Help - Search - Members - Calendar
Full Version: Matrix Revisited
Dumpshock Forums > Discussion > Shadowrun
Thanee
I'm trying to figure out a good system to run the Matrix in SR4. Mostly for more complex Matrix runs, as quick'n'dirty runs that just require a few rolls work well enough. But when it comes to situations, where the System actually begins to defend against the intruder, things are really vague in the SR4 Matrix rules.

Here's what I'm thinking about currently... comments are welcome! smile.gif

I liked the Security Tally trigger threshold lists in the previous edition, where the system increases its countermeasures depending on how many hits it accumulates over time. That's a nice and simple system that works well and isn't all-or-nothing. I tried to make something similar, which is fast-playing (once it's done) and also fun and exciting.


I was thinking about something along these lines (still work in progress):


There are six general Security Ratings to categorize nodes and systems. 1 is only rudimentory security, while 6 means state of the art high-level security (only for the most important nodes in corporate systems and such; high-level security measures are expensive). Depending on the Security Rating, responses will trigger faster and be more drastic.


Hackers always make opposed tests in the system, just as normal in SR4.

Whenever the system wins on an opposed test, the total hits (not just net hits) are noted and tallied together into an Alarm Total.

When hacking in (on the fly or probing the target first) the system's hits (not net hits) are tallied together to determine the state of the system at the point the hacker made it inside. There is no immediate response yet (see below).

Once inside, any opposed tests against IC or other defenses also add to the total, and immediate responses happen whenever the system wins on an opposed test.


Two things happen whenever the system (or one of its security measures) wins on an opposed test:

1) Immediate Response (Node): Depending on the net hits scored and the Node Security Rating, as well as the current Alarm Level (see below), the system will trigger some immediate responses in the node in question; usually these will be investigative in nature (i.e. validate the user ID (Hacking+Exploit vs Analyze+Firewall; the system triggers immediate responses and raises the Alarm Total as normal), or send some IC to guard the node in question), but when the system is on Active Alert (see below) the responses will change and combat measures are executed against the intruder.

2) Accumulated Response (System): Total hits (not just net hits) are tallied together over all opposed tests where the system wins during a hacking attempt (similar to an extended test); this is called the Alarm Total. For every multiple by which the Alarm Total beats the hacker's Stealth Rating (i.e. Rating 4 means at 4, 8, 12, 16, etc hits) the system's Alarm Level is raised by one step (starting from 0). In other words, the Alarm Level equals Alarm Total / Stealth Rating (round down).

(If there are multiple hackers in the same system, even if they are independent of each other, all hits are tallied together nonetheless; only the immediate response is individual; the compared Stealth Rating should be the lowest one present in the system in that case.)

Whenever a new Alarm Level is reached, the system will trigger system-wide responses (depending on the System Security Rating), releasing IC to patrol or guard specified nodes (depending on each node's Node Security Rating), requesting security hackers for investigation and so on, even system shutdown is possible.

Low Alarm Levels (usually up to 3) mean the system is on Passive Alert (i.e. a possible intrusion, but not verified yet), while higher Alarm Levels (usually 4+) mean, that the system is on Active Alert (verification that the system is compromised). Once the system is on Active Alert, combat measures are executed (or even some nodes or the whole system are shut down); this is also the point where Black IC typically appears on the stage. Investigating IC or security hackers can set a system on Active Alert immediately, if they identify an intruder, likewise system-wide Active Alert could happen as an immediate response in a node (typically only for nodes with a higher Node Security Rating, and triggered with a high number of net hits). If an Active Alert is triggered directly like this, the system is set to the lowest Alarm Level with Active Alert (unless it already has a higher Alarm Level, of course, in which case nothing additional happens), and the Alarm Total is set to the new Alarm Level x Stealth Rating (the minimum to reach that Alarm Level, also only if it isn't higher already). Glitches automatically raise the Alarm Level by one (the Alarm Total is set to the minimum for that Alarm Level as above).

The Alarm Level is added to the system's Firewall for all further opposed tests in every node. There's no additional +4 bonus to the Firewall on an Active Alert.

The Alarm Level is also added to the net hits scored in order to check for immediate response in the current node (see above), which means that when the system is on alarm, responses are generally more drastic.

With appropriate access level (security or admin) and when in the appropriate node, it might be possible to lower the Alarm Level, but otherwise it only goes up.


Immediate Response
Each node has a Node Security Rating and a list with immediate responses listed by net hits + Alarm Level (these are added together before determining the response). There should be standard lists (though specific systems could vary here) to make things easy and to help judge proper countermeasures (one for each of the six Security Ratings).

Specifics still need to be ironed out here, but a list could look like this:

QUOTE
Node Security Rating 4:

No Alert (Alarm Level 0) or Passive Alert (Alarm Level 1-3)

net hits + Alarm Level =
1 : none
2 : validate user ID
3 : validate user ID and send Rating 3 White IC (Analyze) to guard the node
4 : validate user ID and send Rating 4 Grey IC (Analyze) to guard the node
5+ : Active Alert and send Rating 4 Grey IC (Attack) to the node

Active Alert (Alarm Level 4+)

net hits + Alarm Level =
1-4 : N/A
5 : send Rating 3 Grey IC (Attack) to the node
6 : send Rating 4 Grey IC (Attack) to the node
7+ : send Rating 3 Black IC (Blackout) to the node


Accumulated Response
There also needs to be a standard list for what happens at what Alarm Level in the system (depending on the System Security Rating) and in each node (with a certain Node Security Rating).

An entry in this list could look like this:

QUOTE
System Security Rating 4:

Alarm Level 3 (Passive Alert)

Request Security Hacker for immediate investigation. Notify Users of a possible security breach. Send Rating 3 Grey IC (watchdog profile) on guard in every node with a Node Security Rating of 5+. Send Rating 4 Grey IC (tracker profile) on patrol through all nodes with Node Security Rating 3-4.


Terminology: Node Security Rating is the security level of a specific node. More important nodes typically have a higher Security Rating. It ranges from 1 to 6. System Security Rating is the system's overall level of security, the System Security Rating is not directly related to the Node Security Rating (though higher Node Security Ratings are typically found in systems with a high System Security Rating). It, likewise, ranges from 1 to 6. Alarm Total is the total number of accumulated hits the system gained during the hacking attempt, where all hits (not just net hits) scored in opposed tests where the system has won are tallied together. Alarm Level is the state of alarm in the system and equal to Alarm Total / Stealth Rating (round down). As it grows higher, the system becomes gradually more difficult to hack. Passive Alert means the system has noticed anomalies and investigates further (typically for Alarm Levels up to 3). Active Alert means the system has verified that it is compromised and an intruder is present; combat measures are executed (typically for Alarm Levels of 4 or higher). Validate user ID is a Hacking+Exploit vs Analyze+Firewall opposed test; the system triggers immediate responses and raises the Alarm Total as normal. Black IC is IC employing Blackout or Black Hammer attack programs, while Grey IC only uses standard attack routines. White IC has no attack programs and is purely investigative in nature. Guarding IC remains at the specified node and analyzes all users in the node once per combat round or attacks/tracks intruders, while patrolling IC randomly switches from node to node (remaining in each node for one combat round, analyzing all users it encounters, unless it finds an intruder to attack/track, in which case it stops patrolling and continues to harrass the intruder). The program listed with each IC determines its main purpose, most IC will have additional programs, that are necessary to fulfill its role.

When things should be kept fast and simple, a system could easily be modeled with just a single node with Node Security Rating = System Security Rating. But it also allows to design more complex systems that way as well.

So, what do you think about this so far?



UPDATE! Here are some generic lists, which could be used to try this system out. They are a bit more condensed and instead of having seperate lists for the various Ratings, they incorporate the Ratings into the various responses to allow them to be used in all sorts of systems.

The table for immediate responses just lists generic Node Responses with a Rating. These Node Response Ratings are looked up in the table below by consulting the entry corresponding to the NRR (Node Response Rating) and occasionally also the SSR (System Security Rating); e.g. for a Rating 3 Node Response in a System with System Security Rating 4 you look at the entry for NRR 3 (SSR 4), which says "Rating (NSR) Grey IC (Track)", i.e. send a Grey IC (with Track program) with a Rating equal to the Node Security Rating into the node.

Abbreviations:
NSR - Node Security Rating
NRR - Node Response Rating
SSR - System Security Rating

QUOTE
IMMEDIATE RESPONSE

No Alert (Alarm Level 0)

net hits =
1 : no response
2-3 : validate user ID
4+ : set Passive Alert, validate user ID and Rating 1 Node Response

Passive Alert (Alarm Level 1-3)

net hits + Alarm Level =
1 : N/A
2 : validate user ID
3 : validate user ID and Rating 1 Node Response
4 : validate user ID and Rating 2 Node Response
5 : validate user ID and Rating 3 Node Response
6+ : set Active Alert, attempt to terminate connection and Rating 4 Node Response

Active Alert (Alarm Level 4+)

net hits + Alarm Level =
1-4 : N/A
5 : Rating 4 Node Response
6 : Rating 5 Node Response
7+ : Rating 6 Node Response


QUOTE
NODE RESPONSE

NRR 1 (SSR 1-6) : Rating (NSR) White IC (Analyze)
NRR 2 (SSR 1-6) : Rating (NSR+1) White IC (Analyze)
NRR 3 (SSR 1-6) : Rating (NSR) Grey IC (Track)
NRR 4 (SSR 1-6) : Rating (NSR) Grey IC (Attack)
NRR 5 (SSR 1-4) : Rating (NSR+1) Grey IC (Attack)
NRR 5 (SSR 5-6) : Rating (NSR-1) Black Ice (Blackout)
NRR 6 (SSR 1-3) : Rating (NSR+2) Grey IC (Attack)
NRR 6 (SSR 4) : Rating (NSR) Black Ice (Blackout)
NRR 6 (SSR 5-6) : Rating (NSR) Black Ice (Black Hammer)

----------

If the IC Rating would be 0, no IC is sent.
If the IC Rating would be 7 or higher, the IC Rating is 6 instead, and the number of IC sent is the calculated Rating - 6.


QUOTE
ACCUMULATED RESPONSE

Alarm Level 0 (No Alert)

Nothing happens.

Alarm Level 1 (Passive Alert)

SSR 4-6: Send Rating (SSR-1) White IC (Analyze) on patrol through all nodes with NSR 4+.
SSR 6: Notify System Owner of a possible security breach.

Alarm Level 2 (Passive Alert)

Send Rating (SSR-1) White IC (Analyze) on patrol through all nodes with NSR 3-4.
Send Rating (SSR) White IC (Analyze) on patrol through all nodes with NSR 5+.
SSR 5-6: Notify System Owner of a possible security breach.
SSR 6: Request Security Hacker for immediate investigation.

Alarm Level 3 (Passive Alert)

Send Rating (SSR) White IC (Analyze) on guard in every node with NSR 4+.
Send Rating (SSR-1) Grey IC (Track) on patrol through all nodes with NSR 4+.
SSR 4-6: Notify System Owner of a possible security breach.
SSR 5: Request Security Hacker for immediate investigation.

Alarm Level 4 (Active Alert)

Notify Users and System Owner of a confirmed security breach.
Remove all patrolling White IC.
Send Rating (SSR) Grey IC (Attack) on guard in every node with NSR 5+.
Send Rating (SSR) Grey IC (Track) on patrol through all nodes.
SSR 4: Request Security Hacker for immediate investigation.

Alarm Level 5 (Active Alert)

Notify Users and System Owner of a confirmed security breach.
Terminate all User Connections without valid Security or Admin access level.
Shut down all nodes with NSR 6.
Send Rating (SSR+1) Grey IC (Attack) on patrol through all nodes.
SSR 3: Request Security Hacker for immediate investigation.

Alarm Level 6 (Active Alert)

Notify Users and System Owner of a confirmed security breach.
Terminate all User Connections without valid Security or Admin access level.
Shut down all nodes with NSR 5.
Send Rating (SSR+2) Grey IC (Attack) on patrol through all nodes.

Alarm Level 7+ (Active Alert)

Notify Users and System Owner of System Shutdown.
Complete System Shutdown.

----------

If the IC Rating would be 0, no IC is sent.
If the IC Rating would be 7 or higher, the IC Rating is 6 instead, and the number of IC sent is the calculated Rating - 6.


Bye
Thanee
Aaron
Do you use a similar system for characters sneaking around a facility?
Kyoto Kid
...the Alarm Total reminds me too much of the old Security Tally in previous editions. A pain in the kiester for the GM to deal with.

I like the basic idea of the Security Ratings but view those as being more threshold based as the old security code colour scale was in past editions (also kind a miss the old Blue -Green - Orange - Red - Ultraviolet eek.gif, rating terminology.
Thanee
QUOTE (Aaron)
Do you use a similar system for characters sneaking around a facility?

Right now, I don't use anything there... it's just an idea currently. smile.gif

And yes, it is like that Security Tally system (as I said), because I like that idea.

I don't quite get what's the problem for the GM, though? It's one (single) number to keep in mind. The rest is looking up stuff on a table.

For the Matrix I like that better than arbitrary decisions, especially because it's much faster to execute.

As for the sneaking around in a facility... there are certain similarities, but there's a big difference... if you run into some sensor trap, an alarm is triggered immediately (which is, I suppose, what you are talking about with the comparison?), because noone is supposed to sneak around there!

In the Matrix, there is always activity and if the system goes on red alert with every slight anomality, which probably happen without any hackers as well, that would greatly limit the usefulness of the system. Hence the slower alarm progression.

Bye
Thanee
Chunk Of Horn
I really like this idea as presented because I have been wholly dissatisfied with the current matrix rules. I feel the are clunky, too drawn out and with out any real way to generate a interesting and fluid system architecture. I thank you for taking the time to do this and I think I will implement this in my next session. If you would like I will ask my players what they think and let you know how it went.

On a related tangent where do you weigh in on the whole technomancer power balance and general playability as compared to a decker? If you have any fixes and or revamps I would love to hear your ideas and if you would prefer you could email me directly at bishdan@u.washington.edu

Thanks again.

-Daniel
Garrowolf
I use a system based on a version of the security tally. It isn't like the standard system where the system freaks out and sends IC to deal with you. It is based on the idea that there are hundreds of users and many daily hacking attempts. The first thing that it will do in any situation is increase the firewall to shut out the port. If you are a normal user then you won't notice this.

Your stealth program is used to suppress the alarm levels. Any time you as the hacker rolls below the security threshold in a regular system, or any 1s at all in an alerted or high security system, you get an alarm level. You cancel out a number of alarm levels equal to your stealth program automatically. Once it gets above your stealth rating then it adds to the Firewall rating until it doubles. Once it reaches double the port closes and you have to start over with the firewall 1.5 x it's rating.

No one will send IC or tracers after you unless you get a sensitive file. Just getting into their system is just an annoyance.

There is no sneaking around or anything like physical security. That is like someone saying that a picture of a gun is the same a s a real gun. The guards in the matrix are a metaphor. They are hoping that someone will be stupid enough to fall for it. The spyder is not even looking at the VR. He would be watching for alerts coming from sensitive areas. If he wanted to he could look at the VR top down and watch you hide behind a VR pillar to hide from a VR image of a guard. People confuse processes for display. Most processes are not displayed even on your windows desktop. The explination that "It's the future" is not good enough.

If you want a better system for the matrix and technomancers check out my web site below.
Thanee
QUOTE (Chunk Of Horn)
If you would like I will ask my players what they think and let you know how it went.

But of course! smile.gif

QUOTE
On a related tangent where do you weigh in on the whole technomancer power balance and general playability as compared to a decker? If you have any fixes and or revamps I would love to hear your ideas...


Some good ideas are floating around here. I surely have some ideas, too, but they are not yet thought-out enough, I guess.

One thing is, that I (like many others) want to have attributes influence hacking more. There are ideas to make Program Ratings more like Spell Ratings (i.e. limit maximum number of hits), which are a good start, I think.

As for Technomancers... sorry, too inexperienced with those yet. smile.gif

QUOTE
...and if you would prefer you could email me directly at...


I wouldn't post your e-mail address like this... post it like name AT domain DOT com, so spam bots cannot simply pick it up and load it into their database. wink.gif

Bye
Thanee
deek
I like the idea of putting more structure around the matrix and I do like the stepping up of the alarm level based on alarm total (i.e. security tally) / stealth rating.

I've been reading Serbitar's suggested system as well, basically how every illegal action is opposed by System + Firewall, with net hits by the system increasing a security tally. Now, he also goes as far as even a failed test by the system still adds 1, so that basically gives a hacker with rating 5 stealth only a total of 5 illegal actions, even when successful, before the node is going to react. Not sure I am in on that, yet.

You suggestion allows a successful hack to go unnoticed, but when the system does detect an illegal actions, that total hits (not net) are added to the alarm total. Your suggestion allows for a more detailed stepped up response, based on the systems successes and the hacker's stealth.

So, in theory, I am liking what you are doing. I must admit that I am a bit confused when you start adding the Node Security Rating and the System Security Rating into the mix. I think the System Security Rating I am understanding, where you could basically list all systems, 1 thru 6, and their corresponding Alarm Level, 1 thru 6, and have a fairly complete and standard chart. Then, a GM would simply set a system's security rating and be able to quickly read what happens as the hacker makes it through different Alarm Levels, granted, this is at an overall system level and therefore would be a little more general, like you outlined below.

But then you are adding another layer, the Node Security Rating, which on the surface, I understand. I mean, a system could have higher and lower security nodes within it.

The part I get confused with is your Node Security Rating 4 chart. You have a (net hits + Alarm Level / immediate response) and I don't understand what you are trying to say here. Then under the Passive and Active Alerts, you have a column of numbers, which supposedly I would be looking at to determine what happens, but how do you pick them? Its not random. Am I taking the Alarm Total? Just not sure.

What I do like is the fact that I only have to tally one number, the Alarm Total. Everything else is derived, with the major one being the Alarm Level as a multiple of Stealth rating. That makes a lot of sense.

I'm not yet sure I like the idea of using total hits instead of net hits for when the system wins a test, but I am assuming that you have looked at the math and balance on that to give something that works. And that is why I mentioned Serbitar's rules, as he is using net hits. But, he is also using two separate tallies, a security tally and then a second one that basically is used to gauge the hacker's footprint and time needed to erase that footprint by deleting logs (I like the idea, just not the extra accounting I would need to do).

So, going back to your suggestion, I would certainly like to get to a point where I have a chart with all 6 System Security Ratings with there associated Alarm Level actions as a quick reference, then a separate chart with all 6 Node Security Ratings and what actions are taken under the Passive and Active alerts. I think that would give a very solid point of reference and be an easy lookup, then obviously, customize for specific runs on a case-by-case basis, if needed.

But for a GM running a matrix run on the fly, you really only need to know a couple things (Node and System Ratings) and you would generally know how each node in the system would react to your hacker. I think it is a good framework, just need to understand a couple things you gave examples on.

Looking over Garrowolf's just now, that seems pretty straightforward, but I don't like the idea of at a point, knocking the hacker off and starting over with 1.5 x Firewall. I mean, a system "could" do that (the closing port), but I wouldn't want to have that be the norm all the time. Getting the stealth rating in there to suppress alarms is good, and I think I like that about all three systems I have read...
Serbitar
QUOTE (deek)

I've been reading Serbitar's suggested system as well, basically how every illegal action is opposed by System + Firewall, with net hits by the system increasing a security tally. Now, he also goes as far as even a failed test by the system still adds 1, so that basically gives a hacker with rating 5 stealth only a total of 5 illegal actions, even when successful, before the node is going to react. Not sure I am in on that, yet.


No, im my rules, the node is only collecting net hits.
deek
QUOTE (Serbitar)
QUOTE (deek)

I've been reading Serbitar's suggested system as well, basically how every illegal action is opposed by System + Firewall, with net hits by the system increasing a security tally. Now, he also goes as far as even a failed test by the system still adds 1, so that basically gives a hacker with rating 5 stealth only a total of 5 illegal actions, even when successful, before the node is going to react. Not sure I am in on that, yet.


No, im my rules, the node is only collecting net hits.

Ok, well maybe I am misunderstanding something then.

In section 1.7.1 you state:
Note that in the
case of a fast hack in, the security tally of the hacker
rises by one for every roll even if no net hit was
achieved.

And on page 25 you state:
Because
this is a ”hack on the fly” attempt, for every
roll 1 is added to the security tally, even if no net
hits were generated.

So, does this mean that the 1 added to security tally is added with 0 net hits only on the "hack on the fly" attempt, but not other node tests?

If so, I have much less of an issue with it:)
Serbitar
Yes, thats right. Its only for hack on the fly attempts. It is quite hard to find a mechanism for difference between probing and hacking on the fly that models the stuff you want to., but this mechanism works quite well.
Garrowolf
Well the firewall thing was an attempt to show that they would just close the port after a while and then it would be on a higher alert level. If you wanted to show that they get pinged all the time and don't react to it then have the firewall just increase for that connection and then drop back.
Thanee
QUOTE (deek @ Mar 29 2007, 06:23 PM)
So, in theory, I am liking what you are doing.


Thanks! smile.gif

QUOTE
I must admit that I am a bit confused when you start adding the Node Security Rating and the System Security Rating into the mix.  I think the System Security Rating I am understanding, where you could basically list all systems, 1 thru 6, and their corresponding Alarm Level, 1 thru 6, and have a fairly complete and standard chart.


A system has an overall Security Rating, which will (through a premade chart, either the standard one, which will be there at some point, or one you make yourself, if you want to change some specifics) determine what the system does with the accumulated hits on the Alarm Total.

Then each node also has a Security Rating, i.e. a node storing important data or handling the security might have a higher Security Rating than some less important node.

QUOTE
The part I get confused with is your Node Security Rating 4 chart.  You have a (net hits + Alarm Level / immediate response) and I don't understand what you are trying to say here.


That's just meant to be the two items listed in the table below (before and after the '/')... it's just the table header so to say. wink.gif

QUOTE
Then under the Passive and Active Alerts, you have a column of numbers, which supposedly I would be looking at to determine what happens, but how do you pick them?  Its not random.  Am I taking the Alarm Total?  Just not sure.


Before the '/' you have the net hits on the test that triggered the immediate response... the Alarm Level is added to those net hits before looking up the response, since with increasing Alarm Level responses will also be more drastic.

After the '/' comes the specific response (or set of responses) for the entry.

Reading one of your statements below, there might still be some confusion with the Passive and Active Alert differentiation here... it's not meant to be triggered by initiating the Alert, i.e. when the system moves into Active Alert, that fact alone doesn't do anything within the nodes (other than what's listed on the system table itself). The node table is only used whenever the hacker loses a roll against the system. Then, the net hits + current Alarm Level are looked up on the table, and depending on what alert state the system is in, you either look under Passive Alert or Active Alert (while typing this, I just noticed some little inconsistency... Passive Alert also includes No Alert, of course, when the system is still on Alarm Level 0).

QUOTE
What I do like is the fact that I only have to tally one number, the Alarm Total.  Everything else is derived, with the major one being the Alarm Level as a multiple of Stealth rating.  That makes a lot of sense.

I'm not yet sure I like the idea of using total hits instead of net hits for when the system wins a test, but I am assuming that you have looked at the math and balance on that to give something that works.


Exactly. Net hits are simply too few to have any effect in a reasonable time frame.

With Stealth Ratings as high as 6 you would have to dumb down Alarm Levels to 1 and 2 (synonymous to Passive and Active Alert) instead of the more detailed system. Of course, that could be an option as well, I plan to look into that, when I am farther with the whole thing.

Also, if you only counted net hits... the net hits are more or less equal regardless of whether a good hacker runs against a good system (i.e. all Ratings at 6 for both hacker and system) or a bad hacker against a bad system (i.e. all Ratings at 3 for both hacker and system), however, if you tally them up and compare them against the Stealth Rating, you now have it much harder for the good system to detect the good hacker, which shouldn't really be the case (if both are equal in terms of Ratings, results should be comparable). To counteract this disparity, I use the full hits instead of just the net hits, since this number scales with system quality (more dice = more hits).

QUOTE
So, going back to your suggestion, I would certainly like to get to a point where I have a chart with all 6 System Security Ratings with there associated Alarm Level actions as a quick reference, then a separate chart with all 6 Node Security Ratings and what actions are taken under the Passive and Active alerts.  I think that would give a very solid point of reference and be an easy lookup, then obviously, customize for specific runs on a case-by-case basis, if needed.


That's the plan.

Most likely, I will also make a condensed system with above tables merged into one each for immediate (node-level) and accumulated (system-level) response. They will work the same, but you add the Node Security Rating or System Security Rating respectively to the number you look up (and the tables will be bigger, obviously, to cover all six Security Ratings; basically the Security Ratings shift your result window on the table upwards).

QUOTE
But for a GM running a matrix run on the fly, you really only need to know a couple things (Node and System Ratings) and you would generally know how each node in the system would react to your hacker.  I think it is a good framework, just need to understand a couple things you gave examples on.


If anything is still unclear, don't be shy to ask. smile.gif

Bye
Thanee
deek
Ok, that makes a lot more sense now. So, under the Node Security Rating, I take the current Alarm Level + the net hits (of the specific test the node just won) to determine what the immediate response to the hacker is.

Ok, I follow you now.

Yeah, I think that a generic table for System Security Ratings and one for Node Security Ratings could be made and be a very good starting point used in all but the most custom of situations. It would be handy to just have that right there and then I can just tally the Alarm Total for the hacker...then at any point, I know exactly what the system is going to do in response...
Thanee
QUOTE (deek)
Yeah, I think that a generic table for System Security Ratings and one for Node Security Ratings could be made and be a very good starting point...

Yep, it's probably the best way to get this to a usable level. smile.gif

Then I can worry about the fine-tuning and getting more sophisticated seperate lists with less overlap (unless, of course, it turns out to work so well, that they are unnecessary and will only needlessly overcomplicate things wink.gif).

Bye
Thanee
deek
Well, if you need any help coming up with that or at least want someone to look things over, I'm available!
Thanee
Thanks for the offer! smile.gif I will start by making the two bigger lists and see how far I get there, then post them here for review and suggestions. Don't expect them anyday, though. wink.gif

Bye
Thanee
deek
QUOTE (Thanee)
Thanks for the offer! smile.gif I will start by making the two bigger lists and see how far I get there, then post them here for review and suggestions. Don't expect them anyday, though. wink.gif

Bye
Thanee

Not wanting to push (okay, I guess, I am kind of)...but have you done anything with this yet?

I really like the idea, but not at the point where I want to do the startup work:) But I am certainly curious to your progress!
Thanee
Hey!

Sorry, time was rather limited recently, but I will surely continue with this. smile.gif

On a related topic... I also had a reasonably decent idea about how to mix and match attribute, skill and program rating (without going the hits limited by program rating route). Basically, program rating and the appropriate opposed rating are used as positive and negative modifier to your dice pool (which is always attribute+skill as it should be).

Bye
Thanee
deek
I certainly chomping at the bit to see the security rating tables...so, whenever you have a draft, I will be looking over it!
Garrowolf
How about program ratings acting as threshold negation?

Basically do it attribute + skill. Take the program rating and compare it to the program you are trying to overcome. Basically if your program is higher then theirs then their program rating goes away. If yours is lower then take the difference as the threshold you have to overcome. That way the program isn't the point but it makes a difference and it doesn't change the dice pools.
Thanee
QUOTE (Garrowolf)
How about program ratings acting as threshold negation?

Basically do it attribute + skill. Take the program rating and compare it to the program you are trying to overcome. Basically if your program is higher then theirs then their program rating goes away. If yours is lower then take the difference as the threshold you have to overcome. That way the program isn't the point but it makes a difference and it doesn't change the dice pools.

That would change the basic rules mechanics, though.

Bye
Thanee
Garrowolf
Attribute + skill is the basic game mechanic
Thanee
I meant the additional thresholds, of course. And raising the thresholds is a pretty big change, especially when you raise it by 2+. Makes the rolls next to impossible to succeed at.

Modifiers to the dice pool are the norm, so changing them doesn't seem bad.

Changing the thresholds might be problematic in some cases, where the rolls are not simply opposed. Also how would a higher program rating give an advantage then (i.e. program rating 3 or 6 vs opposed rating 3 - what's the difference)?

Bye
Thanee
Garrowolf
I am using a variant of the SR4 rules for a space game and one of the changes that I've made is that equipment no longer effects dice pool. It always effects thresholds. This means that some of the thresholds are a bit higher to start with the idea that the PCs will have some equipment to lower it. Environmental penalties are also thresholds. This makes the actual dice pools much more manageable and the game works just fine.

So for example a firearms test starts with range thresholds. Then increase it with any environmental conditions, but lower it from scopes, vision enhancement, and smart link. Equipment negates up to their rating in thresholds that they can effect. The actual thresholds stay low and the player doesn't have to wait to find out how many dice they roll. The only thing that will change their dice is injury penalties because the problem is internal to the character. They can go ahead and roll while the GM figures out the threshold.

Think about for a moment and tell me what you think about it. I know that it isn't standard but it is based on one of the alternate systems suggested in the book so it's not totally out there.
Thanee
QUOTE (Garrowolf)
Think about for a moment and tell me what you think about it. I know that it isn't standard but it is based on one of the alternate systems suggested in the book so it's not totally out there.

No, certainly not. smile.gif

I can see it work well, the biggest difficulty probably being, that one step up or down with the thresholds equals three steps with the dice pools (on average). Modifiers might become a bit difficult to apply then, i.e. for wounds.

Bye
Thanee
Garrowolf
Well I think that anything that impairs the character should be dice pool modifiers. Anything that effects the difficulty of the action for everyone should be thresholds. So wound penalties would still be dice modifiers. Anything directed at the character would be impairing the character's abilities (ie dice pool). An extreme shot on a foggy night should be a hard threshold, but with that smartlinked ultrasound scope the shot could be easy.
Thanee
Sounds quite similar to the logic I used back in SR2 with my own dice pool system (dice pool mods vs target number mods). smile.gif

Bye
Thanee
jgalak
Thanee,

Did you ever get a chance to create those tables? I really like this mechanic, and would love to see the tables. If not, I guess I'll have to get on them myself... smile.gif
Thanee
I havn't continued here in a while... too many distractions! wink.gif

But I have added some lists to the initial post now, which could be used as a starting point. I have no idea, how well that will work out in practice yet. biggrin.gif

Bye
Thanee
Tymeaus Jalynsfein
QUOTE (Thanee @ Nov 29 2009, 12:15 PM) *
I havn't continued here in a while... too many distractions! wink.gif

But I have added some lists to the initial post now, which could be used as a starting point. I have no idea, how well that will work out in practice yet. biggrin.gif

Bye
Thanee



After having read the updated information in the original post...

WOW, seems like a lot of book keeping, and a lot of effort... I really like the fact that hacking is fairly quick now days, I have no real need to go back to a system that adds so much complexity that hacking becomes a mini-game all of its own, which this seems to promote... If it works for you that is wonderful, but seem like a lot of effort for very little true gain...

Of course with no testing, and no empirical data from the originator, I cannot truly comment on its effectiveness... let me know how it works out in the end, if you ever get around to testing it in play...

Keep the Faith
hahnsoo
QUOTE (Tymeaus Jalynsfein @ Nov 29 2009, 10:12 PM) *
After having read the updated information in the original post...

WOW, seems like a lot of book keeping, and a lot of effort... I really like the fact that hacking is fairly quick now days, I have no real need to go back to a system that adds so much complexity that hacking becomes a mini-game all of its own, which this seems to promote... If it works for you that is wonderful, but seem like a lot of effort for very little true gain...

Of course with no testing, and no empirical data from the originator, I cannot truly comment on its effectiveness... let me know how it works out in the end, if you ever get around to testing it in play...

Keep the Faith
It's definitely not quick nowadays. SR 4th edition is just as time-consuming as earlier editions, unless you have a lot of house rules.
Tymeaus Jalynsfein
QUOTE (hahnsoo @ Nov 29 2009, 08:33 PM) *
It's definitely not quick nowadays. SR 4th edition is just as time-consuming as earlier editions, unless you have a lot of house rules.


I completely disagree, we use no houserules and have a very good understanding of the way the Matrix works, and it positively flows in comparison to earlier editions... it may still take 10 minutes to do something, but that 10 minutes is not teh 3 hours it was previously...

Of Course, Tables Vary as well, so your mileage may vary here as well...

Keep the Faith
Jericho Alar
QUOTE (hahnsoo @ Nov 29 2009, 10:33 PM) *
It's definitely not quick nowadays. SR 4th edition is just as time-consuming as earlier editions, unless you have a lot of house rules.



There's definitely fewer rolls now - the simpler on/off nature of most hosts' security systems helps alot too.

there's still probably too many options but that could be improved slightly, probably by moving the various actions into explicit program rules text rather than the other way around (programs allowing specific actions vs actions requiring specific programs.) this might allow you to switch to a 'spellcasting' style of att+skill with program rating affecting effectiveness in addition to net hits, rather than the system we have currently.*



*full disclosure: I like that attributes don't have much to do with it, I think it's more accurate than a system that largely ignored the tools in favor of personal skill; but I recognize it creates counter-intuitive character choices.
Tymeaus Jalynsfein
QUOTE (Jericho Alar @ Nov 29 2009, 08:47 PM) *
There's definitely fewer rolls now - the simpler on/off nature of most hosts' security systems helps alot too.

there's still probably too many options but that could be improved slightly, probably by moving the various actions into explicit program rules text rather than the other way around (programs allowing specific actions vs actions requiring specific programs.) this might allow you to switch to a 'spellcasting' style of att+skill with program rating affecting effectiveness in addition to net hits, rather than the system we have currently.*


I believe that your suggestion is one (or more) of the Optional rules outlined in Unwired... and they definitely make some sense in a lot of circumstances (especially making them functionally identical to the Magic System)...

Keep the Faith
hahnsoo
A hacking run in 3rd edition Shadowrun using the ACIFS and security sheafs did not take very long (if you prepared the ACIFS and security sheaf beforehand, which you may not have), until you get to Cybercombat. I can't put an actual time estimate on it, but this is speaking as an experienced 3rd edition GM that was able to pare it down to the essentials, though. I wager that once you throw Cybercombat into the mix, you'll get just as many dice rolls (since combat has changed very little in general from edition to edition). In fact, the time savings probably come from the fact that cybercombat has become gradually de-emphasized throughout SR editions.

You can potentially get MORE dice rolls in SR4 to do identical tasks, merely because of the way Extended tests work.

It still takes a long time to resolve basic hacking under SR4 rules, if you used ALL of the Matrix options that you should (and most GMs don't... who wants to manually roll eleventy Traces, resolve Agent VS IC cybercombat, and figure out on every turn what sort of shit goes down while the rest of the team is moving through meatspace?). The 3rd edition ACIFS and security sheaf worked just about as quickly, but it requires the GM to get familiar with it (just like a GM getting familiar with the SR4 hacking rules).

I'm not sure you can convince me that hacking runs smoothly in your games unless I actually sit in some of your games. So I'll just leave it at that.
Tymeaus Jalynsfein
QUOTE (hahnsoo @ Nov 29 2009, 09:05 PM) *
A hacking run in 3rd edition Shadowrun using the ACIFS and security sheafs did not take very long (if you prepared the ACIFS and security sheaf beforehand, which you may not have), until you get to Cybercombat. I can't put an actual time estimate on it, but this is speaking as an experienced 3rd edition GM that was able to pare it down to the essentials, though. I wager that once you throw Cybercombat into the mix, you'll get just as many dice rolls (since combat has changed very little in general from edition to edition). In fact, the time savings probably come from the fact that cybercombat has become gradually de-emphasized throughout SR editions.

You can potentially get MORE dice rolls in SR4 to do identical tasks, merely because of the way Extended tests work.

It still takes a long time to resolve basic hacking under SR4 rules, if you used ALL of the Matrix options that you should (and most GMs don't... who wants to manually roll eleventy Traces, resolve Agent VS IC cybercombat, and figure out on every turn what sort of shit goes down while the rest of the team is moving through meatspace?). The 3rd edition ACIFS and security sheaf worked just about as quickly, but it requires the GM to get familiar with it (just like a GM getting familiar with the SR4 hacking rules).

I'm not sure you can convince me that hacking runs smoothly in your games unless I actually sit in some of your games. So I'll just leave it at that.



Hey no problems...

I understand about 3rd edition, I just never really liked those hacking rules, and 2nd edition was totally screwed up as far as economy of time went... as for SR4/SR4A, the rules work pretty well for what they do, and cybercombat is always the longest part of the process, as it has always been in previous editions... what tends to make it go so smoothly at our table is that hacking actions are interleaved with the meat actions of the other party members... so no one is bored and waiting... I know the rolls that I need to make, the Technomancer knowns the rolls he needs to make (My god, he accumulates a lot of rolls, what with Threading and the actual hacking rolls... Crazy Technomancers) and the GM knows his rolls... some of the behind the scenes rolls (Tracking, IC vs. IC rolls, etc.) have already been made before hand (and thresholds can tehn be verified on the fly), as the GM has our program stats, so that can be narrated fairly easily...

Because the action is interleaved, the flow is never "interrupted" for any given length of time, and everyone plays, which may lend a bit to the feeling that it is faster, as no one sits...

Anyway, That is my rationale for saying it seems faster... and I have to admit, I have yet to see a Hack take more than 10 or 15 minutes real time (even with the inevitable divergences, unless that is the purpose of the session, like a resonance realm quest) which I cannot say for previous editions... This may also have something to do with what is, in my opinion, a better combat resolution system as a whole... fights tend to end fairly quickly at our table, regardless of what mefium they occupy...

Keep the Faith
Jericho Alar
my issue was typically when the decker decided to slam down some node I didn't really have a sheaf for - eventually my fallback was default sheafs for green/orange/red etc. for when I needed a random node, but realistically it was alot of prep work you don't have to do anymore.

Cybercombat itself is about the same as its always been, really. I guess the one advantage to SR3 over 4 is that the system was generally more lethal so fights would be over a little faster; (the lack of agents and generally weakness of Daemons also meant that generally the PC was running fewer units on his side so the fights were frequently less complex)
Tymeaus Jalynsfein
QUOTE (Jericho Alar @ Nov 29 2009, 09:26 PM) *
my issue was typically when the decker decided to slam down some node I didn't really have a sheaf for - eventually my fallback was default sheafs for green/orange/red etc. for when I needed a random node, but realistically it was alot of prep work you don't have to do anymore.

Cybercombat itself is about the same as its always been, really. I guess the one advantage to SR3 over 4 is that the system was generally more lethal so fights would be over a little faster; (the lack of agents and generally weakness of Daemons also meant that generally the PC was running fewer units on his side so the fights were frequently less complex)



I will have to agree with teh point about less opposing IC, Agents, Etc in SR3... though I still say the cybercombat is not any longer than it used to be (and I believe it is a little shorter in SR4, but I have already explained why this perception might exist at our table), as combat was always the longest part of hacking into a system...

Keep the Faith
Jericho Alar
QUOTE (Tymeaus Jalynsfein @ Nov 29 2009, 11:34 PM) *
I will have to agree with teh point about less opposing IC, Agents, Etc in SR3... though I still say the cybercombat is not any longer than it used to be (and I believe it is a little shorter in SR4, but I have already explained why this perception might exist at our table), as combat was always the longest part of hacking into a system...

Keep the Faith


we've found combat in general takes about one more successful hit (so usually about 2 more rounds) both in the matrix and in the meat; we'd concluded the system is slightly less lethal in SR4 than it was in SR3; I think most of it is due to missing the discretionary dice pools that let you frontload your damage.

[edit] comparatively speaking matrix combat is faster (e.g. average rounds of matrix combat vs. average rounds of meat combat.); but comparing matrix combat across editions it's slightly slower, at least at our table. (our table in this case being our SR3 decker as SR4 GM and the SR3 gm (me) as the SR4 hacker; so I'd like to think we're pretty quick; we also have an otaku and a TM, he's played by the same guy in both games.
Tymeaus Jalynsfein
QUOTE (Jericho Alar @ Nov 29 2009, 09:57 PM) *
we've found combat in general takes about one more successful hit (so usually about 2 more rounds) both in the matrix and in the meat; we'd concluded the system is slightly less lethal in SR4 than it was in SR3; I think most of it is due to missing the discretionary dice pools that let you frontload your damage.

[edit] comparatively speaking matrix combat is faster (e.g. average rounds of matrix combat vs. average rounds of meat combat.); but comparing matrix combat across editions it's slightly slower, at least at our table. (our table in this case being our SR3 decker as SR4 GM and the SR3 gm (me) as the SR4 hacker; so I'd like to think we're pretty quick; we also have an otaku and a TM, he's played by the same guy in both games.



And I fully willing to admit that tables differ...

Odd though, we have found that combat in the meat is far quicker and much more lethal... this may have a lot to do with the difference in how dice pools are constructed in teh 2 editions... when you are always shooting someone with a TN of 9+ (in SR3), combats tend to take a while (Our GM tends/tended to use every ranged modifier in combat (against both sides) which drug out combat a LOT), while you are now just adding and subtracting dice pool modifiers, anbd many of them can actually be negated with the appropriate equipment... so firefights are truly deadly in comparison... for example, In SR3, no one I ever played with really used light pistols as tehy were deemed too ineffective, so everyone carried Heavy Pistols at a minimum. Now, in SR4, I routinely prefer the Light pistol, and have easily killed opposition, even targets in moderate levels of armor, using such a weapon, and in pretty short order... things are different, when you always have a target of 5 and soaks are at a target of 5... how often did you see a great hit in SR3 reduced to target 2 to soak due to armor... does not happen anymore... target is always a 5... this is a HUGE difference in the lethality...

Anyway...

Keep the Faith
Jericho Alar
it probably is table differences then; although I agree that sub-heavy pistols are much more lethal in SR4 than they were in SR3. (we mostly find the discrepancy in the automatics - a well aimed auto burst with enough recoil comp behind it often caused deadly damage even after soak in sr3)

although I'm surprised you were getting TN9+ routinely - with a smartlink, some recoil comp, and some vision mods the base TN should be 2 in almost all situations before running / cover / weather / lighting mods - and weather and lighting were almost universally countered by the right eyeware. (running and cover add up fast - but I'd be surprised to see them get much past 7 - if they did my table generally just took some aim actions to bring it down to 7 and then blew everything in one shot: full combat pool and spend a karma to reroll failures and any BF/FA weapon other than a machine pistol would take them down in one go typically.)

while soak tns were frequently 2, it's hard to soak S damage with 6 successes behind it (18 dice with failures rolled twice averages about 5.5 successes against TN7) appreciably; and fights typically ended [edit]targets went down[/edit] after two good hits at our table.

in SR4 we're finding it's typically about 3 hits - I wonder if part of our 'slower' feeling is that players aren't firing quite as fast as possible (aim actions may not be as beneficial in SR4 as they were in SR3 over tn7?) although there is a minor reduction in the lethality of most automatics. (I'd guess about 1 less box of damage on average overall, combined with the on average one box larger health pools.. )
Thanee
QUOTE (Tymeaus Jalynsfein @ Nov 30 2009, 04:12 AM) *
WOW, seems like a lot of book keeping, and a lot of effort...


I actually don't think it's that much. The biggest bookkeeping factor is a single number you need to track. That should be doable. smile.gif

It just makes the rather arbitrary responses a bit more structured. In the SR4 book, it just lists some response options that could happen, but the GM is left on his or her own when something will happen or what it will be. Also it only mentions that a system could have several nodes and IC of various kinds to defend them. This simply offers more structure and guidance in that regard.

You can still make quick Matrix runs, if you just want to see if the Hacker can get a certain piece of information, that will take no longer.

But you can also make more tense Matrix runs (which will obviously take longer), without having to make up everything yourself.

Bye
Thanee
Prime Mover
I still have a problem with the passcode system. It takes longer to do checks the stronger the passcode and can be hacked normally. Been considering adding the optional security tally feature from unwired for this matrix defense.
Tymeaus Jalynsfein
QUOTE (Thanee @ Nov 30 2009, 12:42 AM) *
I actually don't think it's that much. The biggest bookkeeping factor is a single number you need to track. That should be doable. smile.gif

It just makes the rather arbitrary responses a bit more structured. In the SR4 book, it just lists some response options that could happen, but the GM is left on his or her own when something will happen or what it will be. Also it only mentions that a system could have several nodes and IC of various kinds to defend them. This simply offers more structure and guidance in that regard.

You can still make quick Matrix runs, if you just want to see if the Hacker can get a certain piece of information, that will take no longer.

But you can also make more tense Matrix runs (which will obviously take longer), without having to make up everything yourself.

Bye
Thanee



I can see that... I will have to ponder...
Thanks for the Info...

Keep the Faith
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012