Here's a copy of an email I sent to the ShadowRN mailing list explaining how to hack a smartlink

> Our Technomancer wanted to know how he could hack into someone's PAN and
> turn off their Smartlink (or what have you). From what I figured, he'd have
> to do this:
>
> Extended Test (1 Combat Turn) to locate the PAN of the user.

This is an extended test using Electronic Warfare + the Scan program
(4, 1 combat turn), and assumes that the target has his commlink in
hidden mode (which he will, unless he's an idiot).

Assuming your hacker has Electronic Warfare at 5, and Scan at 6, he
will net on average 3.6 successes, meaning one or two complex actions
depending on his luck

> Extended Test (1 Combat Turn) to decrypt the signals from the user.

This is an extended test using the hackers encrypt program + his
commlinks response (assuming 6 on both of these). The threshold is
twice his targets encrypt rating, with a an interval of 1 combat turn.
Now the rules state that encryption is everywhere, yet doesn't
actually state whether commlinks etc come with built in encryption, or
whether you have to buy the program yourself and run it. However you
work it, lets assume he's got an encryption rating of 4. This means
that you have a threshold of 8. This will mean on average, two
complex actions to decrypt

An alternative thought on this, is that the "default encryption" is
accounted for in the breaking in test. If you use this line of
thought, then the decrypt test won't happen at all, unless the target
is running an encrpyt program they have specifically purchased. This
is the approach that "feels right" to me, but will of course lead to
every single runner purchasing an encrypt program

> Simple Action to sniff the data (now unencrypted) to find the Smartlink.

Nope, he know needs to break in. This is a Hacking + Exploit extended
test with a threshold of 1 initiative pass, and a threshold equal to
the firewall. Now, assuming Exploit 6 and Hacking of 5 and the target
has a Firewall of 4, he's got 11 dice, meaning 1 or 2 turns to break
in on average. At this point, the targets commlink gets an Analyze +
Firewall test against your hackers stealth rating. Assuming the
target isn't a hacker running analyze, the commlink rolls 4 dice to
try and get 6 (the hackers assumed stealth program rating) hits.
Should it somehow pull off this miracle, it triggers an alert,
otherwise your hacker is in.

The problem is, he's in with personal account access (assuming the
target even has personal account level access). It's probably not
enough to actually do anything, and certainly not enough to commandeer
the targets cyberware. For that, you will certainly need admin
access, and that adds +6 to the threshold to get in. So now, your
hacker is rolling 11 dice vs a threshold of 10. That's 3 complex
actions worth of hacking. It's also 3 chances for the commlink to
stack up success and trigger an alert. Admittedly, only rolling 4
dice each turn, even with 3 turns of rolling still generally won't get
the 6 total hits needed to get past the hackers stealth program, but
it is possible.

> Simple Action to command the smartlink to turn off.

Nope, this is a complex action, using the Control Device Matrix
action. Depending on the GM, you may or may not have to make a roll
to pull this off, but I think it's safe to assume that turning off the
smartlink will not require a roll. Bear in mind though, that turning
it back on will probably only be a free action for the target

> So, approximately 2 full Combat Turns (6 seconds) plus another full
> Initiative Pass (possibly another 3 seconds) to turn off a Smartlink.

No, we're looking at 1 or 2 complex actions to get find the PAN.

Possibly 2 complex actions to decrypt

3 complex actions to hack himself admin access

1 complex action to turn off the smartlink. So maybe 8 complex
actions, meaning that someone with 3 initiative passes (ie a wired
hacker, or a hot simming hacker) will take 3 combat turns to achieve
this.

> Is that right? Did I miss something? Could a Hacker cause the Smartlink to
> take dice away from the shooter's pool, instead? (So, instead of giving a
> +2, give it a -2 because it's subtly moving the targeting point away.)

Using the control device action, the hacker can command the smartlink
to do anything the smartlinks owner could command it to dosuch as
"Turn off. Turn on. Report status" etc.

You could also use the Edit command to play with the signal from the
smartlink. Assuming it was subtle, the GM could probably let the
hacker get away with a dice penalty, at least until the target turns
off or starts ignoring his smartlink. Each Edit action will only last
one combat turn though, so you will need to keep doing this, unless
you have previously used a control device action on the smartlink

Some alternative techniques include disabling the targets spam filters
and/or hitting them with a load of spam. Perhaps putting their
commlink on active mode? Unsubscribing devices? Disabling the
targets simlink? Turning off their cybereyes if they have them would
certainly be effective, even if they can be turned on again with a
free action. It would certainly be distracting.

There are two ways to access the Matrix, and thus, two different types of Matrix initiative.

Augmented Reality mode and Virtual Reality mode

In AR mode, you use your real world initiative, because you accessing the matrix from the real world with the matrix specific elements overlayed on top. More specifically, the hacker rolls his initiative just like everyone else, and he has to mix and match real world actions with matrix actions

In Virtual Reality mode, your body is effectively comatose whilst you access the Matrix. This is effectively the way the Matrix worked in SR3. If you're cold simming it, your initiatve is based on your commlinks response rating, plus your hackers intuition and you get two initiative passes.

If you're hot simming it, your initiative is based on your commlinks response + your hackers intuition + 1, and you get 3 initiative passes