Roblox White-Hats

Client security IS ridiculously bad, I’m totally willing to give this a shot if it won’t increase the quantity of black-hats vastly.

2 Likes

Citation? If there are dedicated people, it doesn’t matter how good your security is.

4 Likes

It isnt fine even if the game owner allows it if we mean roblox. I was told once by staff that for no matter what purpose.

2 Likes

While historically terrible, I’ve noticed a lot less exploiters in the past couple months. It was definitely an afterthought, but I think the Roblox team is making progress in securing the client.

Recent exploits like the sound spamming to crash a server is a far cry from the childish exploits we were seeing 6 months ago that did flashy things to effect game play. The vast majority of other exploits are now game specific instead of universal.

I think we are heading in the right direction and anything that gives visibility to exploits should be avoided, white-hat or otherwise.

4 Likes

Apparently this is a security issue.

2 Likes

I think what Seranok is saying is that the problem is anyone can abuse that, and poke the client in their own game to see how it reacts. This is why it should be a select group of trusted people rather than everyone - same sort of system as the private exploit report, trusted members are assumed to have good intentions.

4 Likes

I wouldn’t trust anyone I’m not extremely friends with to poke around with code in my game. Ever. I don’t care how trustworthy everyone else says they are.

5 Likes

Introduction

Hello, when thinking about security issues in games, I find it necessary to have the ability to find any loop hole or error within it. Sometimes it is necessary to figure out these issues, even if it means loading exploits.

Problem

Attempting to hack one owns game allows insight to security issues. It gives insight to game design issues. And it gives insight to a exploiter’s mind. However, this insight has been prohibited. If I were to load a exploit, lets say on my very own game, I would be banned. Should I be banned for loading exploits on my own game? Should I be banned for attempting to enhance the security in my game?

Solution

Therefore, I say that there should be a feature to disable exploiting moderation for people who exploit on their own game and to select certain people who should have exploiting permissions on games.

I also say that exploit moderation should also be disabled for people who have access to team create on that very game.

Benefits

This will result in less rule breaking exploiting as exploiters would have a job possibility in which they can use their malicious skill for a important job and get paid for enhancing security.

I can see a future where exploiters may be hired in as “White Hats” to enhance security. I can see a future where these very exploiters can give development insights to unaware developers.

Moreover, this will encourage a push for the best security as many “White Hats” may be hired by popular development teams and may create a informal competition for the best security.

Maybe, if possible, those undesirable exploiters may repent and use their skill and possibly become a “White Hat” to prevent future exploiting due to possible pay.

Counter Arguments

Now there may be a few counter arguments to this.

What if the developer dose not exploit for the purpose of testing security?

Even if a developer exploits on his very own game, he still should not be banned as it is his own game, his own territory.

What if a white hat abuses his power?

To this I say that the responsibility lies on the Game developer on who is trustworthy; moreover, I say that the game developer should have the ability to report a “White Hat” if he abuses his power.

What about exploiters who do break the TOS

I do not say all exploiters will obtain this honorable status as a “White Hat.” I know for a fact that there will still be many exploiters who load horrific devices such as Adult content or other harmful scripts that allow for a unfair advantage, But those who obtain the status of “White Hats” could prevent those exploiters who load such things.

Conclusion

This is my argument on why game developers should not be automatically banned for exploiting on their own game

Call to action
Game developers should be able to select varying “White Hats” to test their security and give them various insights to prevent vicious exploiting.

Final Note

Just to clarify, any abuse of a “White Hat” should be able to be reported by the developer who gave him such power when necessary. I also suggest that these “White Hats” should be able to get reported by any player who abuses their power as well.

I am only imploring that they ought not to be automatically banned as their job is to test security and give feedback to game developers.

3 Likes