Full Version: On the Run
Has anyone gotten the new adventure On the Run yet? Run it? What do you think of it as an adventure?
I bought it (PDF), but haven't run it yet. My groups first two runs were being hired by one trideo/chip/entertainment company to annoy another one in the middle of a little shadow war, and that's going to come back again, but I figured it was time for a break on that story arc. But then again, On The Run deals with entertainment industry people again, so maybe I'll just integrate it in; I haven't quite decided yet.
From reading through it, it's a VERY good introductory adventure; it obsessively provides rules references and brief descriptions of doing things, which is perfect for easing new GMs and players into the rules set and changed environment. I love it to that extent. The storyline makes somewhat more sense if you're familiar with some of the older adventures, though.
From reading through it, it's a VERY good introductory adventure; it obsessively provides rules references and brief descriptions of doing things, which is perfect for easing new GMs and players into the rules set and changed environment. I love it to that extent. The storyline makes somewhat more sense if you're familiar with some of the older adventures, though.
I bought the PDF but haven't run it either. It looks fairly well written and laid out. It is a good adventure for starting characters, for anyone new to SR4 or SR in general. The references to rules and GM tips are also very useful.
Still I was disappointed that they haven't improved the layout of the published adventures. I find myself having to flip back and forth too much between the "Tell it to them Straight" and "Behind the Scenes" portions. As most things in "Tell it to them Striaght" should be read as the "intro" to the scene, other things you need to wait to tell them ("Oh wait, I wasn't supposed to read that now, forget that part guys"). However, there are still other portions of text inside the "Behind the Scenes" section that must be "told straight" to the players (scripted dialogue and such). I find this horribly inconsistent. The first section should simply contain "intro" text (if any), and all text that should be read aloud to the players should be included in the appropriate section of "Behind the Scenes". That would make it much easier to following when running the adventure from the book as things would be laid out in order of when they're supposed to happen. Maybe this is just me griping, though. Does anyone else find the layout confusing?
Still I was disappointed that they haven't improved the layout of the published adventures. I find myself having to flip back and forth too much between the "Tell it to them Straight" and "Behind the Scenes" portions. As most things in "Tell it to them Striaght" should be read as the "intro" to the scene, other things you need to wait to tell them ("Oh wait, I wasn't supposed to read that now, forget that part guys"). However, there are still other portions of text inside the "Behind the Scenes" section that must be "told straight" to the players (scripted dialogue and such). I find this horribly inconsistent. The first section should simply contain "intro" text (if any), and all text that should be read aloud to the players should be included in the appropriate section of "Behind the Scenes". That would make it much easier to following when running the adventure from the book as things would be laid out in order of when they're supposed to happen. Maybe this is just me griping, though. Does anyone else find the layout confusing?
mdynna, I've actually taken my group thrugh the first 1/4 of "On The Run" and I couldn't agree with you more about the layout. Although, the upside of having the PDF is I can copy and paste the text into a word document and change the layout to my heart's content.
I ran On the Run over the weekend and was, all in all, pretty happy with it. By happy coincidence the first adventure my friends and I ever played (and we played it over and over) was One Stage Before, so we had a fantastic nostalgia trip going for us.
The main flaw that I see in the adventure was that a huge amount of the plot could be skipped over if the runners aren't incredily curious as to the nature of the disk. In many of the Shadowrun games that my friends and I play, we play characters that are very concerned with having a reputation for professionalism. Such characters will miss a vast amount of the plot since many key encounters rely on the characters not just getting the thing and handing it over to the Johnson. I have awesome players, so they came up with some pretty good "professional" reasons to do all the digging, but it was definately a stretch.
Aside from that the adventure is very well put together, especially as an introductory adventure. Each section really focuses on an aspect of the rules, with plenty of hints for new GMs and page references for the main book. Plus, the frequent reminders as to how things look through AR really helps remind players new to SR4 how pervasive the new wireless Matrix is.
All in all I heartily recommend this adventure, especially to new groups, or any group that has questions about how things work, be they system or setting. I only wish they would have gotten this done sooner, it would have been a fantastic thing to have released at the same time as the new book. I think it would have smoothed a lot of bumps.
The main flaw that I see in the adventure was that a huge amount of the plot could be skipped over if the runners aren't incredily curious as to the nature of the disk. In many of the Shadowrun games that my friends and I play, we play characters that are very concerned with having a reputation for professionalism. Such characters will miss a vast amount of the plot since many key encounters rely on the characters not just getting the thing and handing it over to the Johnson. I have awesome players, so they came up with some pretty good "professional" reasons to do all the digging, but it was definately a stretch.
Aside from that the adventure is very well put together, especially as an introductory adventure. Each section really focuses on an aspect of the rules, with plenty of hints for new GMs and page references for the main book. Plus, the frequent reminders as to how things look through AR really helps remind players new to SR4 how pervasive the new wireless Matrix is.
All in all I heartily recommend this adventure, especially to new groups, or any group that has questions about how things work, be they system or setting. I only wish they would have gotten this done sooner, it would have been a fantastic thing to have released at the same time as the new book. I think it would have smoothed a lot of bumps.
When I used to run store-bought modules for 1st, 2nd, and 3rd ed, I'd get out a highlighter and highlight everything I wanted to state to the players out loud in yellow. If there were other parts I wanted to read to the players, but not right away (perhaps they need to do something first), I'd use orange.
I second it's a good adventure and I second the structure is illogical.
What struck me as somewhat strange is that, at least in the German version, several NPCs have skills that make no sense - several people have the "Automatics" skill while not possessing any automatic firearms (or no firearms at all!).
And Marli Bremerton's house layout makes no sense: to reach her hidden panic room she would have to use the lift to get to the ground floor (she can't use the stairs in her wheelchair) then get to the store room with the hidden lift to the cellar.
Should the runners decide to break into the house it would not be possible for Marli to reach her hidden command center - unless she's (for whatever reason) already there (the runners could easily and quickly secure the main lift).
And why hasn't Marli's niece Althea discovered the spirits her aunt communicates with even though she's a full-blown shaman while Marli only has SURGE-born astral senses?
What struck me as somewhat strange is that, at least in the German version, several NPCs have skills that make no sense - several people have the "Automatics" skill while not possessing any automatic firearms (or no firearms at all!).
And Marli Bremerton's house layout makes no sense: to reach her hidden panic room she would have to use the lift to get to the ground floor (she can't use the stairs in her wheelchair) then get to the store room with the hidden lift to the cellar.
Should the runners decide to break into the house it would not be possible for Marli to reach her hidden command center - unless she's (for whatever reason) already there (the runners could easily and quickly secure the main lift).
And why hasn't Marli's niece Althea discovered the spirits her aunt communicates with even though she's a full-blown shaman while Marli only has SURGE-born astral senses?
Good, I was starting to wonder if I was the only one annoyed by the layout (and its been that way since, at least, all of SR3 as that was when I starting buying and running published adventures). Anything that is to be read aloud to the players should be in bold and placed wherever it is needed in correspondence with the other Behind the Scenes GM notes.
WizKids people are you listening? Change your adventure layout please.
WizKids people are you listening? Change your adventure layout please.
Well, WizKids people probably aren't reading the boards, but FanPro people surely are. 
Do we have the honour of conversion with Adam Jury? If so, then I have another request:
Please, please, please release alternate character sheets. One for every main "archetype" like used to exist in SR2 and SR3 (from the Companion). The "generic" one included in the core rulebook just ends up being inadequate for everything.
Please, please, please release alternate character sheets. One for every main "archetype" like used to exist in SR2 and SR3 (from the Companion). The "generic" one included in the core rulebook just ends up being inadequate for everything.
Search the forum and you'll find links to some nice sheets.
| QUOTE (M¥$T1C) |
| What struck me as somewhat strange is that, at least in the German version, several NPCs have skills that make no sense - several people have the "Automatics" skill while not possessing any automatic firearms (or no firearms at all!). |
They have the skill but no weapon ready? Imo that's not very unlogical. I have a driving licencse and the driving skill (to speak in game terms), but don't own a car. So does that makes no sense to you?
| QUOTE (mdynna) |
| Do we have the honour of conversion with Adam Jury? If so, then I have another request: Please, please, please release alternate character sheets. One for every main "archetype" like used to exist in SR2 and SR3 (from the Companion). The "generic" one included in the core rulebook just ends up being inadequate for everything. |
From the SR4 pre-release FAQ #6:
| QUOTE |
| Q. What SR4 sourcebooks will follow the main rulebook? A. The first SR4 support product will be the Shadowrun Fourth Edition Gamemaster’s Screen (Which will include a small booklet of plot hooks, contacts, and other info for a GM). Following that will be On the Run, an introductory adventure. You will also see an SR4 Character Dossier. From there, we’ll be moving on to Runner Havens, the first core setting book. This will focus on both Seattle and Hong Kong in 2070, as centers of shadowrunning activity. It will also touch on a few other locations, and discuss how you can adopt any setting as a shadowrunner haven. Following that will be Street Magic, the advanced magic rulebook for SR4. In addition to advanced rules, it will contain source material on Awakened affairs in 2070. |
I don't know if that is still the plan, if it has been rolled into the GM Screen product, if it'll be a Web-freebie, or what. I'm kinda surprised Adam hasn't mentioned it since I seem to remember him being involved with the SR3 Character Dossier and being very happy with the whole idea and execution of it.
By the way, thanks for the review, guys. I'm an old-time SR1-3 GM, but I'm brand new to SR4 and I hope to be GMing my own group really soon. It sounds like On the Run is just the thing to ease us all into this new Edition. Thanks! 
| QUOTE (mdynna) |
| Do we have the honour of conversion with Adam Jury? If so, then I have another request: Please, please, please release alternate character sheets. One for every main "archetype" like used to exist in SR2 and SR3 (from the Companion). The "generic" one included in the core rulebook just ends up being inadequate for everything. |
You get some freelancers wandering aboot, aye. Welcome.
I'm just happy I was mentioned.
| QUOTE |
| Do we have the honour of conversion with Adam Jury? If so, then I have another request: |
For whatever honour that is.
| QUOTE |
| Please, please, please release alternate character sheets. One for every main "archetype" like used to exist in SR2 and SR3 (from the Companion). The "generic" one included in the core rulebook just ends up being inadequate for everything. |
The Character Dossier, as mentioned, is in this odd limbo-space right now.
Something, new/updated character-sheet wise, will happen, at some point, whether it's the Dossier as I want to do it or something else.
I played OtR this week. It's much better than "First run" and was much fun. However, there were two problems.
First one was the prob Waltermandias already mentioned: if the runners try to be professionals and contact Mr. Johnson as soon as they have the CD, the adventure is over. The chars have no real motivation to go on.
Second one was the CD and the "uncrackable code". First, this part is ilogical. Why should a second-class studio 20 years ago use a supoer-code unbreakable even today?
Second, it conflicts with the rules: the rule book tells me that every code is cracked in a few seconds.
Gr
Mibo
First one was the prob Waltermandias already mentioned: if the runners try to be professionals and contact Mr. Johnson as soon as they have the CD, the adventure is over. The chars have no real motivation to go on.
Second one was the CD and the "uncrackable code". First, this part is ilogical. Why should a second-class studio 20 years ago use a supoer-code unbreakable even today?
Second, it conflicts with the rules: the rule book tells me that every code is cracked in a few seconds.
Gr
Mibo
Do any GMs who've run the adventure have any suggestions on ways to pique the runners' curiosity -- without seeming too much like railroading? I've read the adventure and I know that one of my players will be warning everyone that "We're uber-professionals. Don't even *stare* too hard at that disk." Suggesting that the runners actually crack or copy the disk might make him wet himself...
| QUOTE (Mibo) |
| I played OtR this week. It's much better than "First run" and was much fun. However, there were two problems. First one was the prob Waltermandias already mentioned: if the runners try to be professionals and contact Mr. Johnson as soon as they have the CD, the adventure is over. The chars have no real motivation to go on. Second one was the CD and the "uncrackable code". First, this part is ilogical. Why should a second-class studio 20 years ago use a supoer-code unbreakable even today? Second, it conflicts with the rules: the rule book tells me that every code is cracked in a few seconds. Gr Mibo |
For the first problem, remember something (I believe this is mentioned somewhere in the adventure): This item is not a particularly high priority item for Johnson. He's looking for a lot of things of this nature, and a good majority of them have turned out to be fakes--as he suspects this one probably is. The upshot of all this is that he might not be available for a meet when the characters call him. He might not even be in town. They might get voice mail telling them to leave a message and get back to him. They might get him, saying, "Cool. You got it. I'll be in town in a few days, so we'll meet then." Basically, make it so the characters can be professionals and offer to deliver the disk right away, but Johnson isn't as anxious about it as they are. At that point, they might end up being a bit more curious.
In addition, you could also add in an extra encounter with one of the other groups looking for the disk (or even possibly Nabo's people, pissed at the hacking of the commlink, or Loomis hiring some bozos, if he's still alive).
As for the second problem--it's one of those cases where you have to suspend disbelief a bit. Kind of like how modern-day equipment can't read old floppies. Sort of like how during the Y2K scare, everybody was scrambling to hire 50- and 60-year-old programmers because the modern kids couldn't deal with the old COBOL and FORTRAN systems. Or the Navajo codetalkers. I'm not a computer science expert, but I did get some advice from a couple when I wrote the adventure, and they assured me that, while it wouldn't be easy, it would be possible to come up with an algorithm that would be extremely tough to crack, especially for systems that aren't set up to deal with it.
Don't forget, too: it's not a second-class studio that set that code. It's somebody who was very wealthy and powerful and had access to the best deckers money could buy.
1. Just make the Johnson unavailable for a while and wait. Sometimes all you need is a little silence.
2. Have one of the runners friends/contacts (maybe the ones they used for legwork) show up and ask about their results. (i.e. spur curiousity)
3. Have them roll int+log and remember some rumour or comment they cannot place about the name or the sentence on the disk. Don't add anything else and wait for the players to start digging around.
4.
I am not into railroading and prefer adapting outcomes better. In this case I think that a simple "nudge" would do.
Cheers,
Max
2. Have one of the runners friends/contacts (maybe the ones they used for legwork) show up and ask about their results. (i.e. spur curiousity)
3. Have them roll int+log and remember some rumour or comment they cannot place about the name or the sentence on the disk. Don't add anything else and wait for the players to start digging around.
4.
[ Spoiler ]
I am not into railroading and prefer adapting outcomes better. In this case I think that a simple "nudge" would do.
Cheers,
Max
| QUOTE (Mibo) |
| First one was the prob Waltermandias already mentioned: if the runners try to be professionals and contact Mr. Johnson as soon as they have the CD, the adventure is over. The chars have no real motivation to go on. |
Have the guy selling the disk spill his whole story. Remember, he got it from his Dad but the Mr. J said it was "stolen". Now some "uber-professional" PCs might just say, "Mr. J lied, happens all the time." But others might get a little curious about this significant inconsistency.
| QUOTE (winterhawk11) |
| I'm not a computer science expert, but I did get some advice from a couple when I wrote the adventure, and they assured me that, while it wouldn't be easy, it would be possible to come up with an algorithm that would be extremely tough to crack, especially for systems that aren't set up to deal with it. |
There's one code which mathematically provable to be unbreakable, called a one-time pad.
[lecture-mode]
Encryption is, at its simplest level, replacing data with other data that is not itself readable or meaningful, but which can be converted back to the original data through decryption algorithm.
One very simple encryption scheme is to take the binary data, and XOR it with a second binary string. So, for example, the binary representation of the ASCII string "Hello" is;
0100100001100101011011000110110001101111
Lets say we have our key be 11011011. So first, we duplicate the key to equal the length of the string:
1101101111011011110110111101101111011011
And then, we XOR the string against the key:
0100100001100101011011000110110001101111
1101101111011011110110111101101111011011
=
1001101110111110101101111011011110110100
So that would be the encrypted message we send. Then, at the other end, what you do is you take the key, XOR it against the encrypted message, and the original message returns. Sounds great, right?
The problem with this particular algorithm are numerous. Probably the most severe, though, is that - given a long enough message, or enough short messages - you can actually perform a mathematical analysis against the encrypted strings which you can use to derive the key, and then - of course - you can unencrypt the messages. In fact, if the message is significantly longer than the length of the key (such that the key repeats numerous times), you can do it from a single message.
This is where a one-time pad comes in. What you do is you provide a set of pads to both people (or a large number of files, or binders, or whatever). When you send the message, you also send an identification string ("Pad 0154213") that they can use to find the correct key. Once you use a key, you tear the pad off and chuck it. Under two assumptions (a key is NEVER re-used, and the key is at least as long as the message itself), the code is unbreakable.
Why is it unbreakable? Because the characters are indistinct; you can say "Okay, this message is X bites long, so it's X characters", but - with the key at least as long as the message, and the key never re-used - there's no way to tell what string it is. It's equally likely to be ANY string of that length. And in fact, the easy answer to THAT one is to always "round up" - increase the message length with random characters so that you can't analyze the actual length of the message to make a guess at content.
So at that point, the only point of failure are the two ends; if someone can gain access to the pre- or post-encrypted message at either end, or can get a copy of the key used to encrypt it, they get the message... But that's true of ANY encryption scheme, and this one isn't even vulnerable to brute-force decryption attacks like modern public-key encryption is.
The US government has used this technique for a long time. In fact, the way they generate (or at least used to; I don't know if they still do it this way) one-time pads is by having a radiation detector on the roof of a building. It generates a stream of 1s and 0s by measuring the density of cosmic rays hitting it at any given point, which is completely random and thus impossible to replicate somewhere else.
Okay, I'm done.
[/lecture-mode]
I think the point being raised is now: why can't I implement this with my Commlink to make it unbreakable?
As soon as you introduce the idea of an "unbreakable" code into the game world you have to answer why every corp or paranoid Shadowrunner hasn't implemented it yet.
As soon as you introduce the idea of an "unbreakable" code into the game world you have to answer why every corp or paranoid Shadowrunner hasn't implemented it yet.
I ran it this past weekend. Ran into a few plot-bending problems. Warning! Spoilers!
#1. The characters did not intimidate, harass or attack Zipper. They simply sent her an e-mail, posing as potential buyers. She met them personally, because they gave a return address, unlike all the 'anonymous' emails she'd previously received. The team paid her off, and she gave up Loomis.
#2. Because they went through Zipper the way they did, their arrival at the Coda was not perceived as a threat. Loomis actually met with them and considered their offers. I had to improvise his demands for the disk - there were no guidelines given for what he was asking - the script assumed the characters would just try to take the disk, even though Mr Johnson mentioned that he would be willing to pay for it. The team gave Mr. Johnson a figure (1/2 mil!), but Mr. J. balked and stalled for time. While the team waited for his response, Tarkasian's team attacked. The combat in this scene took place mostly in and directly behind the Coda, not in the junkyard. Loomis did almost manage to escape into the junkyard...
#3. The team cut a deal with Loomis - they brokered a deal with Mr Johnson to buy the disk outright for $140K (after much bargaining), which Loomis would split 50/50 with the team. The team also got Mr. J's payment, and the bonus for not sharing the data with anyone else. Mr J. never knew about the team's deal with Loomis.
We also ran into the non-curious/professional runners problem with this run. But I gave the team extra karma for thinking outside the box, so all was good. All in all, a fairly satisfying adventure.
And now to go retool 'One Stage Before', 'Dark Angel', and 'Total Eclipse'!
#1. The characters did not intimidate, harass or attack Zipper. They simply sent her an e-mail, posing as potential buyers. She met them personally, because they gave a return address, unlike all the 'anonymous' emails she'd previously received. The team paid her off, and she gave up Loomis.
#2. Because they went through Zipper the way they did, their arrival at the Coda was not perceived as a threat. Loomis actually met with them and considered their offers. I had to improvise his demands for the disk - there were no guidelines given for what he was asking - the script assumed the characters would just try to take the disk, even though Mr Johnson mentioned that he would be willing to pay for it. The team gave Mr. Johnson a figure (1/2 mil!), but Mr. J. balked and stalled for time. While the team waited for his response, Tarkasian's team attacked. The combat in this scene took place mostly in and directly behind the Coda, not in the junkyard. Loomis did almost manage to escape into the junkyard...
#3. The team cut a deal with Loomis - they brokered a deal with Mr Johnson to buy the disk outright for $140K (after much bargaining), which Loomis would split 50/50 with the team. The team also got Mr. J's payment, and the bonus for not sharing the data with anyone else. Mr J. never knew about the team's deal with Loomis.
We also ran into the non-curious/professional runners problem with this run. But I gave the team extra karma for thinking outside the box, so all was good. All in all, a fairly satisfying adventure.
And now to go retool 'One Stage Before', 'Dark Angel', and 'Total Eclipse'!
| QUOTE (mdynna) |
| I think the point being raised is now: why can't I implement this with my Commlink to make it unbreakable? As soon as you introduce the idea of an "unbreakable" code into the game world you have to answer why every corp or paranoid Shadowrunner hasn't implemented it yet. |
Because it's limited to relatively short messages. The longer your message, the more likely that a pattern will emerge, and your encryption can be cracked. You'd have to generate an insanely long string to encrypt even short files; one-time pads are best used for quick messages in shorthand.
And there is an "unbreakable" code in the books. The hash power of fault sprites. Which does lead to the question you're posing-- why hasn't every corporation invested in otaku as heavily as they have in mages? *Especially* with this sort of security availiable?
Because, Techno's are an urban myth...
a fact missing from the book I know, but hey, someone from the freelancers mentioned this a while back. Synner I think.
a fact missing from the book I know, but hey, someone from the freelancers mentioned this a while back. Synner I think.
And, if I remember correctly, the encryption lasts only as long as the sprite, so if it's not registered, the the encryption is temporary. Plus, if the sprite is derezzed in cybercombat, then the file is irreparably destroyed. One problem with data is that if it's important enough to encrypt, it's also usually necessary to be able to decrypt it someday and use that information.
Oh, come on. Ultraviolet nodes are a myth as well, and plenty of corps invest in those. So are Deltaware clinics. And AI's. The fact that immortal elves are myths didn't stop Renraku from working with one. Corps will follow any myth, if it stands a chance of paying off.
The new otaku are gone over in detail in System Failure, and the corps have *got* to have eyes on the data havens. There's absolutely no reason why the megas wouldn't be intensely researching otaku abilities.
The new otaku are gone over in detail in System Failure, and the corps have *got* to have eyes on the data havens. There's absolutely no reason why the megas wouldn't be intensely researching otaku abilities.
| QUOTE |
| And, if I remember correctly, the encryption lasts only as long as the sprite, so if it's not registered, the the encryption is temporary. Plus, if the sprite is derezzed in cybercombat, then the file is irreparably destroyed. One problem with data is that if it's important enough to encrypt, it's also usually necessary to be able to decrypt it someday and use that information. |
So register the sprite. No big deal. Corps use bound spirits on patrol all the time. And what you're describing can be as much of an advantage as a disadvantage-- if the file is forcibly taken, the competition can't use it against you. You might not want to do it on every sensitive file, but the really damaging ones are good candidates, and those are the ones shadowrunners would be most interested in. In the meanwhile, you can have the sprite hash/unhash the file as necessary. If it's a mid/low-force sprite, you can easily have it reregistered, and get a massive number of services out of it.
What's more, sprites don't count against the program limits of a node. A sprite can always run away, and let the Black Ice deal with the intruders. You reduce your risk of permanently losing your file, and in the meanwhile, you get unbreakable encryption on it, all for the price of hiring one otaku. Seems like quite a bargain for a security-conscious corp, wouldn't you say?
| QUOTE (Cain) |
| The new otaku are gone over in detail in System Failure, and the corps have *got* to have eyes on the data havens. There's absolutely no reason why the megas wouldn't be intensely researching otaku abilities. |
I am actually thinking of running a campaign about this topic, inspired by the one remark that technomancers aren't common knowledge, yet.
One-time-pad-encryption is not decryptable, that is a proven mathematical fact (i think), under the assumption that you can get really random numbers (and it cannot be proven, that something is really random
).
I think someone already had that idea.
The first big plot book is called Emergance and will apparently have perception altering ramifications for the matrix...
I just wonder what will emerge.
The first big plot book is called Emergance and will apparently have perception altering ramifications for the matrix...
I just wonder what will emerge.
| QUOTE (Cain) | ||
Because it's limited to relatively short messages. The longer your message, the more likely that a pattern will emerge, and your encryption can be cracked. You'd have to generate an insanely long string to encrypt even short files; one-time pads are best used for quick messages in shorthand. And there is an "unbreakable" code in the books. The hash power of fault sprites. Which does lead to the question you're posing-- why hasn't every corporation invested in otaku as heavily as they have in mages? *Especially* with this sort of security availiable? |
Actually, that's not true; you're not limited to short messages, you're limited to messages no larger than your key. However, if you have a message larger than your key, you can use more than one key to encrypt it in pieces, and have it reassembled at the far end.
If you want to encrypt a file on a commlink unbreakably, you CAN do this; the problem becomes, where do you store the encryption key? Without said key, it can't be unencrypted. This explains perfectly why the disk is not decryptable; it's an unbreakable cypher whose key they don't have.
You can't use this for network traffic, because every recipient and transmitter to use this would have to have an extensive library of unique keys, known to the other end of the transmission, and used in the correct order at the correct time. This isn't possible.
| QUOTE |
| Actually, that's not true; you're not limited to short messages, you're limited to messages no larger than your key. However, if you have a message larger than your key, you can use more than one key to encrypt it in pieces, and have it reassembled at the far end. |
True, but as Butterblume pointed out, that assumes that your pad was drawn up in a perfectly random method. The longer your key is, the more likely it is that patterns will crop up, allowing your pad to be broken. So, the shorter, the better.
Not if you use the aforementioned cosmic radiation method. The key doesn't have to be someting rememberable, or even intelligible.
As Butterblume also pointed out, it's impossible to prove that anything's perfectly random. Even that method has flaws, and can sometimes produce patterns that can be cracked. It's a lot more secure than most, I'll grant, but you're still running a greater risk with a longer key.
| QUOTE (James McMurray) |
| Not if you use the aforementioned cosmic radiation method. The key doesn't have to be someting rememberable, or even intelligible. |
There's no basis for the assumption that cosmic background radiation levels in a particular spot are actually random, rather than pseudo-random. Granted, they're not generated by people, and thus not likely to display human patterns, but natural phenomena generally do have a detectable pattern to them.
Computers are able to produce psuedo-random numbers that are random enough today.
The tricky thing is of course while it is impossible to break a message if you use a one-time pad once, if you make the mistake of reusing a one-time pad it becomes trivial to break.
The tricky thing is of course while it is impossible to break a message if you use a one-time pad once, if you make the mistake of reusing a one-time pad it becomes trivial to break.
With enough computing power anything can be decrypted by brute force, even a one time pad. One just has to keep trying keys untill you get a message that makes sense.
The difference is that the one time pad requres significantly more computing power because the decrypting program must be able to determine if a result makes sense or not.
Presuming that the message itself is writen in a known language and follows standard syntax rules an AI could brute force it. It isn't foolproof. With countless trillions of possibile keys it is possible for an incorrect key to produce a grammerically and contextually correct sentence.
Pseudo-random numbers produced by computers aren't random at all, however. The algorythims ar eentirely deterministic and thus it is possible to know exactly which number will be chosen in what order with enough information.
The difference is that the one time pad requres significantly more computing power because the decrypting program must be able to determine if a result makes sense or not.
Presuming that the message itself is writen in a known language and follows standard syntax rules an AI could brute force it. It isn't foolproof. With countless trillions of possibile keys it is possible for an incorrect key to produce a grammerically and contextually correct sentence.
Pseudo-random numbers produced by computers aren't random at all, however. The algorythims ar eentirely deterministic and thus it is possible to know exactly which number will be chosen in what order with enough information.
No, the AI could brute force out a message of the right length that makes sense. There's absolutely no way to ensure that the message you banged on keys to get is the actual message.
XX YY ZZZ2 means "Go Up Yes." Your code breaker is just as likely to stop at "Is it bad?" because it makes sense, and will probably bypass go up yes altogether.
That brings up another method of encryption: vague words and slang. A message encrypted to mean "chill it out." will mean totally difference things to a Springer guest and a chemist.
XX YY ZZZ2 means "Go Up Yes." Your code breaker is just as likely to stop at "Is it bad?" because it makes sense, and will probably bypass go up yes altogether.
That brings up another method of encryption: vague words and slang. A message encrypted to mean "chill it out." will mean totally difference things to a Springer guest and a chemist.
Or you could do what a bunch of the orignial 3133+15+5 (eleetists) were actually trying to accomplish when l33t got invented, and use a total hash of characters that actually means something to the person on the recieving end. Or do what people did in CP2020, and "invent" a language (and pass out chips for it to the people you want to be able to speak it) that consists of real words assigned cosmic-radiation-randomized meanings ("Fish table or yuck!" translates to "I don't want that!"). Or you could nest cyphers within cyphers... it's not like we don't have enough computing power on hand to run a simple message through 20-30 cyphers instead of just one. Or you could send a digital waveform of someone speaking the message, rather than just the characters... we've got the storage space and the processor power to make one-time pads large enough to allow this.
The point here is not to make an unbreakable code. The point is to make one that's such a pain in the ass to decode (even for a dedicated SR4 AI with way too much time on it's hands), and takes so damn LONG to decode that nobody tries, or at least they don't succeed until years after it's too late.
Or you could just run Decrypt on it
The point here is not to make an unbreakable code. The point is to make one that's such a pain in the ass to decode (even for a dedicated SR4 AI with way too much time on it's hands), and takes so damn LONG to decode that nobody tries, or at least they don't succeed until years after it's too late.
Or you could just run Decrypt on it
| QUOTE (Ranneko) |
| Computers are able to produce psuedo-random numbers that are random enough today. |
If you mean software-based random number generators, then no, they haven't managed to create an RNG that will create an unbreakable code.
Computers have produced "random enough" numbers for things like one-time pads by being hooked up to some sort of theoretically random analog number method, like the aforementioned radiation detector, or Random.org's atmospheric noise system, but there's no mathematical proof that these things are actually random, and that programs 70 years from now won't be able to crack them. It's just that no one's cracked one yet--that we know of.
We know 2070 isn't that time, because apparently On The Run has an unbreakable code in it.
| QUOTE |
| That brings up another method of encryption: vague words and slang. A message encrypted to mean "chill it out." will mean totally difference things to a Springer guest and a chemist. |
That's not encryption, that's encoding. And it only works for relatively simple messages. You can send a message that means: "Start overly complicated plan X"; but you can't actually describe what plan X is using this sort of code. You certainly can't send out a set of detailed schematics for the latest tech-toy that way.
| QUOTE |
| Or you could do what a bunch of the orignial 3133+15+5 (eleetists) were actually trying to accomplish when l33t got invented, and use a total hash of characters that actually means something to the person on the recieving end. Or do what people did in CP2020, and "invent" a language (and pass out chips for it to the people you want to be able to speak it) that consists of real words assigned cosmic-radiation-randomized meanings ("Fish table or yuck!" translates to "I don't want that!"). |
Unfortunately, that's way too easy to crack, if you manage to get a hold of the chip/someone who understands l33t. If you get ahold of a one time pad key, it only works for that one message. If you get ahold of a translator for your language tricks, you've lost your entire code. (This was a premise in the movie Windtalkers-- the Navajo was to be killed instead of letting him fall into enemy hands for this very reason.)
| QUOTE (Ophis) |
| Because, Techno's are an urban myth... ink. |
In the text at the start of one of the sections, a guy is talking about the reason he became a shadowrunner. Had to do with the corp he and his wife worked for finding out she might have technomancer potential, trying to realize that potential, and horribly killing her in the process, I think.
So, yeah, they're working on it.
| QUOTE (Cain) |
| And there is an "unbreakable" code in the books. The hash power of fault sprites. Which does lead to the question you're posing-- why hasn't every corporation invested in otaku as heavily as they have in mages? *Especially* with this sort of security availiable? |
Find an Otaku or Technomancer who'd be willing to work for a corp is more likely harder than actually tracking one down...
It would be like asking an atheist to work in the catholic church.
I'm wondering how they're supposed to be making 'new'technomancers, since the existing ones were all people that were in the system during the crash. A bit different from Otaku. I also don't see how the otaku are supposed to automatically become technomancers when they 'grow up'. Hopefully this will all be explained in Unwired. Unless I simply missed something in SR4 or SF that covers that.
Once you have your random numbers (for your OTP generated) you run statistical tools on them and look for patterns (in case somethnig went wrong with your random number generator). If you find patterns in the OTP, you throw it away and use the next one (or get a new entropy source). However, random numbers based on radioactive deacy do appear to be completely random, you just have to make sure that your data dosen't randomly have patterns in it.
Of course, the failures of encryption are almost never due to actual breaks in the cypher text, but instead some failure of the human elements involved. In general, much 'cheaper' encryption is also esentally unbreakable, so OTP are hardly used for anything.
Of course in SR, all non-OTP encryption seems to be trivially breakable, so your only option is to go with the expensive and tedious OTP.
In general there are three 'strengths' of encryption that anyone will want to use:
Tactical/short term:
decryption time: hours/days where the decryption of the information is only useful for a very shotr amount of time. For example, if the team's tactical radios can becrypted only after 4 hours of work, then the fact that 4 hours ago, you said 'shoot the guy on the left' may not be that helpful. Notice that the team must practice comm discipline, and not discuss anything of 'in the open' or of significance:
Example of good como use:
Infil team to fire support team: "Egressing via route bravo, we will rejoin you at rally point Silver"
So, notice that things that might have some long term significance, such as the route the team will be using, and where the rally point is are 'encrypted' with 'idiot code', and thus are unavailable to someone breaking the comms encryption.
Long Term:
This is the stuff that you deal with on a day to day basis, it might be harmful if revealed, even after everyone involved is dead. You'll want the decryption times to be in the hundreds of years (remember to future proof your encrpytion schemes).
For all time:
This is the stuff that can never get out. It's what you use OTP for.
Of course, the failures of encryption are almost never due to actual breaks in the cypher text, but instead some failure of the human elements involved. In general, much 'cheaper' encryption is also esentally unbreakable, so OTP are hardly used for anything.
Of course in SR, all non-OTP encryption seems to be trivially breakable, so your only option is to go with the expensive and tedious OTP.
In general there are three 'strengths' of encryption that anyone will want to use:
Tactical/short term:
decryption time: hours/days where the decryption of the information is only useful for a very shotr amount of time. For example, if the team's tactical radios can becrypted only after 4 hours of work, then the fact that 4 hours ago, you said 'shoot the guy on the left' may not be that helpful. Notice that the team must practice comm discipline, and not discuss anything of 'in the open' or of significance:
Example of good como use:
Infil team to fire support team: "Egressing via route bravo, we will rejoin you at rally point Silver"
So, notice that things that might have some long term significance, such as the route the team will be using, and where the rally point is are 'encrypted' with 'idiot code', and thus are unavailable to someone breaking the comms encryption.
Long Term:
This is the stuff that you deal with on a day to day basis, it might be harmful if revealed, even after everyone involved is dead. You'll want the decryption times to be in the hundreds of years (remember to future proof your encrpytion schemes).
For all time:
This is the stuff that can never get out. It's what you use OTP for.
Getting back to On the Run... here's a thought I had. Why can't the PC's totally decrypt the message? What would be so terrible about it? They'd try and sell it? The adventure already makes provisions for what would happen to the PC's should they attempt that. Otherwise, its just for their "private listening". I'm thinking this to avoid the whole mess of the "unbreakable code".
| QUOTE (Azathfeld) | ||
There's no basis for the assumption that cosmic background radiation levels in a particular spot are actually random, rather than pseudo-random. Granted, they're not generated by people, and thus not likely to display human patterns, but natural phenomena generally do have a detectable pattern to them. |
You can make the argument that NOTHING'S random, because - in theory, with enough information on the quantum level - you can predict everything. In actuality, that's not possible; there's no way to measure the quantum interactions of most things. There are a large class of things (radioactive decay and cosmic radiation, for example) that are EXTREMELY predictable over the long term (half-life, and cosmic radiation density, for example) but are - without perfect information on the quantum makeup of the source - completely impossible to predict on the short term... And that's why they're useful.
The cosmic-radiation method DOES show patterns - it tends to generate perfect 50/50 behavior... Over extremely large samples. On small samples, it shows all the normal characteristics of a random distribution with no pattern detectable... Because it's generated by unpredictable natural behavior.
| QUOTE (James McMurray) |
| No, the AI could brute force out a message of the right length that makes sense. There's absolutely no way to ensure that the message you banged on keys to get is the actual message. XX YY ZZZ2 means "Go Up Yes." Your code breaker is just as likely to stop at "Is it bad?" because it makes sense, and will probably bypass go up yes altogether. That brings up another method of encryption: vague words and slang. A message encrypted to mean "chill it out." will mean totally difference things to a Springer guest and a chemist. |
Exactly; this is the beauty of a one-time pad. It's trivial to create a decrypted message, and provably impossible to prove it's the correct message without information that makes decryption pointless.
And even if hyzmarca's argument weren't wrong, it's still based on the un-safe assumption that the underlying message contains words available in the dictionary, formed in a gramatically correct way.
| QUOTE (Crusher Bob) |
| Once you have your random numbers (for your OTP generated) you run statistical tools on them and look for patterns (in case somethnig went wrong with your random number generator). If you find patterns in the OTP, you throw it away and use the next one (or get a new entropy source). However, random numbers based on radioactive deacy do appear to be completely random, you just have to make sure that your data dosen't randomly have patterns in it. |
No, this is exactly the wrong thing to do. If you're generating random numbers, you should NEVER profile them like this. Random number streams will regularly have "false patterns"; periods where it appears to be having non-random behavior, but those periods are meaningless over the long term.
By doing what you're suggesting here, you're CREATING a pattern, and opening it up to mathematical analysis based on the pattern your creating. If your source of numbers is sound in the first place, this is significantly worse than useless; and if your source isn't sound, this won't help.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.