Alternate Hacking System: Cinematic Hacking, Vaguely inspired by Spycraft Options

[Draco18s]

Whew, I think I've worked through everything. Haven't been able to perform any serious testing with the rules, but I don't see any problems at the moment. I would like to have a few more things to spend AP on as well as a few more hacking strategies (preferably 2 more general strategies to bring the total up to 5 general, 5 attacker, 5 defender). I also need to print a formatted copy (rather than a BBC markup copy) to take with me to my game tomorrow.

Also take a look at the poll, does it solve the Matrix Problems? I've intentionally left some detail out, such as encrypted files, but I feel that anything that is encrypted is not crackable except by GM fiat (that is, Mr J supplies a decrypter or password for a given plot, or files can be decrypted by gaining System Control: eg. access as the user that encrypted them) or through Black Bag cryptography. As allowing anything to be cracked in minutes only causes issues with "why don't I just spoof a credstick to give me money?"

Cinematic Hacking

Hacking comes down to 3 types of hacking:
Software Hacking (computer programs, viruses, virtual attacks on severs)
Hardware Hacking (taking something apart and rewiring it, interacting with a command console)
Black Bag Hacking (aka Lead Pipe Hacking, Rubber-hose Hacking, Phishing)

Bypassing Locked Doors

Hardware Hacking leaves traces that something's happened. Deal with it.

Most hardware hacking involves getting through a locked door into a secure area, there are several ways one can go about "busting the lock."

Maglock Passkeys
Maglock passkeys are pre-purchased, reasonably reliable, swipe-and-go B&D tools that confuse the lock mechanism into thinking that the passkey is a valid ID and opening the door.
Maglock passkeys come in ratings from 1 to 6, availability R * 4. Maglocks come in ratings from 1 (local stuffer shack) to 6 (high security vault of a secret research base of a AAA megacorp).

Mechanically this is an opposed test between the maglock passkey and the lock, each rolling their rating. However, a maglock passkey will automatically bypass any lock with a rating less than half of the maglock passkey, so a R3 maglock passkey will automatically bypass any R1 lock (congrats, you can break into the stuffer shack when no one's looking).

Additionally, if a legitimate ID can be obtained and the maglock passkey can access the data on that ID and use the information to better spoof the system. Having a legitimate ID adds a +1 dice pool bonus to the attempt.

Forged Passkeys
Using a passkey forging device, a character can create their own (hopefully) valid ID that the system will recognize and allow passage. These passkeys take time to forge and are eventually detected by the system and flagged as invalid.

Mechanically a character spends 5 minutes, rolls Logic + Computers + Keycard Forge Rating and notes the number of successes. This is the forged passkey's rating, up to a maximum of the character's base Computers skill rank. Any time it is used the lock rolls its rating and reduces the forged passkey's rating by its hits. If the key is reduced below Rating 0, then the key fails to open the lock and is useless.

Additionally, if a legitimate ID can be obtained the character can use the information on it to better forge his own passkey, such keys are much harder to detect by the system. Multiply the number of hits the character gets on his test by 2 for the rating of the forged passkey and increase the maximum rating by 2.

Legitimate ID
Legitimate IDs can be pilfered from the building's employees. These IDs can also be copied with the right hardware, although mechanically they are detected and flagged in the same way a single-copy original (the guy's going to notice eventually that it's missing, or the security network noticed abnormal behavior of the ID, or it notices the ID being used in two different areas at nearly the same time) how the ID is detected is up to GM discretion, but mechanically the security node makes an extended test with its System Rating (6, 15 minutes). When this threshold is reached, the ID will continue to function as a Rating 3 forged ID, until its rating is reduced below 0, due to the amount of time it takes for the red flag to propagate to each door's maglock.

"Break it open already!"
Additionally, a maglock can be bypassed by cracking open the case and shorting the wires simply bypassing all the software and forcing the door open.
To do this a character needs the right tools (namely a screw driver and a pair of wire cutters, though any reasonable alternatives may be used, such as a monofilament chainsaw or a crowbar and a knife) and a few minutes.

Mechanically the character rolls an extended test Logic + Hardware (rating of the lock times 2, 3 combat rounds). For every 3 hits the character gets above this threshold the last interval is reduced by 1 combat round. If this would reduce the interval to less than 1 combat round, the duration is still 1 round, but the character achieves a critical success and is awarded a point of edge, as per normal.

Hacking the System

Hacking a computer is primarily a Software Hack, although it is possible that legitimate access can be achieved to a system and the character simply needs to do a Console Hack. In this case, substitute the Computers skill for the Hacking skill. If the system is an obscure device (such as the controls for a nuclear reactor or the flight deck of an aircraft) Hardware or a Vehicle skill may be more appropriate, illustrating needing to know what button does what without causing a catastrophic failure of the device. However the rules below deal with software hacks for illegitimate control of a system.

The Basics

Hacking is measured in terms of Authority Points and Lead. Authority Points measure how much a character can do in a system, or how much the system can keep the character out. The difference between the attacker and the defender's Authority Points is the Lead. As long as the lead is greater than 0, the defender is still in control. The higher the lead, the harder it is to break into a system, though most times it is unnecessary to gain complete control (reducing Lead to 0).

The defender gets their Firewall rating as their initial Authority Points, while the attacker starts at 0. If the system does not have a Firewall, use its Device Rating divided by two, round up.

Multiple entities may participate in a single hack, though they are treated as a single party, except where noted (eg. one participant might log out and another jump into a drone, while the third continues attacking or defending the system).

How long each hack action takes is dependent on the Lead, the higher the lead, the longer it takes. As the defender loses its advantage over the attacker, each side is making spit second moves to keep or gain control of the system. Not that on the table below, it assumes the attacker has two initiative passes, which a character always gets in Augmented Reality. For Virtual Reality a character always gets four passes, so halve the times listed, but opens up the hacker to stun damage. Additionally a hacker can go Hot Sim, increasing his Response by 1 and granting a +2 dice pool bonus on all hack attempts, but this opens the hacker up to physical damage. Moving from Cold Sim to Hot Sim and back takes 1 minute and requires that the hacker be logged out of all systems. For leads greater than the table lists, double the time of the previous entry (so a lead of 12 takes twice as long as 11, which is twice as long as 10, etc) until an entry can be found on the table. It is unlikely that such a hack would take place, as the conditions for Prey victory are met (see Core Commands below).

A good response benefits the attacker and the effective Lead is reduced, however a good Response also benefits the defender. The difference defender - attack is used as a modifier when consulting the table below. This does not alter the actual Lead, but simply reduces the amount of time for each hack action.

Remote hacking is generally inadvisable due to only being able to access publicly available networks and systems. Even in a largely wireless world, these oublic systems are not connected to vital security equipment and generally have little information worth stealing (although examples can be found). As such, hackers need to be on site during a run in order to open doors, cancel alarms, and deactivate drones.

For example, if the Breaker's comlink has a Response rating of 5 and the Stuffer Shack's node has a 4, then the effective Lead is the current Lead - 1. So if at the start of the hack, the Stuffer Shack has a firewall of 3, then the Lead when compared to the table would be 2: each hack action takes 4 complex actions. In AR it would take the attacker approximately 6 seconds before the next hacking round.

[ Spoiler ]

CODE

Lead        Time
0 or less        2 simple actions
1        2 complex actions
2        4 complex actions
3        8 complex actions
4        10 complex actions
5        20 complex actions
6        1 minute
7        2 minutes
8        5 minutes
9        10 minutes

Authority Points

Authority Points are gained by rolling System + Hacking (Agents, such as IC, roll System + Rating, Spyders roll System + Hacking, and other devices, roll their Device Rating*2) and adding the hits to the attacker/defender's Authority Points. The time it takes for this action to complete is listed in the table above.

Edge and Authority Points: always roll Edge dice separately, all rerolled dice count as Edge dice. These dice only determine success or failure and do not add Authority Points. Edge that does not grant additional dice, however, does grant the hacker 1 additional AP. There is a very careful balance of powers here, a lot of Edge could allow an attacker to take over a system in 1 action by spending Edge, as a single Authority Point is quite powerful. 6 Edge dice on a pool of 12 turns an average 4 AP into 7, which would reduce the next hack time 75% or more: each point roughly cuts the time in half.

Each hack action is done by choosing an attack or defense listed below (it should be noted that Agents have a more limited list of options, including unique commands, and are listed in the Agent's description), provided that the character/system/agent meets any listed prerequisites and taking the indicated modifier. The character who gets more hits than the opposition succeeds at their action and additionally gets to perform one of the listed benefits for that action.

After the round is resolved, the attacker and defender may spend Authority Points to perform any special actions (the amount of points is listed under each ability, as well as additional requirements) that represent short term gain at the expense of overall or long term system control.

Teamwork: if there are more than one participants on any side, they roll the appropriate pool, limited to Response, System whichever is lowest and add their hits to the leader's roll. If additional participants are Agents, such as IC, they simply add a +1 modifier to the highest rated Agent, or to the defending spyder (if present).

Hacking Strategies

[ Spoiler ]

Code Slinging:
The participant uses common tactics to undermine or reinforce the target system’s security.
Modifier +0

Core Counter-Measures (Defender only):
Req: Lead 3 or less
The Prey brings the full strength of his system to bear, hoping to keep the invader at bay, or even squash him like a bug.
Modifier +2

Hard Reboot (Defender only):
Req: Lead 1, System 3+
Convinced of an imminent security breach, the Prey tries to shut down all system access.
Modifier -4
Advantage: Allows the Shutdown core command.

IC-y Defense (Defender only):
The Prey barricades itself with IC in an attempt to cripple the invading Predator.
Modifier -2
Advantage: Allows Load IC core command

Index Snatch (Attacker only):
Req: 3 or less
The Predator attempts to pry a file out of the target system using an indirect — and seemingly legitimate — request. Tracking and countering these elusive attacks is one of the most taxing parts of a Prey's job.
Modifier +2
Advantage: Attacker may download or upload a file without spending AP.

Insert Packet (Attacker only):
Req: Lead 6 or less
The Predator tries to drop off a little gift in an unused part of the system.
Modifier +1
Advantage: +1 cumulative modifier to future defenses (max System). If Lead rises above 6, this bonus is lost.

Inverse Query (Defender only):
The Prey tries to coax the invader to give up vital information in exchange for continued access.
Modifier -2
Advantage: Trace attempts get cumulative +1 modifier (max equal to System)

Kernel Interrupt (Attacker only):
Req: System 3+, Lead 2 or less
The Predator tries to seize momentary control and vanish to a new part of the system.
Modifier +3
Advantage: Increase existing trace thresholds by Net Hits.

'L337 Moves:
Req: System 5+
The participant uses his significant system power to wear down his opponent, undermining his confidence and exploiting every mistake he makes.
Modifier -2
Advantage: Gain one additional Authority Point if successful

Phone Phreak:
Req: Trace Software, Electronics Warfare skill
The participant analyzes communication system traffic, hoping to get a better sense of the situation.
Modifier -3
Advantage: +1 cumulative modifier to future attempts (max Signal) and +1 to all Trace attempts (max Signal)

Play Through (Attacker only):
The participant plays various routing games to conceal his whereabouts.
Modifier +0
Advantage: increase Trace thresholds by 1 (max Firewall)

Security Alert (Defender only):
Req: Lead 4 or less
The Prey harasses the Predator by distributing his silhouettes across the system.
Modifier -3
Advantage: +1 cumulative modifier to future defenses (max System). If Lead rises above 6, this bonus is lost.

Social Engineering (Attacker only):
Req: Con, both participants human
The Predator focuses his attack on the Prey rather than the Prey’s machine, hoping to outwit him directly.
Special: The Attacker replaces Hacking with Con, the Prey replaces Hacking with Sense Motive (or defaults with Willpower -1)

Breaker chooses to do an Index Snatch against the Shack's system, which he can do because the Lead is currently 3. The Shack isn't very well defended, but there isn't much Breaker could steal if he manages to get in. The system goes for an Inverse Query, it wants to know who's attacking it. Both roll. Breaker has a Hacking skill of 2 and his comm has a System rating of 3. He gets 7 dice (plus 2 for his strategy) and makes 2 hits. The shack is running on IC Agent with a rating of 3 and the node's System is 4. It gets 5 dice as well (-2 strategy modifier) and gets an amazing 3 hits. The Shack wins the check and gets its advantage: a +1 modifier to all Trace attempts.

Magic Bullets and Core Commands aka Spending Authority Points

At the end of each hack action, the attacker and defender may spend some of their system control in order to pull of a short term gain in exchange for long term progress. Each participant chooses an action (if they so desire) and spends the points before knowing what the opposition does. Some of these actions are Core Commands. These actions cost the defender nothing and have no prerequisites, as they are in control of the system, however for an attacker to pull them off they need to both meet the prerequisites as well as spend one or more Authority Points (AP). The loss of AP is the result of diverting some time or system resources away from the direct attack or defense of a system.

[ Spoiler ]

Add/Delete Record (Core Command):
Cost: 2 AP
Changing or deleting files is simple. Doing so in a manner that isn’t obvious requires a Forgery check.

Authorize/Restrict User (Core Command):
Special: The defender must have a Lead of 10+ in order to use this command or a completed Trace.
Req: Lead 1
Cost: 15 AP
This core command may grant any person whose computer links to the system access to any core commands possessed by the acting user. It may also do the opposite, preventing any person from using any core command possessed by the acting user. This command effectively ends the hack, as the system blocks the hacker from accessing the system permanently. If the attacker uses it without system control, he can grant himself legitimate access to the system, thereby gaining victory, though the spyder can attempt to regain control by counter-hacking.
Note: An access restricted Attacker is not immediately Logged Off or Dumped, he however can not perform any actions on the node beyond what is granted to the public (e.g. a Stuffer Shack menu).

Download/Upload File (Core Command):
Cost: 2 AP
This core command transfers a file or program from one system to another. Generally utilized by the attacker to grab paydata.

Dumped!:
Ungracefully terminate connection to the server such as physically disconnecting the link. Breaks all Traces, including Black IC traces and ends combat for that participant, unfortunately it can be a bit disorienting for a short time after.
Special: Any participant dumped from a system takes 2S if in AR, 4S if in VR, resisted with Willpower. If the participant was aware of the dump before it occurs he gets +2 dice to resist. Additionally, if the participant takes at least 1S from the dump they are Disoriented (-2 to all actions) for 1 combat round.
Special (Predator): If last Predator, reset Predator's AP to 0 and Prey's AP to current Lead or Firewall, whichever is greater.
Special (Prey): If last Defender, forfeits system control.

Execute Program (Core Command):
Cost: 2 AP
This core command runs the specified software. Generally utilized by the attacker to install a virus or backdoor into the system.
Special: Installing a backdoor allows the attacker to re-enter the system with a starting Lead of the Lead at which the backdoor was installed +1.

Graceful Log Out:
Gracefully terminate connection to the server. Breaks all Traces and ends combat for that participant.
Special (Predator): If last Predator, reset Predator's AP to 0 and Prey's to current Lead or Firewall, whichever is greater.
Special (Prey): If last Defender, forfeits system control.

IC'd (Intrusion Countermeasure only):
Cost: Varies
Req: IC wins opposed check
IC can inflict stun damage on a hacker (if vulnerable) at a cost of System rating in Stun for 1 AP, resisted with Firewall + Willpower.
Special: Blackhammer IC can instead inflict Physical damage (if vulnerable), resisted with Firewall + Body.

Load IC (Core Command):
Special: IC-y Defense activated this turn or Lead less than Firewall
The system activates Intrusion Countermeasures, adding a participant to the Defending party (max Signal). (+1 cumulative modifier to future defenses).

Shutdown (Core Command)
The server crashes (gracefully or otherwise), taking every active connection with it.
Special (2+ hits on the opposed test): The system shuts down and the attacker is denied access until the system restarts (5 minutes). All participants are Gracefully Logged out.
Special (Won the opposed test): And the attacker gets no action this turn (including spending AP). All participants are dumped.
Special: In either event, the Predator's AP is reset to 0 and the Prey's to Firewall when the system is restarted.

Trace (Core Command):
Req: System Control
Initiate a trace against a target. Defender rolls an extended test System + Signal +1 per participating Agent on the target's node with a threshold of the Attacker's Firewall*2, interval 1 hacking round. Success indicates the target's physical location allowing security to come down like a ton of bricks on the Attacker. Each trace gives a +1 modifier to the Security Alert tactic.
Note: only 2 traces may be active per defending participant and each accumulates successes individually, though bonuses apply to all of them. A trace also only targets a single Attacker and only one trace may be active against each Attacker.
Special: Blackhammer IC also jams open the Attacker's link, preventing a Graceful Log Out. Any time a Trace is activated after Black IC joins the Defender, the Attacker's connection is jammed open. Such a trace can be used to monitor the Attacker's physical as well as Matrix location and activities.

Use Peripheral Device (Core Command):
Req: Command, AP 5+
Cost: 0 AP*
This core command allows the user to interact with a peripheral device subscribed to the system. May require an additional skill check based on the device, depending on the device and the command: unlocking a door, for example, requires no check (provided the user knows which door), but observing a camera feed might take a Perception check to notice something of note, and rigging a drone would follow rigging rules.
Special (Defender): If there are no other defenders, AP cost applies.
*This core command allows the user to control the device as their next hack action (making no check and gaining no AP) and may only choose this option if they wish to continue controlling the device. In the event you need less time than this, you may make the roll on the opposed test, but you take a penalty equal to the amount of time you spend controlling the dice. Look up on the Lead table the nearest amount of time (round up: 3 minutes -> 5 minutes) and take a penalty equal to the effective Lead value for that entry (minimum -1).

Breaker lost the opposed check, but did gain 2 AP which he can spend, but the system has 6, making the effective lead 3. If both don't spend any points, then the next hack attempt will take 8 complex actions, or about 12 seconds in AR. Breaker is trying to gain enough AP so that he can spend a round Commanding a device, so he chooses not to spend any. The Shack on the other hand was using IC and won its check. Breaker is in AR so it could spend some AP to try and knock him out, but it doesn't have a great lead to cause any effective harm. Instead it decides to initiate a Trace, and it gets a +1 to that test. It does so and rolls 5 dice and gets 2 hits towards Breaker's Firewall*2 of 6.

Next round Breaker decides to Insert Packets, which gets him a +1 modifier: he needs to recoup some Lead. The system goes for a Security Alert. Breaker gets 6 dice versus the Shack's 5 dice. Breaker wins 3 to 1, dropping the Lead to 2 and leaving Breaker with 5 AP; the system was unable to effectively alert any on-duty guards. He decides to Use a Peripheral Device--the door lock--and commands it to unlock. The system gets its extended Trace test--another 1 hit--and takes no other special actions. Effective Lead is now 1, so 3 seconds later Breaker has the door unlocked, but the system gets to roll to defend. It performs Core Counter Measures and gets 9 dice and snags 4 hits. Breaker still has his 5, but the system now has 10, bringing the Lead to 5, but Breaker has what he wanted performs a graceful Log Out, severing the Trace. Had the Shack been running illegal Black IC it would have jammed open his connection, allowing the trace to continue.

A Round Quick Summary
1: Determine Lead and hacking time
2: Predator and Prey pick a strategy and perform an opposed test, adding hits to their Authority Points.
3: Choose to spend AP on additional actions
4: Roll traces

Black Bag / Lead Pipe / Rubber Hose Hacking

While these methods are entirely feasible within the ShadowRun universe, they are not the dominion of the Hacking rules, they are the dominion of Breaking and Entering, Theft and Robery, Social Encounters, Roleplaying, or through mission objectives. How a GM should run this kind of cracking should be up to them and up to player creativity. I offer no rules for this kind of dramatic conflict, however, if a legitimate account can be obtained to a system, treat the PC as having System Control, but limit the actions they can perform with a boundary on "what this NPC would likely have access to."

So doping up the secretary might get her login to the computer, but it won't let you access top secret research data. Even gaining the sysadmin rights might not let you access those files. In such an event, the system will simply throw a Restricted error. If the PC would like to continue anyway and start hacking, use the rules as they are outlined here. Once the system has identified you as an illegitimate user it doesn't matter how you gained the access you did: you start in the same place (admin rights don't help when the system realizes that the admin is in fact not the admin, or at least trying to do something the admin has no right to do).

Equipment

Software is cheap to copy and easy to distribute, pirate networks abound providing a knowledgeable hacker with all the software tools he could ever need. And free music, movies, games, and porn. Hardware on the other hand is a truely limited resource. You can't just make more without having raw materials. You have to ship it from factory to warehouse to outlet. This is hard and expensive.

[ Spoiler ]

Comlinks

While there are many standard comms on the market for personal use, a true hacker will want to build his own rig from parts. There is no significant cost difference between buying a pre-built system over a DYI kit.

System: This is how much raw computing power a device has. Aka CPU. The more power, the better attack or defense a node has.
Response: This is a measure of just how snappy the machine responds to commands and can move data. Aka RAM. Response lowers the amount of time between each hacking round (for the attacker) or increases it (for the defender).
Firewall: This is a measure of how well protected the device is from outside threats. It determines starting Lead and filters dangerous biofeedback.
Signal: This is a measure of a device's network connectivity and how many active connections it can maintain at once. Signal determines how many slaved devices you can have as well as how many Agents you can run (to either defend a node, or to aid in the attack of another).

Cost:
(R 1-3)
System: :nuyen: R*R*400
Response: :nuyen: R*R*200
Firewall: :nuyen: 200+R*R*100
Signal: :nuyen: R*R*100
Availability (R*2)

(R 4-6)
System: :nuyen: R*R*800
Response: :nuyen: R*R*400
Firewall: :nuyen: 600+R*R*300
Signal: :nuyen: R*R*200
Availability (R*3)

(R 7-9)
System: :nuyen: R*R*1600
Response: :nuyen: R*R*800
Firewall: :nuyen: 1200+R*R*600
Signal: :nuyen: R*R*400
Availability (R*3)R

Note: Rating 0 hardware is available at half the cost of Rating 1. Rating 0 hardware is the cheap consumer grade equipment from last year offered up used on eBay. Functional most most home use, but effectively worthless from a hacking standpoint. Thus a throw-away comm at Rating 0/0/0/0 costs :nuyen: 500.
Note: A Signal 0 device can still accommodate 1 network connection: a Matrix Service Provider. Such a connection, however, is considered "slow" even to street folk, though functional, it however, cannot run any Agents.

Tools
Keycard Copier
:nuyen: 5000
Availability 8F (handheld scanner sized)

Keycard Forge (R 1-3)
:nuyen: R*3000
Availability (R*5)F (laptop sized)

Maglock Passkey (R 1-6)
:nuyen: R*1500
Availability (R*3)F (wallet sized)

Agents

Agents are software programs that act on their own moving from node to node. Individually they are no match for a hacker, unless running on a strong node. In groups however, they can overwhelm the opposition. The rating of an agent is limited to the System of the node it is running in, and there is a limit of Signal to how many Agents my be in the same node due to the limitation on how much network access their is (each point of Signal allows another connection and each Agent uses up one connection).

Assault Agent (R 1-6)
These agents aid in the attack of other systems, as such they are illegal to own, although are not hard to acquire.
Cost: :nuyen: R*R*750
Availability: (R*3)F

Defense Agent (R 1-6)
White IC seeks out intruders and disconnects them from the node.
Cost: :nuyen: R*R*300
Availability: R*2
Special: (flat) +1 to all Traces if any are present in the defending node.

Grey IC (R 1-6)
Grey IC seeks out intruders and floods them with biofeedback while attempting other security measures.
Cost::nuyen: R*R*500
Availability: (R*4)R
Special: Biofeedback

Black IC (R 1-6) [Forbidden]
Black IC seeks out intruders and floods them with lethal biofeedback.
Cost: :nuyen: R*R*1000
Availability: (R*6)F
Special: Jams connections open, Lethal Biofeedback

[Ascalaphus]

It's.. interesting. It's shorter than my current plan, which is good. On the other hand, it doesn't address everything. The most important thing I'm missing is how to conceal your activities instead of straightforwardly trying to beat the target system in a fight?

[Draco18s]

It's.. interesting. It's shorter than my current plan, which is good. On the other hand, it doesn't address everything. The most important thing I'm missing is how to conceal your activities instead of straightforwardly trying to beat the target system in a fight?

That's a good point, but there's a level of abstraction here that makes it difficult to deal with. I think however the best way to deal with it is through Traces: if you're not traced the system has no idea who you are (at best it only knows there was an attempted break in*).

A trace should take less time to complete than it takes for the system to win through Lead, though I didn't do any direct comparison to hacker winning vs. trace completing. I figure that hackers should know how to cover their tracks and if they win before a trace completes they can cancel it and erase their tracks. Though having system control can still be obvious. If you've kicked out an NPC defending hacker he's going to know that someone booted him out. A pure computerized system that gets taken over? Why the hacker can send an "all clear" signal.

Anyway, it's supposed to be Dramatic Conflict, not Cloak and Dagger stealth games.**

*Real world connection: the Pentagon is attacked tens of thousands of times every day. Most are just pings, testing the armor looking for cracks, not worthy of being noted as anything more than a statistic. How many are actual breaches? Pentagon won't say. And of course, undetected hacks are, well, unknown even to the Pentagon. But we can be reasonably sure these don't happen often.

**Rules as Written hacking is so dependent on Stealth it's fucking hilarious. No stealth? No hacking. Lots of stealth? You win all the time, every time, without the system ever realizing you were there. Stealth logs you in, stealth avoids cybercombat, stealth avoids other detection. Have it and win, don't and lose.

[Ascalaphus]

I agree that the RAW stealth system is absolutely horrible. But I'd still like to differentiate between hacking a system that's aware of your attempts, and one that isn't. Covering it up after the hacking is another matter altogether.

The holy grail of shadowrunner hacking is usually to breach a system without anyone realizing it; so that even afterwards the intrusion won't be discovered. That requires that no alert was sent to anyone, just erasing what and how you did from the hacked system afterwards isn't enough if the news got out.



I appreciate your system for comparison, but I'm still working on my own. It'll carry a lot of similarities, but it'll be a bit bigger because I prefer to err on the side of thoroughness.

Another thing I'm missing in your system is hardware-hacking as an approach to regular systems. One of the reasons for hackers to go on-site should be that software security just has a very very hard time defending a system against someone who cracks open the case and subverts the system's hardware.

I'm trying to enable different hacking styles by having quite varied tests for different "strategies"; systems that try to be strong at everything will be prohibitively expensive. Also, no level of software can mimic Intuition in my system, reserving certain strategies for meatpeople only.

[Draco18s]

Another thing I'm missing in your system is hardware-hacking as an approach to regular systems. One of the reasons for hackers to go on-site should be that software security just has a very very hard time defending a system against someone who cracks open the case and subverts the system's hardware.

You mean like this section?

"Break it open already!"
Additionally, a maglock can be bypassed by cracking open the case and shorting the wires simply bypassing all the software and forcing the door open.
To do this a character needs the right tools (namely a screw driver and a pair of wire cutters, though any reasonable alternatives may be used, such as a monofilament chainsaw or a crowbar and a knife) and a few minutes.

Mechanically the character rolls an extended test Logic + Hardware (rating of the lock times 2, 3 combat rounds). For every 3 hits the character gets above this threshold the last interval is reduced by 1 combat round. If this would reduce the interval to less than 1 combat round, the duration is still 1 round, but the character achieves a critical success and is awarded a point of edge, as per normal.

Technically that would apply to any device, though rarely will you need complex rules for it. Popping the hard drive out of a computer? Simple. So simple in fact I wouldn't even bother requiring a roll. Getting that far is another mater entirely.

Back when I did some tech support there were servers. Getting access to these servers after hours required getting through 1 electronically locked door, through 1 mechanically (and electronically--it was a standard key door that had a magnetic swing plate so it could be opened with a keycard too) locked door, through a mechanical punch-code door, and finally through a second electronically locked door. Not to mention bypassing a minimum of 3 cameras.

In any case, that would fall under the purview of Black Bag Hacking.

[Ascalaphus]

Not exactly, I didn't mean hacking maglocks; I meant circumventing software defenses on a normal computer by compromising its hardware. I'm thinking something along the lines of a Logic+Hardware test to gain Authority, that is nearly impossible to oppose. And all you need is physical access...

Also, I'm somewhat disturbed by the differing time scale depending on Lead.. I think I prefer a more constant time scale.

[Draco18s]

Also, I'm somewhat disturbed by the differing time scale depending on Lead.. I think I prefer a more constant time scale.

The problem lies in the fact that simple hacks need to be quick. But if simple hacks are quick, then complex hacks are merely two or three times longer (takes 3 times as many rolls, takes 3 times as long) which is really undesirable, as it means any device on the planet is hackable in seconds if your basic maglock is hackable in a round or two.

[Ascalaphus]

The problem lies in the fact that simple hacks need to be quick. But if simple hacks are quick, then complex hacks are merely two or three times longer (takes 3 times as many rolls, takes 3 times as long) which is really undesirable, as it means any device on the planet is hackable in seconds if your basic maglock is hackable in a round or two.

I see your point, but I don't like the method.

I'm making hardware costs closer to exponential; having all cameras super-secure is insanely expensive, but having just a few secure servers is a realistic option. Slightly better hardware also makes systems a lot harder to hack. If for example Firewall is a threshold to enter a system, having a Firewall of 4 instead of 3 will have a definite effect on security. Likewise, if the computer has 3 IPs instead of 2, it suddenly becomes a lot more dangerous.

So that means it's pretty hard to hack superior systems, but it can indeed be done, and when it's done, it happens quickly. I don't think that's bad; the response can be equally fast (hardware reset button). Like a shadowrun, you have to be quick and out before the HTR arrives.

That doesn't stop data theft, but abuse of a system controlling some utility is hard to continue for more than a couple of minutes at best. Those occasional sudden failures do fit a cyberpunk world though; hacking GridGuide during a car chase for example should be doable. Sudden failures that injure civilians fit the dystopian athmosphere. (To a point.)

On the other side, I'm working to develop tracking so that tracing someone back is also easier; sending troops to arrest the hacker becomes something that could actually succeed.

[Draco18s]

If you actually run the numbers here, almost all hacks take place under 2 minutes. Its only when you start exceeding a Firewall of 7 that time starts really becoming an issue. Unless your Response is greater than the target's. Rating 6 everything hacker on a Rating 6 everything system the entire showdown lasts 72 seconds, IIRC.*

*I didn't factor into account increased/decreased time intervals, just did a raw "how many rounds" guess and multiplied by the first interval. If the hacker is going to ultimately lose, then the time ramps up, but it should be pretty clear that he's going to get booted. Like I said, I haven't had a chance to really try the rules out in practice. Also "all 6 vs all 6" would end in a stalemate. Neither has a die advantage (which puts the timer on the Trace and how well the hacker can avoid being traced and accomplish his goal--assuming the goal isn't System Control).

[Wandering One]

I'm going to have to re-read the lead vs. AP portion a couple of times, but beyond that...

The more lead the defending system has... the longer it takes it to trace? That seems backwards. The trace shouldn't occur once per lead pass. The hacker should have a better chance to beat the trace the less lead exists. As it stands the more the hacker breaks down the system the faster the trace finds him.

[Draco18s]

The more lead the defending system has... the longer it takes it to trace? That seems backwards. The trace shouldn't occur once per lead pass. The hacker should have a better chance to beat the trace the less lead exists. As it stands the more the hacker breaks down the system the faster the trace finds him.

I made it per hacking round just to leave it consistent, but I could change it. Suggested interval?

[Wandering One]

I made it per hacking round just to leave it consistent, but I could change it. Suggested interval?

A 'quick fix' I initially thought of would be to multiply trace hits by lead. At least then it's closer to consistent, but you're still kinda penalized for getting faster in the system. The real way to do it would be for every 3 seconds, the server gets a roll. You can equate this to the multipliers, but you just have to have a separate multiplier column for the different leads.

Yes, this means something with high lead is practically going to know what you ate for breakfast and your favorite sweater color before you get to take your next action. If it's taking 20 minutes to do *anything* in the system, if it's looking for you, you're screwed anyway.

[Draco18s]

Multiplying by Lead (hell, even adding Lead as auto-hits) means that you would be traced always, every time, before you could do anything. You could not hack a system unless your Firewall was double or triple its System + Signal.

Remember, getting Traced means the system locks you out. It has enough info to know who you are and completely shut you out (See the Magic Bullet Authorize/Restrict User). If it can't just block you, then what good is a trace? Sic'ing (slow) meat security on you while you keep raping the system?

[Wandering One]

Multiplying by Lead (hell, even adding Lead as auto-hits) means that you would be traced always, every time, before you could do anything. You could not hack a system unless your Firewall was double or triple its System + Signal.

Remember, getting Traced means the system locks you out. It has enough info to know who you are and completely shut you out (See the Magic Bullet Authorize/Restrict User). If it can't just block you, then what good is a trace? Sic'ing (slow) meat security on you while you keep raping the system?

Sorry, should have mentioned upping the trace threshhold to make it make sense.

But yeah, you get traced on a lead 9, you're pretty fragged. That's a LOT of time.

[Draco18s]

Sorry, should have mentioned upping the trace threshhold to make it make sense.

But yeah, you get traced on a lead 9, you're pretty fragged. That's a LOT of time.

Problem with that is, a hacker with 9s in all his hardware too won't be able to hack the system either, despite being on even footing.

[Wandering One]

Problem with that is, a hacker with 9s in all his hardware too won't be able to hack the system either, despite being on even footing.

Then the time needs to be adjusted, or the trace system needs to be completely overhauled. As it stands right now there's no reason for me to get a better lead to 'beat' the trace. It just doesn't matter. Also, if the system can't find you as you sit there and monkey wrench with it over 20 minutes, that seems to run against common sense to me.

[Draco18s]

Then the time needs to be adjusted, or the trace system needs to be completely overhauled. As it stands right now there's no reason for me to get a better lead to 'beat' the trace. It just doesn't matter. Also, if the system can't find you as you sit there and monkey wrench with it over 20 minutes, that seems to run against common sense to me.

You're not monkey-wrenching over it for 20 minutes. You're making very cautious pokes into the system trying to find a weak point to exploit. And covering your tracks a lot.

[Redcrow]

First let me just say that I like the Authority Point idea as I think it has potential to add some flexibility. Not to overcomplicate things, but the way I sort of envisioned it was that a systems AP would be a little more fluid with a hacker trying to reduce the systems AP and increase their own while conversely the system would be trying to maintain their AP while reducing those of the hacker. So you would essentially have two separate AP scores, those of the system and those of the hacker. If the hacker needs to reduce the AP of a sytem to perform certain actions on it, then conversely the system could be trying to reduce the AP of the hacker in order to perform certain actions against them. The lower the systems AP, the more the hacker can do on the system and the lower the hackers AP the faster the system could trace them, or whatever else.

[Draco18s]

with a hacker trying to reduce the systems AP and increase their own while conversely the system would be trying to maintain their AP while reducing those of the hacker. So you would essentially have two separate AP scores, those of the system and those of the hacker. If the hacker needs to reduce the AP of a sytem to perform certain actions on it, then conversely the system could be trying to reduce the AP of the hacker in order to perform certain actions against them.

Conceivably the crunch could work like that, I didn't think of it that way, but you're right that it could. You could probably easily adapt the rules I presented here to work in that manner.

[Ryu]

The problem lies in the fact that simple hacks need to be quick. But if simple hacks are quick, then complex hacks are merely two or three times longer (takes 3 times as many rolls, takes 3 times as long) which is really undesirable, as it means any device on the planet is hackable in seconds if your basic maglock is hackable in a round or two.

How about an interval depending on the distance between attacker node and defender node? You could say that most exploits depend on timing, and that short distances are ultra-important.

[The Tarasque]

When I try my hand at creating house rules, the #1 question I ask myself is "is it fun?" Not to be rude or anything, but these rules don't sound fun at all. Not that the core rules do either, of course.

[Draco18s]

How about an interval depending on the distance between attacker node and defender node? You could say that most exploits depend on timing, and that short distances are ultra-important.

It's hard to come up with rules that allow you to hack at a distance while at the same time making it suboptimal. If you're just slower you'll always want to be closer to the target, which effectively is the same as "you can't hack long range."

The best I came up with--as a modification for the core rules--was to impose a DP penalty for every 2 nodes you're hacking through (that is, not counting you and the target) and an additional penalty for hacking or hacking through a Signal 0 device.

[deek]

I've got the basic idea you present here, but I don't see this as a better system than RAW. Its just different. Based on RAW, I only have to track hits until the hacker enters the system, then there is either an alert or not (which could also include IC or other scripted actions or maybe even a spider).

But these rules cause me to continually track APs and Lead throughout the hack. So, there's more record keeping, which equates to more time.

I don't see non-participants being anymore into this than RAW. I don't think it reduces the hacking subgame.

I like your rules, but as I said above, they don't seem to be any better. It feels like just another system to have to learn and the basic problems are still there.

[Ryu]

It's hard to come up with rules that allow you to hack at a distance while at the same time making it suboptimal. If you're just slower you'll always want to be closer to the target, which effectively is the same as "you can't hack long range."

It would be the very idea to make hacking at a distance suboptimal. Hacking would need turns while onsite, several minutes in the general area of the target, and hours if you hack something on a different continent.

[Draco18s]

It would be the very idea to make hacking at a distance suboptimal. Hacking would need turns while onsite, several minutes in the general area of the target, and hours if you hack something on a different continent.

I meant suboptimal without making outright a terrible idea. The "well you can but you have to be good to pull it off."

If it's always going to take 1 minute per action from across the street regardless of hardware/software/skill and there's no way to bring that back down to combat turns no one would ever do it.

As opposed to applying a DP penalty, which could be compensated for (although it has to be significant enough that it's a disincentive).