Response to code safety review discussion

I think roblox’s reputation is beyond repair at this point. We just have to A) Accept that this will always happen as long as there are bad people in this world and B) Keep fighting for our rights to privacy and assurance.

I think all developers can agree there is alot of favoritism in the Roblox content creation community and the developer community but we cant change that, we just need to wait for roblox to do it. Maybe, If we all band together we can push Roblox in the right direction and we will finally start seeing such problems disappear.

(Didnt mean to reply to you but I didnt want to scroll up and reply to the OP)

3 Likes

Please try to keep this thread reasonably on topic. Discussing perceived “favoritism” here is off topic, discussing how the breach pertains to employees accessing our code is on topic.

6 Likes

Thats why we atleast need to stand as a collective and attempt to guide them. Before this platform ceases to exist after alot more updates restricting creation and IP privacy and multiple oop’s moments on the Roblox Staff Teams end from “Hey, how bout 500$ robux and I get access to potentially hundreds of millions of dollars in accounts”.

1 Like

You got to understand, anything under a database can be accessed by corrupt employees. ANYTHING AND EVERYTHING! I understand though your point because previous remarks included that people thought no employee would risk their job for leaking code, but after this incident everybody seems to have a different POV.

Ok so can someone tell me if I need to go back to all my 600 places and scan for viruses? This is honestly insane that Roblox is still doing this update. It seems private games are still being scanned so do I need to take action before I am banned?

1 Like

This actually I think is for the games that have been published, when an update as accorded on your game, then it will notify the mods.
On the other hand, unless you made the viruses, then you shouldn’t worry.

Yes, I have 600 published places.

How do they know I did not make them?

1 Like

I mean as in if you haven’t published it in the duration of this update to now, you should be fine.

Well, I’m pretty sure ROBLOX knows where the scripts are from, but that’s just me, and unless the viruses are really bad, (which I’m sure they aren’t, because most are just fire scripts) then you’re fine.

1 Like

Roblox’s moderation system is NOTORIOUS for moderating users retroactively. People have been moderated for assets uploaded years ago, despite the assets staying within the rules at the time they were uploaded.

I’ve seen viruses that are worse than fire scripts. But knowing how blind Roblox’s moderation is, they are likely going to ban people for code that doesn’t work or wasn’t created by them.

3 Likes

What’s interesting, is that Roblox is wasting their moderators on reviewing code that is private, and could do nothing worse than mess up a game. There are much better places to use their moderation resources in. Why do they even need to access a developer’s code anyway?

1 Like

I say that Roblox shouldn’t use their moderators for the code. If there is a malicious script in the game, I feel that it’s most likely not created by them.
Roblox needs more moderation focus in the toolbox. There are so many malicious scripts and free models in there.

1 Like

I unfortunately don’t recall once mentioning that your billing information would be publicly available to Roblox moderators?

Encryption is meant for databases, you encrypt information so that in the event that a database is breached, hackers will have a harder time to decrypt all the information that they get. You do not encrypt information for moderators to see.

To add on, in the same reply that I sent, I quote:

Did I ever mention that Roblox would publicly distribute your billing information? Unfortunately no, I said quite the contrary.

1 Like

I’ve never been a big fan of this system but this is the last straw. An admin has given a hacker access to their system. https://www.vice.com/en_us/article/qj4ddw/hacker-bribed-roblox-insider-accessed-user-data-reset-passwords How am I able to trust these “professionally trained individuals” with my scripts, API tokens, encryption keys and intellectual property. I cannot trust these people as the whole thing has been hidden for monghts, they have said everything really vaguely and now we known that the admins can be bribed to give hackers access to their system. In my opinion this system completely useless, it is a huge security risk and it is a waste of moderation resources.

The only thing that has done about this is corporate damage control. They never addressed the majority of our concerns and only said enough to make people not mad and accept the update. Moderation needs to be expanded literally in every other area. There are some group walls which are totally broken due to scam bots.
These scams have run for years but nothing worthwhile has been about them. It is quite disappointing for me to see that the moderation budget is used up for an issue which does not exist but then leave these account stealing scams running for years.

How should i be able to trust these “specially trained individuals” when my trust has been completely broken

7 Likes

I will have to agree that their focus has been one of tightening their grip on the platform without solving some long standing issues of the game.
Remember the old days when games actually had comments to them, so you could find out if the game was worth playing and what the game was about? Still not fixed. They need to address our trust issues in this moderation business with code. And address it fast.

3 Likes

Please keep this on-topic; this is about code safety review, not a contractor being bribed (which Roblox is obviously taking very seriously and is going to step-up security)

1 Like

I don’t find it stupid. For strangers to be reviewing private code which contain extremely sensitive information (i.e., webhooks) is pretty unacceptable by any community’s standards, especially when said community has already brought up reports of false-positives and baseless automated flags. Essentially, their code is being reviewed without valid reasoning which can be translated to developer privacy being invaded with no just cause. If said developers were to gain more clarity on the system, how it works, who’s working it/what policies & guidelines for review they’re confined to, maybe we wouldn’t gripe and moan about things that aren’t confirmed (i.e., invasion of privacy, widely automated moderation, etc.) This is all a mess that needs to be cleared up.

1 Like

How is anybody going to trust roblox with this anymore somebody bribed a admin with 500 dollars there is no way that anybody would want to do this its no point anymore trying.

2 Likes

Believe you me; this is searching for content that is genuinely harmful, not swear words.

For additional context: a contractor (someone working for a different company) was bribed to provide account data; the staff member was not a direct Roblox employee nor a specialist that reviews code.

Frankly, it’s Roblox’s platform and they can generally do what they want; ESPECIALLY if it is keeping kids safe.

There are moderation issues that need to be improved, however this specific policy has only had a few false moderations; and those were quickly rectified.

People blindly ranting about ‘roblox mods = bad’ are drowning out legitimate discussion and feedback about moderation issues with their ignorance.

2 Likes

I don’t think that in the case of another security breach, hackers will try and sell your code. If anything, they’ll probably go for other things that give money quick and fast, since there’s no guarantee how long they’ll have access to whatever backdoor they have.

While I don’t agree with my code being reviewed, I also don’t think that staff or other entities will go and steal and sell our code. Staff especially because they get paid for what they do, probably more then selling some lines of code ever will.

Yes, I agree but during a security breach or such moderation reviews, imagine someone taking the entire game of Adopt Me or Bloxburg then selling copys for a fraction of the games worth. It would kill the game entierly.