![]() |
![]() ![]() |
![]() |
![]()
Post
#26
|
|
Target ![]() Group: Members Posts: 29 Joined: 21-October 05 Member No.: 7,871 ![]() |
Under Windows Server 2003, which we could consider to be a baseline for current network security, there is no simple 'Admin' level account. Computers have Local Administrators, networks have Domain Administrators and Enterprise Administrators, each with varying flavors of authority. And it's generally foolish to give out admin powers to more than one or two people, because there's a couple dozen pre-configured account groups that give out only very specific powers. You can set a guy up so that his sole authority is to be able to reset one specific printer queue on alternate Tuesdays between 1:30 and 1:45.
Now real world computer security is made by people who have serious money to lose, so you've gotta make allowances for Shadowrun being a game. If corporations were as serious in 2070 about network security as they are today, all the deckers would be straight out of a job. Or dead. But if you want more realistic computer security without making it nigh-impossible, do the following: 1. Reaching for admin level access should be unwise. It should be standard operating procedure at any corp with a marginally-competent IT department to check the user list to make certain there are the same number of admins this morning as there were yesterday at closing time. A more paranoid IT department should be checking the user list with every shift change. That way grabbing an admin account will properly provide supreme ultimate power, but be a huge red flag to whomever's computer you're breaking into. Better use it quick and delete it before any corp deckers check the user list. 2. Less personnel at night, but other obstacles. I have yet to see a place paying an army of MCSAs to be hunched over keyboards 24/7 in case some kid in Turkey tries to break into the server and stash their porn and MP3s on it. Some companies do have living people babysitting the server at godawful hours, but those people are usually low-paid rubes doing the daily backup operations instead of the administrators. The admins go home and go to bed like everyone else. However, people also aren't usually dumb enough to leave their networks open and defenseless outside of business hours. Some places shut their systems down at night (rarely), cut off the routers to keep remote people out (more commonly), or have access policies in place that make the servers reject logon attempts outside of business hours (most common). In Shadowrun terms, I'd have it less likely to run across a person in the system at night, but raise the Firewall rating and make the IC nastier, because the corp knows that people shouldn't be in there at those hours and cranks up the security settings. 3. People, not computers, are the weakest link. Network security today can be cranked up so tight it'll pop the fillings out of your teeth, but it almost never is. People are lazy and don't want to type three passwords, swipe a smart card, and scan their thumbprint just to open a text file. Executives are greedy and don't want to pay for the top of the line security measures. IT departments are sullen about the lazy employees and greedy executives and will occasionally drop security levels down to insanely permissive settings just to make the phonecalls stop for a day. GMs should reward hackers who try to exploit human nature in their crimes by collecting network information from people. 'My brother used to work there, and he said the passwords were all 12345, that's so stupid!' 'I was making a delivery and saw that everyone had post-it notes all over their monitors...', etc. Likewise, one sneaky little trick is to simply use a telescope to peek through a window and watch someone type their password, circumventing all security in one fell swoop. |
|
|
![]()
Post
#27
|
|||
Neophyte Runner ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 ![]() |
Of course, the flipside to this also applies: If you've created an unauthorized admin account, and aren't taking the appropriate steps to cover your tracks, you deserve what you get. (Ideally, I'd have it set up so that any of the other admin accounts that log in get shunted to a virtual machine copy of the node that has had all traces of your existance on the node edited out, but I'm not familiar enough with SR4's rules yet to know where I'd start on such a process or even if it can be done using the rules in the core rulebook, or if I'd have to wait for the expanded rules.) |
||
|
|||
![]()
Post
#28
|
|
Moving Target ![]() ![]() Group: Members Posts: 138 Joined: 26-February 02 From: Paris, France Member No.: 639 ![]() |
hacking Admin privileges is not more difficult than hacking security user privileges, just longer :
I don't totally agree. True, it's an Extended Test, so "with time" you'll have the necessary hits to succeed. BUT - trying to get Admin privileges requires 6 hits more than for a basic account, so more tests will be necessary to achieve the threshold; - the more tests you perform, the more the odds of getting a glitch; - the more tests you perform, the more the system gets hits to detect you; - someone has already quoted the rule about limiting the number of tests possible for an extended test. You mentioned that this limit was insufficient, so let's set this limit to the Hacking skill instead of the dice pool. Or modifiy this limit to take into account the targeted privileges (-3 for security user, -6 for Admin). I think that should do the trick. Finally, I would say that, if given the necessary gear, a good hacker can crack virtually anything, it's just a matter of time. I have the feeling that the rules perfectly reflect that. Admin users tracking Maybe a workaround to create an Admin account, which could be detected and quickly suppressed, would be to hack an existing Admin account... Nice exhaustive example, thanks for that and congrats. I think that, with your permission, I'll make it translated in French for "mass education" on the French SR4 forums ;) |
|
|
![]()
Post
#29
|
|||
Moving Target ![]() ![]() Group: Members Posts: 112 Joined: 26-February 02 Member No.: 1,896 ![]() |
I think in this piece of the example he might have been detected. When the OS got 4 total successes Jim's Response was limited to 4 (because of the Scan program which he never unloaded) so his Stealth would have been capped at 4 not 5. |
||
|
|||
![]()
Post
#30
|
|
Decker on the Threshold ![]() ![]() ![]() ![]() ![]() ![]() Group: Dumpshocked Posts: 2,922 Joined: 14-March 04 Member No.: 6,156 ![]() |
Indeed; this is why it's almost never worth running more than (System) programs. He should have dropped his Scan program (a free action) the second he found the node.
Also he rolled insanely well in any case; even an experienced hacker will have a skill of 5-6 + his programs at 4, so on average you expect about 3 successes for most tests. Most of his rolls are alot better than that, leaving me to conclude that perhaps Jim is an adept with Improved Ability(Hacking), an even more broken ability in this game than it was in SR3 because it breaks all skill caps and doesn't have extra costs for going over everyone else's limit. In theory you could be rolling 18 dice on all hacking tests at chargen, where every hacker and technomancer character would be stuck at around 12. |
|
|
![]()
Post
#31
|
|
Moving Target ![]() ![]() Group: Members Posts: 112 Joined: 26-February 02 Member No.: 1,896 ![]() |
I'm pretty sure it is a Simple Action to stop a running program.
|
|
|
![]()
Post
#32
|
|||||||||||||||
Moving Target ![]() ![]() Group: Members Posts: 715 Joined: 4-September 05 From: Metaplane GEPLK136 (The one with the lizards. You remember the lizards, don't you?) Member No.: 7,684 ![]() |
I think the "game" aspect covers it well though. "Real World" security, according to canon, is useless against anyone using a DNI interface. Anyone who's written software knows it is impossible to write bug-free code. Anyone who's maintained security for a server knows those bugs are found on almost a weekly basis for even the most secure software. (Note: "extremely" secure servers, using custom-written code, are most likely at least a partial exception to this. NSA doesn't have to install weekly Apache fixes, I'm fairly certain. But in the majority of cases, hackers aren't hitting the NSA nodes...) "Good Security" in the present day can be mostly summed up in two words: Policies and Patches. Without good security policies (passwords, user groups and permissions, domain boundaries, ARP table monitoring, etc) it's easy to walk into a system no matter how up to date it is. Without recent patches, the most sophisticated and bulletproof security policy can be simply sidestepped by any script kiddie with last week's exploit. The "game" aspect of all this comes in and says that DNI allows you to "feel" these as yet undiscovered security vulnerabilities, and exploit them almost reflexively. Thus, as the back history goes, any system without VR is totally vulnerable. So, as far as "game mechanics" go, you have to figure security works on very different principles in the VR matrix. Anything else would be as vulnerable as it was before the first big crash.
Wow, I don't think anything I've done has ever been translated before. Unless you count the "jibberish" that is my handwriting. If I'd known it was going to be international, I might have, you know, read it and corrected any of the gross abuses of the english language before it managed to abuse another language too. Certainly you can translate it; if you think it will help someone, go for it. I still have no idea how accurate it all is though -- not many have weighed in on any potential rules problems. This means one of three things 1) Everyone is as clueless as I regarding the matrix rules (I hope not), 2) I got it all right (As much as I'd love to believe this, it's not any more likely than the 1st) 3) It's too damn long for the people who already know the rules to read it. (This is what I would guess)
No, this is (probably) not true. If it was, we'd have all sorts of "cascading response" issues. Admittedly, the game is not clear on this at all. But it would greatly increase bookkeeping, and make a big mess. The example has been posted before, but here it is again -- cascading response problems. Example Commlink: System 6, Response 5. Theory one: System is capped at response, before programs are loaded. If additional programs are loaded to the point that response decreases, system remains the same: 1-5 programs: System is effectively capped at 5, 5 or less programs are running, response is 5. 6-9 programs: System is effectively capped at 5, but now more programs are running, decreasing Response to 4. 10-14, 15-19, 20-25, etc. each reduce response by an additional -1, and leave System at 5. Theory two: System is re-capped each time response decreases. If more programs are loaded, system and all program ratings may be decreased. 1-5 programs: System is effectively capped at 5, 5 or less programs are running, and so response is 5. 6-7 programs: System is initially capped at 5. Now Response is decreased to 4, System and all programs are re-capped to 4. 8-9 programs: System is initially capped at 5. Now response is decreased to 4, System and all programs are re-capped to 4. This means there is now a SECOND decrease in response, because we have 2 x System or more programs running. This means response is decreased again to 3. System and all programs are re-capped at 3. But wait... if there are 9 programs running, now System is AGAIN exceeded -- by 3 x System this time. So response is decreased to 2, System and all programs are re-capped to 2. But wait... now system is exceeded by 4 x System, which means one MORE decrease in response, bringing it to 1, and re-capping all programs and system to 1. But of course, that means System is now exceeded by 9 x System, resulting in a -9 decrease to Response... and the Commlink crashes. So, using theory 2, which is what you are suggesting, means that instead of having several groups that slowly reduce the effectiveness of the machine, we have (for a commlink with 5 response) 1-5 programs is good, and it gets exponentially worse until you hit a hard limit at 9 programs. I can't imagine that kind of re-iterative bookkeeping is what the game designers had in mind. And, if it is... well, too bad, the first way is MUCH simpler. So the first theory is what I stuck with when writing this piece. This is an issue that has come up several times; but I don't think there has been any official clarification on it. And Response hits can really hurt you enough under the first theory -- a high response (and a lot of luck) is why Jim remained unscathed by the IC attacks. Of course, it *could* be that the game designers intended program rating to decrease under system load -- but didn't notice that this would cause a cascading crash to happen. I'd be fine for that too -- call it theory 3. If response is decreased during game play, all program ratings are decreased, except System. I don't like making strange exceptions like this, but it does provide a nice balancing rule.
I too was surprised by the rolls. In case you are curious, I used the dice roller from here: HTML Dice Roller (It is for OS-X, but it's in HTML so you can run it on anything really). I had originally intended to just look at the likely result statistically, then "fudge" it a bit to add some randomness into it, but I wanted to see how more realistic rolls would affect the outcome. It was more variable than I had expected. The most dice I remember Jim rolling was 12, and yet I once saw (for a roll I didn't use) 9 hits. Of course, I also saw 1 hit for a similar roll. I was a little disappointed that I didn't see any glitches; but not too surprised. Glitches are less likely, statistically, the higher your dice pool. Hacking dice pools tend to be pretty high. In all, I'd have to say that the variability in the rolls was higher than I'd expect; going by "rolling 4 hits for 12 dice" is not nearly as accurate as I had guessed.
Well, as stated in the OP, it was the standard hacker sample character, with a few equipment changes. But I do COMPLETELY have to agree with you that adept hackers are totally broken. .25 points to increase your "signature skill", up to double its previous value? (Or half, depending on WHICH skill cap paragraph you believe) That's just not balanced.
Yes, according to the book it is. That's why Jim keeps scan running so long.
As this is, in my opinion, one of the most exploitable bits in the game; as vaguely written as it is, perhaps we should start at thread dedicated to discussing the Admin. There have been a lot of potential ways suggested here, but they are all pretty different. That, to me, says there's a real weakness in this section of the book. |
||||||||||||||
|
|||||||||||||||
![]()
Post
#33
|
|
Moving Target ![]() ![]() Group: Members Posts: 749 Joined: 28-July 05 Member No.: 7,526 ![]() |
Nice post, Feshy. It was nice to read examples in such complete context. you sure you don't want to run our game instead of me? I mean, what with all the time on your hands :D Don't get me wrong, I'm really looking forward to it, but... you do seem to have a lot of time. And your brothers never get back to me. :(
-GRR |
|
|
![]()
Post
#34
|
|||||||||||||||||||||||||||
Moving Target ![]() ![]() Group: Members Posts: 268 Joined: 26-February 02 From: Brisbane, Australia Member No.: 78 ![]() |
Nothing incorrect here, but it's worth pointing out that the interval on this test is one combat turn, not one initiative pass like many other matrix tests, which means that if he hadn't passed on his first roll, he would have had to wait until the next combat turn to try again, even if he had actions left this turn.
This sprite is armed with the Stealth Complex form, so for him to notice it as he did, it would have to have been not trying to hide. If it was trying to remain hidden, it would have opposed any matrix perception tests Jim made with it's Firewall + Stealth Complex Form
Before he logs out, it might be a good idea to edit the security logs on the commlink and remove the user account and history of his actions. Vonna may not check her commlink in detail, but if she or someone else does, evidence of a strange account being created/accessed and loading an agent on her commlink is there to be found. To do this, he would need to search to find the logs using his Data Search Skill + Browse, with a threshold determined by the GM. Once he finds the logs, altering it is an edit action using Hacking + Edit It's also worth pointing out that even though Jim's agent has stealth, should Vonna ever have 4 programs running at once, she will experience slowdown, which will let her know some sort of foreign process is running on her commlink (because 4 programs + agent = 5 processes on a response 4 OS)
It's worth pointing out here that though this was good in character fluff, he isn't actually in any danger of TVGP detecting him merely because of probing the system (well unless a TVGP decker happens to wander out of the system and see him hanging around for hours on end). He is not actually attempting to interact with the system just yet, merely passively looking for exploits (hence the reason the probing takes so much longer than hacking on the fly, and doesn't let the node build up successes as he probes)
The rules don't say either way, but as a GM I'd rule that he didn't need to trace his own agent if it had been in contact with him, because it has the ability to let him know its current location. It's also worth noting that neither Jim nor his agent carry encryption, so anyone wishing to tap the communication between the two wouldn't have too hard a time
Another thing to bear in mind, is that Jim could have edited himself an account on Vonna's commlink last time he was in, which would have let him log in as an authorised user rather than need to hack in again. Of course, it would also have left a strange user account on her commlink waiting to be found.
As a GM, the most I would do is let him detect it without the need for the roll, I'd still make him use a complex action though, because in a wireless world, there is never limited activity. Any and all cyberware, vision links, electronics, feeds, spam etc are all sending data back and forth.
Great time to spend a point of Edge :)
I think it's easy enough to rule that the account that triggered the alert/IC can't be used to disable it. If one (legit) admin is trying to abuse his privledges and trips an alert, it would take another admin to disable the alert. Of course, said creative player will then try and edit himself another admin account to login to and disable the alert. Creative GM would then suggest that ability to create new admin accounts is disabled whilst on active alert :)
Yep, it uses it's Pilot rating, as mentioned in the IC section on page 228
I'd say your assumption is correct, it's not a defined Matrix action, so it doesn't get the bonus. Personally the strict interperatation is the way I'd lean as well, unless that was one might fine Pizza :)
As you say, the rules aren't clear. Personally though, I'd make this test opposed (because he doesn't have write access AND because the system is on alert), and that would give the node a nasty advantage with its +4 firewall. Like you, I'd also rule that net hits were used to determine the threshold for detecting the new account
Depends how you read it. Personally, given that he's not trying to read, interperet and alter the data line by line, rather just trying to search for and delete the bits tagged with his access ID, I'd let him do it in one go ================= Anyway, all in all, I'd say that the reason no one has posted a breakdown of your hacking examples, is because you didn't do anything wrong :) Very nice work |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||
![]()
Post
#35
|
|||||||||||||||||||||||
Moving Target ![]() ![]() Group: Members Posts: 715 Joined: 4-September 05 From: Metaplane GEPLK136 (The one with the lizards. You remember the lizards, don't you?) Member No.: 7,684 ![]() |
Great comments, NightRain!
Actually, as I read the rules, this means I did mess up. The interval is one combat turn, that means the entire combat turn must be spent doing this action. Much like tasks with intervals of an entire day, you can't just spend one initiative pass to kick off the process of searching for your new wired reflexes, and then spend the rest of the day napping. Thus, because Jim Bean spent part of the combat turn doing something else, he probably shouldn't have been able to spend a "whole combat turn" doing something else. There are several matrix actions which have a Combat Turn interval, and I find the way this interacts with the turn system to be... difficult. What if, for instance, a decker in Hot Sim (3 initiative passes) finds an encrypted file on initiative pass 2. Does this mean he has to wait until the first pass of the next turn to start decrypting it? Or does he have to spend a "full turn" worth of actions doing so? If so, how is that affected by switching to cold-sim? Does a technomancer with the Submersion Echo granting an extra initiative pass per turn have to take more passes for the same action? Or, do I allow players to "start" a process in the background for things like encryption (similar to transfers) where they can make one encryption test in a combat turn -- and if so, this is very different than a normal extended test interval. In general, I'm having trouble finding a good way to interleave "non-combat" actions (that is, actions that take more than an initiative pass) into combat.
Good call, I had missed that this sprite had Stealth. For my own agents and IC, having had to decide their programing layout myself, I generally remember; but I'm not yet familiar enough with the Sprites to remember who has what. Good catch. Looks like everything but the "Data Sprite" and the "Machine Sprite" have stealth. Personally, I wish the machine sprite did too -- it would make it harder to get rid of an infestation of them in a drone. :)
The book isn't very clear on when this needs to be done, and what actions, exactly, leave a trail that can be traced back. (Well, maybe it is, but it suggests EVERYTHING leaves a trail -- it just isn't clear on how detailed that trail is) For the commlink, I didn't do this, for two reasons: 1) Meta-reasoning -- I had an example of erasing logs in the TVGP node, doing it twice would have seemed redundant. 2) There likely isn't much data to be found. The firewall was never alerted to an intruder. Whatever data trail you DO find will be very short -- that is, the only thing that could likely be determined is that the intruder was within wireless distance (that is, the signal wasn't routed through any other nodes first), and perhaps whatever ID Jim was spoofing that day. As this hack happened in a public place, I figured that gave Jim Bean enough "deniability" not to worry about it. Still, it's worth noting, and probably something Jim *should* have done. But it does make me wonder -- is hacking the security logs pretty much a REQUIREMENT of every hack? Short of some combat-situation hacking (where the cowering technomancer hacks the merc's smartgun from behind some crates, and the merc will have a good idea of "who done it" logs or no logs) it seems like regardless of how smoothly the hack went, you'd always need to spend a few extra turns clearing up the logs. While it ads a bit of flavor for those times you are rushed (Did I leave enough evidence for them to find me? I never should have panicked when that black IC attacked!) if it is "routine" it doesn't add much to game play -- except for the risk of glitch.
That's why he's certain he's safe. :) Under what other circumstances could a paranoid hacker feel safe, besides one in which the rules of the "universe" are on his side? :) Though, this aspect of the SR4 matrix I was never quite comfortable with. Try probing the CIA's web server for open ports some time and see who notices... But of course there are many aspects of the SR4 computer world that are different from the real life one.
I considered this possibility too. Then I decided it was more in the flavor of the new 2070's "ad-hoc mesh network" that the agent wouldn't know the full route to Jim, so I added this test. Partially, I figured that a personal commlink could be calling from anywhere, through any number of nodes, so I figured a track was good flavor. But it is very much a GM call, and I almost went the other way myself. For a less mobile target than a commlink, I certainly would have.
Yes, definitely worth noting! Had Vonna spotted the agent, and gotten a hacker friend's help, it would have been very easy to monitor, or even spoof, this agent's communications! Mr. Bean better watch out in the future.
Also perfectly acceptable. The Rules state that the GM "may require" a roll to find the traffic. Since that same section also mentions hacking a random node the call is being routed through, my reasoning was that requiring a roll was more for those types of situations than when you've hacked the commlink. But either interpretation is fine.
From the player's point, certainly. But from a story point, best to keep the exact nature of the relationship between Vonna and Hesker a secret until the end ;) It was fortunate that the rolls worked out such that I could.
Until a creative player decides to delete all the admin accounts, and trigger a permanent alert. No admins to turn the alert off, or even reboot the machine... they'll have to unplug it and probably void their warranty in the process. A quick ruling of "and no deleting accounts during an alert either" means that if the player gets the Admin account BEFORE the alert is triggered, the on-site hackers can't do enough to stop him -- especially if they are only "security access" hackers to the player's admin status. I still think the "access levels" need to be seriously looked at.
I think in my rolls I actually went the other way -- and accepted dodging as a valid "matrix action." My reasoning was this: If two deckers of equal skill and equipment face off in Cold Sim, they have equal chances to hurt each other and to dodge each other's attacks. If they suddenly switch to Hot Sim, they have a better chance of hurting each other than of dodging each other. To me, that didn't make sense. Still, I'm on the fence on this issue -- two extra dice to dodge an attack can be a pretty crucial effect, and it would be nice to have some official word on this.
Thanks, and thanks for the great comments. |
||||||||||||||||||||||
|
|||||||||||||||||||||||
![]()
Post
#36
|
|
Moving Target ![]() ![]() Group: Members Posts: 291 Joined: 26-February 02 Member No.: 806 ![]() |
* saves thread to HD *
|
|
|
![]()
Post
#37
|
|
panda! ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 ![]() |
there is a reason why having root/admin level access is considerd being god :smokin:
still, dont the hacker have to spend a complex action shutting down a IC just like any other program? if so, will not the firewall just keep spawning new IC, basicly making the hacker unable to do anything but shutting them down? or do the hacker get so many initiative passes that he can outperform the firewall in terms of speed? |
|
|
![]()
Post
#38
|
|
Moving Target ![]() ![]() Group: Members Posts: 282 Joined: 26-February 02 Member No.: 197 ![]() |
If the hacker creates an admin account, spawning ICE in the process, he couldn't just start shutting them down. I think he'd have to log off, then log back in as the admin, which would have a different access ID. Hacker-logged-in-as-Admin wouldn't have any aggro, to borrow an MMO term, and could shut down any ICE he wished without spawning more.
Or I could be completely wrong. |
|
|
![]()
Post
#39
|
|||||||||
Moving Target ![]() ![]() Group: Members Posts: 268 Joined: 26-February 02 From: Brisbane, Australia Member No.: 78 ![]() |
Well true enough, but nor do you have to spend every waking moment of the interval on the phone trying to track down your 'ware. You've got time to take a break, get something to eat, drive down to meet with a contact etc. Of course, there is also the fact that someone with one initiative pass per combat turn can pull this off at the same speed as someone with 4 initiative passes that suggests to me that it isn't the speed of the person holding things up. So all in all, as with driving tests, providing you make at least one test in the combat turn, I'd be happy enough that any other actions can be spent as you want to spend them. So to use your encryption example, I'd be happy enough for them to make one test per combat turn, whenever they want to make it in the turn. As soon as they get enough successes, test passed... Given the vague nature of the rules concerning the matter though, it really comes down to personal opinion
Perhaps more dangerously, that they launched an agent on the commlink, and the times that it all took place. And it would be a very strange Johnson that said "Ah well, it was a crowded bar when I was meeting with those Shadowrunners, it could have been anyone that hacked my commlink and bugged it to spy on me" :) Of course, this requires that she find the agent in the first place, but if she ever did stumble on it, you can be fairly certain she (or someone else) will check the logs to see how it got there
It's all about deniability and paranoia. In your example, should the Johnson ever stumble upon the suspicious activity, the timestamps will let her know exactly who it was that hacked her simply because she will know what she was doing and who she was speaking to at the time, even if there is no direct evidence as such. But other times, given that the access ID is spoofed anyway, it simply doesn't matter if someone finds the data. If it's important that they never know anyone was there, you need to edit. If however, once the job is done, it doesn't matter that evidence can be found, don't worry about the logs
I think it's completely passive. You're not directly access their server, instead, you're sniffing for things that will let you know what the weakness is. I think that's the reason the interval is measured in a time frame completely out of comparison to anything else done in full VR mode. |
||||||||
|
|||||||||
![]()
Post
#40
|
|||
panda! ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 ![]() |
that would be a step backwards from today, in more ways then one. today its more or less normal that any user can access a higher access account while logged into their own via abilitys buildt into the os. in linux and other unix-like systems there is the command su (and its relative sudo) that allows the user to log into a diffrent account without having to log out of the old one. this as long as one knows the password or similar. i recent windows you will find a option called run as if you rightlick on files. this allows you to access said file under a diffrent user. so having to fully log out and then log back in would be silly. instead the hacker would just boost his access rights on the spot ones he have himself a admin account. |
||
|
|||
![]()
Post
#41
|
|||||
Moving Target ![]() ![]() Group: Members Posts: 282 Joined: 26-February 02 Member No.: 197 ![]() |
Could be, and am! No surprise there. Sad part is, I knew about "Run As..." and it just didn't occur to me. Ok, so he could boostrap up to a higher access and start shutting down ICE, but they'd still be trying to kill him, non? If he did take the time to log out and back in as Admin, would he be able to derez ICE, cancel alerts, etc. without having to fend off attacks? |
||||
|
|||||
![]()
Post
#42
|
|
panda! ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 ![]() |
that is if the target flagging follows the account, not the "icon". or would he get a diffrent icon the moment he logged in again?
hell, he may even log out. change icon manualy and then log back in or something. there is so many ways of screwing with the simple logics that a IC most likely will follow that it may not even be worth trying to think them all out. the moment a person hits admin, your drop in the security hackers. the IC is allready defeated... |
|
|
![]()
Post
#43
|
|
Moving Target ![]() ![]() Group: Members Posts: 123 Joined: 7-October 05 From: Glow City Safehouse Member No.: 7,821 ![]() |
Or you can do what I did to my overambitious hacker last night.
Player: "WiFi Interface 2.3? Why the hell is the security techie ending program W-" *Dumpshock* |
|
|
![]()
Post
#44
|
|||
Moving Target ![]() ![]() Group: Members Posts: 934 Joined: 26-August 05 From: Earth - Europe - AGS - Norddeutscher Bund - Hannover Member No.: 7,624 ![]() |
Which security decker? As an admin the player would be able to simply delete all security accounts. That makes for equal grounds. Think the account concept needs some rework. It seems broken to me. |
||
|
|||
![]()
Post
#45
|
|
Decker on the Threshold ![]() ![]() ![]() ![]() ![]() ![]() Group: Dumpshocked Posts: 2,922 Joined: 14-March 04 Member No.: 6,156 ![]() |
How about this: actually coming off Alert statuc (and thus shutting down of IC, other response proceedures, etc) requires hitting a physical switch on the machine, or even a reboot. The idea is that an alert never--or at least rarely--happens as a false positive, so when one does happen there should *have* to be someone woken up to physically go to the server room and hit a button to sound the all-clear.
As I envision it, an active alert's rather like blowing a circuit breaker; once you've done it no amount of fiddling with light switches or unplugging things inside the house can bring the power back on. You've got to get dressed, go around to the backyard in the rain and open up that panel where all the little mechanical switches are and fiddle with them. Um, in a metaphorical sense. :) (Edit): Regarding the idea of System limiting the number of programs, my theory (Theory 4?) is that Response doesn't drop until you run (System) rating in programs, where the rating is System's "natural" rating. In other words, if you have System 6 you can run 6 programs before Response is lowered, regardless of what Response is in the first place. All other uses of System however are limited by Response, as all other running programs are. Thus if you start witth Response 5, System 6 you can run 6 programs with no effect; 7-12 at Response 4 (Effective System rating for tests involving System rating: 4), 13-18 at Response 3 (Effective System rating for tests involving System rating: 3), etc etc. It is an exception to the not-well-written-rule that Response limits System at all times, but so is yours. Your first theory has Response limiting System for the purposes of max programs only before Response slowdown. Let's say you were running 7 programs on a Response 5, System 6 commlink. By your rule, when your Response slows down your System has three ratings:
So you see my way is easier and requires less bookkeepping and mindbending. :) |
|
|
![]()
Post
#46
|
|||
Moving Target ![]() ![]() Group: Members Posts: 123 Joined: 7-October 05 From: Glow City Safehouse Member No.: 7,821 ![]() |
Depends on the way networks are set up, as stated earlier. In some very basic systems, yes. Most corporate systems however are tied up so that accounts beyond a certain level can not* be deleted or changed without rebooting and changing system options before it even goes online. Security logs are printed. Admins are limited in thier authority. Heck, even my buisness mainframe is designed so that if I want to do anything drastic I have to reset it, pop in a reboot disk, and only then can I convince it to change out any settings. I think what they were trying to do was leave the option up to the GM about what authorities each account type had. The trouble is, they are missing that vital paragraph saying such and giving a few guiding examples. [Edited: I need to stop posting at midnight while I wait for my metalwork to cool] |
||
|
|||
![]()
Post
#47
|
|||||
panda! ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 ![]() |
welcome to real life, its just as broken... |
||||
|
|||||
![]()
Post
#48
|
|
Target ![]() Group: Members Posts: 2 Joined: 21-September 05 From: Tokyo, Japan Member No.: 7,767 ![]() |
With a permission of Feshy, I started Japanese translation of the "Hacking Example" posts on my SR4 Wiki.
Though I have translated only the introduction and "The Bar", I will also translate other parts later. The URL of the entry on my Wiki is: http://www.imasy.or.jp/%7Emiyamoto/rpg/SR4...20Example%5D%5D These posts are great work to help understanding of SR matrix rules, so it is a great pleasure for me to translate them to Japanese. Thank you for your permission for translation, Feshy. |
|
|
![]()
Post
#49
|
|
Target ![]() Group: Members Posts: 52 Joined: 2-February 04 Member No.: 6,051 ![]() |
Methinks that the Real Life IT geeks are futzing up a pretty simple system.
The Stealth program hides a hacker by 'erasing system tracks, and mimicking authorized traffic' (SR4, pg 227). Logs are system tracks folks. This is the catch-all for that stuff. I would probably use additional logs as a foil for sometime that the hacker is supposed to be especially careful....or when he's supposed to get caught. I very much agree that the admin vs security vs user concepts are messed up, but!, any IC launched imho would watch the activities of the users or have an alternate key to shut them down. Doing something naughty? Prepare for the smiting! Know the secret password? Ignore the IC while it wanders around in circles looking for that naughty naughty user. Also, one should have at least admin access to supress the alert, and security to have the IC key. Thereby giving a reason for security level access. Another Geek :-) |
|
|
![]()
Post
#50
|
|
Target ![]() Group: Members Posts: 28 Joined: 28-January 06 Member No.: 8,206 ![]() |
Yea!
I am really glad this got bumped up! This is exactly what I was looking for. Wow. Feshy, that was a lot of work you put into this example... and just to be helpful too. Thank-you. Oh, andif you or anyone else knows of any more threads of this ilk, please bump them. I have tried searching, I even did a "Hacking AND example" search and did not see this, so perhaps there are others. ...perhaps it is time for me to spend some karma on improving my SEARCH skills... |
|
|
![]() ![]() |
![]() |
Lo-Fi Version | Time is now: 22nd December 2024 - 07:18 PM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.