Unwired: Not Happy, Taking requests Options

[FrankTrollman]

I see the biggest advantage of Trodes to be relative privacy. That is, anything you send to your brain has to be sent in metahuman brain format, so it's essentially unencrypted as far as anyone listening is concerned. So if you send data to your brain with a wireless device, then even if you've been really good about cryptography up to that point your secrets are totally out in the open. On the other hand, if you send to your brain with a trode set, then the very low signal power of the trodes makes listening in very difficult. Having your commlink send the data directly into your brain is the equivalent of projecting your emails onto the side of a building so that you can read them.

Data can be encrypted all the way up to the point where you actually have to access it yourself. So it is imperative that the transmission mode into your actual brain be relatively private. Either by having a very low signal strength (trodes), or by being a direct wired connection (datajack). Otherwise everyone can read your mail.

-Frank

[Fuchs]

Which is why I think internal commlinks will be very popular, contrary to the fluff in Unwired.

I'd also think that the fluff intro to L.A. in Corporate Enclaves showed how stupid manual controls are for commlinks compared to mental controls via DNI.

[Leofski]

I can't see internal commlinks ever being hugely popular with the masses, what with it requiring reasonably extensive brain surgery to install. Now, the actual wiring may be only slightly more complex than a jack, but the psychological effects and scarring are significantly larger, not to mention needing to go back on the table if you ever need an upgrade. On the other hand, a wireless DNI plug-in sounds wholy feasible, if not necessarily sensible for runners or other people with a mind on security.

On similar grounds, I can never see cybereyes becoming hugely popular, outside of very specific circles. I mean, think about it. You're having your eyes ripped out, all for the promise of zoom and slightly better resolution? Call me insecure in my identity, but I'm rather attached to my eyes. I've had them all my life. Even in terms of applications, eyes suffer (except, ironically, for mages) as glasses and lenses possess nearly all the same functions whilst being significantly more disposable, a major advantage in most criminal and some military work

[Rotbart van Dain...]

I can't see internal commlinks ever being hugely popular with the masses, what with it requiring reasonably extensive brain surgery to install.

Per main book, it is 'popular with hackers and salarymen on the go'.

Sure, Unwired tries to claim that since Emergence, they aren't anymore... but all it does is make Emergence look more silly: The whole upper and middle class of corporate citizens had radio brains to begin with.

[Malicant]

And now internal comlinks are a social stigma. Trends change.

[FrankTrollman]

I think that the flavor text I'm going for there is that hidden Commlinks are considered to be somewhat threatening, rather than being uncool. Build it into the whole hidden mode scare. The idea is that if you're running around in modern society you do have a network. So if people can't see your network, the assumption is that you have something to hide rather than that you just are a cheap bastard who doesn't have a netwok assignment.

Frankly, since commlinks themselves, like ipods and the like are frequently carried in pockets and just generally invisible anyway, people can't really tell on a daily basis if you have an internal commlink. You have an active network, and whether it's coming from a commlink internal to your jacket, a commlink that is internal to your brain, or a commlink that is spontaneously generated by your resonance powers is just impossible to tell. So I sincerely doubt that normal people will get freaked out about that aspect because they can't tell the difference.

But the hidden network thing, that'll freak people out. They know you have a network because you're filtering out enough McHugh's Ads that you can walk around with confidence. So if they can't see your network, they'll get kind of edgy, and rightfully so.

---

So what do people think of the idea of Technomantic networks being inherently hidden? By making the technomantic network difficult to see, you make it inherently threatening to the common man, thereby retroactively making a lot of the statements in Emergence make a lot more sense. And I would like to maintain compatibility with the fluff books as much as possible.

-Frank

[RunnerPaul]

On the other hand, a wireless DNI plug-in sounds wholy feasible, if not necessarily sensible for runners or other people with a mind on security.

In other words, the humble datajack. And though SR4 datajacks are wireless-enabled like most other headware cyberimplants, they do actually retain a jackport for backwards compatabilty with stuff that's expecting to connect via fiber-optic cable and as a general convenience for sensible, security-minded people.



====================

So what do people think of the idea of Technomantic networks being inherently hidden? By making the technomantic network difficult to see, you make it inherently threatening to the common man, thereby retroactively making a lot of the statements in Emergence make a lot more sense. And I would like to maintain compatibility with the fluff books as much as possible.

It certainly makes sense, as long as they're not completely invisible. They get enough of a free break in that regard by being at connection range with systems in their signal range, but untouchable by those systems' firewalls until taking an action on those systems.

[Rotbart van Dain...]

And now internal comlinks are a social stigma. Trends change.

Not really - even if one is to to accept Emergence's premise as outlined, it just made them cooler. Additionally to make people envious, it now makes them afraid.
Those who had and have them are the one that make decisions and those that don't... don't.

Sure, there were some people that tried to touch their boss and they were made an example off. Now, someone that doesn't need to lug around a clunky external commlink and stuff is not someone a lowlife can touch - either he's way up the social ladder or he is a monster in human skin... most likely, both at the same time. The only hope is not to get involved.

[Rotbart van Dain...]

In other words, the humble datajack. And though SR4 datajacks are wireless-enabled like most other headware cyberimplants, they do actually retain a jackport for backwards compatabilty with stuff that's expecting to connect via fiber-optic cable and as a general convenience for sensible, security-minded people.

Actually, a datajack is a security nightmare. It gives everyone plug-in access to your brain and implants... than can even superseede DNI.

[FrankTrollman]

Actually, a datajack is a security nightmare. It gives everyone plug-in access to your brain and implants... than can even superseede DNI.

It can't supersede a DNI because it is a DNI. But the big problem with 4th edition Shadowrun tech is that anyone can turn on a set of trodes or even some nanite dust and get direct access to their brain and implants. Instantaneously, with no implants or anything on your end at all. As Unwired said, it's not Plug and Play anymore, it's just Play. So basically you're in a security nightmare all the time where anyone can get access to the brain and implants of anyone at any time.

Getting security of any sort in a world with that kind of technology is a headache and requires a fair reserve of handwavium. The Unwired solution is to say that Trodes and such only work when "you" turn them on "yourself" - which is very gamist logic. The idea is basically that you have to sign the Devil's contract before you can be afflicted by the black magic of the Matrix. Personally, I find that completely unsatisfactory. I'm going for something more like this draft section:

---

Hacking in a World of Perfect Encryption
“We estimate that we can crack this faster by waiting a few years for comuters to become faster and then starting the project on the new generation of machines.�

Cryptography is a complex thing. But an immutable fact of it is that if you are handed a set of data that has been scrambled by a non-repeating transformation of comparable size, that you cannot decipher it. Not “it's really hard to decipher� or “It'll take you a long time to decipher that� but that in fact you simply can't do it at all. So anyone with sufficient time on their hands and dedication to cryptographic secrecy can make a system that cannot be decrypted under any circumstances. It's called a one-time pad, and while resource intensive it is actually unbreakable. But people generally don't really need codes that can't be broken ever, most people will settle for codes that cannot be broken any time in the next hundred million years. That's the kind of time frame that even the extremely long lived are generally willing to concede that their secrets of today won't matter much once it has passed.

So while it is entirely within everyone's capacity to go out into the street, turn the microphone on super high and record random discordant noise for an hour, then download that hour into their drone as an exceedingly long cypher to get an hour of unbreakably encrypted communications between themselves and their drone – the vast majority of people are willing to accept a less intensive system where their communications are merely unlikely to be decrypted before the sun peters out.

Most secure communications use Essentially Unbreakable Encryption (EUE), a system where the sender and the intended recipient both have a cypher that is overlain on the messages and subsequently removed. The keys used in the 2070s are of variable length, but generally are thousands of bits long, and cannot be expected to be broken by any sort of mathematical attack. In order to attain such levels of security the cypher itself must have been shared at some earlier point between the intended sender and receiver, and it can of course be stolen either during the hand off or at any time that anyone has direct access to any of the computers which store the cypher itself. After all, EUE doesn't make the message completely illegible to anyone but the intended recipient; it makes the message completely unintelligible to anyone who doesn't have the key – not the same thing once espionage comes into the equation.

Vaguely Decent Protection: Asymmetric Encryption
“The algorithms required to decrypt these things are illegal, so no one has them.�

Sending a message of any kind through EUE requires that both the sender and the receiver have a copy of the key. But what if you don't have a prearranged key, how can you communicate with any privacy? The answer is Asymmetric Encryption. Here's how it works: There are a set of mathematical transformations based on one number that are really hard to undo unless you happen to know a specific second number. So your Commcode gives out the first number to anyone who wants it, and then people can send transformed (and thus encrypted) data to you and since you have the magic second number you can reverse those changes very easily.

You can also do this in the reverse order, transforming your message with the secret number and letting the receivers of the message decrypt it with the publicly available number. While this is a fairly useless way to keep information secret, it makes a fairly decent digital signature – in that whoever sent the encrypted message must have known your personal secret number. This is the core of how every Access ID in the Matrix is verified.

Protecting Unencrypted Data: Using Your Inside Voice
“You actually are the weakest link.�

No matter how sweet your encryption is, everyone's brain runs on pretty much the same codes. When each data packet is sent to a metahuman brain, that data is essentially unencrypted. Anyone who can “hear� that transmission can read it. Worse, if someone hears the transmission in brain text and they also had a recording of the encrypted version, they can make a Rosetta stone to decrypt all the rest of your data, which makes all your base belong to them. So it is of no surprise that people in the 2070s attempt to make the actual communications between their brain and the rest of their network be as “quiet� as possible, which is why people use Datajacks, Internal Commlinks, and Trodes. The first two have a directly wired (and shielded) connection between themselves and the brain, while as the last option is merely at very low signal strength and very close to the intended recipient. In any case, these methods of data transfer are very difficult to listen in to, and people generally feel relatively safe sending brain formatted information into their own heads by these means.

Now no data transfer mechanism is truly 100% safe: unscrupulous men can get microtranceivers very close to your trode set and rebroadcast the precious unencrypted information to their own networks. They can compromise the physical hardware of the datajack or the trode net. And so it is that over and above having relatively secure direct neural interfaces, the truly security conscious will endeavor to conduct import communications from the sanctity of rooms that have been cleared of bugs and at special times and places that hopefully opposing spies won't know about – cloak and dagger stuff that has been going on for literally thousands of years and shows no signs of stopping at any time in the future.

-Frank

[Rotbart van Dain...]

It can't supersede a DNI because it is a DNI.

Technically, the wired interface or the wireless can be used to make a hacker gain control over the DNI. Oddly, only the wireless interface can be turned off, making a wired interface a greater risk.

But the big problem with 4th edition Shadowrun tech is that anyone can turn on a set of trodes or even some nanite dust and get direct access to their brain and implants. Instantaneously, with no implants or anything on your end at all.

Nope, as they need to be configured for the specific user... usually by willing feedback from the user.
The datajack however is ready for use & abuse... of course, it's the same problem with trodes you already configured.

[Sma]

On similar grounds, I can never see cybereyes becoming hugely popular, outside of very specific circles. I mean, think about it. You're having your eyes ripped out, all for the promise of zoom and slightly better resolution? Call me insecure in my identity, but I'm rather attached to my eyes. I've had them all my life. Even in terms of applications, eyes suffer (except, ironically, for mages) as glasses and lenses possess nearly all the same functions whilst being significantly more disposable, a major advantage in most criminal and some military work

I´d like to hear the situations where having disposable eyes is a major advantage. (IMG:style_emoticons/default/smile.gif)

While it´s completely understandable that you´re personally reluctant to scoop your eyes out, one of the premises of the cyberpunk genre is that people lop their arms of to replace them with robotic ones. For no other reason than because the new one has a mirror finish. Over the years the shadowrun books have been sufficiently schizophrenic on that point to support any point you´d care to make in that direction.

So what do people think of the idea of Technomantic networks being inherently hidden? By making the technomantic network difficult to see, you make it inherently threatening to the common man, thereby retroactively making a lot of the statements in Emergence make a lot more sense. And I would like to maintain compatibility with the fluff books as much as possible.

Sounds good. Comes with the added benefit of making not everyone freak out all the time when they see someone is in their network. Because while IC might not be able to take action before the technomancer does, everyone else is not restricted from doing so, thus making a stroll through downtown corpville a unreasonably risky proposition for them.

While were on that note. What happens when terminate connection is used on a technomancer.

[JoelHalpern]

@Frank
Not sure where you are trying to go with the Cypto excerpt you just put in.
So I thought I would provide one technical clarification (which you are probably already aware of, but which doesn't match the text.)

You say that good crypto requires preshared keys, and then you talk about asymettric cryptography, and how that is good for identity / signing. If you assume that current mathematics still works, then if you have decent signing, you can establish a dynamic shared key bewtween the two parties. The basic technique does involve a piece of public information, but that can be shared by everyone. Using that, each party generates a number, such that the two people end up with the same key, but nobody else can end up with the key at all. The current art is basically Diffie-Hellman.
The point being that you do not need a presarred key to get a key of arbitrary length with sescurity as good as the signature mechanism.

(I presume that stops working well if you assume, as unwired is reported to,that some set of crypto mathematics has been broken.)

Joel

[JoelHalpern]

One minor clarification request that probably takes about one line in the updated matrix rules.
How does sleeping affect technomancers?
Obviously, to some degree folks sleeping are usually farther away from other folks. (But that isn't always true, for example on airplanes or trains.)
Equally, a normal person would seem to be able to sleep with their comlink on and connected, getting the protection from it.

But, does a technomancer get his automatic protection from his biological systems when he is sleeping?
(I hope he does, but given how careful you are about thinking through the implications of things, I thought I would raise the question.)

Joel

[FrankTrollman]

@Frank
Not sure where you are trying to go with the Cypto excerpt you just put in.
So I thought I would provide one technical clarification (which you are probably already aware of, but which doesn't match the text.)

You say that good crypto requires preshared keys, and then you talk about asymettric cryptography, and how that is good for identity / signing. If you assume that current mathematics still works, then if you have decent signing, you can establish a dynamic shared key bewtween the two parties. The basic technique does involve a piece of public information, but that can be shared by everyone. Using that, each party generates a number, such that the two people end up with the same key, but nobody else can end up with the key at all. The current art is basically Diffie-Hellman.
The point being that you do not need a presarred key to get a key of arbitrary length with sescurity as good as the signature mechanism.

(I presume that stops working well if you assume, as unwired is reported to,that some set of crypto mathematics has been broken.)

Joel

One of the assumptions here is that some of the crypto math has been broken. Pretty much a requirement I think, because otherwise a rational wireless world would have a public key as each commcode, with the owner of the commcode owning the private key. Then digital signing is rock solid, all commcalls are essentially unbreakable, and the cheese stands alone. So what we have to posit to bring back all our cool cloak and dagger stuff is that people have managed to break asymmetric encryption in combat time. Those supposedly one-way transformations can actually be reversed, and then you have to sneak datachips with the codes across enemy lines and shit like it was a film noir spy thriller.

So what this is left with is if you use asymmetric encryption, then you can digitally sign stuff, and you can send and receive messages. And an ordinary user won't be able to forge your digital signature or listen in on your communications. But a law enforcement agency, or for that matter any adept hacker with access to the banned algorithms can. And that's how Hackers spoof Access IDs - by reverse engineering asymmetric encryption keys and digitally signing their data packets with other user's transforms.

I´d like to hear the situations where having disposable eyes is a major advantage.

OK.

As for Technomancers, I'm deeply divided. One of my goals is to stay essentially compatible with the ongoing Shadowrun story, which means among other things to work in details from Emergence as best as can be (since I have the power of retcon, can explain away several of the seeming inconsistencies in Emergence by any of a number of means). One of the things that sticks in my craw is that whoever wrote the Technomancer section of Unwired (presumably Lars) went to great lengths to draw the Technomancy == Magic[/u] parallel that Emergence went to great pains to leave open. I would prefer to work in the Virtua-Kinetic mode of Emergence and keep magic separate.

Unfortunately, while I don't intend to use Unwired as a base, there's still the stone cold fact that Unwired was the latest book, and that future books may be written based on the Technomancer tirades from Unwired. And that means that not including all that crap about DISSONANCE == TOXIC MAGIC!!1! might marginalize things even more. Although hopefully I can get away with it as future supplements will be largely written in-character and having one person or another log on and rant about how Dissonance Technomancers are a threat to the natural order can be written off as in-game zealotry.

It's a tough call. The writer of Unwired's Technomancer chapter really wrote me into a bind there because that's some seriously messed up stuff. I mean, Discordians are a real religion for goodness sakes, and while they very specifically wouldn't care about having a fictional pointless genocidal magic using techno cult named after them, it's still a total dick move on the author's part.

-Frank

[JoelHalpern]

One of the assumptions here is that some of the crypto math has been broken. Pretty much a requirement I think, because otherwise a rational wireless world would have a public key as each commcode, with the owner of the commcode owning the private key. Then digital signing is rock solid, all commcalls are essentially unbreakable, and the cheese stands alone. So what we have to posit to bring back all our cool cloak and dagger stuff is that people have managed to break asymmetric encryption in combat time. Those supposedly one-way transformations can actually be reversed, and then you have to sneak datachips with the codes across enemy lines and shit like it was a film noir spy thriller.

So what this is left with is if you use asymmetric encryption, then you can digitally sign stuff, and you can send and receive messages. And an ordinary user won't be able to forge your digital signature or listen in on your communications. But a law enforcement agency, or for that matter any adept hacker with access to the banned algorithms can. And that's how Hackers spoof Access IDs - by reverse engineering asymmetric encryption keys and digitally signing their data packets with other user's transforms.

Thanks for the explanation Frank. I think I follow it, and it seems to make sense. (I had misunderstood part of your post, I think.)

That seems to lead to the result that really strong encryption is used only in very limited cases.
Something like that does seem necessary to make the setting work.
It leaves the question of how financial transactions can be sufficiently trustworthy on the Matrix for folks to use them for everything day-to-day. (Even corps seem to buy and sell most B2B stuff over the Matrix from the fluff.) But I suppose that becomes a question of handwaving just how easily the broken crypto can be broken, to match the desired effect.

This leads to another minor question that should probably be addressed in your rules. (From the discussions it appears to be something they tried to address in Unwired.) You have a Great Form power to make money. (I asked about the implications of that, and understand the choices. It makes sense.)
THe question is whether a hacker / technomancer without such a great form spirit can reasoanbly safely steal themselves money on a regular basis.
If yes, how much, with what tests?
If no, why not?
I suspect that you can construct an approach that is consistent with what you have to give either answer. It seems sensible to state which one you conclude makes more sense.

Thanks,
Joel

[cryptoknight]

One thing I'd like out of the matrix rules is for the team's hacker to not have to basically risk everything any time he tries something. So every time he tries to just hack a camera, or something simple, he risks of setting off all the alarms. Such systems basically are heavily in favour of being a gunfight generator, since the hacker can't be relied on the pass every hacking role required. So at some point, you can expect the alarms to get set off, and you'll have to kill everyone.

This reminds me of 3rd (or was it 2nd ed) with the security tally... you could screw up a few times and still manage to hack the system without tripping every alarm. They give it a mention as an option rule in unwired too.

[RunnerPaul]

Nope, as they need to be configured for the specific user... usually by willing feedback from the user.

Usually, but not always, even in the defalt setting per the RAW?

[Rotbart van Dain...]

It's not a 'hard rule' - p. 42 explains the proccess a bit.


BTW - Unwired seriously mixes up cyberware's internal connection and DNI.

DNI is a man machine interface, not a network interface - and not to be confused with the internal networking of cyberware:

In addition to wireless functionality, most cyberware devices are equipped with a direct neural interface (DNI) that allows the user to mentally activate and control their functions. They can also be linked to other cyberware implants.

So while hacking one implant will gain you access to the internal network, it doesn't have a thing to do with DNI.
And hacking trodes will get you a DNI, but no connection to implants.

Of course, people that invest in non-standard ware should get the basic functions (implant on/off, wifi on/off, etc.) of their DNI implemented in hardware, as per p. 103, Hacking Electronics.

[KCKitsune]

On similar grounds, I can never see cybereyes becoming hugely popular, outside of very specific circles. I mean, think about it. You're having your eyes ripped out, all for the promise of zoom and slightly better resolution? Call me insecure in my identity, but I'm rather attached to my eyes. I've had them all my life. Even in terms of applications, eyes suffer (except, ironically, for mages) as glasses and lenses possess nearly all the same functions whilst being significantly more disposable, a major advantage in most criminal and some military work

Actually, with cybereyes you can change the color of your iris and the shape like you would change the wallpaper of your desktop. Also, cybereyes have the advantage of being attached. You can't lose them (unless someone rips them out), or get them knocked from your face (in case of glasses).

As for getting cybereyes... I would do so in heartbeat! Think about it, you get perfect vision, get a high resolution digial camera/video recorder, and a display link for free. You also can have cool options like thermographic vision, lowlight vision, and vision magnification. Also with cybereyes... you can have LASER BEAM EYES!!!! (IMG:style_emoticons/default/love.gif) (IMG:style_emoticons/default/grinbig.gif) (IMG:style_emoticons/default/love.gif)

[RunnerPaul]

Actually, with cybereyes you can change the color of your iris and the shape like you would change the wallpaper of your desktop.

And if they can build an AR display on the inside of a pair of contact lenses, that changes how you see the world, who says they can't use that display tech on the outside of the lenses to change how the world sees you? Hmm?

[KCKitsune]

And if they can build an AR display on the inside of a pair of contact lenses, that changes how you see the world, who says they can't use that display tech on the outside of the lenses to change how the world sees you? Hmm?

Because that might make it so that you can't see out them?

[kzt]

I like the crypto part, seems reasonable. The other thing that you could do, given that storage is free, is assume that every comlink has a symmetric key to a provider burned in, with the provider having a seperate key for each phone on file. Remember, this is a dystopia, the corps have absolutely no reason to allow unlocked phones to be sold. Your phone come with a subscription to the provider, when you stop paying it stops calling.

[Rotbart van Dain...]

Until someone in management realizes that 'programmed in' is so much cheaper than 'burned in'.
Dystopia, to the tech person, means that security models are based on cost, not on security.

[Cthulhudreams]

If frank runs with the previous stuff though, you wouldn't be able to do that as the storage space required to hold enough bits to fully record couple of dozen hours of VR would exceed the storage capacity of the commlink.

Which means that a one time pad of sufficient size to encrypt it would be equally too large.

This is why everyone doesn't store everything.