SMG 1.0 (beta), Marry X-mas from me Options

[Serbitar]

So, this is it. SGM 1.0 (beta), a complete matrix rules rewrite.

It features:
- logic connected tests
- AR slower than VR
- unified mechanics (hopefully)
- very few loopholes (also hopefully)
- a shitload of examples, example thresholds and baseline
- agents in check (worse than hackers, due to logic mechanics)


It is still in the writing and its definately not complete at the moment, but I think it is in a state to show somebody.

Disclaimer: This rule set is not the holy grail of matrix rules. I wrote it mostly because I could (and was asked). If it is better than the standard rules, everybody can judge for himself.

Feedback very much apprechiated.

[Moon-Hawk]

On page 14 you say:
The threshold is 4 times the rating of the lowest
involved encryption program. The interval is 1
minute for live data and 1 hour for static data (as
more powerfull algorithms can be used there).

Shouldn't that be the highest involved encryption program? I mean, otherwise I could take an encrypted file, encrypt it with a rating 1 program, then break it trivially.


edit: Oh, and BTW... THANK YOU SANTA!!!

[Konsaki]

I think he means 2way comm. If one side has 3 and the other has 5, you go off the 3.
3*4=12TN

[Serbitar]

It was meant that way: If 3 people communicate with encryption 2, 4 and 6 ratings, 2 would be used for the decryption test.

Any way to say that in less than 2 sentences? Maybe add an example . . .

[Moon-Hawk]

Oooh, I see what you're saying.
Check, I agree with that.
But you see how I got to my interpretation, right? I guess it's the difference between stored data and live traffic.

I think it's enough to say that encrypted communications effectively function at the rating of the lowest encryption program involved.

[Blade]

I didn't read it in details, but it looks nice. Your sample systems remind me of those I designed for my matrix security handbook :).

You have taken a totally different approach from me. I'm not fond of closed rulesets and I there are some basic rules I don't like (the security tally for example) but I'll try to give you some feedback anyway.

For now, there's just one thing that really bothers me: from what I've read, a rating 5 agent is as good as a logic 5 + hacking 5 hacker. Am I missing anything ?

[Serbitar]

4+4 hacker (a hacker gets +2 dice for VR) without edge specialisation and any codeslinger advantages.

Furthermore ive balanced in an implant that adds +1 IP and another implant that gives -1 threshold (basically 1 hit that is not capped by programme) per test. Thats the one that also blakkie is propagating.

The maximum for an agent is 12 dice. The maximum for a hacker is somewhere arround 26 dice.

[Konsaki]

That's going to suck for TM's if they dont get an equal echo to have -1TN...
Though that's my first thought without reading over the file fully.

[Serbitar]

TM balancing is a different thing alltogether.
I think Ill implement my changes from SHP, which is an extreme boost frfor TMS from RAW.

As it is TMs are so underpowered at the moment, I would never recommend playing one.

[Konsaki]

Just a note, since you are talking about your SHP. I noted when you explained 'SECKS', you dont give out a 'baseline' Karma number like BeCKS does. Based off the calculations from the sample characters though, would it be safe to assume that 580k would be an acceptable substitution to 400BP, on average.

[ShadowDragon]

Thanks Serbitar, I'll check it out when I have more time.

Don't forget to update your sig. I still see 0.9 there.

[Serbitar]

I give a number, should be 600 karma if I remember correctly.

[RunnerPaul]

Regarding Active Alerts:
You may wish to re-evaluate having an Active Alert result in a decrease in System Rating. A +4 bonus to the firewall rating against identified intruders is nice, but is it worth lowering the maximum rating of the programs running on that node? Especially considering that node security often involves agents acting as IC?

If you're going to have Active Alerts impact a matrix attribute, I would think Response would be the better fit conceptually. Firewall is checking things more thoroughly, so you get slowdowns more easily.

Personally though, I wouldn't bother with having an impact on any matrix attribute. While previous editions had alerts that caused impacts on Host performance because they triggered effects that had Host-wide implications, such as boosts to IC ratings, SR4's Alerts are specifically targeted against individual detected intruders and only apply when the firewall rating is used against the intruder. In short, it's merely the firewall doing what it's designed to: making life hard for unauthorized users.

[Serbitar]

the problem is the following: Technically, you can just put all and every access ID on the "intruder" list and just leave active alert on forever. This would mean free (and extremely high) firewall rating. Thats why I wanted it to have some severe drawebacks. Response was not severe enough for me (especially for clusters and devices).


Maybe I can find something more suitable.

[RunnerPaul]

[Serbitar]

Thats an idea I could live with. Though you still have the question "If the firewall can do this +4 thing, and it doesnt have any drawbacks, why isnt it doing this all of the time against everybody?"

[RunnerPaul]

[Blade]

I agree with Runnerpaul.

Here are some more comments :

1) After thinking about it and taking a deep look at the probability tables, rolling logic+hacking and capping with the program level seems nice. It takes logic into account, remove the default problem, and blends with the basic game mechanics.

2)

[Konsaki]

Response to your [4], Blade. You have to remember that most matrix nodes, read servers, are way more powerful that a personal commlink. When you see the rating of the node 1-6, you are seeing the max amount of processing power it can give to each individual user/icon on that node. If they acted like personal commlinks, how would a company be able to operate with hundreds of personnel accesing the central database or have thousands of customers using their online store at the same time?

[Blade]

The way I deal with it, I consider that each connected user has, at his disposition, a full node of its rating.
For example, a corp office server with a rating of 3, will allow its 500 user to use it at the same time and each one of them will be able to use a rating 3 Edit progra while a rating 3 analyze program (used for system monitoring) and a rating 3 security agent will ensure the security of the user.

If you consider it as Serbitar does (or at least as I understood it), nothing prevent corps nodes from being full of CI and forcing the hacker to resist 300 analyze tests.

[Serbitar]

300 analyze test would be a -600 dice modificator in my system.

With my system, the chance to detect somebody actually decreases if you use more than 2-3 agents.

[Blade]

Didn't see this...
and 300 attack tests ?

[Serbitar]

Well, most of the time, the run is over when you are detected in a cluster. If it wanted it could shut down and throw you out and reboot in 3-6 seconds. So the question is rethorical anyways.
The best answer would be some fluff reasons about having too much IC is bad for overall performance and such . . .

But a question for you: What stops all the IC from your 300 seperate nodes that make up your cluster to go to the one node where a hacker is deteckted and attack him?

I really see no difference between your and my system . . .

Edit: I have a better answer. Attacks behave just like matrix perception. Every 2nd third and so on attack in a pass get a -2 dice pool modifier, for the same reason like matrix perception. Sounds good.
Thanks for the good argument.

[Blade]

You can send the IC to that nodes, but you'll be lowering the defenses in the other nodes of the clusters...

This way, you can send another hacker (or an agent) to distract security.

Compare it to physical security : to secure an appartment, you'll only need 1 or 2 guards. To secure a big building, you'll need a lot more. If you send the 300 guards of the big building in a room where you noticed something, the rest of the building won't be covered.

[Konsaki]

If you compare to real world security guards, they would send a few for support and sound the alarm... You wouldnt have 300 guards/police trying to cram into a single room to mob one guy...