Add level cap to events

ADD LEVEL CAP TO EVENTS

Add being able to have a Level Cap on events, This wouldnt stop ALL hackers, But it would cut down the majority of the hackers making burner accounts to hack events.

My events get hacked 2-3 Times a night, for the past few months.

11 Likes

YES! Right now the button that disallows new players only blocks players under level 5. Instead of this button, there should be a slider going from 0-50 stating what levels can join your room.

4 Likes

Great Idea! As it is being worked on as the workshop room has it already!

4 Likes

When an event is ‘hacked’ can you describe in detail what actions the hackers are able to take? we’ll need a list of everything you’re seeing as a disruption so that we can ensure we’re looking into everything

supremium try to code challenge impossible

Half the time the hackers spawn stuff that you should never be able to spawn in without using food or any other thing

Other times they give themselves permissions to spawn inventions in rooms where it is impossible to give yourself permission and crash the room or kick random players

I’ve also had some other times where they somehow spawned in a camera and I was stuck looking in One direction while I can move around and still see myself moving

2 Likes

A main script which is circulating is giving players the orientation UI (limited settings tab, no UI buttons) and mass spawning crescendo’s final boss dracula to lag the game.

More common hackers just force makerpen and invention permissions and spawn crash guns/lag guns ect.

Until a permanent solution to rec room’s hacking issue; a slider feature for a level limit would be help significantly, especially in workshops!

1 Like

They can also legit just crash anyone and have anti-kick and anti-ban meaning they cant be removed from the room

1 Like

Me like idea

I host events all the time, here’s what’s happened to me:

The dracula boss is spawned multiple times
Everyone gets stuck in a “respawn loop” where players are constantly respawned and just see black
Everyone gets fly and makerpen perms
The entire map is deleted
Subtitles and audio players at max volume are spammed saying not-so-nice things
Everyone gets muted
Everyone’s game crashes
Everyone gets the orientation watch
Nobody can join a particular event instance of a room (inf loading screen or kicked back to dorm)
Unobtainable items are spawned such as the Gift-o-tron or dorm dummy.

The hacker can also go invisible in-game and on the player tab (I believe)
I’ll probably update this later with more things

2 Likes

This is an amazing idea!

2 Likes

I shared all of the instances of hacking brought up in here with the team and they looked over them! Its hard to break it down for each item since every vulnerability is a bit different but in general we’re migrating more things to server validation which should help resolve a lot of these issues. Since a lot of these issues have to do with core networking code we’ll migrate them into server validation bits at a time.

So this won’t be a fix where we hit everything at once, but the higher priority systems where more damage can be done by bad actors will be migrated first. I believe some of that work will be shipping before the end of the year but I don’t want to say which of the issues it will impact in case the bad actors are monitoring this thread.

I’ll bring up the level requirement for events request as well but usually we like to avoid patchwork solutions like that which would negatively impact a huge number of innocent players. In this case lower level players, who haven’t done anything wrong, just to keep a very low number of hackers out. The real solution is to harden all of these systems against hacks rather than giving the community the means to exclude wide swaths of players from their events. In which case the most dedicated hackers might get around anyway by leveling up accounts quickly or stealing accounts from those with very insecure passwords and no 2FA. (related - everyone here should turn on their 2FA)

As I see updates internally about these security updates shipping I’ll try to post back in here to update everyone. Also reminder that our next Creator AMA is on Wed Nov 6th so if you want an update there plz ensure its a top liked / upvoted question for us here. If it is maybe I can talk someone from the security team into showing up to give a more detailed reply.

2 Likes

many of this spawning stuff was done by swapping the object prefab.
its a really common way of cheating, and it does not look that difficult to even try to do it.
only way to kind of prevent it is by tweaking the game so it does not allow players to spawn objects through the watch, turning off consumables and use of the share cam would work, but I’m not sure if it would turn off the user’s ability to spawn the feedback tool.

I believe you can disable the feedback tool too! I wonder if hot picks can be manipulated like this? I’ve never looked into if there are any permissions related to it so i don’t know if it can be turned off or even spawned in community rooms in the first place. You could probably just temporarily turn these off without saving just to keep a single event instance safe without permanently removing it for public instances so players can still take photos and whatnot. Is there a way to turn of gift boxes? I remember hearing once that that’s how they used to spawn items in but i’m not sure if that was fixed. If not there are still way to detect if someone attempts to open one. I forget how, but i’m pretty sure there’s a way to detect when a player is holding an invalid object (like a gift box pull-tag) and then you can just teleport them up or away and it’ll despawn it.

1 Like

@JebGaming Gift boxes won’t spawn in if a game is running in Rooms 1.0.

@Shawn I believe it would be worth looking into if we can at least have an option in our room to disable spawning anything at all from your watch. This doesn’t encroach on anyone’s freedom to join a room and even still allows hackers to join, but they will have at least some limited ability on what they can greif.

I think it would be nice to have at least this band-aid solution for creators as we wait for solid resolution against hackers.

1 Like