Help - Search - Members - Calendar
Full Version: Some Hacking Questions...
Dumpshock Forums > Discussion > Shadowrun
JustSix
New GM here. I've done some searching, but haven't found answers to a few hacking/rigging questions. Hopefully someone a bit more familiar with SR4 can help me...

1. It states that standard electronic devices only have admin accounts. What exactly defines a "standard electronic device"? Is a commlink a standard device (thus adding +6 to all attempts to hack a commlink), or does it have the three different levels of access?

2. When hacking a drone, and the drone is on a rigger's subscription list, do you hack into the drone (using the drone's stats); or into the commlink of the rigger controlling the drone (which might have different stats), and from there into the drone? One example would be a patrolling police drone, as mentioned in the "Interacting with AR" sidebar.

3. Do technomancers leave a datatrail that can be tracked, or do they just leave a matrix signature only other technomancers can detect, or both?

Any help would be *greatly* appreciated. Thanks... wobble.gif
Dashifen
1. Pretty much anything you want to be a standard electronic device could be. I have commlinks in my game only respond to an admin user, thus they are a "standard electronic device" but YMMV. Mostly, however, this is for hacking toasters, fridges, stereos, cars, etc. as these are all devices that are supposed to interact with one specific client that they subscribe to. Thus, to hack them is more difficult. Now, if you can convince them that you are their subscribed client ...........

2. Either. Hacking it would mean that you have to spoof commands at it while hacking the riggers commlink would allow you to make it think that you are the rigger. I've glossed over some of the finer points, so let me (us) know if you want more details.

3. Yes to the data trail on technomancers -- anyone can track it.
hobgoblin
think of it this way, windows 95 to ME had only one kind of user, the admin. basicly if its a device that is there to only serve one person or that one have a service mode or similar available i would not be surprised if it only have admin mode.

why have security or user accounts on something thats only there to do a predefined set of simple tasks?
neko128
For #1, in my opinion, a "standard electronic device" is anything that would be considered "dumb" as opposed to a fully-fledged computer. So, as someone else said, this'd include toasters, coffe machines, guns, and doors. On the other hand, I would NOT count CommLinks in this list; they're not only fully-fledged computers, but quite powerful ones in many cases.
JustSix
QUOTE (Dashifen)
1.  Pretty much anything you want to be a standard electronic device could be.  I have commlinks in my game only respond to an admin user, thus they are a "standard electronic device" but YMMV.  Mostly, however, this is for hacking toasters, fridges, stereos, cars, etc. as these are all devices that are supposed to interact with one specific client that they subscribe to.  Thus, to hack them is more difficult.  Now, if you can convince them that you are their subscribed client ...........

2. Either.  Hacking it would mean that you have to spoof commands at it while hacking the riggers commlink would allow you to make it think that you are the rigger.  I've glossed over some of the finer points, so let me (us) know if you want more details.

3. Yes to the data trail on technomancers -- anyone can track it.

A little more info on hacking a drone would be helpful, yes. In terms of your PAN, if you slave all of your wireless devices to your commlink (smartgun, cybereyes, whatever), a hacker would have to access your commlink before fiddling with your peripherals. Right? How is this different from a drone that's subscribed to a rigger's commlink? Why would a hacker be able to spoof a drone without going through a rigger's commlink, but not be able to hack the cybereyes of a street sam (when the eyes are slaved to his/her commlink)? Or am I off base here?

As for hacking commlinks, judging from some of the other replies, there seems to be some debate on whether or not commlinks have multiple levels of user rights. Seeing as how commlinks are pretty much everywhere, and PCs are almost required to carry them, a little more rules clarification would have been appreciated...

Finally, as for technomancers and datatrails, I guess that means a technomancer would have to project some sort of access ID? It's just hard for me to grasp the capabilities of the technomancers...

Thanks everyone for the replies. I hope they keep on coming... wink.gif
hobgoblin
bacause drones talk long range, while smartlinks talk shortrange (or most likely skinlink if your a smart/paranoid runner)?

i dont know, but it looks as if there is a protocol diffrence, as the only two listed spoofable targets are drones and agents. and drones looks like a agent in a cage. so most likely the spoof isnt so much about spoofing low level matrix traffic as it is about spoofing high level drone/agent commands...
The Jopp
QUOTE (JustSix)
A little more info on hacking a drone would be helpful, yes. In terms of your PAN, if you slave all of your wireless devices to your commlink (smartgun, cybereyes, whatever), a hacker would have to access your commlink before fiddling with your peripherals. Right? How is this different from a drone that's subscribed to a rigger's commlink? Why would a hacker be able to spoof a drone without going through a rigger's commlink, but not be able to hack the cybereyes of a street sam (when the eyes are slaved to his/her commlink)? Or am I off base here?

There is a definite difference between spoofing command and hacking. Hacking a device gives you complete control while spoofing command only lets you give a agent/drone a new order. The main difference is that spoof command is just that, an order addressed to a device designed to receive orders. In the case of a device like a cybereye it is not an agent or drone designed for autonomous action, itís just a piece of gear.

Gear can be hacked and given an edit command instead. If you want complete control of a drone then you could hack the targets commlink, gain access to the drone and edit its subscription list. Remember, if the target has a subscription list then the drone should have a subscription list as well Ė it must know who is allowed to access it. Once the subscription list is hacked you replace it with your own and you know control a drone/car/etc.

Remember, spoofing a command is not taking 100% control of a drone, it only gives it a standing order (until the real owner countermands it). If you hack the drones system and replace its subscription list then you have 100% control and basically owns the drone.

QUESTION
If you hack a commlink to gain access to a drone, do you have to make ANOTHER hacking test to bypass the Pilots own firewall as well? It stands to reason since the only thing hacking the commlink does is to give you POSSIBLE access to devices on its subscription list, and every piece of electronic gear can have IC and Agents.
kigmatzomat
QUOTE (JustSix)
A little more info on hacking a drone would be helpful, yes. In terms of your PAN, if you slave all of your wireless devices to your commlink (smartgun, cybereyes, whatever), a hacker would have to access your commlink before fiddling with your peripherals. Right? How is this different from a drone that's subscribed to a rigger's commlink? Why would a hacker be able to spoof a drone without going through a rigger's commlink, but not be able to hack the cybereyes of a street sam (when the eyes are slaved to his/her commlink)? Or am I off base here?

As for hacking commlinks, judging from some of the other replies, there seems to be some debate on whether or not commlinks have multiple levels of user rights. Seeing as how commlinks are pretty much everywhere, and PCs are almost required to carry them, a little more rules clarification would have been appreciated...

Finally, as for technomancers and datatrails, I guess that means a technomancer would have to project some sort of access ID? It's just hard for me to grasp the capabilities of the technomancers...

Thanks everyone for the replies. I hope they keep on coming... wink.gif

Hacking a device like a smartlink can be done in 3 ways:

direct access: client devices (smart guns, coffee makers, drones) that do NOT have a subscription list can be hacked directly, as can host devices (i.e. comms and remote computers). clients have firewall/response ratings based on their default device type (usually 1-2).

Spoofed access: client devices with a subscription list can be accessed if you can make your comm appear to be the registered host device. This involves a matrix perception test of the host followed by use of the Spoof utility. This is the digital equivalent of putting a disguise on your Comm. The typical limitation is range; most small devices have Signal ratings of 0 or 1 with the exception of drones. The simplest thing to do is either a) replace the original host's entry in the subscription list with your Comm or b) delete the entire subscription list so anyone can access the device.

Indirect access:
You hack a comm that is either subscribed or in wireless range of the client device. Meaning if you see opposing security team of Abe, Ben, and Charlie you can hack Abe's Comm and use it as a repeater to then attack Ben & Charlie's systems. If you leave Abe's devices alone until the end he may not even realize he's the source of the attack.

Not sure I understand the technomancer question, but I would say they still leave some tracks when breaking into systems. They may not be entirely coherent tracks ("Why did the operating signature field get flagged 'Fudge Ripple'?!?") but there should still be signs of intrusion.
Dashifen
QUOTE (JustSix)
As for hacking commlinks, judging from some of the other replies, there seems to be some debate on whether or not commlinks have multiple levels of user rights. Seeing as how commlinks are pretty much everywhere, and PCs are almost required to carry them, a little more rules clarification would have been appreciated...

Finally, as for technomancers and datatrails, I guess that means a technomancer would have to project some sort of access ID? It's just hard for me to grasp the capabilities of the technomancers...

Thanks everyone for the replies. I hope they keep on coming... wink.gif

The rules for commlinks and multiple levels are completely up to you. It doesn't specify them in the rules as written, and, thus, it could vary from game to game. In my game, commlinks are considered standard electronic devices because ... well ... it's standard for people to have them and they're electronic devices. And because it makes it harder to hack them. Course, this works for and against the players because it's harder to hack other commlinks just as it's harder for me to hack theirs, but we discussed it and all agreed on it and, thus, it's the house rule.

However, I can also see the argument above that discussed the "standardness" of an electronic device in terms of its complexity, i.e. the more complex the device, the more likely that it is going to have multiple user levels. I don't personally subscribe to that style and, in fact, about the only thing that has multiple levels in my games are actual networked systems (i.e. security hosts). Any man-portable device as well as vehicles and drones are "standard" for me.

As for the technomancer question, they can't transmit any form of ID ... hell, any information ... without some form of storage unit. I've seen that storage unit be a credstick to a full commlink, but remember that technomancers have no offline storage capabilities without some form of storage device. But, to answer your question, yes, technomancers would have to transmit personal information in situations requiring it (i.e. government/corporate property) just like everyone else. In my game, the technomantic character goes so far as to have a fully functional commlink with agents and programs to try and fool people into thinking she's just a hacker and not a technomancer, but that's mostly just for style.
hobgoblin
QUOTE (kigmatzomat)
Spoofed access: client devices with a subscription list can be accessed if you can make your comm appear to be the registered host device. This involves a matrix perception test of the host followed by use of the Spoof utility. This is the digital equivalent of putting a disguise on your Comm. The typical limitation is range; most small devices have Signal ratings of 0 or 1 with the exception of drones. The simplest thing to do is either a) replace the original host's entry in the subscription list with your Comm or b) delete the entire subscription list so anyone can access the device.

is this spelled out in the RAW somwhere or just something that people seems to agree is a "legal" use of the spoof program?
Dashifen
QUOTE
Spoof Command
Use the Spoof Command action to transmit forged instructions to an agent or drone controlled by another user. In order to spoof orders, you must fi rst complete a successful Matrix Perception Test on the persona you are impersonating in order to gain its access ID. To spoof commands, you must beat the agent or drone in an Opposed Test between your Hacking + Spoof and the targetís Pilot + Firewall. If successful, the target drone or agent believes the orders came from its controlling persona.


The RAW seems to indicate that to spoof something, it needs a Pilot attribute making it a drone or an agent (or an IC program ... nothing says fun like turning a systems IC on itself). Thus, spoofing commands to a toaster, which may not have a Pilot attribute, wouldn't work, but spoofing commands to that drone that's been following you around might.
JustSix
Again, thanks for the replies... smile.gif

OK, from the rules and the excellent replies given above, let's see if my understanding has improved.

When faced with a rigger-controlled drone, a hacker/technomancer has two options:

1. Locate the rigger's commlink and scan its access ID. Using this, and the Spoof Command action, the hacker can send false commands to the drone. However, the hacker doesn't actually control the drone, and the rigger can eventually re-assert control. Question: if the rigger's signal is encrypted, will the encryption need to be broken before spoofing the drone?

2. Locate the rigger's commlink and hack inside. Once inside the rigger's PAN, the hacker has direct access to the drone and can do all sorts of nasty things to it. Question (as was mentioned by someone else): once inside a rigger's PAN, does the hacker need to subsequently hack into the drone (using the drone's stats) before they can mess with it -- or is hacking into the rigger's commlink enough?
neko128
QUOTE
Question: if the rigger's signal is encrypted, will the encryption need to be broken before spoofing the drone?


Yes. If you don't break the encryption, you won't even KNOW if you've sent a legal command or ID. nyahnyah.gif
hobgoblin
i got my copy of the book today, but im currently at a toss-up about allowing a direct hack of subscribed drones (as in hacking the drone directly, not going thru the owners comlink at all). guess i realy have to read the rules better before i state an opionion...
hobgoblin
ok, i just finished a session jumping back and forth withing the matrix2.0 chapter.

first of, i can see a way to hijack or mess with devices like smartlinks (that are not skinlinked), but it does not use the spoof program.

instead, i would allow the use of electronic warfare + sniffer to intercept the traffic and then use computer + edit to insert false lowlevel commands like drop connection, or maybe altering the smartlink data so that its -2 rather then +2 dice nyahnyah.gif

basicly i have come to the opinion that the spoof program works on a avatar to drone/agent level, not the low level traffic that a device inside a PAN acts on. as in, faking a IM message rather then editing raw USB traffic...

allso, if you want to hack a drone, i would suggest that you spoof it a command telling it to subscribe to your comlink wink.gif then you go to town. this will work as long as the owner dont spot the extra subscription, and kills it. or you can do that to him, and fully hijack the drone smokin.gif

hmm, doing that to grab a random car of the street for some sidewalk action anyone? or maybe have it crash a shop window and then do a grab and run?
kigmatzomat
QUOTE (hobgoblin @ Mar 7 2006, 04:24 PM)
i got my copy of the book today, but im currently at a toss-up about allowing a direct hack of subscribed drones (as in hacking the drone directly, not going thru the owners comlink at all). guess i realy have to read the rules better before i state an opionion...

I think the consensus is that the subscription list prevents the drone from talking to any other device so you have to use spoof just to get it to respond. This also goes for the smartlinks. And anyone with a brain sets their drones and smartlinks up with a subscription list.

The funny thing is that it may be easier to spoof than hack into a device, especially since it essentially gives you admin access to the drone.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012