Hello, I’m Virginia a fellow Windows user.
As we’re a user to user forum Microsoft will not see your comments/suggestions. I would recommend sending Microsoft feedback via the Windows app - Windows key + F key or via the web:
For Maicrosoft
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 5%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDD%3C/text%3E%3C/svg%3E)
Darius Dari
0
Reputation points
am 12 years old and I love math and logic. I thought of a security system for games (like Minecraft or Roblox) to completely stop hackers:
Smart Sandbox with Detection: Run external scripts in an isolated, fake bubble (sandbox). Inside, place fake folders (like "Game_Coins"). If a script tries to modify them, the detector catches it instantly.
Self-Healing Code: If the AI is bypassed or "exhausted" by lag attacks, the game should have an automated background timer. Every few minutes, it forces a refresh, compares files with a cloud master copy, and deletes any unknown files.
Zero Trust / Whitelisting (The Console Model): The best defense is to make hacks non-existent to the game. If a file is not on the game's official whitelist, it shouldn't even be scanned—it simply won't be allowed to execute at all.
I wanted to share this logic with your developers!
Windows for home | Other | Gaming
-
Darius Dari 0 Reputation points
2026-05-30T00:34:35.24+00:00 In short, a heckers detection system by detecting flight or wall crossings. If you can't let heckers do hecks, there are no hecks.
And there will be another way to use a smaller application, which is not posted by Microsoft and there are no official websites on systems that do not allow heckers to do anything brutal with that application. If the system feels that the script is modified, it regenerates itself to delete itself. You choose the best
option!
Sign in to comment
2 answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 18%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
Virginia M 41,000 Reputation points Independent Advisor2026-05-30T11:38:18.68+00:00 -
AI answer
2026-05-30T00:13:17.8+00:00 These ideas match several real security techniques used in game and app development, and they fit well with how Windows and Microsoft recommend protecting games.
- Smart sandbox with detection
- Running untrusted or external scripts in an isolated environment is exactly what a sandbox does.
- In Windows game security guidance, developers are encouraged to treat all external input as untrusted and to test it aggressively (for example, with fuzz testing), trying random or malformed data to see what breaks. That is similar in spirit to putting “fake” assets in a sandbox and watching what scripts do to them.
- Tools like Windows Application Verifier and fuzz testing help developers detect when code mishandles input, corrupts memory, or behaves unexpectedly, which is a key part of catching malicious behavior early.
- Self-healing code and cloud comparison
- The idea of regularly checking files and restoring them from a trusted source is aligned with “defense in depth.”
- In secure game development, developers are encouraged to:
- Validate all data (including mods, saved games, and network data).
- Treat any unexpected or corrupted data as a potential attack.
- A cloud “master copy” model fits well with this: the local game content can be checked against a known-good version, and anything unknown or modified can be rejected or repaired.
- Zero trust / whitelisting
- The “zero trust” idea—only allowing known, trusted components to run—is very close to what is recommended for secure games:
- Avoid “forbidden APIs” and use safer, vetted libraries.
- Minimize privileges so that only the minimum required rights are granted.
- Use features like code signing (Authenticode) so only trusted, signed binaries are accepted.
- In practice, this becomes a kind of whitelist: only signed, approved modules and scripts are allowed; everything else is blocked before it can execute.
- Using platform security features
- On Windows, game developers are encouraged to combine design ideas like yours with platform features such as:
- Data Execution Prevention (/NX)
- Buffer Security Check (/GS)
- Safe exception handlers (/SAFESEH)
- Address Space Layout Randomization (/DYNAMICBASE)
- Heap corruption detection via
HeapSetInformation - Code signing with Authenticode
- These features make it much harder for attackers to turn bugs into working hacks, and they complement sandboxing, self-healing, and whitelisting.
Overall, the concepts described—sandboxing, self-healing from a trusted source, and strict whitelisting—are all strong security patterns and align well with how secure games and apps are designed on Windows.
References:
AI-generated content may be incorrect. Read our transparency notes for more information.