Response to code safety review discussion

I wonder what harmful things could be found in code?

That’s not true. The victim had to come here and rant about it, because the appeals team declined his appeal.

3 Likes

Stop pretending you know what they consider is genuinely harmful. They may have changed their situation, but my 3 month termination says otherwise based on what happened.

5 Likes

No, games won’t die from being stolen and republished for a few reasons:

  • The developer of these games know their code better then someone else probably will, and may also still consistently update the game, slowly making stolen copies obsolete and inferior.
  • Popular stolen games are usually dealt with by the moderation team.
  • And a big catch is that players will not have their progress on the stolen game. There is no point in switching to playing the stolen game at all unless there’s a gimmick or major changes/updates. Even then you still have to do a lot to attract players from the original to a stolen game, which isn’t worth the effort due to the Roblox mods stomping out any clones.
1 Like

Everyone needs to remember that Roblox admins have always had access to everyones places since the platform was created in 2007.

This isn’t new.

3 Likes

Roblox’s community rules, and the OP, quite clearly spells out what they consider harmful. Games that share or collect PII, games showing illegal content, etc.

In most of these cases, code will never be read, because the in-game experience likely shows the harmful content in full.

I am not denying that there are issues with moderation. While this topic is controversial, it’s important that we remember that Roblox does not have malicious intent, so we should focus on clearly providing feedback rather than blindly ranting (which will accomplish nothing).

3 Likes

Roblox has done literally everything in their power to handicap devs to the point that we can’t collect PII with scripts. Sharing PII is also visible from ingame without reading our scripts.

Try again.

Like? Again, visible ingame. No need to read scripts.

That’s a lie. Roblox has been abusing the fool out of this new policy, and it’s only a matter of time until one of their code moderators goes crooked and leaks fundamental portions of a game’s core.

I’ll cite Intrinsicus here. I’ve already begun moving all development to alts. Roblox has already seemingly instabanned over this nebulous policy and is getting closer and closer to zero tolerance on all its other policies. I’m actually personally unsure if I’ll continue or if I’ll move to Unity or Godot. Roblox is attacking devs aggressively. Period. And devs are too disorganized to actually resist (look at these two threads alone). Their justification is that they’re “keeping users safer”, but I’ve legitimately never seen a truly malicious script pointed at a player. I’ve never seen the inappropriate games that Roblox claims exist.

I’m not sure it’s possible to make a super harmful inappropriate game on Roblox, considering meshes, decals, sounds, and every other non-Place asset has to get through a trigger happy automatic moderator (to the point that you often have to submit the same legit asset up to ten times, paying the fee each time, to get it to stay) that VERY OBVIOUSLY is not punished for false positives nearly enough. If that isn’t enough, they also have automatic transaction moderation that will ban you if you receive poisoned Robux. Of course, this is akin to accepting counterfeit money in real life, but you can’t tell whether Robux is poisoned before accepting it, unlike with counterfeit money.

On top of all this, our right to get paid for our work is treated as a privilege which NO OTHER PLATFORM DOES. Roblox takes 75% of our revenue as well, a third of which going towards store fees that shouldn’t be a problem in the first place (increase Robux and Premium prices on platforms with fees by ~33% to compensate)

Oh, and on top of all this, Roblox as a platform is over saturated with largely terrible games. These games don’t do anything except hold better ones down. The games page has devolved to basically a collection of shovel ware at this point and because of their dysfunctional search (that also filters everything you put in as if you were u13, because someone thought that was a good idea…) good games can’t get to light. Roblox pushes changes that can break everything without warning, unlike other platforms, they announce new policy changes months after they go into effect… Oh and not to mention how much of the engine is hard coded to the point that you have to write scripts to override hard coded parts of the engine if you want to write your own custom behavior…

Overall, Roblox is pretty terrible as a platform for professional development. If Roblox doesn’t fix their platform, this is the last straw for me. I’m done working towards projects on this platform. If I need to be using an alt through a VPN to safely develop on Roblox, something’s seriously wrong.

Fix your platform, Roblox.

8 Likes

While I don’t this the likely hood of this happening is high (especially because of the recent incident involving a Roblox moderator, and how Roblox is most likely going to increase security), Roblox needs to disclose if these people are outsourced or directly work with the company. Outsourced moderators have a higher chance of going rouge.

Also the fact that Roblox’s response specifically said they aren’t looking for swear words, and yet people are getting banned over having swear words in their script? Yeah, good job Roblox! Really proud of you there :clap:

3 Likes

I remember reading a post in this thread where a user stated that their account either got terminated or temporarily banned for having a custom filter of the sorts, although I may not be correct.

I also made a post in here regarding how Roblox worded the post, and how worrisome it was. Specifically looking at what they stated, they never said that you would not receive punishment for having something such as a custom chat filter. They’re saying they’re not specifically looking for it, but… what happens if they find it?

3 Likes

Fake. There’s been an incident of a developer being banned FOR using a second-layer chat filter. The appeals team didn’t care about him and threw out his appeal within five seconds, like they always do.

Yes, but they weren’t so aggressive with reviewing code at the time. I’m pretty sure they rarely checked the behind-the-scenes of games back then.

6 Likes

Yes but the point isnt making the game popular, if the game was stolen they would make alot from selling the builds + code + UI across a large population maybe on Ebay or some 3rd party site. Basically meaning the assets in the game become worthless and would downgrade the value of the game since you could easily have your own by purchasing an Adopt Me Kit from the person who stole the assets and make your own remake.

Also, it may be hard to find out the assets would be stolen until damage has already been done from the assets being sold off to loads of people.

1 Like

I wonder if there is a way to “encrypt” code, or securely hide it to make it unreadable?
image


Given the recent event of an admin being bribed to release user data, I would expect the same thing to happen with the code moderators. How “specially-trained” are they? Couldn’t they just check out the game, instead of the code? If there’s going to be anything nasty inside the code that’s worth reviewing, it’s probably visible by playing the game. I wouldn’t trust Roblox mods to NOT copy+paste our code, and potentially sell it to people who we don’t know.

This whole code-reviewing system might open a Pandora’s box full of false bans and other problems.

4 Likes

They do. Checking code [in care & safety] is always a last-resort only if absolutely necessary.

The ‘staff member’ that was bribed worked for a subcontractor, not Roblox. You should note that cases like this are very rare (1 in nearly 14 years), but are unavoidable.

You can obfuscate your code (encryption, by design, can’t be done with code) however it is very easily bypassed with a beautifier/prettier.

Typically, minification (which is often confused with or used in conjunction with obfuscation) is used to reduce the file size, explaining why it’s so commonplace. Your code, ultimately, is readable to Roblox engineers and safety staff.

On a side note, Roblox engineers routinely look at games’ source code (sometimes to help find or resolve platform bugs, sometimes to test that new features wont impact a game). Care & Safety aren’t doing anything special here.


Generally speaking, the majority of people who are blindly ranting against this policy and Roblox moderation as a whole are (at no fault of their own, mind you) ignorant, or have had (very very rare, we’re talking a few dozen out of a billion users) negative experiences with moderation.

It’s very easy to blow moderation issues that aren’t out of proportion, this isn’t helped by some influencers (even some being star creators) spreading misinformation about Roblox moderation.

Many people have probably started muting or ignoring this topic since it’s seemingly going in circles and starting to get derailed.

I’ve said it before, and I’ll say it again; Roblox does need an overhaul of its moderation system, however this policy is not one of those areas.

2 Likes

Most players and non-developers don’t get falsely banned very often. The majority of Roblox’s users don’t make games or make stuff for other games. I joined in late 2017 but didn’t develop anything until 2020. I only got my first false ban after that. I’m still close friends with many non-developers and none of them have gotten banned or even warned. One of my friends is an exploiter and has never been banned or warned.

The victim(s) were high-profile users on the platform, such as famous YouTuber Linkmon99. That is what made the situation well known. There may have been similar situations that have slipped by the media. Also, why did a third party have access to users’ personal and sensitive info?!

If that’s what Roblox says, it doesn’t seem to be. Someone has been falsely banned with no warning for doing something that was allowed by Roblox’s rules.

4 Likes

I highly doubt you were false banned. When full bans (not warnings*) are issued, it’s typically for serious offences.

* warnings are generally used as ‘notices of content removal’ rather than moderation infractions; hence why they don’t impact DevEx eligibility.

This is because exploiting, by its client-sided nature, and the design of the platform, is very hard to detect.

Customer service need to be able to see users’ email addresses to confirm contact. From my knowledge, CS can’t access further PII than email and account history.

Source/topic link? People often lie about their bans to make themselves seem like a victim to score empathy points and attention.

2 Likes

The developer relations team simply saying that the majority of us will likely never have our code flagged, nor reviewed doesn’t mean we should be satisfied with the system. Think about it this way,

the system flags code within games and models directly. Code cannot be flagged by players, only games can. What does this imply? Our code is already being parsed through by an enigmatic system which Roblox fails to clarify the workings of to its development community.

The system has flagged and warned/moderated players, and such moderations were false-positives. How can a system result in a false-positive (warning) if it has to be confirmed by moderation staff before warning or moderating a player? This is counter to what the developer relations team says:

“In the rare event that code gets flagged by the system as a potential safety concern, a very small, specially-trained team goes in-game as players to check it out.”

That instantly brings my trust level with the Roblox establishment to an all-time low.

My biggest personal issue with the update isn’t even a privacy concern, it’s the sugarcoated deceit they’ve attempted here. Everybody knows that if a system like this has an automated warning and moderation system, there will be false-positives and false-warnings/moderations.

Both of those things were shown since the launch of the update. There is no “human error” excuse here, this system is all but confirmed to be heavily automated and it’s my personal belief that Roblox is with-holding information in order to prevent an outrage.

We deserve context, and we deserve solidarity. We’re getting neither of those things. To blindly believe the inconclusive, context-absent, and contradicting ravings of the developer relations team is ignorant. Most of us see the red flags, and nothing is being done about it.

(As a quick disclaimer, I don’t mean to be offensive towards (any of) you. I’m just venting my frustrations with this update.)

10 Likes

Your already wrong, the flagging system never auto-moderates, it just brings moderator attention to possible inappropriate content.

Roblox does utilise automation to save time; however customer service, reports, and (the final decision on) asset approval is seen and reviewed by a human.


I understand your frustration and I do agree to an extent; more transparency in moderation is needed, however this post is a pretty good example of transparency about moderation policy.
4 Likes

Outrageous. Can’t believe this. If only ROBLOX would do something to ban the rampant exploiters, patch their platform to try make code injection harder instead of attacking the developers of the games on their platform. It’s sad. I hope that your situation is resolved swiftly and you gain access to your account again.

2 Likes

Roblox can’t do much to stop exploits; the client has all the power, and the platform’s design also makes it hard to detect exploits.

This is a separate topic, let’s not get derailed here.

3 Likes

I agree somewhat, i’ve seen alot of change during my time at ROBLOX, they have certainly made improvements to stop exploiters, I only feel they could possibly do more. But it pains me to see developers falling to this kind of fate. Especially since he was only trying to help ROBLOX remain a clean and friendly place for everyone. It’s sad. But yeah, let’s not get derailed.

1 Like

Customer Service is semi automatic, at best. You know when you ask them something and the reply you get either doesn’t answer what you are asking, tells you they can’t assist you or says they have already answered the question? There is an element of human customer support, but it hardly feels like you are talking to a person. The response you get makes it feel like they hardly understand what you are saying?

1 Like