Bio-Node Hacking, Admin privileges Options

[Inpu]

My question is fairly simple: we know that an Admin account can kill privileges even to itself. When two Technomancers duke it out in a Bio-Node, is it a viable tactic to go after an Admin account (likely the only one) and start cutting privileges?

This is just one of many questions that come up for combat in Bio-nodes. If, for instance, the answer to the above question is yes, how can a Technomancer fix the damage? Since it is all meditative thought forms and the like, would a simple reboot do the trick? I noted in a previous thread that it states the interval for a Technomancer is an hour per attempt at the Extended test as per SR4 core (rather than SR4A, which apparently had no specific text on Technomancer reboots). It said a reboot would reset all matrix attributes, which suggests damage to Complex forms and the like.

Any opinions on the matter? I may need to reason it out soon, due to an upcoming session where I'm sure two Technomancers will go head to head.

[Karoline]

I'd imagine that a TMs account to their own node would be 'hard coded' in, and could never have its privileges altered. They could maybe do stuff like cut connections, or get into a TM's other stuff, and I suppose they could nuke it to drop down response and eventually crash the bionode.

[Johnny B. Good]

I'd imagine that a TMs account to their own node would be 'hard coded' in, and could never have its privileges altered. They could maybe do stuff like cut connections, or get into a TM's other stuff, and I suppose they could nuke it to drop down response and eventually crash the bionode.

TMs are immune to Nuke and response degradation. I personally don't think they should be, though.

[Karoline]

Hmm, they are? I don't remember that. Well, can still cut connections to stuff and generally make the other TM unable to do anything besides come onto the bionode to kick you out.

[sabs]

It would have been interesting if a TM's response was based on their willpower.
I still find the idea that someone can come in and hack a tm's brain seems a little weird. it's their brain, they should be able to boot you out fairly easily.

[Inpu]

Technically, it isn't their brain. It states that the Bio-Node is distinctly separate of the TM brain, so another TM cannot 'mind control' another TM.

And they can boot others out easier: they have the home turf advantage of a hacked system.

[Karoline]

Technically, it isn't their brain. It states that the Bio-Node is distinctly separate of the TM brain, so another TM cannot 'mind control' another TM.

And they can boot others out easier: they have the home turf advantage of a hacked system.

Yeah, which all in all raises the question of why you would really want to hack into a bionode. I mean, think about it, the TM could cut off their wireless for a second and give the invading TM dumpshock, and there isn't a heck of a lot that the invading TM can do in the bionode. No files to mess with, can't crash it, can't crash CFs, etc.

It's like "Congratulations, you've successfully broken into the empty room."

[Inpu]

Depends what you do in there, I think. It may be possible to put a Dissonance virus in, for instance. Besides, if you go in swinging with Blackhammer or Blackout Complex forms, you can prevent the other TM from immediately forcing Dumpshock on you. Also leaving a few Sprites might be brutal.

It might also be a good argument for saying you can mess with privileges: break into the Bio-Node and you can hurt the TM badly.

[Karoline]

Depends what you do in there, I think. It may be possible to put a Dissonance virus in, for instance. Besides, if you go in swinging with Blackhammer or Blackout Complex forms, you can prevent the other TM from immediately forcing Dumpshock on you. Also leaving a few Sprites might be brutal.

Yeah, dissonance could be bad, but normal TMs aren't much of a problem.

Blackhammer or blackout doesn't help the invading TM any. Defending TM notices that there is an intruder, shuts down wireless, intruder is gone. You can't use blackhammer/out on a node directly.

Few sprites could indeed be a pain though.

[Inpu]

Sorry, edited my post above real quick. I'll include the line here as well: "It might also be a good argument for saying you can mess with privileges: break into the Bio-Node and you can hurt the TM badly."

I meant if they are in the Bio-Node at the time. It can be risky, but Dumpshock will go away in a few hours. The potential payoff may be worth it if you ambush a TM.

Poli is Greek, by the way.

[Karoline]

Poli is Greek, by the way.

I know, it's a quote.

And yeah, it is an argument for that I suppose, but that seems a bit too powerful... I'd rather allow them to use nuke on each others bionode. Are you sure TMs can't get hit by it?

Also, seems weird that admin accounts can modify each other, but I suppose someone has to be able to delete the old CEOs account after he gets voted out.

[Inpu]

Ah, all right.

Linux is a good example: if the Admin account has the privilege to change its own privileges (which it does by default), it can make it so it cannot perform an action. If you tell the root account to delete vital files, you kill your OS outright. It isn't overly powerful due to one fact: the savvy TM can set the Admin account to be unable to change privileges and thus completely negate that attack. So it makes for a great one time wonder against a new player, especially if you allow them to regain their privileges with a complete reboot (since that seems to rebuild the Bio-Node from the text).

Yeah, I forget the page, but it does specifically say under Nuke that TMs are immune. Of course, a GM can always take the option to say that isn't so. There is a sidebar in Unwired that suggested a number of things TMs can be immune to which I disliked, so I decided not to run with it. I did keep Nuke as unable to touch TMs, since it made a sort of sense to me.

[Pat]

Removed because of redundancy.

[Inpu]

It might also depend on how one sees the Slaved comlink rules, I guess. That might be an advantage as well.

[Udoshi]

My question is fairly simple: we know that an Admin account can kill privileges even to itself. When two Technomancers duke it out in a Bio-Node, is it a viable tactic to go after an Admin account (likely the only one) and start cutting privileges?

Any opinions on the matter? I may need to reason it out soon, due to an upcoming session where I'm sure two Technomancers will go head to head.

Restricting account priviledges is something people like to point towards as abusable on dumpshock a lot. Its a good defensive strateg, but, personally, I don't see why restricting priviledges for legit accounts would do anything for a hacked account.

[Deadmannumberone]

Poli is Greek, by the way.

Just about every Greek word has a Latin copy. Latin was even more of a lexicological thief than English is.

[Mäx]

Restricting account priviledges is something people like to point towards as abusable on dumpshock a lot. Its a good defensive strateg, but, personally, I don't see why restricting priviledges for legit accounts would do anything for a hacked account.

Maybe because you dont just great a new account out of thin air when you hack in. (IMG:style_emoticons/default/wink.gif)

[JollySkull]

Wait I thought the Bio node was realted to the hackers physical mind. So to me that means it is also causing mass distraction and pain as the user is in there. So what are the IC measures a hacker should have other than a tranq patch to knock them out when such a thing happens?

I think It should be more along the lines that there is no admin level accounts in the Bio-node but ever bit of damage slowly damageable his thought process. knocking him to unconsciousness or causing slight temporary mental quirks.

Jolly skull

[Udoshi]

Maybe because you dont just great a new account out of thin air when you hack in. (IMG:style_emoticons/default/wink.gif)

You actually do. Thats what Hacking on the Fly is. Its creating a crack in the firewall to get roughly the same priviledges as a -real- account, depending on how far you worm your way into the system.

There's also other ways to get on the system without an account/passcode at all (hidden access points).

Per unwired, Probing(instead of hacking on the fly) can instead uncover existing accounts, other people's backdoors, or resusable exploits. There's more than just four account types (standard, security and admin. People often forget about Public).

So yeah. Thats why I think its stupid that restrictions to legitimate accounts automatically apply to illegal access to a node. At best, its a speedbump - its entirely possible to make new accounts with a complex action (legitimate accounts, unwired) which wouldn't have any restrictions on it. Is there any reason at all a hacker couldn't take an opposed Hacking test to force the system/node to take a restricted action it wouldn't normally say 'Yes, admin, you have the priviledges to do that' to?

Wait I thought the Bio node was realted to the hackers physical mind. So to me that means it is also causing mass distraction and pain as the user is in there. So what are the IC measures a hacker should have other than a tranq patch to knock them out when such a thing happens?

I think It should be more along the lines that there is no admin level accounts in the Bio-node but ever bit of damage slowly damageable his thought process. knocking him to unconsciousness or causing slight temporary mental quirks.

Jolly skull

Thats not how it works. See Roleplaying Biological Node Hacking, unwired 136.

[Mäx]

So yeah. Thats why I think its stupid that restrictions to legitimate accounts automatically apply to illegal access to a node. At best, its a speedbump - its entirely possible to make new accounts with a complex action (legitimate accounts, unwired) which wouldn't have any restrictions on it. Is there any reason at all a hacker couldn't take an opposed Hacking test to force the system/node to take a restricted action it wouldn't normally say 'Yes, admin, you have the priviledges to do that' to?

Even if you create a new acount out of thin air its still some kind of account, if admin acounts cant do somethink, it doesn't reaally matter whether your using an existing account or creating a new one, same limits ably. If you limit account priviledges at a deep enought level, then only way to get past those limitations is to instal a new OS.

[Udoshi]

Even if you create a new acount out of thin air its still some kind of account, if admin acounts cant do somethink, it doesn't reaally matter whether your using an existing account or creating a new one, same limits ably. If you limit account priviledges at a deep enought level, then only way to get past those limitations is to instal a new OS.

Yeah, I don't think so. Can you quote me a rule on that?

[Karoline]

Yeah, I don't think so. Can you quote me a rule on that?

It isn't in the rules, it is just well known among computer savy people. You can adjust what an admin account (as in any account that has 'admin' privileges attached to it, including those created later) can do, and it is (or was) possible to adjust the admin account so that the admin account could no longer adjust anything. This was generally done by mistake and considered a design flaw, but if you were trying to make your computer more difficult to hack, you could in theory set the admin account to have limited privileges, and thus getting access to it wouldn't do much. The problem with this method of course is that a 'real' admin can't do anything either.

So basically you mess up your ability to do important things with your computer/commlink in an attempt to mess up a potential hacker's ability to do anything. This doesn't really work outside of a personal computer though, and even then it can be a huge annoyance.

It's basically a "I'm so paranoid that I fire an automatic shotgun through every door and around every corner to make sure no one tries to ambush me." level though.

[Inpu]

It's basically a "I'm so paranoid that I fire an automatic shotgun through every door and around every corner to make sure no one tries to ambush me." level though.

Which is why Hackers will be one of the only ones to really do it. Or Spiders in the case of Drones and things of the sort.

Yeah, I don't think so. Can you quote me a rule on that?

I do think so. If the admin has no way to get to it, that means it is isolated and unable to be accessed. You can seriously damage your OS in this way. Like reformatting your main disk drive: you really don't want to do that.

In any case, even when you hack on the fly you tend not to create a new account. You break into the privileges of an account. Probing the target is just being more careful about it. They're the same thing. In the rare cases that you do create a new account, it still follows the rules and privileges of its type, which is why, in both cases, you have to choose normal, security, or admin account (it isn't impossible to create a new account. Sometimes it is the one, and sometimes it is the other.)

[Udoshi]

Okay, so a hacker can always take Hacking + Blank tests to force a system to do something (opposed by system+firewall).
Why would making a specific action not possibly for any account type, even an admin, stop a hacker from brute forcing it?

Cause, really, the actions you take when hacking a node are something like this
Hacker> I want to do Blank. (like edit some the access log)
GM> Well. You're a basic user, and you don't have the rights to do that. Roll opposed hacking +edit.
Same scenario:
Hacker> I want to do Blank. (like edit some the access log)
GM> Well. You're an admin user, good job on your hacking role....... and you still don't have the user rights to do that.
Hacker> Well. Shit. You mean the node won't let admins just take that action?
GM> Yep.
Hacker> So.... hacking + edit vs system + firewall again?
GM> Yep.

[Inpu]

Okay, so a hacker can always take Hacking + Blank tests to force a system to do something (opposed by system+firewall).
Why would making a specific action not possibly for any account type, even an admin, stop a hacker from brute forcing it?

Read above. Basically, it comes down to this: if the Admin can't, no one can. No amount of hacking will allow someone to access something like that largely because hacking is not magical. It follows logical codes and exploits in a system.

Think of it like a road: if the bridge is out, you're not getting to that place. Not the best metaphor, but it suffices.

EDIT: Your ninja edit is strong. (IMG:style_emoticons/default/nyahnyah.gif) In the case of basic user, the privileges exist, just in another account. You temporarily play with that. In the case of admin, if it isn't there, it flat isn't there. You can even erase the privilege entirely.

This is not to say it is impossible to deal with: if you want to get in and regain that privilege, you might be able to program something that you load into their system, potentially something that emulates the privilege and that you load through the admin account. There are ways around it, but running into it with no such preparation will cause you to hit a brick wall.