My Assistant
Site Message
(Message will auto close in 2 seconds)
  |
 The Rules Obscure, Did you know that... |
  Jan 7 2008, 03:34 PM
Post
#1
|
|
|
Moving Target  Group: Members Posts: 698 Joined: 26-October 06 From: Iowa, United States Member No.: 9,720  |
Some things in the rules are not laid out as well as they could be. And as such there are rules that are just not well known. So if there is some obscure rule that completely changed your view on how something worked post it. It might help clear up things for some of the others around here.
Example: Method posted this on the Illusions forum... Little to say my hacker is now underskilled dramatically.. BBB p.125 under the forgery skill QUOTE (BBB p.125) Note that some forgeries will require additional skill tests in
order to pull them off ; the quality of the forgery (hits scored) will be limited by the complementary skill hits. Forging a painting, for example, requires an ability to paint—the hits on the Forgery Test cannot exceed the hits scored on the Artisan Test to create the painting. As another example, doctoring an image would require a Computer + Edit program Test in addition to the Forgery Test. |
 |
 
|
|
Jan 7 2008, 03:42 PM
Post
#2
|
|||
|
Moving Target Group: Members Posts: 698 Joined: 26-October 06 From: Iowa, United States Member No.: 9,720 |
Target Commlink - Standard secure, but not hacker elite Firewall (5) + Admin (6) = 11 Analyze (4) + Firewall (5) = 9 avg 3 hits Hacker - Elite System Hacking (6) + Exploit (6) + VR (2) = 14 avg 4-5 hits Stealth (6) The hacker will need from 2-4 passes to hack into the system, on a fast hack the system will run analyze each try for the extended threshold. It will only take 2 or 3 passes for the system to spot the hacker. Once this is done, the system can drop link to the Hacker (looses all his work), then will be on Alert status providing it +4 to its Firewall. |
||
|
|
|
||
|
Jan 7 2008, 04:21 PM
Post
#3
|
|
|
Moving Target Group: Members Posts: 715 Joined: 4-September 05 From: Metaplane GEPLK136 (The one with the lizards. You remember the lizards, don't you?) Member No.: 7,684 |
I doubt that would apply to commlinks, as they are full fledged computers that may very well have legitimate uses for other levels of access. Think corporate computers for traveling salesmen, for instance. You want your IT security to be able to lock the device down and make sure it stays secure even if your salesman is likely to download some garbage from the matrix, so you don't give him full access.
Drones would likely have other access levels as well. For instance, I could see corporations allowing every security grunt to have "read only" access to the drones to get tactical information, while only the security riggers get full command access (admin) Admin-only I tend to think applies to "simple" devices -- like toasters, MP3-playing underwear, and other things that do not have a stat listing for either pilot or system. |
|
|
|
|
Jan 7 2008, 06:51 PM
Post
#4
|
|||
|
Immoral Elf Group: Members Posts: 15,247 Joined: 29-March 02 From: Grimy Pete's Bar & Laundromat Member No.: 2,486 |
I disagree. In my opinion, Commlinks typically only come with Admin Access. |
||
|
|
|
||
|
Jan 7 2008, 06:56 PM
Post
#5
|
|
|
Moving Target Group: Members Posts: 698 Joined: 26-October 06 From: Iowa, United States Member No.: 9,720 |
The salesmen would log onto his companies network. Not have all the companies data on his commlink.. Unless he door-to-doors in a deadzone, in which case its really not a problem at all. As to drones they can give a readout without providing access, just as you can link your cybereyes input to teammates without them controlling your eyes.
So yes, I think when these were written it was very much intended for drones/commlinks/vehicles... Most drones/vehicles though don't have analyze or systems very high. I think the ruling is they use pilot for everything, so upping your pilot is useful to protect it, but it already comes with a +6 due to ADMIN only. Anyways don't want to argue, I want more rules that have been overlooked in the books! (I'll get the exact page/quote out of the book when I get home, so I can update my prior post) |
|
|
|
|
Jan 7 2008, 07:46 PM
Post
#6
|
|||||
|
Man Behind the Curtain Group: Admin Posts: 14,868 Joined: 2-July 89 From: End of the Yellow-Brick Road Member No.: 3 |
I would have to agree with Feshy. Even my pda phone has two levels of access. There is no reason to think that a comlink would have a poor security model as to have only one level of access. |
||||
|
|
|
||||
|
Jan 7 2008, 08:35 PM
Post
#7
|
|||||||
|
Target Group: Members Posts: 56 Joined: 19-July 07 Member No.: 12,304 |
In SR, a "poor security model" is actually superior to the known "best practice" of having multiple accounts. This is primarily because once a Hacker has attained any access at all, it's relatively trivial for them to acquire Admin status without raising an alarm. If you don't mind that the Hackers are all a Complex Action or two away from having Admin with little to no consequence, that's fine. If you do feel this is a bit undesired, either insist that most devices only have one user account (Admin) or change the rules for ratcheting up access levels once hacked inside. |
||||||
|
|
|
||||||
|
Jan 7 2008, 09:05 PM
Post
#8
|
|
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
How do you figure that raising your access level is easier once you're inside? All that hacking yourself access at Public level before you hack yourself Security or Admin access does, is throw in an extra hacking attempt during which you may be detected. |
|
|
|
|
Jan 7 2008, 09:37 PM
Post
#9
|
|
|
Immoral Elf Group: Members Posts: 15,247 Joined: 29-March 02 From: Grimy Pete's Bar & Laundromat Member No.: 2,486 |
I don't see what is to be gained from a normal commlink having more than Admin level access.
Oh, and knasser ... I was under the impression (through your pdf stuff) that you were in agreement about commlinks and admin access. Hmm ... |
|
|
|
|
Jan 7 2008, 10:11 PM
Post
#10
|
|||
|
Great Dragon Group: Members Posts: 7,089 Joined: 4-October 05 Member No.: 7,813 |
you just edit the account list, of course... which is going to be a simple hacking + edit test, since it likely isn't something your hacked account is allowed to do. |
||
|
|
|
||
|
Jan 7 2008, 10:19 PM
Post
#11
|
|||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
I didn't disagree with the idea of commlinks only having one security level in that post. I only commented that having hacked your way into a system at a lower level didn't do much to help you then hack it at a higher level. About the only advantage I can see is if it let you move to a different part of the network where no IC was currently residing, so you could hack in peace. However, that would be of limited value in my networks. Usually I set my networks up so that logical groups of nodes share access permissions, but when you come to a logically distinct area, you may have to make a new hack attempt. An example would be two separate offices owned by the same company that shared some matrix resources, but not all. I've never had much difficulty in pitching the difficulty of hacking a network about where I want. Usually, I only make it moderately difficult, knowing that I can complicate things further if I need to. Once a node has detected the presence of a hacker, there are so many things it can do to make things difficult that it gets silly. Amateurs care about breaking into a node. The pros care about do so without being noticed while they do it. And the masters care about not being noticed after they're gone. ;) It's a bit of a judgement call on commlinks and access levels. You could use an example of how many people today have phones that are tied to a particular network provider. The user does not have Admin access to their phone. But regardless of whether or not there is an Admin level to the commlink, if the user can get their data in and out, make calls, etc. with just the user level access, then so can the hacker. With simple devices, it's harder to determine the functional differences between Public, Security and Administration. You have to either round up or round down, really. The name "public" encourages you to round up for most things that aren't publically accessible, but that has the negative effect of making your auto-fridge conceptually harder to hack than an office computer network. I tend to solve this by making it a non-issue. E.g. the fridge is not really a node, it is a device that is subscribed to your house node and it is the house node which is an entity that you hack. Then it becomes simple - the Hacker hacks the house node and if they want to defrost your fridge while you're out, they need user / public access because that's what you would normally need as a user to do this. If I want to turn off the alarm system, you'll be wanting Security access. And if you want to add a new user account to the household so you can live there while the owner's on holiday... that's Admin. |
||
|
|
|
||
|
Jan 7 2008, 10:31 PM
Post
#12
|
|||||
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
Maybe in your game. But a public user doesn't have the access rights to that sort of data in my game. There's no boot strapping. The rules in SR are abstract. They need to be as we're dealing with computer technology over sixty-years in the future. If someone is getting themself security level access to a system, then maybe one way they would do that is to hack an account list, but that attempt is a hack attempt at the node and we have rules for that. It's certainly not a generic Edit test (for which the book gives example such as changing text documents, graphics, video, transferring files, etc), unless the GM says "by the way, there's a file in this node that lists who's an Administrator. Do you want to add your name?" You're falling into a trap of adjusting the rules to fit an overly-developed guess at how the Matrix would work. And it's also a way that I don't think the Matrix would work, anyway. |
||||
|
|
|
||||
|
Jan 7 2008, 10:38 PM
Post
#13
|
|
|
Great Dragon Group: Members Posts: 7,089 Joined: 4-October 05 Member No.: 7,813 |
i agree with you conceptually (that is, i agree that the rules *should* work like that), but i'm not sure that they do. iirc, you can attempt any test while in a node. if you are acting within the privileges of your account, you use your computer skill. if you are going beyond them, you use hacking.
i certainly can understand *why* you wouldn't want to allow that kind of nonsense though. |
|
|
|
|
Jan 7 2008, 10:44 PM
Post
#14
|
|
|
Technomancer Group: Retired Admins Posts: 4,638 Joined: 2-October 02 From: Champaign, IL Member No.: 3,374 |
For what it's worth, I think it would be a Hacking + Edit test but, because a general user account wouldn't have access rights to that file, the system would get to try and detect either (a) the change or (b) the action that's causing the change or © both, depending on how strict the security is going to be.
I've even run some extremely secure hosts as systems which continue to add any new hits on analyze tests to the original hits to prevent hacking (whether on the fly or probing the target) which has almost always made things very tense on the team's hacker! |
|
|
|
|
Jan 7 2008, 11:07 PM
Post
#15
|
|
|
Shadow Cartographer Group: Members Posts: 3,737 Joined: 2-June 06 From: Secret Tunnels under the UK (South West) Member No.: 8,636 |
@Jain: Okay, well I guess we're allowed to play differently. :) There are lots of easy fluff explanations for any particular Matrix rules, though. So I see no need to let someone with a few preconceptions about how computers work alter elements of the rules. @Dashifen: By the time you've added in those counter-tests, it's starting to look a lot like the original hacking on the fly rules anyway. ;) One important difference between the Internet of today and the Matrix of tomorrow, is that today we deal with static files. A video is a video, an access list is an access list. In the Matrix, we're living in an always-on, distributed computing, post-DRM, post-P2P, post-Virutalisation re-designed from the bottom up infrastructure. Static files are a thing of the past. I envisage almost everything as a running process, handed from node to node (I also picture the Matrix 2.0 to have strong countermeasures built into it to prevent runaway replication). This is why agents can travel from node to node, editing a file is akin to interacting with a separate program. It's why IC can be embedded in a file to prevent it being copied. I can zip up an entire virtual machine as a file and send it to you, complete with all the installed preferences, programs and conceivably processes. It's a small step from there to making the freezing and re-starting of that virtual machine invisible to the user. With SR2070's cannon technology, we can justify, and justify very well, any aspect of the Matrix rules we like. Long-winded way of saying if any player thinks they're going to type their account name into a permissions file somewhere and become an Admin, they're out of luck. ;) -K. |
|
|
|
|
Jan 7 2008, 11:33 PM
Post
#16
|
|
|
Running Target Group: Members Posts: 1,416 Joined: 4-March 06 From: Albuquerque Member No.: 8,334 |
So I'm fairly knowledgeable on computers, but only basic info on networking security, so decided to ask a buddy of mine who knows more than is probably healthy on networking and security. I specifically asked why it'd be easier to upgrade access once inside as opposed to attacking the higher level from the outside directly. This is basically what he told me:
When attacking from the outside, you're basically fighting a login prompt. One way or the other, you have to pass that. Generally speaking, user access will be easier to get to due to social engineering and such, and because general users frankly don't pick good passwords as a rule. Admin access is typically harder to break through simply because the passwords are generally much better. (Obviously only talking general, not specific people right now) Once inside however, even at the user level, now you have access to the OS, the programs, whatever. There are more points of exploitation, more things you can use against the system to help give you more access. So basically, yes, when you're inside, apparently it would be easier to get more access. The exact hows and whys are subject to interpretation and fluff, but the mechanics should show that it's slightly easier from inside than out. Interior walls of a house are never as sturdy as the exterior walls is a good analogy I guess... |
|
|
|
|
Jan 7 2008, 11:43 PM
Post
#17
|
|||
|
Moving Target Group: Members Posts: 698 Joined: 26-October 06 From: Iowa, United States Member No.: 9,720 |
I assume this is how people are bumping themselves up a level. Since this is the closest it comes to saying its possible. But this is an output only, not a file. Basically if they are printing out information on you, you can intercept and edit the "No Record" to read your information. But it doesn't put you in the system, you only exist for that one time it is being referenced. Basic users wouldn't have access to the admin user list, so it makes no sense for someone to edit them in. The only way to do that is to be Admin level, then you'd be able to do that. That's how you make a back door. You can only edit what you have access to, Security has access to video feeds, but they aren't allowed to change them, thats a hacking edit. Edit doesn't give you access, only exploit, so you can't Edit your way into a system. Also I added the page reference for the access above, its short, and just one of those "Oh yeah, and this" type lines. |
||
|
|
|
||
|
Jan 8 2008, 05:16 AM
Post
#18
|
|
|
Mr. Johnson Group: Dumpshocked Posts: 3,148 Joined: 27-February 06 From: UCAS Member No.: 8,314 |
Okay, let's take a crack at it. Some of these are just things I discovered after running the game for a while, and kinda surprised me.
|
|
|
|
|
Jan 8 2008, 05:44 AM
Post
#19
|
|
|
Dragon Group: Members Posts: 4,664 Joined: 21-September 04 From: Arvada, CO Member No.: 6,686 |
Wheres that stand up rule?
|
|
|
|
|
Jan 8 2008, 07:59 AM
Post
#20
|
|||
|
Street Doc Group: Admin Posts: 3,508 Joined: 2-March 04 From: Neverwhere Member No.: 6,114 |
This is interesting. I think in my game I would allow the PC to add dice equal to the net hits on a Con+Charisma test... |
||
|
|
|
||
|
Jan 8 2008, 09:14 AM
Post
#21
|
|
|
Awakened Asset Group: Members Posts: 4,464 Joined: 9-April 05 From: AGS, North German League Member No.: 7,309 |
The basic (and really obscure to me) problem is that everyone is checking the integrity of your SIN. The part where they check if YOU match up with YOUR SIN is actually left alone.
How can the whole economic system be based on a number that does nothing for business except linking data (can be done without SIN today), and that basically noone has trust in? Plus, I calculated that a rating 6 SIN will fail against a rating 1 scanner about 3% of the time. |
|
|
|
|
Jan 8 2008, 04:48 PM
Post
#22
|
|
|
Great Dragon Group: Members Posts: 5,537 Joined: 27-August 06 From: Albuquerque NM Member No.: 9,234 |
No SR designer would have passed a basic statistics class.
|
|
|
|
|
Jan 8 2008, 05:39 PM
Post
#23
|
|||
|
Mr. Johnson Group: Dumpshocked Posts: 3,148 Joined: 27-February 06 From: UCAS Member No.: 8,314 |
In the section on actions in the chapter on combat. Let's see, page ... hang on, my PDF is still loading ... page 137 in your hymnal. |
||
|
|
|
||
|
Jan 8 2008, 05:40 PM
Post
#24
|
|||||
|
Mr. Johnson Group: Dumpshocked Posts: 3,148 Joined: 27-February 06 From: UCAS Member No.: 8,314 |
Actually, I like the system, and wouldn't be surprised if this was intentional. Fake identities should be more like commodities and less like real estate, at least in my opinion. |
||||
|
|
|
||||
|
Jan 8 2008, 06:00 PM
Post
#25
|
|||
|
Genuine Artificial Intelligence Group: Members Posts: 4,019 Joined: 12-June 03 Member No.: 4,715 |
Cheap ones should, but reliable ones should be vaguely reliable. If a rating 6 fake SIN fails against a rating 1 scanner 3% of the time, then buying a frozen burrito once per day from the stuffer shack with no other activity whatsoever means the best of the best fake ID will fail 60% of the time within a month under the lightest scrutiny. Boo. |
||
|
|
|
||
|
|
Lo-Fi Version | Time is now: 12th April 2022 - 06:03 AM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.