[X] My Assistant

[suoq]

The Problem is that you need to Spoof the Master Node for the Access

No. You don't. The rules you're quoting say nothing about spoofing the master made, just spoofing the access ID of the master node

Here's the classic example from http://forums.dumpshock.com/index.php?s=&a...st&p=804857 trimmed down to just Slamm-O!'s actions.

Combat Turn #1
Slamm-0! flashes the sun off his reflective shades towards the drone, trying to get it to report back to the rigger so he can begin a Trace User Test to track the connection.
The drone has seen something it doesn’t recognize. It makes a "common sense" test (p. 245, SR4A), Pilot + Response, getting no hits. It contacts the Rigger (a free action) for further instructions.
Slamm-0! attempts to intercept the communication between the drone and rigger in order to begin tracking the Rigger. He performs a Capture Wireless Signal Test (Electronic Warfare + Sniffer (3) Test) (p. 229, SR4A), getting 7 hits and succeeding. This gives him a way to track the rigger's node, so he can get his access ID. Yes, this would be unnecessary in modern TCP/IP, but the Matrix ain't yer daddy's communications protocol.

Combat Turn #2
Slamm-0! begins the extended Trace User (10, 1 IP) Test (p. 232, SR4A); he rolls Computer + Track Test and gets 4 hits.
Slamm-0! continues the Trace User Test, getting 3 hits for a total of 7.

Combat Turn #3:
Slamm-0! continues the Trace User Test with 3 more hits, reaching the threshold of 10. He has successfully tracked the rigger’s connection—the rigger is in the campus security headquarters—and gotten the rigger’s access ID. Slamm-0! can now spoof orders to the drone.
Slamm-0! uses the rigger’s access ID to spoof an order for the drone to change course. He makes an Opposed Hacking + Spoof Test against the drone’s Pilot + Firewall. He gets 5 hits; the drone gets 3 hits.

Combat Turn #4:
Slamm-0! waits to observe if the drone accepts the spoofed order. He also uses a free action to confirm his dinner reservations (what a romantic!).
The drone begins to fly towards the Chemistry building.

[Bearclaw]

The Problem is that you need to Spoof the Master Node for the Access to be able to send additional commands down the pipe. And, because you are NOT the Master Node, You need to Spoof any commands (using the Master' Node's AID) to the Slaved Node. It is often just easier to Hack the Master node and then you have access without needing to Spoof. But Spoofing does not usually carry the risk of actually hacking the Master Node (You are pretending to be a legitimate User from the "Outside" because you have a Valid AID).

I think you are mostly right.
I believe you must Sniff the Master Node's signal for the Master Node's Access ID. Then, you use the Spoof program to send a command to the Slave system. The Spoof program convinces the slave that the command came from The Master. But, each time you want to send a command, you must fool the system again. Because you haven't hacked it. You are just using The Master's AID.

Like the scene in Terminator 2. The T1000 (the hacker) used John's (the slave) Foster Mother's (the master) voice to convince John to come home (spoofing a command). But, the T800 (John's Firewall) realizes it's a fake and John ignores the command.

[Tymeaus Jalynsfe...]

No. You don't. The rules you're quoting say nothing about spoofing the master made, just spoofing the access ID of the master node

Here's the classic example from http://forums.dumpshock.com/index.php?s=&a...st&p=804857 trimmed down to just Slamm-O!'s actions.

The problem is that he cannot Directly Spoof the Drone if it is SLAVED to the Master Node, which in the scenario above is not stated. For him to spoof orders to the Drone, in general, he must have the AID of the Connected Subscription from which it is receiving commands. In the case of a Master-Slave Scenario, the only way in is through the Master Node, whcih is not the case in the example that you used. The Drone is not SLAVED to the Rigger, the Rigger just has a Subsrciption to it.

I would have the Drone Slaved, personally, but it is NOT required.

You MUST know about the Slaves available before you can command them, since you cannot tell if the node you are in is Master or not without actually observing its connections. You are not notified when you are forwarded from an attempted Connection with a Slave, because all you see IS THE MASTER. You need to analyze the Node to discover any Slaves present. This is why you need to Spoof access to the Master.

[deek]

It is not so much that you need 2 AID's. It is that you need to convince the Slaved Node that you are indeed who you say you are, which is a Spoof Command. You only need the AID of the Master node.

How would you send a spoofed command to a Slaved Node that you don't have an AID for? Without two AIDs, you can't communicate.

[Tymeaus Jalynsfe...]

How would you send a spoofed command to a Slaved Node that you don't have an AID for? Without two AIDs, you can't communicate.

You do not need the AID of a Slaved Node, you need its Master's AID. You still have to Spoof the Slaved Node (Using the AID of the Master; but as long as it accepts the Master's AID, it will do what it is told to do) of course. The Slaved node is already accepting commands from the Master, and you do need to know of the Slaved Nodes Presence (Using Analyze, of course), but once you have found the Slave, all you need to do is convince it that you are the Master Node.

[Ghost_in_the_Sys...]

The problem is that he cannot Directly Spoof the Drone if it is SLAVED to the Master Node, which in the scenario above is not stated. For him to spoof orders to the Drone, in general, he must have the AID of the Connected Subscription from which it is receiving commands. In the case of a Master-Slave Scenario, the only way in is through the Master Node, whcih is not the case in the example that you used. The Drone is not SLAVED to the Rigger, the Rigger just has a Subsrciption to it.

I would have the Drone Slaved, personally, but it is NOT required.

You MUST know about the Slaves available before you can command them, since you cannot tell if the node you are in is Master or not without actually observing its connections. You are not notified when you are forwarded from an attempted Connection with a Slave, because all you see IS THE MASTER. You need to analyze the Node to discover any Slaves present. This is why you need to Spoof access to the Master.

Slave or not in no way matters in the example provided (assuming that the rigger is the master, which she would have to be to operate the drone). Since you are trying to break into the slave, knowledge of the slave seems to be an already established fact, so there is no need to spoof access to the master (which isn't a thing).

The spoof program is basically identical to the command program in all respects except one, which is that instead of giving your own Access ID, you can give any Access ID you feel like. So, if something will happen when a command is sent from access ID X, then it will happen if a spoofed command is sent to look like it is from access ID X. Access to the Master is in no way required for this. Now, finding what slaves a device might have, that is an entirely different matter.

How would you send a spoofed command to a Slaved Node that you don't have an AID for? Without two AIDs, you can't communicate.

Well, technically an Access ID isn't required for communication. I can go "Okay, I want to connect to that node right there." without actually figuring out what its access ID is. Kind of like how you can connect to dumpshock without knowing its IP address.

[suoq]

The problem is that he cannot Directly Spoof the Drone if it is SLAVED to the Master Node, which in the scenario above is not stated.

Of course he can.

Do we agree that he can directly spoof the drone if it's NOT slaved. If so, can you show me where a slave connection makes it unable to be directly spoofed because the rules you're quoting only require the access ID of the master node, something Slamm-O! already has from his Trace User.

For him to spoof orders to the Drone, in general, he must have the AID of the Connected Subscription from which it is receiving commands.

I can't find that rule anywhere. Actually, I can't even find "Connected Subscription" in the rules. Do subscriptions even have Access IDs?

In the case of a Master-Slave Scenario, the only way in is through the Master Node

Not unless it's a wired connection.

[Ghost_in_the_Sys...]

I can't find that rule anywhere. Actually, I can't even find "Connected Subscription" in the rules. Do subscriptions even have Access IDs?

I think he meant the access ID of the device it is connected to through the subscription, which the example provided has.

[Bearclaw]

The problem is that he cannot Directly Spoof the Drone if it is SLAVED to the Master Node

The rules say you can. They say exactly and without quesiton that you can, because it's one of THREE, not FOUR, ways you can control a device that is slaved to a commlink that isn't yours.

pg. 55 Unwired

Hackers have three options when faced with a slaved node.
First, they can hack in directly to the slave with an additional
threshold modifier of +2, though this requires a physical (wired)
connection to the device. Second, they can hack the master node
(thus gaining access to the slaved node—and any other slaves—
as well), though this node is usually more secure. Third, they can
spoof the access ID of the master node and then spoof commands
to the slave.

[Ghost_in_the_Sys...]

because it's one of THREE, not FOUR

Hey, when faced with a slaved node, you also have the option of ignoring it. You also have the option of convincing the owner of the master node to do stuff for you. You have plenty of options that aren't listed, or are you saying that those things magically aren't options? That if you find a slaved node you must hack into it because ignoring it isn't an option?

[Fortinbras]

Hey, when faced with a slaved node, you also have the option of ignoring it. You also have the option of convincing the owner of the master node to do stuff for you. You have plenty of options that aren't listed, or are you saying that those things magically aren't options? That if you find a slaved node you must hack into it because ignoring it isn't an option?

My team's technomacer with her Black Hat Paragon has to.
One of these days she'll get those 3 hits. Well, one of these days she'll try to.

[sabs]

remember, the slave node is still part of the adhoc network matrix system.

It receives your 'packet' checks to see if your AccessID matches the one of it's master.
Yes: Do what you tell it to
No: Forward request to Master

It is possible btw, to edit the AccessID of your commlink, via a hardware modification, or a computer+edit roll. If you made your accessID the same, then you could hack the node. Especially if you jammed the other commlink's signal.

Think of AccessID as a MAC address.

[Ghost_in_the_Sys...]

Isn't there something preventing two devices with the same access ID from being around at the same time? I mean, I'm sure you could override it, but it would cause all kinds of problems, wouldn't it? I mean, you'd get everything that was intended for the other ID: Phone calls, matrix connections, even data requests by the original device. The other person would also quickly notice anything you're up to, because anything sent to your device would also be sent to theirs.

[Bearclaw]

remember, the slave node is still part of the adhoc network matrix system.

It receives your 'packet' checks to see if your AccessID matches the one of it's master.
Yes: Do what you tell it to
No: Forward request to Master

It is possible btw, to edit the AccessID of your commlink, via a hardware modification, or a computer+edit roll. If you made your accessID the same, then you could hack the node. Especially if you jammed the other commlink's signal.

Think of AccessID as a MAC address.

Isn't that exactly what Spoofing is?

[suoq]

Isn't there something preventing two devices with the same access ID from being around at the same time?

No.

The protocol says DON'T DO IT so programmers don't do it and hackers do. There's no law of physics or game rules that prevents it as far as I'm aware of. Access IDs aren't particularly secure.

I mean, I'm sure you could override it, but it would cause all kinds of problems, wouldn't it?

Define "problems"....

I mean, you'd get everything that was intended for the other ID: Phone calls, matrix connections, even data requests by the original device.

That may meet your definition of problem. Not mine.

The other person would also quickly notice anything you're up to, because anything sent to your device would also be sent to theirs.

Why would I have anything sent to that access ID I don't want the other person to see?

[deek]

TJ, yeah, I wasn't thinking of broadcasting. You are right, as long as I have the master's AID, any slaved nodes that can get my spoofed command will try and perform it. Now, there is risk of being found out quicker if I don't specify only one slave and the other slaves can't perform the action. But yeah, if I broadcast with the right AID, then I don't need to know any of the slaved nodes's AIDs.

Ghost, I'm not sure that I can just pick a slaved node, though. That's just software abstraction that allows you to pick. Just like dumpshock, I may not know the IP, but the IP has to be connected to dumpshock. My impression is that a slaved node does not appear anywhere, as all traffic gets forwarded to the master. Now, that may be a way to figure out a node is slaved, as I could be looking at a comm 3 feet away and try to connect to it and find my traffic is travelling to a comm that is 30 feet away. Again, the way I am reading slaves is that once the node is slaved, it disappears (wirelessly) from any view and only the master is "visible". Granted, the traffic is still being forwarded so that is accessible to scrape AIDs from the intercepted traffic, but you are not interacting with that slave unless you physically connect, go through the master or spoof the master.

[Fortinbras]

If you try to show up in a node which already has that Access ID in it, the node would refuse to allow it because a persona with that access ID already exists.
It's the same thing that prevents Agents from making infinite copies of themselves on the same node.

[Tymeaus Jalynsfe...]

Slave or not in no way matters in the example provided (assuming that the rigger is the master, which she would have to be to operate the drone). Since you are trying to break into the slave, knowledge of the slave seems to be an already established fact, so there is no need to spoof access to the master (which isn't a thing).

The spoof program is basically identical to the command program in all respects except one, which is that instead of giving your own Access ID, you can give any Access ID you feel like. So, if something will happen when a command is sent from access ID X, then it will happen if a spoofed command is sent to look like it is from access ID X. Access to the Master is in no way required for this. Now, finding what slaves a device might have, that is an entirely different matter.


Well, technically an Access ID isn't required for communication. I can go "Okay, I want to connect to that node right there." without actually figuring out what its access ID is. Kind of like how you can connect to dumpshock without knowing its IP address.

It makes all the difference if a Node is standalone or slaved... What books have you been reading?

Unfortunately, an AID IS required for communications. You cannot communicate without transmitting an AID. It is just not something that you generally worry about, because your own AID is used when connections are made. Which is why you can be traced. And your dumpshock relation is inaccurate. You leave a log of what actions you take on Dumpshock, and specific information about you is recorded in the log. Among that data is likely the "Access ID" that is provided to Dumpshock that has the details of your account. If you are anonymous, then they likely just get your IP address, or other such information.

[sabs]

Also remember that spoofing is 1 way. You can send Spoofed commands to a node, but you cannot spoof receive information from that node. You can tell the drone to shoot target X, but you can't know if it's going to do it or not, until it does.

[Tymeaus Jalynsfe...]

Of course he can.

Indeed, but not in all situations.

Do we agree that he can directly spoof the drone if it's NOT slaved. If so, can you show me where a slave connection makes it unable to be directly spoofed because the rules you're quoting only require the access ID of the master node, something Slamm-O! already has from his Trace User.

Of course he can Spoof an Un-Slaved node. That is why Slamm-O! went to the trouble of obtaining an AID that was not his. However, when he tries to spoof a Slaved Node, he is directly routed back to the Master Node, because the SLAVE DOES NOT ACCEPT ANY OTHER COMMUNICATIONS. They MUST come from the MASTER NODE. Because the Hacker has been routed back, the Slave does nothing. You must connect from the Master to the Slave. To do so requires a 2-Step Process, as I indicated above.

I have provided said rules twice now. They are in posts above.

[Tymeaus Jalynsfe...]

The rules say you can. They say exactly and without quesiton that you can, because it's one of THREE, not FOUR, ways you can control a device that is slaved to a commlink that isn't yours.

pg. 55 Unwired

Ironically, these are the same rules that I have already posted twice now. There is NO 4th Option listed.

And no they do not. You cannot DIRECTLY SPOOF a Slaved Node. UNLESS You have direct, physical access. In the examples we have been bandying about, there is NO direct physical access.

[Tymeaus Jalynsfe...]

Also remember that spoofing is 1 way. You can send Spoofed commands to a node, but you cannot spoof receive information from that node. You can tell the drone to shoot target X, but you can't know if it's going to do it or not, until it does.

Very, Very True. (IMG:style_emoticons/default/smile.gif)

[sabs]

Option 3:
You can Spoof the AccessID of the MASTER NODE, and then spoof commands to the slave.

That's pretty clear cut
If you have the Access ID of the Master Node, you can totally spoof the slave.

Non Slaves:
You send a command to a device or agent, pretending it is from an authorized source. You must have an access ID from which the target accepts commands (usually by making a Matrix Perception test on the authorized source or by tracing its icon). To spoof a target, choose a command (per the Issue Command action, p. 229) and make an Opposed Test between your Hacking + Spoof and the target’s Pilot + Firewall (System + Firewall for peripheral devices); if you succeed, the target accepts the command as legitimate. Each Spoof Command action applies only to a single command; multiple commands require multiple Spoof Command attempts.

[Tymeaus Jalynsfe...]

Option 3:
You can Spoof the AccessID of the MASTER NODE, and then spoof commands to the slave.

That's pretty clear cut
If you have the Access ID of the Master Node, you can totally spoof the slave.

But only FROM the Master Node, not from an independant node, because the Slave does not accept any connections except those from the Master Node. You cannot forge a connection except from the master node. Command Connections (The only thing a drone will listen to) need a Subscription. Unfortunately, you cannot forge a Subscription to a Slaved Drone with a Spoof Command. So therefore, you need to use the connection that already exists. The Master Node's connection.

[Ghost_in_the_Sys...]

Of course he can Spoof an Un-Slaved node. That is why Slamm-O! went to the trouble of obtaining an AID that was not his. However, when he tries to spoof a Slaved Node, he is directly routed back to the Master Node, because the SLAVE DOES NOT ACCEPT ANY OTHER COMMUNICATIONS. They MUST come from the MASTER NODE. Because the Hacker has been routed back, the Slave does nothing. You must connect from the Master to the Slave. To do so requires a 2-Step Process, as I indicated above.

I have provided said rules twice now. They are in posts above.

Do you have even the vaguest idea of what spoof does? When you try spoof a slaved node using the master's access ID, the slave will accept them because the instructions look like they are coming from the master. That is THE ENTIRE POINT of spoofing. A device can't tell the difference (without winning the opposed check) from a spoofed command saying it is coming from the master, and an actual command coming from the master. All a command is is a packet of information sent out through the wireless matrix with an access ID attached to it which gives authentication. All a spoofed command is is a packet of information sent out through the wireless matrix with a fake access ID attached to it which gives authentication.

The rules you're posting just say that you have to use the master's access ID as opposed to any other access ID. So, if you have the master's access ID, spoofing a slaved device works exactly like spoofing any other device.

And no they do not. You cannot DIRECTLY SPOOF a Slaved Node. UNLESS You have direct, physical access. In the examples we have been bandying about, there is NO direct physical access.

Read again, you cannot hack the slaved node without direct physical access. Spoofing is not hacking.