2 sure fire protections against "combat hacking", ok not totally sure fire Options

[Bearclaw]

At the end of all this, we've got a Commlink with:

• Response
• Signal
• System
• Firewall
• Optimised: Firewall
• Analyze 6 (Optimisation 1)
• Encrypt 6 (Optimisation 1)

Threshold to decrypt: 12.
Threshold to hack "on the fly": 12
... DP for hack to be detected: 13
... DP to terminate hacker's connection: 17
GRAND TOTAL COST: 15,900 nuyen.

If you're a samurai and you're dropping 10K or 20K on each of 2-4 guns, not to mention 100K to 150K on bioware and cyberware? 16K nuyen for a reasonably hack-defended commlink should be the default.

So in the game I was playing in up to a couple of weeks ago, I played the hacker. I rolled 19 dice for pretty much all hacking related tests, and edge of 5 and 5 initiative passes. No military grade software or hardware. I was just getting to the point of going after the good stuff.
But seriously, I need 12 successes on a hacking test to own your system? 19 dice gets me 6 successes, so 2 of my 5 IPs are spent hacking. If I don't choose to use edge. You get 2 rolls with 13 dice to get 6 hits, so it's possible you might detect me, if I don't use edge. But you're not going to win the fight to dump me.
But you might get the alert and shut down your commlink. OK, I win. No communication with your team, no Battle-tac, no smart link. If that's loosing the battle, imagine what I get for winning. As the hacker, if we get ambushed or something where I don't have time to do any real damage, if I can kill the oppositions comm's, I've done my job. Then I pull out my Predator and look for targets of opportunity.

[KarmaInferno]

Yes, it can be done. But no, it still wouldn't defeat the Spoof program. That's part of the Spoof test: finessing the command into something that the device would recognize as a legitimate command, based on wireless traffic captured. If you get the format right, it works; if you don't the command gets ignored at best, triggers an alert at worst.

It's no different than determining if commands sent to the device should be in a Bourne-shell style syntax, or a C-shell style syntax.

Outright disabling certain commands, however, can be done at the account level, instead of how the commands are formatted. Basically turning off certain features.

The only problem with this is that, by the rules, the spoofer does NOT need to have captured ANY wireless traffic, if he's somehow obtained the Access ID by other means.

This implies that the spoofer is just sending out standardized commands rather than tailoring the syntax to the specific target.

In any case, drones should definately be set to ignore commands telling them to re-subscribe to someone else, or disable their firewalls/security, and the like. There's just no good reason the owner would ever send those sorts of commands remotely.

Of course, the most paranoid could pre-program a list of instructions to be executed on specific triggers. Like, "Fire on any targets I'm marking with this coded target designator, when the coding changes from Pattern A to Pattern B", or "send me an alert if you see 'people with weapons' that are not on this list." Then disable remote command access to the drone entirely.

Really, drone interception should be damn near impossible if the owner is using something like a rotating personal cipher, but the rules don't really support that sort of encryption, at least for signal traffic.




-k

[_Pax._]

My quibble is that there is no stealth program. You can slow them down more by using stealth. Before they can decrypt, they have to analyse your icon to determine if it IS encrypted. Having a stealth program makes this an opposed test. It reduces how much information they get per attempt at minimum, and denies them any information for that attempt at max. Have no stealth makes your system easy to look at.

Actually, there sort of IS. And even better, it's not a Program, it's a hardware plug-in. "Nonstandard Wireless Link", from Unwired. It functions to make Scan attempts harder (by adding it's rating to the Threshold IIRC). Any character can start with one of these modules at Rating 3 (1,500 (IMG:style_emoticons/default/nuyen.gif) , Availability 12). Advanced characters can go all the way to rating 6 (3,000 (IMG:style_emoticons/default/nuyen.gif) , Availability 24). Or, with Restricted Gear, you could get a single Rating 5 unit (2,500 (IMG:style_emoticons/default/nuyen.gif) , Availability 20).

As an aside, I would probably houserule that system with a "weakest link" limitation: the lowest rated NSWL module in use, determines how resistant ALL devices in that PAN or "team-area network" are to detection. So if I've got a R2, and you have an R4, and we're connected to each other ... your module has had to downgrade itself to match mine .... mostly because mine has a more limited suite of alternate frequencies it can even SEE.

...

Anyway, my point was: it's entirely possible to achieve reasonable resistance to mid-combat hacking, if your character is simply forward-thinking enough to PLAN for it, and spends some nuyen accordingly. It could be taken a step further, too, if you build the example I listed as a firewall proxy. With a program limit of 5, it's got 3 spaces left. Enough to load an Agent with some Black IC onto it, and give the hacker something to REALLY think about while the proxy tries to dump them back out ...!!

...

Cheap 500-nuyen comlinks are for middle-school children, NOT "freelance black-ops specialists" ... a.k.a. Shadowrunners. (IMG:style_emoticons/default/cyber.gif)

[Eratosthenes]

The only problem with this is that, by the rules, the spoofer does NOT need to have captured ANY wireless traffic, if he's somehow obtained the Access ID by other means.

This implies that the spoofer is just sending out standardized commands rather than tailoring the syntax to the specific target.

In any case, drones should definately be set to ignore commands telling them to re-subscribe to someone else, or disable their firewalls/security, and the like. There's just no good reason the owner would ever send those sorts of commands remotely.

Of course, the most paranoid could pre-program a list of instructions to be executed on specific triggers. Like, "Fire on any targets I'm marking with this coded target designator, when the coding changes from Pattern A to Pattern B", or "send me an alert if you see people with weapons that are not on this list." Then disable remote command access to the drone entirely.

Really, drone interception should be damn near impossible if the owner is using something like a rotating personal cipher, but the rules don't really support that sort of encryption, at least for signal traffic.

I think the problem is that the system is an abstraction. The Spoof command abstracts the work needed to tailor the commands in the correct format. Perhaps it's listening in to traffic to and from the device, perhaps it's analyzing feedback from standardized matrix signals (i.e. logistical commands for maintaining the mesh network), etc. etc. It's why spoofing can fail; sometimes you don't get the formating correct.

Likewise, the rotating personal cipher is abstracted with the Encrypt program, specifically comms encryption. Perhaps it is doing that, but the Decrypt program has found a way to circumvent it, or to break it by looking at repeating standard carrier formating for cryptanalysis to identify the algorithm to vary said rotating cipher.

Either way, those are abstracted into the Spoof and Encrypt/Decrypt functions.

I agree that any intelligent rigger would disable those commands. Intelligence, however, is a rare and valuable commodity often in short supply.

[Eratosthenes]

Actually, there sort of IS. And even better, it's not a Program, it's a hardware plug-in. "Nonstandard Wireless Link", from Unwired. It functions to make Scan attempts harder (by adding it's rating to the Threshold IIRC). Any character can start with one of these modules at Rating 3 (1,500 (IMG:style_emoticons/default/nuyen.gif) , Availability 12). Advanced characters can go all the way to rating 6 (3,000 (IMG:style_emoticons/default/nuyen.gif) , Availability 24). Or, with Restricted Gear, you could get a single Rating 5 unit (2,500 (IMG:style_emoticons/default/nuyen.gif) , Availability 20).

The non-standard wireless link only raises the threshold for detection by 1. It's rating becomes the Signal of the device into which it is installed.

Anyway, my point was: it's entirely possible to achieve reasonable resistance to mid-combat hacking, if your character is simply forward-thinking enough to PLAN for it, and spends some nuyen accordingly. It could be taken a step further, too, if you build the example I listed as a firewall proxy. With a program limit of 5, it's got 3 spaces left. Enough to load an Agent with some Black IC onto it, and give the hacker something to REALLY think about while the proxy tries to dump them back out ...!!

...

Cheap 500-nuyen comlinks are for middle-school children, NOT "freelance black-ops specialists" ... a.k.a. Shadowrunners. (IMG:style_emoticons/default/cyber.gif)

I agree. A reasonably defended system is relatively affordable.

[Tymeaus Jalynsfe...]

Actually, there sort of IS. And even better, it's not a Program, it's a hardware plug-in. "Nonstandard Wireless Link", from Unwired. It functions to make Scan attempts harder (by adding it's rating to the Threshold IIRC). Any character can start with one of these modules at Rating 3 (1,500 (IMG:style_emoticons/default/nuyen.gif) , Availability 12). Advanced characters can go all the way to rating 6 (3,000 (IMG:style_emoticons/default/nuyen.gif) , Availability 24). Or, with Restricted Gear, you could get a single Rating 5 unit (2,500 (IMG:style_emoticons/default/nuyen.gif) , Availability 20).

Sort of... A Non-Standard Wireless Link is just a non-standard frequency module. Mechanically, It raises the threshold to be detected (on a Scan) from 4 to 5. Not easy, but not impossible, either. The Rating is just how powerful a Signal it produces. It essentially replaces the Signal Rating of your Comlink with a Non-Standard Signal Rating.

NSWL is awesome. All Security and Military communications should be on NSWL's.

EDIT: Ninja'ed by Eratosthenes...

[Eratosthenes]

Sort of... A Non-Standard Wireless Link is just a non-standard frequency module. Mechanically, It raises the threshold to be detected (on a Scan) from 4 to 5. Not easy, but not impossible, either. The Rating is just how powerful a Signal it produces. It essentially replaces the Signal Rating of your Comlink with a Non-Standard Signal Rating.

NSWL is awesome. All Security and Military communications should be on NSWL's.

EDIT: Ninja'ed by Eratosthenes...

Sorry! (IMG:style_emoticons/default/biggrin.gif)

I agree, NSWL is awesome. And it's possible to get Signal 6 at Chargen with it (if you feel you need it).

[Yerameyahu]

If they're *all* on NS… it's then standard. (IMG:style_emoticons/default/nyahnyah.gif)

[KarmaInferno]

I think the problem is that the system is an abstraction. The Spoof command abstracts the work needed to tailor the commands in the correct format. Perhaps it's listening in to traffic to and from the device, perhaps it's analyzing feedback from standardized matrix signals (i.e. logistical commands for maintaining the mesh network), etc. etc. It's why spoofing can fail; sometimes you don't get the formating correct.

I agree that is the way it SHOULD work. A hijacker should be required to Capture Wireless Signal first, decrypt and analyze the signal, then attempt to spoof.

But that's not how the rules are written.

It is probably not unreasonable to postulate that the Spoof test includes all of this, but that's pure player/GM speculation.

Likewise, the rotating personal cipher is abstracted with the Encrypt program, specifically comms encryption. Perhaps it is doing that, but the Decrypt program has found a way to circumvent it, or to break it by looking at repeating standard carrier formating for cryptanalysis to identify the algorithm to vary said rotating cipher.

Either way, those are abstracted into the Spoof and Encrypt/Decrypt functions.

Eh. The personal cipher is something off the top of my head as a classically "uncrackable" code method. It's not really modeled well in Shadowrun.

Personal ciphers are not good for standard communication. What they are consists of a word or words that mean entire concepts or ideas.

Best example I can think of right now is "Execute Order 66". Without knowing beforehand what specific orders that phrase is attached to, the words are meaningless.

Standard encryption works by transforming a message or data using math. Unless you know the math used, you can't transform it back. But because the transformation is based on math, it's based on a standardized known element, so it's possible to study the coded message for patterns to figure out that math.

There are no patterns in a personal cipher. Really, it's not encryption at all. It's a word-substitution cipher.

At it's simplest is this: You have a command known to both you and someone else. You assign a random word to this command. When the other person receives that cipher word from you, he executes the associated command.

The "rotating" part comes into play because, well, if you just used the one cipher word, anyone listening to you could eventually figure it out. So instead of one word, you generate a list of words. Once you have used the first word, both you and the other person switch to the second, and so on. You generate a different list for each command you want protected.

The practical upshot is, you need the word list to crack this sort of cipher.

Which you cannot get by merely listening.

If it were a rigger and a drone using this system, you'd have to hack one or the other to get the list, but by that point, why bother with the list, you've already hacked into their system.

I agree that any intelligent rigger would disable those commands. Intelligence, however, is a rare and valuable commodity often in short supply.

This is completely true, especially considering the vast majority of "hacks" in the world today exploit the fact that so many people don't keep their security updated.

You see software patches released all the time to close this or that security loophole. But looking around, a staggering number of systems don't have them applied.




-k

[Bearclaw]

Rotating cyphers have been around for a long time, and are exactly the kind of thing computer code breaking was invented for. It's not that big of a deal. So far as I know, there's NOTHING that the big guys with the big computers can't break. And with Moore's Law, there's no reason to believe your commlink in 2072 won't be much faster than the big-ass systems the NSA uses now.
My point is, it's safe to assume that a decrypt program can handle any of that. And if someone comes up with a new system, 2 days later the crack will be on Shadowland, and 2 days after that it will be a standard part of the new decrypt program.

[KarmaInferno]

The problem is, there IS no breaking of that sort of cipher.

You either have the word list or you don't.

There is no math involved. You can have the most powerful god computer on ten planets and it won't matter.

It's like a One Time Pad. If executed properly, the cipher is simply impossible to crack.

It's not encryption. It's a cipher.



-k

[MK Ultra]

Re: cipher

The problem with that is, that it severly limits your options. You can only use it for a limited number of preprogrammed command sets. At some point you can't manage the cipher list anymore without dedicated software, that uses algorithms to produce/use the ciphers (id say thats part of the encrypt utility), and that´s vulnerable to decrypt again.

So, if u use ciphers in game, I´d rule they are limited to very strickt preset commands, kind of like a trained dog. And definitly there will be no jumping in.

[almost normal]

KI is right. There is no way to crack the code, as the code could just as likely mean one command as another.

In general; Don't be a dick. If you try to make your hacker completely invincible to every attack with god-like equipment and skills, then surpass that by rules lawyering and flip flopping between simulation and gamesmanship to give yourself the ultimate edge, then he's got a duty and right to send the Black Chopper teams after you, to counter this obvious war insurgent.

[almost normal]

Re: cipher

The problem with that is, that it severly limits your options. You can only use it for a limited number of preprogrammed command sets. At some point you can't manage the cipher list anymore without dedicated software, that uses algorithms to produce/use the ciphers (id say thats part of the encrypt utility), and that´s vulnerable to decrypt again.

So, if u use ciphers in game, I´d rule they are limited to very strickt preset commands, kind of like a trained dog. And definitly there will be no jumping in.

I'd prefer if you didn't try to use the real world as why it can't be done. Computer generated one time ciphers can be created in pages by the millions, in just a few seconds. It's more of an annoying game thing, in which case, you're completely correct.

[almost normal]

Rotating cyphers have been around for a long time, and are exactly the kind of thing computer code breaking was invented for. It's not that big of a deal. So far as I know, there's NOTHING that the big guys with the big computers can't break. And with Moore's Law, there's no reason to believe your commlink in 2072 won't be much faster than the big-ass systems the NSA uses now.
My point is, it's safe to assume that a decrypt program can handle any of that. And if someone comes up with a new system, 2 days later the crack will be on Shadowland, and 2 days after that it will be a standard part of the new decrypt program.

The problem is, the theoretical super-computer could only tell you what the message possibly said, with no real certainty. Now, if you intercepted a message to a drone, and knew what language the drone was using, and had a reasonable guess as to what commands would be sent to the drone, you could get a fairly good set of guesses as to what command was sent, but that still doesn't allow you to determine which cipher is going to be sent next, and how to decrypt that one.

[Eratosthenes]

The problem is, there IS no breaking of that sort of cipher.

You either have the word list or you don't.

There is no math involved. You can have the most powerful god computer on ten planets and it won't matter.

It's like a One Time Pad. If executed properly, the cipher is simply impossible to crack.

It's not encryption. It's a cipher.



-k

Actually, it does involve math. Or, more specifically, math can be used to represent it.

Boiled down, any command-action sequence boils down to:

Command A -> (maps to) Action A
Command B -> (maps to) Action B
Command C -> (maps to) Action C

With a standard cipher, be it standard text-replacement encryption, a word cipher, etc, you end up with:

Command X -> Action A
Command Y -> Action B
Command Z -> Action C

Throw in the rotating part:

Command G, M, or X -> Action A
Command H, N, or Y -> Action B
Command I, O, Z -> Action C

In effect, the system you describe is, mathematically speaking, no different than if they'd applied a Letter A = Letter X substitution cipher (though it is more complex, since you cannot do standard pattern distribution analysis). So in attempting to decipher the comms encryption, the Decrypt program would look for similarities corresponding to command-action. Perhaps there are some diagnostic bits that are transmitted to confirm the command, which would bely the encryption. Etc. Over time (which is why it's an extended test), the decrypt at least get a close approximation of the cipher used.

This differs from a one-time pad, in that a one-time pad uses a random sequence of mappings for each data bit (letter, byte, word, etc.) that does not repeat. This scheme uses a small list of terms to represent actions, that would, out of necessity, repeat occasionally.

You could argue that the list could be arbitrarily long, to defeat this, but I think that starts getting into the realm of the optional Strong Encryption rules, and would not be tenable for comms encryption.

Again, its an abstraction.

[Tymeaus Jalynsfe...]

If they're *all* on NS… it's then standard. (IMG:style_emoticons/default/nyahnyah.gif)

Not really. Civilian Communications is Standard. Anything else is Non-Standard. (IMG:style_emoticons/default/nyahnyah.gif)

[_Pax._]

The non-standard wireless link only raises the threshold for detection by 1. It's rating becomes the Signal of the device into which it is installed.

Sort of... A Non-Standard Wireless Link is just a non-standard frequency module. Mechanically, It raises the threshold to be detected (on a Scan) from 4 to 5. Not easy, but not impossible, either. The Rating is just how powerful a Signal it produces. It essentially replaces the Signal Rating of your Comlink with a Non-Standard Signal Rating.

Huh. Well, I've not had occasion to actually use them (yet), so ... learn soemthing new every day. (IMG:style_emoticons/default/smile.gif)

NSWL is awesome. All Security and Military communications should be on NSWL's.

Absolutely concur. Every rigger should use them for their drones, as well.

If they're *all* on NS… it's then standard. (IMG:style_emoticons/default/nyahnyah.gif)

No, really it's not.

Look at real life. For wireless computer networks, using one or another of the 802.11 protocol revisions, most networks use one or another fairly specific ranges of frequencies. 802.11b/g/n use 2.412GHz to 2.484GHz; 802.11y uses 3.6575GHz to 3.6900GHz (in half-megahertz steps); 802.11a/h/j/n use 4.915GHz to 5.825GHz (depending on the country you're in, the range can be much narrower on one or the other side).

So what happens if a corporation decides to put it's security systems on a few nonstandard frequencies? Say, Cameras around 1.8GHz, drones around 3.2GHz, security-personnel comlinks at 4.3GHz?

Scan will eventually find them - but it's going to look at the 2.4, 3.6,and 5.0 bands first, and it's going to check each band for any of their dozen (or more) possible channels ... listening to each for a fraction of a second, and then determining if there's a pattern to what it picks up. Only after it's exhausted those possibilities - the "easy, slow-moving targets" if you will - is it going to continue on to the nearby frequencies.

Andnot every corporation would necessarily use the same frequency ranges for the same gneral purposes. Even within a single corporation, those ranges can change. Hell, even within a SINGLE SITE, there might be differences (like maybe, the interior drones and cameras in Lab Seven are all on a 6GHz frequency ... 'cause even the normal site security isn't allowed to know what goes on in there!)

Thus, for a modest (in Corporate terms) investment, you slow down would-be hackers. Furthermore, since your security systems ARE on nonstandard channels, if you manage to CATCH some cheese-for-brains script kiddie hacking your cameras? They can't argue a lack of intent to hack 'em. (IMG:style_emoticons/default/smile.gif) Also also: less likely some wageslave will pick up the signal from the camera that just watched him in the bathroom. In his home. At midnight.

(Not every advantage to a corp has to come in terms of "stop shadowrunners", after all.)

...

Of course, taken to it's logical extreme, the cameras should all be using Laser or Microwave-beam directional links, not "scream at the whole world" omnidirectional wireless transmissions ...

[Yerameyahu]

It was a joke. (IMG:style_emoticons/default/smile.gif) Yes, 'non-standard' just means 'we use some random unexpected range/system'. If literally everyone does it, it just means that Threshold+1 is the new 'normal' Threshold, not that they all get easier again.

[almost normal]

It was a joke. (IMG:style_emoticons/default/smile.gif) Yes, 'non-standard' just means 'we use some random unexpected range/system'. If literally everyone does it, it just means that Threshold+1 is the new 'normal' Threshold, not that they all get easier again.

For once, I agree with yahoo, after finding one NSW signal, that freaq range is the first I'm going after.

[_Pax._]

For once, I agree with yahoo, after finding one NSW signal, that freaq range is the first I'm going after.

That's actually why I suggested that (smart) corps might split their setups up across multiple frequency ranges.

...

For added cruel-bastardry: every camera is doubled. One on a standard frequency, one on a nonstandard frequency. Most hackers will find the standard one, and deal with it, no problem.

But the parallel "shadow" camera? Still feeding video to the security goons' systems. Sucks to be the runners THAT night, eh? (IMG:style_emoticons/default/grinbig.gif)

[Yerameyahu]

That's 'Yerameyahu' or 'Yera'. (IMG:style_emoticons/default/smile.gif) And my non-joke point was that you *couldn't* do that; they'd all be on various crazy freqs (presumably your computers keep it all straight somehow, that's what abstract rules are for).

[Lantzer]

Stealth affects icons (personas, programs), not the node in general, IIRC. You can hide an IC program that's actively scanning the node, but not the fact that the node itself is encrypted.

Nodes as seen from the outside are icons too. SR4A p224.
Nodes can use stealth to oppose a matrix perception test to determine if an icon is: a node or a program or a user, a node on alert, a encrypted node, databombed... SR4A p228.

Nodes from the inside are places/surroundings containing other icons, such as the aformentioned sneaky IC.

Stealth usually won't stop a hacker from hacking your node, but it may slow him down.

[KarmaInferno]

You could argue that the list could be arbitrarily long, to defeat this, but I think that starts getting into the realm of the optional Strong Encryption rules, and would not be tenable for comms encryption.

Again, its an abstraction.

"Arbitrarily long" is relative.

A list of two dozen words per command isn't much, especially if you have your commlink handling the substitutions. It just takes planning. It is unlikely that you'd execute the command often enough for the list to start repeating, at least not in the presence of anyone listening in to try and break the cipher.

If you never repeat the list, the system cannot be broken.

That said, I will agree that it's not tenable for regular comms, and I said as such. It's for the secure transmission of a limited set of commands, the kind that an ops team might communicate with hand signals.

I'd just like Shadowrun to be able to model this kinda thing, but I guess it'd make hacking as a role much less viable.



-k

[Eratosthenes]

Nodes as seen from the outside are icons too. SR4A p224.
Nodes can use stealth to oppose a matrix perception test to determine if an icon is: a node or a program or a user, a node on alert, a encrypted node, databombed... SR4A p228.

Nodes from the inside are places/surroundings containing other icons, such as the aformentioned sneaky IC.

Stealth usually won't stop a hacker from hacking your node, but it may slow him down.

Good find. You're right. I was thinking about how could a node disguise itself to something outside itself...but that's pretty much what your persona's doing with its Stealth program. The persona + stealth program's running on your commlink, yet disguising its actions on whatever node you're visiting.

And I can see a node, in this regard, being similar to a persona program. It's just another icon in the matrix.

So I guess if a node is running Stealth, and a piece of IC or Persona residing on that node is also running Stealth, you use the higher rated of the two?