Authorization for Drones, Now I'm Spoofed! Options

[Tsithlis]

So under Authorization and Authentication (p. 225 SR4 Sp. Ed.) it states that in order to allow you access to anything beyond a public account [...] the node must have your access ID associated with an access level/account privileges. (for example, your soycaf dispenser will have your access ID on a list that shows that you have an admin account on its node).

So if you've spoofed your Access ID can you log into your drones or vehicle, it seems to imply that when you changed your ID they would no longer recognize you as having an account on them.

[Night Jackal]

That's why that added that accounts can be set up to require a passcode for access. This allows you to spoof your Access ID and still log into your own drones.

Also...point out...spoofing your access ID will require you to relog into the Matrix. As the connection router was changed at the source.

[Tsithlis]

First I'm not disagreeing with you... but I really dislike the way this is worded.

In order to give you access to anything beyond a public account, the node must be given three things.

This states that if it dosen't have all three of the following things then the login fails.

The First is your access ID.

Second, the node must have you're access ID associated with an access level/account privileges. This is called authorization.

Third, you must have a way of proving your are the person who has the authorization in question; this is authentication.

Then it goes on to say how you can authenticate yourself. But here is the problem. The first sentence says that all three things must be given. If you have spoofed your Access ID then that ID will not qualify for the second part which states that the ID in question must be listed in the node with those account privileges. Which means you would never get to the authorization part because the second part would fail.

[Neowulf]

If the device MUST have your access ID associated with an existing account for it to grant you anything above public access, then how do people configure new devices?
Your interpretation says that their brand new Deluxe Caffo-Soy 9000 will refuse to work because it doesn't have their access ID already. And there is no way to login to it with the default administrator account and password to associate it with yourself because again, it doesn't already have your access ID.

How about this, Commcodes, the email address/phone number of ze future, is specifically there so you can have a standard online identified people can use to contact you, no matter what commlink you're using at the time.
But by your interpretation commcodes are worthless, because to login to the commcode provider and register your current access ID you have to login using the same access ID you used to signup.

[Tsithlis]

Again I totally agree with you. It would be stupid to think it would be that way because you would never be able to log into anything after the first time you spoofed your access ID. What I'm saying is that's the way it's written in the book and certainly needs to be changed.

[Neowulf]

Yeah, the text does need to be rewritten. That sentence on authorizing is correct for a post login situation, as in you log in and the node links your access ID with the account, and authorizes you to access certain files and features.
In a pre-login situation the act of linking an account to a specific access ID is part of authentication, and is normally a high security "it's better to lose the files than them fall into the enemies hands" situation, not par for the course with coffee machines and can openers.

If you just cut out that second requirement it all makes sense.
A better way to explain it is "An account on a low security node may have one or more access IDs associated with it for automatic authorization, bypassing the need for other forms of authentication. High security nodes may restrict certain accounts to specific access IDs, refusing any other IDs from authenticating as that user."

[Night Jackal]

Ok....I see what they did...they listed the Access ID Accounts from Unwired page 54 and did not explain that there are other accounts that don't need to know the Access ID to allow user to log on.

See Page 54 Protocols in Unwired.

It describes all the Account types that you can have set up.

SR4A's only describing one of 3 account.