 Problem with subscribed devices, and hacking them |
  |
 Nov 4 2005, 06:45 PM
Post
#1
|
|
|
Target  Group: Members Posts: 37 Joined: 31-October 05 Member No.: 7,915  |
I have a PAN. Let's say I have a smartgun system subscribed, a memory module, a surveillance drone hovering above my shoulder looking backwards, and a combat drone waiting patiently a mile away.
All 4 of these systems are subscribed to my PAN, so will only acknowledge commands coming from me. 1. Does the drone a mile away only receive commands if it can get in proximity of my signal rating, or can I access the local city network, find it, and issue commands. 2. If it's outside my signal rating, can it even be subscribed? 3. If it can't be subscribed, can I have it be dormant so that Joe rigger that finds it can't just boot it up. Maybe by a transmitted passkey that I own. A drone doesn't have it's own PAN though, no system rating, no firewall. But it manifestly receives and broadcasts a wireless signal. 4. If it's out of range, can I send a machine sprite to activate it and drive it back to me. I note sprites don't have a signal rating, which means I guess that they must operate from my PAN? Oi vey, this is confusing. The concepts are good, but it's taking a while to digest. I still have trouble accepting the fact that any wireless component cannot be hacked, without going through the PAN. Why can't I hack your smartgun directly? It's broacasting a wireless signal (yes, a short range one, let's say I can get close), and certainly receiving one. |
 |
 
|
|
Nov 4 2005, 06:47 PM
Post
#2
|
|
|
Running Target Group: Members Posts: 1,219 Joined: 26-February 02 From: Lofwyr's stomach. Member No.: 1,320 |
My view is that you can access things through the cell network, ignoringyour own signal rating, unless you are running in hidden mode. In hidden mode you are not hooked up to the cell network and must be within signal rating range to communicate.
|
|
|
|
|
Nov 4 2005, 07:22 PM
Post
#3
|
|
|
Moving Target Group: Members Posts: 565 Joined: 7-January 04 Member No.: 5,965 |
1) depends. are you willing to leave a data-trail? people listen to what information goes through those nodes. so yes you can, but its unwise.
as for subscription... remember, that you want to steal the enemys drones and keep your own safe. so whatever the final ruling is, it works both ways. |
|
|
|
|
Nov 4 2005, 07:41 PM
Post
#4
|
|||||||||
|
Moving Target Group: Members Posts: 268 Joined: 26-February 02 From: Brisbane, Australia Member No.: 78 |
That's how I work it, though it's never explicitly spelt out either way in the rules. That being said, if you are sending it over local networks, you had want to be running encryption :)
Being outside your signal doesn't make any difference either way. Subscribing simply tells your device not to communicate with any devices other than the device it's subscribed to (ie your commlink). Whether the communication takes place over a network or directly from your own commlink doesn't matter. Either way, you still need to be careful of spoofing.
It can be subscribed, and you can also issue the pilot with commands on what to do if it loses it's signal with you for some reason. That can include shutting down. If someone else does find it, simply turning it on won't make it theirs. They would need to either spoof a command to it, or hack the thing and subscribe it to their own commlink. In regards to hacking it, it comes with a system rating, as do all electronic devices (p 214). In this instance, it would be either 3 or 4 depending on the drone and your GM. Being that it has a system rating, you can load it with IC, install a new OS on it, or increase the response and/or signal on it. That's how you stop it being hacked.
Sprites aren't devices, they're programs. Which means that if you can't communicate with your drone, you can't send a sprite to it. Your best bet would simply be to tell it that upon loss of signal, head towards the last position it was able to receive a signal from you. Other than that, the best idea is to not let it get in to an area with no wireless or outside of your signal range |
||||||||
|
|
|
||||||||
|
Nov 4 2005, 07:49 PM
Post
#5
|
|||
|
Moving Target Group: Members Posts: 112 Joined: 26-February 02 Member No.: 1,896 |
Is there a book reference for this? Not doubting you, just curious so I can read up more on it. :) |
||
|
|
|
||
|
Nov 4 2005, 07:57 PM
Post
#6
|
|
|
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
i dont think the book says either or, its more of a house rule thing. atleast thats my verdict on it...
|
|
|
|
|
Nov 5 2005, 10:20 AM
Post
#7
|
|||||
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
I belive that "In [hidden] mode, your PAN is invisible to other nodes unless you access or authorize them" from p.211 is what PlatonicPimp is referring to. Seems pretty clear cut to me: if the nodes that connect your wireless devices to the rest of the world-wide matrix can't see you because you're "invisible", then yes, there's no connection. I imagine this is also why operating a personal commlink in hidden modes in certain high-security neighborhoods is on par with driving a car at night with no headlights on. If you're in hidden mode, the authorities can't make negiborhood specific broadcasts to you about things like severe weather warnings, Amber Alerts, and industrial accident evacuation notices. |
||||
|
|
|
||||
|
Nov 5 2005, 06:48 PM
Post
#8
|
|
|
Target Group: Members Posts: 37 Joined: 31-October 05 Member No.: 7,915 |
I agree with the idea of the hidden PAN, but I still haven't accepted the fact that despite being disconnected from the net, you are still manipulating a wireless network. If I am in signal range of you, I should be allowed to try and hack your PAN directly.
|
|
|
|
|
Nov 5 2005, 07:10 PM
Post
#9
|
|
|
Decker on the Threshold Group: Dumpshocked Posts: 2,922 Joined: 14-March 04 Member No.: 6,156 |
It's actually very close to how firewalls work today.
See, your computer actually has about 70,000 electronic "ports" that individual programs can connect to over the internet. Now, there are three ways your computer can respond to a connection attempt. The first is Open: it simply allows anything and anyone to connect to it. Some ports even broadcast their availability. This is somewhat like Active mode, and is actually the default of the windows operating system. It's very convenient, but also very dangerou. The second is Closed. This is where the software responds that the port isn't accepting connections, but still acknoledges that the port is there and functioning. This is similar to the Passive mode on a commlink. The third is called Stealthed, and is what you should be doing will all your ports if you have any decent firewall protection at all. Stealthed ports don't even ackloledge that they exist; they simply ignore all attempts to access them as if they never received anything in the first place. This is like Hidden mode on your Commlink. Notice that the last one doesn't mean you're not connected or your wireless signal isn't working; you're simply ignoring all incoming connections as if they're nonexistent. I have no idea why someone would make it illegal to shut off your commlink; I guess it's just the devs like to give the 'Star excuses to hassle anyone, anytime, because basic security knowledge would suggest that you remain Hidden all the time except when deliberately demilitarizing your commlink. *shrug* |
|
|
|
|
Nov 5 2005, 07:25 PM
Post
#10
|
|
|
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
welcome to the 6th world, where computer security does not make sense...
|
|
|
|
|
Nov 5 2005, 11:57 PM
Post
#11
|
|||
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
There's nothing in the rules that would suggest that you wouldn't still be hackable. Quite the opposite actually. However, if you're smart, you can still keep the other kids from playing with your toys. First off, you'll want to make sure that all your wireless signal links are encrypted. For someone to intercept your wireless signal, they'll have to break your signal's encryption as well. If they do crack your encryption and intercept your signal, they'll have to perform a matrix perception test to determine the access ID associated with the commands you're sending to the drone; a good stealth program can help make that harder for your opponent. Only once they've cracked your encryption, intercepted your signal, and gotten your access ID, they can attempt to spoof a command to your subscribed devices. As defense in depth, and if you don't mind the performance hit of you and the drone spending a few extra actions on a periodic basis, I'd suggest using one time pads to rebuild your PAN on a periodic basis. The one time pad is a file that contains a sequenced list of multiple passcodes, and access IDs for both the controlling commlink and the drone (these access IDs would be pre-generated by the spoof program). The list should have thousands of entries, and you should have at least one pad for each pair of devices that'll be communicating. Under secure conditions, load copies of the pad both onto your commlink and to the drone. Program the drone to expect you to send an encrypted file to it over the already encrypted wireless signal every 2 minutes (shorter or longer duration depending on your paranoia), and if it doesn't receive the encrypted file, it is to ignore nearly every command issued to it over the wireless signal. Make sure that this program and any one time pad files that you load can only be modified by someone who has the drone's administrative password, and is in direct skinlinked contact with the drone. The encrypted file that you transfer to the drone every 2 minutes (throw a data bomb on it too, if you like) will contain a command instructing the drone that you're going to be unsubscribing it, breaking the current encrypted wireless link, and changing your commlink's access ID. The file will also instruct the drone to change it's own access ID. When the encrypted file arrives, the drone should run analyze on it to make sure it hasn't been edited along the way, and then pull the passcode from its copy of the one time pad to decrypt it (and disarm the databomb on it, if you use those). The new access IDs, the passcode for the new encrypted wireless link that'll be established after the access IDs are changed, and the passcode to decrypt the next encrypted file that'll be sent are all to be taken from the next line in the one time pad. This way, you're rebuilding your PAN on a periodic basis, with a new encryption on a new wireless link, and a new access ID that's needed for spoofing commands. I suppose someone who's monitoring your traffic over a long period of time could use exploit or possibly decrypt to locate patterns in your one time pad to be able to pick out any flaws and patterns in your randomly generated passcodes and guess at the next line of your one time pad, but I'm not sure how exactly I'd model that through the rules. Probably hacking+exploit with a high threshold, with -1 threshold for each time you've cracked an encryption password and determined the access IDs for a previous line of the one-time pad file. |
||
|
|
|
||
|
Nov 6 2005, 03:55 AM
Post
#12
|
|
|
Moving Target Group: Members Posts: 268 Joined: 26-February 02 From: Brisbane, Australia Member No.: 78 |
I'd also suggest that setting your drone up with those sort of capabilities would require a dedicated autosoft to provide it with a computer skill or something. It seems like it would be a little beyond a regular drone's learning capabilities
|
|
|
|
|
Nov 6 2005, 04:11 AM
Post
#13
|
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
About the only thing that's outside of the basic wireless communications handling tasks would be running analyize on the incoming file. I could see maybe requiring an agent with it's own pilot program loaded to handle that one task, if you wanted to make the case that a drone's pilot rating is different enough to warant having an onboard agent.
Personally though, I see pilot rating as pilot rating. And for the other tasks, such as handling being unsubscribed and re-subscribed with new access IDs and encrypting the wireless signal link, onboard drone pilot had very well be able to handle that by itself, as those are basic functions of a drone. [edit]The book does seem to suggest though that being able to decrypt requires an electronic warfare autosoft, but that's for decrypting signals you don't have authorization for. For a signal where you'd have the authorization in the form of the proper passcode on file, even the simplest dog-brains should be able to handle that.[/edit] |
|
|
|
|
Nov 7 2005, 02:14 AM
Post
#14
|
|||
|
Target Group: Members Posts: 37 Joined: 31-October 05 Member No.: 7,915 |
Even in hidden though, several ports are still active. Your smartgun is talkign to your link, so is the memory module, and your goggles that are receiving the smartgun info, and maybe your drone nearby, and the earbuds ou have receiving streaming music, etc... All your personal wireless devices are still talking. That communication is going to be accessing some wifi port. If it's open, it can be hacked....sure, you need to beat the encryption, and any firewall, and so on and so forth, but it's still wireless traffic. In the end, I may have to accept the excuse "That's just the way it works", but I sure hope they can refine the explanations in a future sourcebook |
||
|
|
|
||
|
Nov 7 2005, 04:23 AM
Post
#15
|
|||
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
If you don't opt to use skinlinking instead of wireless for any item on your person (everything but the drone on the above list) then you deserve the eventual hacking you're going to get. And as for the drone, you should always be thinking in the back of your head "what if someone sucessfully spoofs a command to it; what if someone edits the data feed the drone is sending back to me?" |
||
|
|
|
||
|
Nov 7 2005, 02:33 PM
Post
#16
|
|
|
Target Group: Members Posts: 37 Joined: 31-October 05 Member No.: 7,915 |
That's my point though. With the rules as written, even with all these wifi components, if you PAN is hidden, you can't be hacked.
Good idea on skinlink mind you, especially for a technomancer, but I am not sure how it applies. Do you need to buy a skinlink for each device you want subscribed to your PAN. At only 50 nuyen per, it won't break the bank, I'm just not sure the intent of how to establish it. |
|
|
|
|
Nov 7 2005, 02:41 PM
Post
#17
|
|
|
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
hidden dont stop you from being hacked, it only makes it harder :P
|
|
|
|
|
Nov 7 2005, 04:19 PM
Post
#18
|
|||
|
Target Group: Members Posts: 38 Joined: 25-October 05 Member No.: 7,892 |
Which rules are you reading? Because in my copy, the rules for finding a hidden PAN are on pg 225, and once you've detected it, you can hack it like any other network. |
||
|
|
|
||
|
Nov 7 2005, 05:01 PM
Post
#19
|
|
|
Target Group: Members Posts: 37 Joined: 31-October 05 Member No.: 7,915 |
ahh....I missed that. 15+ threshhold, wow, but still, at least it's possible.
|
|
|
|
|
Nov 7 2005, 05:33 PM
Post
#20
|
|||
|
Target Group: Members Posts: 38 Joined: 25-October 05 Member No.: 7,892 |
Or a 4 threshold, if you "Know what you're looking for". i.e. "Those drones that are shooting up my team are being controlled by a PAN in hidden mode, let's see if I can find it" or "The Johnson's PAN isn't showing up, so it's hidden, lemme see if I can locate it so I can break in and find out who they work for". 15 Threshold if you decide "Well, I know one of the runners in this crowded bar is the guy I'm looking for, let's pick his PAN out of the dozens of Hidden-mode PANs in the room." |
||
|
|
|
||
|
Nov 7 2005, 06:48 PM
Post
#21
|
|||
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
Since the description of skinlinking in the accessories section under commlinks in the gear chapter uses the wording "a device" I belive that it's 50¥ for each device you want skinlinked. Now for technomancers, the book's not clear as to whether their organic commlink can directly access skinlinked devices, but I figure they're already manipulating EM fields to be able to broadcast their wifi, so manipulating a field that's closer to home should be even easier. |
||
|
|
|
||
|
Nov 7 2005, 09:19 PM
Post
#22
|
|
|
Target Group: Members Posts: 37 Joined: 31-October 05 Member No.: 7,915 |
That makes me curious now, what possible benefit does a cyber smartgun give you, that a skinlinked external smartgun doesn't give you? I always figured the cyber advantage was the ability to have a hard conduit to your commlink that's unhackable.
For that matter....where does it say a smartgun has to be registered to the commlink. Can't it just connect directly to the goggles/cybereyes? If so, how can it be hacked? ....wait a minute, I think I just answered my question, SR4 smartlink is a cybereye upgrade only, none of that sensor in the palm thing. whoa! that's a change. |
|
|
|
|
Nov 7 2005, 09:20 PM
Post
#23
|
|||||
|
Shooting Target Group: Members Posts: 1,651 Joined: 23-September 05 From: Marietta, GA Member No.: 7,773 |
I concur; skinlink is a modification done to individual devices. IIRC all electronics by default are wireless, unless you specifically ask for the wireless model (thereby gaining funny looks) or perform a B/R test to go in and gut the WiFi bits. Skinlinks, however, are non-default accessories. Technos have built-in WiFi but nothing talks about built-in skinlinking (that I've found yet).
I mean, skinlinking could very well be an extension of their particular hocus-pocus, but by the same token when I touch two radio antennas together I don't get better reception. |
||||
|
|
|
||||
|
Nov 7 2005, 09:31 PM
Post
#24
|
|
|
Target Group: Members Posts: 37 Joined: 31-October 05 Member No.: 7,915 |
I think they can use skinlinks, but they would still need to buy the skinlink as hardware, and interface it normally.
|
|
|
|
|
Nov 7 2005, 09:47 PM
Post
#25
|
|||
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
Which raises a question, what do they interface it with? It's not like the organic commlink in their brains comes with a built in port labeled "Plug skinlink adapater cable here." If they can't do their own skinlinking (which nothing in the book says that their organic commlink is skinlink capable) then the next step would be to get a manufactured commlink that was skinlink capable, and then use their organic commlink to network through it. But that means a wifi link between the organic commlink and the skinlinked manufactured one, which defeats the purpose of having a commlink just to be able to run skinlinking. The other option is to go oldschool, implant a datajack and run a cable, but that means scacrificing Resonance. Although, since many technomancers were supposedly "born" while jacked into the Matrix during Crash 2.0, it'd make sense that a lot of them would have been using a datajack to access the matrix. |
||
|
|
|
||
|
|
Lo-Fi Version | Time is now: 1st September 2025 - 10:02 AM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.