New member with some questions, if anyone can help Options

[joe13]

Hello, and thank you for allowing me to join this group. I GM'ed 2nd and 3rd
edition and I am now doing 4th, and I have a few questions if anyone can help me
out. When a hacker reduces his datatrail on his access ID, do they just spoof it
each time they log on to different nodes or the Matrix by doing a Hacking +
Spoof test? I read that somewhere online, but I thought they could only alter
software or hardware as listed on pg 224, and when they reboot their commlink,
wouldnt they lose all their programs? And, if characters constantly change their
ID, is there anyway their datatrail can be tracked days after a run? Is there
one roll or game mechanic to cover this, or is it something played out, like
extensive Data Searches to find evidence? Any help anyone can give me would be
much appreciated. Thanks.

[suoq]

If your software is registered to an access ID, then yes, life sucks. Discuss things with your GM and figure out what house rules they use. If software is registered find out how that option is removed. If piracy is used, does that software come unregistered. Missions, season 4, if I recall, does not have registration so you can, I believe, change you access_ID and keep your software. Note that your hacking commlink should NEVER go into active mode. (SR4A 223: "You give permission for anyone to connect to your commlink and see what is on it.") You should have another commlink for active mode.

If characters constantly change their ID, their data trail can still be tracked depending on the OPSEC. For example, if the hacker is always hacking from the same SoyBoy franchise, or, heaven forbid, from their teammates safehouse, then that location can be watched for activity going through or from that node.

[remmus]

ooo plan to host that game here? Or it´s with some RL friends of yours?

Sorry for going of topic, just notice that part ^^

[sabs]

Suoq, He IS the GM (IMG:style_emoticons/default/smile.gif)

If you use AccessID A when you are hacking into corp site 1, from soybun franchise 2.
When you are done doing your run, you spoof your accessID to B.

Corp Spider does a trace on AccessID A, he gets to Soybun Franchise 2, but doesn't see anything answering to AccessID A, because it's gone. Corp Spider is called upon to do another trace on accessID R, and it shows up in the Soybun Franchise 2 again. That seems odd, so they start pulling security footage, to figure out who the hacker using the Soybun's matrix connection was.

[Mardrax]

Corp Spider does a trace on AccessID A, he gets to Soybun Franchise 2, but doesn't see anything answering to AccessID A, because it's gone. Corp Spider is called upon to do another trace on accessID R, and it shows up in the Soybun Franchise 2 again. That seems odd, so they start pulling security footage, to figure out who the hacker using the Soybun's matrix connection was.

Of course, SoyBun Inc -wholly owned subsidiary of Aztechnology- outsourced security spider will go "¿Estás loco, amigo? Sal de mi sistema!" at NeoNet's request for his security footage.

[joe13]

So, it is possible to trace to a location even after someone has logged off? I thought they could only run a trace while the user is online. And,can a hacker spoof their ID, without having to change software or hardware, like it mentions on pages 223-224 of the rulebook? In that example, the software change only lasts until they reboot their commlink, and the hardware adjustment lasts until they change their hardware, which seems to be a pain and would be expensive. The Anatomy of a Shadowrun mentions spoofing ID before going online, but since the character in that example is a technomancer they dont have to.

[sabs]

the hardware change is just some sodering, basically. And the software only lasts until they reboot their commlink that's correct. Although one of the first actions they can take is spoof their accessID.

My hackers tend to do this:
They change the accessID with hardware changes about once a month. Everytime they boot up their system, they use a software test to do a new accessID. Before every hack attempt (when possible) they do a new accessID, and change it afterwards.

My hackers also tend to have the disguise skill, and hack from somewhere public, and never the same place twice if they can help it.

Mardrax is right, the Aztecnology spider tells the neo-net guy to go to hell, if the neo-net guy asks for the footage, instead of hacking for it.

I always rule that you can back trace an offline user to the last known location, (within 50m) for a number of hours equal to 10 - stealth rating.

But that's totally a houserule.

[suoq]

So, it is possible to trace to a location even after someone has logged off? I thought they could only run a trace while the user is online.

Trace action = while online. Look at the logs = after the fact. Even assuming good opsec it may be possible to get quite a bit of information from log files. As a RL example of this, read Clifford Stoll's "The Cuckoo's Egg" which documents a long term hacker hunt based off an accounting discrepancy. In game, this is why hackers edit the log files, because doing so is better opsec than not doing so. That being said, it's not a guarantee.

And,can a hacker spoof their ID, without having to change software or hardware, like it mentions on pages 223-224 of the rulebook?

Your campaign, your rules. Unwired makes a mess of the hacking rules by adding registration, copying, and piracy.

Readings I do reccomend:
http://forums.dumpshock.com/index.php?s=&a...st&p=804857 - Game, Set, and Match by Tiger eyes. (edit: Note that unwired changes the spoofing rules by adding modifiers for access level.)
http://forums.dumpshock.com/index.php?s=&a...t&p=1072291 - Hacking a Node by sabs.
http://www.serbitar.de/stuff/sgm_1.pdf - Serbitar’s guide to the matrix

[joe13]

Thanks everyone for your help.

[Tymeaus Jalynsfe...]

the hardware change is just some sodering, basically. And the software only lasts until they reboot their commlink that's correct. Although one of the first actions they can take is spoof their accessID.

My hackers tend to do this:
They change the accessID with hardware changes about once a month. Everytime they boot up their system, they use a software test to do a new accessID. Before every hack attempt (when possible) they do a new accessID, and change it afterwards.

My hackers also tend to have the disguise skill, and hack from somewhere public, and never the same place twice if they can help it.

Mardrax is right, the Aztecnology spider tells the neo-net guy to go to hell, if the neo-net guy asks for the footage, instead of hacking for it.

I always rule that you can back trace an offline user to the last known location, (within 50m) for a number of hours equal to 10 - stealth rating.

But that's totally a houserule.

You really should install a Spoof Chip in your Comlink. (IMG:style_emoticons/default/smile.gif)

[suoq]

You really should install a Spoof Chip in your Comlink. (IMG:style_emoticons/default/smile.gif)

Arsenal 105, if you're looking. The main disadvantage of a spoof chip is that you can't use it to go back to a previously used access_ID if you wish to. I've also been mulling over the joys of getting a list of access IDs of people I don't like and deliberately using their IDs on jobs.

[sabs]

yeah, spoof chip is cute, but I like the manual ability to go back, and reuse certain accessID's during certain jobs. Sometimes, you want to frame someone.

And woot! I got quoted as a source (IMG:style_emoticons/default/smile.gif)

[Tymeaus Jalynsfe...]

yeah, spoof chip is cute, but I like the manual ability to go back, and reuse certain accessID's during certain jobs. Sometimes, you want to frame someone.

And woot! I got quoted as a source (IMG:style_emoticons/default/smile.gif)

Having a Spoof Chip does not preclude you from using a previous/specific Access ID. Just do not enable the Spoof Chip for that particular Matrix Run, and manually set the ID. You can turn them on and off after all.

[joe13]

I do have two new questions that I would like to ask if everyone doesn't mind. The first is when deleting log files, I read online that every hit a Hacker does deletes" edit program rating" hits worht of traces left behind. I am assuming that each action in a node counts as a possible trace, for instance 20 actions done in a node would equal 20 hits? And I have a question about Agents, the SR4 rulebook does not exactly state where they come from in regards to a commlink, is it just as simple as buying an Agent Program from the gear section?

[sabs]

Yes, every action is 1 entry in a log.

You buy agent programs, and run them on your commlink.
They will have the accessID of your commlink.

[capt.pantsless]

Of course, SoyBun Inc -wholly owned subsidiary of Aztechnology- outsourced security spider will go "¿Estás loco, amigo? Sal de mi sistema!" at NeoNet's request for his security footage.

Well, maybe. Inter-megacorp cooperation is certainly possible, given the proper motivation and/or persuasion. After all, Mr. Johnson's can have cross-corp contacts as well. Shadowrunners should never feel safe hacking Corp B from somewhere within Corp A. It'll take more effort to get the footage/logs/etc, but it can be done.

[sabs]

This is why Hackers should have disguise skill, con, and a bunch of throw away commlinks with cheap SiNs for casual use. Given that you can create masks that will let you use your hits in a computer+edit roll to add to your disguise total. That's just awesome for a hacker. If you can, also keep a handful of personafix chips that you can slot when needed to. Combined with Skillwires, you can imitate almost anyone, doing any job.

[Mardrax]

You buy agent programs, and run them on your commlink.
They will have the accessID of your commlink.

Partially false, or rather incomplete: agents have their own Access ID programmed into them. They will only use your comlink's Access ID when they're loaded into your persona. They can (and often do) operate completely independently as well, in which case they use their own Access ID.

[Redjack]

Partially false, or rather incomplete: agents have their own Access ID programmed into them. They will only use your comlink's Access ID when they're loaded into your persona. They can (and often do) operate completely independently as well, in which case they use their own Access ID.

Hmmmm... An agent is software.. Can you provide a reference to this?

[Mardrax]

Agents loaded into your persona use your access ID. Traces on an agent program trace back to your own point of origin.
Agents (or IC) acting independently of your persona, whether on your commlink or on some other device, use their own hardcoded access ID to identify themselves to other nodes. This access ID is identical in all copies of a given agent unless it is patched with a Software + Logic (Rating x 3, 1 week) Extended Test.

@Redjack Whoops. I missed! (IMG:style_emoticons/default/wobble.gif)

[Redjack]

(pg 234) Thanks!

[PoliteMan]

Well, maybe. Inter-megacorp cooperation is certainly possible, given the proper motivation and/or persuasion. After all, Mr. Johnson's can have cross-corp contacts as well. Shadowrunners should never feel safe hacking Corp B from somewhere within Corp A. It'll take more effort to get the footage/logs/etc, but it can be done.

If nothing else, (IMG:style_emoticons/default/nuyen.gif) 1,000 will probably get that Azzie spider to turn over any relevant info.

[Mardrax]

If nothing else, (IMG:style_emoticons/default/nuyen.gif) 1,000 will probably get that Azzie spider to turn over any relevant info.

You realise when that gets out, the spider will be accused of spying and treason (and probably end a human sacrifice or in some blood sport) and NeoNet will have quite some issue as it comes out they've been spying on the Azzies?

When dealing with corps, especially AAA ones, things aren't as easy as running a bribe here or there.

[PoliteMan]

If that gets out where? If his boss finds out, he's in trouble because he didn't get a cut. And why would anyone higher up care? These aren't critical secrets, this is video footage from Soybun subsidiary franchise #423,977. If the spider for a freaking McDonalds is going to get executed for selling video footage of fat Americans farting, then your setting basically has no corruption. Or at least the megacorps have no corruption (god, that sounds wrong).

[Mardrax]

If that gets out where? If his boss finds out, he's in trouble because he didn't get a cut. And why would anyone higher up care? These aren't critical secrets, this is video footage from Soybun subsidiary franchise #423,977. If the spider for a freaking McDonalds is going to get executed for selling video footage of fat Americans farting, then your setting basically has no corruption. Or at least the megacorps have no corruption (god, that sounds wrong).

Sometimes, it's not about what's lost, but about what's to gain if the issue is pressed. What would the Corporate Court think of clearcut international espionage? Clearly, there's something to gain, especially with the Azzies' wordspinners around.

Of course, NeoNet being able to call on more than a few deniable assets who are more than happy to do some datagrabbing is why this game is called Shadowrun.