[X] My Assistant

[Moon-Hawk]

Good point.

[Ryu]

[Ryu]

Basic Mechanic
All Matrix actions use the attribute+skill+(Program) Familiarity mechanic, with program rating limiting hits.

Program Familiarity
Program Familiarities are knowledge skills modelling the experience a hacker has with certain kinds of programs, in contrast to the broad active skills. At character generation, Familiarities are limited to rating 4. The codeslinger quality (5-8 BP) gives you 2 knowledge skill points to spend on Familiarities per BP spend. Having this quality makes you a hacker for other qualities purposes. (Note: modifier may change when the number of different Familiarities is decided upon, 10 BP should make you quite competent).

Familiarities are available as knowledge softs up to rating 4.

(Intended effect: increase the importance of skills and attributes vs. bought programs, have DPs sufficiently high to use success tests against system ratings, tempt players to consider the matrix)


Software Prices/Ratings
Most Matrix Software is freely available up to rating 3 as open source; this level is maintained by automatic updates. Matrix software above rating 3 degrades by one rating point per month. New players start with every program (they want) at rating 3+1/2 Software skill (round up); they need to maintain those themselves from the get-go. Familiarity Knowsofts are also subject to degradation.

Bought Software is maintained by the creator at the original rating for one year.

A hacker can maintain his software ratings with a (sum of (software rating-3), 2 hours) extended Software test, stretched over a whole month. Each hit on that extended test missing by the end of the month forces the hacker to lower one software rating by one (minimum remaining 3).

New/ Replacement Programs may be found with a Data Search (rating, 1 hour) extended test. Matrix Security Divisions are constantly hunting for such transfers, so one should be prepared for visitors (GM discretion).

(Intended effect: remove need to buy programs, give hackers something to do, give decicated hackers a saving compared to other characters)

System does not limit usable program ratings. Response is degraded for every 5 programs running; agents count as two programs regardless of load. Everything else forces max. System, and I like to leave that choice to the player.

[Ryu]

Password Type mods (applicable for System and Encryption)
Simple Password: +0
Enhanced Password: -2 hits if lacking data
Access key: -3 hits without key

Those are given as negative for the number of hits to keep the required Decryption rating (as that limits hits) unchanged.

A credstick(passkey) may such run Encryption at an effective rating of (base Rating 6) +3, with biometric data even +5, forcing any attacker lacking to deal with the opposite side of the connection.

Normal systems can be made challanging to break into, but are rather easy by default.

[Ryu]

Standard Programs
(A)nalyse
Used to detect data streams and analyse the type of matrix entities.

(B)rowse (no Familiarity, use appropriate knowledge skill)
Browse is used to search for Data. Roll an extended test, limited to (Data search) rolls. Each roll has a threshold based on the availability of the data in the accessible data bases. Total the achived net hits. IE: Data Search 4, Logic 4, appropriate knowledge skill 4. DP of 12. Information on the subject in question is hard to find (threshold 3). Four rolls of 12 dice come up 3, 6, 2, 5 hits, resulting in 0, 3, 0, 2 = 5 net hits. Dole out information for that number of hits. The threshold is an easy way to reward a player that hacks into an appropriate database.

©ommand(Familiarity may be specialised on device type)
Command is run by devices that allow themselves to be used via AR commands.

(D)NI Protection (not skill based)
DNI Protection automatically runs on any device that provides DNI. Crashing this program crashes the Connection. As long as it is running, its rating is deducted from all damage to the DNI users stun or physical damage track. May be set up to disconnect after it was not able to filter all damaging signals.

(E)nycryption (not skill based)
- Protects networks from outside access working as threshold for Decryption
- Protects Files from being accessed without password
- May be set up to destroy protected files if a Decryption attempt only fails by a pre-set margin (former Data Bomb)

(F)ile Manipulation (no Familiarity, use appropriate knowledge skill)
File manipulation programs are used for a wide variety of tasks, mostly editing images and sound files for the creation or falsification of evidence. They use Computer + Intuition (for creative content) or +Logic (hard facts). The GM sets a threshold based on difficulty, while any net successes build the threshold for catching the fake (skill varies).

Familiarities: Analyse, Command
Knowledge skills to consider(but not needed): useful seach topics, Security Procedures for manipulating logs, creative knowledge skills for faking evidence

[Ryu]

Hacking Programs
Matrix Combat
Attack / Blackout / Black Hammer /Medic (Matrix Combat Familiarity for all), Armor
Attack damages all matrix condition monitors, Blackout and Black Hammer damage matrix users. All require a connection between attacker and target.

Offensive programs use Cybercombat + Intuition against the targets Defense value of (Firewall+System/2, round down) rating. Damage is Attack rating + net hits, reduced by Armor (for Attack) or DNI Protection (for Black Hammer and Blackout) rating. Yes, this may hurt. You may only attack entities in the same node as you.
Medic: Roll Logic+Computer+MC familiarity vs. a threshold of 2, any net hits reduce 1 box of icon damage.

Sneak(no familiarity)
Used to hide the comlink/device node or disguise its type. See matrix actions.

Exploit, Spoof, Decryption (Illegal Access Familiarity, spec. for program)
See matrix actions

ECCM (not skill based)
Works as RAW

Familiarities: Matrix Combat, Illegal Access

[Ryu]

Reality Filters
Reality Filters have no rating, and a cost based on visual quality(free or up to several k¥ based on artistic value). All superimpose a specific iconography on every identified matrix entity. Unidentified programs use their given icons. This gives +2 to matrix initiative.

[Ryu]

Intrusion Countermeasures
Each node can have one IC program running. The function of IC is to detect and combat intruders. IC runs complex algorithms and therefore counts as (rating/2, round up) programs for determining load.

IC does test of 3*IC rating vs the hackers sneak to decect the hacker each time a forbidden action is performed on or against the node (everything not afforded by any aquired user rights).

IC can be loaded:
Trace IC tries to pinpoint the hackers location
Combat IC attacks, all skills and ratings are assumed to be at the ICs rating. Combat IC uses Attack, Blackout or Black Hammer.
Both can be loaded with Sneak to disguise their presence.

As for agents, I do not nerf them much, but use Franks idea of brain computing: The true creative power of the human brain is needed to run semi-autonomous agents. Thus, each agent has to maintain a connection to its users brain. Any agent after the first imposes a -2 distraction modifier, the negative mod may not be larger than willpower, else the last booted agent(s) crash. Agents use their rating for logic and else use their users skills.

General Question time:
- This form of matrix combat is rather stable and tech-based. Should I go more with style and emulate the unarmed combat rules?
- How does this version of agents look like? Good? Bad?
- I have a list of matrix actions, and consider to move many tests to Intuition, were the right feel for the code is more important than the straight problem solving logic. Good idea, or should everything stay as-is?

[Ryu]

Matrix Actions
Matrix Perception Logic+Computer Program: Analyse Threshold: Sneaker
All entities without Sneaker are identified automatically. If data was manipulated, it can be detected with a Perception test vs. The fakers net hits

Intercept WiFi Signal Logi+EW Program:Analyse Threshold:4

Signal Decryption Intuition+EW Program:Decryption Threshold: Encryption + PW mods

Spoof Signal Logic+EW Program:Spoof Threshold:lower System of Imitated and Target node

Change User Type Logic+Hacking Program:Exploit Threshold:System+PW mods
Secure setups will require a passkey for admin access, ie the owners credstick
Gain Access to Datastore Logic+Hacking Program:Exploit Threshold:System

Data Search Intuition+Data Search Program:Browse Threshold:defined by GM

Data Transfer requires Data Access, time is no issue

File Decryption Logic Hacking Program:Decryption Threshold:Encryption+PW mods

Edit File Logic+Computer Program:File Manipulation Threshold:determined by GM, record net hits

Use Device Command of Device+Skill Program:none Threshold: unchanged

Icon Repair Logic+Software Program:Medic Threshold:2, 1box/net hit repaired
Note: An Icon can only be repaired once per combat turn.

Trace Intuition+Computer Program:Analyse Threshold: Sneaker (+ Relocate Net hits)

Relocate Trace Willpower+Computer Program:Sneak Threshold:Analyse, net hits increase Trace threshold.
It is simple but very tasking to constantly change the routing of ones connection.




Anything I missed? Comments, anyone?

[Cthulhudreams]

Questions/Comments/things you still need to fix.

Agents are bad at everything because you've added a third skill, but still mandatory as they add +3-4 dice to everything you do via team work tests.

Or still mandatory because you still haven't closed the 'log in my icon on <arbitrary commlink X> and then agent their runs heal on me, and I go do my hacking with a free medic every IP loophole

You still haven't made any hacking skills required on part of riggers - drones can still run EW autosofts themselves, and load an IC to defend themselves.

IC can still attack at ranges greater than connection.

Agent smith still works, just only on the part of the corps by rounding up homeless people/their employees.

But the biggest and most critical problem is you haven't provided any reason what so ever for everyone to not just unplug everything/set the wireless on fire. You need an incentive to be connected or a penalty not to be connected.

[Ryu]

IC can only act against a hacker doing things on its node - and only one IC may run on that node.

Yes, the rigger part is missing. Minor oversight :eek: .

I do not consider the possibility of medics agents in any way disturbing. That is not free, that is using an agent. Speaking of those, they use both skills of their user, so they roll rating+user skill+ user familiarity skill. Usually less dice than a dedicated hacker, but still worth it (I think maybe they (and IC) should only get 2 IP?). Agent Smith does now take an efford: the homeless tend to have low attributes and little to no skill at the matrix. And they have to be housed. I think I can live with that, too.

EDIT: Limited Icon Repair to 1/turn



I think that now even lower System/Firewall/Encryption ratings make the matrix so secure that anyone would live with the remaining risk. See DNI Protection. Your death by matrix can be avoided. The PCs, with above average skill, augmented attributes and high-end gear are a threat, but their type is rare in the world. And they don´t care for Joe Public. What is the remaining risk? For money, I use credsticks as high-tech passkeys. The usual possibility of getting +1-3 from AR support on any test, plus the participation in society always was enough for me. If a player does not want to participate in the matrix, I let him. But those people are outsiders.

From the angle of "What can a hacker do?" There is always a house system or a security network to play with. Cameras and gun mounts and drones provide a serious advantage, the corps will use those. The thresholds to play with those should work pretty well with the standard device ratings.

[Cthulhudreams]

Wait? They use the skills of their users? Thats amazing - So every hacker gets a 'hidden' bonus to his skills of 1/3 of his dice pool? (Via the agent just endlessly using teamwork?) Thats huge and probably breaks all your thresholds, a 4/4/4 hacker rolls 16 dice (15 when capped to starting availibility), and a 6/6/6 hacker rolls 24 dice (21 , getting an average of 5.33 and 7 or 8 successes respectively, as opposed to 4 and 6 respectively.



The 'what can a hacker do' doesn't answer the question of 'why would the house system or corp security system be constructed in such a way as to let a hacker attack it.

Isn't the corp best to use cables + secure passkey for everything and remove all non admin accounts? This keeps the hacker out of their system, and makes him dead weight.

I don't think 'it is easier to use wireless' is really a valid answer, as the wireless matrix is only 5 years old, so most buildings will have full cabling for wired comms. Easier and safer to build back on the old stuff.

If I sound aggressive, I just reckon a spirited attack is whats best for find problems :)

[Ryu]

Yes, you sound aggressive, but that is helpful for the very reason you give. The cuddly, no critizism way does not tend to find loopholes.Thanks!

The teamwork problem has to be killed dead, you are right. How about "Agents can act on their own to a limited degree, but they are not capable of intelligent support of anothers actions, excluding them from teamwork tests"?



Cable/Passkey/Opt-Out
The cable+pass key way will always be more secure, no way around that. Going without cable is easier (I say that anyway), but the real advantage is controlling drones. Nothing beats integrated drones. Once you have drones, you might as well run the rest of the setup wireless, too. As for using already present old cable, that is valid. Would you like to see a "connections via wire come with a -3 DP mod for all matrix actions, including Use Device"? I don´t think it is needed.

If you as a hacker face a cabled system, you might want to install a wireless adapter yourself. As for the admin account, those are not afforded better protection per se, but are safer because they are rarely used (Never got that part of the wireless rules). Any extra protection has to come from safer password types. If you want to protect a PAN by using passkeys, every device on it has to have one. That makes it rather easy to steal/aquire one. A more proper setup is standard user account with passkey, admin account with another one. Cameras are better set up with an IC program hunting for manipulation attempts, and use wireless to lure the hacker into the trap.

So if you face passkey protection, you have to find a passkey, or you blow into the network by brute force (can still be done, even if you might need edge). On a wired system, you want to crack open a device to install a wireless adapter anyway. The corp does know this takes the same efford, and therefore can have trust in a wireless setup requiring just the same.

So the main reason not to opt out is that opting out does not really increase protection, but does increase cost. The cost part is not reflected ingame, but do not underestimate the cost of laying wire on a modern corporate facility (That stuff adds up. In a flexible manufacturing structure, wires would be impossible to justify). If matrix security would be based on RAW cost, every facility would run Rating 6 servers and devices. Those cost only small change compared to industrial machines. I am torn on having hardware SOTA rules - those would tackle that problem, but get quite complex due to the number of devices an average player owns.

From a playing perspective, I like the prospect of having the players hunt for passkeys and passwords again. That was a bit lost with the current free-entry encryption rules.

[FrankTrollman]

[Cthulhudreams]

I agree with frank, any one with any sanity is just going to separate the wireless for the drones from the wired network. Interestingly that closely parallels today - the addition of a highly secure gateway between the two.

The camera thing is just confusing. If you want honey pots, why make them actual production devices. Instead have a vulnerable network loaded with black IC and no production devices, and get them to attack that instead, while your home network is safe and secure with wired connections.

Adding a cable tap is obviously what the hacker is going to do, but generally cables are inside the buildings, so for the tough part of break and enter shadowrun missions - ie breaking and entering - the hacker gets to sit on his hands.

But lets get on with attacking the passkeys thing: This is stupid. Actually its not stupid per say, it makes hacking about social engineering attacks and all that goodness, but is it really want you want? Everything will be locked down - I would bet money on the all the players pans being that, so why wouldn't everything else?

[Ryu]

The passkey is hardware the hacker will want to aquire, so he needs to get at a device.

The passkey is NOT the whole password, owning one only reduces the threshold for breaking in. Off-site hacking can´t get you a passkey, it is hardware. "Social hacking" is -and should be- an alternative that can be used. Everything else is just unfair to the face.

There is additional protection afforded by using wire, but the main stumbling blocks (aquire passkey, beat encryption, beat system) remain on wireless setups. If it was a real world, going wireless would have a rather massive cost advantage. So there is your justification for opt-in.

The thresholds of passkey-protected systems don´t really keep out high-end PC hackers, but they keep out most anyone who only dabbles a bit in hacking. And that is a level of protection very commonly accepted today.
I´m emulating your logic that a PC hacker should be able to do everything (depending on equipment), while I offer reasonable security from anyone else, starting as low as device rating 3. Defeating passkeyed encryption 5 is a threshold of 8, that is hard, but that is also supposed to be the high-end of device ratings. There might now be some correspondence between a callenging threshold/setup choosen by the GM, and the assumptions of the device rating table.

[Ryu]