 Linked Passcodes and Passkeys, What purpose do they serve? |
  |
 Nov 22 2005, 09:53 PM
Post
#1
|
|
|
Neophyte Runner  Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364  |
The book goes to the trouble to spell out the differences between Basic Passcodes, Linked Passcodes, and Passkeys, in some detail on p.215.
However, the sections where the book spells out how you use your hacker tools due to not having proper authorization, such as breaking in, spoofing commands to devices, decrypting files, defusing databombs, and so on, never mention the different levels of passcodes, and don't specify that the process is any different depending on the type of passcoding system used. What gives? |
 |
 
|
|
Nov 23 2005, 08:26 PM
Post
#2
|
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
Don't tell me I've stumped the Dump. Surely someone at least has an opinion on this.
|
|
|
|
|
Nov 23 2005, 08:40 PM
Post
#3
|
|||
|
Dragon Group: Members Posts: 4,718 Joined: 14-September 02 Member No.: 3,263 |
Incidents of bizzare vagueness in parts of the rules is a hallmark of SR4? ;) |
||
|
|
|
||
|
Nov 23 2005, 08:46 PM
Post
#4
|
|||
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
There, fixed that for you. :D |
||
|
|
|
||
|
Nov 23 2005, 09:11 PM
Post
#5
|
|
|
Prime Runner Group: Banned Posts: 3,732 Joined: 1-September 05 From: Prague, Czech Republic Member No.: 7,665 |
OK:
A Passcode can be stolen by intercepting a transmission that has a passcode in it and decrypting it. A Linked Passcode could be gained the same way, except that you also need to fake a retinal print or something. A Passkey requires intercepting both the door's query and the response and decrypting both. All of them can be bypassed by opening up the box and whipping out your own Hardware skill. -Frank |
|
|
|
|
Nov 23 2005, 09:19 PM
Post
#6
|
|||
|
Moving Target Group: Members Posts: 715 Joined: 4-September 05 From: Metaplane GEPLK136 (The one with the lizards. You remember the lizards, don't you?) Member No.: 7,684 |
Or, logging on and running exploit. I asked this question in one of my posts, too... there just isn't any info connecting these passcodes to hacking tests in any way. So, the assumption I'm working under is that these passkeys offer methods for getting access without hacking, and are completely irrelevant if you are hacking. |
||
|
|
|
||
|
Nov 23 2005, 09:31 PM
Post
#7
|
|
|
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
bingo, it just provides a GM with info about how to set the system up so that even when the teams hacker is out of action, they can still break in ;)
for a hacker its a "simple" matter of tricking the secuirty system into unlocking that door... |
|
|
|
|
Nov 23 2005, 09:41 PM
Post
#8
|
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
Would it be possible to tell, say via the analyze program, if someone's logged in from an account that uses a linked passcode/passkey, vs. someone logged in to a backdoor account that's not linked to biometric data or a specific piece of hardware because it was generated by the exploit program via a "probing the target" attack?
|
|
|
|
|
Nov 23 2005, 09:50 PM
Post
#9
|
|
|
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
well if the logs are detailed enough it would show a door opening but no passkey or code used for that same time.
now, most likely uses of exploit will show up as strange crashes of subsystems and similar. so if a similar thing shows up in the logs at the same time then maybe a smart admin will figure out what happend. this can allso be what patterns the automatic security system looks for... |
|
|
|
|
|
Lo-Fi Version | Time is now: 25th April 2024 - 11:19 PM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.