Printable Version of Topic

Posted by: CrystalBlue Aug 25 2011, 01:13 PM

I've looked through the list of programs that are available to hackers and companies and thought it could use an increase. No book I know of (I haven't read much of Unwired) has more programs, so I thought of some programs I myself code for or use on a daily basis and retro-fitted them to Shadowrun. Some of these might be broken or overpowered, or they need tweeking. If you think something should be changed or tweeked, or if there already is a program out there that does what one of these does, let me know.

Fortify (Computer): This program ramps up the difficulty to overtake an icon through use of any hacking program. It launches debugging code into the middle of certain parts of the icon to detect and redirect common-use hacker attacks and malicious code, dumping them out of sensitive sub-routines. For each hit generated, increase the target number of any unauthorized access (any check from the Cracking group) except for hostile programs (such as Attack, Blackout, Black Hammer). This program can only generate a total defense up to the program’s rating and an icon can only be fortified once. If another Fortify command is issued on the icon, the new number may replace the old check.

VeriFly (Electronic Warfare): This program begins to ‘scrub’ connections to ferret out hacking attempts by running credentials through rigorous authentication. While in this mode, the user of this program must sustain the use of it, imposing a -2 penalty to all their other checks as they keep the program active and running. The user makes a check with all net hits (capped at the program’s rating) imposing a penalty against the icon’s Stealth program, unless the icon spends a simple action to ‘verify’ their credentials manually each phase they are in the system.

TarPaper (Hacking): With this program, the user slows down network and computer traffic, restricting certain access points constricting bandwidth by filtering it through query analysis. It does not outright check and verify the data, but it filters’s it based on the type of programs running. Once an icon has been Analyzed successfully, TarPaper can be used to lower the initiative of an icon. While active, the program imposes a penalty to initiative equal to it’s rating to the target icon. The user of this program also may choose to spam the target, instead rolling an opposed roll vs the icon’s Response + Firewall. If successful, the target icon’s initiative passes are reduced by one. If used on an icon when they have only one pass left, they lose that pass. If the target has no passes left, this penalty is applied to the next initiative round.

Erosion (Hacking): This program breaks down code, pulling it apart at the easiest and hardest-to-notice ways in a much longer-term then an attack program does. It does not simply try injecting code error into a program, it literally pulls the code apart and resaves the program back to the icon. When used on an Analyzed icon, the user rolls an opposed test vs Firewall + Rating of the program being targeted. If successful, the erosion lowers the rating of the program by 1. If the program reaches a rating of 0, it is lost and dumped off of the target’s icon. The erosion program targets all copies of the program loaded onto an icon’s node, so a hacker that loses a program cannot use it again until they load a clean copy of the code back onto their device.

SubClause (Computer): A program may use and implement harder-to-crack security services by using redundant verification and confirmation. Commonly known as the TOS pop-ups and other pop-ups that spam a user to enter name and password again or to accept a set of circumstances, else they lose out on access. Any user of this program running this actively automatically spams users when they attempt to log in to the network, regardless of legal or illegal credentials. When an icon attempts to login to a system with an actively running SubClause, they may review the warning message. The user of this program chooses one of the following: add dice to the dice pool of checks made by all friendly icons on the system, lower the defensive programs of all logged in icons by it’s rating (Armor, Stealth, ect), or allow the system to use a psudo Edge on any check made on the system. All of these ratings are equal to the SubClause program rating. Once a user agrees to these warnings, the SubClause program imbed’s itself into the icon logging into the system. This embedding sticks around so long as the user is logged into this node. If logging out, the embedding erases itself. The icon may rolls an Exploit + Hacking vs SubClause + Computer. If successful, they’ve found a loop-hole in the code rules and bypasses the embedding.

Posted by: Draco18s Aug 25 2011, 01:51 PM

Here's my reply:

Posted by: Yerameyahu Aug 25 2011, 01:54 PM

On the contrary, hacking is unlike first aid. Most things are *not* possible without the right program, by intent. This is in general, not specifically about these proposed programs.

An actual overhaul of the program rules/action would be nice, though. There's no reason there can't be a class of programs that allow actions, and a class that merely enhance.

Posted by: Draco18s Aug 25 2011, 02:02 PM

My reply is more "we don't need MORE programs. D: " than anything.

We've already got "too many," most of which are largely unneeded.



Overhauling the matrix is grounds for another thread, and while we've all tried to simplify or better the hacking rules, no one's managed to do something that's "acceptable."
While it's true that hackers will need hacking programs to do their job, what I'd like to do is make those programs....less important and more consolidated. You pay $500 for "Exploit." It has no rating and simply says "you're a hacker now. You got the skill to use it?"

Posted by: Yerameyahu Aug 25 2011, 02:06 PM

I agree, there are dozens of programs and it's nuts. If they made the Options rules more flexible instead, that might help.

Certainly, I wasn't suggesting doing it *here*.

I really think it's a feature of the Matrix rules that money (gear) and not skill determines what you can do. They're not supposed to be like mages, and it's not supposed to be cheap. This doesn't mean that's the best way, nor that other setups can't exist instead (we've seen mage-style, ammo-style, etc. etc.).

Posted by: Kirk Aug 25 2011, 02:10 PM

On the other hand, slight tweaks of the arguments you're making could be used for magic and meat combat.

Why do I need to have all these different kinds of gun rules and types, after all. It's just shoot. One roll, is the other guy dead or not?

yeah, not quite what you meant, but it's got a strong taste of it nonetheless.

Posted by: Makki Aug 25 2011, 02:23 PM

you guys should read Eclipse Phase.
There's one Hacking skill that is used for all tests. The Exploit program is necessary to hack and expensive, but doesn't give any bonus.
And there's only one skill "Kinetic Weapons". You use it for all kinds of guns.

@topic I don't like your programs. they're all overpowered and the "cap at program rating" is a new unnecessary addition

Posted by: CrystalBlue Aug 25 2011, 02:34 PM

Well, understand why I do this.

Given the hacking rules as they are now, hacking is insanely easy for a hacker. To get admin access to ANY large corp, you only need 12 successes which, given the hacking pools I've seen, is do-able in either a few hours or a few phases. So a hacker's going to get in. That's not even a question. And the likeliness of a hacker having a Stealth program running under 6 rating is very low. So, for the system to notice him, I'd have to get 6 successes on 12 dice. That's really not fair for the computer. And then, after that, the hacker has full access to EVERYTHING that node has.

Again, this might just be my confusion of the rules. I had an earlier thread trying to make sense of these rules and how to challenge the hacker, and I didn't get very far when I tried writing one up. I created an apartment complex that they need to get into and they're in a hurry. I created an outside node that then had a bridge inside to the inner CPU that they needed to get to. So they had to brute force their way through two of them. The external system is only 2 and the internal system is 4. I'm rolling shit against a stealth program 6 and hoping they're all successes.

There has to be SOMETHING I can do to a hacker, and I still can't see what that is. More programs that need to be circumvented is the solution. I am honestly at a lose as to how a node is supposed to be constructed with LESS programs. Stat + Skill works in theory, but then you have a mish-mash of arbitrary rules that have no clear definition. It heralds back to the days when my friends used to play D&D by saying "You roll a 15. You kill the dragon. Good job." Simplicity puts too much onus on the story teller to construct every possible outcome.

Posted by: Draco18s Aug 25 2011, 02:36 PM

Gear definitely matters, I'm not debating that. But in order to draw the "not a hacker" characters into the matrix on occasion, the basics should be possible with a minimum of expenditure. For a character to be a dedicated hacker, though, they'll want "all the extras" and have more options than "shoot to kill" as it were.

The gun nut has 4 different kinds of ammo and 6 different guns, all for different situations. The face has a concealed holdout pistol with regular ammunition. Functional and capable in a gun fight, but only has one choice.

A hacker has 10 different programs, all for different situations. The rest of the party has the basics. Functional and capable on the matrix, but have limited choices.



This, also.

Posted by: CrystalBlue Aug 25 2011, 02:55 PM

Maybe I don't have the mind for this game then. Not everyone should be a hacker. In fact, not everyone should be buying programs and putting points into Computers and Hacking. That's like saying that every character should have Automatics and Longarms and every mundane character should have Spellcasting, just because. Is it logical for the infiltration specialist to have a commlink with a small exploit and stealth program? Sure does. Does it make sense for a troll to be carrying around a spoof program? Doesn't in my book.

Maybe runners will have high-end commlinks with IC protecting it from intrusion, but there is no reason the troll tank should have hacking programs and skills. It doesn't make sense, in my opinion. Since the skills all say that basic uses of them do not require having points in them, any Joe on the street can Google for something. That doesn't require a Computer skill and shouldn't require a Browse program.

Posted by: suoq Aug 25 2011, 03:19 PM

Off topic:

The fun part is, you don't. You can take a small subset of the gun list, mods, etc. and still do everything The variety of guns is a flavor mechanism.
Programs on the other hand are like Pokemon. You have to get them all. And for the most part they're complex for no reason. Analyze, Browse, Data Search, and Edit could all be a single program. It certainly doesn't make a lot of sense that if you buy Edit without Browse you can edit it but not read it. (And what the difference is between a rating 2 and a rating 6 browse program is still baffles me.) Why isn't Command part of System? Scan could go away completely and be replaced by Sniffer for detecting hidden nodes.

------------------------
Back on topic:

Fortify and Verify: This seems like unnecessary complexity to the use of firewall. What is the goal here in making firewall more complicated?
Tarpaper: This functionality already exists in game (Pg 87 Unwired).
Erosion: Why not just delete the program and remove all copies?
Subclause: Again, I'm missing the goal of this, unless pizza delivery in your town takes longer.

Your goal here appears to be complicating the already time consuming (read: Everyone at the table starts opening their laptops and surfs while the hacker and the GM do massive amounts of dice rolling) hacking rules. I'm not sure why.

Posted by: Kirk Aug 25 2011, 03:19 PM

No, it's more like saying every character should have a weapon and some armor. And if the game designers had allowed purchase of a spell defense or mitigation that could be used by mundanes it, too, would be an "always" item.

The street sam needs a good firewall and should probably purchase an agent that runs a small set of programs looking for intruders. And a smart one will just like a smart mage or technomancer will pick up some armor and weapon.

Posted by: suoq Aug 25 2011, 03:26 PM

What kind of hacking pools are you seeing?

Note that Firewall (5) + Hardware Optimize: Firewall (1) + Analyze (6) (with optimize 3), can be run on most cheap commlinks at under 12 availability and for very little nuyen. Do not make the mistake of leaving the defense at SR4A levels when the offense is using Unwired, War!, etc. Give your large corporations the firewalls, etc. in War!, as well as Mooks that don't have mercy programmed into them. Use honeypots (targets that look attractive but have no actual value while having agents with trace functions).

Posted by: CrystalBlue Aug 25 2011, 03:49 PM

I don' know, maybe this was a bad idea to put here. They were ideas to make hacking more of a challenge. Hacking back in 3rd edition was deadly and serious. It was always a race between the decker and the security sheaf, seeing who got to what first. It was interesting. Hacking in 4th edition, for the last four years of me play, has been a simple "Uh, yeah. You break in. What do you want to do?" Because there was no risk. No serious opposition. Break into node, grab data, get out. There isn't a constant watch on the clock or IC patroling the area, scrutinzing every icon they saw. Am I just stupid, or did the corps's Matrix security get WORSE after the second crash, because I can't find a way to really make the hacker sweat.

My hacker usually can get an exploit of 6 and a hacking of 6. And that's an extended test. That can go on for as long as it needs to, if they're probing. And then, when they break into the node, they only have one roll that detects them. If it's a hacker with a good Stealth program or a smart Technomancer threading their complex forms, the system rolls a small amount of dice vs them and gets not enough. The hacker's in. Now what's stopping them? The system doesn't get to keep making checks on them. And the hacker doesn't have to continue to roll exploits or hack anything, he has Admin access. Security files, gone. Bank numbers, downloaded. Smiley face on the AR screens. And victory. And the system just takes it like a...well...some complex bondage metaphor. >.>;;

I created the extra programs because they sounded fun and they sounded like security procedures we do at my company. Not to the same extreme, but we limit users in a number of ways by controlling how people get to our data, even after they've logged in with correct credentials. Maybe not so much the malicious code, but the theory is the same.

But maybe you guys are trying harder to just justify, to me, why the matrix rules are crap and putting more programs into it doesn't solve it. Look, I agree with you. I don't like the Matrix rules. I want my 3rd edition back. But I play with what I'm dealt and the 4th edition is what I'm playing with. There's nothing I can do.

Posted by: Draco18s Aug 25 2011, 03:51 PM

This.

The problem is that right now, the cybersam who doesn't have a good comlink and good programs is vulnerable to hacking to the degree that it will get him killed at the push of a button and he'd have not only no way to defend himself, but no way to even know that it's happening.

And in order to keep an enemy hacker out, you have to spend something like 10,000 (and the hacker is better still, anyway). In order to defend yourself from a hacker, you need to be a hacker. And unlike "defending against spells means being a spellcaster" you can't have one in the party and cover everyone (that is: a mage can counterspell the entire party. The hacker cannot "counter hack" for the entire party).

Posted by: Deadman Trigger Aug 25 2011, 03:56 PM

Given the hacking rules as they are now, hacking is insanely easy for a hacker. To get admin access to ANY large corp, you only need 12 successes which, given the hacking pools I've seen, is do-able in either a few hours or a few phases.


Reread the hacking on the fly rules and remember that megas aren't going to have anything of value on a public access node. Your team is going to have to get access to those nodes. Hacker won't have time to find the backdoor. On the fly rules make it an extended test and every roll the node gets a firewall check with the hits being cumulative....not so easy now is it?

Posted by: Aerospider Aug 25 2011, 03:56 PM

You don't need Browse to read stuff - anyone with access to a file can read it, no program required. Browse just helps you find stuff that's buried under a shit-load of other stuff. You shouldn't need it if you know the file name of a document on a memory chip, but if you're in a vast corporate node and you only know vague details about the subject matter you'll get nowhere fast without it.

Posted by: CrystalBlue Aug 25 2011, 04:01 PM

And that's a stupid sam. If he's not smart enough to keep himself defended, then he deserves everything he gets. I shouldn't have to change the way the game is played based on the ignorance of players.




This is untrue. A hacker can counter hack for an entire party. You allow the hacker to pan everyone together, so they all have to go through him before they can get to any of those devices. And the hacker can use his own agents to patrol everyone's devices. I thought this was do-able. If it's not, then I need to completely rework how my systems are built, because now you can't have a security layer around sensitive systems, which seems stupid. This does limit what the other runners can interact with, but again, the other characters shouldn't be hackers and shouldn't need hacking equipment. They need a good device and good security.

Posted by: suoq Aug 25 2011, 04:14 PM

And the system firewall can find them and trace them while they probe.
Again, if the hacker is using Unwired, then the defense needs to use Unwired and War! and anything else you want to pull out of your pockets.

The good stuff doesn't need to be attached to the matrix. The real good stuff has no need to even be wireless.
If it is on the matrix, how does the hacker know the access ID of his target and how many systems does he have to go through to get to the node with the good stuff?

Posted by: suoq Aug 25 2011, 04:20 PM

Erika Elite @ 2500
Firewall 5 @ 2500
Hardware Optimize @ 500
Analyze 6 + Optimize 3 @ 900
Reasonable defense for 6400 , barely over 1 BP, 1 BP when you consider you needed a commlink anyway.

Meanwhile, this node is running hidden. The commlink that's running public has a fake ID and nothing of value, however it also can be protected for a single BP.

Posted by: Yerameyahu Aug 25 2011, 04:28 PM

I agree with Kirk and Draco18s: having a comm and programs for it is the same as having weapons and armor. Or hell, just armor. It's a Matrix 2.0 world, and you're a moron if you decide to go blind and naked in it. The fact that you can do significant things without investing much (at all) in skills is, AFAIK, the whole point of Matrix in SR4A; it's matrix for everyone. The hackers with high skills and top gear still rock out loud.

Posted by: Draco18s Aug 25 2011, 04:36 PM

Now read the fluff. Joe Blow on the street has none of those defenses. You need to own the latest and greatest hardware (and then optimize it to make it better), the best firewall, and then the latest and greatest Analyze software (optimized to run on the hardware) and all that does is when the hacker breaks in, it triggers an alarm. You've got nothing that keeps him from fooling around with you and your stuff after he's gotten in anyway (Analyze only says "hey, there's an intruder" it doesn't actually keep them out).



Which does jack. A real hacker can find hidden nodes just as easily as public nodes (the threshold is 1 versus 3 with a dice pool of 12+)



1) Agents: agents are cheating. If you allow the use of agents, the game devolves into "turtles all the way down" because agents are "cheap" and you can run an infinite number of them.
2) Linking pans: sure you can slave devices to another device. The enemy just pulls out his Spoof program and....oh, that pan linking didn't help you at all, did it?
3) Security layers died with SR3, because no one liked the system maps.

Posted by: Yerameyahu Aug 25 2011, 05:07 PM

Yes, it's very difficult to defend yourself (for long) from a good hacker. The system was apparently designed to allow them pretty significant ease, because otherwise they'd basically do nothing for hours and days. Either too-strong hackers, or no hackers. *shrug* That's an issue, and the GM can deal with it.

Still, everyone has decent access for doing some matrix functions, and should certainly have some okay gear for it. They *do* have and use agents, if only for data searches and things. The matrix is a fundamental part of life for even street trash, and you have to take that into account when considering the system and changes to it. It's not the astral, a special place just for the rare Awakened.

Posted by: suoq Aug 25 2011, 05:08 PM

Actually it does quite a bit.
1) The hacker must be aware of the node, or at least have a good guess of where the device should be (SR4A 230)
2) It's an Electronic Warfare + Scan (4) Test which means mooks without an EW autosoft are incapable of doing it and even though a Scan 6 is cheap, Electronic Warfare is not a cheap skill for what it gives. The best bet for the hacker is a extended test during a meet but that means I'm getting screwed over at a meet, and that's bad news be it matrix, meat, or magic.

Posted by: Yerameyahu Aug 25 2011, 05:14 PM

Well, only if he wants the easy version. He can scan for hidden nodes 'in general' at a much higher Threshold. It certainly does add another speed bump to use hidden mode, and that's the whole point of hacking defenses: slow him down.

Posted by: Tymeaus Jalynsfein Aug 25 2011, 05:15 PM

Joe blow does have the defenses, they are just not up to par WITH AN ELITE HACKER... There are other hackers out there that are not ELITE.



Public nodes have no real threshold if they are active, they are in your list be default. You may have to Browse for it, but you neither need a Scan Program nor a Sniffer Program. A Hidden node is MINIMUM of Threshold 4 (if you know where to look), a Threshold 5 if they are using Non-Standard Wireless, and a Threshold of 15+ if you DO NOT KNOW where to look.



1. Agents are not cheating, they are a viable alternative to those who do not want to Hack for themselvces.
2. Still has to have the Master Device ID. Not hard to get, bujt it is still a step. And does not help you if you do not know what the Node being spoofed is capable of. So, SPoofing ios not all that useful for other's PAN's.
3. No they did not, they are alive and well in SR4. They just take effort. Which is Effort well spent, in my opinion.

Posted by: Draco18s Aug 25 2011, 05:17 PM

"That guy has cyber. I bet it has wireless. I bet it's a node. I bet it's hidden."



Autosofts are for drones not people. Secondly, mooks don't have it, hackers do. Any hacker worth his salt will have the skill.

Plus, who said it was at the meet with the J? Could be any time you're out and about, even with the extended test, the interval is one combat round, so even at a threshold of 15 and getting 1 hit per roll, that's 45 seconds. 45 seconds is a pitifully short amount of time (when the sam is sitting at a stop light? While he's getting a coffee and doughnut?)

Posted by: suoq Aug 25 2011, 05:23 PM

Every bugger on the street has cyber.

Having some random hacker on the street with enough hacking skill and tools to find a wireless node and get past the firewall described above is about as game friendly as having some random sniper or mage on a rooftop target your character for no reason whatsoever.

I'm not sure what you're so angry about, but it seems your goal is to be angry and invent corner cases. Good luck with that.

Posted by: Draco18s Aug 25 2011, 05:25 PM

Who said it was random?

In the course of the run isn't it conceivable that an enemy hacker will attempt to take out you and your team? When they do, it's not going to be during a firefight. It'll be before, so that during the fight they take control and screw you over.

Not to mention that this is a two way street: the team hacker hacking the enemy from across the ocean in seconds, causing the cybered guards to spaz out, thus eliminating them from combat (or potential combat).

Posted by: Yerameyahu Aug 25 2011, 06:20 PM

Well, cyber will *not* have wireless, in most cases.

Posted by: Draco18s Aug 25 2011, 06:21 PM

Except that by the rules it does, explicitly. There's an entire sidebar dedicated to hacking cyberware.

Posted by: Yerameyahu Aug 25 2011, 06:42 PM

Right next to the rules that say most cyber doesn't even have wireless, doesn't have it turned on if it does have it, etc. That sidebar is vague at best, much more harmful than helpful.

Posted by: Tymeaus Jalynsfein Aug 25 2011, 06:52 PM

But only if that wireless acces has not been disabled, which it will be 99% of the time.

Posted by: Ascalaphus Aug 25 2011, 06:53 PM

I think they retracted part of that in Unwired.

In SR4, they went "yeah, all cyber has wifi for easy maintenance, but you can disable it".

Then in Unwired they changed it to "all cyber has wifi, but it's off by default. Here are some nanobots to sprinkle on someone to turn it on."

Which is still kind of fishy, but acceptable. Originally they wanted to enable "combat hacking", but after all the street sams complained they came to their senses.

---

Anyway, as regards "hacking is too easy": there are a bunch of methods in Unwired that actually turn hacking practically impossible.

* Nodes get Hard-Encrypted. That slows people down to a day to probe instead of mere hours.
* Data bomb everything.
* Encrypt everything.
* Firewall 6 on everything, because it's not limited by System.
* If it doesn't need wireless, then it won't have wireless.
* If it doesn't need to contact the outside world, then it won't have the means to go online. That means you need to go local to get access for a hacker.
* Segregate functions. The security network shouldn't mix with the accounting network.
* Everything important has a physical off-switch that cuts the power and/or connection.
* If a Node notices it's being hacked, it'll send a message to an external device to kill the connection. End of hacking attempt.

The hacking system just favors a defense-in-depth approach. But it can be secured. Protecting against DDOS is actually harder than preventing intrusion.

For Joe Sam, to secure himself against a hacker, all he needs is to switch off external communications. He'll lose TacNet and subvocal communication with his team, but he will be immune to hacking.

Also, a hacker can protect his team against hacking: just jam communications. Make sure your teammates don't carry too high a Signal on their commlinks and you should be able to interrupt their response to the hopeful hacker.

---

So, what do I have against these additional hacking programs you've proposed?

The most important one is that I think the game needs far, far fewer different program types. To do a typical hack, you need Exploit, Analyze, Stealth, Decryption, Defuse, Browse and perhaps five more.

To kill someone with a gun, you just need a gun, any gun, and bullets. You can pick guns with various benefits, but they all have the same basic function, and you don't need ten different guns used in the proper order to lay waste to your enemies. The choice in guns diversifies your options and adds flavor, but it introduces comparatively (to hacking) little bookkeeping.

That's what programs should be like: there should be a choice between the MCT Hacking Program, which is solid and powerful, or the Renraku one, which is faster and sneakier, but not so great if you get spotted.

---

Finally, "buying" hackers: I don't like it. I know the argument for it (dystopia, machines think faster than people), but I don't like it. I don't like saying "your character matters less than his equipment".

If you decide that your metahuman mind is important, it gives you a solid basis to then cut down Agents to a power level where the Agent Smith problem isn't so problematic anymore: because metahuman minds are simply better. (It also makes brain-in-a-jar "Agents" far creepier, but those aren't so easy to mass-copy.)

Posted by: Draco18s Aug 25 2011, 07:07 PM

And if you can make hacking impossible, then there's no reason to be a hacker. If Steve Sammy can make himself immune to hackers, then what stops a corporation (with millions of times the disposable income) from making itself unhackable?

And if a target is unhackable (which is easy) then what does a hacker do?

Posted by: Tymeaus Jalynsfein Aug 25 2011, 07:15 PM

Physically penetrates the facility and hacks from INSIDE the system. It is the Tried and True method.

Posted by: Draco18s Aug 25 2011, 07:19 PM

What if the exterior door (opaque) has a hardwired camera on the other side monitoring the door for "being in the state of not being closed"?

Posted by: suoq Aug 25 2011, 07:24 PM

Get a new GM. One who understand this mission is supposed to be a challenge to be overcome. Not a cakewalk and not rock falls.

Posted by: Draco18s Aug 25 2011, 07:27 PM

Likewise the players shouldn't be able to do the same to their pad, should they?

In which case, it's a rules problem.

Posted by: CrystalBlue Aug 25 2011, 07:35 PM

Really guys, I didn't know this was going to spawn another conversation about Matrix and the rules and have it spiral downwards. I just wanted an opinion on programs. I'll just make these into Agent or Sprite special abilities, which will make it be a little more acceptable.

I didn't mean to light fires.

Posted by: suoq Aug 25 2011, 07:36 PM

No. It's still a GM and players problem. If your players are doing that to their pad then a storyline results from it. Someone is trying to get into their pad. Who? Why? If someone knows where the pad is, is it safe to go back there?

If the GM is screwing over the players, the players need a new GM. If the players are screwing over the GM, the GM needs new players. The rules in the book do not make people's personal behavior problems go away.

Posted by: Draco18s Aug 25 2011, 07:42 PM

Sounds like you're the kind of person who'd be ok with a set of rules that includes the I Win Button. The first person to push the button wins the campaign.

Posted by: Kirk Aug 25 2011, 07:45 PM

Actually, Joe Blow has a firewall which is part of those defenses. And Joe Blow can set his node to passive or hidden, and according to the fluff does so at various times.

And for that matter, Joe Blow doesn't have a passcard or a triple-set magnetic lock and half a dozen firearms, either. Joe Blow is Joe Blow.



No. EW+Scan[4], or EW+Scan[15+,combat turn] extended test. Neither of those is 1 or 3. With 12 dice the hacker's got about an even chance of picking up the hidden node in the first case, and takes about 5 combat turns for the extended test. It's inevitable, but not "easy".




1) You cannot run an infinite number of agents.

2) That spoof program's harder than you think. Oh, getting the access ID is pretty easy. But to spoof you've got to minimally beat an opposed test: your hack+spoof vs the target's system+firewall. If the target's got a brain in the head the signal is encrypted and all commands are admin. That means first you have to crack the encryption (inevitable, but takes 3 to 5 combat turns) and then your test is at -6. If your target's running 5 system 5 firewall you need at least 16 dice to have a 50/50 shot. and that's all assuming your target didn't get coached by his team's hacker.

3) which means you haven't bothered to read unwired.

Here's a simple thing which I happen to like better than the slaving. I own two commlinks, my very good one and my cheap one. I wire them together and turn off the wireless portion of my good one. My good one is system 5, has a firewall of 5 as well. My cheap one, rating 2, has an optimized rating 4 databomb (Pavlov option) that triggers on logon (unless, of course, the password is known). It also has a rating 2 kitsune that does nothing but watch the databomb; alerting if the bomb is defused. My good comm gets that alert.

Picking up the databomb on an analyze isn't really that hard. Defusing it can be a bit tricky. But that happens to be the alarm trigger for the majority of my defenses, which includes just physically rebooting the cheap comm.

Posted by: Seerow Aug 25 2011, 07:53 PM

It is worth noting you can actually make cracking that encryption much harder. Unwired Page 66 has a nice little treat known as strong encryption. You spend up to 1 day encrypting your commlink, and from that point on anyone attempting to decrypt it has to deal with their extended test intervals being 1 day. You can't encrypt your signals this way sadly, but anyone wanting to defend a specific node should be using strong encryption to make it take more time than it's probably worth to get in.

If you combine that with dynamic encryption (same page, spend 1 complex action to increase target's encryption threshold by your hits on an electronic warfare+encrypt test), and it becomes literally impossible to break, because you can encrypt far faster than they can ever decrypt. (Interestingly despite both of these options being literally on the same page there's nothing about changing the interval for for dynamic encryption on a node that has been encrypted with strong encryption. So even though it took a day to set up, you can modify it on the fly with 3 seconds, while the opposing hacker is still spending days trying to get in).

Posted by: Draco18s Aug 25 2011, 07:58 PM

"Only" a firewall is going to do Jack Shit at keeping intruders out.



I was off on the threshold (and it IS threshold 1 to find public nodes, check that same section).

Oh, and if it takes 5 combat turns, then it is easy. Most people take more than 5 combat turns to make coffee.



Right. Only 1 on each toaster you own.
(How many toasters do you own?)



By RAW you can't spoof any device because you can't get the access ID of the device your trying to spoof as, due to the way the rules are written.



Lets say it's been a long time and it did nothing to help clear up the issue that "the rules for the matrix suck."



This is a door with an unhackable camera looking at it. And you didn't even realize it.



SR4 wanted "hackers to hack in combat time" and thus made the matrix run at the same speed as the meat and use combat turns and have the hacker on-site with the rest of the team.

Then they did this, putting intervals back at hours+



And this. These two options make a node unhackable by GM fiat, effectively removing the hacker from the game by virtue of making his role impossible to perfom.

(To quote an observation about the D&D Monk: "The class wouldn't be a trap, if it weren't for every other class ever.")

Posted by: Kirk Aug 25 2011, 08:39 PM

Draco18s, it's too easy, but it's too hard, but it's too fast, but it's too slow...

In simple, it appears to me you don't like the Matrix, no way, no how, and you're determined to deride any explanation. I think, therefore, that I'll stop discussing this with you. Not real fond of arguing just to argue these days, and "we agree to disagree" suffices.

Posted by: Draco18s Aug 25 2011, 08:47 PM

That's untrue.

While I do gripe about those attributes, I'm well aware of the fact that I gripe about both extremes.

But I also recognize that there's no middle ground. Or, rather, there is one, but it's knife-edge thin and takes very little for the rules (or even just an unaware GM) to nudge things off balance one way or the other.

There's three primary things I want out of hacking:

1) Hacker is onsite
2) Teamwork is required
3) Hackers can't trump non-hackers in combat by virtue of hacking their [cyber, comlink, gun] and pushing buttons.

Posted by: Tymeaus Jalynsfein Aug 25 2011, 08:50 PM

How do you get that from what was posted? I sure didn't.

Posted by: Draco18s Aug 25 2011, 08:52 PM

Sorry TJ, let me be more clear.

Although your group wouldn't be far off, either, TJ. You've got all these gentlemen's agreements to never have more than 15 dice to anything.

Posted by: Kirk Aug 25 2011, 09:02 PM

But the GM can always nudge almost any part of it off balance. I've seen it done with magic. I've seen it done with gunplay.

As to your three points I'll note:
1) Ritual mages do not have to be onsite;
2) Mages do not have to do teamwork;
3) Mages can trump non-mages by virtue of summoning their possession spirits and standing out of the way.

Look, the bottom line for me is that hackers aren't as over powered as you believe them to be. They have weaknesses. They have to deal with the other guy's hackers. They have to avoid the other guy's mages. And a knife in the back can't be hacked.

Posted by: Tymeaus Jalynsfein Aug 25 2011, 09:03 PM

It is amazing exactly how wrong you can truly be. And, for the record, there are no Gentlemen's agreements, and there are plenty of characters at our table that end up with more than 15 Dice in a given roll. Those characters actually have reasons to have those dice, though, other than "just because," And they actually fit the world, rather than trying to break it.

Posted by: Traul Aug 25 2011, 09:03 PM

Easy: wired security network.

Hacking is already a part of teamwork during infiltration. If you're thinking of pure matrix runs, then what you want is probably a more violent matrix. I think the split is not so much matrix/real world as it is stealth/brute force. Stealth thresholds, damage adds. When a group is using stealth, they are as good as the worst group member. When using strength, any contribution is welcome, no matter how small.

Maybe you could use something more akin to UV nodes? In a UV node, a hacker is a magician: everyone uses their abilities normally but he can alter the very fabric of the world on top of that.

Posted by: CanRay Aug 25 2011, 09:09 PM

Hitter, Hacker, Grifter, Thief, Mastermind.

Posted by: Yerameyahu Aug 25 2011, 09:10 PM

Super Skrull!

Posted by: Seerow Aug 25 2011, 09:14 PM

I'm curious why it's bad for a hacker to be able to relatively easily hack cyber implants and guns, to take over/slow down enemy beatsticks, but it's not bad for a Mage to use Control Actions.

Honestly, I think that hacking cyberlimbs and smartguns and doing stuff like that should be a major part of a hacker's role in combat. Yes, it sucks to be the beat stick getting controlled like that, but it sucks just as much when a mage is doing it.

Posted by: CanRay Aug 25 2011, 09:22 PM

How many Mages work low-end security?

...

OK, now how many have Spiders?

Yeah, I thought so. Door swings both ways.

Posted by: Seerow Aug 25 2011, 09:41 PM

That actually depends a lot on the GM. My group runs into mages almost constantly, and almost never encounters a hacker/spider unless we go looking for trouble in the matrix.

Posted by: Yerameyahu Aug 25 2011, 09:45 PM

Mages are rare. Hackers are… everyone. More than everyone, if you count unlocked agents.

Posted by: Seerow Aug 25 2011, 09:49 PM

Yet runners run into rare frequently. And if the group's hacker is being distracted by stopping enemy spiders from getting into his bud's cyberware rather than being able to go run amok right away, at least the hacker is doing something that is relevant to the rest of the group.

Posted by: suoq Aug 25 2011, 09:57 PM

Target is not on the matrix. Easy enough. See last weekend's Leverage for an example.
See any episode of Leverage.

I'm not sure how they're doing it successfully at your table. I'm really not. I wish you would walk me through the dice rolls because I'm not understanding how they do it.

Posted by: Yerameyahu Aug 25 2011, 10:08 PM

That's the GM's fault, Seerow. If they're running into mages, they should have their own. They should have 4 (or however many) hackers (of varying ability).

Posted by: CanRay Aug 25 2011, 10:13 PM

At the very least, Jerry in IT freaking out over the system crashing and constantly trying to get the IC back up and running.

Posted by: Seerow Aug 25 2011, 10:18 PM

Right, you have mages to deal with mages, and hackers to deal with hackers.

That said, having 4 hackers isn't something supported in SR4A on either side. While some high defense nodes may have that many, typically you have 1-2 spiders at a facility to deal with, if you have more than that it's typically a facility with multiple nodes and each spider dealing with their own thing (ie one monitoring security system, one dealing with drones, and one guarding the nodes with sensitive information), ie you won't be facing them all at once unless you really did something wrong. On the other side of the spectrum, you have one hacker on your typical runner group, and maybe an NPC contact you can call in for help for backup when on site presence isn't needed, or another runner with a minor hacking subrole. That's pretty much what the game expects. In the same way the game expects mages to be rare.

In my games, we haven't had a real hacker in the group for over a year, so the GM has kept matrix challenges as pretty much an aside, if something's needed we have a few contacts, but dealing with a hacker on site is something we rarely have to deal with. On the other hand, our group has a full mage, who tends to just bowl through enemies if there's not someone providing them with counterspelling. As a result, we tend to run into enemy mages pretty frequently, because without them, the mage would literally be winning combats before anyone else got an action. Similarly, if we had a hacker, I'd expect to see enemy spiders and IC a lot more, simply because without them the hacker would breeze through nodes and get what he wants with no opposition. I wasn't trying to assert the lack of hackers is normal, but just pointing out them being pervasive isn't something that's true in every game, despite the fluff.

Posted by: suoq Aug 25 2011, 10:21 PM

Since we're back to this claim, I'll repeat my question.

Posted by: Yerameyahu Aug 25 2011, 10:29 PM

Just spend some money on it. Minimal skill is *fine*. Piracy only alters the price. I guess the difference is that 7 dice *does* seem like a hacker to me. If your definition of hacker only allows 'nova hot', then I can see how you were confused.

Seerow, I didn't mean a hacker team, with everyone active at once. I mean that any given person should be non-naked when it comes to jamming, hacking, etc. In exactly the same way everyone has at least a pistol.

Posted by: Draco18s Aug 25 2011, 11:39 PM

To counter:

1) The ritual magic rules are so poor as to be worse option than using an elemental AoE spell against a single target.
2) Mages, do, do teamwork. What do you think counterspelling is?
3) I have other issues with spirits being the trump card (with stick 'n shock being the gun trump-all card). Possession spirits also aren't that dangerous by themselves. They have to posses something first.



At what point did I say they were overpowered!? My god man, I said they were underpowered! But with several tricks up their sleeves that have no counter, or at least, very difficult to counter for long.

Or what I mean is.
They're underpowered when it comes right down to it, by not being involved enough, but overpowered in the ways that make them push a button and kill somebody without any defense (and are super protected via hacking from India).

Posted by: Ascalaphus Aug 26 2011, 12:40 AM

Hey! Hey! I wasn't defending the Matrix rules. I think they suck for a wide variety of reasons. Don't set me up for a straw man here - I just happen to think the rules swing too wildly from "utterly easy" to "effectively impossible".






Control Actions is bad.




Hacking cyber just makes so little sense. Why would sammies get cyber if it's just one huge liability? Why would they leave on the WiFi if by their very profession they know they'll run into hackers. They don't need their cyberlimbs accessible from the Matrix at all.

It's nice thinking to give hackers something to do in combat, by hacking cyber. But from the sammie's point of view, he's getting screwed over, because some game designer is forcing implausible weaknesses on him just to give the nerd something to do in combat.

Posted by: Draco18s Aug 26 2011, 05:27 AM

All of this.

Posted by: Yerameyahu Aug 26 2011, 05:42 AM

Hackers simply have plenty to do already, in and out of combat.

Posted by: Ascalaphus Aug 26 2011, 10:58 AM

I thought they were doing well with unifying hacker and rigger rules. A hacker who wants to contribute to combat has enough options without abandoning common sense to go hacking cyberware.

* Get a cyberarm with Agility 9 and take a hit of Cram. Instant combat-worthiness.
* Rig observer drones and provide tactical oversight and perhaps some more TacNet contributions.
* Rig fighting drones.
* Interfere with police responses, alarms, traffic lights etc.
* Lay down covering fire.
* Send in the Bust-a-Moves carrying WiFi-controlled grenades. Not terribly cheap, but certainly a terror tactic.
* Jam the enemy's TacNet and communications. Prevent HTR from being alerted.
* Stop enemy biomonitors from sending out distress calls.

Posted by: Draco18s Aug 26 2011, 01:42 PM

When was this ever the issue? I've always been saying that the non-hackers need to contribute to the hacking more than the other way around.

Posted by: Yerameyahu Aug 26 2011, 02:05 PM

Maybe it wasn't the issue for you, but it's certainly been an issue for many people. At worst, it's slightly off-topic.

Posted by: Ascalaphus Aug 26 2011, 02:22 PM

What Yerameyahu said. Abominations like cyberware hacking probably got developed because they wanted to give hackers something to do in combat. (Or from watching GitS and failing to get the point of "autistic mode".)

Giving the team something to do while the hacker hacks is much trickier to implement. A supporting role perhaps? One dude to watch over the VR hacker, ready to pull the plug if he gets locked in by black IC.

Currently, Agents are much more sensible as backup for a hacker than teammates. A teammate with lukewarm hacking/cybercombat skills is a bit of a liability. He's more likely to trigger some alert through less-than-perfect actions, and if cybercombat happens he's a chewtoy for IC. If an Agent gets chewed up, just re-install it from the backups.

Posted by: Kirk Aug 26 2011, 02:27 PM

Shades of the gang gathering to watch someone play their [insert handheld game player here].

Posted by: Ascalaphus Aug 26 2011, 04:00 PM

Yeah, and that's the problem.