I understand this has been stated multiple times, but it is true this will continue to impact the userbase which were affected by closed sourced modules anyways. The biggest reason I see this change occuring? Profitable/popular devs were impacted.
Through the months before and after this announcement, I’ve seen quite a few top developers complain on how they’ve been impacted by some malicious code, which eventually lead to this antivirus plugin and this announcement regarding Backpacks.
Now very few if many knew they were impacted until the discovery of how Plugins were injecting Scripts into hidden services which couldn’t even be accessed by the highest security context we have available (due to the change, I don’t know what this is anymore, but used to be 6). However, it doesn’t change the fact that top devs were impacted. Please correct me if I’m appearing bias, I’m doing my best to be as unbias as possible here, but this change seems to be in regards to higher level devs being impacted more significantly than before. This is unfortunate as us small communities are now also impacted by the small percentage of top devs who caused the greatest amount of damage (as in the value of having their popular games with a backdoor). Even more unfortunately, top devs don’t tend to allow these things to enter their games, thus why this change is being raved as “it’s for the better than worse” in my opinion. This solves a problem for the top percentage who had experience and knows what their doing, but not for the vast majority who are still inexperienced or are not aware that such a exploit exists (those who are not aware of the devforums/haven’t had anyone to inform them), they will continue to be slammed with bots and obfuscation until they fall victim. While I do agree obfuscation is more auditable, not everyone knows how to or will even expect they need to audit this code, especially since the purpose of free models is to be a catalog to utilize assets from other devs in areas you have not be as experienced in/use an already established product rather than wasting time creating your own.
Its especially sad as ROBLOX is growing, so is the interest to develop competitive services on the platform, whether open or closed source. Say all you want about open sourced being better, I don’t completely disagree. But where I come from, we allow you to protect your IP through closed sourced methods. I bet a lot if not most of you are using Windows/MacOS of some form or fashion to use ROBLOX. Why? Because these closed source products have for profit companies which have resources to support them, unlike the open Sourced Linux alternatives which have been available for just as long as these closed sourced products. So we need to stop the bias of “open sourced is better” cause no, it’s not. You can make a model to profit off of it, but it’s not the only nor most effective way. Even though companies are embracing open sourced, a lot still haven’t opened up their core products.
Long rant short: the impact apon top devs caused this, vast majority will still be impacted. Closed source is not the problem, nor is open source the solution. A step in the right direction would be proper sandboxing and tools to validate what code accesses vs seeing the source of the code.