I just got the 4th Ed book yesterday and I'm in the middle of reading the whole thing and learning it so that I may hopefully be able to GM a game later. One thing I know that will catch new player's eyes right away is the repeated mentioning of hacking equipment and cyberware given in examples in the Matrix 2.0 section.
From a couple of the descriptions, I got the impression that you might be able to do stuff like hack a cyberarm and make the owner draw his own gun and shoot himself in the head, or hack Wired Reflexes and send somebody into a seizure (and I frankly hope that things aren't as simple as that). So I immediately set out to discover exactly how you hack equipment (like smartlink connections) and cyberware, as well as the extent to the things you can do to them. Everything in the hacking section of the book describes stuff in broad terms, and there isn't really any specific mention of hacking gear/'ware, so I'm having a tough time figuring this out.
Right now, I think the only thing a hacker can really do to a Samurai is crash the OS of his 'ware/gear (p223), which makes it reboot for a turn or so but that's about the extent of it. I haven't found anything where a hacker can do much worse than that. Please let me know if I'm wrong.
Also, this will be of particular interest to people who like to play Street Sams in my group because they'll probably want to know how to further protect themselves from being hacked. A few precautions I can think of were listed on p224, such as having their PANs in Hidden mode. But I know a smart player might ask if he can just shut his cyberware/smartlink/other stuff off to wireless access completely and just operate all of them through old-fashioned datajacks. In cyberware's case, like wired reflexes and cyberarms, a player might argue that it's either already controlled by electrical signals from the brain, like our "real meat arms" are already, or else they should already be physically wired into our brains internally; and so they should be able to deny all wireless without any loss to functionality... does that argument have any validity?
Full Version: Hacking cyberware
see, this is why bioware is such a wonderfull thing!
part of this, is going to be what a GM says is or is not possible, regardless of what the rules imply is posible. offhand, i suspect we will see more definite rules regarding hacking cyber in the augmentation book.
part of this, is going to be what a GM says is or is not possible, regardless of what the rules imply is posible. offhand, i suspect we will see more definite rules regarding hacking cyber in the augmentation book.
The argument is valid but it really depends on the flavor of your games. However, since datajacks act as routers by default it should be possible (though extremmely difficult) for a hacker to get into any piece of cyberware via the datajack. Simply all removing the wireless connectivity would make it so that a hacker would need physical access and this is the best bet but if they slip up and leave even a single wireless device on it can be used to get to any other.
Personally, I'd say that such extreme hacking should be limited to Ultimate NPCs who can do anything they want to do just because. Just as Harley can make you eat a bullet using magic Fastjack should be able to make you eat a bullet using cyberware hacking but the standard precautions should be enough to keep anyone out.
Personally, I'd say that such extreme hacking should be limited to Ultimate NPCs who can do anything they want to do just because. Just as Harley can make you eat a bullet using magic Fastjack should be able to make you eat a bullet using cyberware hacking but the standard precautions should be enough to keep anyone out.
I don't like that about the hacking section as well. It describes stuff, but never gives a step by step guide to doing any of that stuff. So, in my games, I made some up, based on common sense. First, I assume that most heavily cyber'ed people have their 'ware slaved to their commlinks, so a hacker would have to hack into said commlink (versus that commlink's firewall and any IC/Agents running) to control said cyberware (and of course, most smart cyber'd people would keep their commlink in hidden mode during combat, if not all the time, requiring a search action of the hacker to find the commlink before hacking can begin). From there, the hacker would have access to all the controls a regular user would. But if the hacker wanted to do something outside the scope of a piece of cyberware's normal operation, like putting someone's wired reflexes on overdrive to cause a seizure, that would require an edit action versus a threshold based on how complex the desired function is.
As I said before, most of this is made up by me based on what I think makes the most sense.
As I said before, most of this is made up by me based on what I think makes the most sense.
| QUOTE (Signal) |
| So I immediately set out to discover exactly how you hack equipment (like smartlink connections) and cyberware, as well as the extent to the things you can do to them. Everything in the hacking section of the book describes stuff in broad terms, and there isn't really any specific mention of hacking gear/'ware, so I'm having a tough time figuring this out. |
My short answer would be this:
- Use Electronic Warfare + Scan to Detect the Wireless Node of the target's commlink. Alternatively, a nice GM might let you find it without a test (or with the easier, non-extended test) depending on the circumstances.
- Once located, use Hacking + Exploit to Break Into the commlink, probably using the Hacking on the Fly rules.
- Once logged into the commlink, make a Matrix Perception test to get the Access ID of the target. Note that this assumes you aren't jumped by an agent, sprite, or the target in cybercombat. If that happens, I hope you had that Attack program ready and you don't lose your surprise test
- Here's where it gets fuzzy. In order to determine the devices communicating with a commlink you must first locate them within the targets PAN, which may require any of the following depending on the GM:
- Data Search: a GM might let you find information on the devices with a quick Data Search + Browse (or Scan or Sniffer) test.
- If your GM prefers, you could do a Detect Wireless Node to find the devices within a network (this is my personal favorite for wireless PANs).
- For skinlinked PANs, I like Intercept Traffic as skinlinks make a PAN similar to a wired network rather than a wireless one.
- Or, some GMs might just let you pull up a list of the devices as a free or simple action.
| QUOTE (Signal) |
| Right now, I think the only thing a hacker can really do to a Samurai is crash the OS of his 'ware/gear (p223), which makes it reboot for a turn or so but that's about the extent of it. I haven't found anything where a hacker can do much worse than that. Please let me know if I'm wrong. |
Well, you could Edit the results of a person's Smartlink so that it provides incorrect information, negating its modifiers or, for nasty GM, perhaps even providing a negative modifier. You could, now that you have access to their PAN, send annoying spam AROs into their AR field of vision to distract them from what they're trying to do (I use visibility modifiers for this). Eye and Ear cyberware could easily be exploited using Edit actions to either add distractions or remove important information. Hell, depending on the GM, you might be able to reboot their cybereyes!! I've ruled that this still allows a person to see but all secondary cybereye effects (i.e. thermo or low-light vision, enhancements, magnification, etc.) fail to work until the cybereyes come back online, but an alternate view on the matter might mean your target is left in inky blackness until his/her eyes come back on!!
| QUOTE (Signal) |
| But I know a smart player might ask if he can just shut his cyberware/smartlink/other stuff off to wireless access completely and just operate all of them through old-fashioned datajacks. In cyberware's case, like wired reflexes and cyberarms, a player might argue that it's either already controlled by electrical signals from the brain, like our "real meat arms" are already, or else they should already be physically wired into our brains internally; and so they should be able to deny all wireless without any loss to functionality... does that argument have any validity? |
Page 304 in the Gear chapter goes over wireless connectivity of gear and how to turn it off. I've always allowed characters to buy their gear with no wireless option if they prefer. However, I tend to assume that the makers of the gear (including cyberware) make assumptions about the wireless life of 2070 -- especially for legal, common use gear. For example, the Internal Air Tank cyberware is completely legal. It also includes, for example, the wireless ability to send an ARO into the user's field of vision if it's running low on it's internal air, informing it's owner that they had better breathe normally as soon as possible. Take away that wireless information and you'd better tell me as the GM that you've routed that information to a bio-monitor or some other piece of gear. If you don't do that, I'd probably call for a Memory Test (p. 130) for your character to keep track of the time with modifiers (at least -2 for being distracted) or you might just run out of breath.
Forget what I posted, Dash's reply is much better than mine. I'm going to use his little "how to" from now on.
Oh, as the Idiot's Guide to the Matrix 2.0 gets off the ground, we'll try to do an example of this with the numbers and keeping track of the time necessary to pull this off. If you have a hacker that really wants to do this, I suggest locating the target's PAN prior to the combat beginning, or the extended tests (for #2 and possibly #4 above) mean that your friends usually shoot and kill the target before you get a chance to hack them.
Of course, they may not route their PAN through their commlink. Then you can just hack the gear itself assuming you can establish two-way communication with it somehow (either through the matrix or if you're within signal range of the gear itself).
Of course, they may not route their PAN through their commlink. Then you can just hack the gear itself assuming you can establish two-way communication with it somehow (either through the matrix or if you're within signal range of the gear itself).
Thanks Dash! I'll definately print out your post and look it over if my players ever want to try something like that, or if I decide to make a tough NPC that would try that on my players.
But the main thing I was worried about would that it would make Samurais obsolete as an archetype to play. Samurais are supposed to be the game's main killers and be very good at it. The thing I was specifically worried about was that the players might stumble across, say for example, a corporate security team with a hacker in the crew, and the hacker would instantly be able to shut down all the Samurais in the group in a turn or two with just a few key presses (or the reverse, where the players turn an encounter designed to be a good challenge into a complete joke). From the way you described things, Dash, the hacker would be busy fumbling with his own commlink for a few turns giving the wired-up Sammy plenty of time to shoot him over and over again. I don't have a problem with that and neither would my players (hopefully). Hacker's caught in that sort of situation may as well just pull their own guns and start shooting.
However, it still offers hackers a chance to be incredibly useful to a group... just as long as they have enough time to prepare and execute those actions. Since ritual sorcery has been with us for quite some time now, an action that also lets you mess with people who are completely unaware of what you're doing (but takes some time to do), this doesn't really strike me as all that much different. But now I'm curious if Sammies would have to drop some cash to buy an IC to protect their systems or something, or if their 'ware would already come with a simple program that would let them know: UNAUTHORIZED ACCESS!!!
But the main thing I was worried about would that it would make Samurais obsolete as an archetype to play. Samurais are supposed to be the game's main killers and be very good at it. The thing I was specifically worried about was that the players might stumble across, say for example, a corporate security team with a hacker in the crew, and the hacker would instantly be able to shut down all the Samurais in the group in a turn or two with just a few key presses (or the reverse, where the players turn an encounter designed to be a good challenge into a complete joke). From the way you described things, Dash, the hacker would be busy fumbling with his own commlink for a few turns giving the wired-up Sammy plenty of time to shoot him over and over again. I don't have a problem with that and neither would my players (hopefully). Hacker's caught in that sort of situation may as well just pull their own guns and start shooting.
However, it still offers hackers a chance to be incredibly useful to a group... just as long as they have enough time to prepare and execute those actions. Since ritual sorcery has been with us for quite some time now, an action that also lets you mess with people who are completely unaware of what you're doing (but takes some time to do), this doesn't really strike me as all that much different. But now I'm curious if Sammies would have to drop some cash to buy an IC to protect their systems or something, or if their 'ware would already come with a simple program that would let them know: UNAUTHORIZED ACCESS!!!
Most of the players of my games have all purchased a low level Agent that does nothing but defend the commlink in cybercombat long enough for the owner of the commlink to shut it down and bring it back online, causing the hacker to suffer dumpshock and have to re-hack it if necessary.
Alternatively, I've considered having a Commlink run the Pilot program so that it could actually make rudimentary decisions based on the actions of intruders and simply terminate the connection of the hacker or reboot, etc.
Alternatively, I've considered having a Commlink run the Pilot program so that it could actually make rudimentary decisions based on the actions of intruders and simply terminate the connection of the hacker or reboot, etc.
| QUOTE (Dashifen) |
|
I believe you also need to hack the cyberware itself; just gaining PAN access doesn't mean that you have access to every node on that network. Clipping subscriber lists means that a hacker would have to go through the commlink, but getting into the commlink does not necessarily let you order the limb around. A cyberlimb isn't a drone.
Also, I see no reason to think that hacking a limb would let you puppeteer it around. You could give it basic commands, or crash its OS, or any of a number of other things, but neuromuscular input, IMO, pretty much has to come from the brain of the attached character.
I'd let you tell it something like "increase force to maximum", though, and watch the targeted sammie crushhis own gun.
You also have to wonder what the arm's controlled by. It's probably wired to whatever nerves and muscles you have left instead of something electronic; I doubt that the comlink has anything to do with the arm's functioning.
Yeah, the wireless link (or whatever) should mainly be providing information on the limb itself, like how much battery power or whatever it has, any efficiency problems and what that might mean, any damage and so on.
But any kind of thing that lets you do diagnostics has the potential to let you do more to it, even if it's not supposed to.
But any kind of thing that lets you do diagnostics has the potential to let you do more to it, even if it's not supposed to.
| QUOTE (Azathfeld) |
| I believe you also need to hack the cyberware itself; just gaining PAN access doesn't mean that you have access to every node on that network. Clipping subscriber lists means that a hacker would have to go through the commlink, but getting into the commlink does not necessarily let you order the limb around. A cyberlimb isn't a drone. |
I disagree. If the cyberlimb has subscribed the commlink and it acts as the hub of a PAN that includes the cyberware, then you can attempt to commad the limb just as you would any other device. If you wanted to extract data from the cyberlimb (i.e. maximum grip force, to use your example) then you may need to hack the limb itself. I'd argue that the command, spoofed or otherwise, is still subject to the System + Firewall test that all devices get to do when attempting to determine if a command is legitmate. Unfortunately, basic cyberware is not listed in the sample device ratings table, but alphaware is and it's listed at 4. Thus, other cyberware probably has a device rating of 3 (or less if necessary).
| QUOTE (Azathfeld) |
| Also, I see no reason to think that hacking a limb would let you puppeteer it around. You could give it basic commands, or crash its OS, or any of a number of other things, but neuromuscular input, IMO, pretty much has to come from the brain of the attached character. I'd let you tell it something like "increase force to maximum", though, and watch the targeted sammie crushhis own gun. |
This I agree with. Many forms of bodyware, like a cyberlimb, there's a limited amount you could force it to do, since these devices are set up to take DNI input, not wireless. However, many other forms of gear and cyberware would be set up for wireless interactions and, thus, it could be exploited in some way. The extent of that exploitation is probably up to the GM.
| QUOTE (Dashifen) | ||
I disagree. If the cyberlimb has subscribed the commlink and it acts as the hub of a PAN that includes the cyberware, then you can attempt to commad the limb just as you would any other device. If you wanted to extract data from the cyberlimb (i.e. maximum grip force, to use your example) then you may need to hack the limb itself. |
A device's being subscribed to a node doesn't necessarily allow that node to command another device, just to communicate with it. Subscription is a prerequisite for commanding something, but it's not enough by itself.
You probably can command your external devices through your own commlink, but only because you have access codes to them, and they accept your access ID as a legit user. Someone who's hacked the commlink has only gained an access code for it, and not necessarily for every other device a user has. It's possible that someone has one access ID and passcode for every device that they own, but it's not a good idea. It's not the commlink that sends commands, it's the persona, which is why you need to use perceive someone's icon to gain an ID to Spoof at a drone.
In terms of real-world computing, someone could compromise a domain server machine, and even have local admin rights on it, but not be able to send commands to the computers that are part of its network. They could do all kinds of nasty things, including crashing the whole network, without necessarily being able to tell other machines in that network what to do.
unless he grabbed domain admin, at that time he can order any computer to do anything that they can potentialy do...
See, this is why I'd like good old fashioned tried and true cyberware from the 2050's.
Cyberware and wireless just don't mix.
Cyberware and wireless just don't mix.
so take your time and turn the wireless bit of. its not like they suddenly stop working because the radio transmitters are off. there is still DNI, rember?
Yeah, and why keep a wireless link active to your cyberware? Wireless connectivity allows for a few cool tricks (like firing a smartlinked gun remotely), but things like wired reflexes will probably be kept wireless by most users. And DNI is so much simpler in SR4 - it's just assumed, and doesn't cost extra Essense.
| QUOTE (Dashifen) |
| Unfortunately, basic cyberware is not listed in the sample device ratings table, but alphaware is and it's listed at 4. Thus, other cyberware probably has a device rating of 3 (or less if necessary). |
Actually, it does. Bodyware has a device rating of 1.
I was playing a hacker and was hiding in a hotel bathroom while the rest of my team was trying to repel another group of shadowrunners. Here's how we handled it:
- I didn't see any nodes on the other team. I knew there had to be one there, so I made an Electronic Warfare + Scan (4) test to find it. The one I found belonged to a big guy with a pair of cyber arms.
- I started hacking his PAN on the fly using Hacking + Exploit. I got hella lucky and didn't trigger an alert. Once I got in, I had a couple of options:
- I could try hacking into the arms and control their functions directly. This would have required seven hits: one for the Firewall and six from the fact that the arms only had admin accounts (p. 216, last paragraph under Account Privileges). My GM told me that if I had admin access, I could control a limb; hitting something with it would have required Unarmed + Command (I don't have Unarmed and I didn't have Command loaded at the time).
- I could try to spoof a command to the arms using my Hacking + Spoof vs. the arms' System + Firewall. This would have been my 12 dice vs the arms' 2. I went with this one.
- I sent a command to shutdown. It worked, and he was a lot less effective at that point.
| QUOTE (Signal @ Mar 25 2006, 02:31 AM) |
| Right now, I think the only thing a hacker can really do to a Samurai is crash the OS of his 'ware/gear (p223), which makes it reboot for a turn or so but that's about the extent of it. I haven't found anything where a hacker can do much worse than that. Please let me know if I'm wrong. |
It's a bit more, but not much:
You could do all the stuff the user could do himself, like turning wired reflexes on or of, or stuff you could do on normal nodes, like changing the perception through senseware.
Keep in mind that the user of that cyberware has hands-on-access through DNI though, and can simply disable wireless and internal routing, cutting the implant off your reach as soon as he realizes the attack.
| QUOTE (Aaron) |
| I could try to spoof a command to the arms using my Hacking + Spoof vs. the arms' System + Firewall. This would have been my 12 dice vs the arms' 2. I went with this one. |
Basically, that's only really possible if the arm runs Pilot instead of System... otherweise, you are limited to commands like the ones used with the Free Action 'Change linked Device Mode'.
what he could do (in theory) is a hacking+edit command to try and edit a sniffed package between the comlink and the device.
page 225, intercepting wireless signals.
page 225, intercepting wireless signals.
The potential for the owner to override the device is a problem but there are ways around trhat.
Its best to start subtle and go for he eyes first. Put a few AR virtual attackers in his field of vision and mess with his smartlink so that he thinks his gun is pointed in the right direction and then go for the gyuberarm while he's busy fighting imaginary people. Once into the cyberarm, have it send back false sensory data so he thinks it is still pointed in the right direction when instead the arm has turned his gun on himself. Synch the AR attackers to this so that he thinks the virtual people have hit him.
Its best to start subtle and go for he eyes first. Put a few AR virtual attackers in his field of vision and mess with his smartlink so that he thinks his gun is pointed in the right direction and then go for the gyuberarm while he's busy fighting imaginary people. Once into the cyberarm, have it send back false sensory data so he thinks it is still pointed in the right direction when instead the arm has turned his gun on himself. Synch the AR attackers to this so that he thinks the virtual people have hit him.
Yeah . . . or you could just crash the OS on his eyes and arm, and he'd be pretty well helpless.
| QUOTE (Aaron) |
| I sent a command to shutdown. It worked, and he was a lot less effective at that point. |
You know, I thought about that possibility as well. The problem is that, after you get someone's cyberarm to shut down, what's to stop them from just flipping it back on again?
| QUOTE (Azathfeld) |
| Yeah . . . or you could just crash the OS on his eyes and arm, and he'd be pretty well helpless. |
...right up until his eyes and his arm have completed the reboot. It's a good trick but you need to take care of him fast.
| QUOTE (Signal) |
| You know, I thought about that possibility as well. The problem is that, after you get someone's cyberarm to shut down, what's to stop them from just flipping it back on again? |
Nothing, except that rebooting is an Extended System + Response Test (10, 1 Combat Turn) (p. 223). So, a pool of two dice, looking to get ten hits; at best it would take five turns, on average it woud be fifteen turns. Even with the eyes, at device rating 3 it would take a minimun of two turns, with an expected five turns.
By that time, the street sam, adept, and shaman would have narfed him hardcore, had he not run away.
| QUOTE (Signal) | ||
...right up until his eyes and his arm have completed the reboot. It's a good trick but you need to take care of him fast. |
Yeah, but it's likely to work a lot better than feeding him a bunch of fake sensory input and hoping that he falls for it. With even one turn, the rest of your team should easilybe able to take down a blind, crippled sammie.
There's no good reason for a lot of cyberware control / interface processores to have a full time link to somebodies pan. Wired reflexes or cyberlimb motion controlers, for example, need never interface with a PAN to perform any of thier functions. They might have connectivity for diagnostic / maintenance purposes, but a smart designer (or user) would make those hardware dependant- IE, you'd have to physically hook up a fiber optic cable, or at least flip a switch that enabled wireless connectivity.
For items that do need / benefit from connectivity, I think thier functions would be compartmentalized. If you hacked somebodies cybereyes through thier commlink (say they had it linked so they could output what they were seeing to thier friends) then you could mess with what they were seeing, but I doubt you could cause thier circuits to overhat and burn out / fry thier brain. A smart cybereye user simply would NOT have his cybereyes on his PAN in the first place, at least not when they could avoid it; if they need to send output in most situations, they would use a camera instead.
For items that do need / benefit from connectivity, I think thier functions would be compartmentalized. If you hacked somebodies cybereyes through thier commlink (say they had it linked so they could output what they were seeing to thier friends) then you could mess with what they were seeing, but I doubt you could cause thier circuits to overhat and burn out / fry thier brain. A smart cybereye user simply would NOT have his cybereyes on his PAN in the first place, at least not when they could avoid it; if they need to send output in most situations, they would use a camera instead.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.