Alternate Matrix Rules, Everyone is doing it Options

[kzt]

[Redjack]

[kzt]

I was discussing the real world. There is no PRC in SR...

However, if a hacker in SR goes off-line and goes to dinner, you can't do anything to him without sending someone there. He can choose when and where to attack and, coming through a series of intermediaries, is very difficult to track if he's clever. (Though still much easier then the real world).

And if he's hacking via AR, the worst you are going to do is throw him offline via cybercombat. So he sends out for pizza and pulls the next commlink out of his hackerstack and goes back to work.

If you hack his commlink he pulls out the batteries and goes to the next one in his hackerstack, and goes back to work. Though typically you won't ever get that far, as he'll have an agent upstream looking for traces that will tear down his connection before you can get there.

It's pretty risk free, until someone shows up to shoot him in the face.

[Redjack]

You are mixing rebuttals. You are rebuking

[Cthulhudreams]

Well, I think his point was

A) Today you cannot do anything about a hacker if he is operating out of a number of countries you really cannot do anything about, that often start with R and/or end in A.

B) An operator in china in SR can use the hackastack and achieve total invincibility unless you physically go there and shoot him in the face.

neither of these are particularly intresting as a game mechanic.

[Redjack]

[Cthulhudreams]

Yeah, modern malware is based around exploiting unpatched vulnerabilities in systems. The things you describe (except MITM attacks and zero day exploits) are using a known, unpatched flaw in the system to gain some sort of advantage. I kinda agree with you in some ways, but I do think that the majority of 'hack attacks' are out of the question.

However, the most common attack vectors today are through user based attacks (soliciting a user to visit a hostile website or open a hostile attachment), or discovery of unpatched systems via autorooters or whatever.

Lets take autorooters and other similar things first. These are agents, uploaded to a node which they run from autonomously and report compromised systems back to the program owner. They just got banned to fix the agent smith problem. So that precludes the second attack vector. That and leaving unpatched systems on the net is definitely user error ;P

The really intresting thing is that with fast flux networks launching DDOS attacks, we really do have agent smith *in action* *right now* toasting hosts. And frankly no-one does anything about it. Check out what happened to project blue.

The second attack vector is the described user error which frank ascribes things to.

Leaving things unpatched is probably a problem, that I would ascribe to user error. I agree that not all attacks currently used follow those methodologies but the overwhelming majority do. All of the attacks detailed on the honeynet site currently in papers for the last year fall into one of my two concepts.

Now back to the man in the middle attacks! Well, actually, authentication 101 prevents that unless the end points are compromised, something I agree happens all the time. And this is the most deliciously wicked attack out there. But it is still 'hacker haxors your banks website, you visit and get tasty malware' And you're right, on zero day exploits might produce some of this stuff before the patches get onto it.

But really without autorooters and other agents to speed the process, I'm not sure how. So on the balance I can see how one could right 'hacking is due to user error' because in the vast majority of cases out there today right now it is.

[kzt]

Our security guy told me that 80% of compromised systems we see are are due to the user going to a compromised site and the browser automatically downloading and installing malware. It's not the the users are doing anything wrong, or the the machines or applications are unpatched; it's that applications are being manipulated in unexpected ways.

And we did have 47 rookited systems that were, as far as we know, completely patched, running current AV and otherwise identical to the other 7000 some hosts we have. But they were totally owned and we really have no idea how, or why just them.

The quote I have posted from Richard Bejtlich several times point out how computer and network security is an ugly problem and it's not getting any better.

[Redjack]

[Cthulhudreams]

I often think people fail to realize the scope of the threat. It isn;t some kid in his backyard doing it for fame and glory, it's organized crime doing it because it's a billion(+) dollar a year industry in terms of pure profit, and thats not counting the cost to society. Okay it is a chump change compared to drugs, but really.

Drive by downloads usually exploit a vulnerability in the browser package of some description of the other. http://www.honeynet.org/papers/mws/KYE-Mal...Web_Servers.htm goes over it in some detail.

Redjack, you posits 'reasonable' security measures, but almost 40% of users have not taken the steps of installing 'important' security updates.

So infecting peoples computers by drive by download and auto rooters is a cool discussion of current network security, which I think is fascinating, but it isn't very interesting gameplay.

Edit: Redjack -> I both agree with you and disagree. I don't think anything we've discussed goes far enough to remove the validity of the point frank makes with 'it requires user error' Modern hacking techniques deploy vast automated techniques to do stuff.

This *is* agent smith, its *not* some guy busting out the console and thrashing into the system. Every attack we have discussed (aside from possibily MITM attacks, while I am aware of the theory I don't know of a serious wide spread attack, or a single high profile case using this) is an automated agent based attack that features low or no interaction.

While I disagree with the way frank has put it, I do think the point is valid that modern hacking blows goats as gameplay for an RPG.

[kzt]

I find the whole "cybercombat" thing to be like disco; it was a dumb idea at the time it was created by TRON and Mr Manual Typewriter and it hasn't grown better as it decomposes in it's well earned grave. I'd rather use a more abstract system for hacking systems that is based on the idea that you methodically work to compromise the system step by step. Plus airgaps so you have to actually show up in person to hack.

I enjoy playing SR and I'll use whatever house rules the poor bastard GM wants to use, but what I want to run is really more a futuristic spy game, so magic, elves, etc are all distractions to that.

Frank likes the cybercombat stuff. So his rules are based on the idea that you have to engage in it to hack. Furthermore, to have meaning it needs to have a threat to the hacker all the time that is much more immediate then the remote chance someday someone will show up at his house and shoot him in the face.

[Redjack]

[FrankTrollman]

There are many ways that the Matrix could be envisioned. Lots of them are inherently unstable when exposed to enterprising player characters. And lots of them are not. But if you try to bite off more than you can chew and try to support more than one sci-fi conceptualization, you end up with a mess. A mess which is in almost every case unstable.

Here are some other conceptualizations that I think cold be made into a perfectly workable set of rules which for whatever reason I chose to not go with:

Agent Smith Wars
Matrix tasks are automatable. They are in fact virtually completely automated. Actually starting a hack on something doesn't require you to be hooked into the Matrix at all. You pretty muc just press the GO button and move on with your life. What does take effort is setting a hack up in the first place. Systems can pretty much shut anythig off they feel like, so even having hundreds of thousands of Agents doesn't let you hack into something unless you already have a key. Indeed, it is assumed that any Matrix Specialist worth a damn has got hundreds of thousands of Agents at his fingertips. But to actually get that to accomplish anything, the Hacker has to have a flaw in the security of whatever operating systém is in use, and those are both secret and constantly being fixed.

So the players in this system actually go about their day collecting super secret ways to compromise specific operating systems. They might discover or reasearch a weakness in Ichi user interface or an encryption flaw in Deva. These loopholes will allow a player to plan and launch an attack on a system which runs a specific operating systém. And then you roll dice against the firewall to see if the adapting security code can successfully shut you out, and in any case at the end of the day the logs will go to security spiders who will likely as not close the loophole and all the world's Orb systems will become immune the next time they update. What you're essentially risking every time you use your hacking is the chance that the World Recording Industry Army will track you down and shoot you in the face after the run, and the near certainty that whatever trick it was that you just used will be compromised and useless in the extremely near future.

I decided to not go with such a setup because hackers really only used their datajacks between runs while attempting to craft loophole cards. It pretty much felt like 2007 hacking, not „Shadowrun“ hacking. Also, keeping track of loophole cards was kind of a pain in the ass. And the hacker did almost all his actual work during the legwork phase – no cybercombat actually took place during the action phase.

The Prize in the Game
Encryption is basically completely impregnable. While a maglock can be bypassed with a rocket launcher, a computer passcode is something which can only be cracked with a few million years. As a result, all „hacking“ is an extension of social hacking. You can't possibly break into a main frame via the internets, but you get people to give you a valid temporary code by successfully impersonating a new employee or an external contractor.

In such a setup, successfully „hacking“ anything is the entire mission. You need to sneak into the right area and Control Thoughts some wageslave into making you a valid account before you can get into the systém. You need real-time video of someone touching the keypad to activate a door before you can activate it yourself. And you'll need to get the work badge of an off-duty security guard from his house before you can even be offered the opportunity to punch such a code in.

I decided not to go this route because it made hacking both too important and too useless. Also, even formulating a plan to use your computer skills requires such a deep understanding of the systém by the player that you essentially don't even need the computer skill any more. The Matrix Specialist sort of vanishes as an archetype altogether and every single character ends up contributing to hacking.

Tempting Fate
Connecting yourself directly to the Matrix puts you head and sholders above lesser men. The information at your disposal allows you to easily accomplish tasks that would make the unconnected man weep. But with great powers comes heat vision, and being connected to the Matrix in such a way also leaves you horribly vulnerable. The signal pumped constantly into and out of your brain augments your plans, your balance, your evaluation of the truthfulness of people talking, and your assessment of colas – but it also can easily be compromised with static or turned up to a brain splitting 11.

Players get a substantial bonus all the time while they are hooked into the Matrix. Their perceptions of people across the negotiating table are compared to libraries of truthful and deceiptful people automatically. Their running physiology is automatically monitored and improvements suggested. Blah blah blah. And the higher res the signal you are getting, the bigger a bonus you receive. And the more dangerous it is for you.

I chose not to go this route because it involved changing the underlying assumptions about how many dice people rolled on everything and I was writing new Matrix rules not a whole new Shadowrun.

-Frank

[Ryu]

Concering agents: I consider allowing agents for legal tasks, based on the notion that all agent tricks are not creative and therefore known by up-to-date software. Still working on the how. There is the idea of limiting available software to rating 3 and having the rest be a setup problem for the hacker, with degrading ratings (SOTA without cost, but needing skill)

Concerning network security: Have decryption not be an extended test. Say that a comlink with access to brain processing power is well able to decrypt real-time. If encryption is limited in ratings, even high-sec systems can be broken into. Working on that too, but looks promising.

[Fortune]

How do I steal a car under these rules?

[Ryu]

If the car is on the PAN of someone, you decrypt network traffic (should be EW), create a backdoor (Hacking) and run Master Control (Hacking).

[FrankTrollman]

If the car is just sitting there, you have a couple of options:

• Add it to your own PAN and drive it around.
• Send a fake command to the Autopilot to drive itself to some arbitrary Point A.

You have a couple of options to do that. You can either crash the system by repeatedly hitting it with Denial and then forge a connection with it while it is rebooting; or you can attempt to get a Jedi Trick or Backdoor to grab direct access.

If the car is running under the PAN of someone else you'll need to take better control of it with either Master Control upgrades or by kicking the original occupant out with Ostraka or Impersonate.

---

In any case, the biggest threat is not actually grabbing control of the car (which like in 2007 is easy and fun), but in keeping it once Lonestar starts looking into the matter. Jamming the car keeps it off the Matrix and keeps them from WhoIs tracing it (which they will do). But really you're going to at some point need to get yourself a fake ID for it if you want to really "keep" it, which is handled just like any other Veracity test.

-Frank

[Ryu]

Denial is pretty much unstoppable right now. Logic+Attack against Firewall+Willpower... handing out automatic success to the dedicated hacker makes that one boring as hell.

Encrypting something seems to need a test, too. One would think the power is in the method, but apparently only trained hackers can do it.

Probe... When does the Firewall get to have its IP? And one bad roll from the defender and any system is toast.

WhoIs should be called WhereIs. WhoIs should exist and have the implied function. Minor nitpick, guilty as I´m likely to be charged.

DataBombs seem useless against owners of recovery. Have a few minutes? At least "only one test" should be stipulated, and then it stays 50-50.

Intercept... all wireless information is free now. See Probe, see Firewall has one IP, see DP sizes possible.

Master Control. A server resists with firewall only?

Taxman see Intercept.

How does Obscure handle Reveal Contents?

Terminate Connection is pretty weak. With the amount of things you made possible without connection, this should be unresisted.

[Seven-7]

For those of you waiting for the PDF, here's an update:

I've got the custom page layouts ready and waiting with a few bits of art that Frank seems to think are fitting so now it's just an issue of copying Frank's text and my images into the PDF.


If you want any of your work to go in, give me a ring on one of my IM's:

AIM: bluescreen0101
YIM: bluescreen0101
MSN: bluescreen0101@gmail.com

[FrankTrollman]

[Crusher Bob]

Some stuff worth thinking about:

Ahould the range on black hammer and similar programs be changed to LOS or C instead of just LOS? This makes the black hammer utility more in line with black IC (which we assume can fry your brain from around the world). Unless there was a rule revision, black hammer is just LOS (+ within signal) range. This also lets a defending hacker try to blackhammer you, even on the other side of the world, because you have to have an open connection to hack the system.

This also give the hacker incentives to backdoor people, so that at some future time he can access them from anywhere and attempt to blackhammer them. (You have disappointed me for the last time...)

This also gives the hacker some incentive to establish a connection to people, even in physical combat, since he can still balckhammer them outside of LOS as long as the connection is open. This also makes resetting your PAN an desperate but possibly effective defense against connection range attacks. You can no longer be attacked over the open connection, but you are now vulnerable to plain LOS attacks.

[FrankTrollman]

[Crusher Bob]

Sigh, but this leads to the problem of:

I'm having a party in your brain, and all the Black IC in my hackkastack is invited.

--------

To recap:

The rules should be designed to produce balanced and interesting gameplay; choices presented by the rules should actually be choices, rather than one choice being batter than all the others.. The natural balance of the rules should lead to people taking in genre actions, and there should be no in rule loopholes. The game fluff supporting the rules should agree with the rules themselves, and try to close off and potential loopholes that arise from applications of the 'rules objects' (in this case, IC, programs, computers, etc) in logical ways not actually covered by the rules.

------------

We want there to be some way of defending a system beyond having security hackers who just hang out in the system all day. While writing IC out of the world, and having all active defenses based on defensive hackers showing up in the system would probably work, IC is part of the fluff we don't really want to give up. IC should be able to react to your intrusion by making you risk being brainfried. However, the best IC should be defeatable by the best hackers, so that even the best defended systems (without security hackers, anyway) are still vulnerable to hackers.

-----------

We want IC and defending hackers to be able to brainfry you from across the world, but we don't want the across the world hakkastack brainfry. If we find this unavoidable, for some reason, then we should at least try to make it have real drawbacks. For example, if Ares is really pissed off at you, they can backdoor your commlink, run a trace on you, and hit you with a thor shot once they find out where you are. We don't want to make thor shots forbidden by the fluff, but we can place enough fluff complications around the use of thor shots that prevent thor shots from being used on every Joe runner who pisses of Ares.

-------------

So, here's a rules + fluff outline that I think will let us keep IC, but prevent the IC hakkastack. I'm not too sure about it, since it deviates even more from standard SR.

Just as hacking programs require a brain to do the work on, the active defenses of IC also require grey matter. Therefor, any IC you run into is basically a brain in a jar somewhere.

This is why you will see references to Black IC being 'illegal'. The fact that the IC is trying to brainfry you is perfectly legal, after all, the guards could shoot you right in the face if you were trespassing in a secured area in the meatspace world. The reason Black IC (e.g. high rating IC) is usually illegal is that the corporation has some poor Joe's brain in a jar slaved to run some computer programs. Sure the lower rating IC can be run with stuff like dog or monkey or dolphin brains, but all the best IC requires a human brain.

So why aren't the corps growing cloned human brains en mass, to create armies ofhigh rating agents/IC? Well, the problem is that the cloned brains have basically no experiences, the complexity of their neuron networks is basically non-existant; they are made out of mush. To get high rating IC, you need a brain with a highly complex neuron network. Currently, the best place to find that kind of brain is straight out of the skull on and adult human...

This is what really keeps organ-leggers in business. Anyone who can afford a replacement organ (and the surgery fees, recovery time, and time off work) can afford a clonal, or at least type O limb. But brains, that's another matter altogether...

So why can't you copy agents? because you can't copy the grey matter that is the heart of the agent. Note that agents/IC have what amounts to lifestyle costs, you have to keep the brain fed with a stream of nutrients, and whatever else a brain in a jar needs.

Because IC brains don't have the specialized brain structres of hackers (e.g. they didn't have any hacking skills), the forced integration with the computer is destructive to the brain being used (just like those BTL addicts), so IC tends to be shut down when it's not in use; it reduces the degradation of the brain. This is also why the IC you just crashed doesn't just start back up next turn to trouble you. Depending on how badly you've crashed the IC/Agent, you may have actually killed the brain. Note that crashing high rating IC means that you technically committed homicide, since you just terminated the brain activity of a human brain. Of course, to charge you with the crime, the guys doing the charging have to admit that they had some poor guys brain in a jar to begin with.

So, the blackIC hakkastack is still possible, but costly, and it degrades over time, meaning you keep having to supply yourself with new brains.

This also adds some interesting game dynamics for the rest of the team to support the hacker. If you break into the building to shoot all the black IC life support canisters, then the hackers job just became a whole lot simpler.

This also allows economic raids against places that have IC. You botch the hack enough to trigger the IC, then start frying IC brains. It's raids like this that cause most places of have pretty conservative conditions for the activation of IC, it's only when your threat to the system (how far you've gotten in, what info you can access) is balanced against your threat to the IC that the IC tends to go active (plus the actual cost of activating the IC in the first place).

Thus, the black IC hakkastack party in your brain is somewhat comparable, economically to firing a missile at you, or sending a team of guys to shoot you in the face. And you can either jam your connection or reset your PAN, and cause all that expensive IC to suffer dumpshock. So a lot of the time, it's neither the cheapest, nor the most sure way to take someone out.

[HappyDaze]

[FrankTrollman]

Ideally I would like to avoid the nuclear option of restricting IC to networks and servers, and even more dearly like to avoid the hydrogen bomb option of restricting IC to networks.

So while I agree with most of your premises, I think your conclusion may have gone too far. For starters, how are you getting your Hackastack to attack an opponent's brain all at once? Are you using the Chain Letter Technomancer power?

That alone may require IC to be restricted to servers and networks. But so far I'm not seeing a reason to restrict them to networks alone.

-Frank