While I appreciate that you may not want your code to be revealed to the wider public, as I stated previously unfortunately closed source code on Roblox is doing more harm than good, so while this will cause harm by removing it, it’s counteracting massive harm being done through misuse of closed source code for malicious purposes which is going on at the moment.
I asked for a way to opt in previously. I’m not saying private modules should be left as they currently are.
I feel as if you two believe I want private modules to stay exactly as they are.
No, I do not. I do feel like something should be done to prevent all the problems they are causing.
Do I believe straight up removing the feature without another way to release closed source code is a problem? Yes.
Unfortunately it will take time for a solution to be made, and we’re at the point where nearly every top free model is actually a malicious backdoor using a private module as its attack vector. So for now, it makes sense for Roblox to drop closed source code entirely. Sometimes released systems have problems that nobody foresees and so it is proper to go back and look again at whether this system should exist in the first place, in fact, its better to remove private modules earlier, rather than later when more and more people depend on them for their workflows.
As long as they provide some type of replacement, whether it is sandboxing, or restricting what they can access, I am happy. As a genuine user, I would not be affected, because I have no need to write malicious code that would be sandboxed and removed.
That’s going to take time, I expect Roblox will look again at whether closed source / protected code is healthy for the platform, and then decide where to go from there.
Some people make Robux by selling clothing, creating games, trading, etc. and some made Robux by selling their services. I hope this can continue correctly.
Have you looked at changing your system to have a module that acts as an RPC stub and then moving the confidential / secret logic components of your code to a remote server?
I know absolutely nothing about web development or web servers, so I’m afraid I can’t do that.
I really don’t lose or gain anything because I don’t use closed source modules but I agree that removing them does not solve the issue. Much like virus’s that spread with regular scripts, most starting developers don’t know in depth coding knowledge, hence why they get a program to do what many of us would just program ourselves. The added fact that the model’s comment section is so full of spam that a person trying to warn others gets drowned out hurts this solution even more.
I am sure Roblox has a lot of bright minds on this. Just think it over Roblox, I am sure you can come up with an amazing alternative.
You do not need to publicly post a private message and ask for opinions on it. On top of this please keep discussion related to this topic on this thread, there is no need to message staff about your stance on something when there is a thread made specifically for the topic.
If you want to share your opinion on the removal of support for private modules you should do it here. If someone wishes to express support or to disagree with what you said, they will address that here and you can respond to it too.
Why does everyone supporting private modules seem to think that just shoving the risk on the end user is ok? Roblox is a platform that is very strong about being a safe place for people to create and play games, it would be a complete dereliction of duty for Roblox to just say “its your problem, you accept all risk, have fun” especially when I have seen private modules being used to literally generate pornography on Gui’s in game.
Private Modules are not the root cause but they are overwhelmingly the attack vector, removing them is a good idea. Terabyte Services could have rewritten their code to use HTTPService and chose not to (as I discussed with them on Discord).
“ROBLOX will not be held liable if you get hacked.” What does this even mean? Private modules (and scripts) can run malicious code, but hacking? I don’t think so.
And that is exactly what im doing. I messaged that to a staff member because we were both previously already having a conversation together in DMs about the topic. (That discussion is not included in the picture, only my idea is).
Personally I would want to take security over a specific business model.
Our case is rare and is something that I’ve accepted. We made the immediate decision to migrate to obfuscated code.
My only concern is the protection of my employer’s IP. From a personal view, I want to offer a product to the Roblox community and not want the product be misused. Its why we have our own licence, EULA, privacy policy and terms. (Along with a security bounty and the ability to report people misusing the IP)
Originally I was very anti removal but the actions of some have shown detriment to the cause. Terabyte adding that partition was unacceptable, while the idea had some grounds the fact that it was completly bias and has no grounds to research. What if the results was manipulated?
I see your point, and like I said in my picture above, I understand they are removing this feature in the interest of safety. There are tons if malicious private modules on the site and this would eliminate them. But, would the amount of malicious codes deleted outweigh the amount of good code and good services deleted? Would more bad code be deleted then good code, or more good code be deleted? I guess it is up to interpretation.
Without context it simply looked like instead of posting your opinion here you instead sent a paragraph to him in an attempt to get your point across. (Which might I say has been reiterated quite alot in this thread now).
Yes I can see that. But just for everyone’s information, I did have a conversation with the staff prior to this.
When I wrote my position on this more thoroughly I found that models with private module backdoors had accumulated at least 27 million takes, I’d say this massively overwhelms the people who use them for legitimate purposes at the moment (which while noble, is also, arguably, not many people)
My arguments have literally been for their removal …