How to Secure you PAN, What should be the standard security measures Options

[sabs]

This has been discusses briefly in several threads, and we started talking about it again in the Stick and Shock thread.

So, I decided to break it apart.

How should a shadowrunner have their PAN configured? How many commlinks should he be using and what should they be doing.

A shadowrunner who has:
smart gun(s)
sensors
cyberware
Image Enhancements
Cyber eyes or contacts/glasses/goggles, ear buds, sub voc mic

How does he protect those from combat hacking.

You still only have 1 set of DNI
How do you split your smartlink and imagelinks
How do you deal with cybereyes and ears

Do you have 1 commlink, with everything skinlinked to it. And you fill your commlink with a rating 6 firewall, rating 6 system, and a Kitsune IC?
Do you have multiple commlinks, including one that has wireless turned off? What do you slave to which commlink in that case.

Thoughts? Concepts?

[KarmaInferno]

It's really, really simple.

Wireless off. Period.

You have a your first commlink set with no wireless at all running your PAN, hardwired. Runners will probably be the last people in the world to still have fiber optic wires snaking through their clothing. It's archaic and old fashioned for the era but you can't wirelessly hack something that has no wireless.

You have a second Commlink set in Hidden mode running your team communications and anything else that absolutely requires wireless capacity. This commlink NEVER connects with the first one. At most, if you need to transfer data, you physically use a data chip to do so.

You have a third Commlink set in Public mode that you can switch on and off as needed. This is a decoy.

You have backup equipment just in case any of these gets compromised.

If you really want to, and are just wanting to protect your comms rather than trying to hack other people, you can daisy-chain a few wireless-off commlinks in your second set, with only the end unit having wireless. Load up the intervening Commlinks with max rating defensive stuff and have them continually run Analyze, set to shut off the Commlink the moment they detect an intruder.



-karma

[suoq]

I believe, but need to hunt through the rules, that an agent on that commlink gets to add his rating to the firewall's rating.

I'm unaware of any reason you can't run firewall 6 on all of your devices, all the way down to the cybereyes. Do you need to buy those firewalls separately?

Edit: Correct me if I'm wrong but "Wireless off. Period." means no tacnet, ever. Correct? I'm also assuming that it just isn't feasible for hackers and riggers.

[Yerameyahu]

That doesn't sound right, suoq.

Personally, all that non-wireless is just too annoying. But it certainly works, if that level of security is needed in your game.

Indeed: the whole point of SR4 is being able to share all your data with all your people *right now*.

[CanRay]

Do you need to buy those firewalls separately?

Unless you crack the copy protection. And then you're probably not as likely to get the updates you need, which means it will degrade right quick!

[KarmaInferno]

Correct me if I'm wrong but "Wireless off. Period." means no tacnet, ever. Correct? I'm also assuming that it just isn't feasible for hackers and riggers.

I meant that any equipment you have that has no business being connected outside your PAN should be isolated from the Commlink that you use for communications.

Basically, you run three separate PANs. One non-wireless for your personal stuff that doesn't need wireless. One for your team comms/tacnet/etc. Third one is a decoy to make you look like Joe Q. Public.

There's no good reason for, say, your cyberarm to be publically accessible to wireless hacking. If your cyberdoc needs to access the maintenance stuff, he can bloody well plug a cable in.


-karma

[Dahrken]

Wiring components for communication while secure is not a necessity. Skinlink gives you the same security, is easier to set up and less likely to attract undue attention, no plugs or cables.

[Yerameyahu]

Unless you want to be able to turn the pain signals on and off, and other (tiny, minor) tricks; best to skinlink or something, in that case. Still, *no* fun, hacking cyberware is classic cyberpunk. (IMG:style_emoticons/default/frown.gif) I guess you'd have to go in through their main node.

[Dahrken]

Unless you want to be able to turn the pain signals on and off, and other (tiny, minor) tricks;

Thar would work through the limb's DNI no ?

[suoq]

Can skinlink be added to everything? I'm thinking contacts/glasses/goggles/earbuds at the moment. What can and what can't be skinlinked?

[Dahrken]

The most important factor for skinlinking is "is the thing reliably in contact with my body ?", including through a few millimeters of clothing. If the answer is "Yes", then skinlink is a possibility, as it does not really use up more space and use more power than a wireless interface.

[Traul]

Basically, you run three separate PANs. One non-wireless for your personal stuff that doesn't need wireless. One for your team comms/tacnet/etc. Third one is a decoy to make you look like Joe Q. Public.

It might not work for the tacnet: you need to feed it sensory input.

[sabs]

Alright, lets say you have 3 commlinks.
They all still need to access your DNI and or your imagelink/smartlink.

You can't slave your contacts to all 3. You can subcribe your contacts to all 3, but it has to be a wireless connection.

If I hack your public commlink, and get into your glasses/contacts/cybereyes, or your DNI what can I do?
What can't I do?

[KarmaInferno]

It might not work for the tacnet: you need to feed it sensory input.

My "paranoid old man" merc character has an extra battery of sensors for that, and a set of glasses with imagelink rather than routing the data to his cybereyes.

(IMG:style_emoticons/default/smile.gif)

My rigger doesn't share the "no wireless" philosophy, she has software defenses instead.

Probably the main thing that differentiates the two worldviews is that my merc has minimal hacker skills and my rigger is really very good at it.



-karma

[Triggvi]

The most important factor for skinlinking is "is the thing reliably in contact with my body ?", including through a few millimeters of clothing. If the answer is "Yes", then skinlink is a possibility, as it does not really use up more space and use more power than a wireless interface.

skinlinking cybrware makes sense. His cyberdoc attaches a lead to the skin and he can access the cyberware in the persons body.

[KarmaInferno]

Wiring components for communication while secure is not a necessity. Skinlink gives you the same security, is easier to set up and less likely to attract undue attention, no plugs or cables.

Wouldn't have to be THAT obvious. Even today Scott-E-Vest makes clothing with built-in hidden cabling channels for routing wires around to various devices.

I personally envision a "network harness" or light vest that you wear under your jacket, like the harness for a pistol shoulder holster except with embedded wiring and attachment points & pockets for devices.

Alright, lets say you have 3 commlinks.
They all still need to access your DNI and or your imagelink/smartlink.

You can't slave your contacts to all 3. You can subcribe your contacts to all 3, but it has to be a wireless connection.

If I hack your public commlink, and get into your glasses/contacts/cybereyes, or your DNI what can I do?
What can't I do?

Separate sensors & glasses for the wireless PAN. (IMG:style_emoticons/default/smile.gif)



-karma

[Warlordtheft]

3 Other Options:

Slave to master commlink which is well protected (Though suceptible to spoofing-is a good way to get a tacnet up).
Pan and all attached devices set to signal rating of 0 and devices are then slaved.
Jammers:Kill the oppositions comms (downside, they know you're there).

[sabs]

Wouldn't have to be THAT obvious. Even today Scott-E-Vest makes clothing with built-in hidden cabling channels for routing wires around to various devices.

I personally envision a "network harness" or light vest that you wear under your jacket, like the harness for a pistol shoulder holster except with embedded wiring and attachment points & pockets for devices.



Separate sensors & glasses for the wireless PAN. (IMG:style_emoticons/default/smile.gif)



-karma

You can only wear 1 set of contacts, and 1 pair of glasses.
How do you seperate out what you want, and what commlinks is it on

[hobgoblin]

I personally envision a "network harness" or light vest that you wear under your jacket, like the harness for a pistol shoulder holster except with embedded wiring and attachment points & pockets for devices.

here you go: https://www.urbantool.com/hq/holsters/show-businessholster2

several pockets for smartphones and other tech, and wire channels for headphones and such.

[KarmaInferno]

You can only wear 1 set of contacts, and 1 pair of glasses.
How do you seperate out what you want, and what commlinks is it on

Well, my main SR character has cybereyes for all the non-wireless chatter, glasses or contacts for the wireless-required stuff. Contacts have to be wireless anyhow.

And "What commlink is it on" doesn't matter most of the time. Data is data. The only time it'd matter if he as being hacked, and it's easy enough to just shut off the glasses/wireless comms for a moment to double check for that.


-karma

[sabs]

Well, my main SR character has cybereyes for all the non-wireless chatter, glasses or contacts for the wireless-required stuff. Contacts have to be wireless anyhow.

And "What commlink is it on" doesn't matter most of the time. Data is data. The only time it'd matter if he as being hacked, and it's easy enough to just shut off the glasses/wireless comms for a moment to double check for that.


-karma

Well except you could be getting hacked and never know it.
Okay you have Cyber eyes, and Contact lenses and glasses.

Your cybereyes have image link, and smart link, and some other stuff. They're slaved to the commlink that's connected to your smartgun, and your cyberware via skinlink. This commlink has wireless turned off always.
You have contacts and glasses with a combination of stuff, including a 2nd imagelink, that's linked to a commlink with external matrix access.

What are your earbuds connected to
Your subvoc mic?
And most importantly what are your electrodes/datajack, or implanted sim module linked to?

Do you have wired rflexes, or attention coprocessors. What is your DNI linked to?

[Yerameyahu]

DNI isn't linked to anything. It's Direct. Unless you're referring to something like trodes or datajack, which are DNI input/output devices (a different case).

[sabs]

It's confusing because there's a bunch of cyberware that talks about needing a seperate DNI system implanted. And yet, nowhere in the game is there an actual DNI system to implant.

[Yerameyahu]

Really? I didn't notice that at all; a holdover from SR3?

[sabs]

Really? I didn't notice that at all; a holdover from SR3?

Could be, it's mostly in the descriptions of stuff from Augmentation