This is great! an update we’ve all been waiting for many years now. Well done Roblox! the only problem people are also concerned about is that innocent players may be affected by this anti cheat as it is a very good one and since it can easily detect malicious activity the anti cheat might think the innocent player is cheating when they’re not. This is something you guys may have to take into consideration.
There’s a reason why a lot of game companies choose not to support Linux. Roblox already supports Mac and Windows, since they are the most widely used OSs, it would be futile.
You always have the option of dual booting into Windows. Sure it’s an unnecessary step, but it is what it is.
not having them is not great
You’re underestimating the unreliability of IP bans and its false positives. It’s pointless to have those as you’ll at BEST keep zero brain skids away. It’s basic knowledge for both, developer and exploiter.
There is no in-built way to ban someone, period
Then make yourself a quick function to ban someone based on their activity/account status?
But yeah, having a template/built-in way to ban someone would be an addition.
At the very least it forces the exploiter to be inconvenienced, which is better than nothing.
You are underestimating the bare minimum of effort required to circumvent those limits without affecting false positives which - as already previously mentioned - causes more harm than good especially if your game aims for a very young audience or has quite a big fanbase.
I’d suggest you simulate this yourself.
If someone wants to say, make a competitive game, they likely really don’t care if the 12 year old injecting code who got IP banned is also affecting the 11 year old in the same household trying to play the game on the same computer.
That’s up to you, I’d consider simulating the situation and seeing the results & impact for yourself.
I personally would not sacrifice false positives over something you can easily circumvent.
the fact that people exploiting roblox don’t even have to use these things is detrimental
Once again, for good reasons.
My core message:
Yes, you may keep alts away to a certain degree while sacrificing a percentage of your community through false positives.
And you do little to no impact on preventing alts. If you want a more in depth explanation, sure I guess I’ll get to explain if you still aren’t convinced yet.
Roblox bans by Mac Address because IP is inefficient
Changing the MAC-address of your device through tools is very easy to do, thus relying on them are inefficient as well.
1 Like
With ID verification, one man can make maximum the amount of accounts according to his family members (if he steals their id), otherwise he can create 1 account only. Then roblox can focus on better moderation as there’s no massive waves of alts and bots.
Ddosing uses alt bot accounts that auto verifies with email, but auto verifying with id is impossible.
With ID verification, one man can make maximum the amount of accounts according to his family members (if he steals their id),
Limiting the amount of accounts you can create is another controversial topic.
I believe that you shouldn’t be limited to MANUALLY create those accounts - Roblox has those captchas for a reason.
otherwise he can create 1 account only. Then roblox can focus on better moderation as there’s no massive waves of alts and bots
big words
1 Like
The hacking part wont be prevented on the server, it will be prevented using a kernel-level anticheat, which will slow down peformance especially for those on low-end devices and potentially stop Linux users from playing
3 Likes
There’s no point in thinking of solutions everyone, everything can be spoofed or disabled.
1 Like
While ROBLOX has desperately needed better anti-cheat since the very beginning, adding more client-sided anti-cheat has me significantly concerned. A common problem with game anti-cheat engines is that they don’t play nicely with Wine (A compatibility layer for running Windows programs on Linux). Being a Linux user myself, I am worried that ROBLOX will go down the same path of games like Destiny 2 and Fortnite, where the anti-cheat does not allow Linux users to access the game. Kicking off Linux players would definitely put a nail in ROBLOX’s coffin; ROBLOX would then no longer be a place where everyone can connect.
This new anti-cheat should definitely allow Wine, since numerous ROBLOX developers and players don’t use Windows (like me), and ROBLOX’s vision since 2019 has been to create a place where everyone can connect. Not allowing Wine would make ROBLOX inaccessable to a proportional chunk of the public, and a proportional chunk of ROBLOX players and developers (Linux’ market share doesn’t represent the number of Linux users, since it’s free, and a percentage of even 5% could be millions of users!)
tldr: allow wine compatibility or lose users
3 Likes
That’s really cool!
I hope roblox add an option to ip ban people unless if roblox adds a new and good anti cheat!
It seems that all of the current Byfron implementations are application level and not kernel level and are compatible with wine. But we dont know about how it will be implemented (to the block game) so we really dont know if it will run under Linux.
One thing to note is that the current AC of (the block game) already blocks VMs from running, and so will Byfron so Wine will probably be the only option.
1 Like
That is good, also my community doesn’t allows alt accounts and creating a perfect anticheat system is really hard, so I don’t need pay the scripter for make a very good anticheat system also that is not allowed to test this and I won’t need hire like 50 moderators for ban all exploiters
This doesn’t mean that you shouldn’t have any other form of security on your game!
A DDOS can’t be fixed with ID verification. All one needs to DDOS a server is it’s IP address.
Then thats a vulnerability, either with Roblox or with your game. You literally can’t seem to understand anything about exploiting or preventing it, which is why I suspect you always claim ID verification as a magic cure.
I literally don’t understand why you have such a perverse facination with having ID verification for everything. It doesn’t magically fix exploiting. A much better way to combat exploiting is literally stopping the exploits which is what Byfron is introducing here.
This is literally just false information. All a person needs to DDOS is the IP address of the server, ID verification doesn’t magically prevent it at all lmao.
True, but RIP.CAPCHA have a bypass rate of 93%. Surprising?
Sorry, it’s a little bit idealist, Tencent did manage to implement that, they did not lose any income or playerbase (not until China made it illegal for 
to have access to video games).
But Roblox is not Tencent, and the world is not China, people think freely and MUST think for their security as well, however, freedom, comes at a price.
It’s quite normal, all I can do is pray that nobody will ddos or dislike bot me. I’ve seen it happen many times to other’s games.
Sir, have a look.
Currently, I generate about 5 email-verified bots every minute with 93% of them being valid.
Why? Because the capcha, the email-verification and the bot-detector sucks!
However, I can’t generate 5 IDs every minute.
That’s the difference.
Sorry if I was wrong with DDOS, some requests I believe can be sent with alt accounts.
1 Like
that is something that is both to developers and roblox to fix itself. because most of the times, gravity/speed in certain games are processed each frame and on capped fps it is to 60, so it is executed 60 times per second, if you had 30 fps, it will be executed 30 times in a second, deltaTime is a great way to resolve that. games such as arsenal are a great example of that.
You have to pay for the CAPTCHAs to be solved. A human solves it. This isn’t really a bypass. Other more efficient bypassing services like AntiCaptcha and 2Captcha, but solving the captchas still takes time and money due to requiring humans. It’s still a very applicable mitigation strategy.
Also this still completely discounts the exploits being fixed, which is a much better approach than punishment.
They are not being used for that at all, it’s either a crash script or a DDOS. The crash script can be patched but the DDOS can’t.
Captcha farms where humans solve the captchas aren’t really that much of a problem. It still requires payment and a human to solve it.
1 Like
No no, it’s not humans behind it, it’s programmed. Otherwise, you won’t get a month of usage for 5 bucks.
That’s not the case for most capcha solvers.
One thing to note here. Byfron isn’t the anti-cheat, it’s the company which is building the technology. Hyperion is the “anti-cheat” which actually is an anti tamper/obfuscation/anti-debugging/program “protection” solution.