 IC Armies, Hackability of nodes |
  |
 Aug 26 2007, 08:45 PM
Post
#1
|
|
|
Moving Target  Group: Members Posts: 225 Joined: 13-July 07 Member No.: 12,235  |
So here's the thing. You have this node with let's say, for sake of argument, all 4's. It's got all sorts of valuable paydata on it, so of course you want to protect it. So you buy an IC program, as well as attack, armor, analyze, trace, all that good stuff, all at rating 4. You want this IC to start defending, so you boot up the IC program, boot up armor and analyze. This is three programs running, all good. A system with all 4's should be a bit challenging, but nothing a good hacker can't handle, right?
You're paranoid, so you set the IC, an agent, to automatically run analyze every so often to scan for intruders. How often can it do this? As an agent, it gets three IP's in the matrix, so presumably it can run analyze every IP. Since hackers oppose with hacking+stealth, it seems like no hacker would be able to go undetected for longer than a combat turn or two. Now comes the really iffy part. You have this IC running, along with analyze and attack. You want to have a lot of security in case someone breaks in though, so you hit ctrl+c and ctrl+v and poof! New IC program! So now you have two security agents! Let's further say you don't mind about reducing the response a bit, so poof, poof, poof, now you have five agents, two other programs, making the node's response 3, but who cares! You have five agents running, with analyze actions happening once every 0.2 seconds on average. And when something does get detected, heavens help it, it's gonna get slammed with attack actions out the wazoo. Obviously, if the node has even better hardware, it gets straight up ridiculous. My biggest question is, if people have IC, why don't they just always run as many copies of it as they can without reducing response? When one gets crashed, or if a program gets crashed, why doesn't the node immediately restart the program as a complex action? Why doesn't a corporation get their resident software guy to code one rating 6 IC and then copy it a bajillion times for all the security needs? Thanks for the help, all. ~Gelare |
 |
 
|
|
Aug 26 2007, 09:12 PM
Post
#2
|
|
|
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
also known as the "agent smith" problem.
look around, there are at least a dozen threads on this exact topic. |
|
|
|
|
Aug 26 2007, 09:48 PM
Post
#3
|
|
|
Dragon Group: Members Posts: 4,664 Joined: 21-September 04 From: Arvada, CO Member No.: 6,686 |
Even better, you can run the IC on seperate hardware, and as long as you can keep buying the hardware, you can have that many IC run on the node.
As far as the analyze actions, think of it like infiltration. The IC set their analyze program to run on that node, and it alerts them when/if it finds anything. Each IC's analyze gets 1 shot to detect the hacker when he connects, if they all fail, he's fine and has snuck into the node. |
|
|
|
|
Aug 27 2007, 04:07 AM
Post
#4
|
|
|
Running Target Group: Members Posts: 1,269 Joined: 18-September 06 Member No.: 9,421 |
I also do another Analyze whenever they do something out of the ordinary(GM Fiat). Usually treat all the "out of the ordinary" actions as an extended test (Stealthx2).
Chris |
|
|
|
|
Aug 27 2007, 07:01 PM
Post
#5
|
|
|
Running Target Group: Members Posts: 1,246 Joined: 8-June 07 Member No.: 11,869 |
Here's some ideas I had for limiting an agent smith army:
For an agent smith army using Analyze, I would say that the army collectively gets only one roll to notice an intruder in their node. 100 carbon copy agents is not the same thing as 100 security hackers or even 100 separately programmed agents. Agents don't learn, so carbon copy agents do not have distinct experiences that allow them to notice anything that their clones wouldn't notice. However, once the alarm is raised, it's battle royale and the intruder will have to deal with all the agents in the army. Regarding an army of attackers, I would use the D&D adjacent squares rule and say that no more than 8 opponents can gang up on each target. Of course after one attacker falls, another takes it's place the next IP, so the army will still win eventually. The only advantage this adjacent square rule gives the guy at the bottom of the dog pile is that he might have a chance to jackout (if he's the intruder) or raise the alarm (if he's the defender) before he gets the crap kicked out of him. Also according to the RAW, the agents don't degrade the nodes they are in, they only degrade the nodes they originate in (like a hacker's commlink). You could houserule that any hacker or agent always degrades the node he is in (or is attempting to be in) rather than the commlink or node he is originating from. This way an agent smith army would just seize up any node they tried to enter. I would also say that Firewalls are smart enough to prevent enough programs/agents/hackers from entering a node that would reduce its rating to zero. This way firewalls are smart enough to prevent a ddos attack. Other than that, I haven't seen any good rules for limiting an agent smith army (for hackers or defenders). |
|
|
|
|
Aug 27 2007, 07:16 PM
Post
#6
|
|||
|
Moving Target Group: Members Posts: 410 Joined: 5-April 07 From: Vancouver, BC Member No.: 11,383 |
You're assuming that the matrix has something like gravity that keeps one from attacking from above, or that close proximity is necessary to attack the hacker, or that there is a proximity in the matrix. Everything we see is just a metaphor for the code that is happening. If 100 agent smiths are attacking you you could just as easily have them appear as a swarm of bees all hitting you with spears, or they could shrink to small sizes and be attacking you with spears or whatever. If you are in the same node there should be no limit as to the number of people who can attack you based on space surrounding you. |
||
|
|
|
||
|
Aug 27 2007, 07:27 PM
Post
#7
|
|
|
Technomancer Group: Retired Admins Posts: 4,638 Joined: 2-October 02 From: Champaign, IL Member No.: 3,374 |
And, just to make things worse, I've routinely used flocks of birds or swarms of insects to represent a single icon rather than a group of many icons as odinson does above. In other words, the metaphor of any given system doesn't have to conform to any known physical laws or commonly held beliefs about the so-called Real World :)
|
|
|
|
|
Aug 27 2007, 07:34 PM
Post
#8
|
|
|
Running Target Group: Members Posts: 1,246 Joined: 8-June 07 Member No.: 11,869 |
I'm not assuming anything, I'm just trying to come up with some reasonable house rules to fix a big hole in the game rules.
Personally, if I were a GM, I would start with my last suggestion I posted above and change system degradation to be localized to the node your icon is in (or is attempting to be in) and make firewalls smart enough to limit traffic to prevent excessive system degradation. |
|
|
|
|
Aug 27 2007, 07:39 PM
Post
#9
|
|||
|
Running Target Group: Members Posts: 1,246 Joined: 8-June 07 Member No.: 11,869 |
So you're saying that corporations were nice enough to make hacking their system exactly like playing a video game but they don't limit you to tactical grid movement? :D |
||
|
|
|
||
|
Aug 27 2007, 07:39 PM
Post
#10
|
|
|
Moving Target Group: Members Posts: 524 Joined: 12-April 06 Member No.: 8,455 |
Does party ice still exist?
Also, it's troubled me for the longest time, that any good decker should have had a second deck daisy-chained in to run agents/ice. You can, obviously, do this even more easily with commlinks. For starters, you can build a nice firewall commlink that stops traces dead with IC designed to do nothing but sit there, spoof the data trail between it and you (in case anything gets past it), and analyze all signals coming through to decide if that's really you or something that's not supposed to be talking to your primary commlink, and then drops an anvil on the intruder if it doesn't like the response. It's a hop, skip, and jump from that to a hundred commlinks loaded with agents running interference against dozens of nodes to distract every defensive hacker in the corp while you much around in the backwater system you sleazed an account for last week. |
|
|
|
|
Aug 27 2007, 08:13 PM
Post
#11
|
|||
|
Bushido Cowgirl Group: Members Posts: 5,782 Joined: 8-July 05 From: On the Double K Ranch a half day's ride out of Phlogiston Flats Member No.: 7,490 |
...I believe you can still get it at the corner Stuffer Shack. Right next to the 48-Paks of Spud Lite. :grinbig: |
||
|
|
|
||
|
Aug 27 2007, 10:48 PM
Post
#12
|
|
|
Running Target Group: Members Posts: 1,246 Joined: 8-June 07 Member No.: 11,869 |
McDonald's sells it now, 2 bags for one fitty.
|
|
|
|
|
Aug 27 2007, 11:07 PM
Post
#13
|
|
|
Running Target Group: Members Posts: 1,228 Joined: 24-July 07 From: Canada Member No.: 12,350 |
I don't think the rules have a "hole" per se because the rules leave it up to the GM to decide what can or can't be done in the Matrix. The problem when you try to "rule up" everything is that people like us keep finding holes in the rules ("Why can't you just..."). I like the SR4 Matrix rules: GM decides.
Personally, Agents and IC cannot be copied in my world. They are a wholly unique program unto themselves. Just try to make things as "reasonable" as possible. Perhaps corporate systems don't run 100's of Agents with Analyze because that affects the performance of their business applications, what with their systems pounding an Analyze program every third of a second. I like the new Matrix rules as they are flexible and fast. Running Matrix stuff in the previous editions was just a slow, painful exercise of rule-flipping. Keep in mind the "feel" that you are trying to convey for your SR games. Are they tense, stealth-based, "caper" type runs? Are they fast-based, shoot-em-up action? Whatever your style, tailor your Matrix scenes to match, but try not to get bogged down in the rules. It's called Shadowrun, not "futuristic computer dice simulator." Try to keep Matrix stuff "in line" with the "in the flesh" part of your games and don't get bogged down in the details. |
|
|
|
|
Aug 28 2007, 01:26 AM
Post
#14
|
|
|
Running Target Group: Members Posts: 1,228 Joined: 24-July 07 From: Canada Member No.: 12,350 |
I thought of another way to answer this question. When designing Matrix systems and security, think of them more as real-world security systems.
For example, I haven't seen anyone post the "hole" that a corporation could fill their buildings with a security guard every 10 feet who asks, "What are you doing?" every 3 seconds. There's nothing in the rules saying a corp can't do this, so why wouldn't they? Those are the same reasons they don't fill their Matrix systems with legions of IC. |
|
|
|
|
Aug 28 2007, 02:33 AM
Post
#15
|
|
|
Running Target Group: Members Posts: 1,246 Joined: 8-June 07 Member No.: 11,869 |
Agents are free if you have the source code, security guards want salaries and dental plans.
|
|
|
|
|
Aug 28 2007, 05:36 AM
Post
#16
|
|
|
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
there are two ways at looking at the problem, and both have issues.
1. agents have to run on the node they are interacting with. issue, what happens when a agnet is told to do a net search? issue, can a load of agents bum rush a node into shutting down? 2. agents can run on a different node then its interacting with. issue, agent smith army. |
|
|
|
|
Aug 28 2007, 05:55 AM
Post
#17
|
|||||
|
Dragon Group: Members Posts: 4,664 Joined: 21-September 04 From: Arvada, CO Member No.: 6,686 |
Or the agents could just turn clipping off. Go way back to the DOOM era of games. You could be surrounded by imps (turn on god mode) and they'll all be partially intersecting each other, but it doesn't matter one bit, and they're all hitting you equally well. No clipping ftw. |
||||
|
|
|
||||
|
Aug 28 2007, 07:55 AM
Post
#18
|
|||
|
Runner Group: Members Posts: 3,009 Joined: 25-September 06 From: Paris, France Member No.: 9,466 |
Actually the first one is not really an issue. If the agent is told to do a net search, he'll go to the nodes to find information. You ask him to get a flight ticket for you and he'll hop to the nodes of each airlines company to gather the required data. Communication between you and the agent should still be possible because of the subscription, which should allow you to send and receive data to and from your agent. I've seen people work on that topic. Today the main advantage is that you can send your mobile agent from your mobile phone (a few Kb to send) and then you can disconnect your phone, turn it off and go wherever you want. When you turn your phone back on and reconnect it to the internet, you get back your agent with all the data you need. Another advantage is that the agent runs directly on the airline's server, which makes it easier and faster to query the database. Actually, in Shadowrun both advantages aren't that important anymore: your commlink is always online, and remote queries of database should not be a problem either. But there are still some other advantages to using agents this way. |
||
|
|
|
||
|
Aug 28 2007, 08:12 AM
Post
#19
|
|
|
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
its a issue for one simple reason, that agents have their response based on the node they are running on. hit to weak a node with to big a payload and the agent basically have no response. then there is some interesting effects of the faq ruling that say that any programs running inside a agent count towards a nodes total.
there is also the question, does a visiting agent take up "resources" like a resident agent does? |
|
|
|
|
Aug 28 2007, 08:28 AM
Post
#20
|
|
|
Runner Group: Members Posts: 3,009 Joined: 25-September 06 From: Paris, France Member No.: 9,466 |
I get your point.
I have answers, but they are related to the way I deal with the Matrix which, while consistent with the few rules and fluff we have (as much as it's possible), is a specific way to consider the Matrix, so they'd probably be incompatible with your or other's take on the Matrix. I might develop my whole point of view further in a handbook if anyone's interested, but I doubt that anyone is and I don't want to spend too long working on something that nobody cares about. ;) |
|
|
|
|
Aug 28 2007, 08:34 AM
Post
#21
|
|||
|
Moving Target Group: Members Posts: 160 Joined: 26-February 02 Member No.: 282 |
If you can still interact with the agent through subscription, how can it not subscribe to the airlines nodes to do his thing ? Either the agent has to be inside a node to interact with it or any icons therein, making you lose contact as soon as you ask him to go check the stuffer shack menu, or he doesn't. In which case he can jolly well stay inside your super beefed up commlink and do his thing from there. Can't have your cake and eat it too. |
||
|
|
|
||
|
Aug 28 2007, 08:40 AM
Post
#22
|
|
|
Runner Group: Members Posts: 3,009 Joined: 25-September 06 From: Paris, France Member No.: 9,466 |
Yes, you can run the Browse program on your commlink and have it search the Matrix this way.
Searching with the agent is another way of searching, which has its advantages (for example a node can restrict access to its database to local programs. In that case, your Browse program won't be able to accses it, but an agent will) and its drawbacks. |
|
|
|
|
Aug 28 2007, 08:54 AM
Post
#23
|
|||||
|
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
because agents dont work that way? as in, they can only subscribe to whatever it is thats giving them orders? hmm, i wonder if it becomes simpler if one think of agents as software drones. and i see blade have brought up the browse program. the one thing that may make a agent able to sit anywhere and search the matrix. as in, one must not forget that a agent use the very same tools as a hacker use to get things done. bah, we can go around in circles about this for ages. |
||||
|
|
|
||||
|
Aug 28 2007, 10:32 AM
Post
#24
|
|||||||
|
Moving Target Group: Members Posts: 160 Joined: 26-February 02 Member No.: 282 |
I was talking about agents and your solution to ASA by making them use the target node. So one last time in its full glory: As has been mentioned in numerous threads having agents as distinct actors makes the Matrix break. Since you can copy them you can cram any amount of actions into one turn, making it statistically impossible to fail at any task that requires you to roll dice. Agents as described in the BBB can run all the programs any user can, making able to perform any action a decker could. Users interact with matrix nodes, agents and drones by subscribing to them, while having their programs run on their own commlink. Now if I understand you correctly, you want to make agents need to switch nodes to interact with the objects in the target node, which, while being counterintuitive, could actually be the case, given there's only one vague paragraph in the BBB to get our conclusions form. If that is the case you lose contact with the agent as soon as you send it off, since it's in a different node now and can't interact with you anymore. But even if we find a way to twist our way out of that particular issue and forgoing any discussion on the way agents gain accounts, there's a real game balance with handling things this way: Agents not integrated into a persona use up to 6 program slots out of the at best 5 program slots a node has available before losing response. So doing things this way we have just found a way to drop any nodes response to one, making any actual hacking attempt by a for real haxxor a cakewalk. Which is just as stupid as having 10 million agents roll redirect trace. Now I don't have a solution for the ASA that doesn't just write independent agents out of existence and gives some programs limited amounts of actions they can take for themselves (similar to the Analyze example given in Matrix Perception Chapter).
I am having a hard time figuring out if you are being sarcastic, by asking questions that you think are rhetoric, since its absolutely clear how agents work. Or whether you are genuinely trying to figure things out. So I'll quote the FAQ at you, in the hopes of giving you a better understanding of what subscription is supposed to be.
But I agree. Agents don't work. |
||||||
|
|
|
||||||
|
Aug 28 2007, 10:55 AM
Post
#25
|
|
|
panda! Group: Members Posts: 10,331 Joined: 8-March 02 From: north of central europe Member No.: 2,242 |
ok, let me restate that, agents do not create subscriptions, their controller does.
also, the FAQs take on subscription is somewhat contradictory to the book iirc. they seems to approach subscriptions in two different ways. hell, notice that the quoted text talks about node to node traffic, but the book talks about persona to node/agent/drone traffic. all in all, i suspect they need to get their ducks (labels) in a row before they write any more faqs on the topic. as in, sit down and define in clear terms subscription, persona, node, and how they relate. as it is, it seems that persona and node is sometimes used interchangeably. but that cant be as a node cant "walk around" inside another node, now can it? as for me being sarcastic, maybe so. or maybe im just tired of seeing new threads about the same old topics. hell, i wonder why i bother to post on them. maybe its because its either that or ED/SR crossover threads on this forum right now? |
|
|
|
|
|
Lo-Fi Version | Time is now: 19th April 2024 - 01:08 AM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.