Full Version: Another realitybraker
| QUOTE (hobgoblin @ Feb 21 2006, 01:45 PM) |
and under that rule you atleast have a fighting chance of cracking the encryption  |
It works fairly well both ways, both protecting but allowing chance of access. It also helps with the saving the signal problem. I found that suggestion and an example of how it works in an old thread here. If you have the time and stomach to dig back through the last 6 months of threads there are some ideas like this. Unfortunately I didn't keep the link to that thread when I came across it so I cannot properly credit the author.
| QUOTE (hobgoblin) |
| as for hacking another device within the range of the rating 0 device, we are talking 3 meters here! so unless he is standing allmost right next to a wireless video camera or something its incredibly impractical. never mind that you will be going after a node anyways. ok, so if your lucky that node is less secure then the persons comlink but still... |
3 meters is a long way in the world described in SR4. if you're indoors, you're almost certainly within range of something--the thermostat, someone's cellphone, maybe even the light switch (if not the lights themselves). outside, you have to look a little harder and be a little luckier--but, hell, if two guards are standing around talking to one another, you can hack one's commlink and spoof the other's devices from there. light poles probably have wireless functionality for reporting whether their bulbs are burnt out, downloading the day's turn-on and turn-off times, or just repeating signals. the mailbox on the corner has a wireless uplink that informs the central office when a package is dropped in, for accountability.
Which makes corporate security issues even more interesting in SR4.
| QUOTE (hobgoblin) |
| thing is that if you want to simulate computing and communications in a realistic way, things get very boring very fast for anyone thats not a geek... blue planet (one of the more realistic sf rpgs in my view) just avoids the whole subject with a small article in the back of their tech book that points towards legwork and similar... |
All those points were musings on how the conceptual setup of the Wireless Matrix (WiMax?) might function using my knowledge. I know full well that it's no fun for a non-IT person to dissect realistic computer rules in an RPG, but what has to be done at some point is to lay out how it would work in reality, and then make abstractions to base rules off of.
Someone in combat has an almost infinate number of options to maximize their advantage depending on the situation. In a hacking situation, it shouldn't be the same six dice rolls over and over again. It'd be wonderful to have options to suit your needs.
I do kind of like the encryption interfering with transmission personally. It provides a very nice balance. However, for encrypted files, you're dealing with a totally different beast.
Any encryption in the world is breakable given enough time and computing cycles. There could be SETI-at-home style hacking circles, which devote spare CPU cycles to cracking heavy encryption. You pay the rep a billion nuyen, give them the file, and they run it on their distrubuted network, and all those thousands and millions of comlinks run the program in their spare time. The subscribers each get 10 nuyen a month or something silly like that for their effort, or maybe they're zombies, victims of a worm or other virus.
That's just a brute-force method. Other methods include infamous back doors, like in DES. The NSA can quickly and effortlessly crack any DES encrypted data stream, due to a back door in the encryption method required by law. I would imagine a large number of "official" consumer encryption methods would include these, seeded by either the corp that programs them, or the government that regulates them. Cracking then becomes a method of finding out this back door.
| QUOTE (mfb) | ||
3 meters is a long way in the world described in SR4. if you're indoors, you're almost certainly within range of something--the thermostat, someone's cellphone, maybe even the light switch (if not the lights themselves). outside, you have to look a little harder and be a little luckier--but, hell, if two guards are standing around talking to one another, you can hack one's commlink and spoof the other's devices from there. light poles probably have wireless functionality for reporting whether their bulbs are burnt out, downloading the day's turn-on and turn-off times, or just repeating signals. the mailbox on the corner has a wireless uplink that informs the central office when a package is dropped in, for accountability. |
ugh, how could i forget. everything and grandma's cyberheart is wireless enabled...
question then becomes, can they all support a full on node, or are they just devices with very high signal ratings?
| QUOTE (hobgoblin) |
| ugh, how could i forget. everything and grandma's cyberheart is wireless enabled... question then becomes, can they all support a full on node, or are they just devices with very high signal ratings? |
Well, according to SR4 they are all ”average” devices and all wireless devices that can have an access to the matrix classifies as a “node” so I’d say between 1-3 in rating for civilian models since a cyberheart might have some kind of program running that informs grandmas Biomonitor about it’s status.
Let’s not forget that the cyberheart might also be reporting it’s status to the hospital every two hours or so since grandma has the new bonus agreement with the hospital which makes the cyberheart a lot cheaper if they are allowed to monitor it.
Still, all you need is a rating 1 node to leapfrog from since all that limits you is it’s signal.
so in theory any device can support a program, hmm...
Mindstorm-idea on the wireless problem:
Have encryption NOT be an extended test an require a threshold of (encryption rating) hits. Any decryption attempt not generating more then 1/2 threshold successes raises an alert.
You could still hack any device, but using a designated entry point would offer the advantage of not having to beat encryption.
Have encryption NOT be an extended test an require a threshold of (encryption rating) hits. Any decryption attempt not generating more then 1/2 threshold successes raises an alert.
You could still hack any device, but using a designated entry point would offer the advantage of not having to beat encryption.
| QUOTE (hobgoblin) |
| so in theory any device can support a program, hmm... |
That entirely depends on how one interprets SR4 rules. Accordign to the book we have the whole Response VS Program thingy. Whenever you run X amounts of programs where X is your response your response is lowered by 1.
With the Meta Link commlink one would get Response 0 after running 1 program. With a response 5 commlink you would get a cascading spiral of sinking response as soon as you run 10 programs.
I will try to convince MY gm that any kind of Response TEST is affected by the above rule and not the actual hardware specification of the commlink.
| QUOTE (Ryu) |
| Have encryption NOT be an extended test an require a threshold of (encryption rating) hits. Any decryption attempt not generating more then 1/2 threshold successes raises an alert. |
I ALWAYS assumed that encryption tests were made against the net successes X2 from an encryption test by the defending hacker.
| QUOTE (The Jopp) | ||
That entirely depends on how one interprets SR4 rules. Accordign to the book we have the whole Response VS Program thingy. Whenever you run X amounts of programs where X is your response your response is lowered by 1. With the Meta Link commlink one would get Response 0 after running 1 program. With a response 5 commlink you would get a cascading spiral of sinking response as soon as you run 10 programs. I will try to convince MY gm that any kind of Response TEST is affected by the above rule and not the actual hardware specification of the commlink. |
what i was realy wondering about was if every device is a node. if so then a lot of my theoretical basis for understanding the rules falls away, and i can understand the idea of devices in ones PAN cutting into the number of subscription one can keep and so on.
in theory then one can ramp up the rating of the smartlink and basicly use ones gun as a kind of comlink/computer.
the real question becomes, can any device support a avatar? as im guessing a kind of avatar is present when your accessing a node, be it via AR or VR. if so then you can in theory hijack the device and make it do stuff for you, like say using it as a stepping stone towards someones PAN...
the thing is that i read "device" to refer to something similar to a bluetooth handsfree. a bit of electronics thats doing one thing and one thing only. while i see a "comlink/node" as being something like a smartphone/pda/pc. a device that can do diffrent things depending on what software you run on it.
if any device is a node then basicly you can make that ear piece do all kinds of things, you just need to run extra software on it, via the avatar.
as in, when you access a node, the avatar acts as a kind of bridge between the software your running on your comlink/node and the node your attacking.
so if a smartlink or other device can support the existence of a avatar then one can pull of what mfb suggest, taking over a nearby device thats within the 3 meter range of the targets PAN and then spoof the devices in said PAN.
hmm, remind me to bring along some flying microdrones. one could potentialy use them as signal relays and tell them to get close to the target. who cares about some buzzing insects?
So that was always wrong I´m afraid. Encrypting a device is a simple action without test.
Well, as a defense against any kind of intrusion you can always run encryption, databomb and IC on every device you own, including your cyberware, or any device that someone would theoretically be able to hack into.
Oh my god…I just found the most disgusting piece of tiered network you could imagine.
Use your clothes as first line defense tiered networks with IC and databombs and have them hack your socks before they can reach your jacket and from that to your body armour and then further to your gloves and then FINALLY they can reach your heavily guarded “firewall” commlink with 5+ IC programs loaded on it…
…If they get through all that they can hack your REAL commlink.
This wont actually give you any efficient defence but it will buy you a lot of time since you might be wearing the following items
2 socks
1 sweatshirt
1 jacket
1 underwear
2 gloves
1 hat
1 body armour
2 shoes
1 external commlink
1 flashpack
1 holster
2 cyber commlinks
Now, if basically EVERY device, piece of clothing etc is wireless enabled you’ve got yourself a haystack of wireless defence even if most general appliances have a device rating of 1. Yea, all it will do is buy time, but they still have to FIND every device since you can put EACH AND EVERY ONE of them into hidden mode, and have encryption on each of them.
Lets see, find *looks up* 15 devices after each other, decrypt them, hack into them and then go to the next one, how much time is that?
Still, there are rules for improving Response and Signal of any kind of device…
A jacket with Response/Signal 5 anyone? That would be a well concealed Commlink.
*EDIT*
Oooh, even better, have a few Credsticks and they would have a device rating of 6 so you could have a few Credsticks as firewalls with a signal rating of 1 (hand held electronic device).
Well, I’m not sure but somehow I don’t think this was how Fanpro MEANT it to function, except for runners though, average joe on the street would probably never think of using his credstick as a firewall but protect it BEHIND his commlinks firewall (using an empty uncertified credstick never crossed his mind).
Oh my god…I just found the most disgusting piece of tiered network you could imagine.
Use your clothes as first line defense tiered networks with IC and databombs and have them hack your socks before they can reach your jacket and from that to your body armour and then further to your gloves and then FINALLY they can reach your heavily guarded “firewall” commlink with 5+ IC programs loaded on it…
…If they get through all that they can hack your REAL commlink.
This wont actually give you any efficient defence but it will buy you a lot of time since you might be wearing the following items
2 socks
1 sweatshirt
1 jacket
1 underwear
2 gloves
1 hat
1 body armour
2 shoes
1 external commlink
1 flashpack
1 holster
2 cyber commlinks
Now, if basically EVERY device, piece of clothing etc is wireless enabled you’ve got yourself a haystack of wireless defence even if most general appliances have a device rating of 1. Yea, all it will do is buy time, but they still have to FIND every device since you can put EACH AND EVERY ONE of them into hidden mode, and have encryption on each of them.
Lets see, find *looks up* 15 devices after each other, decrypt them, hack into them and then go to the next one, how much time is that?
Still, there are rules for improving Response and Signal of any kind of device…
A jacket with Response/Signal 5 anyone? That would be a well concealed Commlink.
*EDIT*
Oooh, even better, have a few Credsticks and they would have a device rating of 6 so you could have a few Credsticks as firewalls with a signal rating of 1 (hand held electronic device).
Well, I’m not sure but somehow I don’t think this was how Fanpro MEANT it to function, except for runners though, average joe on the street would probably never think of using his credstick as a firewall but protect it BEHIND his commlinks firewall (using an empty uncertified credstick never crossed his mind).
What I don't get, is why the hell dosent somebody from FanPro come on here and clearify some of this crap!?
It's not like there are a hundred SR4 forums out there. This is pretty much it.
It's not like there are a hundred SR4 forums out there. This is pretty much it.
| QUOTE (Neskeptic) |
| What I don't get, is why the hell dosent somebody from FanPro come on here and clearify some of this crap!? It's not like there are a hundred SR4 forums out there. This is pretty much it. |
Why don't YOU submit the question to the FAQ people?
Well, I for one am gonna get VERY unimpressed if they don’t clarify all the Hacker questions with Networks, Nodes, Reponse issues and suchlike in the upcoming Unwired book, or whatever it is called.
On the issue of nodes and devices:
| QUOTE (SR4 @ p.215, Matrix Jargon) |
| Device—Individual electronics that are connected to the Matrix, such as commlinks, terminals, cyberware, security cameras, drones, etc. |
| QUOTE (SR4 @ p.216, Matrix Jargon) |
| Node—Any device or network that can be accessed. |
Everything electronic that is connected to the Matrix is a Device.
Every Device that can be accessed is a Node.
Furthermore, the Sample Devices Table (p.214) gives us device ratings for things encountered in SR. As per page 213, Device Ratings, the Device Rating substitutes for every Matrix Attribute, for simplicities sake.
Hence any device has Response, Signal, Firewall and System at the level of the device rating. Since it has these attributes, it can run software.
What is connected to the matrix? IMHO Anything that will somehow need to transfer data wirelessly.
In the civilian sector, probably anything. So that the user has the "comfort" to check the contents of his fridge, from his couch, without the need to go to the kitchen while watching a game on TV, or to order the lights in his apartement to turn off, just because he forgot it as he hurried to his job.
Paranoid civilians will turn wireless off on most thingies.
In the corporate sector, wireless will be cut down to a minimum. Only those devices in need of interacting with the matrix will do so, and only on the shortest needed range.
| QUOTE (The Jopp) |
| I will try to convince MY gm that any kind of Response TEST is affected by the above rule and not the actual hardware specification of the commlink. |
Adam said so much in another thread some time ago. So thats offical.
| QUOTE (Serbitar) |
| Adam said so much in another thread some time ago. So thats offical. |
Aah, will that be added in an errata perhaps?
I dont think so.
| QUOTE (The Jopp) |
| Yea, all it will do is buy time, but they still have to FIND every device since you can put EACH AND EVERY ONE of them into hidden mode, and have encryption on each of them. |
Nope. They will only have to find the starting point of that chain - after that, they simply can use the existing connections.
| QUOTE (Rotbart van Dainig) |
| Nope. They will only have to find the starting point of that chain - after that, the simply can use the existing connections. |
Aah, but that’s where we have the fun part, there is no starting point. None of the items are in a subscription list to talk to each other, The first commlink is only using legal access and leapfrogs through them.
In this rather extreme example there are several weaknesses, device rating of one means that anyone can manage to crash the OS or restart whatever software runs that particular node.
The starting point can only be reached by either…
A: Going through the chain of connections.
B: Being within signal range of the device they want to hack.
If the commlink is at a low signal setting they must be close enough to pick up the signal.
| QUOTE (The Jopp @ Feb 22 2006, 04:22 PM) |
| Aah, but that’s where we have the fun part, there is no starting point. None of the items are in a subscription list to talk to each other, The first commlink is only using legal access and leapfrogs through them. |
No subscription - no connection, sorry.
| QUOTE (Rotbart van Dainig @ Feb 22 2006, 02:24 PM) |
| No subscription - no connection, sorry. |
Where does it say that? That would mean that unless I have a subscription on my commlink against a website I cannot access it?
Besides, that logic would basically make tiered networks impossible if you just had to go through 1 node and then skip five others to reach the source node.
No, it just makes the idea that those nodes are not connected, yet should communicate somehow quite strange. 
A subscription list is a way to limit who a client device (like a coffee maker) can talk to.
Without a subscription list the device will talk to *anyone.* So you set your coffee maker's subscription list to be your and your roomie's Comms. Why? So you're punk neighbor doesn't change it from double-foam cappucino to triple shot espresso.
The IRL equivalent of a subscription list is a MAC address restriction where the client will only talk to specified devices. And, like in the game, this can be spoofed IRL but you have to do a little checking (aka a matrix perception test) to get the IDs. Subscription lists aren't true security (just like MAC restrictions aren't real security) but they are an easy way to filter out the weenies and reduce traffic so the masses treat it like security.
Runners should have a subscription list on every device they own. Normals... well, how often do people set the security up right on WiFi now? Yeah, that's how often they will use subscription lists; mostly never.
Without a subscription list the device will talk to *anyone.* So you set your coffee maker's subscription list to be your and your roomie's Comms. Why? So you're punk neighbor doesn't change it from double-foam cappucino to triple shot espresso.
The IRL equivalent of a subscription list is a MAC address restriction where the client will only talk to specified devices. And, like in the game, this can be spoofed IRL but you have to do a little checking (aka a matrix perception test) to get the IDs. Subscription lists aren't true security (just like MAC restrictions aren't real security) but they are an easy way to filter out the weenies and reduce traffic so the masses treat it like security.
Runners should have a subscription list on every device they own. Normals... well, how often do people set the security up right on WiFi now? Yeah, that's how often they will use subscription lists; mostly never.
| QUOTE (Rotbart van Dainig) |
| No, it just makes the idea that those nodes are not connected, yet should communicate somehow quite strange. |
So what's stopping me from havign my devices communicate in a strange way so that I can have a tiered network as well? If tiered network communicate "in a strange way" then I'm gonna use the same strange way to have my own tiered network to communicate.
The way I understand the rules there are several options with subscriptions lists.
A: Your devices have no connection to another device, they don’t communicate with each other.
B: A subscription list tells what device another device can talk to.
C: Devices are not communicating but one can still access a device with a legal access code, very much like a login code on a computer.
With “A” you don’t have a subscription list, with “B” you have a subscription list and with “C” there is no subscription - list but you have access to the device through legal codes.
No subscription list AT ALL means that they will not have any AUTOMATIC access to another device, there is still nothing stopping you from login into the node legally with a password. The device will not “talk” to another device but it can still be accessed.
Connecting to/acessing a device is called subscribing it.
It's a rather bad play of words, but essentially, if there's a connection, there's a connection, which can and will be followed.
It's a rather bad play of words, but essentially, if there's a connection, there's a connection, which can and will be followed.
| QUOTE (Rotbart van Dainig) |
| Connecting to/acessing a device is called subscribing it. It's a rather bad play of words, but essentially, if there's a connection, there's a connection, which can and will be followed. |
What about password security then? I’m not entirely against what you are saying but there are flaws in that logic. A subscription list is mostly about what devices is allowed to talk to each other, what about one way communications? Hacker Device instead of HackerDevice.
Subscription list is always two-way and that’s where I see a flaw in the rules. If we take it literally then tiered network security is impossible and if we say that the network is designed in some kind of quasimystic way incomprehensible for normal people and/or players that’s limiting the game a lot.
| QUOTE (Rotbart van Dainig @ Feb 23 2006, 03:35 AM) |
| Connecting to/acessing a device is called subscribing it. It's a rather bad play of words, but essentially, if there's a connection, there's a connection, which can and will be followed. |
Subscribing has another meaning per SR4 rules, as I quoted in my initial post.
Furthermore, in Shadowrun, you always had to hack your way through x nodes (one at a time) while a data package with the right access codes was just relayed through those nodes.
So if the data went through 10 heavily protected nodes, you would have to hack your way through everyone of those.
Hacking just the first and then being relayed never worked in Shadowrun.
It would be interesting to find a solution for that, and tell the SR4 developers to include that change in unwired, to avaoid problems.
| QUOTE (Serbitar) |
| Subscribing has another meaning per SR4 rules, as I quoted in my initial post. |
It is used in two ways - and that's where the confusion comes from.
| QUOTE (Serbitar) |
| Hacking just the first and then being relayed never worked in Shadowrun. |
What a stroke of luck that this isn't what Jopp and I are talking about.
| QUOTE (The Jopp) |
| what about one way communications? |
With the current set of rules, those are not specified.
Keep in mind that anything interactive needs a two way communication.
So any device in that chain needs to know how to find (Access ID) it's 'adjoining' devices - putting those in stealth mode may cost a hacker more time to find the chain, but once he is in the chain, he can hack his way through... he could even use part of the chain to scan for the rest and then try to use a shortcut.
I still think that the main issue is to force the hacker to hack through a large number of nodes.
| QUOTE (Serbitar) |
| I still think that the main issue is to force the hacker to hack through a large number of nodes. |
Well, for simplicity I’ll go with the INTENT of the SR4 rules.
No subscription= No access unless having the correct code/id/etc
Subscription= Devices talks/gossip/fileshare with each other
Tiered network= No subscription list, only correct ID/backdoor avoids the need for hacking.
Avoiding tiered network: Only possible if within signal range of final destination node (IF it is wireless at all.)
Too much reality and everything will be either too simple or too impossible.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.