my code works with my other modules and whatnot. – not that big of a deal, but would be quite annoying.

My biggest concern (which from what I’ve read is a lot of others concerns too) is security; Clone mentioned Roblox has access to all of our data anyways, I imagine that is slimmed down to those with high power within Roblox Cooperation(At least, I’d like to think so).

But when @Roblox trusts their developers so little that they have to add something like an automatic code checking system that could lead to flagging and causing a team within Roblox to check out our entire code system. To make sure we aren’t using discriminatory language or personally-identifiable info? Seriously? It’s not like I’m going to post my code on youtube and be like “Look what Roblox allows me to type in their studio!”

Hell, this may not even have to do with trust; Don’t get me wrong. Take safety precautions, and especially with all of the super shady developers which Roblox does have.

Possibly, if it’s really that much of a concern, may I recommend emailing the said developer and requesting access to their code or something of that sort. I don’t feel it’s right for something like this to be a thing honestly. I am the only one that ever sees my code (Outside of maybe teamcreate). In my opinion this should not be an issue. But obviously it is.

Don’t get me wrong, I don’t write anything discriminatory towards anyone or anything; but still, the Roblox chat filters things such as Butt… so, If I write the word Butt in my code will it be flagged?
but I have big plans for games here on Roblox, and If I get a banned or even a warning because I use something like

local Birthday = {Day = “5”, Month = “September”, Year = “1998”}

I honestly may take my programming elsewhere. I love Roblox, I have since I was 10 years old. Been here 11 years now. Roblox is the biggest impact I have had on my life and I’d hate to leave over something like this. It would be on me, right; But I don’t want to feel worried that I may get banned about something as little as things (again) within my code that only I can see.

I’ve said what I said. Agree, disagree; Whatever. I feel this is wrong.

Edit:
Just think about it; What if someone within the “specially-trained team” decides to take advantage of this situation, make a fake account, take said code and upload it to a game to profit off of. This is easily a possibility. Plus not only that, Our code could easily be sold or posted which again is a HUGE security risk. What happens if our code is out? It would be MUCH easier for those who write exploits to actually make exploits for said game. As they stated…

What if one of their mistakes were hiring a rat?

20 Likes

Is this real? Who at Roblox thought it was a good idea to moderate code that only the developers themselves should be reading, and potentially exploiters. Aside from the obvious security threat, this is a privacy threat. I do not want someone who is likely just an off-site moderator being paid close to minimum wage being able to read my code, and see any private API keys, etc.

If you want to moderate a game, how about you try joining the game to see if there is explicit content.

Roblox should not be playing the role of the thought police.

Edit:
Automated flagging? Are you kidding? So if I curse in my private code in one of the comments, that gives some random moderator permission to come read everything. This is a joke.

20 Likes

You should not be making your own filter in the first place. Roblox has API’s for this so you don’t need to.

3 Likes

I disagree. The roblox filter is known for being bypassed constantly by the most stupid word combinations. Remember a few months ago when you could say the n-word within the chat by saying “jew” before it?

4 Likes

inb4 this is going to be like youtube’s moderation system where you can upload gore but you can’t swear

Considering that the current moderation system can’t catch Synapse Xen obfuscation for months at a time, that’s probably what’s going to happen. We can debate privacy all we want, but it’s clear that this moderation system won’t work at all.

Will I be flagged for writing something like this?

local t = {}
t.__index = t
t.__metatable = "sal didn't use getrawmetatable making him tonight's biggest loser"

Probably. Will I be flagged for Synapse Xen obfuscation, though? Not until someone reports it, as clearly shown by the hundreds of backdoors currently in the Roblox library. Even after hundreds of revisions, you can’t make a perfect system, and “quickly” is never quick enough when your game is well-known.

I would consider moving to Unity or Unreal if it weren’t for the fact that Roblox is much easier to advertise on.

11 Likes

I intensely disagree with this code-review system, but the original post did say this:

5 Likes

There is a problem though, it is now 100% required to use the filtering api on all types of communication and player-generated strings. Would moderators take action against the creator for code that, at the time of it’s creation, followed all rules? (Which is something that already happens with images and sounds.)

3 Likes

This was always a requirement far before this system was implemented and I can find and send you posts proving this if you don’t believe me.

Yup, you get banned for things that were previously allowed. I have a massive post ranting about this.

2 Likes

You mean having some kind of filtering system, not using roblox’s api, right? Since (at least as far as I’m aware) it wasn’t implemented until sometime in 2016, correct me if I’m wrong.

2016 is far before this system was implemented. This code-review has only existed for a few months. The word “always” in my statement may be the confusing part, but my focus was more on the “before this system was implemented.”

Edit: I mistakenly read your “it is now 100% required” as referring to this review forcing you to do this.

1 Like