Help - Search - Members - Calendar
Full Version: More about Agents and IC
Dumpshock Forums > Discussion > Shadowrun
Pages: 1, 2
GrinderTheTroll
Hi again all,

Talking about Agents and IC recently got me thinking about why exactly there exist different terms to define essentially the same thing so I started looking at the text on SR4.227-228 to get a better idea.

On SR4.227 it says, "Agents use the Reponse attribute of whatever node they are run on: this means that the attributes of an agent operating independently may vary as it moves from node to node".

On SR4.228 it goes on to say about independently operating agents, "The agent continues to operate in the Matrix even if your persona goes offline. In this case, the agents doesn't count towrads your persona's active program limits like running programs do..."

Further down under "Payload", "If an agent is acting independently, any programs it's carrying must be active, and so may affect its Reponse. Any programs run are limited by the Pilot rating". This doesn't say it affects the node's Reponse, but the Reponse of the agent. Fat agents would eat the processing time the node's granted it and slow themselves down.

Here's what's said about Intrusion Countermeasures:

On SR4.228, "...it [IC] specifically refers to a specialized type of agent program that is used to defend a system. For all game purposes, IC programs are the equivilant to agents and function the same.

So IC is the same as an agent, but that doesn't mean an agent is the same as IC and the last line of the "Intrusion Countermeasures" section would only apply to IC: "Note that nodes are careful not to run so many IC programs at once that if affects their performance"

So what I am driving at here is that in the "Agent" section, there is no mention of an agent affecting a nodes Reponse, only the Reponse of the agent itself based on its own program load. However, IC (a special type of agent) does affect the node it is present on and could futher degrade it's own relative Reponse based on its own program load.

If this holds true, my conclusion would be that any amount of user agents would be alllowed without node's Reponse degrading but can "self degrade" with an excessive program load.

Any comments are welcome.

~GTT

The Jopp
Hmm, that would mean that any runner worth his salt could run an unlimited number of agents on their commlink without them affecting the response of said ’link. That sounds like abuse of the highest degree to me since you could have a few thousand agents assisting you in attacking a node’s defense, who in turn have their own armada of agents.

The main difference between Agent and IC is that the system itself can upload and activate IC and what program load they can have in order to defend itself, so in a way the system itself has a limited pilot program that can identify threats (if Analyze is loaded) and run their own programs (IC).

Agent on the other hand can only be run by the user and will not run themselves if destroyed while the OS can initiate IC as soon as one go down.

….

Here’s a few oddities I wonder about. Programs loaded on an Agent, do they affect response on the node they are run on? Example: Hacker running a Response 5 ‘link and has 1 agent with 4 programs, does that mean that the response goes down by 1 then or is the entire agent including the 4 programs counted as 1 program?

If I have a response 5 commlink and run 5 programs and 4 agents (9 total, which gives -1 reponse), thus lowering my response to 4. The agents are rating 4 and runs 4 programs each. Does this lower the agents response first to 4 because the commlink goes down a notch and then another down to 3 because they are now response 4 agents running 4 programs? Or does one only count from the commlinks original response of 5?

Serbitar
The rules mean:

Node 6 running 6 agents gets the nodes response lowered to 5
Node 6 running 1 agent 6 that is running 6 programmes gets the agents response lowered to 5

node 6 running 6 agents running 6 programmes each get the nodes response lowered to 5 and the agents response lowered to 4

(note that the rules are unrealistic, processing power wise, but that has to be accepted when playing RAW)

I would only apply thoses node rules to devices. Real matrix host workstations would have unlimited processing power in this respect. Certainly more than a comlink. I would limit the nunber of IC by some baseline assumptions about traffic, security, hackability, gameblancing and fluff.
hobgoblin
higher rating os, better task switching routines wink.gif
Moon-Hawk
First of all, I want to send big love to Grinder for using quotes and referencing pages.
I think you have an interesting point, but the possibility remains that you're reading too much into the language. Possibly.
Personally, it kind of makes sense for IC to load a host but for an Agent not to. An Agent is very much like a persona, and only does a set amount of stuff at any one time. IC, while a specialized form of Agent, is different in that no matter how large a host/node/mainframe gets, it is still responsible for the entire host/node/mainframe. Thus, the amount of work the IC is doing scales with the node it's running on. So even if the host is some massively parallel system that can support thousands of users, the fact that the one IC still has to monitor and be responsible for ALL of them means that it is using a fantastic amount of system resources, and still loads the host normally. Meanwhile, a hacker's Agent is still just doing his one or two little things just like any other user, no matter how big or powerful the host is.
So from that perspective it makes perfect sense for IC to count against a host's load, but for personas and agents not to. Of course, I'm only talking about mainframe-style hosts. Not devices or commlinks, which should be loaded by everything. For a device this simple, the workload of IC shrinks considerably, so it only takes up the same resources as any other Agent or persona.
It all comes down to large hosts following a different set of rules than devices and commlinks, which makes a lot of sense but isn't exactly by the RAW.
Speaking of making sense, am I?
mdynna
I am so glad that people seem to be coming around and realizing that the game is going to have different rules for "mainframe hosts."

Now, I don't really have a problem with the player's being able to load "effectively" unlimited Agents onto a target host for a couple of reasons:
1) I have ruled that Agents cannot be copied. You have to buy or build each one individually.
2) Agents must start in the user's Commlink before they are loaded onto the target host.

Point 2 is important because if the PC is carrying around 6 fully-loaded Agents, that is going to bog down is Commlink a lot. Then each Agent must loaded onto the host with a Complex Action. That will be a lot of rounds where the Hacker is doing nothing but sitting and loading.
Serbitar
@ Moonhawk.

What to do about high security host, that are NOT accessed by thousands of users? Infinite security?
GrinderTheTroll
QUOTE (mdynna)
I am so glad that people seem to be coming around and realizing that the game is going to have different rules for "mainframe hosts."

Now, I don't really have a problem with the player's being able to load "effectively" unlimited Agents onto a target host for a couple of reasons:
1) I have ruled that Agents cannot be copied. You have to buy or build each one individually.
2) Agents must start in the user's Commlink before they are loaded onto the target host.

Point 2 is important because if the PC is carrying around 6 fully-loaded Agents, that is going to bog down is Commlink a lot. Then each Agent must loaded onto the host with a Complex Action. That will be a lot of rounds where the Hacker is doing nothing but sitting and loading.

Agents are considered programs so I don't see why you can't copy them like other programs.

I don't think anyone doubts the existance of large mainframe like devices, but SR4 doesn't have any rules yet.

Personally, I think there should be 2 classes of devices: Hosts and Personal. Personal would include most everything from commlinks to toasters and suffer from Response issues, while Hosts would be (for the most part) immune to the effects of Response issues having lots of bandwidth.

Until we get something in writing its all gut feelings and speculation.
GrinderTheTroll
QUOTE (Moon-Hawk)
First of all, I want to send big love to Grinder for using quotes and referencing pages.
I think you have an interesting point, but the possibility remains that you're reading too much into the language. Possibly.

Perhaps I am. I don't have any other source and the devil is in the details as the expression goes. Maybe it's just too many years as being a GM and *having* to know how it all works or at least where to look to help pacify my players.

Nothing worse than one of my players avoiding parts of SR because no one undrestands it.
Moon-Hawk
@Grinder: As I said, it's a possibility, but I tend to agree with you.

@Serbitar: Well, security that is capable of escalating beyond a half-dozen IC programs, sure. If whatever they're protecting is worth the however many extra million it costs to add lots and lots more processing power than you actually need, then sure. But why? If it's that darn sensitive it'll be in offline storage anyway. Or at least a network not accessible to the outside world. Their money would be better spent on other aspects of security.
Backgammon
Ok, here's the dillema:

a) Loading Agents on nodes does not affect the node's Response nor yours
Solves: Denial of Service attacks by loading Agents to slow down the node and then raping it
Problem: Load shitload of Agents on nodes to help you do your tasks or combat


b) Loading Agents on nodes affects it's response but not yours
Solves: You can't load a bunch of Agents to help you cause you're going to slow the node so much the Agents won't be able to do much
Problem: Denial of Service attack

What we want is 1) no DoS attacks 2) no Agent loading abuse to support your tasks, right?

Right now, I don't see how this can be done without the GM having to flat out state "you can't do that", or, like mdynna suggests, ban Agent copying.
mfb
the best answer i see is to simply have agents run from your node. if you want to run an agent on someone else's node, you can do so by hacking the node to accept the agent.
Shrike30
QUOTE (mfb)
the best answer i see is to simply have agents run from your node. if you want to run an agent on someone else's node, you can do so by hacking the node to accept the agent.

My understanding was that Agents were capable of operating independently, even if their user's Icon is in a different host or logged off entirely. That makes it kind of hard to say they're running off your commlink, if they can keep doing stuff in the Matrix even after you run your commlink over with a truck.
GrinderTheTroll
I'm not sure why DDOS is such a bad thing, it's a legit form of bogging down a system so you can sneak in and do your dirty work. PLus, you'd have to get all those Agents uploaded into or self-hacked into the system. Even if the system becomes frozen, you can't do anything with it since anything you want to access would be frozen as well. You probably prompt a system shutdown/reboot which would buy you some time.
mdynna
The problem with the DoS attack is that it's too easy, especially if you are allowed to copy Agents.

One interesting way to turn the tables would be to say that a Hacker's Response (and therefore System) ratings are limited to what the Node is running. That isn't a very "nice" solution however.

The fact is, I don't think the designers ever thought of DoS attacks with "Agent armies." There needs to be a counter-balance reason why someone wouldn't want a legion of Agents along with them all the time.
Serbitar
My solution: Allow infinite ammount of agents/IC on matrix hosts, but not on devices (Comlinks . . .)
mdynna
But the Agent is only on a PCs Commlink for a brief period of time, just long enough to upload to the "host." That doesn't really solve the issue of massive amounts of Agents.
Serbitar
Whats the problem with massive ammounts of angents in hosts? If you can not DoS the host, the host simply does not care. The hacker does not gain anything from it.
The more agentsyou load up, the bigger the danger to be detected gets. And once you are detected, the run is mostly over, as the host can just shut down if it wants to.

80% of the crucial hacking runs are about stealth. If you are detected, the run is over.
hobgoblin
hmm, if one have unlimited agents. whats stopping the company from loading the chokepoint with 10000 rating 6 IC packing rating 6 attack and analyze?

still, there is the issue of active subscriptions. a comlink can only have system X 2 active at one time. ok so its 12 agents. but in theory a node can allso field atleast 12 IC if it feels the need.

there are some talk about connecting chains of comlinks together to manage multiples of 12 agents at the same time.

hmm, you cant field the full 12 agents as you allso have to use atleast one active subscription to connect to the node your attacking. so 11 maybe?
GrinderTheTroll
QUOTE (hobgoblin)
hmm, if one have unlimited agents. whats stopping the company from loading the chokepoint with 10000 rating 6 IC packing rating 6 attack and analyze?

still, there is the issue of active subscriptions. a comlink can only have system X 2 active at one time. ok so its 12 agents. but in theory a node can allso field atleast 12 IC if it feels the need.

there are some talk about connecting chains of comlinks together to manage multiples of 12 agents at the same time.

hmm, you cant field the full 12 agents as you allso have to use atleast one active subscription to connect to the node your attacking. so 11 maybe?

My point from earlier is there is a distinction between IC and Agents.

Agents cause no node-load but do cause Persona-load. IC causes node load. Agents controlled by a system (non-Persona) are IC.
Cheops
I interpret all of this differently. When you run an Agent it counts against YOUR commlink's response. When it then goes and logs onto another node it subscribes to that node but the other node doesn't subscribe to it. Therefore Agents have no negative impact on other nodes at all. In fact there could theoretically be a million users on the node at once because something subscribing to you doesn't count against your limit--only when you subscribe to something else.

You could do a DoS attack on a node but you'd have to have permission to install software on that system (either Admin or security depending on the security of the system). You'd have to legitimately log on and start loading copies of the agent. Any spider worth the money would notice that someone is loading handfuls of agents on the system and would start investigating. When he sees the new passcode he simply deletes it and now you can't load agents anymore. It's not a very efficient way of DoSing.

Technomancer with a Courier sprite with Hash. Now that's how you DoS.
GrinderTheTroll
QUOTE (Cheops @ May 18 2006, 05:03 PM)
I interpret all of this differently.  When you run an Agent it counts against YOUR commlink's response.  When it then goes and logs onto another node it subscribes to that node but the other node doesn't subscribe to it.  Therefore Agents have no negative impact on other nodes at all.  In fact there could theoretically be a million users on the node at once because something subscribing to you doesn't count against your limit--only when you subscribe to something else.

SR4, specifically mentions when an Agent is loaded independent of your commlink, it uses the Reponse rating of the Node its on. You can logout of the Matrix completely and Agent will continue to run.

However, you can choose to ignore this and do what you want.
kigmatzomat
There is another option: virtualization. This technology has been used for decades on mainframes and can be done on today's desktops with VMWare.

A "server" node is capable of allocating a portion of its resources to create a virtual device. This virtual node has a typical Response rating and suffers slow downs and the like however any slow downs have no affect on any other virtual nodes.

IC and the like run in their own virtual node, meaning they have a full Response rating available to them, but have full interaction with your virtual node. They can, if they chose, shift into your virtual node to cause it to degrade, essentially the server DDOSing a small portion of itself to take you out.

Crash system actions still work because they interfere with the virtualization process.
GrinderTheTroll
QUOTE (kigmatzomat)
There is another option: virtualization. This technology has been used for decades on mainframes and can be done on today's desktops with VMWare.

I'm not really searching for options, I am just looking to clarify a slightly generalized topic.

On the realistic side, I'm sure 2070 uses virtualization in there own way, the real trick is not naming exact technologies in SR4 to avoid real-life SOTA. wink.gif
kigmatzomat
Virtualization is a concept more than a technology. Heck, you could "virtualize" an abacus by assigning the strings to tasks.
Kanada Ten
In SR3 this was called a "Virtual Machine"; I imagine SR4 would simply use mulitple clone nodes because they are so damn cheap.
Serbitar
QUOTE (hobgoblin)
hmm, if one have unlimited agents. whats stopping the company from loading the chokepoint with 10000 rating 6 IC packing rating 6 attack and analyze?

fluff text

something about traffic and security and whatever
Backgammon
Hmm, picking up on a post here.. idea brewing:

Ok, the Node can run Analyse, right? So, and I'm not looking at the rules right now as I write tis, what if everytime you loaded an Agent, the Node could detect it. Or simply detect that a user is loading too many agents on the Node. I mean, if the Agent doesn't have Stealth anyway, the Node will automatically detect, right?

If that happens, the Node would automatically either launch IC to crash those Agents, simply as a precautionary method, or go full blown into Alert and look for a hacker and kill all those Agents.


Anyway, my point is, it shouldn't be too hard for a Node to detect a DoS attack is under way, and do somethin about it.
kigmatzomat
Actually, if the Agent is running on the node the node should be aware of it. It may not recognize it as an Agent per se but it will recognize that an application has been loaded that is taking resources.

I suppose one solution to prevent DDOS would be for the node to instigate a block on loading new applications. I mean, the node has to download the excecutable code and allocate resources at some point.
epoch
Why would Agents and IC cost so damn much if they were intended to be copy-able?
GrinderTheTroll
QUOTE (Backgammon)
Hmm, picking up on a post here.. idea brewing:

Ok, the Node can run Analyse, right? So, and I'm not looking at the rules right now as I write tis, what if everytime you loaded an Agent, the Node could detect it. Or simply detect that a user is loading too many agents on the Node. I mean, if the Agent doesn't have Stealth anyway, the Node will automatically detect, right?

If that happens, the Node would automatically either launch IC to crash those Agents, simply as a precautionary method, or go full blown into Alert and look for a hacker and kill all those Agents.


Anyway, my point is, it shouldn't be too hard for a Node to detect a DoS attack is under way, and do somethin about it.

So a DoS attack in SR4 is simply overloading the node so it's reponse drops considerably. So what if all the legit users go into the node and all pop out their Browse agents? That's what the issue is. It makes no sense that it would only take a handful of users to reduce the resouces of a node.

My solution is that agents (per the text) don't reduce the node, but IC (per the text) does. This would means a 2006 DoS style attack cant happen unless you overloaded a node with IC somehow.
Serbitar
@Epoch:

Why does Adobe Suite 2.0 cost so much? Is it copyable?

@Grinder: Every Corp would only run agents in your world, not IC . . . But agents and IC are, per RAW, exactly the same thing, anyways . . .
GrinderTheTroll
QUOTE (Serbitar)
@Grinder: Every Corp would only run agents in your world, not IC . . . But agents and IC are, per RAW, exactly the same thing, anyways . . .

From the what I stated it earlier, Personas run agents and Systems run IC. IC is a subset of an agent. Ask youself why they needed to make a distinction between the two if they are identical? The differences are slight, but they do exist.
mdynna
QUOTE (Backgammon)
Hmm, picking up on a post here.. idea brewing:

Ok, the Node can run Analyse, right? So, and I'm not looking at the rules right now as I write tis, what if everytime you loaded an Agent, the Node could detect it. Or simply detect that a user is loading too many agents on the Node. I mean, if the Agent doesn't have Stealth anyway, the Node will automatically detect, right?

You are on the right track I think. So a Hacker can load up to System x 2 Agents onto a target Node. However, since each of those is considered an independent "user" (and they would have to be to run on their own) then the Node gets a chance to detect each of them just like the Hacker. Now, the Threshold to detect an intruder is the Stealth program, so if the Agent isn't running Stealth then they are automatically detected. The rules clearly state that your Agent is tied to your Persona, whether you are online or not. So, if a Trace is run on the Agent they find your Commlink.

I think I'm starting to see the counter-point here. Sure your Hacker can bring a ton of Agents, but for every Agent he puts on the system he is giving the Host another chance to detect him, essentially. Shoot, if a PC Hacker wants to spend 24 Complex Actions to load 12 Agents on to the Host, then let him. If the Node/IC is rolling well they could have the Trace completed before they're even done. Wow. Now I see the danger. Bringing 12 Agents in with you on a 'run is like the Sammie kicking down the door of the corp building and opening up with an EX-EX equipped LMG. Not exactly quiet.
GrinderTheTroll
QUOTE (mdynna @ May 19 2006, 10:49 AM)
I think I'm starting to see the counter-point here.  Sure your Hacker can bring a ton of Agents, but for every Agent he puts on the system he is giving the Host another chance to detect him, essentially.  Shoot, if a PC Hacker wants to spend 24 Complex Actions to load 12 Agents on to the Host, then let him.  If the Node/IC is rolling well they could have the Trace completed before they're even done.  Wow.  Now I see the danger.  Bringing 12 Agents in with you on a 'run is like the Sammie kicking down the door of the corp building and opening up with an EX-EX equipped LMG.  Not exactly quiet.

Unless you're feeling lucky and build Agents that can hack in themselves. Plus, unless you have Admin access, there's probably no reason *any* user should be dumping more than 2-3 agents at a time in a node, that'd trigger paranoid security to start looking at you more closely.

If you probed your taget system instead of brute hacking, I think you could squeeze in more explot/stealth agents with the probed exploit but the system still gets a roll to detect them.
Serbitar
QUOTE (GrinderTheTroll)
QUOTE (Serbitar @ May 19 2006, 10:22 AM)
@Grinder: Every Corp would only run agents in your world, not IC . . . But agents and IC are, per RAW, exactly the same thing, anyways . . .

From the what I stated it earlier, Personas run agents and Systems run IC. IC is a subset of an agent. Ask youself why they needed to make a distinction between the two if they are identical? The differences are slight, but they do exist.

They do not make a distinction.

QUOTE (SR4 p.228)

For all game popurses,  IC programmes are the equivalent to agents and function the same.


(emphasis by me)

Please be aware of th fact that by RAW, there is no disticntion between matrix nodes and normal nodes or any devices, and there is no difference between agents and IC.

It is perfectly valid to claim that there must be a distinction to make the rules consistent (I myself amkind of Mr. Houoserule), but do not try to justify this by SR4 rules. It simply is not there and only confuses people.
Serbitar
QUOTE (mdynna @ May 19 2006, 12:49 PM)
The rules clearly state that your Agent is tied to your Persona, whether you are online or not.  So, if a Trace is run on the Agent they find your Commlink.

Only when your comlink is running the agent. Not anymore after it is uploaded. And definately not if you are really offline.

QUOTE

Bringing 12 Agents in with you on a 'run is like the Sammie kicking down the door of the corp building and opening up with an EX-EX equipped LMG.  Not exactly quiet.


This is out of question. Bringing even one agent in is a danger to stealth. Everybody should be aware of this. I think we are talking about the danger of an extremely efficent method to force the node to shut down.
That is the only thing what lots of agents do. Nobody in his right mind would question the fact that once you load tons of agents you wont be stealthy any more.
hobgoblin
if the options are having valuable data "stolen" (more correctly copyed, but anyone know that the value of data comes from its rarity) and taking the node offline, i would take the "node offline" option each time...
mdynna
QUOTE (Serbitar @ May 19 2006, 01:43 PM)
QUOTE (mdynna @ May 19 2006, 12:49 PM)
The rules clearly state that your Agent is tied to your Persona, whether you are online or not.  So, if a Trace is run on the Agent they find your Commlink.

Only when your comlink is running the agent. Not anymore after it is uploaded. And definately not if you are really offline.

Well even if it is not quite RAW I am going to rule that all of your Agents contain your "signature" and thus can be used to Trace your Commlink. If you're offline, the Trace will fail, but they should have enough information (Commcode) to determine when you are back online to start the Trace.
GrinderTheTroll
QUOTE (Serbitar)
QUOTE (GrinderTheTroll)
QUOTE (Serbitar @ May 19 2006, 10:22 AM)
@Grinder: Every Corp would only run agents in your world, not IC . . . But agents and IC are, per RAW, exactly the same thing, anyways . . .

From the what I stated it earlier, Personas run agents and Systems run IC. IC is a subset of an agent. Ask youself why they needed to make a distinction between the two if they are identical? The differences are slight, but they do exist.

They do not make a distinction.

QUOTE (SR4 p.228)

For all game popurses,  IC programmes are the equivalent to agents and function the same.


(emphasis by me)

Please be aware of th fact that by RAW, there is no disticntion between matrix nodes and normal nodes or any devices, and there is no difference between agents and IC.

It is perfectly valid to claim that there must be a distinction to make the rules consistent (I myself amkind of Mr. Houoserule), but do not try to justify this by SR4 rules. It simply is not there and only confuses people.

Here's my statement from before:

QUOTE
Here's what's said about Intrusion Countermeasures:

On SR4.228, "...it [IC] specifically refers to a specialized type of agent program that is used to defend a system. For all game purposes, IC programs are the equivilant to agents and function the same.

So IC is the same as an agent, but that doesn't mean an agent is the same as IC and the last line of the "Intrusion Countermeasures" section would only apply to IC: "Note that nodes are careful not to run so many IC programs at once that if affects their performance"


I still don't understand why you would need to define something twice. If Agents = IC and IC = Agents, then you'd only need to define it once. So there must be some difference. If it's been printed twice I'd argue there is some reason for it, else why ever specify one from the other?
Backgammon
QUOTE (mdynna)
QUOTE (Backgammon)
Hmm, picking up on a post here.. idea brewing:

Ok, the Node can run Analyse, right? So, and I'm not looking at the rules right now as I write tis, what if everytime you loaded an Agent, the Node could detect it. Or simply detect that a user is loading too many agents on the Node. I mean, if the Agent doesn't have Stealth anyway, the Node will automatically detect, right?

You are on the right track I think. So a Hacker can load up to System x 2 Agents onto a target Node. However, since each of those is considered an independent "user" (and they would have to be to run on their own) then the Node gets a chance to detect each of them just like the Hacker. Now, the Threshold to detect an intruder is the Stealth program, so if the Agent isn't running Stealth then they are automatically detected. The rules clearly state that your Agent is tied to your Persona, whether you are online or not. So, if a Trace is run on the Agent they find your Commlink.

I think I'm starting to see the counter-point here. Sure your Hacker can bring a ton of Agents, but for every Agent he puts on the system he is giving the Host another chance to detect him, essentially. Shoot, if a PC Hacker wants to spend 24 Complex Actions to load 12 Agents on to the Host, then let him. If the Node/IC is rolling well they could have the Trace completed before they're even done. Wow. Now I see the danger. Bringing 12 Agents in with you on a 'run is like the Sammie kicking down the door of the corp building and opening up with an EX-EX equipped LMG. Not exactly quiet.

Yes, I like this too.
Shrike30
IC programs are agents specifically designed to respond to intruders. This means that they work like agents, move like agents, are combated like agents... they are, in fact, agents (in the same way that a Porche is a specific kind of car).

However, when you talk about Agents, you aren't necessarily talking about IC (that Agent could be running Edit, and constantly filtering data you feed it... not an Intrusion Countermeasure).

This makes it pretty obvious to me that IC are simply a subtype of Agent.
Serbitar
QUOTE (GrinderTheTroll)

I still don't understand why you would need to define something twice. If Agents = IC and IC = Agents, then you'd only need to define it once. So there must be some difference. If it's been printed twice I'd argue there is some reason for it, else why ever specify one from the other?

Because humans wrote the rules, and several of them?
Serbitar
QUOTE (mdynna @ May 19 2006, 03:30 PM)
QUOTE (Serbitar @ May 19 2006, 01:43 PM)
QUOTE (mdynna @ May 19 2006, 12:49 PM)
The rules clearly state that your Agent is tied to your Persona, whether you are online or not.  So, if a Trace is run on the Agent they find your Commlink.

Only when your comlink is running the agent. Not anymore after it is uploaded. And definately not if you are really offline.

Well even if it is not quite RAW I am going to rule that all of your Agents contain your "signature" and thus can be used to Trace your Commlink. If you're offline, the Trace will fail, but they should have enough information (Commcode) to determine when you are back online to start the Trace.

Why? Your commcode is only used for commcalls. You can have a totally different ID while loggin in into the matrix. Your matrix ID is like an IP number. A commcode could be associated to a certain IP number or to no number at all (like you might have to log on to the commserver to recieve commcalls and you are recognised by login and password).

To give a modern day example: There is only one way to find out which IP number started a certain task on a server. You can find out which user started the task and which IP was associated to the user at that time. If you delete that log entry, there is nothing left.

You would have to invent a very queer IP/ID system to justify your ruling.
GrinderTheTroll
QUOTE (Serbitar)
QUOTE (GrinderTheTroll @ May 19 2006, 03:38 PM)

I still don't understand why you would need to define something twice.  If Agents = IC and IC = Agents, then you'd only need to define it once.  So there must be some difference.  If it's been printed twice I'd argue there is some reason for it, else why ever specify one from the other?

Because humans wrote the rules, and several of them?

Tounge and cheek aside my point is valid.

It's been suggested I reading too much into the rules and maybe that's true, I just get the impression that exact wording is key considering some of the questions we are all raising.
Aaron
QUOTE (GrinderTheTroll)
I still don't understand why you would need to define something twice. If Agents = IC and IC = Agents, then you'd only need to define it once. So there must be some difference. If it's been printed twice I'd argue there is some reason for it, else why ever specify one from the other?

I'm sitting in a computer lab right now. We have, among other machines, a workstation and a server that are identical other than the purpose to which they are put.

The person wrapped in duct tape watching you complete your shadowrun is just as much a person as the one with the assault rifle responding to the security alert and shooting at you. And yet one is a wage slave and the other a security guard.

That's the difference.
hobgoblin
basicly, the IC uses the normal agent rules but behave diffrently in that its a kind of agent that is launched by the node automaticaly as a reaction to detecting a intrusion. some may even be roaming as guards.

ie, they are system launched rather then user launched, and keep their IC tag mostly as a way of telling them apart wink.gif

hmm, i wonder how unwired will deal with tricks like cluster/party IC and constructs. or for that matter cascading. that is if they even get ported over (i hope they do).
The Jopp
As Hobgoblin said. The IC is the agent that the system itself can launch if it realizes that it has been infiltrated. The system can choose the appropriate programs to load the IC with and can continue to upload IC until someone shuts down the system.

Agents can be the first line of defense and as soon as an Agent bites the dust the OS can decide to launch IC in order to keep up the defenses.

This makes it clear that the OS itself has some limited decision making abilities and/or that the owner can specify what conditions should apply for the OS to activate IC.

So the main difference could be:

Agents: Can only be loaded by user but can roam the matrix
IC: Can be activated by OS but remains inside the node
GrinderTheTroll
QUOTE (Aaron)
QUOTE (GrinderTheTroll @ May 19 2006, 03:38 PM)
I still don't understand why you would need to define something twice.  If Agents = IC and IC = Agents, then you'd only need to define it once.  So there must be some difference.  If it's been printed twice I'd argue there is some reason for it, else why ever specify one from the other?

I'm sitting in a computer lab right now. We have, among other machines, a workstation and a server that are identical other than the purpose to which they are put.

The person wrapped in duct tape watching you complete your shadowrun is just as much a person as the one with the assault rifle responding to the security alert and shooting at you. And yet one is a wage slave and the other a security guard.

That's the difference.

I understand your analogy, but I based on how I am reading the Agent/IC section I don't see how they are identical.

If they where truely identical and if they shared all things, then at the end of desribing Agents/IC add "Agents/IC count towards the their controlling nodes program count (see Pg.212)" but it doesn't. It spells that part out specifically under Intrustion Countermeasures.

They've said IC inherits Agent properties, but didn't say Agent inherits IC properties. They are similar, but not the same.

It's all up for interpretation and based on the language presented in SR4.227-228, this is how I see it.
Aaron
QUOTE (GrinderTheTroll)
They've said IC inherits Agent properties, but didn't say Agent inherits IC properties. They are similar, but not the same.

If that's the case, though, their design is rather inefficient. But I'll bite: what, if not purpose, makes them different? They don't even have different costs.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012