Welcoming Byfron to Roblox

I respect your standpoint on game security, but the server can’t detect everything

Unless the client is sending data to the server with what they see, the new meta of roblox will become overused external aimbots.

Look at games like da hood and arsenal, they’re slam packed with these people.
Not everything can be detected on the server, trying to do that will lead you wasting a lot of time on something that isn’t viable at all, you might as well be trying to solve the turing machine halting problem.

Yes, anticheats can be bypassed, but the sole purpose of running them on the client is to slow skids down and detect things the server can’t see on its own. The idea that anything you don’t appreciate should be shot down will only lead to developer demotivation.

those guys made hyperion for apex as i remember, not sure tho

I did one google search

image790×1120 235 KB

True, although things like position tracing, orientation verification and things like that can be tracked on the server. So aimbots would be useless.

Mobile is buggy, especially Huawei, what if they will detect mobile bugs as hacks?

The exploiter can change both of those…

A real anticheat is a welcome feature given how rampant exploiting is.

On the other hand, can’t wait to see all the work on Grapejuice become worthless! I hope you guys consider working on a Linux version in the future as Roblox becomes a bigger platform that aims to get professional game developers using it. Linux has progressed a long time since 2012, along with the Steam Deck taking off with over a million units sold already.

Same goes for the Roblox FPS Unlocker tool. Even smartphones ship with screens that can do 90 or even 120 FPS nowadays.

It’s about time for something that was needed a couple Years ago, But im Happy that Byfron is Helping roblox to Make this happen

[Please read my essay & understand it carefully before commenting something negative.]

I, and also other Robloxians out there, have a right to play the games on any kinds of devices we prefer, while they’re compatible enough to handle the game itself. This includes the GNU/Linux based operating systems & Steam Deck, which’s also running a GNU/Linux based SteamOS.

We also want to be free from the control of client-side anticheats, restricting on which platforms we want to play on.

Remember, that Roblox isn’t like the most competitive games out there such as Valorant, Fortnite, DOTA, etc; even some Valve games & Minecraft gives you ability to play on certain multiplayer servers without the anticheat running as long as they’re opted out from client-side anticheats. Unlike most competitive games out there, Roblox is more like a sandbox-style game, when you can basically make anything within Roblox’s game engine. Almost infinite possibilities of mechanics can be implemented in it.

For an universal game platform, that have almost infinite range of possibilities happening in the game engine, Roblox needs to NOT enforce the anticheat in ALL games, but make it opt-out by default so we can make our games that don’t need it, be free from the control of client-side anticheats, while the games that need it, can enforce it themselves through a simple opt-in toggle.

About the alt-detection thing, remember that alternative accounts are perfectly legal; they’re not always used to evade bans; there are also legitimate reasons that alternative accounts exist, e.g. to protect user’s privacy (especially for content creators), returning back while your original account is lost or stolen, roleplaying, etc. If Roblox really wanted to implement alt detection, yes; but don’t make it too strict and also don’t explicitly rely on IP addresses, especially that many ISPs still don’t support IPv6 (especially in developing countries) and rely on NAT because our world is ran out of public IPv4 addresses (around 4 billions) years ago. (see: IPv4 address exhaustion - Wikipedia)

I hope my essay will be a lesson for us & Roblox before they implement this thing in their game engine.

Remember: Client-side anticheats aren’t going to stop 100% of the cheaters, and they often do more control on us, including innocent players. Developers should have an option to turn this off, or even make it off by default so certain games, especially old ones, aren’t going to break because of this anticheat.
The best thing that Roblox could do is, of course we know this for almost a decade… improve their moderation system.

Edit: I just heard that Byrion’s current AC, Hyperion, is not really that aggressive and it’s more like an anti-tamper that mainly prevent injections. Also many people on Reddit confirmed that Hyperion is not running on kernel-level and also works with Linux and Steam Deck. Still, there’s still a chance that they might make a more aggressive AC that will break things I said above.

How so? I believe its safe to assume that the alt prevention feature will be active if the developer chooses to remove you from an experience because they want to, not because they’re trying to invade your privacy. Also safe to assume they’re more likely to utilize HWID player verification instead of IPs but even that can be easily spoofed in today’s times.

Welcome to the platform!!! We are so excited to have our games protected from these exploiters!

I’m not really concerned about the privacy effect of anticheats as they have to comply with privacy laws worldwide. What I’m more concerned of is how reliable the anticheat was (false-positives, especially in certain games that have some weird mechanics) and how the anticheat will work on some configurations (OS, peripherals, etc). Presumably the only thing that makes the anticheat less concerning is if Roblox makes it opt-in so only certain games that need it will enable the AC.
*corrected some of the sentences for this

isnt Roblox banning the network adress? this also bans a Dynamic IP even if it changes

The performance changes would not be so noticeable. Roblox isn’t built for Linux anyway. And don’t you think that any minor hits to performance, if any, are a good trade off for enhanced security?

Assuming you mean MAC address- they can also be spoofed easily.

Great news!

Only thing that is concerning me is how this is going to be implemented.

• Will it be triggered by fps unlockers/auto-clickers
• Will it be API based because of the unlimited gameplay variety of roblox games?
• Will cheaters be banned per game or globally?

Some clarification on those things would be appreciated, but really happy to see that something is finally being done to stop cheaters!

Man, I hate to say this, but there’s always an easy bypass to such restrictions. VPNs, and even hardware metadata changers. Totally makes IP ban useless.

What I personally think is the best thing to do, is to have an ID verification.
Let’s say, ok, Roblox implement an anti-proxy, an anti-metadata changer, which is very improbable, there’s still DDOSers and statistic botters. What’s there to stop them?
Yes, I understand that you find your ID too private for a fiscal cooperation, but, we must understand that everything comes at a price. Kinda too late when your game is going at 5000ms ping, have a 9% like ratio and filled with loopkill command spammers.

Theoritically Roblox could port their game engine to Linux, since the game engine supported OpenGL (+ the ES version) and Vulkan, which is supported natively on Linux and Android. Roblox also have an Android version, which is based on Linux kernel & the engine runs on Vulkan, and also OpenGL for older devices. (FYI: You can connect a keyboard and press Shift+F2 while inside a Roblox game to check if the engine is running on Vulkan or OpenGL.)

That means the port should be almost straightforward and the only big changes I could think of, are the library changes, for example, Android’s libHybris (the C library) and Surfaceflinger (the display server) to Linux’s glibC and X11/Wayland.

Personally I don’t think that’s a good idea, since there are many people (not including me though, I’m fine with it as long as they’re secure & reputable enough) that are concerned about how big companies deal with their personal information. Parents are scared to give away their son/daughter’s IDs to the companies for “various reasons”.
The only best thing they could do is, of course, we all know it for almost a decade… improve their moderation system. If their moderation system is still miserable, then even the anti-cheat wouldn’t solve the problem very much.
ID verifications aren’t going to stop DDoS attacks. That’s not how DDoS attack works.