What does the rule do?

It implements an unhackable link between two devices. This link works, hacking-wise, like a cable that can not be intercepted.

Whats the Problem?

This rule is killing wireless hacking. Devices that do not have to access the matrix, will only grant access to a limited number of other devices, which need to use the device in question. These connections are, as defined by the rule, unhackable.

Example1: All the wireless devices in a house only accept input from the house-telecom and the comlink of the owner. The telecom and the commlink of the owner only accept input from the local security node of their matrix service provider.

Example2: All devices in a coporation facility only accept input from devices of the coporate facility. For outside communication, a heavily secured choke point is used.

Example3: Cars only accept input from the comlinks of their owners. Cars can not be hacked without finding the owner comlink, first, which in turn, is only accesible by the security node of the matrix service provider.


This rule effectively kills wireless hacking and is extremely senseless. Why shouldnt one be able to spoof the device codes?
With this rule, we are back to SR3 hacking. Even worse, there is no way to "tap" the wireless links. They are, by rule, 100% secure.

Solution:
Skip the rule. PAN devices with a rating of 0 are already more then enough protected by their very short broadcasting length and possible skinlink solutions.

Nobody would configure their commlink and telecom to accept input from only the service provider. Not unless they had a commlink and telecom only for the purpouse of controling the house hold's devices, and kept another set of computers for everything else. That seems unlikely as it would destroy the seamless interacting you can get with just one commlink (you would have to pick up different commlinks for making calls and for changing the tune on your stereo). It could happen with very paranoid people, but it would be extremely rare I think.

This only means you have to hack your way into the building's network before you can control cameras and electric fences. I thought that was the point ???

Again, great hackers who are able to break through good firewalls and IC are not common enough for anyone to sacrifice all but one of a commlink's functions. Instead they will rely on regular security measures and enjoy the seamless interaction with people and electronics that a single commlink can provide.

So what it really means is that you can't drive around parked cars like radio-controled toy cars. You need the "key" first. And I bet you can still do it the old fashioned way and break in physicly. Maybe you can get past the subscription problem by jacking in with cable?

Are you mixing AR with VR? AR is intended as a means of interfacing with things wirelessly (subscribing) and simply sending orders to the device (presumably selecting one of the available functions). You can hack the operating system of the coffeemaker and reprogram the timer so that it always burns the coffee - but aside from pranks, there's no significant point in doing so for most appliances and basic electronics.

Wrong conculsion.
You still use the comlink as normal. It is just routed through the security node. INcoming calls just reach you via security node, you dont even notice it.

No, thats not the point. The point of the wireless system was, that eveything is hackable.

Again. You dont sacrifice anything. Everything is still seamless. It just comes down to routing.

Thats not the point why the wireless system was invented. It was invented to make hacking easier.

You hack devices over their connections. If all the conncetions to the device are unhackable, the device is unhackable.,

You mean physically? (wirelessly you cant, it wont accept your connection) Not an option. We want wireless hacking.
BTW: What is the difference in acessing a device physically compared to wireless? Different protocoll? Or dou you just alter the electronics?

That leasds directly to the cockepoint solution.

Does Joe 2070 care? We are not talking about runners, but about people who are getting hacked by runners. Or not anymore, because of the unhackable connection rule . . .

BTW: Please discribe your "spoofing" rules in connection with the "subscriber" rule. If you can spoof for example comlink codes, to acess devices (cyberware) connected to a comlinks PAN, then the "subscriber" rules is useless and should be skipped.

You can route AR through the matrix. The matrix IS wireless. Wireless IS matrix. There is no difference. The AR application just doesnt go directly to the comlink, but takes the routing over a security node.
(Your comlink, when its not in hidden mode, broadcasts: Im here, and the AR device sends the data through the matrix over the security node, and so forth. Just a a matter of routing.)


But I get your point. Direct wireless connections, would not be possible (if you want that). But the main problems are not the comlinks, but the chockepoint designs for installed devices, in coporations and homesystems alike.

How do you do this? The coffe device does not interact with you. You cant even start to spoof.
If you can, then its a normal hacking attempt which is already in the book. Why the "subscriber" rule.
People tell me, that their drones are unhackable, because they are subscribed to their PAN and thus, the comlink of the rigger must be hacked first. But the comlink is subscribed to the comlink of the hacker and I have to hack that first.

SO what? Can I spoof something, to hack the drone directly (rendering the "subscriber" rule useless and invalid), or do I have to go through the comlink chain?

The latter leads to chockepoint solutions everywhere and kills SR4 wireless hacking.

Wrong. In fact, using electronic warfare, that is perfectly possible even for those 'fixed' connections.

So, in your interpretation, you can hack drones, subscribed to a PAN, simply by just spoofing the PAN?

Can you back this up by BBB quotes ?

AND this means that the subscriber rule doesnt actually do anything. You can still hack every device.
Would be fine for me.

they do something tho, they add a extra step

hmm, now that i think about it, could one use a drone to do the signal interception for the spoof? ie, insert a small drone into the area, log into the drone over the matrix, then use it as a signal router and spoof the device.

makes me realy want to invest in those microdrones (fly on the wall have never been more correct ).

being a node is independent of VR or AR mode. a node is a device that can talk directly to the matrix. or atleast thats my take on it.

so if there is a node out there, you can access it both via AR or VR. if your going to hack it however, i would suggest going VR, unless your meat is realy wired for speed.

A subscribed object only accepts commands from a specific signal or set of signals.

Spoofing is the process of mimicing the signal that the object will accept commands from.

So you are able to start trying to spoof a device that isn't subscribed to you, that is the point of spoof.

Spoofing however does require you to know the matrix ID of the person who's device you are trying to spoof, which requires a successful Matrix Perception Test (pg 224).

This means that you can create choke points yes, but those choke points can be sidestepped with the right maneuvers.

This is only partially correct. Wireless connections are broadcast and receptor systems which means there is no such thing as secure two-way communication. In SR4 what keeps one device from recognizing anything but another specific system is security software (Firewall) and registered accounts/IDs. These can be forged with the appropriate tools (including Spoof) or by first acquiring the valid account passcodes, etc.

Note there are specific requisites to successfully Spoof something so sometimes it isn't possible, but the quote you want (relating specifically to drones) is on p.224.

It won't recognize you as a valid user because you don't have a valid account, which is something slightly different. There are ways of brute forcing your way through Firewalls, spoofing devices and forging accounts in the rules.

And there's nothing wrong with it. You hack whatever node is connected to the Matrix (normally the personal commlink) and slip in through that.

As Tinker has correctly pointed out by RAW you can only really spoof devices with agents and pilot progs. However, by RAW you can also brute force your way through the Firewall or forge an account. Note, also by RAW, every device has a Firewall (simplified into the Device Rating) and so can be brute-forced.

All the subscriber rule defines is the use of "chokepoints", particularly with regards to commlinks. The fact that a commlink is logged onto the open Matrix means its hackable. You target it and hack the firewall and from there potentially have access to its entire subscription list. If you limit your link to recieveing incoming from only one ID (such as the MSP) then you're isolating yourself from all the functionality of being wireless in the first place - you won't be getting direct broadcasts from people, stores and devices around you which is the whole reason why Joe 2070 uses a commlink.

This works only against drones and agents by RAW (and doesn't even work upstream).

Just because everything is wireless doesn't mean that everything should be easy to hack. I mean, people raise the issue about SR4 all the time that now ever moron with a commlink and a bit of hacking skill can cause all kinds of problems for society at large.

You should have to hack someone's commlink to get access to their smartlink. Hackers are more viable now, but they shouldn't be gods among men. A hacker with a few hours on his hands can VR over to any system attached to the Matrix and just about always break inside without detection (using the non-brute-force method). Hacking a matrix connection node isn't that hard, it just takes time. The same thing with a commlink.

You do. I described the procedure above.

What the chokepoint system destroys is the "I can see it, I can hack it" philosophy of SR4. With the chockepoint system, the hacker wont be able to hack that security camera (car, sensor, laser beam, maglock) over there. He will have to go through the heavily protected secnode. Then we are back at SR3 hacking.

But you still owe me an answer: Can I hack smartlink (provided I am near enough) without hacking (by spoofing or whatever) the comlink first, or can I not? And why.

Your smartlink is more than enough protected by the low signal rating. Somebody would have to stay 3 meters next to you to do this AND there is skinlink. No extra rule needed.

No need to sacrifice SR4 wireless hacking for this.

I give you a quote to consider:

Granted, this text only specifically mentiones agents and drones, but any other device wouldn't be much different (maybe even easier).
The subscriber rule mentiones, that two devices must "know" each other to allow communication between those two.
Question is: How, do they know each other?
Possible, and iMHO most likely, answer based on data in BBB: By the access ID each device has.
The Spoof Command Rule states that you can get this access ID by a sucessfull Matrix Perception Test of the Persona in Question. Once you have this access ID, you can impersonate it. One other possible stepstone would then be an encryption Layer over the communication, which first must be unencrypted, to send a command.

I conclude from this, that:
a) A connection is secure, unless the access ID of the "controller" is known.
b) Once said access ID is known, you can do whatever you want with the "recipient".

What does this mean for everyday hacking (everything IMHO)?
Once you spot a Drone or simmilar thing, the hacker should try to locate the node, said drone communicates with. You may not be able to listen into it, or send on the same "frequency" but you know it is there, and you can locate it, using Electronic Warfare Rules.
Once you pinpointed the physical location of the nearest node a Device/Drone/Agent communicates with, you try to get a good look at it (matrix wise). This gives you the access ID, and on you go.

In the case of an enemy hacker, his signal range will possibly be wide enough (he sends commands to the drone), that you can do a matrix perception roll on him, without even moving, since you are already in his range.
If you aren't you have to go closer, either through the matrix, logging into a closer node, or physically, moving your commlink into his range.

In the case of a security network, i assume that most nodes will have a quite low signal rating to force intruders to come close to other security measures. But the node controlling (or relaying) the commands to a Drone (for instance) should have a - slightly - larger range, since it must communicate with a drone flying around. Large enough that you can get a "matrix look" at it, once you enter it's signal range.

Other devices, like maglocks for instance, may be set to accept wireless connections from other sources (RFID-Tags, for instance), opening a possible way to exploit those "holes" to hack this device, since they aren't set to a specific access ID.

So, yes the subscriber rule makes it difficult to influence devices that are set to accept only wireless connections from a specific source, but once you are in range to that controlling node, you can make a Matrix Perception Roll on that node, getting it's access ID. With that you can start to fool the device.

So, to secure something, one has to subscribe ones devices to specific nodes AND use encryption AND keep a low signal rating, to force intruders to come close enough, that it becomes dangerous for them. Sometimes all of it (especially the range part) simply isn't possible.
The subscriber list is only one part - which can be overcome - to slow down intruders.

That's just another way. But yes, you're right of course.

You don't have to actually access a node to scan it. As a node it sends out signals, which can be interpreted, and define its "persona" for those "looking" at it. Once you get the signals, your commlink will interpret them for you, displaying the icon.
And the node will send out it's access code somehow. And unless a directional link is used (unlikely), in all directions possible. It has to, unless the "recipient" couldn't receive it himself.
So your commlink will pick it up. The Matrix Perception Test is nothing else, but to see this specific data piece between all the rest, the node sends out. The rest (like threshold 'nd stuff) is coverd in Matrix Perception, p. 217.

The answer is: It is possible but you have to be close....reallly, really close.

IF the smart linked device is using wireless (but not skinlink) AND you are within signal range of the smart linked device then you can attempt to hack the commlink. (Since this is a 2-way communication you have to be in range of the weaker device, in this case the smart link)


If they are using skinlink you could do the same thinks *IF* you are touching them the
whole time.

IIRC you first have to locate the signal with a Scanner, make an Electronic Warfare + Decrypt attempt vs. any encryption, followed by a Matrix Perception test of the Comm and finally you make a Spoof check.


This has already been gone over in one of the many "how do I hack subscribed drones" threads. Do a search and you should find one (or more) that have the required tests and page references.

The BBB defines spoofing, on page 224, as forging commands to agents and drones controlled by another persona. On page 238, under drones, it specifically says that to control a drone, it MUST be linked to you as a subscriber. So pretty much... Spoofing is nothing more than sending a message that is falsely identified as issued by someone else - and we have a specific example of it functioning against a subscribed object. However, it only refers to sending commands, not hacking into them or something similar. So this could easily be extended to say that you could send a spoofed command to a Smartlink subscribed to a Commlink, for example, but accessing data files on someone's subscribed cybereye wouldn't be the same thing.

It's also worth noting, though, that there's other things to this. While spoofing lets you falsely identify yourself as someone else, you must already have decrypted the communications link and such.

So no... Subscribing isn't useless, by any stretch; it adds an extra level of difficulty to any attempt to command something communicating by subscription. It just isn't foolproof.

Yup. Page 256: "...High-security systems will avoid wireless altogether, sticking to an internal wired network that is either completely isolated from the Matrix, or linked via secure gateway networks, perhaps through carefully timed and temporary connections."

Yes, all devices do count towards the total number of subscriptions but, no, it shouldn't have much, if any, impact on a samurai since his cyberware is controlled via DNI and not wireless. I'm going to say this one more time because people seem to have misread it: wireless did not replace DNI in function, it's use is complementary. Motor control of your cyberarm is still DNI, there is no reason for making it wireless. Most cyberware does also possess wireless functions, but mostly to run system diagnostics or interface with implanted gear (such as a cybersmartgun, etc) - there are three different points in SR4 where the common functions of wireless in cyberware are mentioned.

Of course it would be. Accessing a file is simply sending a command that states "send me this file". The cybereye will address the data transmission to the device being spoofed, of course. But, since broadcast is a wireless medium, it is rather simple to intercept anything addressed to that device.

so, if i have display contacts and a smartlink. setting this all up via a comlink will require a rating 2 comlink if i want to be able to access nodes, drones, or for that matter other peoples comlinks?

i dont know why, but that sounds flat out silly to me...

Only Drones, Agents and Nodes coutn towards the subscription limit.