Welcoming Byfron to Roblox

They use several anti-cheats. Not just Battleye.

Maybe to newer cheaters. But ones that are in Discords, or other communication platforms, could easily ask for advice, and probably get recommended a HWID changer.

Help them out if you’re interested, might need some truthful exploiters to open up about vulnerabilities.

but how? how can roblox not make a auto inject detection script, like the second you touch that inject button it should ban you automatically?

Yeah those spoofers are super accessible, so I’m not sure what ROBLOX is going to try to do

IPs are dynamic by default. All you have to do is restart your router and now you have a new IP. You can also just use a VPN to bypass IP bans.

This too.

I personally believe that the alt detection will be using a combination of methods. Though I’m hoping they don’t rely on their “detection” alone as it could easily be flawed, just like their current moderation.

The client-side anti-cheat will likely be bypassed rather easily, but the server-side anti-exploit is what I’m interested in. I’ve heard that it will be baked into the physics system.

well, roblox can use hwid bans.

I will be here for 5 hours if I explain it to you completely. Do you want the short or long version?

Legally I cannot work for them.

Not like legal work but more or less volunteering legit info

I think it’s important to note here that even if they aren’t perfect, not having them is not great. There is no in-built way to ban someone, period - Whether IP or username based. It’s all relying on things the users create.

If someone wants to say, make a competitive game, they likely really don’t care if the 12 year old injecting code who got IP banned is also affecting the 11 year old in the same household trying to play the game on the same computer.

And while VPNs and alts exist, the fact that people exploiting roblox don’t even have to use these things is detrimental. At the very least it forces the exploiter to be inconvenienced, which is better than nothing.

YES YES AND YES! updates just get better and better, this is amazing! Keep it up, Roblox, and thanks Byfron!

So true, the hassle of continuing to connect to a VPN; and if ROBLOX implements HWID bans, the hassle of constantly spoofing after getting banned can decrease the amount of cheaters heavily.

This is also what I want to know.

The usual exploiting that goes on like flying, teleporting, listening to remotes, etc. isn’t really an concern for me as I write in a way where these can’t cause real issues in my game.

I just really need place stealing to be prevented and hope that by adding a kernel-level anti-cheat they’re able to do that.

I don’t know if this has been said before but, I would be wondering if it would only ban users from that specific experience, or would it take account moderation, such as terminating the account, because I do presume it will only ban users from that specific experience.

Will this affect custom bootstrappers like Bloxstrap?

They use three different anti-cheat systems. Hyperion is one of those systems which is written by Byfron.

This is why Byfron’s solution may not work.

1). False Positives:

Things like RbxFpsUnlocker inject into roblox as a child process. Byron could detect that, and falsely ban a player. Considering popular YouTubers use this tool and thousands of people, many will be banned. You should also remember things like RoShade as well. That injects into roblox and makes modifications. Also, there are plenty of legitimate uses for DLL injection. Theme programs, accessibility tools, and various programs that extend OS functionality can all potentially use DLL injection to give added functionality to any program.

2). Stopping the detector from detecting DLL injection

A exploit developer could analyze Byfrons anti-cheat through “Various methods which I cannot disclose or else I will be banned off the forums”, and block whats detecting it.

3). Spoofing

I see many people throughout threads that roblox bans by IP. They’re unfortunately ignorant to their answers. Roblox bans by Mac Address because IP is inefficient and could lead to false positives. For example, if someones IP is dynamic, their IP could get unregistered, then get registered by another router, then if that router wants to play roblox, they can’t. Why? Because the person using the previous IP was exploiting. Someone who is an expert in this subject can reword this to english if you fail to comprehend this. HWID, and various other posts apply to this as well. So Byron can’t detect things to well.

4). You don’t know what you don’t know

Exploit developers could find something that the Byfron developers don’t know, and it will take a while for Byfron to figure out how to block their methods. This could also apply the Byfron.

5). Conclusion

No Exploit solution is perfect, but this is better than leaving developers defenseless. Besides, we don’t know how good this company is. If it really sounds as good as they say it will be, they will stop exploiting entirely. I’m not an expert in security, but I do know a few things most people don’t.

So there’s your long version.

okay now i get, all of it and how it works, the “method part” I know of, some, MAC Addresses, from what I know isn’t that part of the router or the computer part?

MAC addresses are into the router. These can easily be spoofed by using a tool called TMAC. Also a exploit can sandbox roblox. Although, this can very easily be detected by roblox.