IPB

Welcome Guest ( Log In | Register )

6 Pages V   1 2 3 > »   
Reply to this topicStart new topic
> Another realitybraker, subscription rule kills wireless hacking
Serbitar
post Feb 16 2006, 10:06 AM
Post #1


Running Target
***

Group: Members
Posts: 1,498
Joined: 4-August 05
From: ADL
Member No.: 7,534



QUOTE

Linking and Subscribing
Now, just because all of your devices can talk to other devices doesn’t mean that they will. For simplicity, privacy, and security, you may configure your devices so that they only interact with another specific device (usually your commlink, as your PAN’s hub) or a specific network (your PAN). This prevents confusion between users (am I accessing my guncam or yours?) and also offers a degree of protection from snoopers and hackers. Rather than allowing any stranger access to all of your electronics, anyone that wants to interact with your PAN must connect to your commlink first.


What does the rule do?

It implements an unhackable link between two devices. This link works, hacking-wise, like a cable that can not be intercepted.

Whats the Problem?

This rule is killing wireless hacking. Devices that do not have to access the matrix, will only grant access to a limited number of other devices, which need to use the device in question. These connections are, as defined by the rule, unhackable.

Example1: All the wireless devices in a house only accept input from the house-telecom and the comlink of the owner. The telecom and the commlink of the owner only accept input from the local security node of their matrix service provider.

Example2: All devices in a coporation facility only accept input from devices of the coporate facility. For outside communication, a heavily secured choke point is used.

Example3: Cars only accept input from the comlinks of their owners. Cars can not be hacked without finding the owner comlink, first, which in turn, is only accesible by the security node of the matrix service provider.


This rule effectively kills wireless hacking and is extremely senseless. Why shouldnt one be able to spoof the device codes?
With this rule, we are back to SR3 hacking. Even worse, there is no way to "tap" the wireless links. They are, by rule, 100% secure.

Solution:
Skip the rule. PAN devices with a rating of 0 are already more then enough protected by their very short broadcasting length and possible skinlink solutions.
Go to the top of the page
 
+Quote Post
Oracle
post Feb 16 2006, 10:19 AM
Post #2


Moving Target
**

Group: Members
Posts: 934
Joined: 26-August 05
From: Earth - Europe - AGS - Norddeutscher Bund - Hannover
Member No.: 7,624



The question is: What is a device and what is a node?

My guess would be that a vehicle can't be subscribed to a commlink. The same goes with commlinks.
Go to the top of the page
 
+Quote Post
Serbitar
post Feb 16 2006, 10:52 AM
Post #3


Running Target
***

Group: Members
Posts: 1,498
Joined: 4-August 05
From: ADL
Member No.: 7,534



There is no (qualitative) difference between a wireless link in a cyberware device, a car, or a comlink.
All use the same protocol. The shape of the object has nothing to do with it.
Go to the top of the page
 
+Quote Post
mintcar
post Feb 16 2006, 11:41 AM
Post #4


Karma Police
***

Group: Dumpshocked
Posts: 1,358
Joined: 22-July 04
From: Gothenburg, SE
Member No.: 6,505



QUOTE
Example1: All the wireless devices in a house only accept input from the house-telecom and the comlink of the owner. The telecom and the commlink of the owner only accept input from the local security node of their matrix service provider.

Nobody would configure their commlink and telecom to accept input from only the service provider. Not unless they had a commlink and telecom only for the purpouse of controling the house hold's devices, and kept another set of computers for everything else. That seems unlikely as it would destroy the seamless interacting you can get with just one commlink (you would have to pick up different commlinks for making calls and for changing the tune on your stereo). It could happen with very paranoid people, but it would be extremely rare I think.

QUOTE
Example2: All devices in a coporation facility only accept input from devices of the coporate facility. For outside communication, a heavily secured choke point is used.

This only means you have to hack your way into the building's network before you can control cameras and electric fences. I thought that was the point :| ???

QUOTE
Example3: Cars only accept input from the comlinks of their owners. Cars can not be hacked without finding the owner comlink, first, which in turn, is only accesible by the security node of the matrix service provider.

Again, great hackers who are able to break through good firewalls and IC are not common enough for anyone to sacrifice all but one of a commlink's functions. Instead they will rely on regular security measures and enjoy the seamless interaction with people and electronics that a single commlink can provide.

So what it really means is that you can't drive around parked cars like radio-controled toy cars. You need the "key" first. And I bet you can still do it the old fashioned way and break in physicly. Maybe you can get past the subscription problem by jacking in with cable?

Go to the top of the page
 
+Quote Post
The Jopp
post Feb 16 2006, 11:42 AM
Post #5


Runner
******

Group: Members
Posts: 2,925
Joined: 26-February 02
Member No.: 948



Any device that can connect to the Matrix is a Node, wireless or not. A commlink, drone, car, credstick etc can be a node as long as they have any kind of connection. A non-wireless device can also be a node as long as one can connect to it through another node with access to the matrix.

Go to the top of the page
 
+Quote Post
Ryu
post Feb 16 2006, 11:50 AM
Post #6


Awakened Asset
********

Group: Members
Posts: 4,464
Joined: 9-April 05
From: AGS, North German League
Member No.: 7,309



There is the possibility of spoofing. Exactly for this situation.
Go to the top of the page
 
+Quote Post
Synner
post Feb 16 2006, 11:53 AM
Post #7


Runner
******

Group: Members
Posts: 3,314
Joined: 26-February 02
From: Lisbon, Cidade do Pecado
Member No.: 185



You're missing the point. While two devices can be programmed to only recognize each other the connections themselves are "unhackable", the devices themselves aren't (unless they're not connecting to the Matrix at all).

There's two ways of hacking these. You go to the device itself and Spoof it into thinking you are the device its authorized to recieve from. Or (assuming one or the other is connected to the Matrix) you hack that one to get to the other (as has been mentioned elsewhere most runners would use this chokepoint configuration).

Limiting your access to a single service provider just makes you easier to track anyway.
Go to the top of the page
 
+Quote Post
Ryu
post Feb 16 2006, 12:00 PM
Post #8


Awakened Asset
********

Group: Members
Posts: 4,464
Joined: 9-April 05
From: AGS, North German League
Member No.: 7,309



Despite the lack of examples I would not make any device a fully functional node. Many security risks without benefit. Many devices need very few functions available to wireless control.

One could be inside the house network and order the coffeemaker to commence producing lifeblood, but not be present INSIDE the coffeemaker. Why should a coffeemaker offer that kind of performance?

"Unwired" indeed...
Go to the top of the page
 
+Quote Post
Synner
post Feb 16 2006, 12:09 PM
Post #9


Runner
******

Group: Members
Posts: 3,314
Joined: 26-February 02
From: Lisbon, Cidade do Pecado
Member No.: 185



QUOTE (Ryu @ Feb 16 2006, 12:00 PM)
One could be inside the house network and order the coffeemaker to commence producing lifeblood, but not be present INSIDE the coffeemaker. Why should a coffeemaker offer that kind of performance?

Are you mixing AR with VR? AR is intended as a means of interfacing with things wirelessly (subscribing) and simply sending orders to the device (presumably selecting one of the available functions). You can hack the operating system of the coffeemaker and reprogram the timer so that it always burns the coffee - but aside from pranks, there's no significant point in doing so for most appliances and basic electronics.
Go to the top of the page
 
+Quote Post
Oracle
post Feb 16 2006, 12:17 PM
Post #10


Moving Target
**

Group: Members
Posts: 934
Joined: 26-August 05
From: Earth - Europe - AGS - Norddeutscher Bund - Hannover
Member No.: 7,624



Ok Synner, could you give us that as an example please? What exactly does an AR Hacker have to do to make the coffemaker burn the coffee? Which tests are necessary?
Go to the top of the page
 
+Quote Post
TinkerGnome
post Feb 16 2006, 01:01 PM
Post #11


Dragon
********

Group: Members
Posts: 4,138
Joined: 10-June 03
From: Tennessee
Member No.: 4,706



I don't think that use of spoof is actually present in the rules...

Anyway, I don't see this as a huge deal. If someone sets their commlink to access only the matrix node, then they're giving up everything associated with AR. They can still get commcalls and the like, but everything which doesn't go through the Matrix will be hidden to them.

Sure, an ultra-paranoid individual could do this, but they should be rare. The intent of the rules is that to access any of your devices, a hacker has to first hit your commlink. I think that's fair.
Go to the top of the page
 
+Quote Post
Synner
post Feb 16 2006, 01:04 PM
Post #12


Runner
******

Group: Members
Posts: 3,314
Joined: 26-February 02
From: Lisbon, Cidade do Pecado
Member No.: 185



[double post]
Go to the top of the page
 
+Quote Post
Synner
post Feb 16 2006, 01:06 PM
Post #13


Runner
******

Group: Members
Posts: 3,314
Joined: 26-February 02
From: Lisbon, Cidade do Pecado
Member No.: 185



Assuming you're an unauthorized user and the house has a centralized network, you Spoof the coffeemaker into thinking you're the household system or the owner's commlink and alter the OS's timer with an Edit command if you want to make it a permanent problem or just change the current timer function for prank value (which might not even require a test see Controlling Devices p.220 SR4).
Go to the top of the page
 
+Quote Post
Serbitar
post Feb 16 2006, 01:09 PM
Post #14


Running Target
***

Group: Members
Posts: 1,498
Joined: 4-August 05
From: ADL
Member No.: 7,534



QUOTE (mintcar)
Nobody would configure their commlink and telecom to accept input from only the service provider. Not unless they had a commlink and telecom only for the purpouse of controling the house hold's devices, and kept another set of computers for everything else. That seems unlikely as it would destroy the seamless interacting you can get with just one commlink (you would have to pick up different commlinks for making calls and for changing the tune on your stereo). It could happen with very paranoid people, but it would be extremely rare I think.

Wrong conculsion.
You still use the comlink as normal. It is just routed through the security node. INcoming calls just reach you via security node, you dont even notice it.

QUOTE

This only means you have to hack your way into the building's network before you can control cameras and electric fences. I thought that was the point  :| ???

No, thats not the point. The point of the wireless system was, that eveything is hackable.

QUOTE

Again, great hackers who are able to break through good firewalls and IC are not common enough for anyone to sacrifice all but one of a commlink's functions. Instead they will rely on regular security measures and enjoy the seamless interaction with people and electronics that a single commlink can provide.

Again. You dont sacrifice anything. Everything is still seamless. It just comes down to routing.

QUOTE

So what it really means is that you can't drive around parked cars like radio-controled toy cars. You need the "key" first. And I bet you can still do it the old fashioned way and break in physicly. Maybe you can get past the subscription problem by jacking in with cable?


Thats not the point why the wireless system was invented. It was invented to make hacking easier.
Go to the top of the page
 
+Quote Post
Serbitar
post Feb 16 2006, 01:15 PM
Post #15


Running Target
***

Group: Members
Posts: 1,498
Joined: 4-August 05
From: ADL
Member No.: 7,534



QUOTE ("Synner")

You're missing the point. While two devices can be programmed to only recognize each other the connections themselves are "unhackable", the devices themselves aren't (unless they're not connecting to the Matrix at all).


You hack devices over their connections. If all the conncetions to the device are unhackable, the device is unhackable.,

QUOTE

There's two ways of hacking these. You go to the device itself and Spoof it into thinking you are the device its authorized to recieve from.


You mean physically? (wirelessly you cant, it wont accept your connection) Not an option. We want wireless hacking.
BTW: What is the difference in acessing a device physically compared to wireless? Different protocoll? Or dou you just alter the electronics?

QUOTE

Or (assuming one or the other is connected to the Matrix) you hack that one to get to the other (as has been mentioned elsewhere most runners would use this chokepoint configuration).


That leasds directly to the cockepoint solution.

QUOTE

Limiting your access to a single service provider just makes you easier to track anyway.


Does Joe 2070 care? We are not talking about runners, but about people who are getting hacked by runners. Or not anymore, because of the unhackable connection rule . . .

BTW: Please discribe your "spoofing" rules in connection with the "subscriber" rule. If you can spoof for example comlink codes, to acess devices (cyberware) connected to a comlinks PAN, then the "subscriber" rules is useless and should be skipped.
Go to the top of the page
 
+Quote Post
Serbitar
post Feb 16 2006, 01:20 PM
Post #16


Running Target
***

Group: Members
Posts: 1,498
Joined: 4-August 05
From: ADL
Member No.: 7,534



QUOTE (TinkerGnome @ Feb 16 2006, 08:01 AM)
I don't think that use of spoof is actually present in the rules...

Anyway, I don't see this as a huge deal.  If someone sets their commlink to access only the matrix node, then they're giving up everything associated with AR.  They can still get commcalls and the like, but everything which doesn't go through the Matrix will be hidden to them.

Sure, an ultra-paranoid individual could do this, but they should be rare.  The intent of the rules is that to access any of your devices, a hacker has to first hit your commlink.  I think that's fair.


You can route AR through the matrix. The matrix IS wireless. Wireless IS matrix. There is no difference. The AR application just doesnt go directly to the comlink, but takes the routing over a security node.
(Your comlink, when its not in hidden mode, broadcasts: Im here, and the AR device sends the data through the matrix over the security node, and so forth. Just a a matter of routing.)


But I get your point. Direct wireless connections, would not be possible (if you want that). But the main problems are not the comlinks, but the chockepoint designs for installed devices, in coporations and homesystems alike.
Go to the top of the page
 
+Quote Post
Aku
post Feb 16 2006, 01:28 PM
Post #17


Running, running, running
*****

Group: Dumpshocked
Posts: 2,220
Joined: 18-October 04
From: North Carolina
Member No.: 6,769



i think you're reading too much into it Serbitar (maybe like i am with the skinlink thread). i think the best assumptions to run by are that:

1) Commlinks are always running in some wireless mode (even if you're hidden, you're still "out there" and you can be found. I dont think joe wageslave is going to understand or even risk the reprercussions of walking into the wrong place in hidden mode though, so he'll lively always be working in active mode, or maybe passive, if he knows he's walking through the redlight district and doesnt want to see ads for every "Hot Heather" and "sexy Suzy".

2) most devices will have wide-open wireless disabled, and only route through the users commlink, which will have all of the users preferences and passwords stored. so when fred wants to get on the matrix, he goes over to the computer (which, since it doesnt need to broadcast but to the person infront of it, and the devices immediately around it) it sends his password for the computer, and a picture of his son pops up as his background. When he leaves, he logs off, and his son comes over to do some research for school. his comm sends the same information, and his background, a picture of the Red Hot Halepeno Peppers (:rotfl:) pops up, and he does what he has too.

so how do you hack their computer? You have to find fred or the son on the matrix (and, since their commlink is always connected, it might take a while, but if you're sitting infront of the house, it shouldnt be that hard) so that you can spoof their commcodes, and while the family is out, you break into the house, get right next to your computer, and have your commlink say "Hi, i'm fred."

Bingo.
Go to the top of the page
 
+Quote Post
Ryu
post Feb 16 2006, 01:28 PM
Post #18


Awakened Asset
********

Group: Members
Posts: 4,464
Joined: 9-April 05
From: AGS, North German League
Member No.: 7,309



@Serbitar: No. Wireless was invented to make networking easier. Already happening, you know? And routing can be manipulated in a wireless world. Most devices won´t support a relevant stealth program, so they are clearly visible nodes.

@TinkerGnome: Spoofing is Hacking+Spoof against Pilot+Firewall. See "Using hacking skill"

@Synner: I´m not confusing AR and VR - I think. In VR, any device is a node, and any node can be entered in VR, or did I misunderstand? What would stop me from illegally accessing a node on the fly in VR (+2 dice) and hiding in the coffeemaker until any hackers left the house terminal? Any camera on a security PAN would be safer than the controlling terminal just because cameras can´t support worthwhile defense programs.
Go to the top of the page
 
+Quote Post
Serbitar
post Feb 16 2006, 01:32 PM
Post #19


Running Target
***

Group: Members
Posts: 1,498
Joined: 4-August 05
From: ADL
Member No.: 7,534



QUOTE (Synner)
Assuming you're an unauthorized user and the house has a centralized network, you Spoof the coffeemaker into thinking you're the household system or the owner's commlink and alter the OS's timer with an Edit command if you want to make it a permanent problem or just change the current timer function for prank value (which might not even require a test see Controlling Devices p.220 SR4).

How do you do this? The coffe device does not interact with you. You cant even start to spoof.
If you can, then its a normal hacking attempt which is already in the book. Why the "subscriber" rule.
People tell me, that their drones are unhackable, because they are subscribed to their PAN and thus, the comlink of the rigger must be hacked first. But the comlink is subscribed to the comlink of the hacker and I have to hack that first.

SO what? Can I spoof something, to hack the drone directly (rendering the "subscriber" rule useless and invalid), or do I have to go through the comlink chain?

The latter leads to chockepoint solutions everywhere and kills SR4 wireless hacking.
Go to the top of the page
 
+Quote Post
Rotbart van Dain...
post Feb 16 2006, 01:33 PM
Post #20


Hoppelhäschen 5000
*********

Group: Members
Posts: 5,731
Joined: 3-January 04
Member No.: 5,951



QUOTE (Serbitar)
Even worse, there is no way to "tap" the wireless links.

Wrong. In fact, using electronic warfare, that is perfectly possible even for those 'fixed' connections.
Go to the top of the page
 
+Quote Post
hobgoblin
post Feb 16 2006, 01:36 PM
Post #21


panda!
**********

Group: Members
Posts: 10,331
Joined: 8-March 02
From: north of central europe
Member No.: 2,242



and everything is still hackable, you just have to go thru the chokepoint first ;) some tricks never goes out of date.

if someone puts their house telecom on a subscribed link to a matrix provider node, then you go thru said matrix provider node. its a extra step but other then that its the same old same old.

if you want to spoof the coffe machine, get within 3 meters of it (and as its wireless, that can be the next room or similar), spoof the signal and presto.

simple != effortless!
Go to the top of the page
 
+Quote Post
MaxHunter
post Feb 16 2006, 01:37 PM
Post #22


Moving Target
**

Group: Members
Posts: 718
Joined: 10-September 05
From: Montevideo, in the elusive shadows of Latin America
Member No.: 7,727



Personally, I go the way Synner does. In our game linked devices (nodes) can be hacked via spoof.

Procedure:
1. Take a matrix perception test to Analyze the exchange.
2. Spoof one of the devices into thinking you are its linked counterpart
3. Once inside Edit/Command/Crash (attack) at leisure.

Plus, many times the spoofing isn't really necessary as many devices are usually "open" to anything (i.e. the fridge)

Do you do things differently? Please explain...

Cheers,
Max
Go to the top of the page
 
+Quote Post
Serbitar
post Feb 16 2006, 01:39 PM
Post #23


Running Target
***

Group: Members
Posts: 1,498
Joined: 4-August 05
From: ADL
Member No.: 7,534



QUOTE (MaxHunter @ Feb 16 2006, 08:37 AM)
Personally, I go the way Synner does. In our game linked devices (nodes) can be hacked via spoof.

Procedure:
1. Take a matrix perception test to Analyze the exchange.
2. Spoof one of the devices into thinking you are its linked counterpart
3. Once inside Edit/Command/Crash (attack) at leisure.

So, in your interpretation, you can hack drones, subscribed to a PAN, simply by just spoofing the PAN?

Can you back this up by BBB quotes ?

AND this means that the subscriber rule doesnt actually do anything. You can still hack every device.
Would be fine for me.
Go to the top of the page
 
+Quote Post
Ryu
post Feb 16 2006, 01:42 PM
Post #24


Awakened Asset
********

Group: Members
Posts: 4,464
Joined: 9-April 05
From: AGS, North German League
Member No.: 7,309



Maxhunter has it right. I think.
Go to the top of the page
 
+Quote Post
Rotbart van Dain...
post Feb 16 2006, 01:52 PM
Post #25


Hoppelhäschen 5000
*********

Group: Members
Posts: 5,731
Joined: 3-January 04
Member No.: 5,951



Not really - that device isn't directly on the matrix (except you are on the controling Node), so a Matrix Perception Test won't get you anywhere - a Scan Test using Electronic Warfare is required to find the Node.

Then comes a Sniffer Test to intercept the signal and an Edit Test to insert data.
Go to the top of the page
 
+Quote Post

6 Pages V   1 2 3 > » 
Reply to this topicStart new topic

 



RSS Lo-Fi Version Time is now: 8th April 2020 - 01:39 AM

Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.