Response to code safety review discussion

but why would code be flagged roblox has released no actual guidelines of what code gets flagged and the guidelines about where code won’t get flagged are still very vague.

Also you only have to go on twitter to find grow a huge distrust for any roblox flagging and moderation team.

As @devSparkle said, I’m happy to trust this moderation team, but I want sufficient proof to verify this trust.

8 Likes

This explanation is better.

I still have a bit of doubt in the filtering system, but I guess that’s made up by the fact that manual review is going to be used after the filter is tripped.

Thank you for more details on how the system works though.

3 Likes

I’m assuming unless you know you’re intentionally trying to put bigoted / NSFW / certain political / unfiltered content into games, you’re probably going to be just fine and this system will never bother you at all.

Just do what you always do. It’s not meant to trip up normal development practice, it literally says this in the announcement.

10 Likes

And from what I understood, no higher trust than the one of owning an account at Roblox is required, such as your account details.

1 Like

We need clarification now about API keys. I do not want ANYONE looking at my secret keys. I wouldn’t trust CEO Baszucki with my API keys, let alone a “small special-trained team.” There needs to be a new system. I don’t care what it is.

If there is even a chance of anyone reading my API keys, I will switch to Godot in a second. You don’t seem aware that there are other platforms like ROBLOX. If you keep kicking the developers around, we will switch.

There are many other factors that need to be addressed and answered.

EDIT: Couldn’t there be a possibility of a rogue admin who would sell our keys for a lot of money? The chance of this happening is small, but still, if it did happen, what would happen to the developer, the admin, and ROBLOX itself?

13 Likes

RE: API keys

They shouldn’t even be stored in developer code to begin with. Application code should not contain application secrets in a professional environment. This is bad practice.

You can store application secrets in datastore keys or you can make a feature request for a service for managing secrets (i.e. being able to set environment variables / application secrets on a per-place level), then you can entirely get rid of that bad practice from your code base.

i.e. SecretService - A service for securely storing application secrets

15 Likes

You see, this doesn’t answer my question at all. It doesn’t matter if it is ‘bad practice,’ it’s still not okay. Beginner programmers don’t know about ‘bad practice.’ What happens if they put an API key in their code? An admin can still see it, regardless of ‘bad practice.’ I am disgusted at this update, especially since it’s been going on for months, and we were just told about this.

I’ve had enough of staff kicking devs around.

4 Likes

This wouldn’t be a problem if there was a proper mechanism for doing it.

3 Likes

To be fair, what “beginner” is going to be storing API keys in their code?

8 Likes

Also, I’d just love to know what kind of apparently massively valuable API keys y’all are apparently storing. analyitics keys? are you really afraid of them getting leaked and people spamming it with false information?

3 Likes

@RealJayDev I don’t know, but if it were to happen, and a rogue admin saw it…

I don’t like the idea of admins reading my code at all. ROBLOX needs to focus on better moderation, like fixing the chat filter system so it doesn’t tag the word, “I” or “we” sometimes (seriously?). ROBLOX needs to focus on fixing the report system as well.

If the code shows something bad in-game, the game can be reported (that is, if the reporting system is fixed), and the game can and should be put under review.

If the game isn’t reported, please stay out.

7 Likes

There is always a way for a layman to mess things up spectacularly. That doesn’t mean the consequences for a layman are as dire compared to a top game’s API keys being seen. If you know better and the stakes are high, then you should follow best practice.

This topic isn’t about API key management though so I would reserve more in-depth discussion about who uses API keys in what way for the feature request topic.

2 Likes

Some developers host their own external programs on servers for various reasons. People getting hold of the keys and potentially abusing them or leaking them could lead to large incurred costs, player data leaks, deletion and other tampering, and so on. It’s totally justifiable to want to keep your keys secret.

7 Likes

I would like to deeply and formally apologise for holding confidential content and trade secrets within my projects.

I would also like to apologise for caring about being compliant with relevant data protecting law.

19 Likes

Cross server communication is made possible thanks to these keys.

If someone were to gain access to said keys, they can change any of that data, if I’m lucky, they’ll just wipe all player data. If I’m unlucky, they’ll make people’s names super NSFW words and while asleep in my cozy bed, I’ll wake up in the morning to my account being terminated.

External databases are what allow developers to make real-time interactions across all servers within a game. Even the Messaging Service isn’t quite as fast.

Data insecurity is never okay.

The most you can do is try to have backups and then catch the person making these changes before further damage can be done.

9 Likes

I wouldn’t call it paranoia, developers are just protective of the intellectual property that they’ve spent thousands of hours working on.

The second announcement clarified that the system is less aggressive than some initially thought, but there still isn’t much we know about it. Of course we can’t know exactly how it works (otherwise it would be too easy to circumvent), but here are a few things that could still be clarified:

  • Is it possible for old places to be flagged?
  • Will we be notified if our code is reviewed?
  • Does the moderator team have access to the entire place file, or just the flagged script’s source?
  • Are the moderators restricted by non-compete agreement?

Edit: I personally think the change is necessary.

23 Likes

In cases like these where you’d use an external database, I can completely understand. But, in all honesty, likely the vast majority of the people complaining about this only have things like analytics keys, discord webhooks (although I’m still massively unsure why people use Discord of all things to log stuff, both sides get pretty angry about it) and Trello to worry about getting “leaked”.

tl;dr for the vast majority of developers, this seems like a huge overreaction. perhaps I am wrong though, I’ve never personally needed to use external sources in any projects I’ve wroked on.

1 Like

So, like, does this mean private modules can come back? :thinking:
If the goal is to get rid of harmful content, and ignore legitimate stuff that isn’t going to be seen by anyone (private modules) then I really see no reason to bring them back. These were the reasons they were removed in the first place. People even literally suggested Roblox review private modules instead of removing the feature altogether. No, they removed them. But, here we are now, Roblox reviewing our scripts…

5 Likes

Our code is not open sourced becuase it’s not meant to be opened. At this point, your just turning our closed sourced projects to an open sourced mess. And big or small teams makes no difference. I still don’t trust it. And what stops them from a false alarm? Thank you for answering our questions, but you did not answer our concerns.

Edit 1: So basically when you have a possible threat, you send a SPY TEAM to overlook our creations. Our code is ART, not a toy. We shouldn’t have to be forced to have a violation of our privacy, that in the end of all this will probably end up being another way to capitalize on.

13 Likes

Exactly. At minimum, we should know who is viewing our code when it’s being looked at.
How were these people trained? How long were they trained? Who are they?

In another point, I want to address that Roblox still does not explain why our code needs to be checked. It makes no sense that closed-source code would be “threatning”.

They continue to be vague, as almost as if they don’t really know what the answers to our questions are. I feel like this is just pseudo-security, at best.

I warn Roblox that they can potentially get sued for having a false sense of security. This is no joke, and it happens all the time in the real world. Roblox must ensure what they are doing is legit, and why what they are doing is keeping everybody safer. You cannot simply say something makes the platform safer, and therefore it is.

Additionally, being vague will make many developers upset (as seen here). We can see that you guys have no reasoning, because no responses by Roblox staff are given. This is a horrible business decision, and should be re-thought.

We still want to know what code you are checking, when you are checking, how it helps, and who specifically is checking it.

Ignoring us will not do you good. Listen to the developers, not yourselves.

16 Likes