SecurityService should encrypt RemoteEvent/RemoteFunction names via GUID

Question

SecurityService should encrypt RemoteEvent/RemoteFunction names via GUID

Closed this issue 2 years ago · 1 comments

Currently, remote's names are not encrypted, making them easier to target by exploiters. SecurityService should encrypt RemoteEvent/RemoteFunction names via HttpService:GenerateGUID() to make it harder for exploiters to determine which remote does what.

I'm not entirely sure how I'm going to pass remote names on to the client though - this will need some more planning before it can be implemented.

Answer 1 · 2023-01-23T20:55:34.000Z

Closing, as SecurityService no longer exists.