If this plugin is really a spyware then all websites are a spyware because your average website does this. end of discussion
2 Likes
Spyware is a type of malware, this is not malware.
Your device is not at risk. Nor is it sending this data to an entity which uses this to harm you. This is not spyware whatsoever.
yeah it is a bit dumb to save messages, but you canât call it spyware
ok thatâs correct, one of the only things I agree with you on. It is a bit creepy.
yeah they should remove that.
this is not possible as filtering doesnât work in studio, which is why the creator opted to moderating via 3rd party
2 Likes
This is not spyware at all⌠youâre saying that which is completely false just because you personally donât trust it, and I get why you donât trust it I prob wouldnât trust it either if I were in your shoes but youâre stating a lie, Iâve repeated this probably a dozen times and ill say it again⌠Text Filtering APIâs donât work in studio I cannot use âText and Chat Filteringâ that Roblox provides because they disable their APIâs in studio, If someone knows a way around Iâd love to know but to my knowledge itâs impossible and yeah youâre right about sensitive information being logged but I wouldnât recommend people sharing sensitive information on this, and even if they do I know you donât know me and cant take my word but none of that information is being âusedâ the logging is ONLY to read if people break rules i.e Discrimination, threats, swearing, etc⌠so I can ban them
1 Like
Look, itâs better safe than sorry. Just lock it to team create for now bc itâs better safe.
1 Like
Weâre working on an update right now which is practically a re-script of our servers and this will keep everything so much safer so we wouldnât need to obfuscate
Yeah, youâre right but hopefully in time people can come to trust that all weâre doing is checking if anyone is breaking rules and maybe we can even find a way to remove people reading conversationsâŚ
yes messages are âsavedâ but not to read afterward literally just so mods can read live as the messages are sent
also, there are no moderators right now itâs just me and the co-developer moderating, and itâs not like 24/7 moderation where we read every message
The plugin isnât even active right now I shut down the servers until the next update releases because people have been un-obfuscating the code and causing trouble which is going to be fixed in the next update
Why this and not Roblox studio team create chat, it serves the same purpose
2 Likes
This works cross-server with anyone you dont need to be in the same studio as someone and you dont need to know them
Really, you can just constant dump and get the key that way, or you can use a network monitor like fiddler or wpe pro and you can get access to the URL, and the keys relatively easily. Obfuscating offers nothing but a little triumph for anyone trying to reverse-engineer your script. If someone knows how to deobfuscate your script, they know how to constant dump, and they likely know how to use a web traffic monitor. Really, youâre only causing more of a hassle for yourself than for others.
Not sure if thereâs any other webhook but I saw a webhook to Discord but it seems to be a report feature (line 496 if you deobfuscated the code)
You donât even need to constant dump it, you can get the entire source code intact as if it were the original (including comments!), the âobfuscationâ they did was just turning the original code to a array of ascii codes and then when the plugin loads it parses the array and turns it back to the original code and uses loadstring to run it
1 Like
Hey wait, if heâs not filtering messages using robloxs filter isnt that against ToS? Cause the messages are displayed in the chat. Right?
Thatâs⌠not a good argument. A company shouldnât store data maliciously on anyone. But just because it already happens doesnât mean we need even more companies (or in this case, plugins) to do it too.
1 Like
Most likely, looking at the source code when the user sends a message it just sends it plain raw text, and when the user receives a message it also gets it from their servers, parses it and shows it to the user, no filtering done at all (code also doesnât reference TextService)
1 Like
Also I donât see why you donât want to lock it to team create. Because the tc chat already does this
Why do you specifically value this over other forms of contact for developers?
No itâs possible but only in TC, which is why the dev does not want it.
Point blank though is that this is basically spyware and itâs hard to be trusted by new users because of the use of message logs and the risk of anything personal being shown, even if the developers donât use it for those purposes, someone can hack into the system and use that information for malicious purposes.
Note that they didnât even say anything about a defense for people trying to hack into their system, hope they thought about that before publicly announcing the release of this plugging.
2 Likes
I believe this database only stores names and messages. What could the hackers use malicious for that?
I do agree it shouldnât be moderated by some person but th dude, he wants worse than safe, he dosent want to use the hacky method to filter messages because it would lock the plugin for only ts. Not sure why he dosent want safe than worse.
Names and messages, go scroll back up and look at C0l0râs example
1 Like