Speeding up the Matrix, But first, am I clear on this? Options

[deek]

I not running a SR4 game currently, but I'm continually thinking about improving games I have run, and the Matrix has always been a sticking point (yeah, go figure, right?). So much so, that any matrix characters get the banstick from my players. One of the problems that I've had is that any matrix action is two-step: 1) gain access and 2) do something. I guess there could be another step of "find something" before you "do something", but for this topic, I'm just looking at speeding up "gain access".

As I was rereading some matrix sections in SR4A and Unwired, I was discovering some things I am not sure I was aware of and wanted to get some opinions.

The way I see it, a hacker going for an admin account that fails his hack on the fly, gets in the node, but sets an active alert and all actions that an admin would normally have, but need hacking rolls to complete due to the alert.

Now, if the hacker had just went for a user account, it would be easier to get in without setting an active alert, but he'd only have user access, so all other actions above user access, would need hacking rolls to complete.

I think that's all pretty straightforward. The part I missed in my previous games was the admin account with an active alert, can't just spend an action and cancel the alert and go back to doing his thing. Every action he takes, must be a hacking roll.

Now, the other thing I was looking at was the active alert. It appears that once it happens, per Unwired, the alert is going to trigger 1) IC deployment to node, 2) Alert sent to spider and potentially auto-log spider into node, 3) attempt to log intruder out of node or 4) shutdown/reboot node. But, after that action is completed, the intruder goes on his way in the node.

I'd assume the intruder would want to shut off the alert and if he hacked admin access, after dealing with the results of the active alert, would simply need a hacking roll to turn it off and have full admin access.

I know there can be other IC patrolling the node, but assuming there are no other IC, then its pretty safe for the intruder once that alert-triggered response is dealt with, right? I mean, I know everything the intruder is doing is logged in Access Logs, but once that alert is dealt with, there's really nothing else.

I suppose that any hacking rolls made in the node, regardless of account type, could trigger another alert and the intruder would have to deal with another response. I guess I was thinking that I could speed up matrix stuff if there was a "failed" login, but based on RAW, there is no such thing as a failed login. Whether hacking on the fly or probing, no matter what access you are trying to get, you will always log in with the access you want. You just may trigger an alert when you log on.

I guess you could use the optional limit of extended tests rolls or create an optional rule that an alerted hack also drops you to a user or public account...