Is there any way we can logically restrict players from just copying all their software and giving it to their hacker friends or getting copies of software from their hacker friends? If we say "copy protection is nearly perfect in 2070", is that unreasonable? What about custom-designed software? If a hacker makes an agent, is there any logical argument for why he can't make 10,000 of them either to store on his comlink, keep as backups, or give away as Christmas presents?

What about spells formulas? What's to stop a mage from just logging onto www.freespells.com or the equivilent and downloading all their favorite open-source spells?

If anyone would know the data havens that supply these, it's the shadowrunners.

But I like the idea that spells and programs are "inventory", but I'm not sure if that really makes sense in 2070. I would also like to see rating-6 programs and spells as something fairly rare, rather than something that can just be downloaded off the Matrix or copied from a friend.

Is there anyone who would have serious problems with just handwaiving these issues away with "future tech"?


edit for clarification: I'm not necessarily looking for rules to solve these issues, just the fluff/reasoning behind it.

Well personally I don't have a problem with Deckers sharing (Rating 6) programs with their friends at wil anymore then Mages teaching each other their spells.

Of course, given the nature of the way I see the Sixth World, most would never do so freely because not only could the source code / spell formula be traced back to the Decker / Mage but there would always be questions about possible back doors built into the code / formula without going through so much effort that the receiving Decker / Mage might as well simply write their own code / formula.

Granted, I'm not sure that its RAW, but its the way I see things... *winks*

\signed

It's possible to do something like this, but it violates how the system is described. The other issue is that it's hard to enforce the law on people doing illegal stuff. (AKA, murderers are not deterred by gun laws from carrying guns illegally.) So you can't exactly depend on legal mechanism to keep people from stealing your stuff when the primary market would be computer thieves.

Software that loads and runs on a standard computer (what people think of as a PC) is really hard to keep secure and copy protected. The problem is that you can essentially run the software in a virtual machine where you can see how the copy protection system works and engineer around that. Typically you cut it out or figure out how to forge and present the credentials it wants. This can be hard to do, but there are teams of people who do it as a hobby.

Some sort of cryptographic solution might be possible, but nobody writing SR understands how crypto is used in the real world, so it's totally worthless in SR4. Even if it wasn't I suspect that you could simply program your way around this, if you can see the running code unless that entire OS and hardware platform were really heavily protected. This is possible (see the Vista content protection for a first helting step in htat direction) but without essentially unbreakable crypto it won't work at all.

So I'd have to think that you need to tie the software to a physical device that prevents people from seeing it's inner workings. An obvious approach would be selling software and the hardware as a single unit, like an old Nintendo cart, but with the memory and processor included. You plug it into a slot on your PC and it fires up.

From a consumer point of view this really big time sucks, hence is of questionable commercial potential.

The second problem is that hacking utilities are typically created, in current practice, by people who are not trying to get paid. You can get really good utilities for most security purposes for free. In most cases, the free utilities are the best one out there.

Of course, you yourself could go and download all the utilities and tools used by computer hackers. You can put together the same set of tools as used by someone who makes their living breaking into computers. This isn't going to make you someone who can break into computers for a living, any more than owning a Bell helmet and a Simpson firesuit makes you a winning race driver. You have to know how to win races before having the fancy gear helps, and the same is true of computers. You need some gear, but having the gear without the skills, experiance and knowledge is fairly useless.

I think you will achieve more of what you want by thinking about ways to make SR hacking less of a burglary tools based system and more of a skilled hacker based system.

I have no problem with PCs sharing software or spell formula with others. For the most part, they are self-limiting and are not very expensive in the grand scheme of things.

When you come down to it, the price isn't all that great for software. If you have more than one potential hacker in the group, sharing the costs, they have all the programs at 6 in relatively short order, then stop thinking about them.

For spell formula, well, what difference does it make if you have all the spell formula out there, throw in a few unknown ones. The mage still needs to spend karma to learn each and everyone one of them.

Why don't we introduce some rules for copy protection and illegal copying? Make the hackers/deckers roll computer + a certain utility to make successful copies. If they get a certaind high number of hits, then they have a copy, if they don't even hit a lower set of hits, then the program nukes itself into junk. The more malicious copy protection screwing over your deck, or maybe even working like Tracer IC (or whatever you sr4 "hackers"guys have. You young whipper-snappers should go get some haircuts!) and alerting the party that owns the program.

...hacker 1 breaks the copy protection gives copy to hacker 2.

...dormant trojan horse is passively activated and loaded as the actual programme.

...hacker 2 activates his "copied" version.

...programme appears to work normally for a while, then crashes, taking the comlink's OS & any active programmes with it.

...if hacker 2 paid hacker 1 for the copy he gets mad, and takes it out on hacker 1.

...anyone remember the cute little "feature" in the old Raid on Kabul game? If you had an illegal copy of the game, you could never get past the airport & were thrown in prison. When you asked how to get yourself out, a message came up that said something like "buy your own damn copy" If you checked out the file size in the directory, it would appear be normal for the actual game (and this was in the "bronze age" of personal computing).

You don't need laws or even corporate goons, just a few "built in" protections.

i don't think it's necessary to use crazy DRM schemes to keep high-rating programs unavailable for general download. just simply say "the high-end stuff can't be found online." top-of-the-line programs are not something that people want to share. and if they do share them, security providers can download them and immunize themselves, effectively lowering the rating.

so you just don't allow anything above, say, rating 3 to be found online. if someone buys a rating 6 program, sure, let 'em crack it and copy it. it's not like they cost all that much anyway.

That is assuming that you are buying legal programs. I cannot see corps selling hacking programs. No corp, probably no copy protection.

If nothing else, allowing runners to trade software between themselves, will probably discourage the runners from doing a run for themselves, against Best Buy or what not, to get all this nice shinny software and hardware.

why wouldn't corps sell hacking programs? they'd be restricted, of course; you couldn't walk into Babbages and pick up a copy of h4xx0r j00 6.0. their main buyers would be militaries and other corps.

and even non-corp programmers who put their talents up for sale would probably use copy protection, unless they're making it for a friend. if i'm living by my ability to sell attack programs to runners, i'm not going to want the runners to share. bad for my business.

but, yeah, within the team, i'd be surprised to see copy protection.

copy protection in SR is, universally, pretty easily broken. it's basically a speed bump, a deterrent--it's not going to stop anyone who's determined and reasonably skilled. honestly, i figure copy protection in SR is a matter of running No Hacks 6.0 on your source code before compiling it. if you want actual unbreakable copy protection, well... too bad!

How do you guys feel about having a Hacker spend Karma to learn programs like a mage does to learn spells?

I guess the idea would be that the program must be customized before it can do any good - which goes well with the theme of merging man and machine. So giving someone else your customizations really won't help them (until they spend Karma...).

How badly do you all hate the suggestion?

Such hacker is called 'Technomancer' in SR4.

I've found that the copy-protection described in the RAW seems to work well enough for me. The Software skill extended test with a threshold of 10-20 makes it easy to copy things like Edit (lower threshold as determined by me for common-use programs) while Exploit or Stealth with a threshold of 20 tend not to be reached by the time they have to stop rolling by the optional no-rolls-beyond-skill-pool limit. That and my warning that glitching will reduce the effectiveness of the program after copying and, if I'm mean, of the original as well. Critical glitches mean the original is slagged and must be repurchased.

Well, I don´t have a problem with that. The PCs can give software among themselves like crazy, once they break the copy security. It takes time, and a glitch can erase the loaded software being copied. Whops! You better have another copy ready.

All I ask them is a simple hacking test on the software, but with a severe difficulty, based on the software Rating, as an extended action.

programs are copy protected but "hackers" either get "cracked" versions or "crack" ii themselves. The "hacker"-types in my game either gets the "cracked" version from their hacker-type buddies. If they buy software from "off the shelf" or non-hacker-type contact it is copy protected. Then they hacker-types spend some downtime cracking the protection so they can share it around (or trade them).

just my jaded opinion...

A couple comments. First while they don't stress it one could make an argument for hardware based software systems Now if the chip were just a data chip you could simply read it out and copy it. However what if the chip in question contained much of it's logic in hardware? Unless it doesn't have feedback (like a movie) you can't "read out" an ASIC.

So you have that.

The other thing about programs is that the more people have them the sooner they get detected and patched against. This is obvious with programs like exploit and stealth but I'm sure there is an arms race with attack/armor programs too and so on. This is mentioned in the fluff (remember how they may have patched against your exploit when you try it again).

As a GM you can just play this abstractly. (if some script kiddies get ahold of your hackers nova hot program it doesn't work for drek the next time they try to use it). Or you could have some kind of rules (every time a critical glitch is rolled on a system attached to a corp and the logs aren't deleted the program drops a rating after one week).

What about the following idea:

A hacker can insert a backdoor into any executable software (programs, agents, system, firewall) he has cracked or has the sourcecode available.

Rules:

It takes rating x options hours and is a software test with the number of options as threshold. The net hits are the threshold to find the backdoor with a matrix perception test.

Backdoor options:
- Notify: the software is sending a notification to some other node everytime it is used, including the acess ID (commcode) of the node it is run on
- Backdoor: the software provides can be used as a backdoor, granting the hacker the same acess rights as the user of the program (software must be running and access ID of the node it is running on must be known)
- Crash: the software can be crashed instanly on command (software must be running and access ID of the node it is running on must be known)
- Corrupt: the software can be corrupted to stop working the next time it is used (this includes the software data file itself, so it must be reloaded from a backup source, software must be running and access ID of the node it is running on must be known to active, or can only be distributed activated so the copy is essentially useless)
- Explode: the software will generate rating unresisted damage to the marix icon it is runnig on activation, or on command (needs Corrupt or Crash option) modification)

Edited with more ideas

Well, thats what hackers do. Mages have initiation, rituals, metaplanar quests and so on. And as long as it is not extremely game relevant you can just estimate the result.

Thats a general rule concerning hackers: Dont play out everything. Hackers can (and will, if they are not kept back by the GMs) hack into the comlinks of every single guy in a night club. Should you roll it? No.

The back door rules are like SOTA rules:
they are
A) a GM tool to explain why not everbody just uses software from some P2P network (its all about trust)
B) a simple and fast way to add some flavor and options/posibilities

The software skill is not that usefull at the moment.

A couple of things:
I like the idea of programs that degrade over time, to represent that the vulnerabilities they exploited being patched and so on. This would also reward hackers who make their own software, as it would degrade at a slower rate, so long as no one else is using it.

Also, sometimes a rating 6 program might get targeted by a major effort (maybe after a particularly successful run) and drop all the way down to rating 2 within a month. This would really give the sense of the tumultuous matrix, I think.

And as far as spell formulas go, first off there are a lot less magicians in the world then hackers, and second, the average mage would only have magic 3, so most free spells would be at force 3 or less.

I personally favor SOTA degredation of software (and to a lesser extent matrix hardware). Whatever system you use, simply make ever additional copy of a program increase the speed of degredation automatically (representing all the other guys that gave out a copy of that particular software to their buddy).

Anything downloaded from a data haven automatically runs at at LEAST one rating less than it was bought at... if not more, and it would be simpler to simply suggest that the maximum rating available was two or three, the turnover is just too damn fast for anything but raw luck to give you a genuine cutting edge program for that next (and ONLY that next run) before it gets patched to hell and gone. (spend edge to get a real software)

Obviously, SOTA degredation doesn't explain how mages can't always get free rating six spells offline. Essentially, assume that any spell can be got for free up to about rating two, some chump somewhere posted his 'hot shit formula' and it is forever in the net in a thousand versions. Wading through all that is, however, problematic. Computers can't really tell you just how good or bad a spell is, and people will constantly lie about what a file really holds. Think about some of the shareware now, when you think you are downloading Black Hawk Down you are getting 20 seconds of gay mule pr0n. You don't know until you've downloaded it and forever killed half your brain cells trying to drink the memories away.

So, make downloading free spells equivilent to doing the research the hard way. Wade through databases full of junk, misleading labels, vandal viruii and trojan horses disguised as spell formula and more. End of problem. You simply replace yoru 'magic theory' skill with your 'data search skill' for the purposes of research. Two ways to skin that cat.