IPB

Welcome Guest ( Log In | Register )

4 Pages V   1 2 3 > »   
Reply to this topicStart new topic
> 2 sure fire protections against "combat hacking", ok not totally sure fire
Psikerlord
post Apr 19 2012, 12:37 AM
Post #1


Moving Target
**

Group: Members
Posts: 292
Joined: 20-April 09
From: Sydney 'plex
Member No.: 17,094



Number 1: Strong encryption (1 - 24 hours decrypt interval) on your commlink node. So any hacker trying to hack in will take forever to do so, even with massive dice pools - certainly no where near the 10 seconds a combat tends to last. Can't use strong encryption on signals though so I guess a hacker can still spoof commands to your drones etc...

Number 2: Slave your gear to a Technomancer's biological node. As far as I understand it, you can't hack a slaved device without going through the master first, and biological nodes cannot be hacked, except by other technomancers or sprites, auto-protecting you against the vast majority of hacker foes.

So ok, not totally surefire, but pretty handy? Anyone at least can take strong encryption, even if you don't have a techno handy for Number 2.

Does this sound right? Am I missing something?
Go to the top of the page
 
+Quote Post
Eratosthenes
post Apr 19 2012, 02:03 AM
Post #2


Moving Target
**

Group: Members
Posts: 356
Joined: 3-April 10
Member No.: 18,409



Encryption (despite the ability to eventually be broken fairly easily) is definitely the strongest defense against hackers. Even the non-Strong version will slow a combat hacker, but you're right, Strong Encryption (assuming the GM allows it) is the way to go.

The only real drawback is the need to have the Encryption program running at all times, so it takes up a program (or Ergonomic) slot on the 'link.
Go to the top of the page
 
+Quote Post
TheOOB
post Apr 19 2012, 03:01 AM
Post #3


Running Target
***

Group: Members
Posts: 1,290
Joined: 23-January 07
From: Seattle, USA
Member No.: 10,749



Strong encryption never sat right with me, if it was that easy to make a node arbitrary hard to hack, every node would use it. I rule that it takes as much time to legitimately bypass the encryption as it does to make a hacking test.

As for number 2, do you have a technomancer with whom you can trust to give that kind of power. If you slave your device to them, yes only they can give your devices commands, but your devices will also accept any command from them.

I usually just slave all my devices to my 'link, and use them all skin-linked, and then use another link for accessing the matrix and talking to team mates. That way my gun can't be hacked.
Go to the top of the page
 
+Quote Post
kzt
post Apr 19 2012, 04:22 AM
Post #4


Great Dragon
*********

Group: Members
Posts: 5,451
Joined: 27-August 06
From: Albuquerque NM
Member No.: 9,234



No, subscription lists. You can't forge/copy an access ID until you are on the same node as it, and you can't get on the same node because of the subscription list. ...
Go to the top of the page
 
+Quote Post
Yerameyahu
post Apr 19 2012, 04:25 AM
Post #5


Advocatus Diaboli
**********

Group: Members
Posts: 13,994
Joined: 20-November 07
From: USA
Member No.: 14,282



I'm not sure that's the case. Access IDs never seemed that hard to get.
Go to the top of the page
 
+Quote Post
kzt
post Apr 19 2012, 05:11 AM
Post #6


Great Dragon
*********

Group: Members
Posts: 5,451
Joined: 27-August 06
From: Albuquerque NM
Member No.: 9,234



QUOTE (Yerameyahu @ Apr 18 2012, 10:25 PM) *
I'm not sure that's the case. Access IDs never seemed that hard to get.

It's a matrix perception test against an icon. When do the rules say you can make a matrix perception test?
Go to the top of the page
 
+Quote Post
The Jopp
post Apr 19 2012, 06:35 AM
Post #7


Runner
******

Group: Members
Posts: 2,925
Joined: 26-February 02
Member No.: 948



I changed the Encryption rules so that everything is harder to do as you constantly fight against an adapting encryption program.

Encryption VS Decryption
Active encryption programs cover ALL avenues of a node/commlink and changes constantly by switching encryption keys on the fly. All tresholds against a node/commlink is raised by the program rating minus the attacker decryption rating up to a threshold increase of +/- 0. This works similar to how ECCM works with Signal rating against ECM (ECCM+Signal-ECM= Signal).


Go to the top of the page
 
+Quote Post
KarmaInferno
post Apr 19 2012, 07:40 AM
Post #8


Old Man Jones
********

Group: Dumpshocked
Posts: 4,236
Joined: 26-February 02
From: New York
Member No.: 1,699



A drone can be programmed to simply ignore specific commands or actions.

Technically, you should be able to program a drone to ignore any command that isn't preceded by the word "Snarfle".

(IMG:style_emoticons/default/grinbig.gif)




-k
Go to the top of the page
 
+Quote Post
Chainsaw Samurai
post Apr 19 2012, 08:32 AM
Post #9


Moving Target
**

Group: Members
Posts: 163
Joined: 4-August 10
Member No.: 18,890



QUOTE (KarmaInferno @ Apr 19 2012, 12:40 AM) *
A drone can be programmed to simply ignore specific commands or actions.

Technically, you should be able to program a drone to ignore any command that isn't preceded by the word "Snarfle".

(IMG:style_emoticons/default/grinbig.gif)




-k



Of course that's all sort of assumed speculation due to the complete lack of comprehensive rigging and drone rules.

I'm sure we'll get a really solid rigging rules set, and that's how we'll know SR5 is right around the corner.
Go to the top of the page
 
+Quote Post
Thanee
post Apr 19 2012, 08:39 AM
Post #10


jacked in
*********

Group: Admin
Posts: 6,520
Joined: 26-February 02
Member No.: 463



QUOTE (KarmaInferno @ Apr 19 2012, 09:40 AM) *
A drone can be programmed to simply ignore specific commands or actions.

Technically, you should be able to program a drone to ignore any command that isn't preceded by the word "Snarfle".

(IMG:style_emoticons/default/grinbig.gif)


You can do that, but Spoof still beats Snarfle. (IMG:style_emoticons/default/biggrin.gif)

Bye
Thanee
Go to the top of the page
 
+Quote Post
Psikerlord
post Apr 19 2012, 11:24 AM
Post #11


Moving Target
**

Group: Members
Posts: 292
Joined: 20-April 09
From: Sydney 'plex
Member No.: 17,094



Yeah strong encryption seems a bit too good to me. I'm tempted to houserule it to nexi/mainframes. Fits the fluff mostly. Basic encryption is mostly good enough, isn't it, for runners in the middle of combat? Rating 5 encryption is threshold 10 to break, which is what, at least 2 passes for a really good hacker? And then they have to actually hack your piece of gear. Would generally give you enough time to shoot the hacker, detect his attempt and switch off, or make your escape, etc ..?

As for techno's and slaving to their biological node, I'm thinking maybe houserule a -2 penalty to all dice rolls (similar to having Registered Sprites on hand) for each piece of gear slaved. Something to create a downside it?
Go to the top of the page
 
+Quote Post
Eratosthenes
post Apr 19 2012, 01:44 PM
Post #12


Moving Target
**

Group: Members
Posts: 356
Joined: 3-April 10
Member No.: 18,409



Slaving everything to the TM is problematic from since only he can command those things. Which means you aren't going to be using your commlink. You could also argue that all sensor feeds (i.e. from a smartlink) would go to the TM then, too.

And the TM only has so many subscriptions.
--

The idea of appending a word or something to the beginning of a command is fine, but hacking would ignore it. Hacking circumvents any and all standard security controls. The only real defense against it is a strong Analyze (to detect it) backed up with IC, and a strong Encryption (to prevent it).

Strong Encryption is powerful, but I figure that the time and resources it takes to set it up means it's not changed as frequently as standard encryption. Strong Encryption of 1 hour takes, IIRC, 1 hour to set up, which is an hour window where you have no encryption protection.

You could also easily have an agent running that changes the Encryption key (thus necessitating a hacker re-decrypt) every combat turn. Or running dynamic encryption.

But remember, running Encryption eats up resources that that nexus would likely want to be using on something else. It's not represented well rules wise (and I imagine it would be), but things that get in the way of their employees' productivity will always be weighed carefully with the advantages gained.
Go to the top of the page
 
+Quote Post
Bearclaw
post Apr 19 2012, 03:16 PM
Post #13


Shooting Target
****

Group: Members
Posts: 1,539
Joined: 26-February 02
From: Portland Oregon, USA
Member No.: 1,304



QUOTE (kzt @ Apr 18 2012, 09:22 PM) *
No, subscription lists. You can't forge/copy an access ID until you are on the same node as it, and you can't get on the same node because of the subscription list. ...


You can sniff the traffic to get the access ID, then spoof the ID to send a command. Hackers have been doing that since the (19)60's.
Every single bit of traffic you send has the info necessary to ID yourself, otherwise the receiving device would ignore the data packet, right? And you are broadcasting into the air. So, any idiot with the right gear can pick up your broadcast, open the packet and get your "access ID".
Go to the top of the page
 
+Quote Post
Yerameyahu
post Apr 19 2012, 03:23 PM
Post #14


Advocatus Diaboli
**********

Group: Members
Posts: 13,994
Joined: 20-November 07
From: USA
Member No.: 14,282



Indeed. Matrix Perception on an icon is *a* source of Access ID, that's all.
Go to the top of the page
 
+Quote Post
CrystalBlue
post Apr 19 2012, 03:30 PM
Post #15


Moving Target
**

Group: Members
Posts: 284
Joined: 16-June 05
Member No.: 7,450



Really, the only sure fire protection against combat hacking, or hacking in general, is to not use commlinks in the first place. Hence why I play mages and adepts that are also shifter. Not only do I not need a commlink, I don't know what one is. (IMG:style_emoticons/default/biggrin.gif)

The perfect plan...
Go to the top of the page
 
+Quote Post
Yerameyahu
post Apr 19 2012, 03:57 PM
Post #16


Advocatus Diaboli
**********

Group: Members
Posts: 13,994
Joined: 20-November 07
From: USA
Member No.: 14,282



You still need one, you just don't know it or have one. (IMG:style_emoticons/default/smile.gif)
Go to the top of the page
 
+Quote Post
kzt
post Apr 19 2012, 04:10 PM
Post #17


Great Dragon
*********

Group: Members
Posts: 5,451
Joined: 27-August 06
From: Albuquerque NM
Member No.: 9,234



QUOTE (Bearclaw @ Apr 19 2012, 09:16 AM) *
You can sniff the traffic to get the access ID, then spoof the ID to send a command. Hackers have been doing that since the (19)60's.

Logically, yes. But NOT by the rules.

By the rules you can't even record data streams that you can't decode.
Go to the top of the page
 
+Quote Post
Summerstorm
post Apr 19 2012, 04:16 PM
Post #18


Running Target
***

Group: Members
Posts: 1,000
Joined: 30-May 09
From: Germany
Member No.: 17,225



1. Hm... wasn't it that strong encryption only works on files... not on running systems? It is to make it slower to encrypt the relevant Data in time and on the run, not to secure systems. (Correct me if i am wrong... don't have the books at hand at the moment)

2. Technomancers (as written) are bullshit.
Go to the top of the page
 
+Quote Post
Tymeaus Jalynsfe...
post Apr 19 2012, 04:17 PM
Post #19


Prime Runner Ascendant
**********

Group: Members
Posts: 15,852
Joined: 26-March 09
From: Aurora, Colorado
Member No.: 17,022



QUOTE (kzt @ Apr 19 2012, 09:10 AM) *
Logically, yes. But NOT by the rules.

By the rules you can't even record data streams that you can't decode.


But since you cannot strongly Encrypt Communications, decryption becomes pretty basic.
Go to the top of the page
 
+Quote Post
Tymeaus Jalynsfe...
post Apr 19 2012, 04:18 PM
Post #20


Prime Runner Ascendant
**********

Group: Members
Posts: 15,852
Joined: 26-March 09
From: Aurora, Colorado
Member No.: 17,022



QUOTE (Summerstorm @ Apr 19 2012, 09:16 AM) *
1. Hm... wasn't it that strong encryption only works on files... not on running systems? It is to make it slower to encrypt the relevant Data in time and on the run, not to secure systems. (Correct me if i am wrong... don't have the books at hand at the moment)

2. Technomancers (as written) are bullshit.


1. You can Strong Encrypt a System as well, by the rules. It just takes time. (IMG:style_emoticons/default/smile.gif)
2. Technomancers are not all that bad, In My Opinion.
Go to the top of the page
 
+Quote Post
Eratosthenes
post Apr 19 2012, 04:54 PM
Post #21


Moving Target
**

Group: Members
Posts: 356
Joined: 3-April 10
Member No.: 18,409



You can encrypt the files.
You can strong encrypt the files. This takes time.

You can encrypt the node/nexus. This requires Encrypt to be running on the node/nexus.
You can strong encrypt the node/nexus. This requires Encrypt to be running on the node/nexus. This takes time.

You can encrypt your wireless signals. This requires Encrypt to be running on one of the two connected devices. This also takes up a subscription slot.

Probably the most impenentrable piece of IC would be one that runs Analyze and Encrypt. It alternates between doing a Matrix Perception Scan, and Encrypting the node (simple action). The drawback would be that it would need to continuously send out the encryption key to authorized users (likely a list of Access ID's), that a would-be hacker would have to continuously try to intercept.

Or just hack into the account of one of the recepients to get a live feed of encryption keys.
Go to the top of the page
 
+Quote Post
Draco18s
post Apr 19 2012, 05:39 PM
Post #22


Immortal Elf
**********

Group: Members
Posts: 9,946
Joined: 2-October 08
Member No.: 16,392



QUOTE (Bearclaw @ Apr 19 2012, 10:16 AM) *
You can sniff the traffic to get the access ID, then spoof the ID to send a command. Hackers have been doing that since the (19)60's.



QUOTE
Before you can spoof, you must have an access ID from which the
target accepts commands. This can be done by finding an authorized
user in the Matrix and 1) making a Matrix Perception test on her icon to
get her access ID. You can also use the 2) Capture Wireless Traffic action
to find legitimate orders
and then Trace the communication back to
its source, which will net you the access ID.


The former requires that you hack into the parent node in order to find the child nodes' access ID.
The latter requires that you intercept wireless traffic, and if there isn't any (skinlink, hardwire)...

But lets assume that there is wireless traffic.

QUOTE
Capture Wireless Signal (Sniffer)
[Complex action]
You eavesdrop on wireless traffic going to and from a device. You must
be within the device’s Signal range to capture the traffic. 2) You must succeed
in an Electronic Warfare + Sniffer (3) test to start the capture
,
and then you may copy, record, or forward the traffic without another
test as long as you remain within the target device’s Signal range and
keep the Sniffer program running.
There is no way for other parties to detect your capture (without
access to your commlink, of course). 1) If the traffic is encrypted, you
must break the encryption before it can be captured
.


QUOTE
Trace User (Track)
You trace an icon back to its originating node. 3)This is a Computer +
Track (10, Complex Action) Extended Test
. The target may increase
the threshold with the Redirect Trace action, and a Stealth program
run by your target acts as a negative dice pool modifier.
When you reach the threshold of the Extended Test, you have
successfully traced the target, learning the target’s access ID and the
location of the device housing the originating node (usually the user’s
commlink).


That's a minimum of 2 complex actions and 1 simple* before you can even begin spoofing.

*Decryption is a simple action if you have the key. If you don't...


QUOTE
In itiate Cryptanalysis (Decrypt)
[Complex Action]
You have your Decrypt program start working on an encryption to
which you have access. Cryptanalysis is an Electronic Warfare +
Decrypt (encryption rating x 2, 1 Combat Turn) Extended Test
. When
you reach the threshold, the encryption is broken. When you break the
encryption of a file, the file becomes decrypted. When you use this on
a node, you may access that node, but it remains encrypted to others.
Once you have initiated cryptanalysis, your Decrypt program
takes over and runs autonomously, using your Electronic Warfare skill
rating. A running Decrypt program can only work on one encryption
at a time, but multiple Decrypt programs can work on different
encryptions simultaneously; each Decrypt program makes its own
Extended Test and cannot collaborate with other programs.


Even a R1 Encryption on your comlink will delay the hacker enough to make him irrelevant in the first whole round of combat, and if you can finish the combat by the end of the 4th pass, it no longer matters if he gets in: combat is over. Adding in the additional 2 complex actions before a spoof can be attempted, that puts the hacker's earliest opportunity at Pass 3, Round 2.
Go to the top of the page
 
+Quote Post
Thanee
post Apr 19 2012, 06:11 PM
Post #23


jacked in
*********

Group: Admin
Posts: 6,520
Joined: 26-February 02
Member No.: 463



QUOTE (Psikerlord @ Apr 19 2012, 01:24 PM) *
Rating 5 encryption is threshold 10 to break, which is what, at least 2 passes for a really good hacker?


I think the time for one roll is a combat round.

Bye
Thanee
Go to the top of the page
 
+Quote Post
Draco18s
post Apr 19 2012, 06:14 PM
Post #24


Immortal Elf
**********

Group: Members
Posts: 9,946
Joined: 2-October 08
Member No.: 16,392



QUOTE (Thanee @ Apr 19 2012, 01:11 PM) *
I think the time for one roll is a combat round.

Bye
Thanee


It sure is, see above.
Go to the top of the page
 
+Quote Post
Tymeaus Jalynsfe...
post Apr 19 2012, 06:16 PM
Post #25


Prime Runner Ascendant
**********

Group: Members
Posts: 15,852
Joined: 26-March 09
From: Aurora, Colorado
Member No.: 17,022



QUOTE (Thanee @ Apr 19 2012, 11:11 AM) *
I think the time for one roll is a combat round, IIRC.

Bye
Thanee


Correct, Decryption takes an Entire Combat Turn (up to 4 passes).
So Rating 5 Encryption is likely to tie up the hacker for a minimum of 2 Turns, maybe more. (IMG:style_emoticons/default/smile.gif)
Go to the top of the page
 
+Quote Post

4 Pages V   1 2 3 > » 
Reply to this topicStart new topic

 



RSS Lo-Fi Version Time is now: 17th April 2014 - 03:49 AM

Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.