I am referring to the later case, yes - text editors won’t care about you changing some “rbxmx” file, because you’re allowed to do so.
All models up till now doesn’t have that paid property or a tie to a specific asset ID.
I can create models and never upload them, but save them as files.
I can also create models which I both upload and save as files. Both are currently considered the same when you save it to a file.
As for the scanning, good luck scanning the roughly 891,100,000 assets uploaded so far. It’s probably not impossible, but it’s neither something I see happen this century.
Things to consider:
Free models aren’t just “Models”. They aren’t tied to a specific instance in-game, but rather a set of instances.
Content from free models can be distributed with Free Models, Plugins, Local Files, Uncopylocked Places, Team Create, source code can be shared in plaintext (if not, we’re at the topic of locked modules, and I’d yell “malicious code alert” all day long) etc.
Owned models can be downloaded locally from the https://www.roblox.com/asset/?id=assetid endpoint. It can be seen, changed and saved from within Studio, as discussed previously in this post.
As for earning some money / ruining other people’s work, a buzzword I hear going around is V3rmillion - I bet you people would try and abuse other people’s paid models if it was to become a thing.
As another note, after my larger post above, what we are talking about now is a really tiny minority of people who would not only go to the trouble of purchasing, and finding a way around the preventative measures, but then ALSO pay a substantial upload fee to re-sell it. If you argue that people might put it out for free, that could be true - however, I think it could be made fairly difficult to get rid of the “paid” tag from a model, in numerous ways - from not alowing the ungrouping of said model, or by making it a part property instead so that no matter how you reshuffle them they still have the paid flag. There are plenty of other ways to enforce this and I’m sure Roblox could figure out how to do so if they were going to run with the idea.
No, people can save the client side of a game with exploits, and upload it for themselves - that’s place stealing.
By client side of a game I mean buildings, guis, localscripts, and modulescripts.
I’m asking you why hasn’t roblox implemented what you’re suggesting if it’s possible?
The answer is: anything able to be seen can also be taken. You’re client is given the local script instructions (yes it may be encrypted, but there are decompilers for lua that work) Same goes with build, except it’s not even encrypted!
There was once a similar feature request to this (or it was a subdiscussion in some other topic about monetization) and a lot of people said there’s no automated way of stopping it.
A nice idea I offered was that you could report stolen assets (optionally: only if you owned the original one) and would get the earnt money from the thief. Sounds decent, but would get complex if the thief earnt money more than 3 days ago (pending sales) and spent that money. Rolling parts of the whole roblox economy back for small incidents like these seem a bit… excessive…
like several people here, I mostly just make assets, so this would be nice
This is automated and instant. Players would only need to report once, and the system could easily run a check to determine the similarity instantly and then take action against the copied model and owner of the copied model (based on update/upload date)
Eh, the issue is that I could upload a copy and then report the original. If you check for “Last Updated”, whenever I update my model, clones suddenly are older. If you check “Created”, I could just upload a copy of something to a (very) old model I have and act as if I made the original long ago.
Would need to check (the similarity between) different versions of the same model too. You’d have to calculate the oldest version by going backwards in the version history as long a similarity is >95% or so. Only problem is that with big updates (resulting in low similarity) my “version chain” would be “split”, which leads to other issues.
I like the system (with the version history part added), but it would only be able to automatically detect almost identical copies, while a lot of people might recolor models (eh, not exactly theft) or change some code in scripts (add 5 commands to the 200 already present and change all credits). Would be a good thing to have, though, even without monetization.
So yea, version history checking would kind of be the only solution.
To address your adding extra stuff thing, you can just check to see if part of one is in the other. I’m pretty sure there’s super efficient search algorithms for this that already exist
Bigger changes could be an issue, but there can still be the option to actually report to human moderators for checking.
At some point the kid is gonna make a mistake, he’s gonna forget to use a vpn, or forget to change stuff up - and at that point if someone reports, you know the person’s ip and therefore all of his associated accounts…
Firstly, I don’t really understand what you mean. Why would some arbitrary ‘please do not modify me’ to the client do anything? Exploiters can override anything they want easily, including readonly (which already exists, btw)
Secondly, yes - people would def. go to the trouble, and they already do. Not just this, but the fact that you believe people won’t go to the effort is a terrible security ideology.
Thirdly, that’s a horrible plan which was already discussed, tested, and failed. It would have so many false positives and it just wouldn’t be effective enough - all you have to do is change around a part’s position fractionally and you defeat any hash comparison algorithm, whilst a dynamic machine learning algorithm would be far too difficult to maintain to a proper standard. Generally, just no.
Not really - it’s not a solution, more another even larger issue that is created by this plan.
Likewise, read my reply to @DevUltra for my explanation to why adding a comparison algorithm is a terrible idea
Also, there is an option to report stolen content to human moderators - email info@roblox.com, however ROBLOX mods literally could not cope with the number of assets that would be submitted if a formal stolen asset report is added as an easy little button - even now it’s very challenging for them to prove it’s the same
And no, most professionals won’t forget something so painfully basic - at least not twice in a row, lol
tl;dr this idea won’t work on paper, and won’t work on practice
You make one mistake, JUST ONE!!! And roblox knows you did it, your ip, and your main account.
Also changing 1 part will not completely remove similarity, do ctrl f on your computer and search for a phrase. That phrase is the original model, while the stolen one is the document ur searching
Firstly, not really - IPs aren’t an exact science, and normally they change frequently. It’s very hard to make a case just based on the same IP briefly (what if you’re using a VPN? maybe hundreds of users share that IP making it silly to do this unless you’re certain)
And yeah, Text matching is very, very different to file matching lol - it just doesn’t work like that (especially in ROBLOX due to the metadata attached which changes frequently)
tbh you should honestly call this thread a lost cause - this idea has too many issues and not enough gains for it to be added
In a lot of countries, including mine, most (if not all) ISPs distribute dynamic IPs unless you pay for a static one. If I restart my router (which in my household happens at least daily, as we turn it off at night), I get a new IP. It’s the same story as why IP bans don’t (properly) work.
You honestly seem to have a very well thought out plan for this, I do think models for sale would fix issues like people wanting to sell builds but get scammed in the end because we don’t have an efficient way of doing so.
I agree with this 200%.
A bought page for bought models could work, ROBLOX could have it so if someone does attempt to leak a model when the player tries to save to ROBLOX the model will have a “bought” symbol beside it in studio and when un-grouped the parts of the model are also holding a symbol of the same kind in case someone tries to edit it in any shape way or form it will still have the symbol which the system then knows(Don’t allow to save to ROBLOX)ROBLOX already has an icon beside high quality items. why not implement another for bought models but for both in studio and outside like so.
ShareX and some other screenshotting tools have a built-in OCR feature, I would just screenshot the script and the text of the script would be copied to my clipboard.
Protecting source in that way would only work if the script does not appear on your screen. At which point, you introduce security issues because people would be running code in their game that they can’t review (unless they go for underhanded methods of viewing the source, which are still possible since the code is on your machine somewhere since it has to be run in test mode/etc).
You cannot protect script source unless you do not store it on the local machine at all and do not allow people to view the source code. (Both of these things would be harmful to development)
in that case just have it so they can’t view the script at all? If they bought it they bought it for that function and that function alone not to mess with it. You can also have an option on scripts so that the player is allowed to edit it, possibly an open source option.
Let’s say my script is a closed-source model, and you put my script in the game, I can stick whatever functionality I want next to the promised functionality.
When you test with the script, it seems to do exactly what it is described to do. You think it’s great, so you use it in a real game.
Once the script is uploaded to live servers though, my script starts to do something a little different. For example, it could dump your game to my web server, it could ban all of your players at any moment I tell it to, it could teleport all of your players to some other game if I wanted to.
You wouldn’t know what caused it and you couldn’t have known that would happen, since the script is closed source. That’s why it’s a bad thing.
Sadly it seems to be impossible to protect the source without it having some negative effects. The cons outweigh the pros with selling scripts I agree, but I don’t think this should destroy the possibility of selling models protecting the re sale of builds seems like a simple solution.
If you think about it most game developers would have hired a scripter to script for them anyways unless help is needed from outside of their development team that the scripter may not be able to figure out.
Other than that I don’t know at this point.
However, I still do think determining similarity is a viable possibility. The algorithm could be something like this:
Scale the model so the max extents is 10 (so resizing model won’t mess up the search)
Round positions and size to nearest tenth
Compare size and position of individual parts and look for correlation
If more than 50% of one of the model’s parts has a correlation of 0.5 or something, then one is a copy of the other and use version history and upload dates to determine
Edit: position and stuff is compared to the model’s center.
Also you need to check for rotations and reflections
I don’t think scripts should be protected at all, nor should builds. People should be able to use the models to learn and further themselves. However, if they are looking to harm the creator or take money, then action must be taken.
