True, but RIP.CAPCHA have a bypass rate of 93%. Surprising?
Sorry, it’s a little bit idealist, Tencent did manage to implement that, they did not lose any income or playerbase (not until China made it illegal for to have access to video games).
But Roblox is not Tencent, and the world is not China, people think freely and MUST think for their security as well, however, freedom, comes at a price.
It’s quite normal, all I can do is pray that nobody will ddos or dislike bot me. I’ve seen it happen many times to other’s games.
Sir, have a look.
Currently, I generate about 5 email-verified bots every minute with 93% of them being valid.
Why? Because the capcha, the email-verification and the bot-detector sucks!
However, I can’t generate 5 IDs every minute.
That’s the difference.
Sorry if I was wrong with DDOS, some requests I believe can be sent with alt accounts.
that is something that is both to developers and roblox to fix itself. because most of the times, gravity/speed in certain games are processed each frame and on capped fps it is to 60, so it is executed 60 times per second, if you had 30 fps, it will be executed 30 times in a second, deltaTime is a great way to resolve that. games such as arsenal are a great example of that.
You have to pay for the CAPTCHAs to be solved. A human solves it. This isn’t really a bypass. Other more efficient bypassing services like AntiCaptcha and 2Captcha, but solving the captchas still takes time and money due to requiring humans. It’s still a very applicable mitigation strategy.
Also this still completely discounts the exploits being fixed, which is a much better approach than punishment.
They are not being used for that at all, it’s either a crash script or a DDOS. The crash script can be patched but the DDOS can’t.
Captcha farms where humans solve the captchas aren’t really that much of a problem. It still requires payment and a human to solve it.
One thing to note here. Byfron isn’t the anti-cheat, it’s the company which is building the technology. Hyperion is the “anti-cheat” which actually is an anti tamper/obfuscation/anti-debugging/program “protection” solution.
This is really exciting however would we be introduced to features of the anti-exploit that stop executors? This seems to be like it. But if not at least give us options.
I agree with you, You do not have to pay for CAPTCHA’s to be solved. How else would’ve Roblox made their CAPTCHA system? Imagine if you had to pay 5 dollars just to get into you’re Roblox account.
(Not offending btw.)
Also yes, it’s programmed. To prevent bots, scammers, maybe even alternate accounts if someone is using them for spam. (but it rarely really ever does this but the anti-cheat should detect this hopefully.)
I think a better solution would be just to give developers access to something like IP/HWID, and access to reading CoreGUI. Most script GUIs are placed in CoreGUI because developers are unable to notice them, so I feel this would help some. IP/HWID banning would also be a good feature for developers to access. Perhaps making the entire CoreGUI read-only would solve many of these features with Roblox implementing checks itself. As mentioned earlier, if developers become too lax and trusting of Roblox’s anti-cheat, when someone finally does slip through they could reek serious havoc because the developer failed to implement good practices while scripting (not securing remotes, etc).
I wonder how Roblox will take action on compromised accounts. If your main gets hacked a hacker could cheat on your account and get it banned or get on your alt and cheat on there and ban your main. But that’s probably based on ip.
Depends on how Roblox develops and makes its anti-cheat. I was thinking if it were based on IP or device we could ban players differently in our games based on that using their services. Only speculation but something more useful would be nice.
Well yeah. Though I’ve seen captchas like hcaptcha use AI to combat automation.
I haven’t seen any study / data analysis that shows how effective such is but interesting nonetheless.
It’s quite normal, all I can do is pray that nobody will ddos or dislike bot me. I’ve seen it happen many times to other’s games.
What Roblox could possibly do in this case is monitoring such activities and additionally checking for account details e.g account history, then they could be calculating those to give an estimate. They could afterwards monitor the account activity for a while e.g if their client fingerprint ( e.g total playtime, today’s playtime, set language, account creation date, type of assets and avatar, previous chat message logs, etc ) match with each other etc, you get my point.
Once they’re flagged, Roblox could do the rest by revoking those likes/dislikes.
to have access to video games).