Response to code safety review discussion

Why not protect against malicious code, like backdoors scripts, namely getfenv? People would much appreciate that more than not being able to say something like “John Smith” in their code.

This really isn’t relevant to the context. If you find a backdoor, you should use the “Report Abuse” feature on it, and it will be forwarded to Roblox moderation.

This is much better, although I’m still worried about other people I don’t know looking at my code. Other than that, this update is pretty reasonable.

I also have a question, lets say I invited ‘Bob’ to team create, and he put in malicious code, that leaks someones personal info. He could just easily get us both banned, and/or frame me for it, and I’ll be terminated. So are y’all also be able to see who typed the code? (I apologize if this question is already answered, I didn’t look through the whole post)

I want to address somethings:
#1. I hate people trying to look at our code
#2. The safeguards are only if (for example) a scammer tries to do a password giver for a scam game, viruses, and other things.
#3. People who are trained may sometimes get that code to put it in their game. I don’t feel like these “Trained people” may be reliable at all times.

Sadly this doesnt work all the time. I’ve tried loads of times to get a malicious copy of my plugin taken down. They asked me to make a video explaining why the code of that copy was malicious. So i did, i showed and explained what the malicious code they added into my plugin did, yet the answer i got was “Our team of engineers will look into it” ; that was 3 months ago and that malicious copy is still available for everyone to download. And you could clearly see that this was the typical easy plugin dupe with a malicious chain of requires.

Doesn’t work all the time? I feel like it practically doesn’t work at all unless you get attention to the post.

41 days ago, reported a few modules.

I recall clicking ‘report abuse’ nearly 4 times on these modules.
Yet no action.

112 days ago, reported a module that was used to load an server sided exploit tool. Even went through the process of explaining and searching whoever had access to this exploit.

I recall clicking ‘report abuse’ also.
No action.

What code are they even reviewing? I don’t get it.
Roblox practically would destroy the use of these ugly ‘chain require’ loading backdoors by simply content deleting ’ ’ instantly.
It’s already suspicious enough that a script should hide behind a ‘require’ and return it.

This should not have happened in the first place, imo as long as no one sees it, it does not need to be moderated.

roblox moderation has been a huge problem for years. and this might be one of the wort cases ive seen of faulty roblox moderation. i hope you get unbanned. s e r i o u s l y

I’ve already finally been unterminated over waiting 4 months.

However, I hadn’t had a single staff member come forward and tell me what exactly happened.

The only ‘informal’ message I received was one staff telling me that they were considering along with several community sage members what happened to my account and decided to un-terminate me.

That’s it, there was no heads up for me.

So by now, for safety. I have to strictly edit group games only and never touch ‘personal games’ as that was to why I got terminated. Having an account that’s not well known and making a mistake on it can get you terminated fast compared to editing a group with a lot of users on it are the people that gets the ‘heads up, edit this n that’.

That’s not right, everyone needs to be treated equally.

wow dude. roblox moderation has been terrible these last couple years. but your case is the worst i have ever seen

Yeah, why use thoose moderators for something that people can’t see? its useless

Why not use thoose moderators for report review or something like that?

No one wants this update. This is a extremely weird and dumb update. Why are you moderating code which no one is meant to see. Code is private should never be moderated. Why are you wasting resources on this when you could actually be improving moderation. Just get rid of this update and never make this mistake again. You’ve discouraged people from staying on this platform and they left cause of this. ROBLOX already had a lot of limitations compared to other game engines, and now you’re doing this? Just get rid of this no one wants this. This isn’t even a big issue. You have ruined moderation even more.

Don’t know much about this, but here are my two cents.
Okay, this could help prevent the “Bad side of roblox”, like “condo” games or whatever they are called now.
Personal information could be: In a team create in a close-group of friends, who talk through the code. Who wants that info shared to a group of moderators, who we have no proof if they even are good?
Personal Threats: Why would this even matter, if it is a solo group?
And Frankly, Roblox needs to be a BIT more transparent on this, and the rules.
A corrupt team create worker could go on, and report, and give away that said private information.
Just my Two Cents

First of all, you shouldn’t be putting your personal info inside of your code. Second, if they want to share info they should do so via discord or some other type of program that’s used for that. Third, Threats are still threats. It doesn’t matter where you place them, they are still threats.

It doesn’t make it anymore okay that our work is being checked by people we don’t know, have no reason to trust, and could be from another region entirely (language barrier, different copyright laws).

Roblox is based in the US-Therefore all of the rules, which are set by them, are from the US.
So I think this would be based on US or International law.
And yes, I agree about the point you make, only the first.
And @MalosVindictus , fair point. First is correct. Second is correct, but I meant a bit more like talking. Third…And who is gonna find, and see that threat unless they are hackers?
My opinion is this should only be for uncopylocked games.
And why does team create have different privileges for this?

The entire moderation system of Roblox (including this) should be overhauled.

The current system is just broken, and the code review system makes it even worse.

I don’t trust the “special-trained” team at all, after the situation of @NickoSCP. I have my own feelings that this team is just the same team as the team of other moderation on Roblox.

What makes your code so special though? Hypothetically if employees were to “steal” it, they could only use it on ROBLOX. Which at that point any game with said stolen code would be taken down accordingly.

Might I remind you that ROBLOX gives you access to their studio for free, and they own it. You publish your games and assets through roblox. They have every right to look through it. Whether you like it or not. It doesn’t matter how many times people complain. ROBLOX still has their right to view code and will do so if necessary.

Honestly it shouldn’t be a problem to you guys. As long as you don’t break the rules they won’t look through your code, it’s as simple as that. If you want your code not looked it, don’t break the rules with it.

Yes.
I understand ROBLOX has the right to do this, but really, how would ANYTHING in my code affect anyone?

You could be storing peoples information in code. Scam places for example, they can store passwords.

You shouldn’t worry about this if you don’t break rules.