The problem with agents, How to solve it. |
The problem with agents, How to solve it. |
Oct 12 2006, 09:41 AM
Post
#1
|
|
Runner Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
Ok, I LIKE the SR4 matrix rules and even more the logic about that piracy is a fact of life and that hackers CAN load multiple commlinks with their programs without having to buy the program twice.
But I have a problem. Agents. Agents can be the gamebreaker both for and against the players. What’s stopping a megacorp from flooding their network of commlinks/computer with a gazillion agents? What’s stopping players from using an armada of agents? If this is how one CAN use agents then there is no reason to believe that corporations wouldn’t do it to secure their data. So, the end result is that hacking is either impossible or becomes a struggle between armadas of agents doing the hackers job. I’m almost at the point where I’m about to suggest that we remove agents completely and only have IC. This way the Technomancer would really shine as being the only one with roaming entities of the matrix. But…it is also wrong. Should one limit the amount of Agents who can “look” into a node from one node to the other or even limit the amount of Agents that can be active on a node at once? Or should one be so harsh as to actually limit the amount of agent and make them un-crackable (which is silly in itself as they are programs as well). Now, these are thoughts from the player who will be the HACKER of the team and not the GM and if I have such thoughts of game inbalance what are your views? So far we have yet to play a game but we are trying to fix some odd bugs first. |
|
|
Oct 12 2006, 10:35 AM
Post
#2
|
|
Running Target Group: Members Posts: 1,498 Joined: 4-August 05 From: ADL Member No.: 7,534 |
The problem is not quantity but quality. Hacking is about stealth, about not being detected. Lots of agents that breakinto something will most likely trigger an alarm. The system will be shut down, no problem at all.
The problem are rating 6 agents on rating 6 comlinks that are as goodasevery hacker (excluding edge). My solution: Cap agent ratings at 4. This is part of a bigger matrix rules framework I have developed. Depending on the upcoming matrix FAQ I may or may not publish this here. |
|
|
Oct 12 2006, 11:07 AM
Post
#3
|
|
Runner Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
True, but if a hacker can defend his commlink against intrusion with 9+ agents (using more than 1 commlink) you can bet that the corps have already implemented it.
This means that you might run into 20+ analyze checks per combat turn when investigating a corporations node. My problem is not how a hacker works but how the reasonable response would be when the hacker tries to hack. Using a second commlink and several agents just sound logical to increase your defense but one can bet that if a corp has 20+ analyze checks SOME of them will roll that insane number of successes to detect you. If one believes it is cheap for runenrs getting commlinks one should also think about that a corporation (even a tiny one) can buy the same things hundredfold times and use it even more efficiently. Rating 4 agent is enough for me since a response 5 commlink can run 9 agents running 3 programs each...that's a lot, especially for defensive purposes. |
|
|
Oct 12 2006, 12:19 PM
Post
#4
|
|
Runner Group: Members Posts: 3,009 Joined: 25-September 06 From: Paris, France Member No.: 9,466 |
The trouble with multiplying intrusion countermesure is that it's often detrimental to the legit user. Take a look at Windows Vista, asking you 3 times if you're really really sure you want to do something each time you click on something. Imagine having to unlock 5 doors and go through 3 security check each time you come home. Sure, your home is much more secure, but is it worth it ?
There's also another way to look at it. One may also wonder why the corps' matrix server can't afford better protection (rating 4-6 for a "secure" server according to the ratings) than your everyday cell-phone (okay, your everyday secured cell-phone). The answer lies in the traffic they have to deal with : your cell-phone isn't simultaneously used by 400 people. So I tend to think that, to make it simple, we consider the same thing for both because the 1/400th computing power of the server that your connection will use is the same that the whole computing power of your cell-phone. So even if the corp uses 800 agents in their server, you'll only face 2 of them. About sending gazillions of agents to hack a server, that'll slow down your commlink, and I don't think that you'll have the rights to load an agent on a node you're trying to hack. You may try to load the agents on smaller nodes you've hacked (or bought/rent), but that would be as subtle as rushing a corp warehouse with a full squadron of tanks. And the server may also figure out that there's something strange going on and simply refuse to load new agents. The node might even be set up so that its list of active software can't be changed. About using rating 6 agents, I simply consider that a rating 6 agents may have hacking rating of 6, but it doesn't have any logic rating. So, your agent will tend to fall in matrix trap designed to trap such programs, while your average hacker will be able to see through the trick with a logic+hacking test. |
|
|
Oct 12 2006, 12:21 PM
Post
#5
|
|
Moving Target Group: Members Posts: 668 Joined: 4-September 06 Member No.: 9,304 |
I am thinking of limiting the number of agents that you can have on your system before you start to get degradation of the system.
As well, I am thinking that too many agents will also interfere with each other, sort of like trying to run too many anti-virus programs at once, they keep detecting each other and not liking it. Hmm, will have to look into if an agent with 3 programs running on it counts as 1 item for the system limit, or 4 of them. If it is 4, that will definately rule out running multiple agents. Anyone know? |
|
|
Oct 12 2006, 12:41 PM
Post
#6
|
|
Runner Group: Members Posts: 2,526 Joined: 9-April 06 From: McGuire AFB, NJ Member No.: 8,445 |
That would definatly stop the issue of having a rating 6 agent loaded with 11 programs. It would make Hackers choose 2 or 3 programs to load up on an agent or else jack up thier own commlink.
This decision also makes TM's more powerfull with thier Sprites, cause sprites dont count against the system value. |
|
|
Oct 12 2006, 12:48 PM
Post
#7
|
|
The Dragon Never Sleeps Group: Admin Posts: 6,924 Joined: 1-September 05 Member No.: 7,667 |
Just send for Neo...
|
|
|
Oct 12 2006, 02:22 PM
Post
#8
|
|||||
Dragon Group: Members Posts: 4,718 Joined: 14-September 02 Member No.: 3,263 |
Agents must exist on the node that they operate on. Yes I would expect any systems of note to limit the number of Agents operating on them. If only for protection from unintentional program errors that lead to excessive spawning.
Not uncrackable. Just rule on the vague point about the Cracking extended test about how many copies you can make for successfully performing the test that the number is one. Meaning you must perform the extended test once for each instance of whatever program you want to run. Allows a healthy number of copies, but keeps things sane. Because Agents are more expensive and therefore likely better protected they should likely have a fairly high Threshold for that extended test. |
||||
|
|||||
Oct 12 2006, 02:27 PM
Post
#9
|
|||
Runner Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
And here’s the problem. It seems one does not HAVE to upload an Agent to a node you wish to hack and/or monitor. There are two ways to “load” your agents. Uploaded into persona with orders to access nodes independently= Using the persona commlink (See page 227 SR4 "using agents") Operate on the matrix independently= Uploaded on another node and subscribed to persona. (See page 228 SR4 "using agents" cont...) The first seems to indicate that it works FROM your persona and the second one that it is active on a separate node that one cannot access (perhaps uploaded to create a diversion at a later point in time as you hack another system…) |
||
|
|||
Oct 12 2006, 02:31 PM
Post
#10
|
|
Runner Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
Also, remember that if your Response is 4 you can run agents at rating 4 but if the agent runs 4 programs it reaches its own virtual "response" of 4 and its rating drops to 3.
|
|
|
Oct 12 2006, 02:39 PM
Post
#11
|
|||
Moving Target Group: Members Posts: 693 Joined: 26-March 03 Member No.: 4,335 |
It never says. But, I look at it like this: 1) The agent is a program running on your comlink. 2) The programs it uses are also programs running on your comlink - when it is actively using them (just like you). So an agent running analyse on a comlink that is also running analyse and encrypt has 4 programs running. If the agent notices an intruder and brings up an attack program, it now has 5 programs going on the comlink. As for the problem of multiple agents - I just use a little sense: If 1 copy of IC doesn't notice the signature of a hacker on your system, why would additional copies running the exact same procedures at the same time notice anything different? These things didn't just "overlook" the hacker when they fail to notice him- The hacker's traces just didn't fit their preprogrammed search parameters. Having multiple copies going isn't going to make that more robust. _____________ On a related note, remind me: Do the agents get the "free" analyse tests every time the Hacker does something the same way the OS does? Or do they operate merely by spending their actions each pass looking for intruders? |
||
|
|||
Oct 12 2006, 02:47 PM
Post
#12
|
|||
Runner Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
Well, for one thing the hacker can instruct the agents or IC to use different search parameters and make continous checks for intrusion. |
||
|
|||
Oct 12 2006, 02:47 PM
Post
#13
|
|||
Runner Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
They would operate by simply spending their actions during search tests. |
||
|
|||
Oct 12 2006, 02:54 PM
Post
#14
|
|
Moving Target Group: Members Posts: 750 Joined: 9-August 06 Member No.: 9,059 |
I would use teamwork rules for multiple agents running Analyze. We use them for Perception tests, right? And lots of other stuff.
So four agents of equal ratings throw on average double the dice of a single agent. Not too bad, and it avoids possibly awkward house rules that might cause other problems or simply seem unrealistic within the in-game flavor. |
|
|
Oct 12 2006, 02:58 PM
Post
#15
|
|
Running Target Group: Members Posts: 1,498 Joined: 4-August 05 From: ADL Member No.: 7,534 |
20+ Agents on Node issue
Proposed solutions: - only when a hacker performs an illegal test, the IC is allowed to scan for the hacker. If the Hacker does not do something illegal for his account he can not be caught (see my matrix guide for that) - glitches: 20+ agents will generate much more glitches and thus false alarms than 3. Maybe one should calculate the odds for that - one could apply a penalty of X dice when X + 1 matrix entities are scanning something at the same time (enter fluff reason here) @Slithery: Your solution kills hacking. Remember, that in a teamwork test, dice are added. It is much more probable that you hit an arbitrary threshold with Y/2 times X dice only rolling once than rolling Y times X dice and trying to beat the threshold at least once. In numbers: It is much more easy to beat a threshold of, say 5 with rolling 20 dice once, than rolling 10 dice 4 times. |
|
|
Oct 12 2006, 03:23 PM
Post
#16
|
|
Moving Target Group: Members Posts: 750 Joined: 9-August 06 Member No.: 9,059 |
Good point; I don't do much with the hacking rules.
|
|
|
Oct 12 2006, 04:26 PM
Post
#17
|
|||
Running Target Group: Members Posts: 1,333 Joined: 19-August 06 From: Austin Member No.: 9,168 |
Very good point. Let's look at a rating 6 agent running a rating 4 analyze (I think) - that's 10 dice. So we need 5 1's to glitch. Per a dice calculator, that's a 1.55% chance to glitch. And from what I can tell the odds of it happening on 20 dice is 1.55*20-1.55^20, which is about 30%. If you're using a rating 3 agent with rating 3 analyze, that's 6 dice, so 3 glitch. That's a 6.23% chance. So 20 agents is 6.23*20 - 6.23^20, which is about 125% chance of it happening. Edit: I stand by my statement. I hate probability. Multi-variate calculus, that's easy. Odds? Suck. Annoyingly, I've learned some odds doing this. But my math may be bad. |
||
|
|||
Oct 12 2006, 05:18 PM
Post
#18
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
Here's hoping that some of what comes out in the FAQ answers clears up the issue.
|
|
|
Oct 12 2006, 05:49 PM
Post
#19
|
|
Moving Target Group: Members Posts: 668 Joined: 4-September 06 Member No.: 9,304 |
OK, got out my book and did a little reading
P 212, Response, degrades if too many programs running p 227, Agents: use the response rating of the node that they are in p 228 Payload: Independantly operating agents have to have their programs active, with a reference to p212 for possible response problems. All this leads me to believe that an agent with active programs (say analyze, trace, attack) running in your commlink would be the equivalent of 4 programs, not one. So I do not think that you could have encrypt, analyze, 4 agents running 3 programs each, in a rating 6 commlink, without having the response drop down by 2, to rating 4. |
|
|
Oct 12 2006, 06:57 PM
Post
#20
|
|
Runner Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
The problem is that if that is the case then you'd have to have a separate commlink for just running an agent - seems a wee bit extreme.
|
|
|
Oct 12 2006, 07:08 PM
Post
#21
|
|
Runner Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
Solution:
Since all the other programs can be run one at a time on a commlinks (with a slight exception to encryption on devices and signal) I'd go with maximum of 1 agent and 1 IC per commlink. Running agents on external nodes is another ball of wax and has subscription rules but maximum 1 agent per node. |
|
|
Oct 12 2006, 07:58 PM
Post
#22
|
|||||||
Dragon Group: Members Posts: 4,718 Joined: 14-September 02 Member No.: 3,263 |
Yes, and counts against your normal loaded/running program limit.
What do you mean by this bolded part? Because you have to be able to access that node to upload it, or the Agent had to be able to log in and move itself there.
Only for the first case. For the later case if you want it to do anything on the target node it has to get itself to that node somehow. Which entails a separate login for the Agent since it isn't running on whatever account you are using. If the Agent isn't on the target node it can't do much in the way of distraction other than erroneous login attempts. Which is likely only going to serve to raise security scrutiny. |
||||||
|
|||||||
Oct 12 2006, 08:02 PM
Post
#23
|
|||
Dragon Group: Members Posts: 4,718 Joined: 14-September 02 Member No.: 3,263 |
Encryption only needs to run when establishing the an encrypted link. After that it doesn't even need to be loaded for the connection to remain encrypted. |
||
|
|||
Oct 12 2006, 09:24 PM
Post
#24
|
|
Immoral Elf Group: Members Posts: 15,247 Joined: 29-March 02 From: Grimy Pete's Bar & Laundromat Member No.: 2,486 |
So, let me make sure that I have this straight ...
Take, for example, a Commlink. Every Program loaded into (or just active?) an Agent counts towards the total for the purposes of determining whether the Response is affected? If so, these people running around with Commlinks containing 9 Agents, each of which is running 3 or 4 Programs would really be sucking wind, even on Response/System 5 or 6 'links. Also ... As a non-Hacker, if I am running an Agent on my Commlink, would there really be any need for other Programs to be loaded seperately? |
|
|
Oct 12 2006, 09:56 PM
Post
#25
|
|
Shooting Target Group: Members Posts: 1,706 Joined: 30-June 06 From: Fort Wayne, IN Member No.: 8,814 |
I really don't see the need to use an agent to run programs on your own commlink. There are examples in the book showing the use of an Analyze or Browse program running in the background and alerted the player when xyz was found. And just like a foreign node, even without IC in the node, Analyze is running and all that needs to happen is pass the intruder's Stealth to flag an alert. And an alert is a very generic term that can be customized by the system.
So, what I have asked my players to do, is just set their commlinks to continually run an Analyze on their own node and let me know what it is supposed to do when an alert is triggered. Besides the immediate +4 to Firewall, they normally just want a visual cue or email of sorts to let them know. I suppose you could use overkill and have a ton of agents, but I just don't see that as being needed... |
|
|
Lo-Fi Version | Time is now: 26th April 2024 - 06:54 PM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.