The Drone Hacker, How to build it? Options

[The Jopp]

I think you understand it perfectly, except the password part. Check out page 215 for Passcodes (Authorized Access), that explains a lot of my reasoning. You can have public nodes (webpages/forums) that requires passwords to enter and that means that some nodes MUST be hacked unless you have the correct passcode.

Exploit and hacking is needed to get through and that was the main point, to buy time because you must start hacking a lot earlier, in a node designed for intrusion defense where you have multiple agents/IC that runs constant Analyze tests for just that event instead of the node you WANT to hack.

Its main strength is that you cannot HACK the main commlink directly. SR4 requires you to have access to the Node in order to hack it and unless it has its own signal you must be inside the node that provides it with a matrix connection.

In order to reach the first Node you must get through the router (commlink 2) Yes, it allows data traffic from the main commlink but also ONLY for that commcode. Any other Commcode, persona, icon or agent needs a passcode to get inside, and the main commlink must verify it with another code.

Once that commlink HAS been hacked it’s no biggie to hack the second one – but it requires a second hacking test.

Oh, just thought on something else, these are the layers of defense in this case:

Hidden Signal
Encrypted Signal
Linked Password (Legal Access to B)
Commlink B
Password (Legal Access to A)
Commlink A

The above buys time and increases the risk for someone trying to hack from B to A getting caught.

References:
Network Security (Page 223 SR4)
Hacking and Accounts (Page 221 SR4)
Authorized Access (Page 215 SR4)

[maeel]

u can take an example from reallife:

if a hacker attacks your Computer some firewalls offer the option to diplay the hackers id. However this id is an ip of the hackers ISP, in order to identify the hacker u have to ask the service provider to tell you who had this ip at the time of the attack, or you hack the ISP Server.

Same goes for comlinks, do not assume that everybodys comlink is a router for everybody elses comlink, that would be to much traffic for any wireless device , dedicated satellites excluded. Wireless comunication requires a wired infrastructure like cellular phones do today.
This infrastrcture includes Server (hosts) that forward the requests to the net (basically other servers) and will also forward the results of your request back to your computer (comlink). A command or code and even an attack is such a request.

The big difference between a comlink and a host is that a host is basically a server (it serves information), which is why u can hack it from the net, a comlink however does not serve information to the net, so in order to hack it u would either hack its ISP first to get to it, or you attack it directly by intercepting and spoofing its wireless signals with next infrastructure antenna.

[Jaid]

right... so what you're saying is that i can buy myself some RFID tags (1 nuyen per 20) a firewall program (rating 6, of course) for 3,000 nuyen, and use an encrypt program (we'll assume rating 5 for chargen, so 500 nuyen) on all of those RFID tags... oh, and add in the cost of some fiberoptic cable (however much it is, i doubt that it's much more expensive than, say, myomeric cable... 20 nuyen per meter...)

the result? anyone who wants to hack my commlink has to go through some stupidly large number of encrypted firewall 6 RFIDs (i assume device rating of 1 otherwise... arguably, stealth and security tags should be higher). heck, why not run an analyse program on it to increase it's dicepool... not that it matters.

the important thing is that you're eventually going to glitch or critically glitch, no matter how big your dice pool is, because i can make you hack into 500 nodes before you get into my actual commlink. and sooner or later, if i set up enough nodes, you'll get detected. it will happen at some point or another.

of course, on the other hand, no company, no matter how much of a cheapskate they are, is going to have anything less defending their nodes... i mean, it's costing *maybe* as much as 300 nuyen for some crazy impenetrable defense hardware, and the software can conveniently be copied as much as they like. even if they don't own a legitimate master copy, you can bet there are matrix security companies offering their services who will... so you can forget about hacking anything, pretty much, because it just isn't going to happen.

[Rotbart van Dain...]

That's correct. See the black box on p. 223.

[maeel]

Wrong, RFID are powered by wireless, they are offline without it, secondly you would have to hardwire them, which should prove quite challenging, since it is a closed circuit with microscopic (possibly nanoscopic) scale.

[Wasabi]

Sure, I see how you're explaining it now. I usually sit ont he LTG or on the matrix gateway outside the host waiting for intruders like a bouncer outside his nightclub but sure, you could have a second host and then require a passcode/passkey/exploit test to gain access. Of course, once you auithenticate you're immune to being detected as an intruder unless additional monitoring/measures are taken. If you hack in as Security access or Admin access you just create a legit account, backdate its creation, and then log out of the exploited access and log in using legit access. Then you're no longer in danger of being discovered in that node and can even dump the sprites in the other node by killing its matrix connection. I dont see a huge advantage but I'll concede that it's valid according to RAW.

In the end it makes an intruder no less able to screw the contents up and makes the defenders have to spread out more. If access were ALWAYS challenged for authentication at a chokepoint the delay created might make for good detection but as you describe it I'm not so convinced it'd be a deterrant to a hacker or even do more than slow them down a tad. Heck, take over the first (outer) node and then use it to determine all the passcodes coming in so you gather them all up. I wonder how many folks use the same passcode in multiple nodes. For that matter gather up the biometric signals and reproduce their retinal/finger prints by uploading them from saved copies as often as you like. At worst you might have to edit them in to bypass temp sensors on palm readers, etc.

[Rotbart van Dain...]

[Wasabi]

What sort of Build/Repair roll is necessary for a homemade, hardwired RFID that already costs less than a small fry at McSoyShack? Maybe 2 hits? :-)

[maeel]

I was just pointing out that RFIDs are a poor example.

Wasabi:

Just one example, hacker A pissed off hacker B in the matrix, so hacker B tries to locate his meat to send over his pals. he succeeds until he reaches the host of hacker As ISP. In order to triangulate hacker A he has to hack into the ISP for security rights (+3). The big problem is that it is a F**CKING ISP host, meaning it will be controlled pretty good, because ISPs know that there are hackers and in fact these are what they dislike the most. Once hacker B has succeeded he can try to hack hacker As commlink.

Chaining commlinks will not stop other hackers but will slow them down and increase the chance that they fail. Chaining should be capped by response though.

Another problem i find much more disturbing is layered encryption.
The setup:
H:Hacker
D:drone
commlink HA: encryption A wired to
commlink HB: encryption B connects wireless to

commlink DB: decryption B wired to
commlink DA: decryption A

normaly u just juggle the encrypted code around until it makes sense, which wont work here because code B never makes sense because it is still encrypted...

so while normal decryption takes "encryption rating x 2, 1 Combat turn) to break this encryption i would suggest "encryption rating x 2², 1 Combat turn).

[Narmio]

In order to hack my commlink, first you must hack.... Every single one of these toasters I am carrying! Ahahaha!

Incidentally, they also give some impact armour. And wonderful mid-fight snacking opportunities.

Seriously, guys, stop and think for a moment what this will do to the game. Jopp, you're describing a very specific two-commlink setup, but the rules you're claiming for it cover a million RFID tags or a bandolier of kitchen appliances just as easily.

My experience is that, when the proverbial excreta impacts with the ventilation, players start looking for an edge. Maybe he'll want to route his hax through another comm, then after the dust has settled, what motivation has he got to go back to two? Three? Four?

Unhackable hackers versus unhackable corporate facilities? Millions of nodes to game with? Do you actually want to do this?

[laughingowl]

[Wasabi]

Although it could be house ruled differently using a Trace program does indeed get you the physical jackpoint of the victim. ["Track Action", BBB p219]

The largest vulnerability of a multihost/chained system is locating an intruder. They needn't go to the end of the chain to decrypt. They just have a dozen agents spread through the first three nodes taking as long as they like to decrypt the datastream while the hacker flies cover. If an inner node is being a problem and you have admin rights on a outer node, simply invalidate the other passcodes and let the owner hack his own node. Then as soon he does, manually set off an alarm. Hack his node, initate a reboot, log off, and let him spend his time not taking dumpshock.

Multi-node schemes are colorful but not "all that and a bag of chips".

[maeel]

I think it is save to assume that subscription is only necessary for wireless connected devices. Reallife example: your mobile phones bluetooth headset needs to be subscribed to your phone, while your cable headset does not.

Narmio: go ahead with your toasters, just make sure the power cable is long enough.. :rotfl:
But seriously if a GM allows chaining and i see no reason not to, he should also cap it.

Wasabi: i dont understand what you mean.. mind to elaborate?

[Rotbart van Dain...]

[Wasabi]

maeel:
What I'm saying is that if an intruder wants to listen in he can do it anywhere along the 'pipe' and the 'pipe's length aids the intruder.

[maeel]

Ok, i think i know what you mean, keep in mind my example only applies to connections between two identical chains.
The point i was trying to make is that multilayered encryption poses a much bigger problem in game terms than chaining does. Theoretically you could simply run two encryption programs on one commlink. The time to decrypt does not increase linear with the layers of encryption, but possibly exponentialy if not worse.
if allowed by the GM this has to capped (system? response?)

[Wasabi]

A hacker is limited in how many programs can be loaded at once but a TM isn't limited on how many Complex Forms he can load at once. ACK!

[maeel]

A TM could compile a sprite to use its hash power...

[The Jopp]

[Narmio]

[The Jopp]

[Jaid]

the thing is, there are no rules given for tiered networks, or chokepoints, or anything like that. so far as we know, that could just as easily be an explanation of the difference between a node with firewall 1 and a node with firewall 6, rather than actually being represented by actual nodes.

and making stuff effectively unhackable is a problem with the game. arguing otherwise is like arguing that since a critter with immunity to normal weapons can still be harmed by magic, it wouldn't be unbalancing to the game if you just handed it out to everyone.

just because you can do other things to an unhackable node doesn't make it acceptable that the node is hackproof.

[Rotbart van Dain...]

[The Jopp]

I do agree that it opens up a can of worms in regard to the endless node hacker with X amount of tiered commlinks that he has hidden about his person, but that is just ONE possible way of upping the defense.

Lets look at it from another view then, you skip the tiered node setup and just get 1+ extra commlinks with agents in it. They are all on standby and watch your commlink for intrusion 24/7 and runs constant Analyze too see if someone is stupid enough to hack it.

That is a perfectly valid wireless defence since your commlink is fully hackable but you have 4+ extra Analyze checks at the moment of intrusion and whoever hacked it will most likely be spotted.

We have then skipped the “extra” commlink but added a larger amount of agents from commlinks with a signal setting of zero which gives them an effective range of 0-3 meters so whoever hacks you wont pick up their signal,but they can connect to your commlink.

Add also that the agents have secondary offensive programs...

[Sleepyman]