Skill wires rort.
Skill wires for a hacker
It has been previously demonstrated that a hacker at char gen can be truly 133t. Capable of hacking into almost any host. Some tricks of arcetecture can beat him but only on very high security systems.
In game, after saving enough money a hacker could without real difficulty obtain skill wires 4, especially if he dose so legally using a sin (real or fake). After doing so a well built hacker could easily hack into an online store that sells skill wires, insert a purchase order for the full inventory, immediately receive the electronic transfer of the programs, remove the purchase order from the system, remove the record of delivery, double check to ensure there are no other logs and leave no evidence that he was ever there. Instant shill wire based combat hacker (assuming stats where reasonable to start with). If he makes a mistake he is naturally in a moving vehicle and using a suitably anonymous COM link and capable of trying again with another provider of that service.
Is this possible? Is this reasonable? What can a GM do to make this not be the complete rort that it appears to be?
Full Version: Skill wires rort.
He can simply explain to his players that words like "rort" don't exist and then move on with his game. 
Just put lots of high-rating Black IC on the node. Those softs are worth several thousand 
apeice, they'd be insane if they didn't put lots of security on the node.
apeice, they'd be insane if they didn't put lots of security on the node.
In a world where hackers fall out of trees and it takes specific architectural tricks to combat them, those tricks are probably fairly common.
No amount of ice will protect it from a hacker with skill 6 exploit specialisation, prog 5, running hot sim and hacking in slowly, assuming system rating 5 (the highest that is reasonable, although its not much harder on a system 6) there is a very low chance intrusion will be detected gaining admin access, if it is the hacker can try again on one of the many other nodes offering the same service, never having bothered to engage the ice.
Being a node that is involved in high speed eCommerce the architectural tricks to defend against these types of incursions are inappropriate.
Edward
Being a node that is involved in high speed eCommerce the architectural tricks to defend against these types of incursions are inappropriate.
Edward
Then eCommerce will possibly collapse as a viable purchasing capability. You don't sell stuff by dropping it on the street corner and walking away with the hopes that someone will pay for it instead of just picking it up and walking away.
Yes, IC is effective. Remember Teamwork tests. When you have 20 Rating 6 IC Programs actively looking for unautorized users, anyone who gets in is going to be spotted (The lead one will be rolling, on average, 84 dice). He is then going to die.
actually, when you have 20 rating 6 IC programs on the node, the node will go down to response 1 and so will all that IC.
perhaps you should instead consider the possibility of patrolling security hackers, each with agents on patrol as well.
perhaps you should instead consider the possibility of patrolling security hackers, each with agents on patrol as well.
Plus IC can't use teamwork tests, only characters.
In the Sixth World Wiki it describes "Hacker House", a cool Matrix locale where you can apparently buy just about any program you desire, but they don't have any full programs on the server. You buy it and then pick up a datachip that someone drops off for you.
It seems that any secure server won't be accessible via the Matrix. If something valuable like skillsofts, purchase orders or bank information is stored on it, it likely doesn't even have a wireless connection, just a physical one that is physically plugged in as needed, that's an easy way to get around any hacker, no matter how badass he is.
It seems that any secure server won't be accessible via the Matrix. If something valuable like skillsofts, purchase orders or bank information is stored on it, it likely doesn't even have a wireless connection, just a physical one that is physically plugged in as needed, that's an easy way to get around any hacker, no matter how badass he is.
whoops
My questions are:
1) Why would a hacker bother with Skillwires? A properly built leet hacker isn't going to have the strength or body to deal with little more than the technical Skillwire sets. Good for driving and drone rigging I suppose.
2) How do you think that downloading that much data is going to be instantaneous when the online node as to a) validate the purchase b) confirm billing information and c) transfer the data, that much information isn't instantaneous. (most likely via chip delivery unless you're a AA+ corporation)
3) What makes you think that the node is going to have a low level firewall?
4) Even you're omni-potent Exploit 6 isn't infallable against a store with high a high level firewall.. particularly the purchasing server.
Then there's always a chance to glitch or critical glitch your hacking test, and no amount of Exploit is going to save your meat from BlackIC.
and last of all
5) Hope you're hacker has a lotta cash, cause what you want ain't cheap chummer.
1) Why would a hacker bother with Skillwires? A properly built leet hacker isn't going to have the strength or body to deal with little more than the technical Skillwire sets. Good for driving and drone rigging I suppose.
2) How do you think that downloading that much data is going to be instantaneous when the online node as to a) validate the purchase b) confirm billing information and c) transfer the data, that much information isn't instantaneous. (most likely via chip delivery unless you're a AA+ corporation)
3) What makes you think that the node is going to have a low level firewall?
4) Even you're omni-potent Exploit 6 isn't infallable against a store with high a high level firewall.. particularly the purchasing server.
Then there's always a chance to glitch or critical glitch your hacking test, and no amount of Exploit is going to save your meat from BlackIC.
and last of all
5) Hope you're hacker has a lotta cash, cause what you want ain't cheap chummer.
| QUOTE (Edward) |
| Skill wires rort. Skill wires for a hacker It has been previously demonstrated that a hacker at char gen can be truly 133t. Capable of hacking into almost any host. Some tricks of arcetecture can beat him but only on very high security systems. In game, after saving enough money a hacker could without real difficulty obtain skill wires 4, especially if he dose so legally using a sin (real or fake). After doing so a well built hacker could easily hack into an online store that sells skill wires, insert a purchase order for the full inventory, immediately receive the electronic transfer of the programs, remove the purchase order from the system, remove the record of delivery, double check to ensure there are no other logs and leave no evidence that he was ever there. Instant shill wire based combat hacker (assuming stats where reasonable to start with). If he makes a mistake he is naturally in a moving vehicle and using a suitably anonymous COM link and capable of trying again with another provider of that service. Is this possible? Is this reasonable? What can a GM do to make this not be the complete rort that it appears to be? |
Color me a newb, but what's "rort" mean?
i just looked on google... aparently its australian, and means to take 'unfair advantage of a public service'.
wouldn't a better trick be to hack some wage slave's comlink, drive the poor SOB into heavy debt ordering your Skips, then move them from his comlink to your own.
| QUOTE (yesman) |
| wouldn't a better trick be to hack some wage slave's comlink, drive the poor SOB into heavy debt ordering your Skips, then move them from his comlink to your own. |
That would probably be easier since all you do is hack the commlink, crack the encryption on the SIN information and then gain access everything there is to know…except the passwords.
IF you are lucky then you have an average joe with saved passwords on his commlink but most likely there’s a limit on how much you can buy on pure wireless without a physical identification and an acceptance of the transaction.
Still, it might be possible – it’s just a matter of finding that wireless commlink with a crappy security and saved passwords on it…and considering how many people today has crap security on their wireless networks…
Yeah the 6+ Firewall rating to hack into the encrypted portion of the commlink that holds the SIN and bank PINs is waaaay easier than making a purchase with a fake SIN....
I don't think so.
I don't think so.
| QUOTE (Dranem) |
| Yeah the 6+ Firewall rating to hack into the encrypted portion of the commlink that holds the SIN and bank PINs is waaaay easier than making a purchase with a fake SIN.... I don't think so. |
The ”easy” part is that you use Average Joe’s bank account so it won’t cost you anything. Even if you got a fake SIN you would still need money.
| QUOTE (Dranem) |
| Yeah the 6+ Firewall rating to hack into the encrypted portion of the commlink that holds the SIN and bank PINs is waaaay easier than making a purchase with a fake SIN.... I don't think so. |
The usual protection on average joes commlink is usually a rating 3 Firewall and Response 3. The encrypted information seems to be stored in a part of the commlink independent of the response rating of the commlink since all encryption regarding SIN’s is at a rating 5. This means that hacking the commlink would be a low threshold of 6.
After the commlink has been hacked (let’s assume Admin access) we decrypt (if needed unless we find the passwords) with a threshold of 10 (encryption X2).
This would probably be a valid tactic for smaller purchases since one could transfer cash from their accounts instantly over to a certified credstick and then spoof the traffic.
Just how many dice are you rolling that you don't even hesitate in saying that gaining 6-10 successes on a roll is a cake walk? Either that, or you're not reading threshold rules properly.
| QUOTE (Dranem) |
| Just how many dice are you rolling that you don't even hesitate in saying that gaining 6-10 successes on a roll is a cake walk? Either that, or you're not reading threshold rules properly. |
Oh, I never said it was a cakewalk. Hacking an average joes commlink for a shadowrunner hacker (skill 6 Program 5) specialization (exploit +2) would roll 13-15 dice if doing full VR WOULD be a cakewalk. The encryption would be a bit harder.
Hacking Commlink of Average Joe
Hacker would roll an extended test against Firewall+Analyze (IF the program is loaded) and those would mostly be 3 so the threshold is 6. Hacker rolls 15D6. Target commlink may do 1 test against the Stealth program of the hacker (Treshold 5 with 6D6).
Cracking Encryption
Now, every combat turn said hacker might do a decrypt (without a key) at a threshold of say 10. He rolls Hacking+Decrypt (6+5) once every combat turn until success. If the commlink has IC, Agents or even a user present using Analyze programs they can find you by rolling against your Stealth programs. If they have no user online or no program running they MIGHT be found out if they glitch the test (gamemasters discretion)
I would think that every company of level A or higher would exploy a Technomancer of some skill. Said technomancer, who is being hired to pwn any hackers who come along, would most likely bring sprites, and have spirtes encypt all the most valuable information as only sprites can. I don't care how high your skills are, when you have aa team of high level sprites patrolling, chances are you will be found and killed. cause lets face it, it takes a real nova hacker to take down a fault sprite at level 6 or higher.
Technomancers are not that common.
| QUOTE (Divine Virus) |
| I would think that every company of level A or higher would exploy a Technomancer of some skill. Said technomancer, who is being hired to pwn any hackers who come along, would most likely bring sprites, and have spirtes encypt all the most valuable information as only sprites can. I don't care how high your skills are, when you have aa team of high level sprites patrolling, chances are you will be found and killed. cause lets face it, it takes a real nova hacker to take down a fault sprite at level 6 or higher. |
Now, remember. I’m talking about hacking the “average joe” on the street. In the case of corporations that the runners are infiltrating it’s up for the GM to crank up the defenses. ^__^
| QUOTE (Grinder) |
| Technomancers are not that common. |
True, but that just makes them in higher demand
Maybe, maybe
But think of it like the old shamans vs. hermetics: the former are not often employed doing security for corps, even though they have game-wise the same stats and abilites like hermetics. But they're said to be too strange to fit into corp culture and not reliable enough. Same can go for technomancers, imo.
But think of it like the old shamans vs. hermetics: the former are not often employed doing security for corps, even though they have game-wise the same stats and abilites like hermetics. But they're said to be too strange to fit into corp culture and not reliable enough. Same can go for technomancers, imo.
| QUOTE (Grinder) |
| Maybe, maybe But think of it like the old shamans vs. hermetics: the former are not often employed doing security for corps, even though they have game-wise the same stats and abilites like hermetics. But they're said to be too strange to fit into corp culture and not reliable enough. Same can go for technomancers, imo. |
Well, when you have a security decker that talks to his commlink (without wearing one) and has imaginary digital friends…
Damn, forgot the nerd-factor.
Well the skill wires shop will have better luck than a hacker shop attracting paying customers. You see all the customers at hacker house are hackers. Most of the customers at skill wire house are legitimate. If for every hundred sales they make somebody steals something there still making money.
Ant I can put 40 IC programs on a rating 5 node with no loss of response, in 24 hours I will have made the post on matrix 2 security architecture witch will include instructions.
Where dose this IC on active search come from. IC doesn’t get activated unless you trigger an alert and that happens only in specifically stated circumstances (that can be easily avoided)
Dranem provided a list of questions.
1. a combat hacker starting without most of the necessary skills, a little cyber or bio also helps.
2. down loading data is instantaneous unless your downloading what the GM says is excessive amounts of data, in witch case it takes a couple of seconds. Nothing will happen in that time. Chip delivery would take days, customers today buy e-books and expect e-mail delivery, I doubt that will change, the accounting will be close to instantaneous. It always is in the matrix, that is one of the great things about the matrix from a business point of view.
3. I don’t think its going to have a low firewall, I think its going to have a firewall of 4 (corporate systems) or 5 (corporate secure systems) even if its the rare rating 6 host (Zurich orbital, lofwers private host) I have a good chance of getting in undetected. According to the book there is no such thing as firewall over 6. Personally I would use rating 7 for systems where SR3 would have put a UV host
4. I agree there is an appreciable chance of being discovered on my way in (say 20%), even if there IC is black as the ace of spades it doesn’t matter. The moment I realise I triggered an alarm (and there not usually silent) I log out and go away to packet sniff there competitor hoping for better luck.
5. what do I need cash for. I wasn’t planing on actually paying for the active softs that’s why I am hacking in.
Even if they had a Technomancer. How do you decrypt files a Technomancer encrypted? You can’t have him available to everybody all the time and people need to work on these files.
Even my nasty architectural tricks can’t protect a host that needs to be assessable for commercial reasons (well maybe they can)
Tomorrow, when I have time, I intend to post them, maybe I will have a defence against my one nefarious mind then
Edward
Ant I can put 40 IC programs on a rating 5 node with no loss of response, in 24 hours I will have made the post on matrix 2 security architecture witch will include instructions.
Where dose this IC on active search come from. IC doesn’t get activated unless you trigger an alert and that happens only in specifically stated circumstances (that can be easily avoided)
Dranem provided a list of questions.
1. a combat hacker starting without most of the necessary skills, a little cyber or bio also helps.
2. down loading data is instantaneous unless your downloading what the GM says is excessive amounts of data, in witch case it takes a couple of seconds. Nothing will happen in that time. Chip delivery would take days, customers today buy e-books and expect e-mail delivery, I doubt that will change, the accounting will be close to instantaneous. It always is in the matrix, that is one of the great things about the matrix from a business point of view.
3. I don’t think its going to have a low firewall, I think its going to have a firewall of 4 (corporate systems) or 5 (corporate secure systems) even if its the rare rating 6 host (Zurich orbital, lofwers private host) I have a good chance of getting in undetected. According to the book there is no such thing as firewall over 6. Personally I would use rating 7 for systems where SR3 would have put a UV host
4. I agree there is an appreciable chance of being discovered on my way in (say 20%), even if there IC is black as the ace of spades it doesn’t matter. The moment I realise I triggered an alarm (and there not usually silent) I log out and go away to packet sniff there competitor hoping for better luck.
5. what do I need cash for. I wasn’t planing on actually paying for the active softs that’s why I am hacking in.
Even if they had a Technomancer. How do you decrypt files a Technomancer encrypted? You can’t have him available to everybody all the time and people need to work on these files.
Even my nasty architectural tricks can’t protect a host that needs to be assessable for commercial reasons (well maybe they can)
Tomorrow, when I have time, I intend to post them, maybe I will have a defence against my one nefarious mind then
Edward
Something that you seem to be forgetting, (Although another poster has mentioned it.) is that I very much doubt that the sever which the actual Skillsofts are housed would be wired into the Matrix except as needed.
Personally I agree that shipping via Chip would be considered wwwaaaayyyy too slow, but I wouldn't be surprised if the store didn't require a meatbody to slot the data into the Matrix Host via a physical Chip and then send it over the Wireless, in which case the sever which houses the Skillsofts would never actually be conncected to the Maxtrix at all.
Of course, against a truely determined Runner, nothing is completely safe, if I were going to try to pull a 'Big Money' heist such as this I think I'd go about as such.
(1) Visit Mr Shadowdoc for brand-new Face/Prints/Eyes, the Works.
(2) Procue the best Fake SIN that money can buy.
(3) Arrange for a 'job opening' at the Host's Physical Site. (Note that this might not be the same place as the Store, so do your Legwork first.)
(4) Use your nova-hot Decking Skills to insert a job app that the computer loves while sabotaging any other would-be job seekers.
(5) Hire a group of Shadowrunners in order to do something at/to the Site that doesn't actually involve the Matrix Host the Skillsofts are located on.
(6) Smuggle your Commlink into the Site in order and then Hack the Host into burning you a full set of Skillsofts onto a series of Chips just before the Runners are due to hit. (Yes, I believe that an entire libary of Skillsofts falls outside of 'reasonable' data storage for a single Data Chip.)
(7) Trigger an internal Alarm and escape in the Panic while the Team of Runners you just sold out dies.
(8 ) IF the team suceeds in thier Run regardless of your trap then pay them in full.
(9) Visit Mr Shadowdoc again.
(10) Crack enough copies of your Paydata to recover the investments necessary to pull Steps 1-9 off.
{Edit}
Is it possible to pull off? Yes I think so, but I'm not sure that it would really be worth the trouble as it only takes one little slot-up to tumble the House of Cards you've built and it requires Funding Up-Front to put into motion.
Personally I agree that shipping via Chip would be considered wwwaaaayyyy too slow, but I wouldn't be surprised if the store didn't require a meatbody to slot the data into the Matrix Host via a physical Chip and then send it over the Wireless, in which case the sever which houses the Skillsofts would never actually be conncected to the Maxtrix at all.
Of course, against a truely determined Runner, nothing is completely safe, if I were going to try to pull a 'Big Money' heist such as this I think I'd go about as such.
(1) Visit Mr Shadowdoc for brand-new Face/Prints/Eyes, the Works.
(2) Procue the best Fake SIN that money can buy.
(3) Arrange for a 'job opening' at the Host's Physical Site. (Note that this might not be the same place as the Store, so do your Legwork first.)
(4) Use your nova-hot Decking Skills to insert a job app that the computer loves while sabotaging any other would-be job seekers.
(5) Hire a group of Shadowrunners in order to do something at/to the Site that doesn't actually involve the Matrix Host the Skillsofts are located on.
(6) Smuggle your Commlink into the Site in order and then Hack the Host into burning you a full set of Skillsofts onto a series of Chips just before the Runners are due to hit. (Yes, I believe that an entire libary of Skillsofts falls outside of 'reasonable' data storage for a single Data Chip.)
(7) Trigger an internal Alarm and escape in the Panic while the Team of Runners you just sold out dies.
(8 ) IF the team suceeds in thier Run regardless of your trap then pay them in full.
(9) Visit Mr Shadowdoc again.
(10) Crack enough copies of your Paydata to recover the investments necessary to pull Steps 1-9 off.
{Edit}
Is it possible to pull off? Yes I think so, but I'm not sure that it would really be worth the trouble as it only takes one little slot-up to tumble the House of Cards you've built and it requires Funding Up-Front to put into motion.
| QUOTE (Ravor) |
| Something that you seem to be forgetting, (Although another poster has mentioned it.) is that I very much doubt that the sever which the actual Skillsofts are housed would be wired into the Matrix except as needed. |
Yar, that was me. I was figuring that you could pick up the datachip within an hour or so- I doubt they use the USPS like we do now. It's a balancing factor you can use to convince your GM that you should be able to show up at Hacker House and buy whatever you want without an availability check or even a contact. But that's another post.
Your whole plan would likely work, Ravor, but what GM would let players highjack the adventure to run a complex heist? Seriously, barring Ravor's "inside-man" idea, there's no way to get this done from the Matrix, you have to be at the physical host. There are a million ways to restrict access to a host with paydata by disconnecting it from the Matrix while still having full commercial efficiency. You could have a host with a "one-way" wireless connection, it only transmits data, never receives, and only recieves instructions from a keypad or datajack. You could have a wireless host with a short signal rating, so that only employees can access it, and only when they are subscribed, which they usually aren't. Or you could just have a host with a dangling datacord, then pay some jerk 10 nuyen a day to plug and unplug the host into the Matrix when necessary and watch what goes in and comes out, which anyone could do with good programs.
Wireless security is easy- just don't be wireless.
I would let players highjack an adventure to run a complex heist. Well, I wouldn't be thrilled if they dropped the adventure mid-run, but if they want to plan some of their own jobs instead of waiting to be spoon-fed everything by a Johnson, I have no problem with that.
I'd be against them becoming international jewel thieves and pulling 26 million nuyen runs, but being proactive is not a bad thing.
How much would a run like this net? Minus the cost of all that surgery, hiring the other runners, etc. Maybe a given physical site only had 20 different skills or so, and some measure of security is achieved through spreading the physical sites out. Skillz-B-us is probably a subsidiary of a megacorp, who can easily spread the physical hosts over a number of sites.
I guess I'm wondering if a run like this would really be all that abusive. It sounds like a lot of fun to me.
I'd be against them becoming international jewel thieves and pulling 26 million nuyen runs, but being proactive is not a bad thing.
How much would a run like this net? Minus the cost of all that surgery, hiring the other runners, etc. Maybe a given physical site only had 20 different skills or so, and some measure of security is achieved through spreading the physical sites out. Skillz-B-us is probably a subsidiary of a megacorp, who can easily spread the physical hosts over a number of sites.
I guess I'm wondering if a run like this would really be all that abusive. It sounds like a lot of fun to me.
I see a few ways of screwing with a hacker attempting something like that. Encrypting the files/databases with IC embedded, and having IC on constant, preset sweeps (during non-business hours to avoid slowing down the node).
Assuming a decently sized company, it will have multiple nodes of varying size and tech, with billing/accounting, data storage, etc. each having its own node (or multiple nodes for segmenting storage or departments). It wouldn't be unreasonable to assume high level skillsofts in storage would be encrypted, likely with an IC that at the minimum would activate and scan each user upon decryption of the file, and you would not be able to hide from it with Stealth as you were directly accessing the file. You would have a proper access code or possibly Spoof or hack to avoid the system going on immediate alert. Extra measure might include linked passcodes requiring biometric data (normally entered by the person approving shipment of the item/program), data bombs set to erase the file (requiring physical media backups to restore it), and requiring all manipulation of the file to be done from hardwired terminals on-site.
All of these can be bypassed given enough forethought and decent enough rolls, like editing the security files and finding the approved users to add or copy a valid access code, copying the biometric data needed for accessing the files and Spoofing your datatrail so it appears to be coming from the correct biometric reader, and whatever else you can think of, but just good dice pools will still fail you pretty quick.
Assuming you are going after Rating 4 activesofts and rating 4 and 5 knowsofts, your looking at a single program costing as much or more than a month's middle lifestyle, so you can expect a strong system protecting it. Serious time would need to be put into each step. IF you could access the program storage though wireless, and that would be a big if, you would need to crack at least two levels of system architecture, one to get basic system (admin) access and again to get into the security system (admin level). If you can gain full access to the security system, the only things likely to be standing in the way would be IC set to actively scan, security hackers on random/scheduled patrol, data bombs, and encryption-embedded IC.
Assuming a decently sized company, it will have multiple nodes of varying size and tech, with billing/accounting, data storage, etc. each having its own node (or multiple nodes for segmenting storage or departments). It wouldn't be unreasonable to assume high level skillsofts in storage would be encrypted, likely with an IC that at the minimum would activate and scan each user upon decryption of the file, and you would not be able to hide from it with Stealth as you were directly accessing the file. You would have a proper access code or possibly Spoof or hack to avoid the system going on immediate alert. Extra measure might include linked passcodes requiring biometric data (normally entered by the person approving shipment of the item/program), data bombs set to erase the file (requiring physical media backups to restore it), and requiring all manipulation of the file to be done from hardwired terminals on-site.
All of these can be bypassed given enough forethought and decent enough rolls, like editing the security files and finding the approved users to add or copy a valid access code, copying the biometric data needed for accessing the files and Spoofing your datatrail so it appears to be coming from the correct biometric reader, and whatever else you can think of, but just good dice pools will still fail you pretty quick.
Assuming you are going after Rating 4 activesofts and rating 4 and 5 knowsofts, your looking at a single program costing as much or more than a month's middle lifestyle, so you can expect a strong system protecting it. Serious time would need to be put into each step. IF you could access the program storage though wireless, and that would be a big if, you would need to crack at least two levels of system architecture, one to get basic system (admin) access and again to get into the security system (admin level). If you can gain full access to the security system, the only things likely to be standing in the way would be IC set to actively scan, security hackers on random/scheduled patrol, data bombs, and encryption-embedded IC.
Just to tack on the damaleon's post: You can even hire a TM to send a sprite over that lives in your secure node and keeps your files hashed. Then it is completely impossible to decrypt without first driving off the Sprite, if you know it's there. But if the Sprite dies all its hashed files become corrupted. Of course, there's no upper limit to the rating of a sprite, so if you have a Rating 10 sprite in there your files should be safe.
I would definitely go the Sprite route. Anything that valuable should be protected as well as possible (including not actually making it downloadable from online to begin with).
| QUOTE (Glayvin34) |
| Of course, there's no upper limit to the rating of a sprite, so if you have a Rating 10 sprite in there your files should be safe. |
There is a limit to a Sprite's power:
It only stays 8 hours if not registered.
Registering a Sprite takes Rating hours.
This means that Rating 8 is as high as Sprites get.
Nope, it means that rating 8 is as high as registered sprites get, if the GM feels the registration time should count against the 8 hour duration. Even then you can just recompile them (albeit at a rating higher than 8 it's gonna be a painful process).
By the RAW, that's the only time you have.
Of course, an unrestigered Sprite might be of higher Rating, but that would only result in either corrupted or unprotected files fater those 8 hours...
Reregistering means more services, which is nice, but not able to increase it's Rating.
Of course, an unrestigered Sprite might be of higher Rating, but that would only result in either corrupted or unprotected files fater those 8 hours...
Reregistering means more services, which is nice, but not able to increase it's Rating.
Hm. It doesn't really say whether or not the registration time counts toward the Sprite's total existence. I would say that it doesn't, it seems weird to me for registered sprites to have a rating limit that is imposed by an interaction of rules:
unregistered sprite duration -8 hours-
and
duration it takes to register -rating hours-
instead of a specifically stated rule that registered sprites can't be over rating 8.
unregistered sprite duration -8 hours-
and
duration it takes to register -rating hours-
instead of a specifically stated rule that registered sprites can't be over rating 8.
If the registration period doesn't count towards an unregistered sprite's lifespan, then you run into the exploit of "wait 7 hours 59 minutes and then start registering."
You could conceivably say that the sprite is in all ways inactive while it's getting registered, but at that point you're blatantly adding something to the RAW that isn't there (IIRC) in any form.
You could conceivably say that the sprite is in all ways inactive while it's getting registered, but at that point you're blatantly adding something to the RAW that isn't there (IIRC) in any form.
Having an implied cap like that is pretty bizarre, though. Until we get the next Matrix book, I'm inclined to say my players could register without counting towards their time limit.
The solution I came up with was to separate the store into 2 nodes. The storefront takes your information, sends it threw a number of choke points (there cheep now) to a dispatch node that validates your credit and sends you an email with your soft wear.
And some of the modified choke points I designed where just scary (over 50 bits of IC) and cannon.
You could still do it but instead of hacking one host you’re hacking 4 or more, and several are true glaciers. Sniffing in will take 4 times as long, and involve siting in a glassier while you do it.
This gives the compony full 24 hour on demand instant service with no meat to worry about and a truly respectable amount of security. For less than :nuyen:100K and no unusual upkeep
Remember this isn’t valuable data its is something there selling for only a couple of thousand nuyen. Technoshamans don’t come cheep and once they have hashed your files you need them again before you can access your own data.
Edward
And some of the modified choke points I designed where just scary (over 50 bits of IC) and cannon.
You could still do it but instead of hacking one host you’re hacking 4 or more, and several are true glaciers. Sniffing in will take 4 times as long, and involve siting in a glassier while you do it.
This gives the compony full 24 hour on demand instant service with no meat to worry about and a truly respectable amount of security. For less than :nuyen:100K and no unusual upkeep
Remember this isn’t valuable data its is something there selling for only a couple of thousand nuyen. Technoshamans don’t come cheep and once they have hashed your files you need them again before you can access your own data.
Edward
Thats several thousand nuyen for each skill that they have on file, you have to base the value to be protected on the entire library they have in stock.
| QUOTE (Shrike30 @ Apr 5 2006, 07:56 PM) |
| Having an implied cap like that is pretty bizarre, though. Until we get the next Matrix book, I'm inclined to say my players could register without counting towards their time limit. |
Bizarre, yeah, but it's exactly the kinda thing that would get missed in playtesting (or a rewrite after discovering it in playtesting).
Me want official FAQ from FanPro man. Grr, FanPro man! Grr!
Opportunity cost or replacement cost.
And consider lost customers because delivery isn’t instant
You have a customer base. Some will steal and you wont get any money from them, your loss is only what they would have payed if they couldn’t steal (not the value of what they stole) so probably only 2-4 skills. (You wont buy all from one store normally)
Now if my delivery takes 5 min while I have a meat person approve the transaction (and he may be not paying attention) how much legitimist business will I loose? Even 1% would be a huge loss huge. Heaven forbid I require the customer to wait an hour or more for a physical chip to be delivered buy courier (witch is an additional cost), half my customers don’t know where they will be in an hour.
Now replacement cost, what replacement cost, I am copying this over and over, my cost per unit is zero. Even a vandal wiping out my files would only knock me out of business for 5 min while I grab the offline backup.
I think my aforementioned couple of chokepoints will provide the best balance of cost, customer service and security.
Edward
And consider lost customers because delivery isn’t instant
You have a customer base. Some will steal and you wont get any money from them, your loss is only what they would have payed if they couldn’t steal (not the value of what they stole) so probably only 2-4 skills. (You wont buy all from one store normally)
Now if my delivery takes 5 min while I have a meat person approve the transaction (and he may be not paying attention) how much legitimist business will I loose? Even 1% would be a huge loss huge. Heaven forbid I require the customer to wait an hour or more for a physical chip to be delivered buy courier (witch is an additional cost), half my customers don’t know where they will be in an hour.
Now replacement cost, what replacement cost, I am copying this over and over, my cost per unit is zero. Even a vandal wiping out my files would only knock me out of business for 5 min while I grab the offline backup.
I think my aforementioned couple of chokepoints will provide the best balance of cost, customer service and security.
Edward
It's not a matter of replacement costs, it's a matter of loss of business when Hacker Joe puts your 1,000 nuyen goods up on Ebay for 38 cents.
okay folks, let me know what you think of this. here is a breakdown of what nodes I would have in a system for a retailer/reseller, or with a couple changes, any mom and pop to low end company. Nodes are in () while encrypted data is in []
(Public access (website))
.............|
.............|
.....(secure ordering)
.........|................\
(order proc) ------(Inventory/procurement/delivery)
........|........\...............|........\
........|..........\.............|......[Program/Proprietary Data Storage]
........|............\...........|......../
[records]-------(Prime System)----(Security)----[data store]
.................................|
........(Secure Remote Access node (telecommuters, connections to other offices))
The prime system node would contain accounting, HR, personal employee systems and the like.
Most retailers would likely drop the Remote Access Node for security reasons.
Security would likely have an encrypted database for employee passcodes/biometric data and any other verification info you can think of.
You could attack the system through the well protected but faster route of the high security Remote access node (if there), or the somewhat less secure, but extra layer, of going through the public access.
Another example that I think is still quite valid is in the Shadowrun Missions archive, the 3rd edition FORCEd RECON player handouts showing the Griffin Biotech system setup. All you would need to say is that the Communications sections is wireless accessible, with the rest of the parts hardwired to it (with likely wireless access to some parts in various rooms on-site).
(Public access (website))
.............|
.............|
.....(secure ordering)
.........|................\
(order proc) ------(Inventory/procurement/delivery)
........|........\...............|........\
........|..........\.............|......[Program/Proprietary Data Storage]
........|............\...........|......../
[records]-------(Prime System)----(Security)----[data store]
.................................|
........(Secure Remote Access node (telecommuters, connections to other offices))
The prime system node would contain accounting, HR, personal employee systems and the like.
Most retailers would likely drop the Remote Access Node for security reasons.
Security would likely have an encrypted database for employee passcodes/biometric data and any other verification info you can think of.
You could attack the system through the well protected but faster route of the high security Remote access node (if there), or the somewhat less secure, but extra layer, of going through the public access.
Another example that I think is still quite valid is in the Shadowrun Missions archive, the 3rd edition FORCEd RECON player handouts showing the Griffin Biotech system setup. All you would need to say is that the Communications sections is wireless accessible, with the rest of the parts hardwired to it (with likely wireless access to some parts in various rooms on-site).
Aye, however you are assuming that most Software Stores offer instant delivery, and in a world where hacking seems to rule supreme I doubt that any store would be stupid enough to leave their expensive goods that vulnerable.
Because, how much biz would the store lose if instead of stealing the Softs, the Decker in question replaced them with well coded copies that contains hidden flaws? It would seem to me alot more then forcing a Buyer who is willing to spent several thousand creds on a product 5-10 minutes while a Meatbody runs a chip off before beaming it over the Wireless. Expecially if that was the standard way of doing things in the first place. (At least with expensive items, with the cheaper Software, ect, it probably wouldn't be cost effective.)
Because, how much biz would the store lose if instead of stealing the Softs, the Decker in question replaced them with well coded copies that contains hidden flaws? It would seem to me alot more then forcing a Buyer who is willing to spent several thousand creds on a product 5-10 minutes while a Meatbody runs a chip off before beaming it over the Wireless. Expecially if that was the standard way of doing things in the first place. (At least with expensive items, with the cheaper Software, ect, it probably wouldn't be cost effective.)
but as the designers pointed out, it is meant to be based on RL, where some software merchants do offer instant delivery
now nonw of these tricks stop me packet sniffing for a big order that contains softs I want
then jamming into the recipient's commlink and making copies for myself
now nonw of these tricks stop me packet sniffing for a big order that contains softs I want
then jamming into the recipient's commlink and making copies for myself
Hear is how I would set up the system.
This is a retail store with moderate product value. im going to allow myself about :nuyen:50k in hard wear.
This is a retail store with moderate product value. im going to allow myself about :nuyen:50k in hard wear.
| CODE |
D D D D \ | /___/ ___Z \|/ / A------B------C------E---------Z---Z /|\____ \___ / | \ \ Z D D D D |
A is your public access node. Hear customers are free to brows catalogs and fill in order forms. When an order form is filled out it is sent to node Z, from there credit is verified and within seconds the product is senttoe the customer. Everything in between is security.
All these nodes are without signal chips (except nod A) and are connected buy fibber optic cable. All are rating 5
Node B is loaded with IC, cold but not black.
Node C contains a range of IC programs many of witch will be black, 5 programs total,
Nodes D each run the same IC as node C, but that IC has migrated to node C bringing the total number of IC programs protecting node C to 45.
Node E is designed to be hard to penetrate, hear we place our single firewall 6 program the idea being that the hacker will not be able to progress out of node C and away from the IC immediately.
Nodes Z contain the product, credit checking programs, employ files (why do we need employs) and anything else we want to keep secure.
Finally if an alert is triggered in any node then an alert is triggered in all nodes.
You may think the soft wear cost for this is excessive but a corporation would be buying site licence IC or just pirating it, how many companies today purchase one copy of windows and install it on 50 machines.
Edward
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.