How vulnerable is Wireless Equipment? Options

[Jonny Reload]

Reading about Hackers now in SR4th edition, I couldn't exactly find in the book WHAT is the limit of things they can wirelessly hack... Does this include things like your Thermal Vision Goggles, or can he make you punch yourself with your Cyberarm?

I mean normally people would say that you'd have to be very close in order to hack that person's equipment due to the signal strength but you could just use a Signal Relaying Drone to get around that problem right?

Just trying to get a feel for what I should be warning my players about before they all start buying equipment without Wireless functionality.

[ornot]

There are reportedly going to be more rules on hacking 'ware in Unwired, so until that comes out to clarify things it's worth taking things on DS with the odd pinch of salt. What follows is my interpretation of what could be done.

In answer to your example; I would allow a hacker to interfere with night vision goggles, imposing a dice pool penalty on the user until they pulled them off or rebooted them. A cyberarm couldn't be used to punch it's owner, as it has no autonomous capacity (it won't drag it's unconcious owner out of danger, for example). A hacker could inflict a dice pool penalty by hacking a cyberarm, and messing with the sensitivity settings or sending conflicting signals or some such fluff. Basically the worst In would do is impose a dice pool penalty up to about a -4, based on what the hacker wanted to do, how clever they were about describing it, and how many hits they got in their edit or attack (or whatever appropriate programme) test.

As far as actually being in a position to hack someone's 'ware or gear, you first have to compromise their commlink through an exploit programme, or at the very least spoof it, so the 'ware will actually add your 'link to its subscription list. If the user or any IC they're running notice this through analyse, they can interfere (resolve matrix combat) or move out of signal range of your relay drone (or just shoot the fragger) dumping you from their PAN. Once you're into their system then you can run whatever programmes you think will interfere. Of course, at this stage the victim can shut down their commlink, or reboot their 'ware or gear, removing the penalty for being hacked, as well as any AR boni they get from their 'ware or gear. This takes a simple action or more if they are not using DNI or trodes to control their PAN.

As far as players being suspicious about wireless functionality, I have the same problem with some of mine. One skinlinks all his gear and sets his 'link to 0 signal, forgoing any AR benefits he might get from the rest of the team. Another just has virtually no wireless gear, but since he has Gremlins 4, even the stuff he does have doesn't work half the time.

[Shiloh]

A properly set up and defended VR net including datafeeds from drones and everyones augmentations can be very useful. The only receiving wireless nodes should be as tough to hack as you can make them, and incorporate layered defenses. Pretty much everything else should aim to be Skinlinked or DNI, with any wireless capacity turned *off* via hardware switch, Skinlink or DNI.

I think Skinlink is the answer to whether you can hack goggles or not.

[Beetle]

I had been wondering this myself. I think it says in the BBB anything with a wireless signal could be hacked, but doesn't give rules for hacking gear and ware. Alternately short of a skin link I was curious if it really mattered or not if the ware had a signal big enough to just interact with your PAN. Taking into account of the signal rating of your comm, wouldn't anything broadcasting within it's broadcast range be a viable target?

I'm really hoping Unwired explains all of this like mentioned above. For now I'm not messing with it in my own games short of technomancer fluff that doesn't affect the players.

[Shiloh]

I had been wondering this myself. I think it says in the BBB anything with a wireless signal could be hacked, but doesn't give rules for hacking gear and ware...

It's been suggested that anything without a rating has Rating 3. Once you've got Analyse and Firewall software, it should probably be running in every node (at 3, where node limits apply), just for Intrusion Detection purposes. Think of it like memory-resident Antivirus in computers behind a firewall.

[deek]

I mean normally people would say that you'd have to be very close in order to hack that person's equipment due to the signal strength but you could just use a Signal Relaying Drone to get around that problem right?

It doesn't take a hacker to continually scan for wireless signals in your vicinity. Assuming that relay drone couldn't be hidden when transmitting, that would basically pop up on everyone's HUD as soon as it gets within signal range, so you still have an issue.

I mean, even if it was a micro drone, that should be pretty easy to detect if an enemy hacker is trying to use that as a relay device...

[JoelHalpern]

But why does the hacker need a Drone to reach you?
Everyone is one the net. That seems to be the whole point of the definitions.
It would seem therefore that if the hacker knows where you are in the network, he should be able to reach you and hack your commlink. Having hacked your commlink, he can then hack anything else skinlinked or within wireless range of that.
The difference Skinlink makes is that even if the hacker can find another wireless node near enough to you to normally be able to pick up gear signals, he still can't. (And skinlink is dirt cheap, so do it anyway.)

Otherwise, we end up back in the rules from early editions where you had to hack your way through the phone network to get to your target system. The RAW for 4th edition seems designed to get us out of that morass.

Yours,
JoelHalpern

[Rotbart van Dain...]

Actually, hopping nodes is RAW.

[Shiloh]

But why does the hacker need a Drone to reach you?
Everyone is one the net. That seems to be the whole point of the definitions.

Not quite. You can have an active ARNet within a Team without the Wireless Web knowing where you are, or you registering a presence on it. So even if there's a node of Matrix 2.0 that a hacker could jump off from, your gear might not be in range of it, even if it were turned on. Signal rating 0 means you have to be quite close to scan it out if it's hidden; *that*'s what the crawler relay drone is for: sneaking close enough to get within range o f any short-range devices that are still on.

It would seem therefore that if the hacker knows where you are in the network, he should be able to reach you and hack your commlink. Having hacked your commlink, he can then hack anything else skinlinked or within wireless range of that.

That's true if your net-connected commlink is connected to your other equipment.

[ornot]

But why does the hacker need a Drone to reach you?
Everyone is one the net. That seems to be the whole point of the definitions.
It would seem therefore that if the hacker knows where you are in the network, he should be able to reach you and hack your commlink. Having hacked your commlink, he can then hack anything else skinlinked or within wireless range of that.
The difference Skinlink makes is that even if the hacker can find another wireless node near enough to you to normally be able to pick up gear signals, he still can't. (And skinlink is dirt cheap, so do it anyway.)

Otherwise, we end up back in the rules from early editions where you had to hack your way through the phone network to get to your target system. The RAW for 4th edition seems designed to get us out of that morass.

Yours,
JoelHalpern

I think the assumption is that the hacker is trying to directly hack the 'ware or the gear in question.

Usually the commlink will have the most security since it has the highest signal, and routinely interacts with the local wireless network, through which it can be hacked. However'ware and gear will still have a wireless signal which a relay drone would allow you to access, thereby bypassing the security on the commlink, although this is really up to the GM at present, as the rules for hacking 'ware are sketchy.

As you say, skinlinking all your gear protects against this, but it is an investment of nuyen, and it depends on how security concious your runner is.

[deek]

I still find it hard to believe that an active node within 3m of the team is going to stay unnoticed, no matter how physically small or hidden it is.

[ornot]

I agree. If it is actively pinging the runner's network it would show up as a node, if he bothers to make a matrix perception check. Which is why I suggested that as soon as he realises someone is hacking him he can move out of range of the drone or shoot it. This is why even if your gear is not skinlinked you're reasonably safe from being hacked except through your commlink. In the heat of battle it might give the hacker's team an edge though, as the target has to faff with his PAN settings.

[Shiloh]

I agree. If it is actively pinging the runner's network it would show up as a node, if he bothers to make a matrix perception check.

Matrix perception checks take time. Better to have every node loaded with Firewall and Analyse so the character doesn't need to make a perception check that they might not have time for; their gear will do it for them... Better still to have your stuff inaccessible. Why would you leave the wireless connection on your cyberarm on? It's hooked into your meat nerves for use and control; the wireless is so your tech can access the diagnostics without needing to breach the synthskin. If (you or) it gets garked badly enough that you can't use the DNI to activate the wireless again, a little scalpel incision can access a jackport, but otherwise, WiNet is more convenient.

Which is why I suggested that as soon as he realises someone is hacking him he can move out of range of the drone or shoot it. This is why even if your gear is not skinlinked you're reasonably safe from being hacked except through your commlink. In the heat of battle it might give the hacker's team an edge though, as the target has to faff with his PAN settings.

In the heat of battle, who has time to do Matrix Perception tests on every bit of C-ware and combat augmentation tech every round? Even if you have a decker, they will often be too busy to run signal scans to find stealthy nodes, or they'll find several and not be able to tell without further action which is offensive and which are just sending normal HELO packets and offering comms (that's the enemy hacker's Stealth/Spoof/Exploit pool vs the examini) . Turn it off, turn it off or get hacked. It only has to happen once and you are (potentially) *hosed* good and dead when the enemy Edits you out of the access/subscription list of your cybereyes.

[ornot]

I think you misunderstood me slightly.

The matrix perception check is to notice that there is a node close by, before the hacker has even attempted to use said node as a bridge into the runner's 'ware or gear. If he does spot it he can act to move out of range or destroy the drone before the hacker can attempt to exploit his PAN. When the hacker makes his exploit attempt, then the runner's firewall and analyse gets a chance to spot the incursion, and if it does it will flag it up to the runner. He can then move out of range of the node the hacker's signal is coming from, or blast it.

I agree that 'ware's wireless should be able to be turned off, to prevent hacking, but I'll wait until Unwired comes out before making any definite judgement. As it is, lacking any hard rules for hacking 'ware, I intend to leave it inflicting a dice penalty akin to the AR dice bonus you can acquire, which can still be crippling, but isn't an instant death sentence.

With regards to your specific example; I wouldn't allow a hacker to blind you by effectively shutting down a set of cyber eyes. What they could do to them is edit the subscription list to remove your smartlinked Predator, (-2 dice) or change the vision mode from lowlight to regular (hello visibility penalties).

[Magus]

I think you misunderstood me slightly.

The matrix perception check is to notice that there is a node close by, before the hacker has even attempted to use said node as a bridge into the runner's 'ware or gear. If he does spot it he can act to move out of range or destroy the drone before the hacker can attempt to exploit his PAN. When the hacker makes his exploit attempt, then the runner's firewall and analyse gets a chance to spot the incursion, and if it does it will flag it up to the runner. He can then move out of range of the node the hacker's signal is coming from, or blast it.

I agree that 'ware's wireless should be able to be turned off, to prevent hacking, but I'll wait until Unwired comes out before making any definite judgement. As it is, lacking any hard rules for hacking 'ware, I intend to leave it inflicting a dice penalty akin to the AR dice bonus you can acquire, which can still be crippling, but isn't an instant death sentence.

With regards to your specific example; I wouldn't allow a hacker to blind you by effectively shutting down a set of cyber eyes. What they could do to them is edit the subscription list to remove your smartlinked Predator, (-2 dice) or change the vision mode from lowlight to regular (hello visibility penalties).

Technically a Hacker could turn off your cybereyes or start to run the diagnostic readouts over your eyes thus blocking out your vision or maybe just causing a distraction and visibility die mod.

But yes a hacker can effectively turn off any piece of ware that is emitting a wireless signal.

[Aaron]

But yes a hacker can effectively turn off any piece of ware that is emitting a wireless signal.

Or connected/subscribed to a device that is emitting a wireless signal.

[deek]

But yes a hacker can effectively turn off any piece of ware that is emitting a wireless signal.

I think this is a question to ask the GM at your specific table. The reason why I say this is that turning off eyes would need to be something that can actually be done by the device. I don't think I would say turning this device off, is a normal function of the cybereyes. Reboot? Maybe, but it would be so quick that I'd only apply a -1/-2 modifier at best.

If you GM is thorough, s/he probably has a mental list of what most devices are capable of doing and won't let a hacker go beyond those functions just because conceptually it could work that way.

[Magus]

I think this is a question to ask the GM at your specific table. The reason why I say this is that turning off eyes would need to be something that can actually be done by the device. I don't think I would say turning this device off, is a normal function of the cybereyes. Reboot? Maybe, but it would be so quick that I'd only apply a -1/-2 modifier at best.

If you GM is thorough, s/he probably has a mental list of what most devices are capable of doing and won't let a hacker go beyond those functions just because conceptually it could work that way.

Technically if you can reboot a device you can power it off. Plus when you go in for maintenace on any of your 'ware, which you need to do as this may or may not be covered within your lifestyle costs. But the cyberdoc would be able to turn off the device if it needed to be repaired in some fashion. Not only a reboot to upload software/OS upgrades, but a full shutdown to add new hardware or fix damaged hardware.
This is why most cyberware only has an admin level security access.

[Fortune]

Better to have every node loaded with Firewall and Analyse so the character doesn't need to make a perception check that they might not have time for; their gear will do it for them...

I'm confused.

It is my understanding that Analyze is a Program. In order for it to be utilized, a character would either have to actively use it himself (Skill + Program test) or have an Agent do it for him (Agent Rating + Program test). I am unaware of any rules or even fluff that depicts the Analyze Program as being able to just sit on a node and run itself, but then again I really suck at all this Matrix crap.

[deek]

I'm confused.

It is my understanding that Analyze is a Program. In order for it to be utilized, a character would either have to actively use it himself (Skill + Program test) or have an Agent do it for him (Agent Rating + Program test). I am unaware of any rules or even fluff that depicts the Analyze Program as being able to just sit on a node and run itself, but then again I really suck at all this Matrix crap.

Bottom of page 217, last paragraph on the page.

When you are accessing a node, you may set your Analyze
program to automatically scan and detect other users/icons on
that node with a Simple Action. A successful scan will be reported
to you.

Unless that has been errata'd...

[deek]

Technically if you can reboot a device you can power it off. Plus when you go in for maintenace on any of your 'ware, which you need to do as this may or may not be covered within your lifestyle costs. But the cyberdoc would be able to turn off the device if it needed to be repaired in some fashion. Not only a reboot to upload software/OS upgrades, but a full shutdown to add new hardware or fix damaged hardware.
This is why most cyberware only has an admin level security access.

Again, I'd check with your GM. I run it that the cyberdoc would "unplug" the device and removing the power would shut it off. There's no software switch to do that. We are not talking about a flashlight here, but a cybernetic implant that's connected to your nervous system. It makes sense that once its installed, its always on.

And a reboot would be fractions of a second, in my mind. Therefore, it would only give a minor penalty.

[JoelHalpern]

I'm confused.

It is my understanding that Analyze is a Program. In order for it to be utilized, a character would either have to actively use it himself (Skill + Program test) or have an Agent do it for him (Agent Rating + Program test). I am unaware of any rules or even fluff that depicts the Analyze Program as being able to just sit on a node and run itself, but then again I really suck at all this Matrix crap.

I would normally agree with you Fortune. (Which is why I think a node needs IC in order to use an Attack program against a detected attacker.)

However, in this particular regard, BBB pg. 221 in the seciton on Breaking In explicitly states that the Node gets an "Analyze + Firewall" test against a threshold of the intruder's stealth to detect an intruder. (For Hacking on the Fly, the node gets a test every IP, presumably cumulative. For Probing the Target, the node gets one test when you actually go in.)
So the text is clearly stating that there is no need for IC or Human to have this test. Which makes sense since otherwise nodes without IC would be completely unable to detect intrusions at all.

Yours,
Joel Halpern

[Fortune]

Thanks. I went and found the damn references, which it turns out I did know about after all, but with it being an exception to the general order of things, I promptly put aside and forgot. (IMG:style_emoticons/default/embarrassed.gif)

So, is Analyze in fact the only Program that can be utilized in this manner? This manner being the ability to sit all alone in a node and combine with Firewall to make tests.

[Rotbart van Dain...]

No, every program can - that's detailed in the Programs section.

[JoelHalpern]

No, every program can - that's detailed in the Programs section.

I was writing a longer response to Rotbart, and reread the BBB.
There is a word tucked into the top of page 226:
"Note that if a node, agent, IC program, or sprite is running the program, substitute the System (rating) for skill."

This would suggest that a node can run programs without needing IC!?

However, this raises two problems of its own:
1) It refers to sprites, and we know that sprites, like technomanges, can not directly use programs.
2) Then what is IC for? It is very expensive stuff just for the opportunity to take a roll to detect intruders. Since the IC can not be higher rating than the System of the node it is running on, the only capability IC would give you is the extra detection roles, based on GM whim.

There are two models I can imagine that allow nodes to run software, but still make use of IC. One model is where the node and the IC can both attack the intruder. The other approach would be to consider that the IC is actually running on another node with a higher System (say a rating 6 ssecurity system supervising a bunch of rating 3 and 4 systems.
The problem with both of those is that it gets rapidly into the armies of IC problem. Meaning that hackers MUST remain undetected, as the defensive swarm will overcome the hacker.