2 sure fire protections against "combat hacking", ok not totally sure fire |
2 sure fire protections against "combat hacking", ok not totally sure fire |
Apr 19 2012, 12:37 AM
Post
#1
|
|
Moving Target Group: Members Posts: 292 Joined: 20-April 09 From: Sydney 'plex Member No.: 17,094 |
Number 1: Strong encryption (1 - 24 hours decrypt interval) on your commlink node. So any hacker trying to hack in will take forever to do so, even with massive dice pools - certainly no where near the 10 seconds a combat tends to last. Can't use strong encryption on signals though so I guess a hacker can still spoof commands to your drones etc...
Number 2: Slave your gear to a Technomancer's biological node. As far as I understand it, you can't hack a slaved device without going through the master first, and biological nodes cannot be hacked, except by other technomancers or sprites, auto-protecting you against the vast majority of hacker foes. So ok, not totally surefire, but pretty handy? Anyone at least can take strong encryption, even if you don't have a techno handy for Number 2. Does this sound right? Am I missing something? |
|
|
Apr 19 2012, 02:03 AM
Post
#2
|
|
Moving Target Group: Members Posts: 356 Joined: 3-April 10 Member No.: 18,409 |
Encryption (despite the ability to eventually be broken fairly easily) is definitely the strongest defense against hackers. Even the non-Strong version will slow a combat hacker, but you're right, Strong Encryption (assuming the GM allows it) is the way to go.
The only real drawback is the need to have the Encryption program running at all times, so it takes up a program (or Ergonomic) slot on the 'link. |
|
|
Apr 19 2012, 03:01 AM
Post
#3
|
|
Running Target Group: Members Posts: 1,290 Joined: 23-January 07 From: Seattle, USA Member No.: 10,749 |
Strong encryption never sat right with me, if it was that easy to make a node arbitrary hard to hack, every node would use it. I rule that it takes as much time to legitimately bypass the encryption as it does to make a hacking test.
As for number 2, do you have a technomancer with whom you can trust to give that kind of power. If you slave your device to them, yes only they can give your devices commands, but your devices will also accept any command from them. I usually just slave all my devices to my 'link, and use them all skin-linked, and then use another link for accessing the matrix and talking to team mates. That way my gun can't be hacked. |
|
|
Apr 19 2012, 04:22 AM
Post
#4
|
|
Great Dragon Group: Members Posts: 5,537 Joined: 27-August 06 From: Albuquerque NM Member No.: 9,234 |
No, subscription lists. You can't forge/copy an access ID until you are on the same node as it, and you can't get on the same node because of the subscription list. ...
|
|
|
Apr 19 2012, 04:25 AM
Post
#5
|
|
Advocatus Diaboli Group: Members Posts: 13,994 Joined: 20-November 07 From: USA Member No.: 14,282 |
I'm not sure that's the case. Access IDs never seemed that hard to get.
|
|
|
Apr 19 2012, 05:11 AM
Post
#6
|
|
Great Dragon Group: Members Posts: 5,537 Joined: 27-August 06 From: Albuquerque NM Member No.: 9,234 |
|
|
|
Apr 19 2012, 06:35 AM
Post
#7
|
|
Runner Group: Members Posts: 2,925 Joined: 26-February 02 Member No.: 948 |
I changed the Encryption rules so that everything is harder to do as you constantly fight against an adapting encryption program.
Encryption VS Decryption Active encryption programs cover ALL avenues of a node/commlink and changes constantly by switching encryption keys on the fly. All tresholds against a node/commlink is raised by the program rating minus the attacker decryption rating up to a threshold increase of +/- 0. This works similar to how ECCM works with Signal rating against ECM (ECCM+Signal-ECM= Signal). |
|
|
Apr 19 2012, 07:40 AM
Post
#8
|
|
Old Man Jones Group: Dumpshocked Posts: 4,415 Joined: 26-February 02 From: New York Member No.: 1,699 |
A drone can be programmed to simply ignore specific commands or actions.
Technically, you should be able to program a drone to ignore any command that isn't preceded by the word "Snarfle". (IMG:style_emoticons/default/grinbig.gif) -k |
|
|
Apr 19 2012, 08:32 AM
Post
#9
|
|
Moving Target Group: Members Posts: 163 Joined: 4-August 10 Member No.: 18,890 |
A drone can be programmed to simply ignore specific commands or actions. Technically, you should be able to program a drone to ignore any command that isn't preceded by the word "Snarfle". (IMG:style_emoticons/default/grinbig.gif) -k Of course that's all sort of assumed speculation due to the complete lack of comprehensive rigging and drone rules. I'm sure we'll get a really solid rigging rules set, and that's how we'll know SR5 is right around the corner. |
|
|
Apr 19 2012, 08:39 AM
Post
#10
|
|
jacked in Group: Admin Posts: 9,042 Joined: 26-February 02 Member No.: 463 |
A drone can be programmed to simply ignore specific commands or actions. Technically, you should be able to program a drone to ignore any command that isn't preceded by the word "Snarfle". (IMG:style_emoticons/default/grinbig.gif) You can do that, but Spoof still beats Snarfle. (IMG:style_emoticons/default/biggrin.gif) Bye Thanee |
|
|
Apr 19 2012, 11:24 AM
Post
#11
|
|
Moving Target Group: Members Posts: 292 Joined: 20-April 09 From: Sydney 'plex Member No.: 17,094 |
Yeah strong encryption seems a bit too good to me. I'm tempted to houserule it to nexi/mainframes. Fits the fluff mostly. Basic encryption is mostly good enough, isn't it, for runners in the middle of combat? Rating 5 encryption is threshold 10 to break, which is what, at least 2 passes for a really good hacker? And then they have to actually hack your piece of gear. Would generally give you enough time to shoot the hacker, detect his attempt and switch off, or make your escape, etc ..?
As for techno's and slaving to their biological node, I'm thinking maybe houserule a -2 penalty to all dice rolls (similar to having Registered Sprites on hand) for each piece of gear slaved. Something to create a downside it? |
|
|
Apr 19 2012, 01:44 PM
Post
#12
|
|
Moving Target Group: Members Posts: 356 Joined: 3-April 10 Member No.: 18,409 |
Slaving everything to the TM is problematic from since only he can command those things. Which means you aren't going to be using your commlink. You could also argue that all sensor feeds (i.e. from a smartlink) would go to the TM then, too.
And the TM only has so many subscriptions. -- The idea of appending a word or something to the beginning of a command is fine, but hacking would ignore it. Hacking circumvents any and all standard security controls. The only real defense against it is a strong Analyze (to detect it) backed up with IC, and a strong Encryption (to prevent it). Strong Encryption is powerful, but I figure that the time and resources it takes to set it up means it's not changed as frequently as standard encryption. Strong Encryption of 1 hour takes, IIRC, 1 hour to set up, which is an hour window where you have no encryption protection. You could also easily have an agent running that changes the Encryption key (thus necessitating a hacker re-decrypt) every combat turn. Or running dynamic encryption. But remember, running Encryption eats up resources that that nexus would likely want to be using on something else. It's not represented well rules wise (and I imagine it would be), but things that get in the way of their employees' productivity will always be weighed carefully with the advantages gained. |
|
|
Apr 19 2012, 03:16 PM
Post
#13
|
|
Shooting Target Group: Members Posts: 1,632 Joined: 26-February 02 From: Portland Oregon, USA Member No.: 1,304 |
No, subscription lists. You can't forge/copy an access ID until you are on the same node as it, and you can't get on the same node because of the subscription list. ... You can sniff the traffic to get the access ID, then spoof the ID to send a command. Hackers have been doing that since the (19)60's. Every single bit of traffic you send has the info necessary to ID yourself, otherwise the receiving device would ignore the data packet, right? And you are broadcasting into the air. So, any idiot with the right gear can pick up your broadcast, open the packet and get your "access ID". |
|
|
Apr 19 2012, 03:23 PM
Post
#14
|
|
Advocatus Diaboli Group: Members Posts: 13,994 Joined: 20-November 07 From: USA Member No.: 14,282 |
Indeed. Matrix Perception on an icon is *a* source of Access ID, that's all.
|
|
|
Apr 19 2012, 03:30 PM
Post
#15
|
|
Moving Target Group: Members Posts: 284 Joined: 16-June 05 Member No.: 7,450 |
Really, the only sure fire protection against combat hacking, or hacking in general, is to not use commlinks in the first place. Hence why I play mages and adepts that are also shifter. Not only do I not need a commlink, I don't know what one is. (IMG:style_emoticons/default/biggrin.gif)
The perfect plan... |
|
|
Apr 19 2012, 03:57 PM
Post
#16
|
|
Advocatus Diaboli Group: Members Posts: 13,994 Joined: 20-November 07 From: USA Member No.: 14,282 |
You still need one, you just don't know it or have one. (IMG:style_emoticons/default/smile.gif)
|
|
|
Apr 19 2012, 04:10 PM
Post
#17
|
|
Great Dragon Group: Members Posts: 5,537 Joined: 27-August 06 From: Albuquerque NM Member No.: 9,234 |
|
|
|
Apr 19 2012, 04:16 PM
Post
#18
|
|
Running Target Group: Members Posts: 1,000 Joined: 30-May 09 From: Germany Member No.: 17,225 |
1. Hm... wasn't it that strong encryption only works on files... not on running systems? It is to make it slower to encrypt the relevant Data in time and on the run, not to secure systems. (Correct me if i am wrong... don't have the books at hand at the moment)
2. Technomancers (as written) are bullshit. |
|
|
Apr 19 2012, 04:17 PM
Post
#19
|
|
Prime Runner Ascendant Group: Members Posts: 17,568 Joined: 26-March 09 From: Aurora, Colorado Member No.: 17,022 |
|
|
|
Apr 19 2012, 04:18 PM
Post
#20
|
|
Prime Runner Ascendant Group: Members Posts: 17,568 Joined: 26-March 09 From: Aurora, Colorado Member No.: 17,022 |
1. Hm... wasn't it that strong encryption only works on files... not on running systems? It is to make it slower to encrypt the relevant Data in time and on the run, not to secure systems. (Correct me if i am wrong... don't have the books at hand at the moment) 2. Technomancers (as written) are bullshit. 1. You can Strong Encrypt a System as well, by the rules. It just takes time. (IMG:style_emoticons/default/smile.gif) 2. Technomancers are not all that bad, In My Opinion. |
|
|
Apr 19 2012, 04:54 PM
Post
#21
|
|
Moving Target Group: Members Posts: 356 Joined: 3-April 10 Member No.: 18,409 |
You can encrypt the files.
You can strong encrypt the files. This takes time. You can encrypt the node/nexus. This requires Encrypt to be running on the node/nexus. You can strong encrypt the node/nexus. This requires Encrypt to be running on the node/nexus. This takes time. You can encrypt your wireless signals. This requires Encrypt to be running on one of the two connected devices. This also takes up a subscription slot. Probably the most impenentrable piece of IC would be one that runs Analyze and Encrypt. It alternates between doing a Matrix Perception Scan, and Encrypting the node (simple action). The drawback would be that it would need to continuously send out the encryption key to authorized users (likely a list of Access ID's), that a would-be hacker would have to continuously try to intercept. Or just hack into the account of one of the recepients to get a live feed of encryption keys. |
|
|
Apr 19 2012, 05:39 PM
Post
#22
|
|
Immortal Elf Group: Members Posts: 10,289 Joined: 2-October 08 Member No.: 16,392 |
You can sniff the traffic to get the access ID, then spoof the ID to send a command. Hackers have been doing that since the (19)60's. QUOTE Before you can spoof, you must have an access ID from which the target accepts commands. This can be done by finding an authorized user in the Matrix and 1) making a Matrix Perception test on her icon to get her access ID. You can also use the 2) Capture Wireless Traffic action to find legitimate orders and then Trace the communication back to its source, which will net you the access ID. The former requires that you hack into the parent node in order to find the child nodes' access ID. The latter requires that you intercept wireless traffic, and if there isn't any (skinlink, hardwire)... But lets assume that there is wireless traffic. QUOTE Capture Wireless Signal (Sniffer) [Complex action] You eavesdrop on wireless traffic going to and from a device. You must be within the device’s Signal range to capture the traffic. 2) You must succeed in an Electronic Warfare + Sniffer (3) test to start the capture, and then you may copy, record, or forward the traffic without another test as long as you remain within the target device’s Signal range and keep the Sniffer program running. There is no way for other parties to detect your capture (without access to your commlink, of course). 1) If the traffic is encrypted, you must break the encryption before it can be captured. QUOTE Trace User (Track) You trace an icon back to its originating node. 3)This is a Computer + Track (10, Complex Action) Extended Test. The target may increase the threshold with the Redirect Trace action, and a Stealth program run by your target acts as a negative dice pool modifier. When you reach the threshold of the Extended Test, you have successfully traced the target, learning the target’s access ID and the location of the device housing the originating node (usually the user’s commlink). That's a minimum of 2 complex actions and 1 simple* before you can even begin spoofing. *Decryption is a simple action if you have the key. If you don't... QUOTE In itiate Cryptanalysis (Decrypt) [Complex Action] You have your Decrypt program start working on an encryption to which you have access. Cryptanalysis is an Electronic Warfare + Decrypt (encryption rating x 2, 1 Combat Turn) Extended Test. When you reach the threshold, the encryption is broken. When you break the encryption of a file, the file becomes decrypted. When you use this on a node, you may access that node, but it remains encrypted to others. Once you have initiated cryptanalysis, your Decrypt program takes over and runs autonomously, using your Electronic Warfare skill rating. A running Decrypt program can only work on one encryption at a time, but multiple Decrypt programs can work on different encryptions simultaneously; each Decrypt program makes its own Extended Test and cannot collaborate with other programs. Even a R1 Encryption on your comlink will delay the hacker enough to make him irrelevant in the first whole round of combat, and if you can finish the combat by the end of the 4th pass, it no longer matters if he gets in: combat is over. Adding in the additional 2 complex actions before a spoof can be attempted, that puts the hacker's earliest opportunity at Pass 3, Round 2. |
|
|
Apr 19 2012, 06:11 PM
Post
#23
|
|
jacked in Group: Admin Posts: 9,042 Joined: 26-February 02 Member No.: 463 |
|
|
|
Apr 19 2012, 06:14 PM
Post
#24
|
|
Immortal Elf Group: Members Posts: 10,289 Joined: 2-October 08 Member No.: 16,392 |
|
|
|
Apr 19 2012, 06:16 PM
Post
#25
|
|
Prime Runner Ascendant Group: Members Posts: 17,568 Joined: 26-March 09 From: Aurora, Colorado Member No.: 17,022 |
I think the time for one roll is a combat round, IIRC. Bye Thanee Correct, Decryption takes an Entire Combat Turn (up to 4 passes). So Rating 5 Encryption is likely to tie up the hacker for a minimum of 2 Turns, maybe more. (IMG:style_emoticons/default/smile.gif) |
|
|
Lo-Fi Version | Time is now: 26th April 2024 - 08:37 PM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.