Safe decryption, the powerful rating 1 comlink.
Having stolen encrypted data file to decrypt at my leisure I am concerned that it could contain IC or a data bomb, not trusting myself to notice such I load the file onto a cheep rating 1 comlink along with a rating 1 decrypt utility. With some effort (using low end decrypt prog) I crack open the file. The ice or data bomb attempts to run but the system is already running the maximum number of programs.
I see 3 possible outcomes.
The IC runes, the comlinks response drops to 0,
the system may crash or continue to run will all programs (including IC) working at rating 0, thus nothing bad happens to me or my file while I deal with the IC based on my skill alone.
The system crashes and with luck I got an idea of where the IC/data bomb is giving me an advantage when I try again (I copied the file).
The IC/data bomb fails to run at all because there is no runtime available, i can now read the file at my leisure while the IC waits for the system resources it needs to fry my brain.
What do you good people think of this.
Edward
Full Version: Safe decryption,
I think it is option 4: You fail to open the file. Nothing happens.
Reason: Running the data bomb is part of the process of opening the file. You either can or you can´t do that. If you can open the file, the databomb runs and does its work. (One could allow for opening the file anyway, but something better than "MS whatever" should prevent that. In that case option 2 with no information gained)
Regarding copying the file: How? Copy should be a form of access - the bomb should be triggered at that stage.
Reason: Running the data bomb is part of the process of opening the file. You either can or you can´t do that. If you can open the file, the databomb runs and does its work. (One could allow for opening the file anyway, but something better than "MS whatever" should prevent that. In that case option 2 with no information gained)
Regarding copying the file: How? Copy should be a form of access - the bomb should be triggered at that stage.
1st: decryption rules are broken
2nd: fix decryption rules (to something like a treshold of 4 x encryption rating)
3rd: you can (optionally, but this is a MUST) only roll "dice" times in RAW (I would fix that to "skill" times)
4th: With a comlink of 1 you can only roll 2 (response+decryption)dice 2 times, to a maximum number of 4 hits. This comlink is at best going to crack an encryption of 1.
(With my house rule, you roll Logic+Hacking with a maximum number of "hacking" rolls and a maximum number of "decryption" hits per roll, so thats 6 hits with hacking 6 and decryption 1)
Rules exploit fixed.
2nd: fix decryption rules (to something like a treshold of 4 x encryption rating)
3rd: you can (optionally, but this is a MUST) only roll "dice" times in RAW (I would fix that to "skill" times)
4th: With a comlink of 1 you can only roll 2 (response+decryption)dice 2 times, to a maximum number of 4 hits. This comlink is at best going to crack an encryption of 1.
(With my house rule, you roll Logic+Hacking with a maximum number of "hacking" rolls and a maximum number of "decryption" hits per roll, so thats 6 hits with hacking 6 and decryption 1)
Rules exploit fixed.
If copying the file would have triggered the Data Bomb, then it would have triggered in the node he originally found it in.
Agreed. But I rule that copying would trigger a data bomb. Otherwise it's just too easy for a hacker to go into a node, copy everything, then retire to a safe distance and pick over it at leisure.
i would say that the ice runs and beats the crap out of the hackers persona. but then i have my own interpetation about how the response drop works...
I would rule that trying to access the file in ANY way would trigger the databomb unless it was found and disabled. The databomb should have exploded within the node he was active in if he tried to copy it.
What I find annoying is that Databombs aren't that scary, they do Rating boxes of damage, that's a maximum of six boxes of damage. I'd rather see that they did Rating X2 boxes so that even low yield bombs would actually make you sweat when disarming them.
What I find annoying is that Databombs aren't that scary, they do Rating boxes of damage, that's a maximum of six boxes of damage. I'd rather see that they did Rating X2 boxes so that even low yield bombs would actually make you sweat when disarming them.
I think, the fact that they can trigger an alarm is THE most dangerous thing. Secondly, they destroy the data file, wich is the main use of the bomb. The data-bomb would be useful even without any damage. The damage is just an additional gimmick.
| QUOTE (Serbitar) |
| I think, the fact that they can trigger an alarm is THE most dangerous thing. Secondly, they destroy the data file, wich is the main use of the bomb. The data-bomb would be useful even without any damage. The damage is just an additional gimmick. |
Hmm, yea, I guess - but it would be nice with databombs that are just there to inflict damage.
| QUOTE (Witness) |
| Agreed. But I rule that copying would trigger a data bomb. |
According to the hymnal, that which triggers a Data Bomb is decided when it is set. Thus, it could go off when the file is accessed, copied, edited, or even analyzed.
Hmm, according to the RAW it does say when "Accessed". This should mean that any action involving the file in question like copying, moving etc would make the file to go off.
Matrix perception tests are not an action that would trigger the bomb since you are just looking at it, albeit a bit closer.
But here's the funny side of it. If you have Admin access (and IF the admin access include private files) you COULD use the admin access to copy the file to a crappy commlink.
EDIT: Admins should have the right to move files, it would be quite inconvenient to have a few hundred files scattered around to suddenly go *pop* when they start moving to a new server...
Matrix perception tests are not an action that would trigger the bomb since you are just looking at it, albeit a bit closer.
But here's the funny side of it. If you have Admin access (and IF the admin access include private files) you COULD use the admin access to copy the file to a crappy commlink.
EDIT: Admins should have the right to move files, it would be quite inconvenient to have a few hundred files scattered around to suddenly go *pop* when they start moving to a new server...
It doesn't take a complex action for Data Bombs to go off like it does for normal programs, they happen instantly then disappear. So it seems to be that the Data Bomb program isn't actually running. It ran when it installed the Bomb, then whoever installed the Bomb left. So the Data Bomb's Effects aren't programs.
The presence of a encrypted file doesn't mean that Encrypt is running, so a data bomb that goes off isn't a full program, just a self-contained file.
But that's just me.
The presence of a encrypted file doesn't mean that Encrypt is running, so a data bomb that goes off isn't a full program, just a self-contained file.
But that's just me.
Copying would trigger a data bomb only if the data bomb is not encrypted. (Bomb added after encryption). This was described in SR4 in a side bar on IC and encryption
On a rating 1 system you would be rolling hacking + program (1) if you have hacking 5 that is 6 dice 6 times, 36 dice will open pretty much any file.
Glayvin34’s interpretation could be correct, it is also posable that the passage I read aplyed only to IC not to databombs.
This would mean it is only necessary for programs with encrypted IC, not encrypted data bombs.
Edward
On a rating 1 system you would be rolling hacking + program (1) if you have hacking 5 that is 6 dice 6 times, 36 dice will open pretty much any file.
Glayvin34’s interpretation could be correct, it is also posable that the passage I read aplyed only to IC not to databombs.
This would mean it is only necessary for programs with encrypted IC, not encrypted data bombs.
Edward
| QUOTE (Glayvin34) |
| It doesn't take a complex action for Data Bombs to go off like it does for normal programs, they happen instantly then disappear. So it seems to be that the Data Bomb program isn't actually running. |
My guess would be that a Data Bomb actually executable instructions to an operating system, either the hacker's or an agent's virtual machine. That way it can still munge up a system without actually running itself.
| QUOTE (Edward) |
| On a rating 1 system you would be rolling hacking + program (1) if you have hacking 5 that is 6 dice 6 times, 36 dice will open pretty much any file. |
At the risk of looking dumb (nothing new, really), and not having the rules in front of me, isn't Decrypting done with Response + Decrypt?
computer + decrypt actually
That's it, I'm gettin' me the PDF ...
| QUOTE (Kremlin KOA @ May 16 2006, 07:21 PM) |
| computer + decrypt actually |
Not at all - it would be Hacking + Decrypt as it's a Hacking Program... but the actual rules use Response + Decrypt.
actualy, decrypt uses the electronic warfare skill, not hacking.
this is an important skill, as it means a non-computer person who specializes in comunications equipment can still encrypt/decrypt broadcast transmissions without need for any real understanding of computers and hacking.
a rigger, for instance, will have a high electronic warfare, but probably will have little use for hacking.
so you roll Electronic warefare+Encrypt/Decrypt. this skill has no default, so the unskilled should not be able to perform this action.
this is an important skill, as it means a non-computer person who specializes in comunications equipment can still encrypt/decrypt broadcast transmissions without need for any real understanding of computers and hacking.
a rigger, for instance, will have a high electronic warfare, but probably will have little use for hacking.
so you roll Electronic warefare+Encrypt/Decrypt. this skill has no default, so the unskilled should not be able to perform this action.
| QUOTE (Rotbart van Dainig) |
| ... but the actual rules use Response + Decrypt. |
Oh. Well, I'm gettin' it anyway.
| QUOTE (Teulisch) |
| actualy, decrypt uses the electronic warfare skill, not hacking. |
I stand corrected - Defuse uses Hacking, though...
| QUOTE (Teulisch) |
| so you roll Electronic warefare+Encrypt/Decrypt. this skill has no default, so the unskilled should not be able to perform this action. |
Not quite:
The Program is required and can run alone. And the actual rules for Decryption rely on Response.
| QUOTE (Edward) |
| Copying would trigger a data bomb only if the data bomb is not encrypted. (Bomb added after encryption). This was described in SR4 in a side bar on IC and encryption |
I can't find this reference, though on p222 it does say:
| QUOTE (p222) |
| IC programs may be encrypted with sensitive files, so that when the files are decrypted, the IC will verify the user’s identity and attack or destroy the file if they are not authorized. |
Of course that doesn't mean a data bomb will only go off (if copied) if it was not encrypted first.
| QUOTE (Aaron) |
| According to the hymnal, that which triggers a Data Bomb is decided when it is set. Thus, it could go off when the file is accessed, copied, edited, or even analyzed. |
Agreed, but what kind of SysOp is going to protect a file in such a way that there's such an easy way around it? If you can copy a Data Bomb without any trouble and then spend all the time you want getting in to it (including copying it multiple times, so it doesn't even matter if one goes off and destroys the data) then the SysOp responsible deserves what he or she gets.
I guess the bottom line (with any of these sort of ideas) is: yes, it's a neat idea, but if it sounds too good to be true then your enemy (and the entire hacker+SysOp community) has probably thought of it and made sure you can't do it, unless this is the very first time that anybody anywhere discovered this exploit. Or in metagame terms: your GM probably isn't going to allow you to get away with this! So play the rules in the spirit that they were intended!
Ok, chock up another confusing inconsistency in the rule book. Under the section title "Using Electronic Warfare Skill" the sub-heading "Encryption and Decryption" says:
| QUOTE (SR4 pg. 225) |
| Make a Decrypt + Response (Encryption rating x 2, 1 Combat Turn) Extended Test to break the encryption. |
However, later under "programs" the Decrypt Program is listed as being related to the Electronic Warfare skill:
| QUOTE (SR4 pg. 227) |
| Decrypt (Electronic Warfare) Decrypt programs are designed to conduct a number of cipher- busting attacks—from pattern analysis to brute-force dictionary assaults to sophisticated mathematical tricks—to break into an encrypted system or service. Use Decrypt programs for Decrypt actions (p. 225). |
The page reference there is to the above section. So, it seems Decrypt is "related" to the Electronic Warfare skill but you use Responce when you actually roll?
| QUOTE (mdynna) |
| So, it seems Decrypt is "related" to the Electronic Warfare skill but you use Responce when you actually roll? |
Makes sense to me. Cryptanalysis (code breaking) is mostly a series of brute-force and semi-brute-force attacks on the encrypted data, trying to pull the information out of the hash. So, the more data you can work through in a given time (Response) and the better your attacks (Decrypt program), the faster you decrypt.
I can just repeat myself:
1st: the encryption rules are broken
2nd: the response+decrypt thing may be realistic, but it is missleading as it is breaking SR4s system of skill+programme, that has already broken the attribute+skill system, again.
Thats why I use logic+skill, with programme as hit limiter (just like spells). And my decryption test is:
logic+electronic warfare (4xEcryption rating, 1 turn/1hour) with "electronic warfare" rolls. (turn or hour depends on whether it is real time encryption for communications or data encryption). Balanced, consistent, works.
1st: the encryption rules are broken
2nd: the response+decrypt thing may be realistic, but it is missleading as it is breaking SR4s system of skill+programme, that has already broken the attribute+skill system, again.
Thats why I use logic+skill, with programme as hit limiter (just like spells). And my decryption test is:
logic+electronic warfare (4xEcryption rating, 1 turn/1hour) with "electronic warfare" rolls. (turn or hour depends on whether it is real time encryption for communications or data encryption). Balanced, consistent, works.
My only iritation with decrypt/encrypt is that you always go with Program X2 as treshold - where's the actual encryption roll. As a player i'd like to roll my Electronic Warfare+Encryption to actually encrypt things and THEN opposing hackers rolls against SuccessesX2 as their decryption treshold.
Great. So somebody with the computer illiterate flaw is just as good at decrypting data as the most l33t of hackers with the same equipment.
Edward
Edward
i think computer iliterate have a problem with basic computer operations. codebreaking will be way out of their league...
All you need is a Rating 1 agent, and that problem is solved.
Assuming you use the "GM is a fucking moron" approach, then yes, your problem is solved.
There's no reason to get offended at the RAW. You can legally and fairly get away with being totally computer illiterate, by using an agent to handle all your matrix interactions. A good GM could continue to bring the flaw into play: tricking or spoofing the agent, having it die in cybercombat, and so on. The GM isn't a moron if the rules are just that badly broken or unrealistic.
The rules are not broken in that regard.
It is just a logical extension of user interfaces that the user only needs to know the command "do what I mean(x)" (Idea provided by UserFriendly - greatest Internet Comic EVER), and an agent does the rest.
Said agent is a great-time security risk. But who cares about those anyway?
Regarding the underuse of hacking skill: Something needs to be done, yes.
It is just a logical extension of user interfaces that the user only needs to know the command "do what I mean(x)" (Idea provided by UserFriendly - greatest Internet Comic EVER), and an agent does the rest.
Said agent is a great-time security risk. But who cares about those anyway?
Regarding the underuse of hacking skill: Something needs to be done, yes.
| QUOTE (Cain) |
| There's no reason to get offended at the RAW. You can legally and fairly get away with being totally computer illiterate, by using an agent to handle all your matrix interactions. A good GM could continue to bring the flaw into play: tricking or spoofing the agent, having it die in cybercombat, and so on. The GM isn't a moron if the rules are just that badly broken or unrealistic. |
If the GM is interpreting "Computer Illiterate" to mean that the character has no real understanding of how to use computers, but it's well within his understanding of the technology to give a semi-AI an instruction set for what he needs it to do, then he's being a moron.
The guy is computer illiterate... things like telling the Agent "Check this file for a data bomb, then decrypt it, then check it again, then open it up so we can see what's in it" are beyond his understanding. If this guy is giving the Agent orders, the Agent may completely miss what the character actually wants him to do, because the character doesn't understand much beyond "I wanna see what's in that file."
"I wanna read the thingy. Is it, um, good?"
Ok the computer iliterat person adds these spepts.
Newb “I want to read file.”
System (which includes an agent) “file is encrypted, do you fish to decrypt”
Newb “what”
System “the file must be decrypted before you can read it, do you wish to decrypt”
Newb “I gues so”
Sytem, “decrypting file”
5 seconds latter
system “file decrypted, do you wish to disply”
newb “no I want to read the file”
system [roles eyes] “displaying file”
hacker “wow I didn’t program it to get frustrated”
Edward
Newb “I want to read file.”
System (which includes an agent) “file is encrypted, do you fish to decrypt”
Newb “what”
System “the file must be decrypted before you can read it, do you wish to decrypt”
Newb “I gues so”
Sytem, “decrypting file”
5 seconds latter
system “file decrypted, do you wish to disply”
newb “no I want to read the file”
system [roles eyes] “displaying file”
hacker “wow I didn’t program it to get frustrated”
Edward
heh, if a computer illiterate character was trying to order a agent around, i would roll comprehension tests for even the simplest of commands 
I'd like to see the computer illiterate understand the instructions booklet that came with the commlink, or how to install ANY kind of program.
If I was the hacker and there was a computer illiterate person in the party I would set up his comlink for him. It would have a high rating agent with an etiquette (dealing with noobs) skillsoft. I would then convinse said uneducated person that there was actually another person on the other end of the line taking care of all his requests (and taking long hall on the long runs)
It would be funny.
Edward
It would be funny.
Edward
| QUOTE (Edward) |
| If I was the hacker and there was a computer illiterate person in the party I would set up his comlink for him. It would have a high rating agent with an etiquette (dealing with noobs) skillsoft. I would then convinse said uneducated person that there was actually another person on the other end of the line taking care of all his requests (and taking long hall on the long runs) It would be funny. Edward |
LOL
Why have the computer illiterate person give his comm to the party mage who says he's going to enchant it and bind a spirit into it? The mage gives it to the hacker (after the mage draws some completely meaningless occult symbols on it) and then the hacker sets it up and gives it back to the mage who gives it back to the computer illiterate.
Especially if you give the high level agent an attitude - could be very funny.
Mage: "I've bound a spirit into your comm to handle all the tasks for you."
Computer Illiterate: "I didn't know you could do that! What do I call the spirit?"
Mage: "Call it.... Jeannie" (as in I dream of Jeannie)
Much later
Computer Illiterate: "Jeannie... display directions to club x"
Agent: "No - you're staying in and spending quality time with me tonight, not going to see some hussies at that place."
Computer Illiterate: "......"
Meanwhile....
Mage: "Exactly what base did you use for that agent?"
Hacker: "<grins> Virtual Wife 10.0 with the Quality-Time plugin"
Mage: "Oh shit...."
Hacker: "<snickers> Well... I'm in the clear - Strike (damn gunbunny) thinks you put a spirit in it"
Mage: "Heh..."
*shrug* There's workarounds to everything, and there's GM's call to everything. Requiring a comprehension test on the part of the Agent seems like as good a response this as any. Probably treat it like a language roll, with the Agent's rating as it's language skill.
Or hell, if a player really wants to cheese and metagame his way around the flaw to be a tricked-out DInAB hax0r, just don't give him the 0-2 points of karma for RP.
Or hell, if a player really wants to cheese and metagame his way around the flaw to be a tricked-out DInAB hax0r, just don't give him the 0-2 points of karma for RP.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.