Moon-Hawk
Jul 19 2006, 09:16 PM
So the threshold to hack in is +3 if you're trying to get security access, and +6 if you're trying for admin. Do you have to specify which one you're trying for up front, or can you keep rolling once you have one kind and try for more?
Realistically, the way I understand contemporary hacking, it is most common to first gain low-level access and then use that to get root (admin) from there. So that would lead me to think you could keep rolling once you have the threshold and try to improve your access. Then again, contemporary examples mean nothing to SR computing, and for reasons of game balance it might be better to specify up front.
Thoughts? Thanks.
Abbandon
Jul 19 2006, 09:32 PM
Its an extended test. What your suggesting is a success test with your number of hits determining your access level. The book just says aim for something and keep rolling until you get it and your results will determine how much time it took.
Moon-Hawk
Jul 19 2006, 09:39 PM
I think you're misunderstanding my question. Either that or I'm misunderstanding your answer.
I know it's an extended test. My question is, if the regular threshold is 4 for user access, (and thus 7 for security or 10 for admin), do I have to specify whether I want user, security, or admin ahead of time and whether I'm locked into that. If I'd like security access but I only have two hours to hack, and in those two hours I only get 5 hits, am I SOL, where as if I'd aimed for user access I'd have gotten it? That seems nonsensical. Likewise, if I make security access and find that I have some extra time, could I keep rolling and try to get three more successes to upgrade that access to admin, or would I have to start the process all over?
Abbandon
Jul 19 2006, 09:46 PM
I guess its not game breaking to just give yourself a time limit and keep rolling until you hit that point....
GrinderTheTroll
Jul 19 2006, 10:00 PM
QUOTE (Moon-Hawk @ Jul 19 2006, 02:16 PM) |
So the threshold to hack in is +3 if you're trying to get security access, and +6 if you're trying for admin. Do you have to specify which one you're trying for up front, or can you keep rolling once you have one kind and try for more? Realistically, the way I understand contemporary hacking, it is most common to first gain low-level access and then use that to get root (admin) from there. So that would lead me to think you could keep rolling once you have the threshold and try to improve your access. Then again, contemporary examples mean nothing to SR computing, and for reasons of game balance it might be better to specify up front. Thoughts? Thanks. |
There is mention of Security users hacking their way to Admin depending on the corps policy on such activities. I would suspect valid users trying to login would get locked out of the system and require then to re-login (with a different account) or get thier account "unlocked" before being able to login with it again.
So, with a valid account and failed account-hack you'd just get dumped out and have to re-hack (no penalty or alarm). More paranoid systems might trigger an alert for this type of action.
hobgoblin
Jul 19 2006, 10:04 PM
i dont see anything about not being able to roll more tests to hopefully get a higher account. in the end it will be the call of your gm. however, if i was your gm, i would invoke the "max number of rolls equal to dice pool" optional rule for any time where a player where shooting for a undefined treshold (like say when doing searches and similar).
oh, and as the number of rolls made increase, so does the chance to get a glitch or critical glitch. allso, if your hacking on the fly, rember that for each test you do, the node your attacking allso gets one.
Wiseman
Jul 20 2006, 03:28 PM
You get whatever level access you met the threshold for when you stopped.
So if you get enough for basic level and want to keep rolling, its the same part of the test. Each new roll = the time period of the extended test.
In game it looks exactly as you described, as you've attained basic account and can stop there, or "keep going" on the SAME test to get higher.
You accept one type of account and you can do what that level of access allows, you want more after that and your back at the beginning.
Really no different than having to get access to multiple nodes. You don't start where you left off, but you can stop rolling an extended test whenever your happy with what you got.
GrinderTheTroll
Jul 20 2006, 05:03 PM
QUOTE (Wiseman) |
You get whatever level access you met the threshold for when you stopped.
So if you get enough for basic level and want to keep rolling, its the same part of the test. Each new roll = the time period of the extended test.
In game it looks exactly as you described, as you've attained basic account and can stop there, or "keep going" on the SAME test to get higher.
You accept one type of account and you can do what that level of access allows, you want more after that and your back at the beginning.
Really no different than having to get access to multiple nodes. You don't start where you left off, but you can stop rolling an extended test whenever your happy with what you got. |
I see what you are getting at, but I don't think that's how it's intended to be used, more over, that's not how RAW explains it.
It favors the hacker in that they don't have to re-hack to get better initial access.
deek
Jul 20 2006, 05:26 PM
I run this by having the player declare ahead of time, what sort of access they will try to get. I validate this by saying that if you are trying to get user access, you would go about it in a different way than if you were trying to get security or admin.
I mean, just like an extended test at fixing a car. Let's say you need to fix the engine and start rolling. You hit a point where you meet the threshold, but you still need to change the tires. Well, that is not what you setout to do, so you need to change tools and come at the new problem from a different angle.
Maybe you could make a case of getting a +1 bonus die for hacking security or admin if you have a user account...but then that would add an additional house rule and one that I don't think is needed.
Generally speaking, actions need to be declared before you start rolling, so it makes sense to me (and its the way I run it) to have each hacking attempt declared beforehand.
Moon-Hawk
Jul 20 2006, 05:33 PM
QUOTE (deek) |
I validate this by saying that if you are trying to get user access, you would go about it in a different way than if you were trying to get security or admin. |
I see what you're saying, but this is the part that I don't think makes sense, and I don't think your car repair analogy is very fitting.
Realistically, you would set out to get the best access that you can. If you're trying for one level of access, I don't think it's reasonable to think it would be impossible for you to stumble across any other level of access, higher or lower.
My support for this is the real world example that generally spends most of his effort getting low-level access, and then obtaining admin is a very short step away. Although, like I said before, I admit that real-world examples mean little to SR computing.
Wiseman
Jul 20 2006, 05:36 PM
yea but what if in your car example its the difference between just switching tires and putting on some really good racing tires.
I feel that you can keep rolling to build upon your access level During the test (as thats what an extended test is).
But lets say you access some general stuff at user level and later decide you need admin. What if during that time they did a system update, fired and replaced the admin, etc.
But having thought about it, heres where I see the problem.
Hacking on the Fly
No problem here as if you stopped at security, I could just require you to make one more test with a threshold of the differences (security to admin, gimme three more hits). This works because the system gets a chance to detect you each time.
Probing
Heres the problem. I make my test and get user level (why stop there who knows) and log in. The system makes its one chance to detect the intrusion. If I go back to get more access the GM has to either
a) handle it as a Hack on the fly test with the difference of threshold
b) say he's still probing and let him roll all he wants and then get it and then the system gets a second test
c) doesn't matter because any fool who'll take two chances to be detected for admin over just one probably shouldn't be in the system to begin with.
So my house rule would be to allow the difference of threshold between access levels on the fly, or force a probing hacker to either hack the difference on the fly or start the probing test all over. (I'd also advise that whenever probing for access to shoot for the admin level unless you don't specifically need it, and who doesn't need the ability to create new accounts and backdoors?)
GrinderTheTroll
Jul 20 2006, 06:24 PM
RAW aside, my hesitation is that Explot is a vague utility, rather, the action of Hacking could be a combination of things that get you in. It's not always just password guessing, but could be using a series of accounts, methods, hacks and exploits to get the eventual account.
In some case, the bounce from Personal to Admin might be easy, where other systems it might as well be impossible. If you'd like to assume all hack attempts (given enough) time result in Admin access, then enjoy, otherwise you'd have to re-hack each attempt given the abstract nature of the Hack/Exploit.
deek
Jul 20 2006, 06:38 PM
Yeah, the car analogy might not be a good one...at least the way I phrased it.
I mean, if instead of trying to fix the engine, the player just said, I am going to try and fix/replace everything he needs to on the car...then after several hours, he has to quit and use the car, I would probably have to decide what has been fixed and what hasn't based on the cumulated hits...
So, maybe the player says I am going to hack on the fly (or probe) for the higest access I can get, in say, x hours/days...and after that time is up, you get whatever access you got enough hits for...that could work, I suppose...I don't like the openess though.
I guess it all just depends on your GM as I can see these other options being valid. I guess I still like the option of having a play state what he is trying to do, ahead of time.
Seeing I haven't come across a player wanting to modify the access he was trying to gain after starting a test, I really haven't had to think a lot about this. I'll still play it by having the player declare the access type ahead of time, though...until that creates a problem or imbalance.
I just think with an extended test needs to have some sort of finite goal before starting. Now, I would allow extra successes to count. Meaning, if he was shooting for user access, gets it, but ends up getting 3 additional success with his last roll, I'd let him actually get a security account...but I wouldn't just leave the door open to have him continue to roll indefinitely until he got the access he wanted, unless he declared it to start, ya know?
The test is for a specific goal, so if that goal changes midway through, I would want him to start a new test...but that's just me.
Wiseman
Jul 20 2006, 06:57 PM
Yea but unless he's probing there is a penalty to keep rolling. The system gets an extended test to detect him. the more he rolls and adds hits, the more the system does until it matches his stealth.
Probing however should require you state the type of access your going for as the computer only gets one test to detect the intrusion. If thats to limiting, you could consider that once they've accepted the probing access level (say user) and rolled the system tests to detect, they can change it again by meeting the difference in threshold and treated as hacking on the fly (going for security, threshold 3, 1 initiative pass, computer tests against it each pass).
This would mean its faster and a bit safer to start with a user level access on a probe, but still risky if you decide to upgrade once your already in.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.