Printable Version of Topic

Posted by: GrinderTheTroll May 12 2006, 06:28 PM

Hi all,

I've been blowing up the forums lately with my quetions about Subscriber Lists, Nodes, Camera and the like. I apprecaite everyone's patience with me while I get all this mess sorted out in my head and with my SR group. Which brings me to my point, have I been generalizing SR4 too much?

SR4 says (and I am paraphrasing here), "Your subscription list can be unlimited in size, but a Persona (ie. a Hacker) can only access Sysx2 devices at a time". In retrospect this makes perfect sence and also points out the difference between a commlink and a backbone matrix system. My assumption was that this also applied to Nodes/Devices/Systems but no where in SR4 is anything mentioned beyond Persona limitations. The exact wording in this section is what's trigged me to rethink my position.

More specifically, it makes no sense that a security terminal can't be in constant communication with all it's devices at once. SR4 explicitly mentions the limitation of a Persona and by not mentioning non-Personas it indirectly implies they suffer no such limitations.

So I can have a SecTerm-5 controlling 5, 10, 50 or 100 cameras with no problem. I don't need to have layered SecTerms (unless I want it) only controlling Sysx2 devices at a time. A Hacker (Persona) would have a limitation of trying to access too-many different devices/nodes/systems at one time.

Posted by: Moon-Hawk May 12 2006, 06:33 PM

Really? If so, that's great. Makes the whole thing make a lot more sense.

Posted by: Glayvin34 May 12 2006, 06:36 PM

Ooo, that's good.
You could apply that logic to all non-crashable entities, Sprites, IC/Agents/Pilots and Personas, then you'd really prevent the subscribing-to-the-world problem.

And if the people who read these forums are anything like me (which they very well could not), then we enjoy reading other people's thought processes, it helps us think about the rules in ways we were unlikely to on our own.

Posted by: Backgammon May 12 2006, 07:05 PM

Ok, but it still doesn't solve the 'problem' of terminals only being able to run a few programs at a time before suffering from Response loss, which IMO is still nonesensical for me. Especially since someone tought of making DoS attacks with Agents on a server to quickly and efficiently bring it to it's knees.

Posted by: stevebugge May 12 2006, 07:08 PM

It seems that servers/hosts should have either much higher system ratings or should have a different multiplier for the number of programs they can run before suffering response decrease.

Posted by: DireRadiant May 12 2006, 07:13 PM

My take.

Subscription List = Phone Book
Persona|Device X2 Active Subscription imits = Number of active connections

I have everyones phone number, but my phone only allows 5 people on the conference call.

How does a system handle if you want to talk to more then 5 people. You need to drop one and add the next and cycle through all the people you need to talk to. Slow if it's a phone call, Incredibly fast for commlinks|ComputerNodes.

Security trick - Secure Node has a subscription list that is limited to the specific devices it's supposed to have. Security device onyl has the subscription list of the security node it is meant to talk to.

Security Node (Imagine a sec console with 100 cameras it's monitoring)
Subscription list contains the commcode for 100 cameras.
System Rating 5 = 10 active connection.

Security Node POV
Security Node subscribes to the first ten cameras on the list, issues command to transmit the last ten seconds of video to security console in a high speed burst.
Security Node receives data.
Security Node Unsubscribes first ten cameras
Security Node Subscribes to next ten cameras
repeat

Camera POV
Camera gets susbcription request from Security Node.
Camera check subscription list (Which only has the Secuity Node commcode)
Camera allows active subscription
Camera receives download command
Camera transmits download
Camera gets unsubscription request
Camera unsubscribes
repeat

Since most devices are response 3, it's pretty easy to set up a very quickly expanding tree with redundancy to effectively get a large aggregated data feed from a large set of devices. Consider the effect of having each camera subscribe and share data with at least one other camera.

Posted by: mdynna May 12 2006, 08:25 PM

Thank you Grinder. I have been trying to say as much for some time but no one has been listening.

I have extended the "not a Persona-based node" rules to say that these "mainframes" are also not subject to the Response decrease rules. As mentioned above, I don't like the idea of a Hacker being able to bring an Agent army onto a node to bring it to its knees. There is a simple fix for this problem: the Agent is always considered "running" on the Hacker's Commlink. Thus, it counts against their running programs limit.

Does this make sense considering that Agents can run autonimously? No. That's why I like the "no response decrease" rule better. However, the "agent DoS attack" could be applied to other people's Commlinks. Usually when I get into a sticky situation like this, I usually use the "be careful what you wish for" technique. Namely, I have an enemy Hacker apply the same technique (usually in the extreme) to the player. I lay waste to them in some spectacular fashion (don't kill them, but give them a solid pounding). Then I'll say, "Now, would you like to pretend that insert player exploit here can't actually be done?"

Posted by: GrinderTheTroll May 12 2006, 09:43 PM

Posted by: GrinderTheTroll May 12 2006, 09:51 PM

Posted by: mdynna May 12 2006, 10:32 PM

On the other hand, if the Sysx2 rule applied to everything and you wanted to Hack that security system you would have to muddle your way through dozens of nodes with similar features. Let's call them "sub-processors." Oh, and the central hub node can be called the "CPU", and nodes that just store and sort data can be called "datastores", and nodes that control things will be "Slave Nodes" and nodes that connect the whole network to the outside world will be "SANs." Then we'll create a horrendously complex system of only being able to get to some nodes from certain other nodes. Every system will have to have a stupid little map showing you which nodes are connected to which and the Decker (oops Hacker) will have to move throw this little "node maze." Hacking will take hours and everyone else on the team will get bored and quit, or ban Hackers altogether.

Wait, has this idea been done alreay? SR2 anyone?
[/heavy sarcasm off]

Posted by: GrinderTheTroll May 12 2006, 10:43 PM

Haha. Nicely done.

Posted by: Kanada Ten May 12 2006, 10:47 PM

Even an unlimited subscriber list doesn't prevent a security set up such as that. It just doesn't make it a requirement.

Posted by: mfb May 12 2006, 11:10 PM

what about allowing all devices of a single type to be treated as a single device? keyword being devices, ie not drones or commlinks. basically, if you've got 500 cameras, your commlink treats them as a single device with 500 inputs.

Posted by: hobgoblin May 13 2006, 12:38 AM

about the subscription thing:
cameras and other devices that do not have their own matrix icon i would say is background noice, but you cant connect to them in-directly. they have to be within range of the comlink or node they are subscribed to. and it does not help if the comlink have a range of 400km+ if the device have a range of 3 meters

about the response reduction:
my take is that its only an effective response that only affect the personas initiative, not the system rating. this avoids the spiral of death and explains why a mainframe node can have any number of active agents and programs (its not supporting a persona).

allso, a reduction of effective response will not affect a agents internal response even tho its based on he node its running on. allso, in no way do the programs loaded into a agent count as seperate programs for the calculations of effective response. from the view of the system(os) its just one gigantic prosess.

these are all my personal interpetations of the rules...

Posted by: Edward May 13 2006, 05:21 AM

Assuming you allow a lot of IC to run on a single note, solve the subscription and programs running problems there is still one problem.

Hacking is still easy. Success is more likely than failure when hacking a single node (if your careful) and security hackers and designers know this. In the world of SR security personnel should be paranoid to a level exceeded only buy the runners themselves and suffers of some mental illnesses.

Given the technology available and the skill of hackers the most effective defense (and providing the best value for money) is a multi level architecture that holds all secure data behind a series of ic laden chokepoints.

We have a choice between running the security designers as idiots, having longwinded hacking, or braking the rules as written to have higher rating corporate hosts.

Edward

Posted by: Backgammon May 14 2006, 05:01 AM

Ok, here is the text from the relevant sections:

Posted by: Kremlin KOA May 14 2006, 05:03 AM

it also solves the DDos by noting that the agent is still a subscriber

Posted by: mdynna May 15 2006, 04:17 PM

Don't get me wrong: I'm not saying that mutli-host, tiered architecture doesn't exist. I ceratinly think it does. However, I think there should be a reasonable limit. The SR2 system of node-hopping made a great board game and if everyone was playing it would probably be fun. However, everyone else was sitting and watching, so it wasn't fun.

A very low budget corp or your average household probably only has 1 node.

A average sized corp's system probably has 2-3 nodes: a "public" host with unimportant information, a Security controller host (that serves as a chokepoint), and a "secure" host/datastore.

Larger corps, I think, would follow this same kind of structure but might sub-divide things further. For example, each department might have its own 3 node "cluster." However, if you find your systems growing to the 10+ node level it might be time to scale things back as this would take an exceedingly long time to Hack.

Also remember that systems should be much more accessible once you are inside the building. The added danger of the physical intrusion is an effective game balance for reducing the Matrix security. Besides, I think when the writers of SR4 came up with the AR idea, this is what they had in mind: more Hackers coming along with the team.

Posted by: GrinderTheTroll May 15 2006, 04:42 PM