![]() ![]() |
Feb 3 2006, 10:08 AM
Post
#1
|
|
|
Runner ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
Ok, first we need some basic defense...
Hidden mode Hidden mode buys time and makes sure that you are not instantly spotted by prying eyes. Encryption Encryption is your friend, especially if they DO find your hidden signal, now they have to decrypt the darn thing before they can even begin hacking. Data Bombs (now the fun begins) Data bombs can be attached to a specific FILE or DEVICE, but only 1 per device or file. Now we attach a databomb to the following devices & programs. Encryption (When they try to crack the encryption it goes BOOM (I assume they can scan the encryption first to try and FIND the databomb first.) Commlink (When they crack the encryption and try an exploit test it goes BOOM (unless they find it) Now, this might be a bit of a stretch but since the System/OS is listed as a program one could probably add a databomb to that one as well (this mainly be useful to protect a system from “Crash Program action” or at least just kick the hacker in the face a it goes down in flames. For a hacker with a good commlink it will take up 4 response slots (Encryption, databomb, databomb, OS databomb) yea, so you only have 1 response slot left, but you DO have a minefield. Of course this will not be used when doing actual hacking but it is a nice casual defense against snoopers and for datacarriers who wants to protect their data. Data Locks Even if a hacker might lack access to the data he would still be able to access the device, and thus add a databomb to the device. For added defense of sensitive data one can add 3 databombs to a data lock. 1.to the datalock itself 2.the encryption is a program and can therefore be loaded with a databomb. 3.the data itself can also be loaded with a databomb The last two databombs can only be added by the actual program owners who load the program into the data lock. |
|
|
|
Feb 3 2006, 01:18 PM
Post
#2
|
|
|
Target ![]() Group: Members Posts: 20 Joined: 17-January 06 Member No.: 8,175 |
Like the idea.
Then you could add another Commslink as a DMZ which does the real control of your wirless systems? Think It might be gaming the game because you are making other levels of firewalls but I do think it would be allowed. |
|
|
|
Feb 3 2006, 01:24 PM
Post
#3
|
|
|
Uncle Fisty ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Admin Posts: 13,891 Joined: 3-January 05 From: Next To Her Member No.: 6,928 |
doesn't a databomb destroy the file that it's attached to though? If so, seems short sighted to attach one to your OS. Unless you're in the "If I can't have it , nobody can" camp.
|
|
|
|
Feb 3 2006, 01:40 PM
Post
#4
|
|
|
Running, running, running ![]() ![]() ![]() ![]() ![]() Group: Dumpshocked Posts: 2,220 Joined: 18-October 04 From: North Carolina Member No.: 6,769 |
ok, heres a couple of questions ('m still trying to learn the system)
1)If you do the hidden comm/active comm schtick, would you actually be hacking through the active comm? (might be a good defense, especially in highly physcially secure areas. Hack through the public comm, spoof it to look like thats what's being used, and then if trouble comes around, offer up the comm for inspection "see officer, i dont have anything special on there, theres no way it coulda been me, my comm musta been comprimised, i'll make sure to beef up it's security right away officer") 2) for the databombs, i seem to remember "something" about, once they're enabled, they don't take up any system, it's just the actual databomb program that does, but i cant remember where i read this, if it was here on DS or i saw it in the book... 3) Agent Use-- Assuming that i wholey screwed up on number 2, and each bomb does infact use up response, could you not load up an agent for expressly this purpose? as far as i can tell, you are only hit with 1 response decrease with agents (for the agent itself) and not it plus every program you load onto it. |
|
|
|
Feb 3 2006, 01:48 PM
Post
#5
|
|
|
Runner ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
I’d rule that IF you use another commlink to ”hack through” then you would access and hack from another node, and that node will have a lower response.
Let’s put it this way. The commlink you have uses an OS that “contains” up to your response rating in programs, but at the same time your OS is a program as well – this will be reflected in your “firewall” commlink since it will be running the “primary” commlink as a program (the OS should be accessible through that commlink). This gives us several options – and drawbacks. The good You have a secondary line of defense that can be filled with agents and databombs and even secondary encryptions. Example (Solution 1 – one I find logical since one does not use up ALL resources of the firewall commlink) Step 1 Firewall Commlink R5 – runs Encrypt, Databomb Device and IC (2 slots left) Hacker Commlink R5 – runs 4 different programs (1 slot left) Step 2 Hacker Commlinks connects through Firewall Commlink Result Firewall Commlink R5 – runs Encrypt, Databomb Device, IC, Hacker OS (1 slots left) Hacker Commlink R5 – runs 4 different programs (1 slot left) Solution 2 (quick and simple but slightly more illogical. For each commlink connecting to another you lower the response by 1 on the “Firewall” commlink – and thus lowering the limit for the Hacker commlink as well. The bad Well, that depends on how you run it. Unless the hackers are aware of an intrusion a “Crash OS” would be quite bad for them as they would be thrown out of the node. Databombs have the option of destrying files if the user wish it. |
|
|
|
Feb 3 2006, 02:39 PM
Post
#6
|
|
|
Target ![]() Group: Members Posts: 20 Joined: 17-January 06 Member No.: 8,175 |
The above systems has lots of advantages and might make hackers/tecno cry :)
Load Commlink one with false sin and other rubbish and place LOTS of defense within it. Allows you to walk around being "joe public". Then link second Commslink to it by wire(hay it is in your pocket) Then hook all your wirless kit into the second one. When you need wireless access just open up the gateway between the 2. In fact you could leave it open most of the time and just live on the secuirty of both commslink. As long as all you wirless stuff is linked to your second commslink you should be golden. just an idea? |
|
|
|
Feb 3 2006, 03:05 PM
Post
#7
|
|
|
Hoppelhäschen 5000 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
You attach Data Bombs either to Devices or Files - they activate and crash only when those are accessed.
So, not data-bombing Encryptions or running Programs. OS is not a Program, on the other hand, and daisy-chained Node may serve as chokepoints, but they do not limit performance. |
|
|
|
Feb 3 2006, 03:07 PM
Post
#8
|
|||
|
Great Dragon ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 5,486 Joined: 17-March 05 From: Michigan Member No.: 7,180 |
If your wireless devices are subscribed to the second commlink, it must be online in hidden mode - which means its not really "behind" the first commlink at all. Initially looking at you, they would see your public commlink. With a little scanning, they could find your wireless devices and your hidden commlink. Then they could just hack the second commlink, avoiding all the defenses you loaded on the first one. |
||
|
|
|||
Feb 3 2006, 03:07 PM
Post
#9
|
|
|
Running Target ![]() ![]() ![]() Group: Members Posts: 1,283 Joined: 17-May 05 Member No.: 7,398 |
They will count against the devices you can have subscribed, however.
|
|
|
|
Feb 3 2006, 03:09 PM
Post
#10
|
|||
|
Shooting Target ![]() ![]() ![]() ![]() Group: Members Posts: 1,651 Joined: 23-September 05 From: Marietta, GA Member No.: 7,773 |
Okay, so you set your honeypot file out there in the open, called "Blackmail Information" or "Elf Pr0n" or something. |
||
|
|
|||
Feb 3 2006, 03:45 PM
Post
#11
|
|
|
Technomancer ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Retired Admins Posts: 4,638 Joined: 2-October 02 From: Champaign, IL Member No.: 3,374 |
LOL! Honeypots in SR4. I love it.
Another baddie that I did once is to attach a databomb to an IC program. When the IC program goes down, the bomb goes off. Similar to the old Trap IC in SR3 except it doesn't launch anothre IC program, just the bomb. |
|
|
|
Feb 3 2006, 03:52 PM
Post
#12
|
|||||
|
Great Dragon ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 5,486 Joined: 17-March 05 From: Michigan Member No.: 7,180 |
As above - you attach them to devices or files. An Agent running with a Databomb program in its payload doesnt' trigger it when he crashes - he can just use it to trap otehr devices or files. If you put the databomb on file for the IC program it still wouldn't trigger when it crashes, it would trigger if an unauthorized user tried to access that file (to launch some IC). You definatly can't use Data Bomb as an attack program. Though it would be sweet if you could, since its automatic damage that the icon who tripped it cannot avoid. |
||||
|
|
|||||
Feb 3 2006, 03:56 PM
Post
#13
|
|||
|
Runner ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
Not quite, if you use an internal commlink (or another external) just disable the wireless connection and route it through the Personas subscription list to be "hidden". In order to "see" the other commlink they would have to hack the first one. The fun thing is that hackers can have their own tiered networks, on a slightly smaller scale. I started writhign this a little while ago, does it sound logical (this is as far as I have understood the rules for networking and limitations on response) Step 1: What is a Node? A node is any wireless device or network that can be connected to the Matrix and accessed through the matrix (See matrix topology in SR4 page 206). At the bottom of the hierarchy are the commlink and the personal area networks. Conclusion: Commlinks are NODES. Step 2: Accessing Nodes & Response Programs are limited by the Response on the Node on which they are uploaded (See “System (Software)” page 213. If you have a Node with a Response 5 and System 5 then you can run up to five programs. If you upload a rating 4 agent on a Response 2 node then it will be limited to rating 2. If you hack into a Node with a Response of 2 and your own Commlink (a Node in itself) has a Response of 5 then all your programs are run with rating 5, unless you load more than 5 programs. The Response 2 Node will be limited to rating 2 programs. Step 3: Accessing Multiple Nodes If you access a tiered network (in this example lets assume we have a team with multiple commlinks networked for added security) We have three (3) Nodes (Commlinks) and they have a response equal to their name (Response 1-3). In order to access commlink 3 we need to hack through the first two just to be able to TRY hacking the last one. There is no limitation to the Hackers commlink when accessing the third commlink THROUGH the other two according to SR4, this means that only programs UPLOADED on the actual Nodes (Commlink 1-3) are limited by Response. Ok, this actually means that hackers can use their own tiered secure networks of several defensive commlinks. Ok, money might be an issue though. |
||
|
|
|||
Feb 3 2006, 04:04 PM
Post
#14
|
|||
|
Runner ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
But programs are files, arent they? |
||
|
|
|||
Feb 3 2006, 04:08 PM
Post
#15
|
|
|
Shooting Target ![]() ![]() ![]() ![]() Group: Members Posts: 1,635 Joined: 27-November 05 Member No.: 8,006 |
Not running Databomb, which is different. Why couldn't you put a Databomb on an IC. So the first access to the running program, say to attack it, set it off? It depends on what you class as being protected by Encrpyt.
I assume Scramble is just an artifact from copying SR3 text. |
|
|
|
Feb 3 2006, 04:11 PM
Post
#16
|
|||
|
Shooting Target ![]() ![]() ![]() ![]() Group: Members Posts: 1,635 Joined: 27-November 05 Member No.: 8,006 |
Running programs have icons, and you can put it on an icon. The only stipulation is that the icon be protected by Encrypt. So it sort of depends on whether you rule a given running program is protected by Encrypt. |
||
|
|
|||
Feb 3 2006, 05:11 PM
Post
#17
|
|||
|
panda! ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
iirc from older versions, failing to decrypt a encrypted file properly would destroy said file (ouch! sounds like perfect DRM thinking). but a databomb do not destroy the file its attached to. you may compare a databomb to a tripwire. if you databomb a device you put a tripwire on a door. if you open said door without taking the right steps beforhand, boom. putting a databomb on a file is like tripwiring a box. open or move the box and boom. sadly you cant put a dead-man tripwire on a IC or agent, would be all to cool :smokin: so here is my setup: tripwire on device. encryption on connection. hidden mode. first you have to locate, then you have to decrypt. and if you dont watch out, things go boom when you then try to access the device. and if i want to i can then have more databombs sitting on all kinds of files. hmm, maybe i can even databomb the smartlink or other similar devices. so if the hacker trys to screw with my aiming he yet again gets a boom :silly: and why do i envision all this as good old round black bombs with a fuse? :wobble: |
||
|
|
|||
Feb 3 2006, 10:58 PM
Post
#18
|
|||
|
Hoppelhäschen 5000 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Running Programs are Programs - of course, you can protect stored Programs, which are files. Agents/IC should be possible carriers, too - but that only matters when someone is trying to get inside them... |
||
|
|
|||
Feb 27 2006, 07:09 PM
Post
#19
|
|
|
Grand Master of Run-Fu ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Dumpshocked Posts: 6,840 Joined: 26-February 02 From: Tir Tairngire Member No.: 178 |
Sorry to dig up an old thread, but a new trick just popped up:
Let's say that you have two commlinks. The first is loaded with a Fake ID, and generic material so you can pose as Joe Public. The second is in hidden mode and skinlinked, unconnected to your first commlink, and connects to all your shadowgear. Now, as I read it, the skinlink alone renders you immune to hacking and jamming attempts; and the first allows you to avoid the problems of going about in hidden mode. If you need it, you add a third commlink with a high Firewall to serve as your communicator. I can't see any flaws in this setup in the RAW, which means that anyone with 600 :nuyen: is immune to hacking attacks on their gear. If that's true, what's the point of all the threats on hacking gear? |
|
|
|
Feb 27 2006, 07:19 PM
Post
#20
|
|||
|
Moving Target ![]() ![]() Group: Members Posts: 327 Joined: 28-January 06 Member No.: 8,209 |
Well, first, define "all your shadow gear". I still posit that having it all touch your skin is infeasible in many cases, or at least infeasible for reliability. Second, if your "public" commlink is not linked in any way to your "private" one, then actually USING both is going to be an interesting trick. If they're both connected to the same display/interface device (goggles, cybereyes, whatever), then it's possible to break through from one to the other; and if they AREN'T connected to the same display device, you have trouble actually using at least one. Third, at least to my understanding, commlinks in hidden mode are not broadcasting their presence, but ARE both discoverable and hackable with enough effort. |
||
|
|
|||
Feb 27 2006, 09:39 PM
Post
#21
|
|||||||
|
Grand Master of Run-Fu ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Dumpshocked Posts: 6,840 Joined: 26-February 02 From: Tir Tairngire Member No.: 178 |
In the trick I was shown, the smartlinked guns and heavily modified contact lenses were linked to the hidden commlink. It could easily be expanded to include various bits of cyberware, however.
The public commlink was connected solely to a set of AR glasses, with no vison mods. That means that you can't put false visual details onto the glasses, since they're not really showing you anything. The worst that could happen is a bunch of AR details popping up, but then you can take off the glasses without being the worse for wear-- all the vision mods are in the contacts.
That's the question, though. First of all, won't the skinlink prevent most wireless access, since everything is running though direct contact? Second, with two commlinks, how likely is it that the second one would even be discovered? The point is to set the first commlink as a decoy; if I read p 225 correctly, trying to notice a hidden node when there are nonhidden ones nearby raises the threshold to 15. That means that you're not likely to get hacked during combat, and probably not noticed at all, if you keep moving. |
||||||
|
|
|||||||
Feb 27 2006, 10:00 PM
Post
#22
|
|
|
Bushido Cowgirl ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 5,782 Joined: 8-July 05 From: On the Double K Ranch a half day's ride out of Phlogiston Flats Member No.: 7,490 |
This is why if you are not a hacker or do not posess the appropriate skills (such as in the case of my Adept KK 4.1), it's wise to spend the BPs for a hacker as contact with a loyalty rating of 5 or 6.
|
|
|
|
Feb 27 2006, 11:05 PM
Post
#23
|
|||
|
Hoppelhäschen 5000 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Not really a flaw, but as long as you run a mode at all, wifi still is enabled. So, someone could hack the cheap commlink and use it to scan for your hidden one - as soon as it becomes obvious that the cheap one is just cover. Absolute security against hacking relies on being offline. |
||
|
|
|||
Feb 27 2006, 11:44 PM
Post
#24
|
|
|
panda! ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
absolute comlink security relies on it being at the bottom of the sea, coverd in a unknown number of layers of concrete, diffrent hard and heavy metals, dikote, and watched over by a equal number of 3 digit rating spirits and some very well payed great dragons...
|
|
|
|
Feb 28 2006, 12:01 AM
Post
#25
|
|
|
Hoppelhäschen 5000 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Nah - to ultimately secury a commlink against hacking, just grind it to fine dust... which you burn. :grinbig:
|
|
|
|
![]() ![]() |
|
Lo-Fi Version | Time is now: 4th July 2026 - 07:58 PM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.