I’d just like to make a meme.
People: local scripts for anti cheats are useless and can be bypassed easily.
this one dude: makes an anti inject local script which actually prevents exploiters
3 Likes
That is irrelevant. The fact is your assertion is wrong and it doesn’t matter how long something is established for. Luau team has made huge changes before to behavior for performance reasons.
@geometricalC2123 this doesn’t prevent anything more than any older methods of detection. They prop up, they get patched, the cycle repeats. When people criticize client anti cheat it’s for a good reason.
1 Like
Sure, one day an exploit is gonna patch it, but use this as a temp solution as it’s actually affective for now
1 Like
A lot of them already did after this, and a lot more did in the past before this post
If you are (quite understandably) paranoid about this false flagging players, simply make sure the namecall function can be retrieved properly and check the maximum call depth using pcall in a similar recursive function at the top of the script before using it in the second one. People have been using hacky CoreGui detection vectors for years now and if anything this is far more reliable.
Doesn’t make sense to use something as security then it gets breached in a matter of days or weeks.
People would place this in their game as some long-term or permanent alternative to combating exploits. They’d even use it now then months past when their game releases, this method would have been patched already and they’d have exploiters evading them.
Many companies like Google use AES which is a type of encryption method. If they expect that to be breached in a matter of months afterward then they wouldn’t use it.
You know you have no better argument when you have to compare an encryption algorithm such as AES to an exploit detection. You can claim client side checks are useless, yet all the top Roblox games often targeted by exploiters have implemented client-side anti cheats. In reality, most exploiters have no clue what they are running or how it works, and will be deterred by even the simplest checks.
Edit: you mention Google using AES, yet forget that their reCaptcha service uses obfuscation on client-facing javascript, performing the equivalent task as a client side anti cheat in our case.
LOL, did I compare it in any way?
Did you read what I said?
How did I compare an encryption method to an anti-exploit?
I literally said if Google used AES and it got breached in a matter of days or months afterward, and they KNEW it would be they wouldn’t use it.
The same argument goes for here
Doesn’t make sense to have something in your game PROTECTING IT if it’s gonna be breached in days or months.
The difference is encryption has to last forever or will become pointless in the future, while exploit detections only have to work until the player’s client closes and have no real consequences of failing to detect exploiters (at least over having no detection whatsoever).
Why are you comparing both of them then coming after me for it??
You still don’t get the point I’m saying:
Of course it does. Would you rather have banned everyone who exploited your game this week, or have them all still playing?
Yeah, but they have access to alts don’t they?
Access to VPNs, Virtual Machines, etc
So, what was the point of that statement?
Isn’t that the point of the exploit detection, it bans any account that injects.
My statement was this, am I right?
True, but it can still be used temporarily. Especially if the game is exploited regularly, they wouldn’t even see it coming when they join and immediately get banned after injecting.
Please refer to this reply I made on someone’s elses comment:
By this logic you are also saying server-side checks are pointless, and that kicks and bans in general are pointless. Roblox does not allow you to ban players by IP or HWID anyway so I don’t see why you would bring those up. Additionally if your game has saved items or stats, or costs Robux to play (such as Deepwoken which has a reputation for its strong anti cheat, and I believe also used the same detection I am giving out here) then bans become a much more effective punishment.
Edit: worth noting that Roblox itself has client side checks and preventions against exploit injections, which is one of the reasons it updates itself each week. If Roblox themselves use this strategy why shouldn’t you?
1 Like
The author does not intend for this to be a permanent solution. Most security solutions on Roblox are not permanent either, as Roblox updates and deprecates features.
This is a temporary but good tool to take offensive action against exploiters, it won’t remove them in the long run, but it will punish those in the present.
LOL, WHEN DID I SAY THAT.
Your logic is off the roof, I didn’t even have to read more of it.
I’m saying they can use other methods to exploit that same game.
Exactly, the author did not intend it to be permanent thus he intended it to be a temp solution like Roblox, do you really think their fixes lasts for long or is permanent? No. Ok, maybe rarely but it’s also good to make exploiters tired