 Agent Smith Problem, The problem and how to solve it |
  |
 Feb 9 2007, 08:38 PM
Post
#176
|
|
|
Technomancer  Group: Retired Admins Posts: 4,638 Joined: 2-October 02 From: Champaign, IL Member No.: 3,374  |
Alright, I disagree with you about staged responses with respect to the example, but I agree, we're digresing. Back on topic!
/me smacks himself. |
 |
 
|
|
Feb 10 2007, 02:58 AM
Post
#177
|
|
|
Horror Group: Members Posts: 5,322 Joined: 15-June 05 From: BumFuck, New Jersey Member No.: 7,445 |
Look at it this way...
For every identical Agent the company wants to field, it has to buy a new hardware system to support it, because at the very root of the Wireless Matrix is, and has to be if we're to accept any idea of intelligence at all, multiple, most hard-coded redundancies to prevent the self-replication of autonomous code. I see these measures as being so paranoid that such machines will refuse to interface with anything that dosen't have their same security measures, so we can rule out the "Hot System" idea for anything but entirely scratch-built Blackout labs where they do AI research, and that they will track down and terminate in extremely short order any autonomous process duplicate of another that originated from the same hardware. Therefor, if you want another Agent running rating 6 software, you'll need another commlink with ratings of 6 to boot him up. |
|
|
|
|
Feb 10 2007, 04:45 AM
Post
#178
|
|||
|
Great Dragon Group: Members Posts: 5,537 Joined: 27-August 06 From: Albuquerque NM Member No.: 9,234 |
Great idea, except that this violates the idiotic "your icon has to be on the host" basis that underlies how SR computers work. SR is based on the idea that all computers will happily load and execute random code submitted to it by anyone. And you wonder why they have problems with hackers. . . . |
||
|
|
|
||
|
Feb 10 2007, 05:11 AM
Post
#179
|
|||||
|
Horror Group: Members Posts: 5,322 Joined: 15-June 05 From: BumFuck, New Jersey Member No.: 7,445 |
Not their higher-level security measures; they don't give a crap about that. I mean their basic systems. All fundamental arcitecture must have these rock-solid foundation architectures preventing self-replicating code, to prevent the Agent Smith problem from arising again. |
||||
|
|
|
||||
|
Feb 10 2007, 05:14 AM
Post
#180
|
|||
|
Prime Runner Group: Banned Posts: 3,732 Joined: 1-September 05 From: Prague, Czech Republic Member No.: 7,665 |
Except that your icon doesn't have any code in it. The icon is just a grpahical representation of something in the Matrix. In the case of the icon of an independent actor such as a Hacker or an Agent, the Icon just represents the fact that they've logged into an account - it doesn't mean that any code has been transferred or is running on this system. Shadowrun computers do some idiotic things, but the fact that anyone who detects the fact that you've logged into a node will see an icon that represents that fact isn't one of them. -Frank |
||
|
|
|
||
|
Feb 10 2007, 05:24 AM
Post
#181
|
|||
|
Great Dragon Group: Members Posts: 5,537 Joined: 27-August 06 From: Albuquerque NM Member No.: 9,234 |
Yes. But the concept of SR computers as described doesn't exactly suggest that there is much rock-solid there. |
||
|
|
|
||
|
Feb 10 2007, 02:46 PM
Post
#182
|
|||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
ShadowDragon has taken my idea and run with it. I love the idea that standard systems will refuse to interface with ones that didn't support the same protection protocols. I reckon that's the last piece I need to make the concept internally consistent. As to stopping players wielding hordes of agents... that to me was the fundamental problem so if it is prevented, then I for one am more or less content. As a GM I can handwave corps not using agent swarms as an issue of cost and system performance. Of course players can go the route of trying to purchase / write lots of agents if they wish, but I've taken on board Serbitar's points about stealth being the over-riding concern of the hacker. It's no different to the way samurai players can load up with assault rifles. The confrontation style can be used, but ultimately, going toe-to-toe with the corps means you lose. In terms of justifying corp security level against cost and efficiency of their systems, maybe we should bear in mind that the average rating in SR4 is three. Okay, we don't see many hacker PCs with rating 3 skills and programs, but if that's what the corps are used to facing, then their half-dozen rating 3 IC would normally be considered adequate measures. Why spend so much more (unless you're something special). |
||||
|
|
|
||||
|
Feb 10 2007, 05:09 PM
Post
#183
|
|||||||
|
Moving Target Group: Members Posts: 745 Joined: 2-January 07 From: Los Angeles, CA Member No.: 10,510 |
I don't see why those protocols couldn't be put back in as easy as they were taken out. In fact, if you consider that all protection protocols are the same, they should be even easier to add and remove. You could even have an agent to do it for you. I also don't see why a Stealth program couldn't make the agent appear to have legitimate protocols.
I really think that a better analogy would be a samurai player loading up with tanks. Lots of tanks, with no kinds of limits like cost or availability or how many can fit in a small room. The Matrix equivilent of an infine army of intelligent, Independant roaming tanks. Yep, that's a problem.
Yeah, this all sounds right to me... Except that a lack of perfect copy protection means that its just as free to get Rating-6 IC as it is to get Rating-3 IC. Presumably this might be illegal... and corps in Shadowrun would never do anythng illegal or dishonest when designing their security, right? |
||||||
|
|
|
||||||
|
Feb 10 2007, 05:53 PM
Post
#184
|
|||||||||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Cetiah, There are some fundamental misunderstandings in your post about what I, and if I'm able to speak for him, Shadowdragon8685 are saying.
We're not talking about something that happens at the level of the software, a sort of my programs says X, you say Y. We're talking about something analoguous to TCP/IP. The Internet today is structured according to something called the OSI model. Have a look here for information on that. Basically you have the Application Layer at the top which is browsers, web-servers, IRC and email all doing their thing. At the bottom, you have the physical stuff - phone lines and copper and what not. In between there are actually several layers of complexity. Your agent would be operating at the very top and we're talking about something that is implemented below that where it can't be affected. This sort of low-level of the Matrix could be (would be?) implemented in firmware - not something you could edit. As to an agent pretending to have the legitimate protocols, well in theory it could, but there wouldn't be much point as it would then merely be pretending to be filled with copies of itself. The point about breaking a protocol is not that you can't do it, but that by doing so you find no-one is talking to you anymore. The Matrix is a lot more sophisticated than the Internet with a lot more intelligence built in. I think we can deduce that from various cannon behaviour. If you want fluff expansion on that, I put some in my article.
You have misread my post there. I am likening the hacker player purchasing six high rating agents to the samurai with the assault cannons or the rigger with the five steel lynxes. Not to the Agent Smith problem. I'm basically saying that it's acceptable for a player to go and buy multiple agents because it has the same constraints as these parallel situations. As Serbitar said - once you've blown the stealth part of the run, firepower is only going to help so much.
Well I can come up with several reasons why this isn't so. For one, there is a difference between a lack of perfect copy protection and no copy protection. There could well be a lag between software being developed and it propagating to everyone. And whilst corps might be happy to do things that are illegal, are they willing to be caught? Because that's what happens when Fuchi deploys Renraku Counter Intrusion Package v.8.54 on all their nodes. And even if that weren't the case, there's all the time reverse engineering it and checking it. "I'm sorry - you were going to depend on a rival's software for your protection? Backdoors? No - never heard of them." So you're developing your own IC or your buying it from someone you trust. If you're developing your own IC, then maybe you do have higher rating stuff all over the place. But then a hacker breaking into "IC Manufacturing Ltd." really should expect that. :D But most corps aren't actually in the IC manufacturing business (and aren't good enough to be, anyway). So they're buying it from third parties like Renraku. What do they go for? Do they licence the nova-hot governmental package at :nuyen: 1.4million per system per annum, or do they save themselves a few billion with the standard package? And don't forget that realistically, both IC and hacking software will degrade in effectiveness over time as new exploits are found, old techniques dropped. And that process accelerates with exposure. You might have got your virtual paws on a rating 6 stealth program, but if you spread a copy of that around to every 2-bit hacker on the Matrix, then you can be sure that the IC you try to sneak past next week will have been patched to deal with some of your best tricks. The same is true for corps deploying the latest and greatest IC in every little office. So it's not just a case of system maintainers having to keep every single node up to date, it's also a question of whether they should and how little they can get away with! I can come up with more, but my fingertips are getting pretty bruised by this point. Plenty of reasons for IC rating 3, anyway. |
||||||||||
|
|
|
||||||||||
|
Feb 10 2007, 07:02 PM
Post
#185
|
|||
|
Great Dragon Group: Members Posts: 5,537 Joined: 27-August 06 From: Albuquerque NM Member No.: 9,234 |
Where the heck does this millions stuff come from? Assuming you pay list (which is never the case for volume purchases), it's 12K more for a level 6 than a level 3. Let me also point out the concepts of "site licenses" and "support contract with software upgrades" are popular for a reason. So no, it makes absolutely no sense. |
||
|
|
|
||
|
Feb 10 2007, 07:03 PM
Post
#186
|
|||||||||||||
|
Moving Target Group: Members Posts: 745 Joined: 2-January 07 From: Los Angeles, CA Member No.: 10,510 |
I'm not responding to the rest of your post, other than to say, "Oh. Yeah, I can pretty much accept that then."
This is a fine fundemental theory to work with, but I really think you should question it. The whole principle in cyberpunk is that increases in information technology have changed certain principles (like this) that we've become accustomed to dealing with or ignoring in the real world. There's no reason why this assumption should carry forward into an advanced computer society except "the GM/game designer said so". Hackers can do extraordinary amounts of damage, construction, and editing to a remote system within the span of a few minutes or hours. It's hard to believe they couldn't copy a legitimate program in the same timeframe using their own custom software, agents, and hardware. Unless copy protection was perfect or so incredibly sophisticated compared to the best maximum-security datanode. Btw, I really think copy protection should be "IC" rather than an abstract feature. If we could have abstract security features instead of IC, why don't we have more?
Why? Agents and trid pirates specialize in distributing illegal information, and not just to people out there looking for it. Furthermore, in the Shadowrun society, software (and even hardware) could well find themselves in the hands of everyone before it's been officially developed and released commercially.
Wait. In your world everyone must program their own IC? Okay, no wonder your IC ratings are so low.
But commercially bought software from Renraku is just as likely to have bugs and back doors in it! It's actually better and more reliable to go to the black market for pirated software from reputable hackers. And copy protection could be removed along with the backdoors. (If you say copy protection is firmware, I really don't see why hidden backdoors shouldn't be, too. And hackers *do* have hardware skills.)
All the more reason to pirate all the latest software for free rather than wait for an official release or patch after the software's become useless or bugs have been exploited. See the problem with assuming that selling software is somehow easier or better than pirating is that in the Matrix, both the pirate and the megacorp share similiar distribution channels. They can each distribute their stuff just as effectively and just as quickly. In many cases, the pirated versions may actually be released first and have had all of their advertisements, backdoors, inconvinient features, spyware, and copy protection removed by expert hackers. One has to wonder how software development is profitable at all. (I have my theories about that, actually... they rely on a new social/business/legal system that disregards the copyright "information is exclusive property" principle. Basically, people get paid to develop stuff as a service rather than getting paid to buy stuff developed as property.)
But you have this exact same case if you just buy the programs rather than buy pirated versions. Like I said, they're the same distribution channels. I suppose an artificially high price will curb demand a little, but it seems weird that the effectiveness of a program would be reliant on social dynamics influenced through price controls. And the theory breaks down so long as there is any group out there that can develop or pirate free software, effectively lowering the value of all other software. Basically you have the same problem either way. Presenting it in this faction just makes the argument kind of circular, "Price is linked to effectiveness which is linked to distribution, therefore rating 6 IC will be rare because they will be effective and higher-priced. They will be effective and higher priced because they are rare." |
||||||||||||
|
|
|
||||||||||||
|
Feb 10 2007, 07:45 PM
Post
#187
|
|||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Actually cost of IC with any useful programs at rating 6 actually comes to at least 21,000:nuyen: But regardless, I find it highly unlikely that when Seattle Power Inc. purchases their IC software from Renraku with an 84 node, two year licence with support contract and update rights, that you can use the SR4 gear list to calculate cost. Heck, Microsoft will charge you according to how many processors you run their software on and we can rely on 2070 megacorps to charge whatever the market will bear and I think that has to be more than would allow people to treat rating 6 software as a commodity. But whatever, this is a side point and I have to deal with Cetiah's post next which is going to take a bit more work. ;) Let me just clarify that what I am doing is providing a good solid fluff reasons to support the BBB. We know that rating 3 is the midpoint for most things and under your justifications, you're going to end up with a world where everyone has Rating 6 IC everywhere. This doesn't line up with what we see in the RAW and it certainly doesn't line up with a fun game. So while I get what you're saying, if you reject my suggestions, then you're going to need to come up with your own or face a lot of dead hackers in your game. ;) |
||||
|
|
|
||||
|
Feb 10 2007, 08:05 PM
Post
#188
|
|||
|
Great Dragon Group: Members Posts: 5,537 Joined: 27-August 06 From: Albuquerque NM Member No.: 9,234 |
I find the entire concept of writing rules designed to recreate TRON to be silly and pointless, not to mention that the SR4 version is pretty darn hosed in other ways. I keep hoping someone will try to come up with rules that produce a system that seems less silly. |
||
|
|
|
||
|
Feb 10 2007, 08:16 PM
Post
#189
|
|||||
|
Moving Target Group: Members Posts: 745 Joined: 2-January 07 From: Los Angeles, CA Member No.: 10,510 |
kzt, Have you seen my custom hacking rules? I'm not saying its perfect, but it was meant for GMs that didn't want to deal with VR but wanted something more akin to command-line hacking security devices while on runs. It has little to no loyalty to the Shadowrun hacking rules. Check it out. You might be interested. Cetiah's Custom Hacking Rules Here is the thread where the hacking rules were first introduced. |
||||
|
|
|
||||
|
Feb 10 2007, 08:39 PM
Post
#190
|
|||||||||||||||||||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Cetiah, I'm afraid that I disagree very strongly with your conclusions.
This is an aside, but I neither realised that the whole prinicple of cyberpunk was that I.T. had changed certain principles such as copy protection nor that Shadowrun was necessarily "cyberpunk." We know that there is copy protection in SR because we have rules for it and the gear list for software implies that regardless of whether or not it is perfect, it is at least sufficient to have an effect on the market. You went straight from copy protection can be broken to instant transmission of anything anyone produced. The effect of copy protection was only one of my arguments for software not being universally free, but it's one that I'm not happy to discard. I think it's still a factor. Not the be all and end all, but that's not what I said. It is a factor.
I'm not in agreement that the former (able to wreak great damage) implies the latter (able to crack encryption in no time). If I have access rights to a server, I can wipe all the files with a keypress, but I can't crack the 256-bit encryption on a PGP encrypted email with all the years in the Universe. I think if we're drawing from the real world, then the likely case is that no hacker would be able to crack even half decent encryption at all. But I'm not allowed to draw from the real world if I wish to stay compatible with RAW as we have rules that tell us how easy / hard it is to crack encryption. For my purposes, I don't want to break with RAW unless RAW is very silly indeed, and given my lack of knowledge about 2070 encryption, I can't judge that. So I'm taking the RAW over your preconception that encryption would be insignificant to break. Unless you can give me good solid reasons why this would be so. I do like the idea of encryption as IC and in fact this was the case back in SR1. You could even copy the file with the IC still attached and do battle with it in your cyberdeck later, after the run.
I have great pity for the trid pirate that posts Renraku's cutting edge security packages on a public bulletin board. But really, I think you have too simplistic a view of this. If you re-read what I wrote, you'll find I made points about reverse engineering the software, about trusting it and cracking it. If (and I'm not going to grant you that it's something other than an 'if) you were to get hold of the Renraku Security Tools Suite (Orichcalcum Edition) as a non-running, installable package, then I'd invite you to consider the following stages that must be gone through. 1. Cracking the encryption on it. 2. Cracking it so that it can be installed without the various keys, codes and licences. 3. Reverse engineering it so that you can identify any sneaky-weaky gotchas and traps in it, such as contacting Renraku HQ every now and then to let them know where and how it is deployed (note that for purposes of updates, verification that the package hasn't been corrupted / compromised, etc. that this feature would be desirable to their customers). 4. Reverse engineering it so that you can be sure that there aren't any security holes in it, such as backdoors for approved Renraku security personnel. 5. Distributing anonymously and avoiding the might of some of the big players (and if we're talking Rating 6, still, then we're talking big players). 6. The fact that the wider you distribute this package, the more the hacking community in general become familiar with its techniques and weaknesses (effectively its rating drops). I think that's a good starting point to justify a lag in distribution, personally. And remember that any lag can again result in a lower effective rating because the impression I get from Shadowrun fluff is that this is a fast moving world. For any updates to the IC, most of the above steps will still apply whilst the legitimate customer just gets them and can relax, knowing he's patched and up to date.
I didn't say that. And in fact the next part that you quote from me states explicitly that I think most people would puchase from a third party. And as to being "so low" I said that the average IC would be rating 3. This is backed up by the BBB which gives 3 as the average rating for most pieces of gear. If everyone has rating 6 everywhere then it's going to be a dull game for hacker characters.
I'm afraid that you lost me when you said that a corporation would be more likely to purchase their office security systems from a "reputable hacker" than from an internationally recognised and successful corporation such as Renraku in my example. I will list the problems with this that spring immediately to mind (I'm sure I could list more): 1. Reprisals from Renraky or whoever when they notice you're running a pirate copy of their latest software. Believe me that a lawsuit from them would cost a whole lot more than buying a legal copy. 2. Support contracts, updates, legal guarantees, etc. I would be seriously worried if I found out my company's security depended on a guy called "The Amazing Electric Samurai" who might be shot, imprisoned, bored or grounded by his mother the day I get an intrusion. 3. Knowing that what I'm getting is actually what I'm paying for. If I get v.2.65 from Renraku, then I know that's what I got. If it's been through a chain of two dozen hackers, then I have much more reason to doubt it. (And if I'm dealing with the guy who ripped it off from Renraku himself then that's double the reason not to expect him to be around much longer) 4. Backdoors. To me you have this completely backwards. Something from a criminal hacker is far far more likely to have security holes deliberately introduced into it than something from the manufacturer. I introduced the issue of backdoors earlier to illustrate a reason why a big megacorp wouldn't use ripped off security software from another, not to say that because you've taken one small risk, you might as well take several very big ones. Even if a megacorp has a backdoor in their product, they'd need a massive reason to take the publicity hit that would go with being caught using it. Mr. Criminal hacker? He's already up to his eyes in it and one more crime wont make a difference. I don't know why you thought I would claim the backdoors lie in firmware. Firmware is kind of the program that lives at the hardware level. You wouldn't find it in an agent. Well, you could postulate the Cisco BlackHammer hardware ICwall, but that's not how I see this and the BBB suggests otherwise quite strongly. I raised firmware to explain the level that protocols against self-replication in the Matrix may work. The point still stands.
They are not the same. Distribution method for Renraku is go to their public site, add IC package to your account and await delivery / support engineer. Distribution for pirate version is hang out in hackers' Matrix club (having found it first), ask someone who's icon is a giant jet propelled penis if this is really the latest Renraku IC package, take their word for it, convince your manager that you can save the company lots of money by installing this instead of buying a legit copy but that he really doesn't want to fire you if you're wrong. Repeat.
So how much did you pay for your last CD? DVD? The oil in your car? Of course the megacorporations are going to screw you out of every bit of profit they can get away with. Especially in a world as dystopian as Shadowrun. I don't think this is the way the real world is going, but it's absolutely the way 2070 works. When distribution and replication costs are zero, controlling supply and demand is the only way to make a profit. Well, that's my take on it, anyway. ;) EDIT: We've now gone wildly off the original topic of replicating agents, so can I take it that we've now dealt with that problem and it is resolved? |
||||||||||||||||||||
|
|
|
||||||||||||||||||||
|
Feb 10 2007, 08:42 PM
Post
#191
|
|||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
:rotfl: Well then you're kind of playing the wrong game, a bit? ;) |
||||
|
|
|
||||
|
Feb 10 2007, 09:25 PM
Post
#192
|
|||
|
Moving Target Group: Members Posts: 745 Joined: 2-January 07 From: Los Angeles, CA Member No.: 10,510 |
Yeah, obviously we have radically different preconceptions of the way security software works in Shadowrun. In my campaigns, corps are paranoid and heavily involved in the shadows, organized crime, and are in fact the cause of many "openings" in the system we refer to as Shadows. They are not inherently good, honest, dependable, reliable, community-serving members that want omni-compatable up-to-date software for all of their clients - citizen, criminal, and corporation alike. In my campaign the hackers have developed Data Haven communities that are kind of the equivilent to open--source communities today, except that major corp influence have made these communities illegal. They are constantly exposing the nefarious corporate agendas to the public and working for private employers to hinder their convoluted schemes toward economic manipulation. Also, in my world economies are demand-driven rather than supply-driven and corps can't just "stick it to the consumers" whenever they want. I also do follow on the idea that communication is so advanced and abundant that once any info hits the Matrix, it's pretty much public. Essentially, there is no lag when it comes to distributing information. This is a problem, yes, but one I can't find a way to work around while still keeping these themes. So yeah I think our fundemental concepts of the world are just different. Our opinions on economics, data distribution, and hacker communities differ greatly. |
||
|
|
|
||
|
Feb 10 2007, 10:13 PM
Post
#193
|
|||||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Cetiah, your future sounds like how I see the real world going in many ways and it makes sense. But I'm arguing from a point of view that I feel is as close to cannon as I can. I assure you that corps in my game are far from honest, community-serving entities as you imply and I don't think the business comparisons that I drew between corporate and pirate providers of programs would require them to be. I guess I'm responding in this way mainly because I don't want a misconception about me that what I'm presenting is anything other than RAW. I think everything I've said is consistent with both rules and fluff. I guess I'm also posting about this because I want to establish that the agent smith solution I proposed was entirely reasoned out on technical grounds and the logic isn't affected by whether we play in your political interpretation or another. The fact that you used that reference as the quoted introduction to comments on the differences between social-economic settings made me concerned that others would read the solution as dependent on an issue of setting flavour which it is not. It's based on cannon SR technology. None of this is a criticism of your setting, by the way. Just wanted to say that because sometimes forum discussions get a bit tennis-like, with each post being seen as a counter-argument to the one before it. Thanks for your insights as you've very much helped me flesh out my interpretations and fill in several holes.
Maybe go with it. The potential damage for misinformation is even more increased in such circumstances. And a successful backdoor or IC trap that did make it through the screening effectively would be devastating. If you could wrap up some sort of data bomb that did Black IC style damage in something very popular with hackers such as an advanced, prototype attack program, then it could be devastating to the world hacker community. Run idea: the players are the ones who are initially set up to steal the prototype program. Then once they're basking in the fame and glory of having given the world this popular tool... worldwide hacker coma party! Just a thought. :) |
||||||
|
|
|
||||||
|
Feb 10 2007, 10:26 PM
Post
#194
|
|||
|
Moving Target Group: Members Posts: 745 Joined: 2-January 07 From: Los Angeles, CA Member No.: 10,510 |
But that was the point. The PCs wouldn't just download the advanced attack program and pass it on. They would decrypt it and defuse it first. Thus, the program that was eventually released through the PCs (hackers) would be better than the trapped ones they initially got from the corp or that the corp is distributing commercially. They could remove flaws from the program and THEN distribute the data. Whereas buying or stealing from the corp forces each hacker to do it themselves. (They might even take the time to remove the "bug" that causes the system to crash whenever they try to move it to another datanode...) The pirated program distributed by the PCs would be better, less buggy, and cheaper. The PCs could even distribute as many free copies as possible all they want once they were paid for the run. In order to prevent this, you need copy prevention security that is so good that even PC hackers couldn't break it. That's what I define as "perfect security". Because all it takes is a couple of hackers to be doing something like this. And its likely more than a couple will be trying... for some, it's a job, for others its a hobby, for yet others its a way of life. |
||
|
|
|
||
|
Feb 10 2007, 10:54 PM
Post
#195
|
|||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
No, you've not got the point. The idea is that the corps, knowing that the PCs will distribute it to everyone, take advantage of this by booby-trapping it so that the PCs don't catch the booby trap. You're giving your hackers a level of competence that I can't get my head around. If you want them to be that good, then so be it, but I have a very good friend who is a very good programmer and I get the impression that reverse engineering something as massively complicated as a rating 6 (or 7 as we're talking plot device here) attack program is a hugely complicated task. It occurs to me that as the program is intended to cause people damage, hiding a booby trap might even be easier than you'd think. And it has nothing to do with copy protection. I don't know where you got that from. The point is that it can be copied. Take it or leave it, anyway. |
||||
|
|
|
||||
|
Feb 11 2007, 05:38 AM
Post
#196
|
|||
|
Great Dragon Group: Members Posts: 5,537 Joined: 27-August 06 From: Albuquerque NM Member No.: 9,234 |
Essentially computer security in SR is much worse than in the RW, in that it's much more likely for useful and valuable data to go missing. This would tend to suggest that the logical way to get access to a really cool package would be to steal the source code. Once you have that it's pretty trivial to remove all the junk that isn't useful. Then you can sell black market versions. Or you could just post the entire package's source for other people to play with. |
||
|
|
|
||
|
Feb 11 2007, 09:43 AM
Post
#197
|
|||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
>>>Never programmed professionally? ;) Actually, if we were talking booby trapping something so that it calls home or somesuch, then it could be quite possible to do this in such a way that it was a lot of work to be certain you'd rooted it out. I agree it would be far more feasible to do this if you had the actual source code (which would be guarded like a dragon guards his testicles), but I still think it would be a big task. What if one of the accompanying libraries had a "call home" boobytrap that activated when a particular parameter was passed to it. Something innocuous and unless you study the code to exhaustion you'll never spot it. Now you not only have to have the source code for the libraries but also examine them. And breaking compatability with any existing hacked libraries that your enemy might have is trivial. Just to check I wasn't talking rubbish (I don't think I am), I downloaded the source for Firefox. Uncompressed it runs to 220 MB which is who knows how many lines of code. And I would guess that this is an order of magnitude smaller than a high-rating attack IC program of 2070. I agree what you say is possible when lots of people are involved in the "cleansing" project. I disagree quite a lot with the word 'trivial' that you used. And again, I'll highlight the time constraints as you're working on a moving, updating target. |
||
|
|
|
||
|
Feb 11 2007, 04:20 PM
Post
#198
|
|||||
|
Moving Target Group: Members Posts: 745 Joined: 2-January 07 From: Los Angeles, CA Member No.: 10,510 |
Okay, but in the world of Shadowrun this is just a Software test. What you consider incredibly difficult is... what? Threshold 4? 5? |
||||
|
|
|
||||
|
Feb 11 2007, 06:42 PM
Post
#199
|
|||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Seriously? It would have to be an extended test, I think, to account for the time span and the fact that it will be a team effort (probably). SR4 gives a target of 12 hits for an extremely difficult test, but anyone with 10 dice in their pool is likely to make this quite easily. Even 16+ for Extreme difficulty is too low, really, when you don't have any time constraints. So probably I'd set it at 25 - 30 with an interval of 1 month. The way you've portrayed it, it sounds as though there will be a team of hackers working on it, so it still wouldn't be difficult. Really the Shadowrun system doesn't handle it very well. For me I'd either just rule it as a plot device or more likely mislead the players into not bothering to check. If the set-up is good enough, then they'll believe they've just boosted bleeding edge software from the most secure parts of a megacorp. They might do their routine scans to remove any call-home / update software but might not scan it for the line that reads: if (date == 20701213) {user.brain_fry();} If that doesn't work then with the amount of money the megacorps have, it shouldn't be hard to turn one of the hackers to their side. I've learnt as a GM, that neither murder, nor wealth, nor deviancy in a villain riles the players up as much as simple treachery and getting away with it. Anyway, looks as though the Agent Smith problem is kind of answered now, which is what I was mainly interested in. Regards, -K. |
||
|
|
|
||
|
Feb 11 2007, 07:36 PM
Post
#200
|
|
|
Horror Group: Members Posts: 5,322 Joined: 15-June 05 From: BumFuck, New Jersey Member No.: 7,445 |
I don't think there's really any reason to amp up the difficulty threshhold, Knasser.
16 sounds like it's enough, with an interval check of 1 day or so. Frankly, we're talking about novahot deckers and hackers, not wageslave programmers and hobbyists. They should be able to crack this stuff inside of a month, not two or three YEARS. |
|
|
|
|
|
Lo-Fi Version | Time is now: 30th November 2025 - 11:03 PM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.