 SR4 Matrix and the plot |
  |
 Jul 15 2007, 02:56 PM
Post
#51
|
|
|
Great Dragon  Group: Members Posts: 5,430 Joined: 10-January 05 From: Fort Worth, Texas Member No.: 6,957  |
Why does the agent need to break copy protection? Couldn't his hacker creator do it, then have the agent use Edit to copy the now unprotected software?
|
 |
 
|
|
Jul 15 2007, 03:06 PM
Post
#52
|
|
|
Moving Target Group: Members Posts: 341 Joined: 3-October 05 Member No.: 7,802 |
As I said this is a game, sometimes reality must be suspended. Whilst I'm no network specialist I have a basic grounding from studying computing for four years, albeit with a software development bias. I understand these ideas for security, and I still believe even in rl some things like sales records would need to be accessed real time. However if it is a choice of reality or fun I would throw reality straight out the window.
This is naturally something every group will vary on, since some groups might be filled with highly technical people and others not. I've noticed there are a few areas in SR where different groups take different stands based on people's backgrounds, the most obvious two to me being the matrix for some of us and firearms etc for the military or ex-military people. It is also in some ways perhaps a matter of personal balance about what you find fun. Myself I can suspend my disbelief simply to make life more bearable for myself. In short I don't think there really sia right or wrong so long as you can cope with the direction you take and the GM/players enjoy it. |
|
|
|
|
Jul 15 2007, 05:02 PM
Post
#53
|
|
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Personally, I'm arguing from a position of what the rules say. We can invent fluff reasons for any position we choose, and I can produce very good fluff reasons against the botnet argument. But everything I'm saying so far is drawn directly from the RAW and hasn't varied from it. |
|
|
|
|
Jul 15 2007, 05:18 PM
Post
#54
|
|||||||||||||||||||
|
Cybernetic Blood Mage Group: Members Posts: 3,472 Joined: 11-March 06 From: Northeastern Wyoming Member No.: 8,361 |
Sure, but when a Decker who for whatever reason has decided to basically brute force her way through your system (As Crusher Bob and kzt has pointed out, it would be alot easier and safer to sniff around until you found someone with legal access to Node D.) still has a ~20-25% chance of breaking through to paydata whose release might very well hurt the corp is going to been seen as an unacceptable risk by any reasonable CEO.
Sure, IC and Agents are exactly the same rules-wise, the problem is that I read the following and come away with a different spin on things.
So I'm not so sure that you can have an Agent present in Node A but using the resources of Node E given that they are operating independently.
No, because Node D is running enough programs to force a second Responce drop at ( System 4 ). Node D Responce 5 Analyze IC A IC B Analyze Responce 4 (Remember that the drop takes place at System, and not System +1) Armor Attack Encrypt Armor Responce 3 Attack So in order to remain at Reponse 4 you need to either buy System 5 or drop two programs off of the node's load, and the node is running at Responce 4 even before the second IC gets activated.
Is this the quote you are referring to? I read it and to me it clearly means that the IC is embedded into the encryption and is activated once the file is decrypted as a second line of defense. However I guess we'll have to wait for Unwired to see which one of us is reading it correctly since there don't seem to be any actual rules either way.
And I still disagree, if the IC is part of the encryption scheme then it isn't even going to be activated until Shade tries to decrypt the file offline.
Sure, the problem is that the odds are still too high in favor of the Decker, as for simply throwing more IC at the system, tell me, exactly how much does this system of yours cost to setup legally? And remember that both of us only went through the example where Shade was most likely to fail, her chances of sucess goes up greatly using kzt's and Crusher Bob's sugestion. |
||||||||||||||||||
|
|
|
||||||||||||||||||
|
Jul 15 2007, 05:25 PM
Post
#55
|
|||
|
Cybernetic Blood Mage Group: Members Posts: 3,472 Joined: 11-March 06 From: Northeastern Wyoming Member No.: 8,361 |
Are you sure of this? I may be missing something but if that is true then Emergence goes right out of the window since there isn't any reason to fear a new Mega-Virus if viruses can't exist anymore. |
||
|
|
|
||
|
Jul 15 2007, 06:22 PM
Post
#56
|
|||||||||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
It's just under 20% chance of being undetected in the example given. I rounded up. I felt that this was sufficient to show that it is not trivial to break into a system which is what people have been saying. This is a professional standard hacker with good equipment doing his best and odds are very good he'll fail. However, I can reduce it much, much further without resorting to keeping my systems offline and crippling my efficiency. You ask:
Well you need a comparable system to this even if you're not connected to the Matrix. You're the one that keeps telling me how corps are being attacked every day, so they need to deal with the break-ins. Otherwise your security consists of a locked door! So if you want to reduce the remote hacker's chances even further, we only really need to consider the extra cost beyond that. Lets say we add two rating 4 agents w. Analyze 4. Analyse is all they'll really need as they just have to alert the combat IC, or log users off a node, or whatever. Additional cost = 20,800 :nuyen: . That's an additional two opposed rolls of eight dice vs. nine dice (assuming hot sim) that the hacker must make. We've now reduced our well-equipped and professional hacker to a 9% chance of going undetected. Repeat that and the hacker is down to 4%.
I can see how you could read it that way, but it seems pretty clear to me that an agent can run on a node (i.e. a PCs commlink) whilst being present in another. It doesn't make sense otherwise. It would also be very confusing when an agent was present in more than one node at once, eh?
You're right. My apologies. Adjust the System rating from 4 to 5 and we're good again. That's if you don't mind the corp splashing out an extra 500 :nuyen: . ;) Regarding the Encryption IC, you could not play it that way if you wished. My interpretation is also valid however, and I've provided a good logical reason for why mine makes sense... so unless a GM were deliberately trying to create a world where Encryption was weak, then you can use IC this way. Wouldn't you as GM prefer to have this option? ;) :D But I will be very, very surprised Unwired doesn't make this explicitly one of the ways of doing things. You can't deny that it makes good sense and is in line with other SR 2070 Matrix technology.
Kzt's example being that a login and password could be stolen? Try a biometric reader, plus known password, plus passkey. It's a good start, yes? But we seem to have gone back to the question of working from home. You're actually arguing that offices aren't safe maintaining an outside connection in general! Anyway, there are plenty of companies that are keen to have remote access systems today with the same risk. And before you say it, no the strength of encryption doesn't make a difference to KZT's attack because a stolen username+password affects today's systems just as much. So I think companies in 2070 will be happy to do the same. |
||||||||||
|
|
|
||||||||||
|
Jul 15 2007, 06:25 PM
Post
#57
|
|||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Emergence is all about how the media make scapegoats out of people and fabricate baseless lies, the gap between fear and reality, and all that. If I recall correctly, it was the main point it. ;) But my main point was that the rules don't support what Kzt was talking about. |
||||
|
|
|
||||
|
Jul 15 2007, 07:49 PM
Post
#58
|
|||
|
Moving Target Group: Members Posts: 946 Joined: 16-September 05 From: London Member No.: 7,753 |
Case [from Neuromancer] is a talented Decker, and he took DAYS to scope out the target networks that he hacked. So does the guy in Swordfsh. My point being that hacking on the run is not the best way to do things.. ..It's much better to do some research, tweak software for the network to be hacked, etc. Just my thruppence.. |
||
|
|
|
||
|
Jul 15 2007, 10:21 PM
Post
#59
|
|||
|
Great Dragon Group: Members Posts: 5,537 Joined: 27-August 06 From: Albuquerque NM Member No.: 9,234 |
Yeah, which is why following the crash of 29 and the horrible disaster that followed all online data being destroyed NOBODY did off line backups? Hence they were all destroyed 35 years later? This is supposed to show that computer security and operations are run by vaguely intelligent people? Give me a break. You can't determine anything from the fluff, unless you assume that you are required to get a lobotomy before you can touch a computer. In which case the history make complete sense, because it's all being carried out by people suffering from induced mental retardation. Everyone can hack. Hackers are glamorous. The fluff shows lots of kids hack. It's obvious that not all hackers get hunted down and killed when they are learning or hackers would be an uncommon archetype, as role playing a dead guy is kind of boring and nobody gets born with skills and software. |
||
|
|
|
||
|
Jul 15 2007, 10:38 PM
Post
#60
|
|||||||||||||
|
Cybernetic Blood Mage Group: Members Posts: 3,472 Joined: 11-March 06 From: Northeastern Wyoming Member No.: 8,361 |
No, what people have been saying is that without real world encryption you can't have the same level of data security that corps enjoy in the real world, and if a Decker running ( Rating 4 ) programs has basically a one-in-five chance of being able to brute-force hack her way through your entire system then that isn't an acceptable risk.
You see that isn't quite true, once you force a Decker to use the "hack on the fly" rules as well as deal with the physical security that you were going to have to buy anyways you don't need to keep piling on Agent after Agent in order to hose her chances of sucess, you've already done that in a far more cost effective manner when coupled with buying some ( Rating 6 ) Firewalls. Locked doors are quite effective when they take away an intruder's greatest tool as well as allow you to use assists that you already have anyways.
Sure, assuming that you allow Agents to be present in multiple nodes at once without being loaded into a Decker's persona in the first place.
Actually no, I don't agree that your interuptation really jives with Fourth Edition at all, and will be suprised if Unwired does actually work this way. That one sentence states that you can use encrypted IC as a second line of defense, not that the IC becomes the primary defense with encryption as a weak afterthought. Also as an aside, I didn't set out to make encryption weak in the Sixth World, RAW did though.
Yes, I am arguing that it isn't safe to keep your sensitive data online, to me the idea of a tele-office is at best a connected side issue. However you were the one who insisted on using a tele-office as an example of a corp being able to provide security so if you don't want working from home to be an issue then don't bring it up. As for linked passcodes and passkeys, sure they provide an extra layer of security. The problem is that they are only as protected as the wageslave's apartment so they aren't a magic bullet either. Also unless the corp in question is going to actually trench in hardwired connections to every access point then it's not really that difficult the intercept Matrix traffic.
Sure, a stolen username/password would allow you into today's systems. However encryption does play a huge role in ensuring that anyone intercepting your traffic only gets a bunch of glibberish as opposed to being able to see everything that you're doing. Also once they are in, the legal account isn't going to help them with whatever encryption keys they might need to decrypt a file, so yes, encryption DOES play a huge role in today's security. So no matter how you slice it without real encryption you simply can't have the same data security that is possible today. You can't look at what companies do in the First World today to figure out how things work in Shadowrun, things just simply don't work the same way. |
||||||||||||
|
|
|
||||||||||||
|
Jul 15 2007, 10:47 PM
Post
#61
|
|||
|
Great Dragon Group: Members Posts: 5,537 Joined: 27-August 06 From: Albuquerque NM Member No.: 9,234 |
The actual example that I used was putting sniffer on the wired connection. In the real world, people connecting remotely to vaguely secure networks used encrypted connections (SSH or VPN) such that all you see is noise. You can't steal the passwords, because it's all encrypted. In SR, I see the actual user name and password. And adding biometrics doesn't help, because I see the actual data being sent and I can just add that to my attempt to login. Anyhow, with a sniffer on line I'm also seeing the data stream itself. Which, if it has anything useful in it, I can steal. So there are three options if you want to run home offices: Assume that everything that is being sent is public knowledge (like the old analogy of email being akin to writing your message on a postcard for anyone handling it to see) or extend the physical security perimeter of the company to that of every employees house. Or assume that encryption really works and just deal with it. It's not that hard to make it work in a rational fashion. |
||
|
|
|
||
|
|
Lo-Fi Version | Time is now: 29th June 2026 - 10:33 AM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.