Printable Version of Topic

Click here to view this topic in its original format

Dumpshock Forums _ Shadowrun _ Data Bombs and Spoof

Posted by: Kirk Aug 15 2011, 04:26 PM

(crossposted at Shadowrun4 forum)

I'm requesting a rules check as it looks to me as though there's a defense against (some) spoofing.

Put a databomb on the access port.

As I read the rules, to issue a command (with the access ID) the node must be accessed.

Now I'd not put this on devices that have a wide range of interaction. Putting them on the slaved drones and other devices, however, looks to me like a nice way to cover the only weakness of slaved devices -- their vulnerability to spoof attacks.

However, I'm still learning and could be wrong, so I'm asking for a doublecheck. Thanks.

Posted by: Aku Aug 15 2011, 04:38 PM

MM, i dont think so, since the DB only goes off if someone is unauthorized, if they spoof and succeed they're authorized, however,i would say if they spoof and fail, then it could go boom

Posted by: Kirk Aug 15 2011, 05:09 PM

No, you set a different passcode for the data bomb.

QUOTE
When you [set a data bomb], you must
choose the rating for the data bomb (up to the rating of the Data
Bomb program), whether or not it will delete the file or crash the
node to which it is attached when activated as a secondary effect, and
the passcode required to deactivate it.

and
QUOTE
If the passcode is used, the data bomb does not activate
and remains attached to the file or node.


On the other hand I maybe found the answer, in the middle of those two quotes.
QUOTE
The way a data bomb triggers depends on whether it is attached
to a file or a node: it activates when a file is accessed, or when an icon
logs onto a node, respectively, without using the data bomb’s passcode.


The question is whether spoofing is logging on for that single command. Just as with hacking on the fly and probing it has to deal with a firewall check. Unlike either, a failure means no alert as the command is considered 'just a bad packet' and discarded.

I know that as GM I'll have to make up my own mind, but I'm looking for some clarity for basis. at this point probably not, but the possibility...

Posted by: Fatum Aug 15 2011, 06:16 PM

I'd say no, it's doesn't count as a login - after all, you're not hacking the node's login mechanism, and while spoofing a slaved device you can't as a result login to the node it's slaved to. But ymmv.

Posted by: LurkerOutThere Aug 15 2011, 06:32 PM

Databombs only affect you if your logging in, if your spoofing your not logging in. By design slaving is vulnerable to spoofing there should not be a 100% foolproof unhackable system anyway.

Posted by: Kirk Aug 15 2011, 07:38 PM

Lurker, this wouldn't make it unhackable.

It would just make it a bit more difficult/risky to spoof. (grin)

Posted by: Yerameyahu Aug 15 2011, 08:36 PM

Spoofing is not logging in. It's touchless. Even if the data bomb could go off, there's literally nothing there for it to hit.

Posted by: Aku Aug 15 2011, 09:32 PM

hurray for right answer, wrong reason biggrin.gif

Powered by Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)