Extuls
|
  |
| Joined: 02 Jan 2009 |
| Total Posts: 5557 |
|
|
| 28 Nov 2017 07:04 PM |
Because they are alts, clearly.
@LegendOfSchool
"extuls you didn't even read the tutorial so you have absolutely no say in the argument."
Congratulations, you got me to read the whole post. To be fair it had nothing to do with remote events/functions like I assumed, but still, of course, doesn't make your game "100% Exploit Proof!"
"it seems that you're less knowledgeable than s3vvy."
I learned nothing by reading it. Don't make assumptions.
"he talked about not trusting the client and gave examples"
Yet not trusting the client doesn't prevent changes that can be made on the client.
"i agree with s3vvy. exploits are 100% preventable, in reality."
But this isn't a matter of opinion. Fact is, they aren't.
|
|
|
| Report Abuse |
|
|
s3vvy
|
  |
| Joined: 24 Feb 2011 |
| Total Posts: 983 |
|
|
| 28 Nov 2017 07:05 PM |
I forgot that this place was the forums. Not the dev forums. Not a place where people are open minded. Not a place where a lot of the people are knowledgeable. Not a place where people lower their confidence in their knowledge every time they post something.
I'm not knowledgeable in some areas of scripting, such as basically half the classes in the API, but I do understand other parts of ROBLOX to the point where I can explain it in detail because I had to observe since there was no documentation.
Please, if you have a good actual EXAMPLE of an exploit, not a comparison or figurative speech, then say so and we will have a plausible argument.
~ [SPiN Clan] s3vvy | YouTube: www.youtube.com/c/SPiNClan |
|
|
| Report Abuse |
|
|
s3vvy
|
  |
| Joined: 24 Feb 2011 |
| Total Posts: 983 |
|
|
| 28 Nov 2017 07:07 PM |
And yes, JourneyCamo is my alt. I don't know the other dude.. :P
~ [SPiN Clan] s3vvy | YouTube: www.youtube.com/c/SPiNClan |
|
|
| Report Abuse |
|
|
Chrounum
|
  |
| Joined: 04 Apr 2015 |
| Total Posts: 2911 |
|
|
| 28 Nov 2017 07:08 PM |
wow ok
#code print("don't forget to dry the towel after use") |
|
|
| Report Abuse |
|
|
TaaRt
|
  |
| Joined: 26 Apr 2009 |
| Total Posts: 5039 |
|
|
| 28 Nov 2017 07:09 PM |
| Using alts to agree with yourself if you're trying to defend something proven wrong is not something the devforum (or any forum for that matter, and for good reason) is exactly 'open-minded' about |
|
|
| Report Abuse |
|
|
s3vvy
|
  |
| Joined: 24 Feb 2011 |
| Total Posts: 983 |
|
|
| 28 Nov 2017 07:10 PM |
Not that it's relevant but I wanted to bump my post and see what other people would say. Anyways, I agree, exploits aren't 100% preventable. But there hasn't been a good example of an exploit that has actually made a significant difference, not unless the developer was bad at using FilteringEnabled.
I was gonna talk about encryption, client control, all of that stuff. This post has little to do with using FilteringEnabled, only as a prerequisite is it relevant.
~ [SPiN Clan] s3vvy | YouTube: www.youtube.com/c/SPiNClan |
|
|
| Report Abuse |
|
|
Extuls
|
  |
| Joined: 02 Jan 2009 |
| Total Posts: 5557 |
|
|
| 28 Nov 2017 07:11 PM |
"Not a place where people are open minded. Not a place where a lot of the people are knowledgeable. Not a place where people lower their confidence in their knowledge every time they post something."
Yet you won't listen to multiple people trying to tell you you're wrong.
|
|
|
| Report Abuse |
|
|
LaeMVP
|
  |
| Joined: 24 Jun 2013 |
| Total Posts: 4416 |
|
|
| 28 Nov 2017 07:11 PM |
| you can't protect yourself from the unknown |
|
|
| Report Abuse |
|
|
s3vvy
|
  |
| Joined: 24 Feb 2011 |
| Total Posts: 983 |
|
|
| 28 Nov 2017 07:13 PM |
People are trying to tell me I'm wrong without factual examples, and just possibilities, WHICH I have agreed with in some way by saying "exploits aren't mathematically 100% possible to prevent".
I don't know how many times I can repeat it.
I will legit launch my next game and bet my life that there can be little to be done to exploit it.
~ [SPiN Clan] s3vvy | YouTube: www.youtube.com/c/SPiNClan |
|
|
| Report Abuse |
|
|
TaaRt
|
  |
| Joined: 26 Apr 2009 |
| Total Posts: 5039 |
|
|
| 28 Nov 2017 07:14 PM |
| Does crashing it with infinite assets count? |
|
|
| Report Abuse |
|
|
Extuls
|
  |
| Joined: 02 Jan 2009 |
| Total Posts: 5557 |
|
|
| 28 Nov 2017 07:17 PM |
Look, realistically there are a lot of games that won't be greatly effected by exploits simply by having little and sometimes no exploit prevention methods. But you can't act like this is true everywhere.
Games that have very small communities typically have an older average audience than front page games. With this comes a higher chance to land in a server with someone who is exploiting, as younger kids are less likely to use any exploits capable of doing anything meaningful.
Without giving out titles of games that quite frankly have toxic communities, I've been to games that encounter several people with exploits a day, and it's not something that stops. No matter how much you try to prevent exploits, they will try just as hard to get by your prevention methods.
|
|
|
| Report Abuse |
|
|
s3vvy
|
  |
| Joined: 24 Feb 2011 |
| Total Posts: 983 |
|
|
| 28 Nov 2017 07:19 PM |
What do you mean?
No "assets" (objects is a better word in this case) will be replicated to the server without permission, and I have no use to do that. There's also no use for that almost all the time if you're making a game.
If you want an asset, that's not in the game, you get it using the server, which the server should already have, and the server sends the asset. Simple. You can't crash the server by demanding for too many assets, unless there is a use for it.
A simple rule is that if there isn't a use for a functionality, then it shouldn't be able to function otherwise it leaves the game vulnerable.
~ [SPiN Clan] s3vvy | YouTube: www.youtube.com/c/SPiNClan |
|
|
| Report Abuse |
|
|
Rerumu
|
  |
| Joined: 11 Oct 2014 |
| Total Posts: 950 |
|
|
| 28 Nov 2017 07:20 PM |
"I'm a very experienced 14 year old scripter"
Stopped reading at there, can already tell what the post is about, and I'm late to the party but let me emphasize why you're wrong.
1. You can only slow exploiting, not stop it. 2. Your Lua scripts are editable in any way you use them, and it's stupid to think otherwise. 3. Unless you do every single check ever server side (which would still not stop local exploits) you'll be facing a lot of issues, not to mention these can be spoofed. 4. People are clever, which is why there isn't a "100% patch" bandaid around. 5. FE is a practice, not an anti-exploit. 6. My stance on encryption? It doesn't work. Decompile the game client and read the function, game over. 7. Weird obfuscation? Don't work either, if they want to they will crack it. 8. Let me re-iterate, anything *you* do on the client, can and will be disabled, and anything *you* do on the server, can and likely will be spoofed if you're following naive practices such as assuming FE is the ultimate anti-exploit. 9. The title is misleading, as this is a guide to add some layer of common sense into your development environment. 10. Using the DevForums as a sort of insult is both disrespectful to others for your trying to place yourself on a pedestal and naive on your part for trying to use a mostly invite-based forum as a source of your counter-argument. |
|
|
| Report Abuse |
|
|
s3vvy
|
  |
| Joined: 24 Feb 2011 |
| Total Posts: 983 |
|
|
| 28 Nov 2017 07:21 PM |
Again, I never said FilteringEnabled prevents exploits completely, even without anything in a place.
The tutorial was made so that, logically, there is 100% chance of blocking out exploits, and the tutorial isn't done.
I'M NOT DEFENDING FILTERINGENABLED!!
~ [SPiN Clan] s3vvy | YouTube: www.youtube.com/c/SPiNClan |
|
|
| Report Abuse |
|
|
s3vvy
|
  |
| Joined: 24 Feb 2011 |
| Total Posts: 983 |
|
|
| 28 Nov 2017 07:24 PM |
@Rer The fact that you judged my post and knowledge because of my age just proves that you're not worth talking to.
And also "FE is a practice" is probably the most cringe thing I heard this week. If you were looking for insults.
All insults and assumptions, really.
~ [SPiN Clan] s3vvy | YouTube: www.youtube.com/c/SPiNClan |
|
|
| Report Abuse |
|
|
s3vvy
|
  |
| Joined: 24 Feb 2011 |
| Total Posts: 983 |
|
|
| 28 Nov 2017 07:26 PM |
Encryption is not the same thing as obfuscation. At-least not in my use case.
And unrelated to the statement above, you literally said "decompile the game client and read the function?"
ARE YOU SERIOUS?? DO YOU EVEN KNOW WHAT ENCRYPTION IS??
~ [SPiN Clan] s3vvy | YouTube: www.youtube.com/c/SPiNClan |
|
|
| Report Abuse |
|
|
Rerumu
|
  |
| Joined: 11 Oct 2014 |
| Total Posts: 950 |
|
|
| 28 Nov 2017 07:27 PM |
Meanwhile, you addressed none of my points, as all of them are valid. Please get out, you're nothing short of intermediate.
FE *is* a practice. Please educate yourself before typing.
wikipedia/wiki/Client–server_model |
|
|
| Report Abuse |
|
|
Extuls
|
  |
| Joined: 02 Jan 2009 |
| Total Posts: 5557 |
|
|
| 28 Nov 2017 07:27 PM |
"All insults and assumptions, really."
They didn't insult you, and their assumptions were right. So what's your point?
|
|
|
| Report Abuse |
|
|
s3vvy
|
  |
| Joined: 24 Feb 2011 |
| Total Posts: 983 |
|
|
| 28 Nov 2017 07:29 PM |
Apologies for the caps, but when you insult me, I insult you back.
Anyways, encryption in our case, is protecting a message from the client so that it can only be read with proper permissions. Not so that the client can read it specifically without other members being able to read it.
~ [SPiN Clan] s3vvy | YouTube: www.youtube.com/c/SPiNClan |
|
|
| Report Abuse |
|
|
s3vvy
|
  |
| Joined: 24 Feb 2011 |
| Total Posts: 983 |
|
|
| 28 Nov 2017 07:30 PM |
ALL of your points came from assumptions, as you said.
I'm not going to waste my time addressing half of your points that weren't even discussed.
~ [SPiN Clan] s3vvy | YouTube: www.youtube.com/c/SPiNClan |
|
|
| Report Abuse |
|
|
Rerumu
|
  |
| Joined: 11 Oct 2014 |
| Total Posts: 950 |
|
|
| 28 Nov 2017 07:31 PM |
"ARE YOU SERIOUS?? DO YOU EVEN KNOW WHAT ENCRYPTION IS??"
Obviously you're going to hold the encryption or decryption function in the client, and I will ask, do you know what decompilation is? This isn't a fight at who can type in the most caps, so take a seat and understand this isn't a theoretical science. Everything you've mentioned can and has already been dealt with.
So again, I'll re-iterate, please read something worth your time before posting here instead of dismissing points simply because you don't like people assuming your skill from both your age and self-righteousness as to be using pointless communities to attempt to find your point.
And for your encryption intercepting needs, have a go at it: paystebin/9hDE3KZe |
|
|
| Report Abuse |
|
|
s3vvy
|
  |
| Joined: 24 Feb 2011 |
| Total Posts: 983 |
|
|
| 28 Nov 2017 07:36 PM |
How fun, you can intercept remote invokes. Barely anything to do with decrypting messages. The client *will* be unable to read my encryption methods.
Well, I seriously have homework to do and I literally wasted almost 2 hours on this post.
I guess you guys are really interested in the full tutorial, after all.
I felt really insulted when you used basic topics against me.
;)
~ [SPiN Clan] s3vvy | YouTube: www.youtube.com/c/SPiNClan |
|
|
| Report Abuse |
|
|
|
| 28 Nov 2017 07:36 PM |
Nothing is 100% safe online
Google gets hacked Facebook gets hacked US Government servers get hacked
I highly doubt that roblox has better security than the US Government
All you can do is take precautions to make it less easy, but its not possible to prevent it fully |
|
|
| Report Abuse |
|
|
|
| 28 Nov 2017 07:37 PM |
| @reru ur morbidly obsese so everything u think about or say is invalid |
|
|
| Report Abuse |
|
|
Rerumu
|
  |
| Joined: 11 Oct 2014 |
| Total Posts: 950 |
|
|
| 28 Nov 2017 07:37 PM |
"Barely anything to do with decrypting messages. The client *will* be unable to read my encryption methods."
Now you're just being stupid as an alibi for this argument. How is the client going to decrypt the messages to understand it if it doesn't have the method to do so? Same for encrypting it? |
|
|
| Report Abuse |
|
|