Encrypt, Secondary firewall? |
Encrypt, Secondary firewall? |
Dec 19 2005, 10:25 PM
Post
#1
|
|
Moving Target Group: Members Posts: 600 Joined: 31-August 05 Member No.: 7,659 |
Encrypt says it can be loaded onto a device. If I hack into a device with encrypt am I still able to issue commands to the drone? Can I still spoof a drone running encrypt?
I view it as encrypting the messages, not as a secondary firewall. Another player disagrees. Anyone know? |
|
|
Dec 19 2005, 10:30 PM
Post
#2
|
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Before you can do anything, you have to decrypt first.
|
|
|
Dec 19 2005, 10:36 PM
Post
#3
|
|
Moving Target Group: Members Posts: 600 Joined: 31-August 05 Member No.: 7,659 |
So you don't think hacking into the commlink essentially gives you the authority to view encrypted files?
|
|
|
Dec 19 2005, 10:38 PM
Post
#4
|
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Only if you find a file namend secretcodes.pic
|
|
|
Dec 20 2005, 12:50 AM
Post
#5
|
|
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
kinda like how one can use a third party program to encrypt files or part of the file system. disconnecting it from the os makes you need the codes, admin or no admin.
hell, set up a encrypted file system in linux and your toast if you loose the key, no matter your access level. same should be for windows realy, alltho i cant say as i have never "tested". |
|
|
Dec 20 2005, 03:09 AM
Post
#6
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
To me when it says that a device can be encrypted, it means that the encrypt program sits at all of the device's comunications ports, filtering all of the device's outputs through the encryption scheme and bouncing any inputs that aren't encrypted in the same scheme, esentially making any attempts to hack into the device itself useless unless you crack the encryption.
As for the other question, can you still spoof a drone if it's using encrypted communications links, you can, you just have to use decrypt to crack the scheme, then make sure your own spoofed commands match the encryption that the device at the other end of the communications link is expecting. |
|
|
Dec 20 2005, 03:45 AM
Post
#7
|
|||
Shooting Target Group: Members Posts: 1,507 Joined: 27-January 05 From: ...and I'm all out of bubblegum Member No.: 7,021 |
EFS is a bitch if you don't have the password. Same as in linux. |
||
|
|||
Dec 20 2005, 04:41 PM
Post
#8
|
|||||
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
as expected then. |
||||
|
|||||
Dec 21 2005, 04:45 AM
Post
#9
|
|
Moving Target Group: Members Posts: 718 Joined: 10-September 05 From: Montevideo, in the elusive shadows of Latin America Member No.: 7,727 |
I would say you have to decrypt immediately after you are "in", wouldn't even recognize the icons "inside" otherwise
|
|
|
Dec 21 2005, 01:12 PM
Post
#10
|
|
Moving Target Group: Members Posts: 600 Joined: 31-August 05 Member No.: 7,659 |
Personally I think if the user of the commlink doesn't have to decrypt than neither does a hacker who gains user access. IE, all valid users are given the proper authorization code to view the files.
Encrypt should only be for the wireless signal or for files that don't need to be read by just anyone. |
|
|
Dec 21 2005, 02:12 PM
Post
#11
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
My view of running Encrypt on a device/node is that it works like the systems shown in the movie Sneakers. You can connect to it, but even the logon screen itself is scrambled, leaving your Exploit tools no point of reference to begin their attack, until you break the encryption.
Even a legitimate user of the system would need to be able to suppy the proper decryption key to be able to log on. To throw another movie reference into the mix, take the ending to Lawnmower Man. They trapped Jobe in the system by loading a virus that encrypted all the ports to the outside world (except for that one maintence access backdoor that the virus didn't recognize as a port). While this is the turned-inside-out version of how I view encrypting a device, I still belive it's a good concpetual representation. The designers went out of the way to state that the three things you can encrypt are files (chunks of data just sitting somewhere), communications links (streaming data moving from one place to another), and devices. The way I see it, the only way that encrypting a device has any meaning is that if to access the device, you have to have some means of decrypting it (either legitimately via passcode, or by breaking it using the decrypt program). |
|
|
Dec 21 2005, 03:12 PM
Post
#12
|
|
Moving Target Group: Members Posts: 600 Joined: 31-August 05 Member No.: 7,659 |
I look at devices as in all the communicatiosn from a certain device are encrypted. The only thing that backs up the extra level of security is the "and devices" phrase. It's not listed under breaking in or spoofing or anything else.
|
|
|
Dec 21 2005, 03:38 PM
Post
#13
|
|||||
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Not quite -you must decrypt before you access.
Encrypt can be used for anything: Connections (wireless or not), files, devices - and all separately. Whether it is depends on the paranoia of the user... |
||||
|
|||||
Dec 21 2005, 03:48 PM
Post
#14
|
|
Moving Target Group: Members Posts: 600 Joined: 31-August 05 Member No.: 7,659 |
I just read the decrypt again and it says to decrypt you need to spend a simple action if you have the code or use the decrpyt program if you don't.
So if they have an encrypted commlink and are sending messages to the drone wouldn't the drone have to spend a simple action every time to read the message? Or maybe you encrypt you commlink when you turn it off and decrypt it when you turn it on, IE it's decrypted while running it and that's why it's not mentioned in the breaking in section. |
|
|
Dec 21 2005, 06:32 PM
Post
#15
|
|
Running Target Group: Members Posts: 1,219 Joined: 26-February 02 From: Lofwyr's stomach. Member No.: 1,320 |
Its that second one, lord ben. Apon first making connection to the device, you have to either decrypt it or supply the code. Once the code is supplied, then you don't have to decrypt any more, as all new data coming in goes through the code to come out decrypted.
Seriously, as the rules are written, it is the device you encrypt, not it's incoming and outgoing signals. Yes, they are encrypted too, but Ecrypt does indeed act as a second firewall. This is what everyone is telling you, and the other view, while Maybe more in line with how things really work (I wouldn't know), is not how the rules are written. |
|
|
Dec 21 2005, 07:53 PM
Post
#16
|
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
If you encrypt a connection, as long as it is established, it is encrypted - decryption would only matter when trying to listen to it.
If you encrypt a file or a device, every time it is accessed it must be decrypted. |
|
|
Dec 21 2005, 08:17 PM
Post
#17
|
|||
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
But if you access it, and stay connected, you don't have to decrypt again until you break the connection and then access it again. |
||
|
|||
Dec 22 2005, 05:49 PM
Post
#18
|
|
Moving Target Group: Members Posts: 261 Joined: 26-February 02 From: Massachusetts Member No.: 2,115 |
I think that they are using the term device in the UNIX sense of the term: an external device or something that the OS treats like one. So you can encrypt a security camera, or a network link (wireless or not), but you can't encrypt an entire node.
|
|
|
Dec 24 2005, 09:47 AM
Post
#19
|
|||||||||
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
That's interesting, because I thought they'd be using the term device in the SR4 sense, as it's defined on p.215:
...keeping in mind that this goes hand in hand with the definition of a node from p.216:
And for completeness, since a network can also be a node, here's p.216's definition of network:
|
||||||||
|
|||||||||
Lo-Fi Version | Time is now: 17th April 2024 - 08:49 PM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.