Exploit Prevention Update

Aww yep. That “Latte” guy is a genuis troller.

1. Admin powers, admin powers, and again, admin powers are required to play games with kernel
2. Nah

Next up on the security to-do list - ADD SERVER AUTHORITATIVE REPLICATION! Giving devs the option between classic and server authoritative replication will not only make basic movement exploits a thing of the past, but vastly improve the client-to-server relationship. I do not like the “trust the client” approach to player replication, but I understand that it is essential to how many games function, older ones especially. Giving competitive games the option for server authoritative player replication opens up so many possibilities for the future of Roblox, not only in the realm of exploit prevention.

So you basically mean go the Minecraft way if you know what i mean?

This is something that needs to be implemented by individual developers instead. You can’t just have a drag and drop approach and expect it to work on all games, because it doesn’t. You start adding in dashing abilities, sliding, teleporting, etc, and the whole system falls apart. It’s not possible for Roblox to add this as a blanket feature. Only the developer knows how fast the player can realistically move in their game. It’s extremely specific.

As I had mentioned in my post, my solution wasn’t “drag and drop”, it was merely to give developers the option to use server authoritative replication, not to force this bizarre new way of networking on existing games. The biggest difference in the case of movement abilities would be that the client wouldn’t have the authority to influence any of the factors that play into moving the character, rather it’s the clients job to interpret the current and potential future state of the game, sending inputs and state information to the server , and placing the character accordingly. On the other side it would be the server’s job to actually move and replicate the character states. We can already do this to some extent as seen with Chickynoid, server authoritative character replacement, but at the end of the day it’s very limited and will never compare to an official implementation.

It’s been a while since this update, and exploiters are returning to Roblox. @Bitdancer are there any plans to start cracking down on them again? Recently it seems as if the anti-cheat has been failing. Any updates on what’s going on, what we can expect? Thanks

There are certainly plans. We are just much more tight-lipped about them to avoid spoiling the surprise

Most menacing thing i’ve heard a staff member say so far.

…i’m excited

you predicted what the sigma man

btw, this update was beautiful!!! (saying this so i dont get deleted)

oh my god don’t go the minecraft way of lazily doing it

[WARN 12:00:00]: Player moved too quickly 0,0,0
[WARN 12:00:00]: Player moved too quickly 0,0,0
[WARN 12:00:00]: Player moved too quickly 0,0,0
[WARN 12:00:00]: Player moved too quickly 0,0,0
[WARN 12:00:00]: Player moved too quickly 0,0,0
[WARN 12:00:00]: Player moved too quickly 0,0,0
[WARN 12:00:00]: Player moved too quickly 0,0,0

To me it seems like there is not even an anti-cheat at all. Ever since you guys partnered up with Synapse X I haven’t been able to tell there is any anti-cheat since exploiters can fling, teleport and all kinds of other super basic exploits without getting banned at all.

I really hope the new anti-cheat will be an actual anti-cheat and ban correctly, since Roblox for some reason is really bad at moderation I don’t want to be scared to get banned for doing nothing wrong. (Just like catalog items get removed for no reason sometimes)

Because the ‘anti-tamper’ was designed around a detection-first idea that completely failed now that they’re not even allowed to ban people anymore. The mindset seemed to be “well if we can’t prevent them, at least detect them!” and it totally fell flat thanks to Roblox now having a “no bans for exploiters” policy. I wish I was making this up but I’m not. It’s only going to get worse.

@Bitdancer You guys got a database with logs of user that exploited, can’t you just ban all of them, or is it already that big that it would impact roblox in a bad way ?

At this point, it is clear that one ban policy for all is not an ideal solution. We are working on a more nuanced approach.

@Bitdancer Yeah, one ban policy isn’t an ideal solution, but it is still a solution. Byfron failed again, and exploiters use now use spoofers and other tools to bypass detection and bans. From what I’ve heard, you guys got a database of users that exploited. There needs to be something done against it; when joining any game, you will see people that exploit. I reported exploiters who even use the Roblox chat for exploits, and they never got banned or warned. This is a problem; I don’t see any reason why Roblox doesn’t take these domains and servers down by the legal way. There are Discord servers with over 100k members for Roblox exploits; sending non-legal / legal [subpoena] emails to Discord / ICANN or domain registrars should often solve this, but they’re still up. There needs to be something done.

Wait are you serious? There is a “don’t ban exploiters” policy?? Then what was the entire point of having the Synapse X developers work with Roblox? Couldn’t they just bypass the garbage anti-cheat and continue earning money? Lol

Roblox detects them, if someone reports them they will be banned else it will happen in a ban wave. As bitdancer said above :

About the Bitdancer Part (Creator of Synapse X), as you see he is here. I don’t know if Roblox Paid them, sued them or other but it doesn’t matter. It is not allowed to exploit, anything can be bypassed but also detected. There will be always exploits and they will be always detected.

@Bitdancer Any updated ?

none of these exploits are close to bypassing hyperion