|
| 20 Oct 2015 11:19 PM |
Minifying is when you use 3rd-party code to "shrink" your scripts to an unreadable level to prevent people from taking the source (cough exploiters cough) and using bits and pieces of it. It essentially obfuscates your code, and if you use a good enough "minifier", you can actually make it near-impossible to reverse. e.g. here's a before->after picture of some rbxanimator 3.0 source code: https://twitter.com/blahblu1/status/656685423444557824
It's good practice. I wrote a plugin for it specifically for obfuscating IC6 in some really obscure ways, including minification of source code. |
|
|
| Report Abuse |
|
|
romuluz
|
  |
| Joined: 12 Apr 2010 |
| Total Posts: 18124 |
|
|
| 20 Oct 2015 11:20 PM |
| Good to know. I think I'm going to pass this off to my scripter. |
|
|
| Report Abuse |
|
|
|
| 20 Oct 2015 11:20 PM |
| or u can put ur code in serverstorage/serverscriptservice and so far no place stealer or copystring has been able to access it |
|
|
| Report Abuse |
|
|
|
| 20 Oct 2015 11:20 PM |
| Just make sure your scripter always saves the original copy somewhere lol. |
|
|
| Report Abuse |
|
|
|
| 20 Oct 2015 11:22 PM |
@team: Unfortunately with nearly any weapon, GUI, or really any code that is meant to run on the client, that is not a solution. |
|
|
| Report Abuse |
|
|
|
| 20 Oct 2015 11:24 PM |
yeah rip localscripts
but technically u could still do copystring and the exploiter could still run the minified code jusf not edit it right |
|
|
| Report Abuse |
|
|
|
| 20 Oct 2015 11:27 PM |
| yes you could still run it. the idea behind this is to prevent modification and reverse engineering any potential security routines you may be forced to run on the client (like in loleris's old anti-exploit) |
|
|
| Report Abuse |
|
|
|
| 20 Oct 2015 11:39 PM |
i got an idea, but this would probably lag a lot:
minify the code on server startup (minify in sss as a server script, but then replicate to clients in a local script), but the server minifys it to a pattern in the ss, and the minified code also could reference the key to make sure it's an accepted server
OR much simpler just reference an object in workspace/etc with an odd name, and if it's not there just don't run the code (this would require that the exploiters have to reverse minify to change the object reference, or figure out what things it's referencing and where, and have them in their game) |
|
|
| Report Abuse |
|
|
|
| 20 Oct 2015 11:46 PM |
| Benbonez did this with his RCL plugin scripts. |
|
|
| Report Abuse |
|
|
|
| 20 Oct 2015 11:48 PM |
| only issue with that idea is .Source can only be modified using plugins or the command bar |
|
|
| Report Abuse |
|
|
|
| 20 Oct 2015 11:50 PM |
| now that im thinking about this more it really all comes down to the level of encryption, so in order for 100% security, there's gotta be some other level of security just encase the encryption is broken. But idk what |
|
|
| Report Abuse |
|
|
Lametta
|
  |
| Joined: 07 Jul 2012 |
| Total Posts: 7302 |
|
| |
|
|
| 21 Oct 2015 01:03 AM |
"script.Parent = nil"
why are you talking about of your ass? try doing that with a module script that is required by multiple local and server scripts at varying times. |
|
|
| Report Abuse |
|
|
| |
|
PongShot
|
  |
| Joined: 23 Aug 2015 |
| Total Posts: 37 |
|
|
| 21 Oct 2015 01:41 AM |
Hm dude this is pretty cool actually
I for one never make really important stuff so I don't think this kinda thing would ever be useful to me but it's pretty cool |
|
|
| Report Abuse |
|
|
|
| 21 Oct 2015 01:57 AM |
we web developers do this, it helps load speeds.
-isaac godfrey |
|
|
| Report Abuse |
|
|