Printable Version of Topic

Posted by: IKerensky Jul 9 2010, 09:05 AM

Here is the idea for an ICE I have :

Stealthy ICE that Analyse every persona in his node.
If the ICE detect a not-allowed persona it will track it back to his origins node.
When in the persona node he will launch an Agent in the node then go back home.
The Agent is Stealthy and Selfreplicating.
Agent script :
- If it dont replicate yet, replicate.
- Analyse the node to see if it is crypted by his own device, if not then Encrypt the node with a Databomb that would explode if not provided by the Agent password.
- Analyse the decryption program to see if it exist or is not encrypted yet, if so Encrypt the program with a Databomb that would explode if not provided by the Agent password.
- Analyse all the programs to see if they are encrypted, if not encrypt them with Databomb.
- Do the same for the files.
- Check for any Agent/Persona unknown presence, if so track and infiltrate them. Go back to start of list.
- If nothing left to do check for any master/slave connection in the node and access the master/slave. Go back to start of list.

How did it translate in game terms ?

More specific question :

1- Is the hacker automatically aware of the lowering of Response on his commlink.
2- Can you really Encrypt a Decrypt program ?
3- Can you run another copy of the program ?
4- Can you Encrypt loaded but not running program ?
5- Can a program/files/node be crypted by different users/programs ?
6- Is it too strong ?
7- What would happen if you Encrypt a Node while a persona is originating from it ?

Posted by: CeeJay Jul 9 2010, 01:33 PM

Well, there are a couple of problems I see with this idea...

First of all, your agent will use the Track program to trace a not-allowed icon back to its source, correct?
Now you seem to assume, that the agent automatically has access to the originating node (most likely a hacker's commlink). But as far as I can see, that is not the case.
A Trace user action gives you only the access ID and the physical location of the originating node. For everything else that your agent wants to do, it would first need to access the hacker's commlink, e.g use exploit to hack an account on the node.
And I think it is rather unlikely that the agent will succeed to bypass all security measures a competent hacker will use to secure his own commlink (Encryption, Data Bombs, Patroling IC etc) unnoticed.

But if your IC really accomplishes all that, the next problem I see is that you can't encrypt running prorgams. Mind you, I can only look at the BBB at the moment, so Unwired might tell something else, but you can only encrypt "a file, set of files, node, or communication link" (SR4A p. 229). So, I think it should be possible to encrpyt programs that are not running, since at that moment they are just files.

At the moment your potential IC agent will need a payload of Stealth, Track, Decrypt, Exploit, Encrypt and Data Bomb. That's quite a lot, and you will probably want to have Adaptability autosoft too.
So simply the fact, that this IC is suddenly running on the hacker's commlink will most likely reduce response on the 'link and the hacker will recognize this cause all of his own programs suddenly go slower...

-CJ

Posted by: hobgoblin Jul 9 2010, 03:06 PM

actually, given that the hacker being traced already have his icon present in the node the trace is being performed from, they already have the access id by way of a simple matrix perception test. Its when one intercept data traffic (say a call) between two nodes that one need to trace to get the access id.

Posted by: MikeKozar Jul 9 2010, 03:33 PM

I'm working on integrating the Matrix into my Maptools framework next week, and while doing research I found a copy of "Virtual Realities". There used to be a *lovely* little program called "Trace and Burn".

Posted by: hobgoblin Jul 9 2010, 05:05 PM

hehe, trace and burn, from back when software could light a cyberdeck on fire (pesky thing is about as explosive as a star trek control console!).

Posted by: Wasabi Jul 9 2010, 05:41 PM

1. While its not challenged it still takes a Matrix Perception. If a given user is permitted to see something they dont have to use Hacking, Decrypt, etc, to access it.
2. Sure. Its like putting WinZip in a .zip file.
3. You can run whatever programs you like but if its Registered software you'd need to purchase two copies to run it twice, three copie for thrice, etc.
4. Data can be encryped. Programs not running are just stored data for most purposes.
5. Do you mean something like 'Can I have seperate encryption tests to encrypt different things?' If this is what you meant, yes.
6. Encryption slows an attacker in the same way barb wire slows down trespassers. Neither is strong unless monitored by a combatant.
7. What is your goal? To disrupt the persona? To secure the node? To cause havoc as an intruder?

Posted by: hobgoblin Jul 9 2010, 06:28 PM

err, page number please?

nothing about either the copy protection or registration option says anything about not being able to run a single copy multiple times on the same node.

now if you want to copy the program to a different node and run it on both, that may be a different topic. And i am unsure how that while thing applies to agent payloads as they are for all intents a virtual node with the ability to move between actual nodes.

Posted by: Wasabi Jul 9 2010, 07:20 PM

"Copy Protection prohibits the program from being copied", Unwired p114

Posted by: Udoshi Jul 9 2010, 07:26 PM

Minor nitpick - you forgot Analyze, and Replicate. You would almost certianly need the Ergonomic option, and possibly optimized 3 option on all your programs as well.

Posted by: hobgoblin Jul 9 2010, 07:52 PM

copy not equal run.

you can have a single copy installed on your node, but have it running multiple times over on the same node. Tho one can ask why one would do so.

tho i guess it all depends on what the original question really was, as it seems somewhat unclear.

Posted by: Wasabi Jul 10 2010, 02:21 AM

For a TAN running on slaved commlinks that'd be amazingly good. Where's it say that's legal?

Posted by: Saint Sithney Jul 10 2010, 03:35 AM

Oh those wacky Choson!

Posted by: hobgoblin Jul 10 2010, 04:44 AM

if by slaved comlinks you mean they are clustered, then its no problem. But if they are simply slaved it just means they have a single loging but otherwise behave independently.

Posted by: Wasabi Jul 10 2010, 05:38 AM

And where's it say its legal to load multiple copies of something that can't be copied? :-)

Posted by: hobgoblin Jul 10 2010, 02:25 PM

load not equal run.

Posted by: Tymeaus Jalynsfein Jul 10 2010, 03:06 PM

Try a simple exercise with your current Computer... Open Internet Explorer.., Okay, now open it again, and again... you could even try this with Microsoft Word (or others)... I have only one actual copy of the program, but I have had Many multiple copies of both open simultaneously...

Run != Copy


Keep the Faith

Posted by: Wasabi Jul 11 2010, 06:57 AM

Ah, I see now... good call fella's, thanks!

Posted by: IKerensky Jul 12 2010, 06:34 AM

Ok.

But lets say the ICe Encrypt the Hacker Decrypt program before he run it. The Hacker will need another Decrypt program to be loaded and started or someone else to come and decrypt it before he could launch it ?

If both the Decrypt and the Node are crypted then the hacker lose control on the commlink and need to use another one to access and purge ?

(Of course, usually Hackers have a Decrypt program running all the times, so I suppose the ICe should try to crash the running Decrypt after it crypt the loaded version ).

I understood that this is a lot of programs running for the agent. The idea is that the Agent was launched from the Hacker Commlink in order to lower his Response and make him less able to continue the original hacking/fight replicating Agents.

Posted by: hobgoblin Jul 12 2010, 12:27 PM

i dont know if a comlink can be encrypted in that way, but then what exactly that can be encrypted have never been clarified. Best i can tell, one can encrypt against external access, but i dont think one can encrypt against direct access (that is, directly jacking in to the comlink).

btw, i kinda like the idea of encrypting someones decrypt program. Reminds me of the issue of putting a tool into a clamshell packing so that one need the tool to unpack it all...