2 sure fire protections against "combat hacking", ok not totally sure fire Options

[Psikerlord]

Number 1: Strong encryption (1 - 24 hours decrypt interval) on your commlink node. So any hacker trying to hack in will take forever to do so, even with massive dice pools - certainly no where near the 10 seconds a combat tends to last. Can't use strong encryption on signals though so I guess a hacker can still spoof commands to your drones etc...

Number 2: Slave your gear to a Technomancer's biological node. As far as I understand it, you can't hack a slaved device without going through the master first, and biological nodes cannot be hacked, except by other technomancers or sprites, auto-protecting you against the vast majority of hacker foes.

So ok, not totally surefire, but pretty handy? Anyone at least can take strong encryption, even if you don't have a techno handy for Number 2.

Does this sound right? Am I missing something?

[Eratosthenes]

Encryption (despite the ability to eventually be broken fairly easily) is definitely the strongest defense against hackers. Even the non-Strong version will slow a combat hacker, but you're right, Strong Encryption (assuming the GM allows it) is the way to go.

The only real drawback is the need to have the Encryption program running at all times, so it takes up a program (or Ergonomic) slot on the 'link.

[TheOOB]

Strong encryption never sat right with me, if it was that easy to make a node arbitrary hard to hack, every node would use it. I rule that it takes as much time to legitimately bypass the encryption as it does to make a hacking test.

As for number 2, do you have a technomancer with whom you can trust to give that kind of power. If you slave your device to them, yes only they can give your devices commands, but your devices will also accept any command from them.

I usually just slave all my devices to my 'link, and use them all skin-linked, and then use another link for accessing the matrix and talking to team mates. That way my gun can't be hacked.

[kzt]

No, subscription lists. You can't forge/copy an access ID until you are on the same node as it, and you can't get on the same node because of the subscription list. ...

[Yerameyahu]

I'm not sure that's the case. Access IDs never seemed that hard to get.

[kzt]

I'm not sure that's the case. Access IDs never seemed that hard to get.

It's a matrix perception test against an icon. When do the rules say you can make a matrix perception test?

[The Jopp]

I changed the Encryption rules so that everything is harder to do as you constantly fight against an adapting encryption program.

Encryption VS Decryption
Active encryption programs cover ALL avenues of a node/commlink and changes constantly by switching encryption keys on the fly. All tresholds against a node/commlink is raised by the program rating minus the attacker decryption rating up to a threshold increase of +/- 0. This works similar to how ECCM works with Signal rating against ECM (ECCM+Signal-ECM= Signal).

[KarmaInferno]

A drone can be programmed to simply ignore specific commands or actions.

Technically, you should be able to program a drone to ignore any command that isn't preceded by the word "Snarfle".

(IMG:style_emoticons/default/grinbig.gif)




-k

[Chainsaw Samurai]

A drone can be programmed to simply ignore specific commands or actions.

Technically, you should be able to program a drone to ignore any command that isn't preceded by the word "Snarfle".

(IMG:style_emoticons/default/grinbig.gif)




-k

Of course that's all sort of assumed speculation due to the complete lack of comprehensive rigging and drone rules.

I'm sure we'll get a really solid rigging rules set, and that's how we'll know SR5 is right around the corner.

[Thanee]

A drone can be programmed to simply ignore specific commands or actions.

Technically, you should be able to program a drone to ignore any command that isn't preceded by the word "Snarfle".

(IMG:style_emoticons/default/grinbig.gif)

You can do that, but Spoof still beats Snarfle. (IMG:style_emoticons/default/biggrin.gif)

Bye
Thanee

[Psikerlord]

Yeah strong encryption seems a bit too good to me. I'm tempted to houserule it to nexi/mainframes. Fits the fluff mostly. Basic encryption is mostly good enough, isn't it, for runners in the middle of combat? Rating 5 encryption is threshold 10 to break, which is what, at least 2 passes for a really good hacker? And then they have to actually hack your piece of gear. Would generally give you enough time to shoot the hacker, detect his attempt and switch off, or make your escape, etc ..?

As for techno's and slaving to their biological node, I'm thinking maybe houserule a -2 penalty to all dice rolls (similar to having Registered Sprites on hand) for each piece of gear slaved. Something to create a downside it?

[Eratosthenes]

Slaving everything to the TM is problematic from since only he can command those things. Which means you aren't going to be using your commlink. You could also argue that all sensor feeds (i.e. from a smartlink) would go to the TM then, too.

And the TM only has so many subscriptions.
--

The idea of appending a word or something to the beginning of a command is fine, but hacking would ignore it. Hacking circumvents any and all standard security controls. The only real defense against it is a strong Analyze (to detect it) backed up with IC, and a strong Encryption (to prevent it).

Strong Encryption is powerful, but I figure that the time and resources it takes to set it up means it's not changed as frequently as standard encryption. Strong Encryption of 1 hour takes, IIRC, 1 hour to set up, which is an hour window where you have no encryption protection.

You could also easily have an agent running that changes the Encryption key (thus necessitating a hacker re-decrypt) every combat turn. Or running dynamic encryption.

But remember, running Encryption eats up resources that that nexus would likely want to be using on something else. It's not represented well rules wise (and I imagine it would be), but things that get in the way of their employees' productivity will always be weighed carefully with the advantages gained.

[Bearclaw]

No, subscription lists. You can't forge/copy an access ID until you are on the same node as it, and you can't get on the same node because of the subscription list. ...

You can sniff the traffic to get the access ID, then spoof the ID to send a command. Hackers have been doing that since the (19)60's.
Every single bit of traffic you send has the info necessary to ID yourself, otherwise the receiving device would ignore the data packet, right? And you are broadcasting into the air. So, any idiot with the right gear can pick up your broadcast, open the packet and get your "access ID".

[Yerameyahu]

Indeed. Matrix Perception on an icon is *a* source of Access ID, that's all.

[CrystalBlue]

Really, the only sure fire protection against combat hacking, or hacking in general, is to not use commlinks in the first place. Hence why I play mages and adepts that are also shifter. Not only do I not need a commlink, I don't know what one is. (IMG:style_emoticons/default/biggrin.gif)

The perfect plan...

[Yerameyahu]

You still need one, you just don't know it or have one. (IMG:style_emoticons/default/smile.gif)

[kzt]

You can sniff the traffic to get the access ID, then spoof the ID to send a command. Hackers have been doing that since the (19)60's.

Logically, yes. But NOT by the rules.

By the rules you can't even record data streams that you can't decode.

[Summerstorm]

1. Hm... wasn't it that strong encryption only works on files... not on running systems? It is to make it slower to encrypt the relevant Data in time and on the run, not to secure systems. (Correct me if i am wrong... don't have the books at hand at the moment)

2. Technomancers (as written) are bullshit.

[Tymeaus Jalynsfe...]

Logically, yes. But NOT by the rules.

By the rules you can't even record data streams that you can't decode.

But since you cannot strongly Encrypt Communications, decryption becomes pretty basic.

[Tymeaus Jalynsfe...]

1. Hm... wasn't it that strong encryption only works on files... not on running systems? It is to make it slower to encrypt the relevant Data in time and on the run, not to secure systems. (Correct me if i am wrong... don't have the books at hand at the moment)

2. Technomancers (as written) are bullshit.

1. You can Strong Encrypt a System as well, by the rules. It just takes time. (IMG:style_emoticons/default/smile.gif)
2. Technomancers are not all that bad, In My Opinion.

[Eratosthenes]

You can encrypt the files.
You can strong encrypt the files. This takes time.

You can encrypt the node/nexus. This requires Encrypt to be running on the node/nexus.
You can strong encrypt the node/nexus. This requires Encrypt to be running on the node/nexus. This takes time.

You can encrypt your wireless signals. This requires Encrypt to be running on one of the two connected devices. This also takes up a subscription slot.

Probably the most impenentrable piece of IC would be one that runs Analyze and Encrypt. It alternates between doing a Matrix Perception Scan, and Encrypting the node (simple action). The drawback would be that it would need to continuously send out the encryption key to authorized users (likely a list of Access ID's), that a would-be hacker would have to continuously try to intercept.

Or just hack into the account of one of the recepients to get a live feed of encryption keys.

[Draco18s]

You can sniff the traffic to get the access ID, then spoof the ID to send a command. Hackers have been doing that since the (19)60's.

Before you can spoof, you must have an access ID from which the
target accepts commands. This can be done by finding an authorized
user in the Matrix and 1) making a Matrix Perception test on her icon to
get her access ID. You can also use the 2) Capture Wireless Traffic action
to find legitimate orders and then Trace the communication back to
its source, which will net you the access ID.

The former requires that you hack into the parent node in order to find the child nodes' access ID.
The latter requires that you intercept wireless traffic, and if there isn't any (skinlink, hardwire)...

But lets assume that there is wireless traffic.

Capture Wireless Signal (Sniffer)
[Complex action]
You eavesdrop on wireless traffic going to and from a device. You must
be within the device’s Signal range to capture the traffic. 2) You must succeed
in an Electronic Warfare + Sniffer (3) test to start the capture,
and then you may copy, record, or forward the traffic without another
test as long as you remain within the target device’s Signal range and
keep the Sniffer program running.
There is no way for other parties to detect your capture (without
access to your commlink, of course). 1) If the traffic is encrypted, you
must break the encryption before it can be captured.

Trace User (Track)
You trace an icon back to its originating node. 3)This is a Computer +
Track (10, Complex Action) Extended Test. The target may increase
the threshold with the Redirect Trace action, and a Stealth program
run by your target acts as a negative dice pool modifier.
When you reach the threshold of the Extended Test, you have
successfully traced the target, learning the target’s access ID and the
location of the device housing the originating node (usually the user’s
commlink).

That's a minimum of 2 complex actions and 1 simple* before you can even begin spoofing.

*Decryption is a simple action if you have the key. If you don't...

In itiate Cryptanalysis (Decrypt)
[Complex Action]
You have your Decrypt program start working on an encryption to
which you have access. Cryptanalysis is an Electronic Warfare +
Decrypt (encryption rating x 2, 1 Combat Turn) Extended Test. When
you reach the threshold, the encryption is broken. When you break the
encryption of a file, the file becomes decrypted. When you use this on
a node, you may access that node, but it remains encrypted to others.
Once you have initiated cryptanalysis, your Decrypt program
takes over and runs autonomously, using your Electronic Warfare skill
rating. A running Decrypt program can only work on one encryption
at a time, but multiple Decrypt programs can work on different
encryptions simultaneously; each Decrypt program makes its own
Extended Test and cannot collaborate with other programs.

Even a R1 Encryption on your comlink will delay the hacker enough to make him irrelevant in the first whole round of combat, and if you can finish the combat by the end of the 4th pass, it no longer matters if he gets in: combat is over. Adding in the additional 2 complex actions before a spoof can be attempted, that puts the hacker's earliest opportunity at Pass 3, Round 2.

[Thanee]

Rating 5 encryption is threshold 10 to break, which is what, at least 2 passes for a really good hacker?

I think the time for one roll is a combat round.

Bye
Thanee

[Draco18s]

I think the time for one roll is a combat round.

Bye
Thanee

It sure is, see above.

[Tymeaus Jalynsfe...]

I think the time for one roll is a combat round, IIRC.

Bye
Thanee

Correct, Decryption takes an Entire Combat Turn (up to 4 passes).
So Rating 5 Encryption is likely to tie up the hacker for a minimum of 2 Turns, maybe more. (IMG:style_emoticons/default/smile.gif)