The SR4A book only talks about tracing someone via his or her access ID. But, what if you only know the person's commcode? Can you trace him or her knowing only the commcode? If so, what are the game mechanics for doing this?

Also, does the target of your trace need to be online for you to trace him or her? The Trace User action description says, "You trace an icon back to its originating node" (SR4A, 232). To have an icon implies that you are online, meaning this description implies that the target must be online.

There are no "hard rules" on this, but I would say that you can trace someone with their Commcode, but you would need to actually try to call them. If they are online, then you run the Trace after they pickup and if it completes you get their physical location. If they are not online, then your trace would lead you to their answering service's node.

If you had their Access ID, you can run a Trace anytime (online or not), and if they are not online you will get the last location where they were online. This is all subject to the whims of the GM, of course, as they may rule that a particularly "old" datatrail may not be able to be followed due to intermediate nodes clearing out their logs of previous Access ID's. This may be especially true of very high traffic nodes.

My understanding was that with the commcode you could attempt to hack the comm. If you succeed in hacking the comm, then you could run a trace. This would work without calling them at all. Of course this only gets you the location of the comm. If it is turned off, you get nothing. As above, if the commcode leads to an answering service you could get that.

Thank you for the replies. Thinking about it more after reading your replies, I'm guessing that Malachi is correct, in that you'd have to call the commcode first, then begin the trace once the other party answers. Otherwise, there's not much point in spoofing an access ID if you can always trace via only the commcode.

To hack the comm first, as Orcus suggests--wouldn't you need the access ID to find the commlink so that you could hack it?

If I give you my comm code, and that number goes straight to my comm link then the number alone should be enough. If some sort of number spoofing is going on, there are no mechanics to cover it. I would suppose that you would need to hack each nod the spoof is using, or otherwise follow the communications. I consider it as having to follow some common sense rules. If data can get to the phone, so can a hacker. My character never gives out a comm code direct to his phone. He uses a message service just to avoid this.

You need to hack the MSP providing the commcode.

Indeed.

Technomancers can use Sleuth Sprites with the Traceroute Power as well. (Unwired, p. 156-7)

I wonder, would you be able to trace a commcode like this if you were using Capture Wireless Signal?

For instance, your team needs to track someone down but can only find that person's girlfriend, and she doesn't know. Could they wait until she calls him or he calls her, capture the wireless signal then run a trace on it while the call is in progress?

And if it could work, would a similar approach be possible with the Intercept Traffic action over a wired system?

It is certainly possible. The easiest would be to hack the GF's comm. Wait for the phone call, and then run a trace on his icon when they connect. If her comm has his comm code, and you believe as I do that having the code is sufficient to run a trace, then as soon as his comm becomes active (ie not turned off) you could trace it. The first method will work whichever way you think it works.

Part of the way connections work, I turn on my comm. My comm connects to my service provider. My service provider knows both my comm code, and the access ID of the actual hardware. Someone attempts to call the comm code, and it is automatically routed to your physical comm link. All trivial, and occurring very quickly, seamlessly and behind the scenes.

The real trick, is that this works in both directions. The person calling you also has an MSP handling their end of the conversation. So while there is no direct wireless connection between the two (unless they are using radio connection methods) There is a path to be followed.

If they are directly connected to one another via wireless (not very common) then you could simply sniff the connection to find the other end.

I would say you can trace them so long as their comlink is turned on, and capable of picking up calls. If its running on hidden mode then perhaps not, but otherwise yes, as if the network can find them to deliver the notice someone is trying to get a hold of them, then you can find them too.

You can't trace someone by their commcode any more than you can trace a person in modern times through their e-mail address. Unwired talks about how MSPs give you multiple commcodes. This means that commcodes are something independent of a commlink (Confusing terms, I know). An access ID is more like someone's IP address, which tends to give more information about where they actually are, and is individual to a computer (Can be changed and spoofed and so on of course, but I'm talking general).

So yeah, tracking down someone via their commcode would be about as easy as tracking down sexxykitten69@yahoo.com (And who wouldn't want to track down a 42 year old overweight virgin living in his mom's basement (x.X?) )

Except phone calls are handled with data requests and involve no icons.

Ha ha ha

ok here is a test for you... Send an email to whitehouse.gov stating your intention to commit some sort of horribly illegal act and see how many hours (minutes perhaps) until someone one is knocking at your door. Tracking a valid commcode is perhaps non-trivial, but it is certainly possible. The method would be exactly the same as tracking someone@wherever.com. You hack into Wherever.com either through physical means (breaking and entering), social means (con and social engineering), or matrix/technical means (hacking MSP records is done today, and will continue in 2070). In 2070 gathering the data is extremely easy and relatively quick (again this is my take on things). We have played that it is possible to simply make a partial connection to the comm code (like pinging the IP address and checking to see if it is there), you then can attempt to hack the underlying comm. While I grant that not everyone sees these things the same as I and my group. You cannot say that anything like this is impossible.

Yeah, sure, it is possible to track down an e-mail address, especially by a body like the government, but if we combined my using a yahoo.com e-mail address, spoofing my IP address whenever I use the e-mail address, and of course providing bogus or wrong information, and then added on me using a public computer? That would be about the difficulty generally involved. A commcode isn't tied to a particular commlink, so you have to rely on getting the access ID from the MSP (which would be a task in and of itself in 2072). That then allows you to possibly find a particular commlink. If you're dealing with a runner, especially a hacker, then you'll likely run into the problem of disposable commlinks and/or spoofed access IDs. And most likely, the SIN that the MSP service is tied to is fake.

Now, if it is average joe sending this letter to the government, then yeah, they'll likely be tracked down. But if it is anyone who even remotely knows what they're doing, they'll never be found.

I'm leaning toward Karoline's interpretation. In your example, Orcus, I'm pretty sure that they track based on your IP address more so than the actual email address used. As Karoline pointed out, the real life equivalent of the datatrail is your IP address, which is how you get caught for downloading movies and music that you did not legally buy. It has nothing to do with your email address.

Ok a normal person with no government affiliation can do some of this, I grant the point that it is easier for a huge organization. Regardless the process is the same. Email goes to an authorized email server (or in 2070 through an MSP). The email server keeps records of when, where, and how this traffic occurred. You can obfuscate these activities somewhat, but you cannot completely hide them. Case in point, Kevin Mitnick, who toward the end of his criminal career was both knowledgeable and paranoid, yet he was tracked. He was tracked not by the FBI, who were basically incapable at that time, but by Nakamura, a private researcher looking to make a name for himself. Feel free to read Takedown if you want more details on Nakamuras personal life than anything relating to the capture of Mitnick.

Regardless, in 2070 almost any 2 bit hacker can get data from an MSP. If I know your comm code, I will be making a track test compared to your stealth or spoof. Depending on how good you are as to how difficult it will be for me to track you. If a GM thinks that it should be harder than that, he can come up with stats for hacking the MSP associated with the comm code and role play, or roll play the attempt. I think that time is saved by just assuming that if I have the code, and the comm is active, that is enough info to allow me to attempt a trace.

Oh dragon jesus, i really need to stay the hell out of threads vergin on RL hacking.



Hours would be at the absolute earliest, days is more like it and even the best methods can be defeated with basic countermeasures.

Hehe, I wasn't going to call him out on that.


Obfuscate somewhat? I could very very very very very easily reset the IP on my computer, then run my connection to yahoo through an anonymousation site. I would then create an e-mail address with totally bogus information. I would then use that e-mail address to send the e-mail, and never log on to it again, as well as clearing by browser history (Just to be safe, you know). I would then reset my IP again.

The only way that the government would be able to find me would be to first go into Yahoo and get them to release the IP address of the one who made the account. That would lead them to a random computer which was used to route my connection, which would fail to contain the IP I used. Even if it did, it would lead to an IP that no longer existed. In order to have any chance of tracking me down at that point, they would then have to contact -every- ISP out there and get them to run a check for anyone with the relevant IP at the appropriate time. They then might manage to find me (This would likely take weeks or months of legwork). And that of course is based on the assumption that I wasn't using a public computer in the first place, or was using my own and didn't have my stuff owned through a fake SIN.

So yeah, I think that is just a tiny bit of work for the government, and very much not within the means of joe hacker.


He was tracked via his e-mail address?


True, any 2 bit hacker can get data from an MSP, and any 2 bit hacker can also remove data from an MSP, as well as fake his own in the first place. Now, what you could do is use a comm-code to call the person, and if you can keep them on the line long enough, I'd imagine you could trace them much like a modern phone trace. But you can't just go "Locate 555-2464 now." Imagine the implications that would have for the world. Burglaries would be so freaking easy. You'd just trace random commcodes in the area until you found one belonging to a real nice house, then you'd wait for the person to leave (You'd always know if they were home or not thanks to being able to locate them 24/7 based on their commcode) and rob the place. Heck, you could even keep an eye on their current location to see if they suddenly stop or start moving or something to indicate that they got a warning the house was being broken into.

And lets not even get into stalkers.

Commcode -> MSP
MSP -> Commlink

Therefore, if you can
a) hack through the MSP
or
b) trace where the MSP sends your attempt to call the commcode to
then you can find access ID of the commlink.

(Well, unless that commlink isn't really the target commlink, just some innocent node that forwards the call to another commcode; you can route the call through several MSPs to make tracing it back rather hard. I don't see why you wouldn't.)

Uh, no. The whole spoofing IP address has a whole bunch of issues. Like it's a unidirectional connection, as the return packets can't get to you, as you are spoofing the return address. This assumes you can guess the initial TCP sequence, which isn't likely on a modern system. And that the network doesn't dropped spoofed packets, which any well run site will do per BCP 38/ RFC 2827.

And I've been peripherally involved in investigations involving the FBI and people sending email from public machines in libraries. It's not as safe an idea as people think.

That's what Spoofing Commands is all about.

Spoofing or changing your AccessID is like changing your MAC address (either do it in software, or in firmware) - just, in the case of SR, the MAC basiacally makes up the complete IPv6.

Spoofing your IP is like leaving a bogus number on someone's voicemail, but then wondering why they never call you back.....

Just hack another box and connect via that, don't try to be subtly clever.

Not really even slightly. Spoofing IPs is very possible, and is done all the time. It really isn't even remotely hard actually.

There are, as far as I can tell, three dimensions to this tracing question.
We can ask what the RAW says. We can then argue about the meaning of these very unclear words for the next millenia (yes, I mean the plural.)
We can attempt to ask what common sense says is likely to work. Without knowing the architecture of the service provides that accept and place phone calls, and with the known fact that the security architecture is very different form what we understand today (due to public key crypto being broken), trying to reason from real life or common sense seems very difficult.

This leaves us with what I think is the most important question. What will produce the best game play? Being able to trace an active conversation seems necessary in order to have tracing be a component of the game. But if commcodes can be traced, then it is much too easy for anyone to track down anyone else. Given that slow hacking almost always succeeds, one can unravel the chain, looking for people. The assumption is that since the players (and the target) need to be reachable, someone has their commcode. That someone can in turn be found. In fact, with some of the technomancer tricks, you don't even need to find the chain. Just do Info Sortiledge or other fancy resonsnace searches. If we declare that non-communicating commlinks can not be found in the real world, at least there is some protection. (Otherwise, any hacker with an implanted commlink is a walking timebomb. They have enough risks as it is.)
So I would tend say that for gameplay reasons you do not want commlink numbers that are not actively talking to be traceable. One can then decide on the reality model one wants to use to get that result.

Yours,
Joel M. Halpern

Karoline I know what your actually speaking of but your terminology is flawed.

Not using the same address twice is not the same as spoofing an address.