 Offices., They exist? |
  |
 May 12 2007, 12:35 PM
Post
#51
|
|
|
Running Target  Group: Members Posts: 1,266 Joined: 3-June 06 From: UK Member No.: 8,638  |
I don't think the office will have gone entirely the way of the dodo. There will still be folk that want staff meetings with people physically present and stuff. It depends more on the kind of business model. There are plenty of jobs that require an actual physical presence (health clinics leap immediately to mind) just as there are many that might be distributed.
Personally I see lots of wage slaves living in Corporate Housing, either in or close to their 'offices', and in or on an archology or corporate compound. The idea of lots of people practically living in their cubicles, having minimal personal effects seems very cyberpunk to me. Sort of the inverse of a home office, and instead an office home. |
 |
 
|
|
May 12 2007, 01:05 PM
Post
#52
|
|
|
Runner Group: Members Posts: 3,009 Joined: 25-September 06 From: Paris, France Member No.: 9,466 |
Yes, it's more cyberpunk this way (in one of my short stories I mention a guy whose wife had maternity leave: she could work from her home).
But the problem is, it doesn't make much sense. By allowing office workers to work from home by connecting to a virtual office, you can save a lot of money without really affecting the productivity... |
|
|
|
|
May 12 2007, 01:11 PM
Post
#53
|
|||||
|
Immortal Elf Group: Members Posts: 11,410 Joined: 1-October 03 From: Pittsburgh Member No.: 5,670 |
that's under the control of the person who possesses the card. they can easily learn to fake the signature, since they have a copy to start from.
dude, come on. the fact that people continue doing something is far from proof that what they're doing isn't stupid or pointless. signatures remain in use because they've got the weight of tradition behind them. the prevalence of identity theft proves beyond doubt that signatures are useless for security--maybe even worse than useless, because people still think that signatures offer protection. |
||||
|
|
|
||||
|
May 12 2007, 01:29 PM
Post
#54
|
|||||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Earlier you claimed that electronic signatures could not be used because they were forgeable and you could not be certain of authenticity. I said signatures are forgeable and you could not be certain of authenticity. You argued they could. I said they couldn't. You now say "so what?" It doesn't prevent them being used. Please join this last statement up with the first. There is a disconnect here. You are now agreeing with me that electronic signatures have no disadvantage compared to traditional signatures. Sadly, I think your agreement is just an accidental oversight on your part which will be corrected once you realise you haven't been considering the thread as a whole. Now I hope we're done with this as I really wanted to address the issue of offices and for no reason that I can see, something that has no impact on that is spilling all over the place.
Did you read my earlier example about the Node? Home access is pretty much just as secure as on site working under Shadowrun rules. If anything, the fact that the hacker can work from home instead of squatting outside an employees house makes the traditional centralised approach better for the hacker. |
||||||
|
|
|
||||||
|
May 12 2007, 01:33 PM
Post
#55
|
|
|
Great Dragon Group: Members Posts: 7,089 Joined: 4-October 05 Member No.: 7,813 |
any responses to the physical security aspect though?
|
|
|
|
|
May 12 2007, 01:36 PM
Post
#56
|
|||||||
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
'Easily' is a bit exagerated.
Not only. Handwriting still has certain characteristics that can be examined in detail - and those will certainly be used when such a contract disputed is brought to court. But most of the time, it's security is simple pattern matching, because that can be done by anyone... but not anyone can fake them. The point about security is not that it can be broken - it's how easy it is broken, and how easy it is to implement.
Identity theft is usually done by using supposedly 'secret' information... like your birthday, your SSN, etc. |
||||||
|
|
|
||||||
|
May 12 2007, 01:40 PM
Post
#57
|
|
|
Runner Group: Members Posts: 3,009 Joined: 25-September 06 From: Paris, France Member No.: 9,466 |
The physical security isn't important for most office workers... But sure when it matters, it could be nice to have them work in a office (or protect their homes, or have them live on corporate turf).
But in general, there should be not much need for that. |
|
|
|
|
May 12 2007, 01:40 PM
Post
#58
|
|||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Yes, fair point. Physical security of the workers is going to be better in an office (normally). But a question remains as to whether this is a significant degree of "better". If you can change the risk of something bad happening from 40% to 30%, is it really worth taking extreme measures (giving up the whole idea of telecommuting) to achieve it. If your workers live in a secure enclave then the security issue is void and they might as well telecommute. If they live off site and come in to work, then they're still vulnerable to being abducted at home, threats to loved ones, magical or technological control, assasination, etc. What I'm saying is that if there are four doors into your vault, is it worth going to a lot of trouble to lock just one of them? |
||
|
|
|
||
|
May 12 2007, 01:44 PM
Post
#59
|
|||
|
Immortal Elf Group: Members Posts: 11,410 Joined: 1-October 03 From: Pittsburgh Member No.: 5,670 |
it really isn't. anybody can do it, it's not hard. maybe it wouldn't stand up to a handwriting expert, but it will fool 99% of the people who look at it. and if your document is suspicious enough that they call in a handwriting expert to examine it, you've probably screwed up anyway--your point of failure wasn't the signature. when's the last time you heard of an identity thief getting caught because he screwed up the signature on a receipt? what you're talking about, with the close examination and all that, that's really rare. that sort of scrutiny simply isn't going to come into play unless there's already some other reason to suspect the document is a fake. in that case, yes, you'll need an expert forgery. signatures are only an okay method of authentication if they're constantly rigorously scrutinized--which, in most cases, they are not. |
||
|
|
|
||
|
May 12 2007, 01:51 PM
Post
#60
|
|||||||||||
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Because they depend on cryptography and cryptography was never more than a speedbump in SR.
Not really. My point was and will be that it's more likely that an electronic signature will be subverted in SR than a physical.
Still no. Electronic signatures have disadvantages additionally to physical signatures. That's the point in not using them when it matters... to reduce the amount of possible insecurities.
Honestly, I didn't even bother. Every secure installation is offline. Everything else has choke-points that are much easier/cheaper to maintain than upgrading the security elsewhere.
What prevents him from hacking the house? What prevents him from hacking the network hub, tapping into the connection? What prevents the hacker from hacking the central data link at the company? What prevents him from doing all this from home, too? In short, nothing. All your idea manages to create are additional vulnerabilities to the one of a central server at a central office. |
||||||||||
|
|
|
||||||||||
|
May 12 2007, 01:57 PM
Post
#61
|
|||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
No, that is the point. We're talking about something used for authenticity. If the court knows that it's possible for a half-way competent artist to forge a signature, then that is sufficient to negate its usefulness. For legal contracts, the security comes from a trusted third party, either someone with an original copy or a reliable witness to the signing. Makes no difference whether its a written signature or an electronic signature. Well actually, in reality it does because the electronic one is harder to forge, but here I'm only trying to address your strange belief that in SR2070, signatures are going to be anything other than an historical footnote and I'd very much like to get back to the discussion about offices. |
||
|
|
|
||
|
May 12 2007, 02:00 PM
Post
#62
|
|||||||
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Most people are quite... artistically challenged. Especially in a world like SR, where even the ability to read and write is on the decline. But, given training, such things are possible... as are others.
90% of the people don't need to be fooled. ;)
You mean, like the dispute of a contract one side claims things the other doesn't? ;) |
||||||
|
|
|
||||||
|
May 12 2007, 02:06 PM
Post
#63
|
|||||||||||
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Authenticity is just a form of applied security, so it is The Point.
Actually, it's the other way round... it's assumed real until proven otherwise.
And if you go to such lengths, electronic signatures are useless, as the don't provide any benefits anymore.
Actually, in theory, it does - where you can never 100% reproduce a physical signature, any electronic signature, once the encryption is broken, is 100% broken.
Unfortunatly, in SR, it's the other way round. That doesn't mean that people wont use electronic signatures en masse... and probably think those are safe. It just means that important things done by people that know that they aren't won't use them. |
||||||||||
|
|
|
||||||||||
|
May 12 2007, 02:09 PM
Post
#64
|
|||||||||||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Well that about sums it up then. Pretty much all of the rhetorical questions you just levelled at me were actually answered in the post I made. I'll be generous and give you the cliff notes, despite the fact that you seem more interested in telling others what you think rather than listening to what they think.
The same firewall and IC that would prevent him hacking the node on the company site. It's part of a distributed, company node.
This is SR4 and there is no "hub", no SAN, no LTG. But if you're talking about sniffing the wireless data traffic, the fact that it is (a) entirely passive and (b) limited to visual / VR data that the user requires to interact with the node where the data actually resides.
See previous answer regarding hubs, but if you're talking about hacking the company's systems, then the usual IC and firewall stuff.
Nothing - that's my point. It doesn't make a difference. And if it doesn't make a difference then it's not a reason to give up telecommuting. The security is the same. |
||||||||||||
|
|
|
||||||||||||
|
May 12 2007, 02:18 PM
Post
#65
|
|||||||||||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Okay. I really can't believe that you're not now being deliberately and willfullly ignorant. So you're actually saying that whether or not a signature is reliable is not the point? Great - that's what I'm saying. It is not a reliable means of authenticating something. Therefore does not have an advantage over an electronic signature which you say is unreliable.
Again - this is what I'm saying. Neither traditional nor electronic signatures have an advantage over each other (in SR reality, perhaps). But what you stubbornly refuse to accept is that the logical consequence is that if they're equally valid or invalid then there's no reason not to use the more convenient electronic signature.
Hard to believe in a world of cyberarms, skillwires and AR. But the fact that neither of them (in SR) are difficult to forge and the authentication comes from third parties means that the vastly more convenient electronic signatures will be more likely used. |
||||||||||||
|
|
|
||||||||||||
|
May 12 2007, 02:22 PM
Post
#66
|
|
|
Moving Target Group: Members Posts: 511 Joined: 24-March 05 From: On a ledge between Heaven and Hell Member No.: 7,226 |
If I can't make my workers come into the office how can I force them to relocate and buy from the company store? We provide decent living quarters for affordable rates, as well as reliable services. Now they can go downstairs do all their shopping in Company approved and secured stores without worry. The office is just an elevator ride away.
|
|
|
|
|
May 12 2007, 02:23 PM
Post
#67
|
|||||||||
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Oh, so instead of having several networks separated through chokepoints, each of them having additional security, we only have one big node you... So, after hacking in, you have immediate access to... everything. Regardless where you come from... that's a hacker's wet dream... you can't even shut it down if the alarm is triggered. ;)
Wrong. Matrix Topology on p. 206 states otherwise.
No, actually, I'm talking about Intercepting Traffic, p. 224. Which can be used to insert maliceous commands... or code...
The security of your example is a nonexistent nightmare. Even a facility that uses a single chokepoint has more options in the case of an attack. |
||||||||
|
|
|
||||||||
|
May 12 2007, 02:27 PM
Post
#68
|
|||||
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
You still manage to miss the point. It's about the degree of reliability. In SR, this clearly favors physical things.
Electronic singatures just have additional disadvantages, especially in SR. Thanks for agreeing to that one. |
||||
|
|
|
||||
|
May 12 2007, 02:28 PM
Post
#69
|
|||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Now that I like. I think the solution is enclaves. For clarity, I think the problem is that there's no big reason for offices to be very common in SR2070 and yet offices are a staple of shadowruns. But the role of offices can be filled quite well by corporate enclaves. In fact, I think I have just had an excellent idea for a run through a little Renraku enclave where everyone works from home. It will be a slightly different atrmosphere if the runners are sneaking through a suburban street in a gated community. Very cool in fact. On the subject of signatures, I'm done. I will post nothing more. The argument is leaving me with a sour taste in my mouth and it has nothing to do with what this thread is about. |
||
|
|
|
||
|
May 12 2007, 02:48 PM
Post
#70
|
|||||||||||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Taking the points one by one: Firstly, you can have as much security on your distributed node - the home access network - as you can on any "chokepoint" in your office. So it's just as easy or hard for the remote hacker either way. Secondly, it doesn't need to be access to everything once you hacked your way past it. You can have as many nodes as you like. You are thinking that it must be one single node that contains all data just because I said a node can be a network. So can several nodes if that is what you want. Thirdly, you can shut it down with just as much trouble as you can shut down a node "onsite." In SR4, the whole concept of martix being tied to geographic location is archaic.
Where?
Well then you have to hack the node, open yourself up to IC attacks, alerts, etc. And as I said, you can load the node up with just as much security in a distributed network as if it were a single machine in a central office or any choke point. It's just as strong as something where everyone connects on site. Though no working company wont have people connecting from off-site anyway. |
||||||||||||
|
|
|
||||||||||||
|
May 12 2007, 02:59 PM
Post
#71
|
|||||||||||||||
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Basically, your network node is as easy to target as a server directly connected to the matrix. Hacking a chokepoint and then hacking a node is much harder - and hacking chokepoints after those is really ugly.
Either it's a single node, or it's a network with central servers. Pick one. ;)
If you take the chokepoint offline, you are offline - but that's it. If you take your network node offline... you just dumpshocked everyone and ruined what they were working at.
See, hacking a chain of nodes is much harder than hacking a single one. |
||||||||||||||
|
|
|
||||||||||||||
|
May 12 2007, 03:16 PM
Post
#72
|
|||
|
Immortal Elf Group: Members Posts: 11,410 Joined: 1-October 03 From: Pittsburgh Member No.: 5,670 |
making a passable forged signature is not nearly as hard as you're making it out to be, because they are not scrutinized nearly as closely as you think they are. yes, if you're dumb enough to forge a document that is blatantly untrue and whose veracity can easily be checked by outside parties, then it'd better be a damn good one because it's going to get checked--and if it gets checked, it will fail, no matter how good it is. why? because a single mage casting Detect Lies on the guy whose signature you forged can detect the forgery even if it's perfect. you use forgeries in situations where the document isn't likely to be verified. to do otherwise is just dumb. |
||
|
|
|
||
|
May 12 2007, 03:20 PM
Post
#73
|
|||
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
I already agreed that, 90% of the time, you don't even need to fool people. ;) |
||
|
|
|
||
|
May 12 2007, 04:09 PM
Post
#74
|
|
|
Immortal Elf Group: Members Posts: 11,410 Joined: 1-October 03 From: Pittsburgh Member No.: 5,670 |
yeah, humans do seem to get a kick out of fooling themselves, doing most of your work for you in that regard. i think we're basically agreeing with each other, here, except that i'm focusing on the 90% and you're focusing on the 10%. granted, the rules focus on that 10% as well.
|
|
|
|
|
May 12 2007, 04:13 PM
Post
#75
|
|||||
|
Moving Target Group: Members Posts: 410 Joined: 5-April 07 From: Vancouver, BC Member No.: 11,383 |
with all the tech of 2070, you would think that any electronic sig would get cross checked with all you other online sig's and some agent would analyze it to make sure it was legit. |
||||
|
|
|
||||
|
|
Lo-Fi Version | Time is now: 21st June 2026 - 09:06 PM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.