I have read a lot of threads on commlinks and how can and can't be done with them. There seem to be a lot of different opinions on what is possible but I haven't seen this one yet:
What stops a decent hacker from raiding every commlink he sees and stealing all the money?
It's relatively easy for a hacker with decent gear to get admin access to Joe Citizen's commlink. That commlink is his credstick. It seems very easy to steal dozens of peoples' life savings in the time it takes to finish a soykaf. Why bother doing runs when most people are walking around with an open wallet?
Full Version: Hacking for fun and profit
Orbital Bovine Bombardment?
[edit] i personally presume it's basically under the same kind of encryption as a SIN... ie, the "Don't touch me" kind of encryption that begins and ends with an arbitrary "no" from the GM. but that's just my assumption =P [/edit]
[edit] i personally presume it's basically under the same kind of encryption as a SIN... ie, the "Don't touch me" kind of encryption that begins and ends with an arbitrary "no" from the GM. but that's just my assumption =P [/edit]
well from what I understand joe standard is Very poor maybe 500 new yen in a secured cred stick stuck in the com unit when he wants to buy something. now from what I understand (cred sticks are super encrypted as is the bank its tied with)
otherwise I would leave a mini drone hidden in a few known mob hang outs and collect all the com unit access codes to them and bleed them dry slowly or if I was in a hurry for some cash when a battlebowl or such came around snag that and bounce it around the world a few times to be safe but within seconds you would have a couple billion to play with
otherwise I would leave a mini drone hidden in a few known mob hang outs and collect all the com unit access codes to them and bleed them dry slowly or if I was in a hurry for some cash when a battlebowl or such came around snag that and bounce it around the world a few times to be safe but within seconds you would have a couple billion to play with
hmm, didnt this come up in a old matrix2.0 thread? (just before or after SR4 was released)
think of it as a single murder vs a series of murders with matching MO.
the first will have the cops more or less searching blind if the victim was picked at random of the street. ie, there is nothing to tie the murderer to the victim.
but with a serial murder case there will be similaritys. similar shoeprints arond there area. maybe similar biological material (basicly zeroing it down to a single person more or less). and the list adds up.
now do the same comparison with your question. a single virtual wallet emptyed and it could have been done by any number of the comlink id's in the logs. and if the hacker is smart/carefull he will be erasing logs as he goes.
but if there is hundreds of them happening within a small area then they can compare data and zero in on a single comlink id and so on.
its the same thing with a credit card fraud. the stupid ones charge a single, expensive item to the victims card (often said item is allso hard to transport, making them even more stupid). the smart ones however charge up many small ones that will not make you stop and wonder when you see the bill. maybe some low amount cash withdrawls, maybe some food or other every-day items. just make sure not not overextend a card and people will not notice.
less money then avarage on their account at the end of the month, could be any number of reasons. zero money the day after the paycheck and they will notice, even with a shared account and a teenager in the household
think of it as a single murder vs a series of murders with matching MO.
the first will have the cops more or less searching blind if the victim was picked at random of the street. ie, there is nothing to tie the murderer to the victim.
but with a serial murder case there will be similaritys. similar shoeprints arond there area. maybe similar biological material (basicly zeroing it down to a single person more or less). and the list adds up.
now do the same comparison with your question. a single virtual wallet emptyed and it could have been done by any number of the comlink id's in the logs. and if the hacker is smart/carefull he will be erasing logs as he goes.
but if there is hundreds of them happening within a small area then they can compare data and zero in on a single comlink id and so on.
its the same thing with a credit card fraud. the stupid ones charge a single, expensive item to the victims card (often said item is allso hard to transport, making them even more stupid). the smart ones however charge up many small ones that will not make you stop and wonder when you see the bill. maybe some low amount cash withdrawls, maybe some food or other every-day items. just make sure not not overextend a card and people will not notice.
less money then avarage on their account at the end of the month, could be any number of reasons. zero money the day after the paycheck and they will notice, even with a shared account and a teenager in the household
Simple, most people will keep their money in the bank and wire it over when needed and game balance returrns. .
But then, there has to be a secure method of transmitting they payment orders to the financial institutions. So, the hacker is not 'empying your account' in a kind of emptying the cash box type smash and grab, but instead, hacking into your commlink, waiting for you to purchase a hotdog (or whatever) and sniffing your bank passwords. Then using your passwords to buy whatever it is he wants. Admittedly, the electronic paper trail left by these transactions will give you plenty of routes of investigation, but the fact that basically any Tom, Dick, or Harry can do this means that it will happen so often that the investigators will not have the manpower (or processor cycles) to look into every case.
Too many game systems don't allow secure encryption but fail to think of all the repercussions of this.
Too many game systems don't allow secure encryption but fail to think of all the repercussions of this.
| QUOTE (Panagarden @ May 31 2006, 08:03 PM) |
| I have read a lot of threads on commlinks and how can and can't be done with them. There seem to be a lot of different opinions on what is possible but I haven't seen this one yet: What stops a decent hacker from raiding every commlink he sees and stealing all the money? It's relatively easy for a hacker with decent gear to get admin access to Joe Citizen's commlink. That commlink is his credstick. It seems very easy to steal dozens of peoples' life savings in the time it takes to finish a soykaf. Why bother doing runs when most people are walking around with an open wallet? |
You can steal only, what you are able to get without any Authentification at all. For everything that is above 20 Nuyen, the user of the comlink will have to enter a PIN Code, use a fignerprint or voice/retina scan.
If you want to curcemvent this, you would have to hack into the bank nodes.
A quick question: where does this "20 Nuyen limit" thing come from?
| QUOTE (Serbitar) |
| You can steal only, what you are able to get without any Authentification at all. For everything that is above 20 Nuyen, the user of the comlink will have to enter a PIN Code, use a fignerprint or voice/retina scan. |
And then that PIN code is transmitted to the bank for verification. You hack the subjects comlink and then sniff thier PIN code, or you hack the store's commlink and sniff the customers PIN code.
| QUOTE (FanGirl) |
| A quick question: where does this "20 Nuyen limit" thing come from? |
My imagination.
| QUOTE (Crusher Bob) | ||
And then that PIN code is transmitted to the bank for verification. You hack the subjects comlink and then sniff thier PIN code, or you hack the store's commlink and sniff the customers PIN code. |
Should be doable.
The question is: How do you transfer the money to your bank account without it leaving a data trail. Once the victim finds out his money is gone he will complain at the bnak and they will backtrace everything.
Deleting the trail should involve some major hacking.
On how you transfer the money to your bank account. You don’t, you transfer it to a account in the name of a good throwaway fake sin. Then you walk into gold mark and buy some heavy bling, bling, 24 carrot gold necklaces only an hour after you stole all the money. Then you trash the sin and sell the gold to a fence that is assuming you stole it (and thus treats in accordingly) you probably loose 50% of your money to the fence, nano-paste disguise and ID but its worth it for security.
Indecently while you where doing the theft your comlink was set up as for the person with that account and was sitting with your meet in suburb of Denver (also where your gold shop is) while you where stealing from people in London befor you sell the gold to a fence on the other side of Denver and take your hard currency back to Seattle to spend.
Indecently while you where doing the theft your comlink was set up as for the person with that account and was sitting with your meet in suburb of Denver (also where your gold shop is) while you where stealing from people in London befor you sell the gold to a fence on the other side of Denver and take your hard currency back to Seattle to spend.
Simple enough:
| QUOTE (SR4 p. 215-216) |
Linked Passcodes requires an extra bit of input from the user—an extra level of identification specific to a person or a device. Th is can be a scan from a security scanner (retinal, fingerprint, palmprint, and so on) linked to the commlink/terminal or the correct signature from the device’s OS or a unique RFID tag. If the scan or signature doesn’t match the records, access will be denied. Passkeys are one of the most secure ways of controlling access to a node. Passkeys are unique encrypted modules that plug into a commlink or terminal. Many corporations require this accessory for telecommuting workers. When a logon is attempted, the node queries the module; if it doesn’t receive the proper code, the user is denied access. |
My understanding of how a commlink functions with financial transactions is as follows:
Your commlink doesn't carry your money. It's not a credstick. Your money is in your bank account, behind bank security. You can't just "take" that money. But you can defraud. Let me give you a real world example:
You wanna buy something on the International Cyber Webnet. Your money is in your bank account. You have your PC, you have your debit card. You order the item, and enter the information on your debit card into your PC (on the vendor website) and submit it to the vendor. The vendor's merchant account provider takes the funds out of your bank account and places it into the vendor's (usually with a cut for themselves - legit business isn't so different from the shadows). Then, you (presumably) get your stuff.
At no time during that transaction was your money "present" in your debit card or PC. The only real financial transactions were between the vendor, their merchant services, and your bank. You can, however, steal the debit card information and defraud the account with fraudulent purchases as per previous posts.
Replace "PC" with commlink, "Internet" with "Matrix", and "debit" with "whatever database software holds your banking information on your commlink", and you have how to works in 2070.
If you absolutely must make a large purchase with fraudulent funds, I recommend doing so with a competent black market contact with an offshore account in a country with liberal banking and taxation laws, such as the Caribbean League.
Your commlink doesn't carry your money. It's not a credstick. Your money is in your bank account, behind bank security. You can't just "take" that money. But you can defraud. Let me give you a real world example:
You wanna buy something on the International Cyber Webnet. Your money is in your bank account. You have your PC, you have your debit card. You order the item, and enter the information on your debit card into your PC (on the vendor website) and submit it to the vendor. The vendor's merchant account provider takes the funds out of your bank account and places it into the vendor's (usually with a cut for themselves - legit business isn't so different from the shadows). Then, you (presumably) get your stuff.
At no time during that transaction was your money "present" in your debit card or PC. The only real financial transactions were between the vendor, their merchant services, and your bank. You can, however, steal the debit card information and defraud the account with fraudulent purchases as per previous posts.
Replace "PC" with commlink, "Internet" with "Matrix", and "debit" with "whatever database software holds your banking information on your commlink", and you have how to works in 2070.
If you absolutely must make a large purchase with fraudulent funds, I recommend doing so with a competent black market contact with an offshore account in a country with liberal banking and taxation laws, such as the Caribbean League.
That is pretty much how I saw things now you can sniff somebody’s comlink until they make a purchase and get all that information, including the transmitted data coming from there biometric scanner.
And considering the power of the matrix to track money I would not trust the security of a bank in a country like the Caribbean league or a black marked contact, these people are for sail and could possibly be hacked.
All transfer between my short term bank account that is obviously taking stolen money (and will be shut down in a day) and my usual accounts should be conducted in the form of high value, untraceable and portable commodities. Gold, platinum, precious stones.
Edward
And considering the power of the matrix to track money I would not trust the security of a bank in a country like the Caribbean league or a black marked contact, these people are for sail and could possibly be hacked.
All transfer between my short term bank account that is obviously taking stolen money (and will be shut down in a day) and my usual accounts should be conducted in the form of high value, untraceable and portable commodities. Gold, platinum, precious stones.
Edward
i would expect that the only datatraffic from the targets comlink when paying for goods is a account number. this is transmitted to a special terminal that have a set of biometric scanners and a encrypted link to the bank.
when paying you transmitt your account data, and scan your biometrics at the terminal. the terminal collects both and transmitt it to the bank. the bank check it against the data it have in the database. if ok, then it starts the money transfer to the shops bank. when transfer is completed and verified, the customer is mailed a receipt for whatever goods he bought...
when paying you transmitt your account data, and scan your biometrics at the terminal. the terminal collects both and transmitt it to the bank. the bank check it against the data it have in the database. if ok, then it starts the money transfer to the shops bank. when transfer is completed and verified, the customer is mailed a receipt for whatever goods he bought...
| QUOTE (hobgoblin) |
| i would expect that the only datatraffic from the targets comlink when paying for goods is a account number. this is transmitted to a special terminal that have a set of biometric scanners and a encrypted link to the bank. when paying you transmitt your account data, and scan your biometrics at the terminal. the terminal collects both and transmitt it to the bank. the bank check it against the data it have in the database. if ok, then it starts the money transfer to the shops bank. when transfer is completed and verified, the customer is mailed a receipt for whatever goods he bought... |
You're right. But we're talking commlink purchases, here. Which, by their nature, must transmit biometric information, if necessary.
| QUOTE (Panagarden) |
| I have read a lot of threads on commlinks and how can and can't be done with them. There seem to be a lot of different opinions on what is possible but I haven't seen this one yet: What stops a decent hacker from raiding every commlink he sees and stealing all the money? It's relatively easy for a hacker with decent gear to get admin access to Joe Citizen's commlink. That commlink is his credstick. It seems very easy to steal dozens of peoples' life savings in the time it takes to finish a soykaf. Why bother doing runs when most people are walking around with an open wallet? |
This reminds me of AD&D, "Why don't we just kill the shop keeper and take all his gear?"
My short answer is, it's not why my group plays Shadowrun. We want to have adventures and earn our keep (honestly?).
Game wise, nothing is stopping you really. You'd need to know how the Commlink interacts with other systems to tender payments. Just like a current-day credit or ATM debit card transaction, but more sophisticated in 2070.
A general overview: You provide some payment source (Account # and Fund source), the vendor requires some authentication (probably a passkey module, thumbprint, etc.) and the funds are transferred from once account to the other. Like current methods of "cashless payment" PIN#'s or Billing Zip codes are used for authentication for remote payments.
I doubt spoofing alone woiuld work unless you could produce authentication and I doubt AccessID alone cuts it in 2070 since that would be *really* hackable. Best you could do without authentication is get the bank to freeze someones account with a shit-load of rejected authentication hits.
Breaking the encrpytion to get his Account or Personal information would be one part, that's Identity Theft, but actually using it is another matter entirely.
When someone transfers important data such as a password over an encrypted link, what is transmitted is a one time hash, which with timestamps and other random data included to stop replay and man in the middle attacks, even if the line encryption is broken what you get is a hash and that hash can only be used once, so having it means nothing.
This stops normal sniffer attacks, but if you break into the sending comlink and then record the password given at the source, but this is ideally stoped buy using a challage response password system, with multiple questions / responses. So that the password if recorded can only be used if the exact same challage is given. Given that banks with most likely "run" anti recorder agents on your comlink while you are doing all this.
So I really don't think that it is all that possible.
but anyway I will stop ranting now.
This stops normal sniffer attacks, but if you break into the sending comlink and then record the password given at the source, but this is ideally stoped buy using a challage response password system, with multiple questions / responses. So that the password if recorded can only be used if the exact same challage is given. Given that banks with most likely "run" anti recorder agents on your comlink while you are doing all this.
So I really don't think that it is all that possible.
but anyway I will stop ranting now.
| QUOTE (vipox) |
| When someone transfers important data such as a password over an encrypted link, what is transmitted is a one time hash, which with timestamps and other random data included to stop replay and man in the middle attacks, even if the line encryption is broken what you get is a hash and that hash can only be used once, so having it means nothing. This stops normal sniffer attacks, but if you break into the sending comlink and then record the password given at the source, but this is ideally stoped buy using a challage response password system, with multiple questions / responses. So that the password if recorded can only be used if the exact same challage is given. Given that banks with most likely "run" anti recorder agents on your comlink while you are doing all this. So I really don't think that it is all that possible. but anyway I will stop ranting now. |
This is what the Passkey module effectively does, it's required to authenticate and plugs into a commlink (per SR4). You can't be authenticated without it, however, if you can make a copy, you're in biz at least till it's reported stolen or fradulent activity is reported.
At that point though, why not just knock the guy out in his apartment, and steal his commlink, and use it to buy stuff completely legitimately before he wakes up. Since you'd need to have had access to the passkey at least once to copy it.
| QUOTE (Tarantula) |
| At that point though, why not just knock the guy out in his apartment, and steal his commlink, and use it to buy stuff completely legitimately before he wakes up. Since you'd need to have had access to the passkey at least once to copy it. |
Robbery 101!!
More like Robbery 1
nothing like breaking in, having your troll buddy sit on the victim, and order pizza and similar on his comlink 
“i would expect that the only datatraffic from the targets comlink when paying for goods is a account number. this is transmitted to a special terminal that have a set of biometric scanners and a encrypted link to the bank.”
Remember, you can have your own biometric scanner. All you have to do is reprogram your biometric scanner to deliver from a file instead of scanning and hack the stores biometric scanner (or sniff it’s output and break the encryption, a 30 second job given the encryption rules)
GrinderTheTroll points out that it’s a boring game if you do this all the time. There are 2 problems. First what are you going to do about that annoying question “why do you run the shadows” when you can so much more easily and safely live on theft, and even if you’re a thrill seeker why don’t you do this for a week and then have all the gear you could possibly want, or at least hold it in reserve for if you get into money trouble.
This is in the same basket as stealing cars for chop shops, it doesn’t make for a fun game but you need to recognize its something the characters can do. And have no conservable reason not to do if you back them up against the wall money wise.
Edward
Remember, you can have your own biometric scanner. All you have to do is reprogram your biometric scanner to deliver from a file instead of scanning and hack the stores biometric scanner (or sniff it’s output and break the encryption, a 30 second job given the encryption rules)
GrinderTheTroll points out that it’s a boring game if you do this all the time. There are 2 problems. First what are you going to do about that annoying question “why do you run the shadows” when you can so much more easily and safely live on theft, and even if you’re a thrill seeker why don’t you do this for a week and then have all the gear you could possibly want, or at least hold it in reserve for if you get into money trouble.
This is in the same basket as stealing cars for chop shops, it doesn’t make for a fun game but you need to recognize its something the characters can do. And have no conservable reason not to do if you back them up against the wall money wise.
Edward
The normal fixes for these problems are:
1 Pay the runners more per run.
2 Fix the system to allow for secure encryption.
You can instead emphasize human error, dumpster diving, and rubber hose cryptography so that the runners can still break into encrypted systems.
Thankfully, the prices for SR4 gear (expect for the perpetually borked cyberlimbs) seem much more reasonable than the prices in previous editions.
1 Pay the runners more per run.
2 Fix the system to allow for secure encryption.
You can instead emphasize human error, dumpster diving, and rubber hose cryptography so that the runners can still break into encrypted systems.
Thankfully, the prices for SR4 gear (expect for the perpetually borked cyberlimbs) seem much more reasonable than the prices in previous editions.
The problem with cryptography in a game is that you cant have it both ways.
If encryption is effective on a similar scale to what we have today (you can crack it but it will take months with an incredibly powerful computer only the military, government intelligence departments and major corporations can afford) then the hacker is useless, you would have to be a full not to put encryption on every device (as people do today when there actually setting up a secure wireless network)
If encryption can be broken buy a hacker with high end PC equivalent hardware (a rating 5 or 6 comlink) then computer security will be a joke.
There really isn’t any middle ground, do you want hackers to be useful or not.
In SR4 they have gone the second way to the extent that with moderate hacker grade gear the best encryption in the game will be broken within 24 seconds (responses and decryption at 4, dice pool 8 so max 8 attempts, buying successes at 1 for 4 dice that is 16 successes, best encryption in existence is rating 6 (7 for the bleeding edge you see it once in a month of Sundays tech) gives a threshold of 12 (or 14)
Edward
If encryption is effective on a similar scale to what we have today (you can crack it but it will take months with an incredibly powerful computer only the military, government intelligence departments and major corporations can afford) then the hacker is useless, you would have to be a full not to put encryption on every device (as people do today when there actually setting up a secure wireless network)
If encryption can be broken buy a hacker with high end PC equivalent hardware (a rating 5 or 6 comlink) then computer security will be a joke.
There really isn’t any middle ground, do you want hackers to be useful or not.
In SR4 they have gone the second way to the extent that with moderate hacker grade gear the best encryption in the game will be broken within 24 seconds (responses and decryption at 4, dice pool 8 so max 8 attempts, buying successes at 1 for 4 dice that is 16 successes, best encryption in existence is rating 6 (7 for the bleeding edge you see it once in a month of Sundays tech) gives a threshold of 12 (or 14)
Edward
And hackers never break into anything important today. Those idiots in management never use thier kids birthdays as their passwords, or leave them written down on the desk. And routers always have their default passwords changed. And everyone applies ever patch for thier OS, and new exploits are never leveraged before they are patched. And sys admins will never tell you everything they know even if you are beating the soles of their feet with rubber hoses...
thing is that cyberpunk literature more or less started with a guy plugging into a deck and going up against software aimed at protecting the server.
yep, im talking neuromancer.
ok, so it was written by a person that had no clue about computers at that time. his whole inspiration was a apple poster for the mac or something...
anyways, there is a cop-out explanation in the SR backstory. it talks about the ASIST equiped agents being able to bypass any existing defenses with ease. hmm, i wonder. can a databomb be upgraded to black ice levels?
thing is that unbreakable encryption, while realistic, breaks with classical cyberpunk.
yep, im talking neuromancer.
ok, so it was written by a person that had no clue about computers at that time. his whole inspiration was a apple poster for the mac or something...
anyways, there is a cop-out explanation in the SR backstory. it talks about the ASIST equiped agents being able to bypass any existing defenses with ease. hmm, i wonder. can a databomb be upgraded to black ice levels?
thing is that unbreakable encryption, while realistic, breaks with classical cyberpunk.
I've yet to see comerical encryption that can't be broken given enough time. If someone wants something bad enough, they'll take the time to get it. Add to this the every increasing computing power, Hackers and either one step ahead or behind until the next evolution happens.
| QUOTE (GrinderTheTroll @ Jun 2 2006, 12:28 PM) |
| I've yet to see comerical encryption that can't be broken given enough time. If someone wants something bad enough, they'll take the time to get it. Add to this the every increasing computing power, Hackers and either one step ahead or behind until the next evolution happens. |
It all depends on how you define the word "broken". Do you mean (a)"the plaintext of the message was recovered from the cyphertext by correctly guessing the encryption method and key" or do you mean (b)"the encryption system was found to be flawed and the plaintext was recovered through exploiting this flaw", or do you mean ©"the plaintext was recovered by aquireing the encryption key from an outside source"?
Given an sufficently long timeline (a) can ALMOST allways be done. The problem is the sufficently long timeline (and the ALMOST. That ALMOST is a doozy). There are a number of non-classified encryption schemes availible to the general public whose strength against brute force attacks is sufficent that even given a substantial percentage of all the computeing power on planet earth, the time required to brute force them would be measured in years. The ALMOST: if key security is not an issue, and a method for securely transfering keys can be found, it is possible to create an encryption system which is completely unbreakable under this definition. (see One time pads).
Under definition (b) there is stronger evidence that your assertion may be true. Most encryption schemes are eventualy found to be flawed in some way. In many cases these flaws do not completely break the encryption, but do allow for brute force searches to be conducted more quickly (sometimes many orders of magnitude more quickly). If one supposes that every encryption system has some sort of flaw, but that not all have been discovered yet, then on a sufficently long timeline (less then in case (a)) this flaw will be revealed and the search for the key will be speeded up. However, "enough time" in this case may still take years.
Most encryption systems are broken not through brute force or a compromise of the algorithm. Most of the time the system fails because the key is compromised in some way (see CSS, the system used to encrypt content on DVD movies). I agree that given enough time a skilled hacker will find a way to compromise the security system. Good system design can mitigate these factors and reduice the severity of a compromise. (force the user to change passwords every few weeks for example).
I feel that encryption in SR shoudl be stronger then it is, but not so strong that is makes hacking un-fun. This can be justified by saying the hacker is exploiting un-identified faults in the encryption system, not attacking the codeing scheme itself. If this is unsatisfactory for you, you can simply say that advances in number theory have allowed systems to factor large numbers in polynomial time (or faster) instead of exponential time. (One Time Pads, and some other methods would not be effected)
so lets up the test time to maybe X days, where X is the rating of the encryption used? or maybe weeks or months depending?
Nice analysis Lebo77!
I was thinking in terms of technology advancement vs. the algorithm itself and was being rather general including all other types of protected things (SR related anyways) as well.
I was thinking in terms of technology advancement vs. the algorithm itself and was being rather general including all other types of protected things (SR related anyways) as well.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.