User blog:TheDarkness909/Exploit article assessment

So here I am in the new year with another correction-filled article. Because it's locked, I can't go in and make the changes myself, but this assessment should hopefully follow the same rules as my earlier one.

Exploit

[In edit mode, a comment says] ''Please do not fill this article with questionable information if you do not have good references to back it up. If you are unsure of something, just don't talk about it in the article. [I'm unsure of the last part.] If {you are} in doubt, ask {about it} on the article's talk page.''

On ROBLOX, an exploit ( also frequently called {informally referred to as a} hack) consists of using a bug, glitch or {other} vulnerability in a game or in ROBLOX's software to manipulate the game in a way that wasn't intended by its designer {often maliciously}. Exploiting is considered as cheating {in ROBLOX}, and is not permitted on ROBLOX {allowed on the service}. [''A permit is a document authorizing one's actions. You're saying exploiting has no authorization. While it is technically true, it is not the right term.] People who use exploits in an unfair or malicious [Avoiding repetition.''] manner are known as "exploiters". Exploits can be used for advertising {to advertise} games, get advantages in games, etc. {attack a player or group, or to show that it is possible}. [Et cetera is a pet peeve of mine for a Wiki article.]

Countless rumors [It is really countless?] have been produced {formed} and propagated on ROBLOX concerning exploits and {the many} exploiters {that use them}. Many theories of questionable value have been proposed about the actions and identity {identities} [Plural!] of users such as Dignity and 1x1x1x1. [''Really good terms here, but this paragraph needs at least one more sentence. It feels like a cliffhanger.'']

History
[''If this section will explain the history, you have to date back to when the idea of exploiting in games was first implemented. Exploiting hasn't just been around since Roblox was created, it's far back.'']

During the history of ROBLOX, many exploits have been {were} found, disseminated, and abused by ROBLOX users. [I believe 'abused' is a better term than overused.] Most of those have later been {were, over the course of development,} fixed by the ROBLOX developers.

There is no solution to completely eliminate exploits on ROBLOX, [''True, but when you look at games overall, many of them have already found it. The most prominent ones I find are in Korean games.''] but {however} many attempts to reduce exploiting have been tried {attempted} or are planned for the future. [''I don't believe it's planned for the future. Put a source to verify.'']

Cheat Engine

 * {Main article: Cheat Engine} [If there's an article for that on the wiki, link it to here, not Wikipedia.]

Cheat Engine, a debugger {and exploiting tool} for Microsoft Windows [''We're not talking a glass pane on this article. So there's no point to differentiate a window or Windows. Or you could just say the PC platform, but Linux runs on that...''] created by Eric Heijnen, was used for a long time to take advantage of various vulnerabilities in ROBLOX {for a while, before}. Many exploits have used it, and most of the vulnerabilities {them} exploited by Cheat Engine have later been {were} fixed by the ROBLOX developers.

Its numerous features have given life to {many ROBLOX} exploits such as "speed hacking", which consists of making the ROBLOX client run faster, memory editing, which consists of finding and editing values in the memory to change game values, dynamic-link library injection, which consists of injecting a DLL file into ROBLOX's software to manipulate its code, and many others. [''I feel this whole sentence should be rephrased. It's the definition of a run-on sentence.'']

Lua bytecode
{When Lua runs programs, a} The Lua virtual machine compiles code to Lua bytecode before interpreting it {it is interpreted}. This process is irreversible, and thus was frequently used for code obfuscation.

Lua bytecode, for implementation reasons, [Explain these reasons.] does not have the same structure as Lua and allows, by unconventional means, manipulation of the stack [Explain what the stack is.] and other things that are not possible in plain {normal} Lua {programming}. It is possible, though difficult, to write Lua assembly code manually and to assemble it into Lua bytecode. [Though I will accept it, explain the process.] Lua {The ROBLOX client} [I assume, just to avoid repetition.]] can load Lua code and Lua bytecode through use of the {its}  function.

It has been proposed on the Lua mailing list [''By who? Anonymous?] that direct stack manipulation [Explain this.] could be used to access the environment of other functions during their execution and{,} therefore{,} to " steal " [No quotes.''] values from these functions ( and even from {including} C functions that Lua has access to), something which is not and should not be possible in pure Lua. [''How do you know it shouldn't be possible? Was it programmed to do that? If it was, it should be.'']

The ROBLOX user NecroBumpist had implemented exactly {proved} this idea {to be true, and possible}. [You should work for Upworthy.] Using Lua bytecode, he created a function that allowed a script to ' steal ' values from other functions, including C functions. That This made it possible to steal values from the ROBLOX{'s} API{'s}, but it was not until many months later that [Rephrase.] someone finally [''What do you mean, "finally"? And who is this someone?''] found a way to use this Lua bug to modify the global environment and to become capable, in a game server, to make the core scripts and the join script execute any Lua code {in a game server}. [Placement.]

This resulted in the removal of the ability to load bytecode with {and the ability to use it with} the loadstring function. Notwithstanding {Despite} common belief, this exploit had nothing to do with {was unrelated to} the common {a} DLL exploit {found} in the same time period. {The} Removal of bytecode had no other side effect than making {rendering} code obfuscation (which later became useless because of a change in script source replication) impossible {and obsolete} without other means. {It later on became useless due to a modification in script source replication.} [What is script source replication?]

Consensus

Run-on sentences, and special guest Lua Programmer!

The article is filled with errors and questionable choice of phrasing. I get that nobody can do a really good job on an article, but even worse is having terms you don't understand. It's almost as bad as Wikipedia's Cyber-Attacks article, which had to be corrected numerous times because it was literally written like an essay. The original writer had a Bear Grylls-style tone, where "in cyberwarfare, we must understand the basics as to why cyber-attacks are launched against a state or an individual."

The Lua bytecode section fails to describe many terms that even I, as someone with computers as my hobby, have no idea what they are. Who does the programmer think they're talking to? Another programmer? No. They're most likely talking to an audience that doesn't know how to script, and plays Roblox for the fun of it.

I do not advise you to edit the article explaining how to exploit Roblox. We don't need a tutorial, we don't need to know how to break the game, we're fine causing havoc here.

Thanks, TheDarkness909 15:14, January 5, 2014 (UTC)