 Comlinks at Work |
  |
 Jan 5 2006, 03:31 PM
Post
#26
|
|||||
|
Moving Target  Group: Members Posts: 914 Joined: 26-August 05 From: Louisville, KY (Well, Memphis, IN technically but you won't know where that is.) Member No.: 7,626  |
Ehh, this is the same as hacking Steve's comm. Unless you are saying that Steve is the one installing the agent. Plus, the comm would be using Bob's network access rather than Steve's. While it does provide an "in" for the Agent, it starts in TPS land. If you can hack the hand-me-down-from-Steve comm, why not just hack Steve's comm and get Remote Ops level permissions? I'm glad y'all enjoyed my little story. |
||||
 |
 
|
||||
|
Jan 5 2006, 03:42 PM
Post
#27
|
|||||
|
Moving Target Group: Members Posts: 914 Joined: 26-August 05 From: Louisville, KY (Well, Memphis, IN technically but you won't know where that is.) Member No.: 7,626 |
Sorry, PEBCAK on my part. I lost a line that says "Bob's low-security floor does not require skinlinked/encrypted peripherals as long as they remain at Signal:0" while I was editing on the fly. I'll go fix that. As for why goggles/gloves have rating 3, I can see times where you might want the extra range. Multiple people gaming through a single comm, watching DRMd movies, possibly sharing a BTL with mutliple trodes, or just being able to punch through low-level interference. |
||||
|
|
|
||||
|
Jan 5 2006, 06:31 PM
Post
#28
|
|||
|
Target Group: Members Posts: 22 Joined: 5-June 02 Member No.: 2,839 |
You don't hack Steve's comm because you can't get in the building or get through the WiFi shielding on the walls, and despite the hardware's encryption being the same, Bob is much less security conscious than Steve, and probably lives in a part of town that has significantly fewer resources to prevent an illicit hack, being a john q. wageslave. Further, since Steve has access to valuable paydata, the security staff will be paying much more attention to activity coming from his Comm when the analyze the records, because he has access to things valuable enough to steal. They can't analyze every comm's activities, and obviously the hardware security is more than enough to keep a wage-slave without any access from messing with important files, since they already know none of them are hackers... Hardware efficiency breeds wetware complacency. |
||
|
|
|
||
|
Jan 5 2006, 08:57 PM
Post
#29
|
|||||||
|
Moving Target Group: Members Posts: 914 Joined: 26-August 05 From: Louisville, KY (Well, Memphis, IN technically but you won't know where that is.) Member No.: 7,626 |
You said hack Bob's comm on the way in to work. I would be surprised if Bob's route to work is really all that less secure than how Steve gets to work. Plus, Steve is a wageslave too, he's just one with higher access. I will agree Steve probably practices safer computing than Bob out of professional habit so an agent could likely get by longer without being noticed by the Bob. As to the security system, it shouldn't bother tracking specific devices as much as being a gatekeeper. In other words, the security system doesn't specifically watch Steve any harder than Bob. It does however, watch the Remote Ops servers harder than it does the TPS server and it watches the Remote Ops offices harder than it watches the TPS cube farm. If all you need is TPS reports, hey, Bob's your patsy. Getting into the Remote Ops server will be harder using Bob's account than Steve's privs. I wager it would be harder to access other nodes from Bob's account simply b/c Steve would start with a higher security level on the network (aka security vs. user) making life that much easier. |
||||||
|
|
|
||||||
|
Jan 5 2006, 09:11 PM
Post
#30
|
|
|
Target Group: Members Posts: 22 Joined: 5-June 02 Member No.: 2,839 |
I would think that it should be tracking specific devices harder than others, to prevent data theft! After all, if a comm with access to paydata starts exploding with activity, it might very well be downloading some of it to sell to some guy offering meganuyen for industrial espionage, while if a comm with no access starts exploding with activity, he's probably just downloading porn.
I'd say it'd certainly be easier to get in through Steve, but Bob is less likely to be noticed...and more importantly you can code an agent to get you through any security protecting the paydata, but you can't stop them from monitoring activity. It'd be a -harder- way in, but I'd argue a safer one and more likely to net you a bonus from your employer for getting them the data without them being put on alert. |
|
|
|
|
Jan 5 2006, 10:59 PM
Post
#31
|
|||
|
Moving Target Group: Members Posts: 914 Joined: 26-August 05 From: Louisville, KY (Well, Memphis, IN technically but you won't know where that is.) Member No.: 7,626 |
Monitoring devices is by far the harder part. It's simpler to just protect the paydata. The SR matrix rules bear this out. Here are the two scenarios: Agent loaded on Bob's Comm: The agent starts with Bob's "user" level privs. To reach the "paydata" it will need to run a data search first, likely discover there's nothing valuable in Bob's access list, and proceed to hack into a higher class of network; Remote Ops. It has the luxury of "probing" the network to gain access (Bob's at work for 8 hours). It is unlikely that the low security TPS network will have roaming IC that scan the comms but it isn't entirely impossible. As long as it can coax out a password before Bob heads out to lunch it doesn't have to leave the safety of his comm but it is possible it might need to venture out to the network where it could be detected by analyze IC on the servers. Assuming the firewall doesn't recognize the bogus login, the agent has Remote Ops access and does another data search. Maybe the data's here, maybe it's another level higher. Scenario 2 Agent loaded on Steve's Comm: The agent has to contend with Steve running an Analyze on the comm to notice its existence but otherwise the agent begins with steve's privs on the Remote Ops level. It can begin data searching on the Remote Ops and TPS servers with little risk of discovery. Maybe the data's here, maybe it's another level higher. The results from Steve are hours earlier and at much lower risk, IMO. |
||
|
|
|
||
|
Jan 5 2006, 11:58 PM
Post
#32
|
|
|
Target Group: Members Posts: 22 Joined: 5-June 02 Member No.: 2,839 |
Well the time is irrelevant. You can't retrieve the agent's download until they leave work anyway.
I'm not worried about what the Agent has to do, as you can program for that, what I'm worried about is a security monkey going over the bandwidth logs and spotting unusual activity from Steve's comm (I believe there's a program for that) and raising an alert. But then I'm assuming that if they have any paydata they're going to be actively watching everyone with access to make certain they don't sell it for ridiculous (for a wageslave) sums of nuyen. For that same reason; you can program around any static firewall or IC defense. But if you can't keep an eye on everyone because its expensive, why bother keeping an eye on the activity of those who don't have the opportunity to do it? I'm just extrapolating from modern corps, who already start from the assumption that their workers will screw them whenever they can. SR corps will do the same thing, and have much better ways to curtail their privacy. |
|
|
|
|
Jan 6 2006, 01:58 AM
Post
#33
|
|||
|
Moving Target Group: Members Posts: 261 Joined: 26-February 02 From: Massachusetts Member No.: 2,115 |
In real world cryptographic systems, establishing a secure encrypted link using a password without exposing that password is, realistically, a solved problem. In fact, even if you broke the encryption on the resulting secure channel you wouldn't get the password. Now, snooping a wireless input device for the password is a clever attack that requires a good chunk of effort and will probably work great, but there's no reason to assume that the Encrypt program itself has horrible security holes that make it crappier than the book imples. Hell, as written now any decrypt program will break any encrypt program in trivial time. |
||
|
|
|
||
|
Jan 6 2006, 03:36 PM
Post
#34
|
|||
|
Moving Target Group: Members Posts: 914 Joined: 26-August 05 From: Louisville, KY (Well, Memphis, IN technically but you won't know where that is.) Member No.: 7,626 |
Most corporations IRL don't do things like logging traffic unless they do it company wide. The expense is in getting the base system in place and having the skilled manpower. Once you have those it is trivial to expand the scope of the system. Same reason Bob's email is encrypted even though he doesn't need it. If they do monitor network usage in the year 2070 they will be using advanced heuristics. Steve's daily usage will probably be both higher and more irregular than Bob's so the agent has more leeway from Steve's account than Bob (+/-5% of 1000Mp is bigger than +/-5% of 500Mp) plus Steve, as a remote operator, will likely also have a broader operational profile, meaning it is normal for him to occassionally connect to a number of machines across the network. Bob, however, never connects to anything but TPS and his workload is very consistent so any variance will stand out in stark contrast. Time is definitely a factor for the agent. If it tries to fast-hack to a higher security grade there is little chance it will get the data out successfully via Bob/Steve if it triggers an alert. Probing is the way to go and it could will take several hours to weasel out a login from one network. If the agent is almost ready to get access to the PayData server when Bob's ready to go home the agent will have to start over in the morning. Using Steve's account he'd be at least one level deeper into the system right from the start, possibly making the difference between a 1-day and a 2-day hack. That second day increases the risks both for the Paydata server noticing the probing and, if any usage logging is done, that an Analyze IC is deployed after noticing 2 straight days of unusual activity. (Note that IMO Analyze IC is as much an HR tool as security. Playing Everhack at work is bad, mmmmkay.) |
||
|
|
|
||
|
|
Lo-Fi Version | Time is now: 20th July 2025 - 08:33 AM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.