If this sort of thing has been asked before, would someone be so kind as to point me in the general direction of the thread?
When I first started reading the rules and making characters, the whole drone rigging and hacking/stealing drones sounded like it had a lot of potential. Unfortunately, I am having trouble understanding how it's supposed to work. Can someone step me through the process(es) of taking over another rigger's drone?
Is a device considered the same as a node? So we could find wireless node in hidden mode, and then hack into it? Then what would we do while we were there? You can't jump into it that way, but you could give it orders, right? Including accepting our rigger's signal? And if we've hacked the device, then our icon is in that node. If the rigger is jumped into it, would he be able to do anything about you? Would his icon be there, and able to be crashed?
Or Could we simply intercept the wireless traffic, and then edit it, making the drone accept your own rigger signal, and not accepting its original controller's?
If you can spoof the drone into accepting your signal, does the owner have any way of knowing you're there, besides seeing what it does?
Does any of this make sense? What am I missing?
Full Version: Rigging/Hacking: help!
Thanks Aaron. That helps.
I find the commlink of the controlling rigger (though various routes), and do an analyze to determine his ID (I don't have to hack in, just watch him?). Then, I can use that to spoof orders to the drone, and tell it to recognize my rigger, instead of its owner. Then we fly. Not real quick, but it sounds easy.
But what about directly hacking into a drone? It seems like that would be easier. You have to locate the hidden node/drone. Then hack in. Then you just edit the subscription list (after defeating the IC). Does the rigger have any recourse to your actions, once he learns you're in there?
I find the commlink of the controlling rigger (though various routes), and do an analyze to determine his ID (I don't have to hack in, just watch him?). Then, I can use that to spoof orders to the drone, and tell it to recognize my rigger, instead of its owner. Then we fly. Not real quick, but it sounds easy.
But what about directly hacking into a drone? It seems like that would be easier. You have to locate the hidden node/drone. Then hack in. Then you just edit the subscription list (after defeating the IC). Does the rigger have any recourse to your actions, once he learns you're in there?
| QUOTE (wind_in_the_stones) |
| I find the commlink of the controlling rigger (though various routes), and do an analyze to determine his ID (I don't have to hack in, just watch him?). Then, I can use that to spoof orders to the drone, and tell it to recognize my rigger, instead of its owner. Then we fly. Not real quick, but it sounds easy. |
Correct. It's not quick at all, but doable if your team is pinned down.
| QUOTE |
| But what about directly hacking into a drone? It seems like that would be easier. You have to locate the hidden node/drone. Then hack in. Then you just edit the subscription list (after defeating the IC). Does the rigger have any recourse to your actions, once he learns you're in there? |
It's that darn subscription list that prevents that in the first place. Sure, you could locate it, but it's set to respond only to its owner's commlink, and will ignore your attempts to connect to it to hack your way in.
Once you're in, assuming you've altered the subscription list so it only responds to you, he'd have to do the same things you did to get it back.
Oh, while I'm posting and thinking about it at the same time, if you're facing an adversarial rigger that has jumped into a drone, hit the drone with a directional jammer. Assuming he's far enough away, that will not only knock him out of the drone, but give him dumpshock, too.
| QUOTE (Aaron) |
| It's that darn subscription list that prevents that in the first place. Sure, you could locate it, but it's set to respond only to its owner's commlink, and will ignore your attempts to connect to it to hack your way in. Once you're in, assuming you've altered the subscription list so it only responds to you, he'd have to do the same things you did to get it back. |
So you hack in, give yourself admin access, and change the subscription list to regognize only your team's rigger.
The difficulties involved with this are... the node gets an analyze test to detect you. If it does, it can alert the owner, shut the port or launch IC. Anything else that I missed?
| QUOTE (Aaron) |
| Oh, while I'm posting and thinking about it at the same time, if you're facing an adversarial rigger that has jumped into a drone, hit the drone with a directional jammer. Assuming he's far enough away, that will not only knock him out of the drone, but give him dumpshock, too. |
Sounds like a good plan, but I was torn on whether to jam the drone or the rigger. i'd probably go with the rigger, because he's probably got control over more drones, and you never know if he's rigging the a drone or just directing it. besidse, if you jam the drone, you can't steal it. But then, the rigger probably has better ECCM on his own commlink. I just mounted a directional jammer on a Steel Lynx. We'll see how well that works.
Anyone else want to jump in here?
Now what about drones?
The table on p. 212 says crawler drones generally have a signal rating of 4. The drone chart in the back of the book gives pilot ratings (3) - is that the same as System? (Which limits the size of the programs that the drone can run.) What about firewall? If pilot is not the same as system, and there's no mention of drones coming with firewall, then does that mean we've got to buy an OS (or jsut the programs - table p.228) for each drone? Or do we assume the firewall is the same as the pilot?
Now what about drones?
The table on p. 212 says crawler drones generally have a signal rating of 4. The drone chart in the back of the book gives pilot ratings (3) - is that the same as System? (Which limits the size of the programs that the drone can run.) What about firewall? If pilot is not the same as system, and there's no mention of drones coming with firewall, then does that mean we've got to buy an OS (or jsut the programs - table p.228) for each drone? Or do we assume the firewall is the same as the pilot?
| QUOTE (wind_in_the_stones) |
| Anyone else want to jump in here? Now what about drones? The table on p. 212 says crawler drones generally have a signal rating of 4. The drone chart in the back of the book gives pilot ratings (3) - is that the same as System? (Which limits the size of the programs that the drone can run.) What about firewall? If pilot is not the same as system, and there's no mention of drones coming with firewall, then does that mean we've got to buy an OS (or jsut the programs - table p.228) for each drone? Or do we assume the firewall is the same as the pilot? |
the signal rating given there is for the drone's sensors. ie, it really just indicates a typical range of all the different sensory gear the drone has.
if you will turn to page 325, you will see there that small/medium and large drones all have a signal rating for their sensor packages of 4 (as default, at any rate). this merely indicates the range of the sensors.
the information for the drone's other matrix attributes is found on page 214, and indicates that drones typically have a device rating of 3 (ie all matrix attributes are 3, unless otherwise specified).
this works quite nicely with the fact that all the drones listed in the BBB have a pilot of 3 (which replaces the system rating for anything that you don't use, but rather give orders to pretty much). The drone comes with a firewall of 3 also, and a response and signal of 3 (so it can scan further away then it can be accessed wirelessly from).
you could buy it a higher firewall if you wanted, and it should install normally.
in order to increase pilot, however, you need a higher response. signal could be increased by the normal way, but i personally recommend a satellite link if you want higher signal... cheaper, more effective, readily available, and harder to jam.
Okay, that was one of my theories - that the pilot rating is similar to the device rating, which means that all stock traits are 3. (Too bad the BBB doesn't say so. You just have to piece it together from various parts of the book.)
So my drone's broadcast signal is 400 meters.
Thanks, Jaid!
So my drone's broadcast signal is 400 meters.
Thanks, Jaid!
Okay, I've got another question.
1. Find the controling rigger - Detect hidden node
2. Decrypt it.
3. Get the rigger's broadcast ID - Analyze
4. Use the ID to command the drone to unsubscribe the original rigger, and give it whatever orders you want, including subscribing a new rigger.
Do I have to Scan to locate the drone so I can spoof it?
1. Find the controling rigger - Detect hidden node
2. Decrypt it.
3. Get the rigger's broadcast ID - Analyze
4. Use the ID to command the drone to unsubscribe the original rigger, and give it whatever orders you want, including subscribing a new rigger.
Do I have to Scan to locate the drone so I can spoof it?
1. detect the drones node
2. intercept traffic
3. decrypt traffic
4. analyzeID (the ID must be in the traffic)
5. spoof command with ID
or
5. spoof your ID with ID
6. hack into the drones node (try admin acces to fully overtake it)
2. intercept traffic
3. decrypt traffic
4. analyzeID (the ID must be in the traffic)
5. spoof command with ID
or
5. spoof your ID with ID
6. hack into the drones node (try admin acces to fully overtake it)
| QUOTE (Serbitar) |
| or 5. spoof your ID with ID 6. hack into the drones node (try admin acces to fully overtake it) |
If you're talking about hacking into the drone, I believe the steps would be:
1. Detect node (drone) in hidden mode
2. Hack in at admin level
3. Give it new orders
4. Deal with IC or whatnot
Yes? No?
question- what if the rigger is 'jumped into' the drone in full VR? how would that affect your attempt to hijack a drone? Even with 3 actions a turn from hot sim, one has to be spent on a complex action to pilot.
would this simply resolve as cybercombat? and if you crash the rigger's commlink, what happens to the drone in that time between rigger going offline, and hacker spoofing control?
along this train of thought, what if a rigger is physicaly in a vehicle which could be piloted remotely? just turn the commlink port off?
would this simply resolve as cybercombat? and if you crash the rigger's commlink, what happens to the drone in that time between rigger going offline, and hacker spoofing control?
along this train of thought, what if a rigger is physicaly in a vehicle which could be piloted remotely? just turn the commlink port off?
| QUOTE (wind_in_the_stones) | ||
If you're talking about hacking into the drone, I believe the steps would be: 1. Detect node (drone) in hidden mode 2. Hack in at admin level 3. Give it new orders 4. Deal with IC or whatnot Yes? No? |
No, they are the steps given above 1-6 using the lower 5/6. Thats why I wrote them.
| QUOTE (Teulisch) |
| question- what if the rigger is 'jumped into' the drone in full VR? how would that affect your attempt to hijack a drone? Even with 3 actions a turn from hot sim, one has to be spent on a complex action to pilot. would this simply resolve as cybercombat? and if you crash the rigger's commlink, what happens to the drone in that time between rigger going offline, and hacker spoofing control? along this train of thought, what if a rigger is physicaly in a vehicle which could be piloted remotely? just turn the commlink port off? |
I would say:
The "jumped in" rigger notices the hack when the system notices the hack.
| QUOTE (Serbitar) |
| No, they are the steps given above 1-6 using the lower 5/6. Thats why I wrote them. |
I know, but that doesn't make any sense to me, so I replied with something that does make sense to me. So I'll be more specific. You said...
1. detect the drones node
2. intercept traffic
3. decrypt traffic
4. analyzeID (the ID must be in the traffic)
5. spoof your ID with ID
6. hack into the drones node (try admin acces to fully overtake it)
I didn't know what you meant by "spoof your ID with ID". I guess you meant make the drone think that you have the proper ID (I would call that "spoofing the drone" but that's just my terminology, I guess.) Aside from that, you have things just a little bit out of order. decrypting must be done before intercepting (p225). And detecting the drone's node doesn't have to be done until just before the... oh. If you're hacking, you don't need ID and spoofing. You only need the ID if you're going to try and fool the drone into accepting your commands. If you're hacking, you just detect the drone's node and attack it. So that brings us back to my steps 1-4.
It sounds like we basically agree on the spoofing style of hacking.
| QUOTE (Teulisch) |
| question- what if the rigger is 'jumped into' the drone in full VR? how would that affect your attempt to hijack a drone? Even with 3 actions a turn from hot sim, one has to be spent on a complex action to pilot. |
That's a good question. It is a little unclear what state a rigger is in when he is jumped into a drone. I would say that the drone is an extension of his body. What the drone sees, he sees. When he tries to run, the drone moves. Since he can only see what the drone sees, he has no awareness of what is going on inside it or its computer. I think that if you're jumped, the only thing you can do is drive the drone. And the only way you'll be able to tell if there's a hacker in your drone, is if it goes on active alert and gives you a warning.
| QUOTE |
| what if a rigger is physicaly in a vehicle which could be piloted remotely? just turn the commlink port off? |
It depends on how the rigger is driving. If he's logged in to the vehicle through his wireless commlink, then technically he's piloting it remotely, and he loses control if you shut the port. If he's got a datajack and a cable (or hands on the wheel), then shutting the port will not do any good.
I think that I'd prevent a hacker from hacking a currently rigged drone. The drones software is overridden by the impulses of the rigger.
Alternatively one could rule it as a cyber combat test instead... Just throwing it out there ^^
Alternatively one could rule it as a cyber combat test instead... Just throwing it out there ^^
I don't think it would be overriden, exactly. It's just that the programs that are loaded (pilot, clearsight, etc.) would not be in use.
Cyber combat? Like assuming that the rigger's icon is occupying the node, so the hacker has to fight him? But if the rigger's icon is there, that means he's watching the node, not the drone's surroundings.
It would make more sense for the rigger's icon to be there if he's on the subscription list, and issuing commands to the drone. But a hacker's icon doesn't have to be in a drone in order to command it.
Cyber combat? Like assuming that the rigger's icon is occupying the node, so the hacker has to fight him? But if the rigger's icon is there, that means he's watching the node, not the drone's surroundings.
It would make more sense for the rigger's icon to be there if he's on the subscription list, and issuing commands to the drone. But a hacker's icon doesn't have to be in a drone in order to command it.
| QUOTE (wind_in_the_stones) | ||
I know, but that doesn't make any sense to me, so I replied with something that does make sense to me. So I'll be more specific. You said... 1. detect the drones node 2. intercept traffic 3. decrypt traffic 4. analyzeID (the ID must be in the traffic) 5. spoof your ID with ID 6. hack into the drones node (try admin acces to fully overtake it) I didn't know what you meant by "spoof your ID with ID". I guess you meant make the drone think that you have the proper ID (I would call that "spoofing the drone" but that's just my terminology, I guess.) Aside from that, you have things just a little bit out of order. decrypting must be done before intercepting (p225). |
yes, you are right. Still thats kind of counter intuitive . . .
(how can you hack something you havent intercepted?)
| QUOTE |
And detecting the drone's node doesn't have to be done until just before the... oh. |
I would say that you have to detect the node first before you want to intercept traffic. After you intercept traffic there is no need to detect the node, you already know its Access ID because of the traffic interception and decryption (all the protocol data must be in the traffic).
| QUOTE |
If you're hacking, you don't need ID and spoofing. You only need the ID if you're going to try and fool the drone into accepting your commands. If you're hacking, you just detect the drone's node and attack it. So that brings us back to my steps 1-4. |
No, if the drone is subscribed to the other riggers comlink (whch everybody will do) you have to spoof your ID.
| QUOTE |
It sounds like we basically agree on the spoofing style of hacking. |
mostly
| QUOTE (Serbitar) |
| yes, you are right. Still thats kind of counter intuitive . . . (how can you hack something you havent intercepted?) |
I guess because if you have no idea what the traffic is transmitting, you can't consider it to be intercepted? But more to the point, let's assume you're trying to intercept some specific traffic, like the a rigger/drone exchange. You have no idea if you've even got it, until you've decrypted it. There are hundreds of wireless signals in the air, and you have to get the right one. Just don't ask me why you don't have to make a decrypt check for every random signal until you find the right one.
| QUOTE |
| After you intercept traffic there is no need to detect the node, you already know its Access ID because of the traffic interception and decryption (all the protocol data must be in the traffic). |
This makes sense. But is there always traffic between the comm and the drone? Or only when an order is being given? If traffic is continuous, then that would be fine. If not, then there may be no traffic to intercept. But that's way too problematical, so I'll go with what you said.
| QUOTE |
| No, if the drone is subscribed to the other riggers comlink (whch everybody will do) you have to spoof your ID. |
No again. If you can get the ID, you can spoof. That's where you pretend you're the rigger, and you lob commands to his drone. Hacking is a totally different method. That's Hacking on the Fly (p221), and it's completely regardless of subscriptions and IDs. It's a hacking+exploit extended test, versus the Firewall. Once you succeed, your icon is in the node/drone, and its at your mercy.
You can not hack into a node that is not accepting your traffic. Thats what subscribing does and thats why you have to spoof your ID to hack in.
This issue has been discussed numerous times in this forum. Just do a search.
This issue has been discussed numerous times in this forum. Just do a search.
| QUOTE (Serbitar) |
| You can not hack into a node that is not accepting your traffic. Thats what subscribing does and thats why you have to spoof your ID to hack in. This issue has been discussed numerous times in this forum. Just do a search. |
That's insane. The hacking on the fly section doesn't say anything about having to gain ID or intercept traffic.
Okay, I'll try a search.
Can't find anything in a search. "hacking" turns about a third of the posts here, and adding one more word turns up no results.
I'll reiterate. Neither detect hidden node, nor hacking on the fly refers in any way to using ID. And if you have ID, you don't have to hack. That's why they call it hacking. Notice also, that p222 says that once a hacking hacker is inside the node, he can do anything that an authorized user can do - it doesn't say anything about having to spoof. So if spoofing requires ID, then why would hacking also require ID, when it doesn't require spoofing?
People may have discussed it, but there are no rules as written that back up that theory.
I'll reiterate. Neither detect hidden node, nor hacking on the fly refers in any way to using ID. And if you have ID, you don't have to hack. That's why they call it hacking. Notice also, that p222 says that once a hacking hacker is inside the node, he can do anything that an authorized user can do - it doesn't say anything about having to spoof. So if spoofing requires ID, then why would hacking also require ID, when it doesn't require spoofing?
People may have discussed it, but there are no rules as written that back up that theory.
isn't hacking a drone and crashing it a viable option? that is without going through the commlink first? i'm unconvinced you have to go through a subscribed drones characters commlink to do everything.
it seems to me the linking and subscribing action is to keep out random or accidental access, not make something unhackable.
plus wind, here's at least one of the threads: http://forums.dumpshock.com/index.php?show...and,drones&st=0
it seems to me the linking and subscribing action is to keep out random or accidental access, not make something unhackable.
plus wind, here's at least one of the threads: http://forums.dumpshock.com/index.php?show...and,drones&st=0
| QUOTE (Dr. Dodge) |
| isn't hacking a drone and crashing it a viable option? that is without going through the commlink first? i'm unconvinced you have to go through a subscribed drones characters commlink to do everything. |
Perhaps this will help convince you.
I'd like you to find someone you know and/or trust, and ask them to do a little practical exercise with you. The goal is for you to instruct them to make a peanut butter and jelly sandwich. Make sure that the peanut butter is creamy (anything else isn't real peanut butter), but the jelly could actually be jam or preserves. In fact, construct a small flowchart of options for the jelly, asking questions of your friend like the time of day and the like; the specifics aren't important (except the peanut butter type), the point is that this represents the giving of instructions and queries from the hacker (that's you) to the drone (that's your friend; if it's not a friend, we'll just say he or she is for now). That would be normal interaction with a drone.
Next, insert an instruction to chuck the ingredients into the garbage disposal. If you have no garbage disposal, remove the word "disposal" from the equation. If you have no garbage, I don't want to talk to you anymore. If the person you are performing this exercise with is not actually a friend, feel free to insert instructions to stab himself or herself in the nostrils with the knife. This simulates the attack program giving conflicting and destructive input to the target drone.
Now, have your friend put his or her fingers in his or her ears, shut his or her eyes tightly, and hum "God Save the Queen" very loudly. Actually, it could be "Ozar Midrashim" by Information Society for all I care; it doesn't matter what the song is, as long as the humming is loud. Have him or her only listen to instructions that come from your mom (be sure to tell him or her this before he or she starts the humming). Now, try the above exercises again. Get anywhere? No? How about when you pretend that the instructions come from your mom and actually convince your friend (or whatever) that this is the case?
Hope that helped.
Is that God Save the Queen by the Sex Pistols?
| QUOTE (Aaron) | ||
Perhaps this will help convince you. I'd like you to find someone you know and/or trust, and ask them to do a little practical exercise with you. The goal is for you to instruct them to make a peanut butter and jelly sandwich. Make sure that the peanut butter is creamy (anything else isn't real peanut butter), but the jelly could actually be jam or preserves. In fact, construct a small flowchart of options for the jelly, asking questions of your friend like the time of day and the like; the specifics aren't important (except the peanut butter type), the point is that this represents the giving of instructions and queries from the hacker (that's you) to the drone (that's your friend; if it's not a friend, we'll just say he or she is for now). That would be normal interaction with a drone. Next, insert an instruction to chuck the ingredients into the garbage disposal. If you have no garbage disposal, remove the word "disposal" from the equation. If you have no garbage, I don't want to talk to you anymore. If the person you are performing this exercise with is not actually a friend, feel free to insert instructions to stab himself or herself in the nostrils with the knife. This simulates the attack program giving conflicting and destructive input to the target drone. Now, have your friend put his or her fingers in his or her ears, shut his or her eyes tightly, and hum "God Save the Queen" very loudly. Actually, it could be "Ozar Midrashim" by Information Society for all I care; it doesn't matter what the song is, as long as the humming is loud. Have him or her only listen to instructions that come from your mom (be sure to tell him or her this before he or she starts the humming). Now, try the above exercises again. Get anywhere? No? How about when you pretend that the instructions come from your mom and actually convince your friend (or whatever) that this is the case? Hope that helped. |
beautiful analogy.
how could my friend listen to my mom (or anybody?) if he's humming real loud with his fingers in his ears? does the fact that i told him to give him this ability? but i see that you mean that he will only take orders from my mom and not anyone else (ala subscription list).
My analogy to the attack would be, grabbing his hands from his ears and punching him or throwing the sandwich or wherever we're going with this. I'm not trying to pretend to be the authorized user and give orders, i'm busting in and breaking things (locating the node, hacking in, and taking it from there, in this case crash OS action)
and why would an analogy for attack involve giving orders? do you give orders to another icon, OS, my mom etc. when you attack them in (cyber)combat? I thought it was that "Attack programs are hostile code carriers that attempt to kill processes, introduce random input, create buffer overflows or program faults, and otherwise make a program/icon crash." What I am wondering is, do you have to go through the commlink of a subscribed drone in order to crash(OS) it?
if subscribed drones are immune to hacking, is there a pressing need for firewall for them?
so basically, what i'm trying to be convinced of, is that spoofing is the only way to deal with drones.
| QUOTE (Dr. Dodge) |
| how could my friend listen to my mom (or anybody?) if he's humming real loud with his fingers in his ears? does the fact that i told him to give him this ability? |
This has been left as an exercise to the reader (HINT: it involves having your mom tap your friend on the shoulder so he or she looks to see if it's really her).
| QUOTE |
| and why would an analogy for attack involve giving orders? do you give orders to another icon, OS, my mom etc. when you attack them in (cyber)combat? I thought it was that "Attack programs are hostile code carriers that attempt to kill processes, introduce random input, create buffer overflows or program faults, and otherwise make a program/icon crash." What I am wondering is, do you have to go through the commlink of a subscribed drone in order to crash(OS) it? |
Here's a question for you: which processor kills the processes, takes the random input, has the overflowing buffer, and finds the program faults? (HINT: It's the target's processor.)
Okay, that wasn't really a hint, but the point is it's still the target processor that gets proverbially narfed hardcore. Consider, if you will, a bit of malware that gets on your machine. It's running on your machine; if the processor isn't being made to screw up, it won't get screwed up. In order for a processor to do anything, it needs instructions. In order for a processor to suffer hardcore narfage (proverbial or otherwise), it needs to receive malicious instructions, as with your (ex-)friend stabbing himself or herself in the nostril.
| QUOTE |
| if subscribed drones are immune to hacking, is there a pressing need for firewall for them? |
They're not immune to hacking, it's just that you have to spoof your ID every time you try your Exploit or your Attack. It's more efficient to just spoof a command to include you on its subscription list and then Exploit it, Attack it, or just plain give it commands that its owner won't like. And Laziness and Impatience are the First and Second Great Virtues of a Programmer.
| QUOTE |
| so basically, what i'm trying to be convinced of, is that spoofing is the only way to deal with drones. |
At the risk of telling you that you are wrong again, you're wrong again. Jammers are quite effective against drones that are being directly controlled by their rigger owners. An anti-vehicle rocket or a high volume of fully automatic fire works nicely, too. Spells involving electrical effects can do a number on a drone, too.
Oh, unless you meant spoofing being the only way to deal with drones when you have a commlink. In which case, yes, you've got it.
So you tell your friend, "I'm going to tell you how to make a sandwich, and what to do with it, and you can't listen to anyone but me." And then the neighbor kid comes in, disguised as you and says, "give me the sandwich." And your friend does. That's spoofing.
But when the neighbor kid comes in, trips your friend, grabs the sandwich and runs, that's hacking.
Two completely separate ways of compromising a drone.
And firewall is your defense against hacking. In answer to your specific question (sort of), you do have to go through a drone's wirless connection. But with hacking, you're not talking with it (which would require a subscription, real or faked), you're trying to fry it.
But when the neighbor kid comes in, trips your friend, grabs the sandwich and runs, that's hacking.
Two completely separate ways of compromising a drone.
And firewall is your defense against hacking. In answer to your specific question (sort of), you do have to go through a drone's wirless connection. But with hacking, you're not talking with it (which would require a subscription, real or faked), you're trying to fry it.
| QUOTE (Aaron) |
| it's just that you have to spoof your ID every time you try your Exploit or your Attack. |
Show us the rules. Explain. Please. I've been waiting for two weeks for someone to justify this using the RAW.
| QUOTE (wind_in_the_stones) |
| But when the neighbor kid comes in, trips your friend, grabs the sandwich and runs, that's hacking. |
Negative. That's shooting the drone down and taking its commlink. In order to be hacking anything, you have to have access to its processes, and beating up the drone isn't the way to do it.
| QUOTE (wind_in_the_stones) | ||
Show us the rules. Explain. Please. I've been waiting for two weeks for someone to justify this using the RAW. |
Okay, here we go.
| QUOTE (Boyle et al. 212) |
| Now, just because all of your devices can talk to other devices doesn’t mean that they will. For simplicity, privacy, and security, you may confi gure your devices so that they only interact with another specific device (usually your commlink, as your PAN’s hub) or a specific network (your PAN). This prevents confusion between users (am I accessing my guncam or yours?) and also offers a degree of protection from snoopers and hackers. Rather than allowing any stranger access to all of your electronics, anyone that wants to interact with your PAN must connect to your commlink first. |
| QUOTE (Boyle et al. 221) |
| Note that agents and drones will only take orders from their controlling persona, unless another persona spoofs an order (see Spoof Command, p. 224). If the controlling character chooses, he can instruct the agent or drone to receive orders from other specified personas. |
| QUOTE (Boyle et al. 238) |
| To manipulate a drone, you must first have accessed it and linked to it as a subscriber (see p. 212). |
And a bit of indirect evidence:
| QUOTE (Boyle et al. 224) |
| To spoof commands, you must beat the agent or drone in an Opposed Test between your Hacking + Spoof and the target’s Pilot + Firewall. |
| QUOTE (Boyle et al. 238) |
| Riggers also don’t usually spend the time or money to buy up or program their own top-notch hacking utilities, preferring instead to focus on a good Signal strength, good Scan, Command, Encrypt, and Sniffer programs, and of course, plenty of drones with amped Pilot, Response, and Firewall attributes of their own. |
Note the lack of mention of Analyze or IC in the last quote.
If that's not good enough for you, then we'll have to wait for the next rigger book. Meanwhile, feel free to GM your own game and run it any old way you want. =)
That makes perfect sense and definitely seems to follow the RAW. So is there a reason other than money to not fill a commlink full of IC designed to verify your commands then duct tape the thing to the back of the drone and plug that bad boy in with fiber optics, leaving your drones brain (presumably also a commlink or something like it) free for autosofts and the like?
Or do commlinks not have more than one type of 'on' when it comes to being wireless? Can you set a commlink to only act as a relay for drone commands without allowing it real wireless networking access? By the rules I mean, obviously it is possible logically. I get radio on my computer but I not exactly concerned about catching a virus from it.
Or do commlinks not have more than one type of 'on' when it comes to being wireless? Can you set a commlink to only act as a relay for drone commands without allowing it real wireless networking access? By the rules I mean, obviously it is possible logically. I get radio on my computer but I not exactly concerned about catching a virus from it.
Thanks, Aaaron, thats the way I would quote RAW to justify my rules interpretation, too.
Aarons RAW interpretation is correct as long as you want to SPOOF a command, there are other ways as well.
Let's assume that we cannot find the persona of the owner so we cannot spoof, then we do the next best thing.
We locate the wireless signal and insert fake orders and/or give it new files to upload or shutdown commands.
Hacking a drone by accessing it's wireless signal is also viable since a drone is an OS in itself, the pilot program is an OS and can therefore be hacked like any commlink.
Spoofing would only be needed if you want to fake being the real user, as long as you sit with your stealth program and being a hacker intent on hacking the drone system then spoofing command will not be needed.
Intercepting Wireless signal: SR4 page 225.
The sentences Aaron has quoted is what I would take as a LEGAL way of accessing drones. For ILLEGAL ways when you CANNOT spoof it you can always hack it and sneak into its system, then you replace its subscription list so that YOU are the controlling persona. Intercepting the signal from the controlling user to the drone and editing the infrmation is also a tactic.
Spoofing is just the simplest way, there are always more than one way of tackling a problem.
Let's assume that we cannot find the persona of the owner so we cannot spoof, then we do the next best thing.
We locate the wireless signal and insert fake orders and/or give it new files to upload or shutdown commands.
Hacking a drone by accessing it's wireless signal is also viable since a drone is an OS in itself, the pilot program is an OS and can therefore be hacked like any commlink.
Spoofing would only be needed if you want to fake being the real user, as long as you sit with your stealth program and being a hacker intent on hacking the drone system then spoofing command will not be needed.
Intercepting Wireless signal: SR4 page 225.
The sentences Aaron has quoted is what I would take as a LEGAL way of accessing drones. For ILLEGAL ways when you CANNOT spoof it you can always hack it and sneak into its system, then you replace its subscription list so that YOU are the controlling persona. Intercepting the signal from the controlling user to the drone and editing the infrmation is also a tactic.
Spoofing is just the simplest way, there are always more than one way of tackling a problem.
| QUOTE (aaron) |
| This has been left as an exercise to the reader (HINT: it involves having your mom tap your friend on the shoulder so he or she looks to see if it's really her). |
Yeah I guess I didn't consider touching when making an analogy about wireless.
| QUOTE |
| Here's a question for you: which processor kills the processes, takes the random input, has the overflowing buffer, and finds the program faults? (HINT: It's the target's processor.) Okay, that wasn't really a hint, but the point is it's still the target processor that gets proverbially narfed hardcore. Consider, if you will, a bit of malware that gets on your machine. It's running on your machine; if the processor isn't being made to screw up, it won't get screwed up. In order for a processor to do anything, it needs instructions. In order for a processor to suffer hardcore narfage (proverbial or otherwise), it needs to receive malicious instructions, as with your (ex-)friend stabbing himself or herself in the nostril. |
Well, I'll admit i don't know IT from ET, so i'm just going to use the SR rules here to fuel my argument. We got two things here, we got Command and we got Attack. In order to command the drone via the matrix, you have to have "accessed it and linked to it as a subscriber" (p. 238). Ok. if i want give the drone faulty instructions, then I must scan for the controlling riggers commlink (it's probably in hidden mode), make a matrix perception test on the controlling riggers commlink, and finally be a spoofy mcspooferson and spoof some forged instruction to the drone. On the other hand, I see the drone out there. It's floating around in the matrix somewhere, just like me and the controlling rigger. We are all nodes. I find the drone node just like i did with the riggers commlink, only instead of trying to command it (which it wouldn't accept) I hack it's firewall (with the standard +6 since its admin only). and then if successful, proceed to crash it's OS.
| QUOTE |
| At the risk of telling you that you are wrong again, you're wrong again. Jammers are quite effective against drones that are being directly controlled by their rigger owners. An anti-vehicle rocket or a high volume of fully automatic fire works nicely, too. Spells involving electrical effects can do a number on a drone, too. |
While I do appreciate the condescending attitude, I think it was obvious I was only concerned with hacking drones/riggers and not looking for an exhaustive list of how to destroy/confound a drone. thanks though.
| QUOTE (Serbitar) |
| Thanks, Aaaron, thats the way I would quote RAW to justify my rules interpretation, too. |
That seemed snarky, Serbitar. I wonder if that was intentional.
| QUOTE (The Jopp) |
| We locate the wireless signal and insert fake orders and/or give it new files to upload or shutdown commands. |
I used to think that would work, too, and tried it out in my own game, but my GM made two interesting points that convinced me otherwise. First, wireless traffic is moving at the speed of light. How is anybody supposed to receive, analyze, edit, and transmit it fast enough to make it work? Second, the bit about editing and inserting the signal comes after the bit about copying, recording, or forwarding the signal, the implication being that the Edit action is for the recorded data about the command, not for the command itself. He said, and I agreed, that if my commlink was the only path between the rigger and the drone, then I could delay the traffic headed for the drone and control the traffic stream, but since that is rarely the case, I couldn't.
He also brought up the fact that if it was that easy hijack a drone, people would stop using drones in combat, but I'm not sure how convincing that argument would be with this crowd.
I have no idea what "snarky" is . . .
Snarky == sarcastic. I wasn't sure whether you were being sarcastic or not. That time or this one, for that matter.
>>> Edit: Urban Dictionary explains it way better than I do. First hit on Google for "snarky," too.
>>> Edit: Urban Dictionary explains it way better than I do. First hit on Google for "snarky," too.
| QUOTE ((Boyle et al. 212)) |
Now, just because all of your devices can talk to other devices doesn’t mean that they will. For simplicity, privacy, and security, you may confi gure your devices so that they only interact with another specific device (usually your commlink, as your PAN’s hub) or a specific network (your PAN). This prevents confusion between users (am I accessing my guncam or yours?) and also offers a degree of protection from snoopers and hackers. Rather than allowing any stranger access to all of your electronics, anyone that wants to interact with your PAN must connect to your commlink first. |
But then in the following paragraph (interestingly beginning with "In game terms")
| QUOTE |
| "In game terms, your persona maintains a subscription list of nodes that you are accessing and that are allowed to establish communication with you. The subscription list may be unlimited in size, but the number of nodes, agents, or drones that a persona may actively subscribe to (access) at any one time is limited to the persona’s System x 2." |
Ok, it says "that you are accessing and are allowed to establish communication with you." I don't see, "that you are accessing and are only allowed to establish communication with you." To me, it looks like subscription lists are a limit on the number of nodes you can actively access, as well as a defense against having every node around you cluttering up your PAN. Not some pseudo firewall.
| QUOTE ((Boyle et al. 221)) |
Note that agents and drones will only take orders from their controlling persona, unless another persona spoofs an order (see Spoof Command, p. 224). If the controlling character chooses, he can instruct the agent or drone to receive orders from other specified personas. |
The controlling persona of the drone is one that has "accessed it and linked to it as a subscriber." Ok. But we're not talking about issuing orders (see command). we're talking about hacking a drone. "Hacking is centered around defeating a node's firewall and breaking in" (p.221).
| QUOTE ((Boyle et al. 224)) |
To spoof commands, you must beat the agent or drone in an Opposed Test between your Hacking + Spoof and the target’s Pilot + Firewall. |
I was wondering why drones would have a firewall at all in the subscriber spoof only world, so this at least goes a little way to convince me.
| QUOTE ((Boyle et al. 238)) |
Riggers also don’t usually spend the time or money to buy up or program their own top-notch hacking utilities, preferring instead to focus on a good Signal strength, good Scan, Command, Encrypt, and Sniffer programs, and of course, plenty of drones with amped Pilot, Response, and Firewall attributes of their own. Note the lack of mention of Analyze or IC in the last quote. |
You use Analyze to make a matrix perception tests (p.217) which is necessary for spoofing (p.224) so if anything this supports the hack-the-drone angle. IC is casually mentioned elsewhere (top of 223)
| QUOTE |
| If that's not good enough for you, then we'll have to wait for the next rigger book. Meanwhile, feel free to GM your own game and run it any old way you want. =) |
Or at the very least a FAQ (c'mon we're rolling on a year now) but yeah.
| QUOTE (Dr. Dodge) |
| You use Analyze to make a matrix perception tests (p.217) which is necessary for spoofing (p.224) so if anything this supports the hack-the-drone angle. IC is casually mentioned elsewhere (top of 223) |
You also use Analyze to detect intrusion attempts (Boyle et al. 221). It's the first line of defense against Exploit use. I consider it to be the best, since detection leads to alert, and an alert gives a free +4 bonus to a node's Firewall, and can activate IC. Neither Analyze or IC are listed among the preferred programs of the rigger on page 238, which indirectly argues that they are not as important as the programs that are listed. That was my point.
| QUOTE (Aaron) | ||
Perhaps this will help convince you. The goal is for you to instruct them to make a peanut butter and jelly sandwich. Make sure that the peanut butter is creamy (anything else isn't real peanut butter) |
And that's the point where anyone who knows peanut butter insults your masculinity. Creamy peanut butter what's next milk chocolate or fru fru bevrages, or how about the unholiest of unholies sweetened ice tea.(man how can a region that gave us biscuits and gravy give us that)
| QUOTE (Shinobi Killfist) | ||
And that's the point where anyone who knows peanut butter insults your masculinity. Creamy peanut butter what's next milk chocolate or fru fru bevrages, or how about the unholiest of unholies sweetened ice tea.(man how can a region that gave us biscuits and gravy give us that) |
Look, what's the first step in making peanut butter? Crush up the peanuts (remember that song?). If there are peanut chunks in the peanut butter, it is, at worst, impure because stuff has fallen into it, and at best unfinished.
Dunkelzahn would have agreed with me.
| QUOTE (Aaron) | ||
You also use Analyze to detect intrusion attempts (Boyle et al. 221). It's the first line of defense against Exploit use. I consider it to be the best, since detection leads to alert, and an alert gives a free +4 bonus to a node's Firewall, and can activate IC. Neither Analyze or IC are listed among the preferred programs of the rigger on page 238, which indirectly argues that they are not as important as the programs that are listed. That was my point. |
Alright. I guess I'm thinking of using analyze in an offensive posture and you're describing it in a defensive posture.
But you still need it to spoof. And if spoofing is the only way to affect a subscribed drone, why would it not be listed? In the hack the firewall approach, analyze is unnecessary.
| QUOTE (Aaron) | ||||
Look, what's the first step in making peanut butter? Crush up the peanuts (remember that song?). If there are peanut chunks in the peanut butter, it is, at worst, impure because stuff has fallen into it, and at best unfinished. Dunkelzahn would have agreed with me. |
yeah crunchy peanut butter is an abomination. which reminds me how much i hate that Take 5 candy bar. peanunt butter and peanuts shouldn't count as two separate "ingredients" first off, it's the same thing only one is smashed, and two, it's already called crunchy peanut butter.
| QUOTE (Dr. Dodge) |
| Alright. I guess I'm thinking of using analyze in an offensive posture and you're describing it in a defensive posture. But you still need it to spoof. And if spoofing is the only way to affect a subscribed drone, why would it not be listed? In the hack the firewall approach, analyze is unnecessary. |
It's not listed for riggers because riggers have a much more direct approach to dealing with enemy drones: use their own drones to shoot them down. The rigger is concentrating on rigging, the hacker on hacking.
Besides, one only needs one lousy hit to get the ID of a commlink.
Now, just because all of your devices can talk to other devices doesn’t mean that they will. For simplicity, privacy, and security, you may configure your devices so that they only interact with another specific device (usually your commlink, as your PAN’s hub) or a specific network (your PAN). This prevents confusion between users (am I accessing my guncam or yours?) and also offers a degree of protection from snoopers and hackers. Rather than allowing any stranger access to all of your electronics, anyone that wants to interact with your PAN must connect to your commlink first.
This is about communication, not attacking. I consider the subscription list and ID to be like logins and passwords. You want to interact with my PAN, I must first let give you the password. If I don't, then you can try to hack into my comm.
Note also, that this is not a rules section, so much as it is giving a general description of how things work, so the player has an idea of what is going on in 2070. Slight difference - not as precise.
Note that agents and drones will only take orders from their controlling persona, unless another persona spoofs an order (see Spoof Command, p. 224). If the controlling character chooses, he can instruct the agent or drone to receive orders from other specified personas.
This describes spoofing. And I dont think there is any appreciable difference between my interpretation of the spoofing procedure, and yours.
To manipulate a drone, you must first have accessed it and linked to it as a subscriber (see p. 212).
Same deal. Manipulation is not the same as electronic warfare. Plus, to manipulate a drone after hacking it, you must have first accessed it (which you did, because you just hacked it), and linked to it as a subscriber. This part is irrelevant, because by the time you've accessed it, your icon is already inside it, so you're not a subscriber. Or could say that since you've hacked it, you can put yourself on its subscription list.
To spoof commands, you must beat the agent or drone in an Opposed Test between your Hacking + Spoof and the target’s Pilot + Firewall.
Again, spoofing is different than hacking.
Riggers also don’t usually spend the time or money to buy up or program their own top-notch hacking utilities, preferring instead to focus on a good Signal strength, good Scan, Command, Encrypt, and Sniffer programs, and of course, plenty of drones with amped Pilot, Response, and Firewall attributes of their own.
Note the lack of mention of Analyze or IC in the last quote.
I'm not sure they have to mention every possible improvement.
If that's not good enough for you, then we'll have to wait for the next rigger book. Meanwhile, feel free to GM your own game and run it any old way you want. =)
And you yours.
Negative. That's shooting the drone down and taking its commlink.
Okay, then I have no clue what that otherwise entertaining analogy was supposed to mean.
Anyway... Let's say you've logged in to Dumpshock. I track down your IP, and use it to log in there under your name. The forum thinks I'm you. That's spoofing. Now let's say that I don't mess with getting your info - I just hack the site. I can make it think I'm you or anybody else. That's hacking on the fly. I dont need to forge a password, I just brute-force my way in.
Edited: sorry the quote tags didn't work.
This is about communication, not attacking. I consider the subscription list and ID to be like logins and passwords. You want to interact with my PAN, I must first let give you the password. If I don't, then you can try to hack into my comm.
Note also, that this is not a rules section, so much as it is giving a general description of how things work, so the player has an idea of what is going on in 2070. Slight difference - not as precise.
Note that agents and drones will only take orders from their controlling persona, unless another persona spoofs an order (see Spoof Command, p. 224). If the controlling character chooses, he can instruct the agent or drone to receive orders from other specified personas.
This describes spoofing. And I dont think there is any appreciable difference between my interpretation of the spoofing procedure, and yours.
To manipulate a drone, you must first have accessed it and linked to it as a subscriber (see p. 212).
Same deal. Manipulation is not the same as electronic warfare. Plus, to manipulate a drone after hacking it, you must have first accessed it (which you did, because you just hacked it), and linked to it as a subscriber. This part is irrelevant, because by the time you've accessed it, your icon is already inside it, so you're not a subscriber. Or could say that since you've hacked it, you can put yourself on its subscription list.
To spoof commands, you must beat the agent or drone in an Opposed Test between your Hacking + Spoof and the target’s Pilot + Firewall.
Again, spoofing is different than hacking.
Riggers also don’t usually spend the time or money to buy up or program their own top-notch hacking utilities, preferring instead to focus on a good Signal strength, good Scan, Command, Encrypt, and Sniffer programs, and of course, plenty of drones with amped Pilot, Response, and Firewall attributes of their own.
Note the lack of mention of Analyze or IC in the last quote.
I'm not sure they have to mention every possible improvement.
If that's not good enough for you, then we'll have to wait for the next rigger book. Meanwhile, feel free to GM your own game and run it any old way you want. =)
And you yours.
Negative. That's shooting the drone down and taking its commlink.
Okay, then I have no clue what that otherwise entertaining analogy was supposed to mean.
Anyway... Let's say you've logged in to Dumpshock. I track down your IP, and use it to log in there under your name. The forum thinks I'm you. That's spoofing. Now let's say that I don't mess with getting your info - I just hack the site. I can make it think I'm you or anybody else. That's hacking on the fly. I dont need to forge a password, I just brute-force my way in.
Edited: sorry the quote tags didn't work.
| QUOTE (Aaron) |
| They're not immune to hacking, it's just that you have to spoof your ID every time you try your Exploit or your Attack. |
If the point of attacking (which I take to mean hacking on the fly, which is a hacking+exploit roll) is to get access to the node,
| QUOTE (BBB p.222) |
| A hacker who has successfully broken into a node undetected can go about his business like any user with the appropriate account privileges. |
why would you need to spoof? I mean, if you have the ID, you don't need to attack - you're in!
Mr. or Ms. wind_in_the_stones, riddle me this:
How could you hack, as you say, Dumpshock if the site ignores all of the network packets coming from you? How about if the site ignores all packets except those coming from me?
Hm. Y'know, it just occured to me that you may have a disconnect on how network communication works. In case you do, I'll explain it in a nutshell. In case you don't, I'll encapsulate it in a spoiler tag.
Also, I don't know if I brought up this point in this thread or another, but if it really was that easy to defeat a drone, why would riggers use them?
How could you hack, as you say, Dumpshock if the site ignores all of the network packets coming from you? How about if the site ignores all packets except those coming from me?
Hm. Y'know, it just occured to me that you may have a disconnect on how network communication works. In case you do, I'll explain it in a nutshell. In case you don't, I'll encapsulate it in a spoiler tag.
[ Spoiler ]
Also, I don't know if I brought up this point in this thread or another, but if it really was that easy to defeat a drone, why would riggers use them?
| QUOTE (Aaron) |
| Mr. or Ms. wind_in_the_stones |
Male, thanks for asking. (Took the handle from the name of a favorite character.)
Thanks for the info about network communication. Would you please explain hacking?
And in game terms, what does hacking get you, as opposed to simply spoofing?
| QUOTE |
| if it really was that easy to defeat a drone, why would riggers use them? |
Sounds to me like you're trying to house-rule to cover a percieved game imbalance.
Okay, how about Probing the Target? Do I need an ID to probe? Probing is exactly the same as Hacking on the Fly, with regards to purpose. "...identifying flaws that can be exploited for access." And from hacking, "...find an exploit that will get you in..." As I said before, why would you need to hack if you had an ID?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.