I had this idea, and I'm wondering a) who's already thought of it, and b) whether it's a good idea.
On a run, have every other team member subscribe their PANs to the hacker's commlink. The hacker then acts as the only route to the outside world, theoretically securing (or making more secure) the team's PANs (including their cyberware).
On the one hand, the street sammies et alia are much safer against a malign hacker. On the other hand, the team is boned if the hacker is attacked or jammed.
Full Version: Electronic Security on Runs
i dont recall reading about exactly that idea before, but it does have similaritys with the "multiple interconnected comlinks" security meme.
and i kinda like the idea
and i kinda like the idea
and of course, it's no harder to spoof into the team LAN anyways, so it's still not really all that secure.
the only way to have a strong, secure commlink is for that specific commlink to be strong, and secured, or to have only wired connections.
the only way to have a strong, secure commlink is for that specific commlink to be strong, and secured, or to have only wired connections.
| QUOTE (Jaid) |
| and of course, it's no harder to spoof into the team LAN anyways, so it's still not really all that secure. |
Sure it is. In order to spoof commands from the hacker's commlink, you have to find it first. In order to do that, you have to overcome its stealth, which is likely to be much higher than you average runner's. Just check the sample characters and their commlinks.
Of course, even if you get that far, the Spoof Command action specifically describes sending commands to agents and drones, not to commlinks. Sure, it's not a huge leap to include them, but your mileage varies with your GM.
Of course, the ultra-paranoid would change the ID of the hacker's commlink every sixty seconds or so, anyway, just to keep the security tight.
The other COM links are still operating a wireless connection witch can be hacked.
Also you will have issues with AR when you should be able to see something but the hacker is not within range of its signal.
In order to force entry threw a gateway you can’t use a wireless connection (think about pan hacking and a skin link.
Edward
Also you will have issues with AR when you should be able to see something but the hacker is not within range of its signal.
In order to force entry threw a gateway you can’t use a wireless connection (think about pan hacking and a skin link.
Edward
Copying programs is free, so everyone in the group should have the highest rating encryption programs and IC available running on their commlinks.
As was pointed out, the team's commlinks are still wifi enabled, and thus just as susceptible as ever to interception and hacking.
It's actually worse to do things this way, because if someone hacks the hacker's commlink, he has unchallenged access to the entire team's commlinks.
If you keep the team's commlinks uncentralised, an attacker would have to hack each one to get in.
So really, it's a liability with no gain.
It's actually worse to do things this way, because if someone hacks the hacker's commlink, he has unchallenged access to the entire team's commlinks.
If you keep the team's commlinks uncentralised, an attacker would have to hack each one to get in.
So really, it's a liability with no gain.
You should definitely run cables from each team member to the hacker's commlink so you can use his defenses without leaving yourself wifi enabled.
Maybe I missed something, but wouldn't the easy way to get electronic security be to either not have everything on your PAN connected to your commlink (not sure if you can do that or if you have to have a commlink, but it makes sense to me) or to carry two, one of which has wireless off and runs all your gear skinlinked, the other one with wireless on, not connected to anything else on you, and which you use to run any AR or communications stuff you need?
A somewhat secure setup.
1. Commlink 1: Wireless:Off, password required for access.
This is the hackers "hacking" commlink and he's using 9 rating 4 programs on his response 5 commlink. This way he can use all the programs he need and still have a reasonable strong defense.
2. Commlink 2: Wireless:On, Linked Password required.
This is the hackers second commlink and gateway to the matrix, his first node you could say. In order to access it you need a password and then an answer from commlink 1 that accepts that code.
3. Wire teams communications through commlink 2. Each team member runs with Linked Password to Hackers commlink in BOTH directions. In order to access either a team members commlink or the hackers they need a confirmation from one of the other team members commlinks.
4: Load up Commlink 2 with ECCM, Encryption on Device, Databomb on Device and Encryption on Signal. Then you fill the rest of the remaining 5 response slots with agents/IC for spoofing and analyzing for security of the commlink.
Anyone trying to comprimise the commlink router would have to find, decrypt and then hack THROUGH commlink 2 in order to gain any kind of access to the teams commlinks.
Ok, they CAN tap the signal but no system is foolproof, ask any hacker.
Commlink 2 has another fun thing as well, no subscription list so it cannot be used to gain access to any items or gear.
Yea, i'm not running the maximum strength on programs but I find that diversity is the key in this case. Running 9 programs with only a -1 to response is quite good, and that means I can theoretically run 9 rating 4 agents on a commlink.
1. Commlink 1: Wireless:Off, password required for access.
This is the hackers "hacking" commlink and he's using 9 rating 4 programs on his response 5 commlink. This way he can use all the programs he need and still have a reasonable strong defense.
2. Commlink 2: Wireless:On, Linked Password required.
This is the hackers second commlink and gateway to the matrix, his first node you could say. In order to access it you need a password and then an answer from commlink 1 that accepts that code.
3. Wire teams communications through commlink 2. Each team member runs with Linked Password to Hackers commlink in BOTH directions. In order to access either a team members commlink or the hackers they need a confirmation from one of the other team members commlinks.
4: Load up Commlink 2 with ECCM, Encryption on Device, Databomb on Device and Encryption on Signal. Then you fill the rest of the remaining 5 response slots with agents/IC for spoofing and analyzing for security of the commlink.
Anyone trying to comprimise the commlink router would have to find, decrypt and then hack THROUGH commlink 2 in order to gain any kind of access to the teams commlinks.
Ok, they CAN tap the signal but no system is foolproof, ask any hacker.
Commlink 2 has another fun thing as well, no subscription list so it cannot be used to gain access to any items or gear.
Yea, i'm not running the maximum strength on programs but I find that diversity is the key in this case. Running 9 programs with only a -1 to response is quite good, and that means I can theoretically run 9 rating 4 agents on a commlink.
| QUOTE (Edward) |
| The other COM links are still operating a wireless connection witch can be hacked. Also you will have issues with AR when you should be able to see something but the hacker is not within range of its signal. In order to force entry threw a gateway you can’t use a wireless connection (think about pan hacking and a skin link. Edward |
That's true, but can't you set the team's comlinks to only accept commands from the Hacker's com? Aside from feeding some false data or static, wouldn't you need to hack the Hacker's com to then start spoofing commands downstream?
| QUOTE (GrinderTheTroll) | ||
That's true, but can't you set the team's comlinks to only accept commands from the Hacker's com? Aside from feeding some false data or static, wouldn't you need to hack the Hacker's com to then start spoofing commands downstream? |
I think you're right, Grinder, although an enemy hacker can spoof the ID from where they are by finding the central hacker's hidden node, checking it out with matrix perception (to get the ID), and then attempt to beat the target with a spoofed ID.
A defense against this could be to alter the central hacker's ID regularly. I don't have the rules (geez, I need to get a PDF copy), and I don't remember how long it takes to change a commlink's ID (it's on the same page as spoofing commands is, though). Anybody got that?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.