The Persona is a combination of the following parts:
See page 211 SR4 (Persona)
Commcode (ID)
Hardware
Software
So, as long as you have two commlinks and two commcodes you can make your Drones a bit safer from spoofing, not fool proof but safer.
Persona 1 (commlink 1) grants user access to Persona 2 (Commlink 2) to Drone 1.
Shut down Commlink 1 or at least log off from the matrix with it.
Access the matrix with persona 2 and command your drone. Anyone analyzing the persona that commands the drone will not get anything but user access even if they demand it and succeeds with the diceroll because the Drone is not allowed to give that persona a higher access.
Depending on what one can do with a user access (that’s up to the owner) but I would limit it to regular Rigger commands like move, target, shoot, analyze etc. Changing subscription lists and the like would be at least security access.
Full Version: Spoof protection
You don't need two comlinks - that is what the whole 'user privileges' thing is all about.
As long as you don't need it - don't log in as root.
As long as you don't need it - don't log in as root.
Hmm, since you must analyze the ID of the controlling Persona, how do i do that if they are behind a firewall in another Node and just use Command to the drone? Is the Drone tagged with the ID or does it become impossible to spoof them? In that case it becomes impossible to spoof remote controlled drones, feels kind of wrong.
Exploit is all about bypassing safeguards in place. If you use Exploit successfully to create forged access its not being granted by a legitimate authority.
Command is a hacking program and I don't believe programs can be used from outside their node. You could instruct a Pilot program to do something from outside the node but short of instructing it then going offline not much to do.
After writing this I had an idea though as a defense... crash the Pilot program in the drone running without a hacker present then upload and run your own Pilot program to handle the drone. It'd probably require Admin access but hey, once in place its great for a surprise...
My own preferred method of avoiding spoofing and hacking in general is to have the wireless turn off for a set period and operate with prior instructions. If I need to update it in an emergency use a biometric/skin link interface and touch the drone to emergency-stop it.
Command is a hacking program and I don't believe programs can be used from outside their node. You could instruct a Pilot program to do something from outside the node but short of instructing it then going offline not much to do.
After writing this I had an idea though as a defense... crash the Pilot program in the drone running without a hacker present then upload and run your own Pilot program to handle the drone. It'd probably require Admin access but hey, once in place its great for a surprise...
My own preferred method of avoiding spoofing and hacking in general is to have the wireless turn off for a set period and operate with prior instructions. If I need to update it in an emergency use a biometric/skin link interface and touch the drone to emergency-stop it.
| QUOTE (Wasabi) |
| Command is a hacking program and I don't believe programs can be used from outside their node. |
Nope, command is a common program and is used to send instructions. Exploit is all well and dandy but then we have moved away from spoofing – you’re talking about hacking and that’s a more secure route but it takes longer.
| QUOTE (The Jopp) |
| Hmm, since you must analyze the ID of the controlling Persona, how do i do that if they are behind a firewall in another Node and just use Command to the drone? Is the Drone tagged with the ID or does it become impossible to spoof them? In that case it becomes impossible to spoof remote controlled drones, feels kind of wrong. |
According to the RAW you just Intercept Wireless Traffic (EW + Sniffer 3) then make a Matrix Perception (computer + analyze vs. rating + stealth (if active)) followed by Spoof Command. The Wireless Signal contains the AID.
The best way to defeat spoofing is to have encryption on your communications (or better yet Hash). At encryption 5 you are expecting a Response 6, Decrypt 6 hacker to take 2.5 combat turns to break the encryption. That gives your drone plenty of time to whale away on the opponents before it turn on your own team.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.