Changes like these aren’t made by some arbitrary group of “admins” at ROBLOX. I am sure that the engineers evaluated the many effects that would be caused by this change and weighted multiple factors (ie; accessibility, security, ease of use, etc) into their decision.
While it may feel like you are being “ignored”, I am positive the teams over at ROBLOX don’t make changes to simply be evil.
As of February 3rd I can still require private modules from other creators.
The module I required is offsale and is from another creator.
They’re probably having seconds thoughts due to the impact it will have on many smaller developers.
It’s more likely that they didn’t want to flip a flag right before the weekend when no engineers are available to fix any unexpected issues that might arise.
655 post of the same arguments. Can we all agree to stop duplicating the same arguments over and over again? It is becoming harder and harder to understand what is even being said anymore when every other post is for or against it but using the same arguments from 300 post ago.
Also for those who keep arguing against their removal because of “ro-business”, a major security flaw outweighs you making profits. Earning robux and DevEx is a privledge not a right.
It’s not an argument, it is a fact https://en.help.roblox.com/hc/en-us/articles/115004647846-Roblox-Terms-of-Use. Roblox as a company should provide safety over financial benefit of their users. They as a company can remove this feature because of its blatant security concerns and arguing against it does nothing but create a 655+ post thread of the same argument.
Removing this feature does not harm anybody but the people out for money. Safety is a priority and removing this because it provides some robux income simply does not mean this feature should stay.
That’s not a fact, that’s an opinion, the other sentences around the marked part may be facts, but the conclusion you made from them, is an opinion
Also, money isn’t the only reason that we don’t want this feature to be removed, like a lot of people already said, open sourcing isn’t great for all usecases (not going to add to that as the previous 600+ replies contain a lot of information about that)
Any use case that isn’t profit is probably just for malicious purposes or stubbornness. If a model isn’t malicious and is free to use, why not make it properly free? It really just doesn’t make sense.
Any reason you would give wouldn’t be a repeat of someone else’s post because we haven’t seen any reasons besides needing it for profit. Feel free to start giving the reasons.
I think the removal of private modules aren’t really changing much. Backdoors will still be a thing. For example, I’m getting majorly attacked by a backdoor in my game no one can find. When this update rolls on out, they’ll most likely just make their module public and it wouldn’t change a single thing because I still couldn’t find their module. I think there’s probably better ways of doing this in my opinion.
But then again, the removal of private modules will be beneficial to some people affected by the backdoor infection issue I guess.
This reply is funny, you’re insulting developers who make private code for others to use without making money of it, just because you asume that everyone is a scammer and adds hidden backdoors
Not everyone wants their code to be visible, reasons
You can likely see a lot more reasons in the previous 600 posts
See above, and start reading replies, because it’s not that hard to find an answer to this question
Yes, that may indeed be true, but just like TBS ended their services (completely ripping a lot of groups) because of this change, a lot of people will be heavily impacted too
This is also a major flaw in most arguments on this thread. The “Backdoors will still exist” argument is nonsensical.
Private module = cannot view source code whatsoever. Can only check plugin code if it requires a module, most likely with an obstructed assetId
Public module = oh, I can check this modules source code and see it is malicious.
You seem to have forgotten that the majority of developers on Roblox are kids, obfuscation will stop most of them, not caring to look will also stop a lot of them, httpservice and VMs will even stop others, backdoors will always exist, that’s a valid argument
Your argument here has no basis for this first point
Where is this statistic?
This thread is 600+ post, most developers have seen this security threat by now or have experienced its affects.
There is a huge difference between being able to find a backdoor in your game, and not being to find or view its code at all.
Not everyone wants their code to be visible, reasons
- copying
- botting
- unpopular scripting style
- …
a. copying: solution: create contracts and sell code privately like a real business if you want to make profit.
b. botting: solution: ??? what does this even mean in this context?
c. unpopular scripting style: solution: ??? also what, module scripting style doesn’t matter as long as its documented on how to use it. This applies to private and public.
I didn’t insult anyone. Stay on topic.
Is there code on Roblox that is so special that people specifically need the code from a particular model?
I really don’t understand this one. This is just a sub point of copying to make it look like you have more reasons.
This is just stubbornness and not a reason to hold control over other people’s games.
That’s just not even a point whatsoever.
I’ve read every post in this thread.
All you did with this post was showed how there really is no reason to keep your code private unless you’re profiting off the code. The point in this change isn’t just to stop back doors. The idea of developers having to rely on code that can change at any point without the option to not update it is severely bad practice. Private modules just aren’t good.
since roblox is targetted towards kids and most of devs I’ve seen are kids too, it’s safe to asume that, however, if you can counter this with statistics, go ahead and do so (edit, I know this is a guess, so you can ignore this part, sorry)
why do you asume that even a small percentage of devs look at this one post…?
If it’s from an external server you also cannot view the code, but this is harder to set up for legitimate developers than scammers
the contracting is a bad argument, like stated before
botting, taking a free open sourced module, adding a virus, and spamming to to the front
your answer for c is a bit weird, so I’ll just say that some devs don’t want to get shouted at for unpopular scripting styles, see scripting helpers for some good examples (e.g. while wait() do, indenting, …)
This will be my last post here as this is getting annoying to reply to the same arguments over and over again
The truth is that all or atleast most arguments and counter arguments have already been said, I doubt anything can be added onto this, the conclusion will likely differ for people, but the facts and assumptions have already been said and explained, there is not reason for me to post here anymore
Agreed. All I hope is that the peeps at Roblox have listened to us carefully, and hopefully we don’t have a situation like this again.
I am responding to you Elttob but really not so don’t take this as you specifically, just everyone who has been commenting recently.
As it has been brought up before, this thread is well over 600 posts long and most of them are either 1. Rehashing the same point and 2. Trying to argue their opinion.
I would like to point out that this thread was merely meant as an informative post notifying developers of a major change coming to the platform and was not intended for argument of either side.
Roblox said they will have an alternative out eventually and I have full faith that they will, but it may take some time.
Rehashing points and trying to argue about which side is right will solve nothing at the moment. Engineers, DevRel, Roblox employees in general do read most, if not all, posts on major topics like this. While they may not respond, your opinions have been heard.
Honestly, I have seen so many people complaining that this will break a bunch of admins, and how evil the Roblox engineers are. First off, as said hundreds of times in this thread and others, the security risks far outweigh the advantages for developers. It is a real shame that the exploiting community in particular, abused this after FE was mandated, to try and install server sided backdoors, however backdoors did exist before hand. In fact, admins were a primary source for back doors. Hopefully this change will inspire people to make their own admins, considering many of the popular ones are quite old, and maybe even open source it, so others can build upon their ideas and make even better admin systems. I for one think it would be a great opportunity to try something new, as I have only made one admin since I started programming on Roblox, and I think it would be interesting to see what I could do now.
I cannot agree here. For an experienced developer, the security risks at present do not outweigh the advantages. An experienced developer would likely not use a random closed-source module.
The value of a closed source module to a developer is different from that of a less experienced platform user. The developer is more likely to use it to create a product.
With this update, the benefits of closed source modules are being taken away from developers, while the threats are still there - free model scripts can hide backdoors, and an inexperienced user will be no wiser. Regardless of if the inexperienced user can check for backdoors, it doesn’t mean they will.
However, if Admins want to continue with this action they should make imported modules an option, similar to loadstring, as a few of us stated above.
I can understand Roblox’s frustration; they’ve been playing Whack-A-Mole with exploiters for over a decade, but the hooligans always find another vulnerability. This update is still too much like air striking an entire city to catch one band of insurgents.
