IPB
X   Site Message
(Message will auto close in 2 seconds)

Welcome Guest ( Log In | Register )

2 Pages V   1 2 >  
Reply to this topicStart new topic
> Data Bomb Passcodes, How best to run it?
Aerospider
post Aug 27 2011, 11:03 AM
Post #1


Running Target
***

Group: Members
Posts: 1,150
Joined: 15-December 09
Member No.: 17,968



The implications in RAW seem contradictory (no, seriously).

On the one hand it seems one needs to succeed in a Matrix perception test to spot one, but then if it relies on a passcode system to allow legitimate access surely asking for the passcode would tip off an unwary intruder?

If you go to open a file and it asks for a passcode that you do not know then I can only think of two possibilities -

A) It's an encryption passcode so you're not getting in anyway

or

B) It's a databomb passcode that won't stop you getting in, but you will be blown up the very instant that you do

So what reason would anyone have for trying to open the file without filling in the passcode?
Does it make sense that the passcode can be supplied by the user without being asked for it, thus forming a trap for the unwary intruder?
Go to the top of the page
 
+Quote Post
Infornography
post Aug 27 2011, 11:47 AM
Post #2


Target
*

Group: Members
Posts: 89
Joined: 18-August 11
Member No.: 36,178



It's an encryption passcode so you're not getting in anyway.
No, that would be an encryption passcode and not a databomb, obviously. (IMG:style_emoticons/default/wink.gif)

It's a databomb passcode that won't stop you getting in, but you will be blown up the very instant that you do.
That's right.

So what reason would anyone have for trying to open the file without filling in the passcode?
Simply, not knowing the databomb is there. You don't check every door for internal security systems before trying to use the doorknob either.

Does it make sense that the passcode can be supplied by the user without being asked for it, thus forming a trap for the unwary intruder? Think of the passcode as an invisible tripwire. If you know where it is you can easily pass.
If you know it's there but not where you can try to avoid it while passing. If you don't see it you set off the bomb.
Go to the top of the page
 
+Quote Post
Kirk
post Aug 27 2011, 12:06 PM
Post #3


Moving Target
**

Group: Members
Posts: 210
Joined: 4-August 11
From: Vicinity Houston
Member No.: 34,911



What Infornography said.

Look, compare it to one of those panel-based alarms stores have. You get in, you don't tell it things are ok, and the alarm goes off. Some of them are silent - they don't beep to warn you they're counting down.

Most alarms just call for the cops instead of setting off a kill-charge. You still get the idea, however.
Go to the top of the page
 
+Quote Post
Aerospider
post Aug 27 2011, 01:52 PM
Post #4


Running Target
***

Group: Members
Posts: 1,150
Joined: 15-December 09
Member No.: 17,968



So you play it that the user is not asked for the passcode - they submit it off their own back through some undefined means that they know that particular bomb will understand. I can't shake the image of someone opening a Word document whilst simultaneously typing the password into Notepad.

Ah well, I guess it's within the scope of handwavium.
Go to the top of the page
 
+Quote Post
Kirk
post Aug 27 2011, 02:02 PM
Post #5


Moving Target
**

Group: Members
Posts: 210
Joined: 4-August 11
From: Vicinity Houston
Member No.: 34,911



Try this image instead. Open file xyz.docx?p=here's_the_bonus-password_don't"blow-up"this_time.

Not so much a query, just if the additional code isn't attached to the query (or logon or whatever) the bomb goes boom.

That is how I picture it, anyway.
Go to the top of the page
 
+Quote Post
Yerameyahu
post Aug 27 2011, 02:05 PM
Post #6


Advocatus Diaboli
**********

Group: Members
Posts: 13,994
Joined: 20-November 07
From: USA
Member No.: 14,282



It's more like entering a cheat code during the loading screen of an old game. (IMG:style_emoticons/default/smile.gif)
Go to the top of the page
 
+Quote Post
Aerospider
post Aug 27 2011, 02:13 PM
Post #7


Running Target
***

Group: Members
Posts: 1,150
Joined: 15-December 09
Member No.: 17,968



QUOTE (Infornography @ Aug 27 2011, 12:47 PM) *
It's an encryption passcode so you're not getting in anyway.
No, that would be an encryption passcode and not a databomb, obviously. (IMG:style_emoticons/default/wink.gif)

What's the 'obvious' difference from the user's perspective exactly?

QUOTE (Infornography @ Aug 27 2011, 12:47 PM) *
So what reason would anyone have for trying to open the file without filling in the passcode?
Simply, not knowing the databomb is there. You don't check every door for internal security systems before trying to use the doorknob either.

If I knew that keypads were often bombed and I saw one on a door I wouldn't try the handle.

QUOTE (Infornography @ Aug 27 2011, 12:47 PM) *
Does it make sense that the passcode can be supplied by the user without being asked for it, thus forming a trap for the unwary intruder? Think of the passcode as an invisible tripwire. If you know where it is you can easily pass.
If you know it's there but not where you can try to avoid it while passing. If you don't see it you set off the bomb.

That's a really inapt metaphor - the passcode is what you give to the security system through some vehicle or other so that it can match it against its records. No match equals boom. A better metaphor is the keypad on a door, and in those terms my question was 'do you see a keypad or do you have to already know where on the door the invisible keypad is?'.
Go to the top of the page
 
+Quote Post
Infornography
post Aug 27 2011, 03:47 PM
Post #8


Target
*

Group: Members
Posts: 89
Joined: 18-August 11
Member No.: 36,178



The answer to all your questions is that you don't "see" the databomb and it doesn't "ask" for the passcode.

You either have to know it's there or analyze the file, node or whatever you want to access.
It's not like a keypad pops up and you actually have to enter a passcode.
You just send the signal that tells the bomb it's cool to let you pass.

And the metaphor was perfectly fine. You just didn't get it.
Go to the top of the page
 
+Quote Post
Yerameyahu
post Aug 27 2011, 03:50 PM
Post #9


Advocatus Diaboli
**********

Group: Members
Posts: 13,994
Joined: 20-November 07
From: USA
Member No.: 14,282



Isn't that called a passcode? (IMG:style_emoticons/default/smile.gif) Which is specifically what SR4A p233 calls it.

Incidentally, is a non-Pavlov (stupidest option ever) data bomb deleted upon successful legit use? It is described at 'defused' when you enter the passcode; doesn't this mean you have to re-set it if you still want it there later? (I'd never thought about it before, that's all. (IMG:style_emoticons/default/smile.gif) )
Go to the top of the page
 
+Quote Post
Infornography
post Aug 27 2011, 03:59 PM
Post #10


Target
*

Group: Members
Posts: 89
Joined: 18-August 11
Member No.: 36,178



If the bomb goes off it's gone.
If someone defuses it, it's still there and active for everyone.
If I remember correctly, you can't defuse it for someone else.
Also if the bomb is on a "door" and you defused it to get in you have to defuse it again if you want to get out, I think.

Even though Pavlov stays active after it went off, it's weaker than the bomb.
I think the bomb is more like a data terrorist thing than a corporate security measure.

Ah, I forgot. I'm talking SR3 here. Don't know if it's still the same in SR4.
Go to the top of the page
 
+Quote Post
Aerospider
post Aug 27 2011, 04:09 PM
Post #11


Running Target
***

Group: Members
Posts: 1,150
Joined: 15-December 09
Member No.: 17,968



QUOTE (Infornography @ Aug 27 2011, 04:47 PM) *
And the metaphor was perfectly fine. You just didn't get it.

That is so arrogant. Even if it's true, it's interesting that you as the author take no responsibility.

Word of advice - if someone asks for help and you treat them like an idiot from the get-go don't be surprised if feathers get ruffled.
Go to the top of the page
 
+Quote Post
Aerospider
post Aug 27 2011, 04:10 PM
Post #12


Running Target
***

Group: Members
Posts: 1,150
Joined: 15-December 09
Member No.: 17,968



QUOTE (Yerameyahu @ Aug 27 2011, 03:05 PM) *
It's more like entering a cheat code during the loading screen of an old game. (IMG:style_emoticons/default/smile.gif)

Thanks Yerameyahu, that's the kind of answer I was needing.
Go to the top of the page
 
+Quote Post
Infornography
post Aug 27 2011, 04:15 PM
Post #13


Target
*

Group: Members
Posts: 89
Joined: 18-August 11
Member No.: 36,178



QUOTE (Aerospider @ Aug 27 2011, 05:09 PM) *
That is so arrogant. Even if it's true, it's interesting that you as the author take no responsibility.

Word of advice - if someone asks for help and you treat them like an idiot from the get-go don't be surprised if feathers get ruffled.
Eeh? I didn't mean to be rude. There's nothing wrong with not getting something. I don't get things all the time.
And I certainly didn't call you an idiot.
Go to the top of the page
 
+Quote Post
Yerameyahu
post Aug 27 2011, 04:32 PM
Post #14


Advocatus Diaboli
**********

Group: Members
Posts: 13,994
Joined: 20-November 07
From: USA
Member No.: 14,282



See, I feel like data bombs still act like you described: you 'defuse' for yourself only, which really just means you pass. It's not defusing at all, so it's a bad metaphor. The only way to get rid of them is to 'blow them up'—even the owner doesn't appear to have delete rights, and there's no 'clearing' them. (IMG:style_emoticons/default/smile.gif) This seems odd, so I figure I'm just mis-remembering/-reading. The bit I mentioned a moment ago is just (badly) vague, so it could go either way.

Data bombs really are a mess. There's no reason not to have them on literally everything (files, nodes, etc.). They can be easily configured to destroy data or not, they can cheaply be made to recur (or not), and you only have to buy the program once to plant infinite bombs. They use no processor power or memory space. And so on. :/ I don't hate the idea of them, but jeez. It's like having a magic nanotech gun that plants camouflaged grenades.
Go to the top of the page
 
+Quote Post
Infornography
post Aug 27 2011, 04:38 PM
Post #15


Target
*

Group: Members
Posts: 89
Joined: 18-August 11
Member No.: 36,178



QUOTE (Yerameyahu @ Aug 27 2011, 05:32 PM) *
See, I feel like data bombs still act like you described: you 'defuse' for yourself only, which really just means you pass. It's not defusing at all, so it's a bad metaphor. The only way to get rid of them is to 'blow them up'—even the owner doesn't appear to have delete rights, and there's no 'clearing' them. (IMG:style_emoticons/default/smile.gif) This seems odd, so I figure I'm just mis-remembering/-reading. The bit I mentioned a moment ago is just (badly) vague, so it could go either way.
I never said you defuse the "tripwire", just that you pass it. (IMG:style_emoticons/default/wink.gif)
I think it should be possible to completely remove the bomb without setting it off or set it off without beeing hit. Maybe with a dumbframe?
Anyway it's pretty confusing that the Defuse program actually doesn't defuse anything. Should've been called Fool instead.
Go to the top of the page
 
+Quote Post
Infornography
post Aug 27 2011, 04:41 PM
Post #16


Target
*

Group: Members
Posts: 89
Joined: 18-August 11
Member No.: 36,178



QUOTE (Yerameyahu @ Aug 27 2011, 05:32 PM) *
Data bombs really are a mess. There's no reason not to have them on literally everything (files, nodes, etc.). They can be easily configured to destroy data or not, they can cheaply be made to recur (or not), and you only have to buy the program once to plant infinite bombs. They use no processor power or memory space. And so on. :/ I don't hate the idea of them, but jeez. It's like having a magic nanotech gun that plants camouflaged grenades.
Corporations would only use them until the first sararyman fucks up giving the passcode and dies.
Like I said, I think of them as more of a surprise from data terrorists than actual security measures.
Go to the top of the page
 
+Quote Post
Yerameyahu
post Aug 27 2011, 04:42 PM
Post #17


Advocatus Diaboli
**********

Group: Members
Posts: 13,994
Joined: 20-November 07
From: USA
Member No.: 14,282



You didn't say it, SR4A did. It specifically says 'defuse' when you enter the passcode. And the Defuse program 'disables' the bomb, which is both wrong… and a weird situation not to use the word defuse. (IMG:style_emoticons/default/smile.gif)

Ah, but see: there are zero rules about 'messing up the passcode'. Theoretically, it's handled automatically in the background by your machine. And sararimen wouldn't be hot VR. That's my point: they're a *great* security measure.
Go to the top of the page
 
+Quote Post
Infornography
post Aug 27 2011, 04:46 PM
Post #18


Target
*

Group: Members
Posts: 89
Joined: 18-August 11
Member No.: 36,178



I wouldn't know, since I didn't look into the 4th ed matrix, yet.
In 3 Defuse fools the bomb in making it see you as a legitimate user.
Or maybe I'm just confusing things. Sorry, if I am.
Go to the top of the page
 
+Quote Post
Yerameyahu
post Aug 27 2011, 04:49 PM
Post #19


Advocatus Diaboli
**********

Group: Members
Posts: 13,994
Joined: 20-November 07
From: USA
Member No.: 14,282



Yeah, I do think things are roughly the same as they were in 3. Which is to say, still a mess of bad terminology and balance issues. (IMG:style_emoticons/default/smile.gif)
Go to the top of the page
 
+Quote Post
Infornography
post Aug 27 2011, 05:10 PM
Post #20


Target
*

Group: Members
Posts: 89
Joined: 18-August 11
Member No.: 36,178



Exactly. That's why I prefer roleplaying the matrix and only make some checks here and there so that those 60% of your character doesn't go down the drain. It works for astral space so why shouldn't it work for the matrix too?
Go to the top of the page
 
+Quote Post
Kirk
post Aug 27 2011, 05:15 PM
Post #21


Moving Target
**

Group: Members
Posts: 210
Joined: 4-August 11
From: Vicinity Houston
Member No.: 34,911



QUOTE (Yerameyahu @ Aug 27 2011, 12:32 PM) *
See, I feel like data bombs still act like you described: you 'defuse' for yourself only, which really just means you pass. It's not defusing at all, so it's a bad metaphor. The only way to get rid of them is to 'blow them up'—even the owner doesn't appear to have delete rights, and there's no 'clearing' them. (IMG:style_emoticons/default/smile.gif) This seems odd, so I figure I'm just mis-remembering/-reading. The bit I mentioned a moment ago is just (badly) vague, so it could go either way.

Data bombs really are a mess. There's no reason not to have them on literally everything (files, nodes, etc.). They can be easily configured to destroy data or not, they can cheaply be made to recur (or not), and you only have to buy the program once to plant infinite bombs. They use no processor power or memory space. And so on. :/ I don't hate the idea of them, but jeez. It's like having a magic nanotech gun that plants camouflaged grenades.

Small caveat I suspect you already know but want to note in case.

While you can put them on literally everything you can only put one per node.

The rest of your comments? yeah.
Go to the top of the page
 
+Quote Post
Yerameyahu
post Aug 27 2011, 05:22 PM
Post #22


Advocatus Diaboli
**********

Group: Members
Posts: 13,994
Joined: 20-November 07
From: USA
Member No.: 14,282



Right: one per anything. One on the node, one on every file in that node, etc.
Go to the top of the page
 
+Quote Post
Kirk
post Aug 27 2011, 06:17 PM
Post #23


Moving Target
**

Group: Members
Posts: 210
Joined: 4-August 11
From: Vicinity Houston
Member No.: 34,911



QUOTE (Yerameyahu @ Aug 27 2011, 12:22 PM) *
Right: one per anything. One on the node, one on every file in that node, etc.

huh. Went back to re-read it and can see how you get that. I'd always read it as meaning if one was in the node it stopped the rest.

QUOTE
Only one data bomb may be attached to a particular file or device.
Go to the top of the page
 
+Quote Post
Tymeaus Jalynsfe...
post Aug 27 2011, 06:32 PM
Post #24


Prime Runner Ascendant
**********

Group: Members
Posts: 17,568
Joined: 26-March 09
From: Aurora, Colorado
Member No.: 17,022



QUOTE (Kirk @ Aug 27 2011, 11:17 AM) *
huh. Went back to re-read it and can see how you get that. I'd always read it as meaning if one was in the node it stopped the rest.


A Particular File does not a device make, and vice versa. I Am with Yerameyahu on this. You may have one on a Device, and one per any file you want ON that device. It is a great choice for setting up Honey Pots in my opinion.
No worries though. (IMG:style_emoticons/default/smile.gif)
Go to the top of the page
 
+Quote Post
Yerameyahu
post Aug 27 2011, 06:33 PM
Post #25


Advocatus Diaboli
**********

Group: Members
Posts: 13,994
Joined: 20-November 07
From: USA
Member No.: 14,282



Oh, I see. I feel like it would just say '1 per node', if it meant 1 total. Hmm.
Go to the top of the page
 
+Quote Post

2 Pages V   1 2 >
Reply to this topicStart new topic

 



RSS Lo-Fi Version Time is now: 12th April 2022 - 01:17 PM

Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.