Professional Lurker
Feb 28 2006, 10:13 PM
I have recently picked up SR4 and was very interested in how hacking was now handled. Since in every other SR game I've been in the GM encouraged the players to let him NPC the decker, I was curious if this edition made it easy, quick, and fun to have a PC hacker.
I plan on running a one shot with a hacker to test it out, but wanted to know how well it has worked out for everyone else here. I have read many of the threads on the issues, and read some house rules, but haven't found solutions to some problems that are still bothering me. Until Unwired is released, you guys seem my best bet on getting some good mechanics in the meantime.
I guess I really should start by asking, do we really need to make changes? Sure, there are some fuzzy areas in the rules, but do we really need house rules or just clarifications?
For instance, if someone uses Exploit to get in as admin, does he simply pwn the system (turning off IC and alarms, etc...)? At first this sounds too powerful, since it's just an extended test they will eventually win, but would it actually be that bad in play?
In the security section of the book it talks about some networks not being accessible from the outside (anti-WiFi paint and such), forcing the runners to drag their hacker along with them to get at the important bits. At that point, the challenge comes from physical and magical security, plus the possibility of matrix alarm, since the hacker would be using the harsher "hack on the fly" rules. Is that enough to prevent admin rights abuse?
I have some ideas on how to make the hacking for admin harder:
When the node gets to roll firewall + analyze, add +2 if the hacker wants security access, or +4 for admin.
If that's not enough, have the system roll analyze alone w/ +2 or 4 for level of access every time the hacker does something on the system (or once a round). Maybe only do that on nodes that require those passkey things the book mentions once in fluff but never in rules. Give the team a reason to try and steal one, or put up with more risk online.
I'm not completely convinced these are needed. I want to try the game first before adding house rules, you know? Until I do, I would really like any of your opinions.
There are other questions I have:
Is a node a network? If I hack into a business do I have access to data on all their computers, or will I have to hack again to get into the CEOs? Would I just send that other machine a command to give me some data?
What about agents and IC? Could I run more then one off my comlink (or loaded on the hacked node), and have them attack any IC I run into? If I can do that on my comlink, why shouldn't IC do that on it's node? Is Response lowering the only reason not to do this?
What about multiple comlinks? Can you hack with two response 5 comlinks, one with you programs and the other with a number of agents loaded? Or multiple Nodes on a network with IC loaded and attacking you on the node you got in?
I think the Agents/IC is actually the only thing I _really_ have problems with. Lots of agents/IC means lots of dice rolling. I think that can be fixed by having each side use the assisting and auto success rules (agent 4 + attack 4 = 2 extra dice to the hackers attack), but that still doesn't seem right when the hacker has 3 or 4 comlinks worth of agents attack 3 or 4 nodes worth of IC. That way leads to escalating madness. I need some kind of cap on how many agents/IC can be involved, and not just response since more then one node can be involved (right?). Maybe give the systems analyze roll (to get in or with the house rule above) +2 dice for each agent you have loaded (so as to limit the agents loaded before the alarm)? Make it take a roll to get an agent loaded in alert mode(to limit the number once the system is alerted)? Make agents take a complex action longer to load for each program they have loaded in themselves (not something you want to do while being attacked/traced by IC)? And that only limits the hackers side of things, what about the IC?
I'm sorry this has ran long, but I could really use some help figuring some of this out, particularly the agents/IC problem. Any comments or suggestions? Or threads I missed?
mdynna
Feb 28 2006, 10:36 PM
I think what people are having trouble with is the "open-ness" of the Hacking system now. Basically everything is "whatever the GM wants".
First off, Admin access grants whatever privilages the GM feels is appropriate. Personally, I think its foolish that a Corp would assume a Hacker could "never" gain Admin rights. Therefore, in my games, Admin rights don't let you do anything you want.
Second, the rules already say that Security access is a +3 threshold and Admin access is a +6. I'd say that makes Hacking Admin access "on-the-fly" pretty darn difficult.
As for node/network structures: again, that's up to you as the GM. I've seen some people that are going back to the old SR2 structure of nodes. Personally, I think this system was terrible (forcing the PC to navigate the "maze" of nodes). Design the networks as you think appropriate. Would you place all of the Matrix controls for Security devices on the Public host? No, probably not, so the Public Matrix host (the "web page" if you will) is one node and if the Hacker wants to get at the security devices he/she has to Hack another node. Which brings up a second point: would the Security node be connected to the public host (accessible from the "outside" Matrix)? Again, probably not for most decently security-conscious facilities. Then you have a situation where the Security node is only Hackable if you are inside the facility. Is the Security node wireless at all? These are things that the GM decides.
Now issues like multiple Commlinks and Agent "spamming" are something that is technically not disallowed according to the rules, but I would impose some heavily penalties on someone for something like multi-link Hacking.
Basically in SR4, things are opened up much more for GM decision. You decide what is reasonable.
Professional Lurker
Feb 28 2006, 11:22 PM
The problem I had with admin rights being too easy to get had to do with the extended roll of probing the target. There is rarely, if ever, reason for the hacker not to spend the extra hour or two to get admin. Sorry if I didn't make that clear. Hacking on the fly is certainly more risky, and adding the +2 or +4 to the analyze roll seems to be too much there, sure.
I really just want to avoid the hacker taking the game over for more then 10-15 minutes, hopefully. Getting in with admin (however powerful that is) is not so bad because any run requiring more then hackers will obviously require something for the rest of the team to do. It's not to hard at that point to have the hacker required on site, for the locally limited wireless nets.
The network layout should be as simple as feasible. I think that the part of the network with the most security should be the way people get in and out, actually. It seems like the best place to put your highest firewall, if they can't get into it, they can't get anything. If you had a lower firewall just to get in, and your highest to get the juicy stuff, then that lower security area will be hacked by more of the unskilled hackers, while you'll still have just as many good hackers getting thorugh the tougher firewall.
I know this is a bad thing to do, but by comparing it to real networks, wouldn't the security firewall be what you have to get through first?
The security node has the highest firewall/signal on the network. It's what hackers have to get in before accessing anything else. The other parts of the network are just subscribed to that security node, so once you take the security node you technically have access to everything just by sending commands to them. Without access to that node, you could spoof the other parts of the network (cameras, etc...) but since those devices have lower signals, you have to be closer to the site to do so.
And I honestly don't know what to do about multiple agents/IC. If you have any specific thoughts on it, I would love to hear them.
I don't know. I just want hacking to be fast and fun. Since it seems "GM say-so" is the rule, I'll just do what I can to make that happen. I'm just looking for help to make sure I don't make a rule with some stupid consequence I didn't think about (like +2 or 4 to the already hard "hack on the fly" analyze rolls, honestly).Thanks for your reply.
Shrike30
Mar 1 2006, 12:42 AM
The whole "probing the target" thing only works if you have access to the node you want to probe. If you're talking about security systems in a building (for example), there's no reason from a security point of view to leave these exposed to the outside world. Asides from a call out to an alarm company (or an email, since it's Teh Futar), you don't really need outside connectivity. Security systems, when I run them, tend to use wireless for things like communications (security guards talking to each other/supervisors), remote drone control, that kind of thing. Often times doors will be hardwired (why bother wirelessing a door? it doesn't move around), as will things like cameras (which also don't move), meaning that in order to screw with these systems, a hacker either has to do it physically (plugging into the camera or door lock) or through the security network, which again has no reason to be accessible from outside the building.
Since the security network is inside the building, you can probe it... but this requires you to find some place inside a (theoretically) secure building where you can spend a few hours dicking around with the contents of their network. Not the safest thing to do.
I'm wondering how long it's going to take my players to figure out some sort of relay... using a laser link to communicate with a drone inside the building that is talking to the sec net, or something along those lines. Should be interesting (and, of course, means you have to figure out how to get a drone into the building first).
Professional Lurker
Mar 1 2006, 02:21 AM
QUOTE (Shrike30) |
If you're talking about security systems in a building (for example), there's no reason from a security point of view to leave these exposed to the outside world. |
I like this actually. Why would the network for door and camera security need to be accessible from the outside? Sure, some data hosted at the site might be remotely accessible so employees can remote commute. Having you security network accessible, though, seems like a bad idea.
I can think of one advantage to having a sites security network online: Outsourcing your wireless security. You don't need to have a white hat hacker on site 24/7 if a firm can provide one remotely when an alarm goes off. Admittedly, this makes your network hackable. I can't really see a company truly worried about security that would take this route. I imagine there might be a fair number of mom and pop shops that outsource security to some outside firm, but why would any significant company take the risk?
Hmmm....
I'll have to think about this some more. How much would a company keep secure this way? The physical security of the building is one thing, but what about intellectual property? What would need to be online to share with the rest of the company?
I guess this is all GM decision in each company’s case. I need to think about this some more. I like the idea of a Hacker being able to change some employee info so as to sneak the runners in as employees. Why would any serious company ever have this info online? Is this something that just isn't likely?
kigmatzomat
Mar 1 2006, 02:57 AM
IRL I used to work for a data center and many of my friends are at large (Fortune 500+) companies in IT & security.
Many won't allow open source software, even though it allows greater security through a code audit Why? No one to blame. "We contracted for that from a very reputable source. They failed. Our lawyers are evaluating our options even now." Then the 'very reputable source' will quote industry standard service levels. Brinks Security doesn't guarantee you won't be broken into, just that they have some of the best security services.
Reason #2 for outsourcing: cost. If you're a smaller organization who needs to meet HIIPA you may not want to spend the tens of thousands of dollars to build the system. You'll contract from a certified IT company and just have your internal departments adjust to meet their requirements.
Hacking Brinks is probably harder than hacking the Mom'n Pop. On the flip side, social engineering the Mom'n Pop to make them think you are Brinks may not be so hard.
fistandantilus4.0
Mar 1 2006, 07:09 AM
As far as off-site sec decker,s you could always use a dedicated SAT link to the satellite used by your security provider. Have the access privliges set up through a triggered SAN for extra security, and have the on-site be mostly wired security. If the guards and drones are linked to the system through wireless, then a hacker can access it through their commlinks. But being aware of that vulnerability, the secdeckers can make that node that they all link up through a chokepoint, and lode it up with IC, or station a persona there.
mdynna
Mar 1 2006, 05:59 PM
@Lurker: You are re-stating basically what I was getting at. The Security Node of any corp is probably only accessible from inside the facility. So, as Shrike stated, if you want Admin access to that Security node by Probing you'll have to find a place where you can "slump" for a awhile. You could do it through AR but that would take longer ("Really Mr. Guard I want to go on the tour again. I know I've been here for 4 hours and 8 tours already...").
On the topic of the outsourcing security, I think that its very believable that a smaller corp would outsource its security since its unreasonable that they would have the resources for good security. However, remember Hardware Keys. Basically, the Security Hacker(s) employed by the company have a special "module" attached to their Commlink that has a Passkey imprinted on it (in the hardware). So the corp's Security node can only be
externally accessed if you have the Passkey module plugged into your 'link.
Now, does that mean the runners can find out who the outsourcing employee(s) are, track them down, and steal their Passkey? Yes. Is that a problem? No, I call that good Legwork!
Shrike30
Mar 1 2006, 07:23 PM
Remind me what hardware keys are in-game, my memory is failing.
Dashifen
Mar 1 2006, 10:01 PM
QUOTE (Shrike30) |
... Often times doors will be hardwired (why bother wirelessing a door? it doesn't move around), as will things like cameras (which also don't move), meaning that in order to screw with these systems, a hacker either has to do it physically (plugging into the camera or door lock) or through the security network, which again has no reason to be accessible from outside the building. |
The only thing I could say is that I've done similar but made the signal of the doors or cameras extremely low (like cyberware) so that if you're standing next to it the door could open for you if you're authorized. The CEO of the company doesn't want to have to open the door for herself! She wants the door to do it for her!! Course, this is a security risk but you'd have to spoof said CEO's access id which requires perceiving her online. Thus, it's a risk but perhaps not that great of one.
Also, allowing for cameras to be access from approximately 1 meter away would allow repairs to be performed without a ladder (potentially) or a review of their status or tape without having to be in the security office. Guard A sees that a door has been tampered with. He stands next to the wall, below the camera and checks its feed via AR seeing that the camera doesn't show anything either. If the camera weren't available you'd either (a) need to extend a data cable from commlink to camera (which might not be feasible if your guards are dwarves) or go back to the security room to see the feed from the camera directly.
Still provides protection for the corp: the signal for important security features are so low that they can only be dealt with from near by if you want to know what's going on. I guess you could hack them via one-way communication and just hope that you're information is doing what you want it to, but I'd be pretty harsh on a player who tried that. Plus, you can have some kind of wireless blocking wallpaper or paint or building material on the outside of the structure so that these signals cannot be reached without being on site. Thus, again, your hacker is relegated to coming along with the team and either hacking the entire security system or attempting to hack doors and cameras as you go along.
But, to combat the hacking-doors-and-cameras-as-you-go-along technique, simply make the devices have nothing but admin access (thus the +6 is required for attempts to hack them) and make them automatically shut down and reboot if their hacked. Give them a pilot of 6 and analyze of 6 and they'll catch almost any hacker before they can break in and can send a message to the security team and then shut down stopping hacking attempts rather abruptly.
kigmatzomat
Mar 1 2006, 10:34 PM
In my games I run the physical security system for large installations as a secondary system unconnected to the operational network. There's no reason for you to have the security cameras and door controls linked to the same W/LAN as your "desktop" workstations if you can afford the cost of the extra wiring/hardware. It also means that a security guard has "security" privileges with facility access but not data access. Security "admins" are the ones with the highest ratings and the "masterkey" to the facility.
For smaller operations it isn't worth it. You have a perceptible amount of administrative and bureaucratic labor that makes life difficult. It only becomes reasonable when the sheer bulk of the operation causes a perceptible amount of administrative and bureaucratic labor simply by existing.
So, for instance, IBM will have separate security nets in all major facilities. A sales office, where no one has any significant privileges, will have a unified security/data net much like any company with a)less than 50 employees and b)no regular possession of "paydata." A Lockheed-Martin SkunkWorx facility always has paydata; that is, data that can be sold on the open market. The IBM sales office may have data that is valuable to a select group of individuals under certain circumstances ....say once a big contract has been set up but not yet signed.
mdynna
Mar 1 2006, 10:39 PM
QUOTE (Shrike30) |
Remind me what hardware keys are in-game, my memory is failing. |
They're a special module that plugs into your Commlink that can be used to validate authorized access. Basically, its a chip with your password "burned" right into the IC's (that Integrated Circuits, not Intrusion Countermeasures).
QUOTE (SR4 pp. 215-216) |
Passkeys are one of the most secure ways of controlling access to a node. Passkeys are unique encrypted modules that plug into a commlink or terminal. Many corporations require this accessory for telecommuting workers. When a logon is attempted, the node queries the module; if it doesn’t receive the proper code, the user is denied access. |
hobgoblin
Mar 1 2006, 11:03 PM
QUOTE (Professional Lurker) |
The problem I had with admin rights being too easy to get had to do with the extended roll of probing the target. There is rarely, if ever, reason for the hacker not to spend the extra hour or two to get admin. Sorry if I didn't make that clear. Hacking on the fly is certainly more risky, and adding the +2 or +4 to the analyze roll seems to be too much there, sure. |
my question here is, how did they get that extra hour. a hour is a long time when we are talking computer security. allso, is this a hour onsite? unless they have knocked out all guards and are simulating their rounds, someone is bound to find out something isnt right and trigger a alarm.
computer security do not exist on its own. the best security is integrated and layerd, with each layer a degree more difficult then the next.
links to the outside world should have 24/7 monitoring. guards should have checkpoints that they need to be at on set times to insert some sort of key and present some kind of biometric id. if a system dont need to be connected, they should not be connected. if a person needs access to both sides, issue him two terminals or similar (iirc this is standard NSA).
it takes a extra hour to get admin access, but does the hacker have that extra hour?
Professional Lurker
Mar 2 2006, 04:02 PM
QUOTE (hobgoblin) |
my question here is, how did they get that extra hour. a hour is a long time when we are talking computer security. allso, is this a hour onsite? |
I had at the time assumed the security system would be available online. I had hoped that a hacker could use an exploit to get in the system well ahead of the actual run, so as to insert false accounts and IDs for the runners, or open holes in the physical security.
It seems the way the rules are written, if the security system is online then a hacker could have all the time he needs to probe it remotely, give himself admin (however powerful that is supposed to be) and never have any real risk of discovery if his stealth program is moderately high.
If the security system is wired, or somehow disconnected from the rest of the matrix, then of course things change. He would have to be onsite, and hacking "on-the-fly" would be the most reasonable way to get in. This makes it much more likely the system will notice the intrusion.
So, it seems that the only way a system can possibly be secure in SR4 is if it's offline. Perhaps it was just my preconceptions that make this a problem, but I was hoping hackers would have something to do during legwork involving hacking. If the only secure networks are offline, then the hacker is only really hacking for a run by being onsite. This isn't necessarily a problem, just a little different then I was expecting.
I can even see how this is good, since a hacker will be interacting with the rest of the group a lot more then in previous editions. I had just assumed that he would prepare for a run in advance by setting up some fake accounts or something. That doesn't seem likely to be the case.
mdynna
Mar 2 2006, 05:32 PM
There are other things that the Hacker can do in the Legwork time besides hacking the target system ahead of time. Gathering intel via the Matrix is the biggest one. The floorplans for the corp facility are probably available online somewhere (the construction company's system for instance), or maybe finding the "brochure" for the model of sensor(s) that you know the facility is using.
Or, even better, using that research to find different ways into the facility. Why Hack a killer system when you can find out that one of the Security personnel is cheating on his wife and you blackmail him into getting you access codes? There's always Legwork that can be done.
Johnnycache
Mar 2 2006, 07:16 PM
Two things:
1. Can't a place just use old-fashioned copper wire if they don't want you hacking outlying parts of their network such as cameras and alarms?
1a. Even if something has to be online, couldn't it be accessed via a single choke-point node that is decorated like febuary in michigan, thus complicating access from either direction?
2. On that note, is exploitation of trust covered? I mean, say you take security access on the fly, does that/should that make it easier to then gain admin access?
I think when I make maps for the new shadowrun, they are going to have all the significant computers/etc marked, since they are now almost like a physical tunnel system through the building. . .
neko128
Mar 2 2006, 07:23 PM
QUOTE |
1. Can't a place just use old-fashioned copper wire if they don't want you hacking outlying parts of their network such as cameras and alarms? |
Or fiber optic cable, yes; in fact, the rules specifically talk about this (at least as an example), don't they?. But then, it's possible at that point that the object itself can be used as an access point into the network...
QUOTE |
1a. Even if something has to be online, couldn't it be accessed via a single choke-point node that is decorated like febuary in michigan, thus complicating access from either direction? |
Yes; but even if it's programmed to respond to only a single node, if it's wireless, it's subject to spoofing. By nature, it's much safer to assume that anything on a wired network is authorized; a wireless network by nature it's impossible to assume that... Though people do it anyway. This can also be helped by just wireless-proofing the outer walls, and having a "secure" internal wireless network for this purpose.
QUOTE |
2. On that note, is exploitation of trust covered? I mean, say you take security access on the fly, does that/should that make it easier to then gain admin access? |
I'd say no, because systems are often better-protected against a valid user doing something unauthorized than an invalid one doing the same thing. On the other hand, if a player actually asked to do it and gave me a good case for it, I'd end up giving them a +2 DP mod, or something.
Shrike30
Mar 2 2006, 09:35 PM
There's nothing that says the hacker *can't* do legwork ahead of time and set up accounts on the building's security network. Who says you can't visit the site more than once?
While you're there, the rigger can scope out the parking lot and the VAC system (for flying drones and doing donuts to piss off security), the mage can scope out any magical protection they might have, and the mercenary can dress like he's part of the maintenance staff, and hide a light machine gun in a fake piece of pipe along your exfiltration route in the steam tunnels.
Legwork is fuuuun
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.