Drone Hacking Options

[Mayhem_2006]

AFAIK, you can impose arbitrary controls on your node: a hard list of whitelisted subscriptions, for example, or a max total. I'm not sure it's useful (or, more accurately, worth the effort), but you *can* do many things not specifically in the book.

But again, most of that sort of thing would presumably already be taken into account by the mechanics of having a firewall - and defeating one.

[suoq]

There is no inherent reason why the team can implement security measures that the target cannot choose to implement as well.

When the team cannot be hurt, the target cannot be hurt.
When the team cannot be hacked, the target cannot be hacked.
When the team cannot be detected, the defenses cannot be detected.

If you allow "a hard list of whitelisted subscriptions" and the intruder does get access by finding the right subscription and a security hole to get that subscription access and the intruder then changes that hard list or adds a soft list that blocks all the subscriptions but the one he's occupied, your own security measure table rules become a liability to the team.

Secure your home well enough, and you'll be locked out of it yourself.

[Sengir]

AFAIK, you can impose arbitrary controls on your node: a hard list of whitelisted subscriptions, for example, or a max total.

And the whole point of an Exploit test is to find a hole in such defences. If a machine got rooted, don't expect anything running on there to work as it should (IMG:style_emoticons/default/wink.gif)

[Tymeaus Jalynsfe...]

And the whole point of an Exploit test is to find a hole in such defences. If a machine got rooted, don't expect anything running on there to work as it should (IMG:style_emoticons/default/wink.gif)

Indeed... You can take all the precautions you want, but in the End, it all comes down to an Exploit vs Firewall test.

[Sengir]

Indeed... You can take all the precautions you want, but in the End, it all comes down to an Exploit vs Firewall test.

Well, there are some precautions not covered by that test (IMG:style_emoticons/default/wink.gif)

[Tymeaus Jalynsfe...]

Well, there are some precautions not covered by that test (IMG:style_emoticons/default/wink.gif)

Very Few... (IMG:style_emoticons/default/smile.gif)

[LurkerOutThere]

Well, there are some precautions not covered by that test (IMG:style_emoticons/default/wink.gif)

Yes and no, it's supposed to be an abstract system. As others, especially Suoq pointed out there could be stuff like out there but realistically none of our characters are special little snowflakes, anything they can think of to do someone else, especially the corp people paid to think about things like that 24/7 would come up with it first. So while there might be unusual setups on occasion at most they aught to impose some extra hoops to jump through or a dice pool penalty. Because at the end of the day the following is true:

Nearly everything is hackable in Shadowrun, it's just a matter of how much effort your willing to put in. Nothing is unhackable, otherwise the corps would have beat the hackers to it.

[Sengir]

I was referring to security measures like data bombs or creative system sculpting. Lockpicking is abstracted, but that abstraction does not cover figuring out that the secret backdoor is a trap (IMG:style_emoticons/default/wink.gif)

[Rubic]

A special consideration that seems to be either ignored or overlooked: system size WILL, inherently, change what an inherently better protection plan is. A personal commlink with a subscription limit and a notice every time a new subscription logs in can work, while a nexis or commonly accessed node with the same security protocol will find itself bogged down. So, you could easily tell your commlink to alert you when someone hacks in and logs into a new subscription, which will make it near impossible for anybody else to hack in without your knowledge.

The downside to such a plan, is that it is optimized against intrusion at the expense of vulnerability to DDoS attacks, as each new successful subscription increases the processor load more than a failed attempt. Once such a system is dropped, any devices subscribed to it can more easily be spoofed by an attacker.

Edit: perhaps, then, the best way to represent this is to have a system optimized for Firewall.

[Aku]

A special consideration that seems to be either ignored or overlooked: system size WILL, inherently, change what an inherently better protection plan is. A personal commlink with a subscription limit and a notice every time a new subscription logs in can work, while a nexis or commonly accessed node with the same security protocol will find itself bogged down. So, you could easily tell your commlink to alert you when someone hacks in and logs into a new subscription, which will make it near impossible for anybody else to hack in without your knowledge.

The downside to such a plan, is that it is optimized against intrusion at the expense of vulnerability to DDoS attacks, as each new successful subscription increases the processor load more than a failed attempt. Once such a system is dropped, any devices subscribed to it can more easily be spoofed by an attacker.

Edit: perhaps, then, the best way to represent this is to have a system optimized for Firewall.

I would think that this would already be in the "fluff", just because a commlinks firewall:6 and a megacorps firewall:6 while numerically the same, doesnt mean they go about the job the same way.

[Sengir]

One of the very few things W! did right is that Matrix ratings now can go from one to ten, with everything above six being prohibitively expensive (growing cubically with Rating).

[Mayhem_2006]

A special consideration that seems to be either ignored or overlooked: system size WILL, inherently, change what an inherently better protection plan is. A personal commlink with a subscription limit and a notice every time a new subscription logs in can work...

Unless the fluff for my exploit attack is that it sets the subscription limit to one higher as it connects, or that it doesn't get recognised as a subscription by the subscription monitoring subroutine, or...

[Rubic]

I would think that this would already be in the "fluff", just because a commlinks firewall:6 and a megacorps firewall:6 while numerically the same, doesnt mean they go about the job the same way.

Never trust, expect, or believe in "fluff" to balance or protect against "crunch." Apples and Oranges. Even having higher standards for personal grooming can add a +1 or more to Influence SG checks.

Unless the fluff for my exploit attack is that it sets the subscription limit to one higher as it connects, or that it doesn't get recognised as a subscription by the subscription monitoring subroutine, or...

Perhaps, but that begs the question of program optimization versus SYSTEM optimization (which does not yet have an active mechanic). Also, as I said, optimizing one way leaves vulnerabilities in other ways. EDIT: It'd be comparable to Lifestyle positive and negative qualities.

[Aku]

Never trust, expect, or believe in "fluff" to balance or protect against "crunch." Apples and Oranges. Even having higher standards for personal grooming can add a +1 or more to Influence SG checks.

But what you're asking for is specifically, fluff. You want to say "my commlink does this, this and this" so I can never get hacked. And to that i say "sure it does that,that and that", but if the hacker beats your firewall test, they found away around each one of those things.

[Rubic]

But what you're asking for is specifically, fluff. You want to say "my commlink does this, this and this" so I can never get hacked. And to that i say "sure it does that,that and that", but if the hacker beats your firewall test, they found away around each one of those things.

I'm not asking for fluff (you'd have to look at the OP for that). I've suggested a fundament for building such a mechanic as what's been talked about earlier, a mechanic already in place for a different aspect of the game. I haven't tried to refine it since it's not my particular interest. I ALSO have not discredited suggestions that an exploit program could disable or circumvent such a feature. I even suggested a vulnerability that it would potentially open up. Check my posts again.