That's how I work it, though it's never explicitly spelt out either way in the rules. That being said, if you are sending it over local networks, you had want to be running encryption

Being outside your signal doesn't make any difference either way. Subscribing simply tells your device not to communicate with any devices other than the device it's subscribed to (ie your commlink). Whether the communication takes place over a network or directly from your own commlink doesn't matter.

Either way, you still need to be careful of spoofing.

It can be subscribed, and you can also issue the pilot with commands on what to do if it loses it's signal with you for some reason. That can include shutting down. If someone else does find it, simply turning it on won't make it theirs. They would need to either spoof a command to it, or hack the thing and subscribe it to their own commlink.

In regards to hacking it, it comes with a system rating, as do all electronic devices (p 214). In this instance, it would be either 3 or 4 depending on the drone and your GM. Being that it has a system rating, you can load it with IC, install a new OS on it, or increase the response and/or signal on it. That's how you stop it being hacked.

Sprites aren't devices, they're programs. Which means that if you can't communicate with your drone, you can't send a sprite to it. Your best bet would simply be to tell it that upon loss of signal, head towards the last position it was able to receive a signal from you.

Other than that, the best idea is to not let it get in to an area with no wireless or outside of your signal range

Is there a book reference for this? Not doubting you, just curious so I can read up more on it.

I belive that "In [hidden] mode, your PAN is invisible to other nodes unless you access or authorize them" from p.211 is what PlatonicPimp is referring to. Seems pretty clear cut to me: if the nodes that connect your wireless devices to the rest of the world-wide matrix can't see you because you're "invisible", then yes, there's no connection.

I imagine this is also why operating a personal commlink in hidden modes in certain high-security neighborhoods is on par with driving a car at night with no headlights on. If you're in hidden mode, the authorities can't make negiborhood specific broadcasts to you about things like severe weather warnings, Amber Alerts, and industrial accident evacuation notices.

There's nothing in the rules that would suggest that you wouldn't still be hackable. Quite the opposite actually.

However, if you're smart, you can still keep the other kids from playing with your toys.

First off, you'll want to make sure that all your wireless signal links are encrypted. For someone to intercept your wireless signal, they'll have to break your signal's encryption as well. If they do crack your encryption and intercept your signal, they'll have to perform a matrix perception test to determine the access ID associated with the commands you're sending to the drone; a good stealth program can help make that harder for your opponent. Only once they've cracked your encryption, intercepted your signal, and gotten your access ID, they can attempt to spoof a command to your subscribed devices.

As defense in depth, and if you don't mind the performance hit of you and the drone spending a few extra actions on a periodic basis, I'd suggest using one time pads to rebuild your PAN on a periodic basis. The one time pad is a file that contains a sequenced list of multiple passcodes, and access IDs for both the controlling commlink and the drone (these access IDs would be pre-generated by the spoof program). The list should have thousands of entries, and you should have at least one pad for each pair of devices that'll be communicating.

Under secure conditions, load copies of the pad both onto your commlink and to the drone. Program the drone to expect you to send an encrypted file to it over the already encrypted wireless signal every 2 minutes (shorter or longer duration depending on your paranoia), and if it doesn't receive the encrypted file, it is to ignore nearly every command issued to it over the wireless signal. Make sure that this program and any one time pad files that you load can only be modified by someone who has the drone's administrative password, and is in direct skinlinked contact with the drone.

The encrypted file that you transfer to the drone every 2 minutes (throw a data bomb on it too, if you like) will contain a command instructing the drone that you're going to be unsubscribing it, breaking the current encrypted wireless link, and changing your commlink's access ID. The file will also instruct the drone to change it's own access ID. When the encrypted file arrives, the drone should run analyze on it to make sure it hasn't been edited along the way, and then pull the passcode from its copy of the one time pad to decrypt it (and disarm the databomb on it, if you use those).

The new access IDs, the passcode for the new encrypted wireless link that'll be established after the access IDs are changed, and the passcode to decrypt the next encrypted file that'll be sent are all to be taken from the next line in the one time pad.

This way, you're rebuilding your PAN on a periodic basis, with a new encryption on a new wireless link, and a new access ID that's needed for spoofing commands. I suppose someone who's monitoring your traffic over a long period of time could use exploit or possibly decrypt to locate patterns in your one time pad to be able to pick out any flaws and patterns in your randomly generated passcodes and guess at the next line of your one time pad, but I'm not sure how exactly I'd model that through the rules. Probably hacking+exploit with a high threshold, with -1 threshold for each time you've cracked an encryption password and determined the access IDs for a previous line of the one-time pad file.

Even in hidden though, several ports are still active. Your smartgun is talkign to your link, so is the memory module, and your goggles that are receiving the smartgun info, and maybe your drone nearby, and the earbuds ou have receiving streaming music, etc... All your personal wireless devices are still talking. That communication is going to be accessing some wifi port. If it's open, it can be hacked....sure, you need to beat the encryption, and any firewall, and so on and so forth, but it's still wireless traffic.

In the end, I may have to accept the excuse "That's just the way it works", but I sure hope they can refine the explanations in a future sourcebook

If you don't opt to use skinlinking instead of wireless for any item on your person (everything but the drone on the above list) then you deserve the eventual hacking you're going to get.

And as for the drone, you should always be thinking in the back of your head "what if someone sucessfully spoofs a command to it; what if someone edits the data feed the drone is sending back to me?"

Which rules are you reading? Because in my copy, the rules for finding a hidden PAN are on pg 225, and once you've detected it, you can hack it like any other network.

Or a 4 threshold, if you "Know what you're looking for". i.e. "Those drones that are shooting up my team are being controlled by a PAN in hidden mode, let's see if I can find it" or "The Johnson's PAN isn't showing up, so it's hidden, lemme see if I can locate it so I can break in and find out who they work for".

15 Threshold if you decide "Well, I know one of the runners in this crowded bar is the guy I'm looking for, let's pick his PAN out of the dozens of Hidden-mode PANs in the room."

Since the description of skinlinking in the accessories section under commlinks in the gear chapter uses the wording "a device" I belive that it's 50¥ for each device you want skinlinked.

Now for technomancers, the book's not clear as to whether their organic commlink can directly access skinlinked devices, but I figure they're already manipulating EM fields to be able to broadcast their wifi, so manipulating a field that's closer to home should be even easier.

I concur; skinlink is a modification done to individual devices. IIRC all electronics by default are wireless, unless you specifically ask for the wireless model (thereby gaining funny looks) or perform a B/R test to go in and gut the WiFi bits. Skinlinks, however, are non-default accessories.

Technos have built-in WiFi but nothing talks about built-in skinlinking (that I've found yet).

I mean, skinlinking could very well be an extension of their particular hocus-pocus, but by the same token when I touch two radio antennas together I don't get better reception.

Which raises a question, what do they interface it with? It's not like the organic commlink in their brains comes with a built in port labeled "Plug skinlink adapater cable here."

If they can't do their own skinlinking (which nothing in the book says that their organic commlink is skinlink capable) then the next step would be to get a manufactured commlink that was skinlink capable, and then use their organic commlink to network through it. But that means a wifi link between the organic commlink and the skinlinked manufactured one, which defeats the purpose of having a commlink just to be able to run skinlinking.

The other option is to go oldschool, implant a datajack and run a cable, but that means scacrificing Resonance. Although, since many technomancers were supposedly "born" while jacked into the Matrix during Crash 2.0, it'd make sense that a lot of them would have been using a datajack to access the matrix.

Well its one real advantage is that it can't easily be taken off you.

It can be hacked though, just like a skinlink. If you've got a commlink that's got wireless connectivity, then anything subscribed to it can be hacked, even if it's skinlinked or cyberware

It doesn't say that it has to be registered to the commlink, and in fact the subscribing example explicitly mentions a smartlink that isn't subscribed to a commlink. You perfectly happily subscribe the smartgun and vision link to your smartlink. The problems with doing this are numerous though

1) How do you control the gun, ie eject clips etc? You could be wearing trodes, and subscribe the trodes to the smartlink as well, but then I hope you're not wearing anything else that needs trodes to work, or you'll have to subscribe the trodes to that item as well, and then you've got a PAN anyway. If you're not wearing subscribed trodes, then you can't send commands to the smartgun, so you lose functionality.

2) If we can assume that your smartlink system isn't the only device you've decided not to attach to your commlink, protecting yourself from hackers gets very hard. You have to load firewall software, maybe some IC and various programs on each bit of tech. Subscribing them all to a commlink means that you only have to load the protection in one spot.

3) Pathetic signal strength. Some of the smartlink versatility comes from the inbuilt camera, the ability to send commands at a distance (ie disable the gun if your enemy picks it up), shoot remotely etc. Given that cyberware typically has a signal of 0, you have a very limited range you can do all of this in

4) Interactivity. Say you want to send a copy of the camera feed from your smartgun to your Johnson to prove that the target is dead, or to a reporter so you can earn some money on a "real life shadowrunner docudrama" or whatever. You can't really do that with this setup, because you have no matrix connectivity, and depending on the GM, you may not have enough storage space to record it in the first place

There are some positives to having your cyberware set up in this way though

1) It will confuse hackers. The hacker will search for your commlink, and assuming it's turned off, or even better, turned on but connected to nothing, he will have waster valuable time, and will then have to go searching for your gear. If he doesn't know what gear you've got, it's a threshold of 15 to find it. It's only a threshold of 4 if he works out you've got a smartgun system though

2) Pathetic Signal Strength. To hack your system in the first place, the hacker has to be within signal range of your gear. If that's signal 0, it means he's got to be within 3 meters of you.

3) Modularity. The same setup that means that it's a pain in the ass to defend and interact with, means that it's limited in what a hacker can do once he is in. If he hacks your smartgun, that's all he can fiddle with. To hack your cybereyes, he has to hack another system altogether. This links back to point 1 in the disadvantages though. It's very important that you have all of your subnets separate. If you have two different subnets (say your smartlink net, and your cybereyes) accessible from the one set of trodes, then you've just linked both subnets and got rid of the one main advantage of not having a commlink in the first place. The same applies if your cybereyes have an image link that your smartlink also talks to etc

The assumption that I make is that the external smartlink accessory has just enough trode functionality to let you issue DNI commands to the gun and to pipe the tactile sensations of the smartlink interface into your brain.

I'd probably let someone do that with a cyberware smartlink system (giving it another advantage, which it badly needs) and force someone using a wireless system to use some other kind of interface.

Alright, but I belive that if they wanted to have trodes be a requrement for the external smartlink accessory, they would have explicitly stated such.

I tihnk it's one of those things that got brushed under the carpet of assumption. The assumption is that everyone will have a commlink, will have their devices subscribed to the commlink, and will thus control their devices through it, so whatever controls your commlink controls your smartlink.

When you start doing things differently than that, I honestly think it's a GMs call, because most interperatations can be argued for and against