Then you may not like this. But I think I understand where you're coming from with your approach and although I have more than three nodes in the example so far (Example 3 has only one node, but I haven't written it up yet), it's very much not the old 1st-3rd edition dungeon crawl approach. I think my nodes make logical sense.

Anyway, I'll be particularly interested in your feedback on my sites.

-K.

In real life, I work for a company that does exactly that right now in 2007. By 2070, IC will be nearly as smart as a human (probably a whole lot smarter) at noticing "weird" behavior in users. IC would be able to see something is strange just by where you wonder off to, just as a secretary would think it strange that Mr. Johnson suddenly wandered into a broom closet. A hacker should expect to be scanned repeatedly, even as an admin, until they shut down the IC in a system (and attempting to shut down IC would trigger more IC).

BTW, thanks Knasser for the awesome pdf!

I consider this a reward in itself. I'm glad to have helped a noble aim.

Abbandon: Lots of interesting questions. Answers as follows:

I don't really see how they can be more or less ugly than the document they are generated from. I use PDFs for a couple of reasons. Primarily because they are a fairly universal standard. I write this stuff on one of my housemate's Linux boxes so I'm aware that not everyone has Word (we don't). Also, I have to confess, there's a slight worry about seeing these suddenly reappear elsewhere without credit, and a PDF complicates this process. And finally, I can control exactly how a PDF looks when it comes out. If there were a reason for it, I could probably post a Word version. What is the problem with PDFs?

The most solid answer is that a node is a rules entity. It can be a lot of different things, but it's a node if it's something that you hack as a single object. So the SR4 BBB, pg. 216, defines a node as "any device or network that can be accessed." I place special emphasis on the word network, there. A node doesn't have to be a solid box sitting in a rack somewhere. If a group of devices, terminals or whatever share resources, functionality and user-access, you commonly treat it as a node. The "Drone Hive" in example #2 would probably be a good example of how to use this. It's a node that exists independent of physical space, as such, and represents a distributed management system for the drone security. It's perfectly acceptable by RAW and works very well. It may take players a go or two to get their head around it however.

I'm not entirely sure what you mean by fake nodes. I think from the website example, that you mean something that is a place you go to in the matrix, which isn't actually a node, such as viewing someone's webpage. If that's what you mean, then it's a good question, but I don't think that's how things are actually handled in the Matrix. I think the website is now actually a node that you can visit. This is why the matrix site nodes in examples #1 and #2 are separated out from the rest of the company networks - they have public user accounts that are available to all. Just like other sites, these nodes have higher access levels than user which would allow greater functionality, such as defacing the site. So to continue with your website example, the Legendary Scipt Kiddie (LSK) goes to the public matrix site of Boring Corp. Now it's public, so he can just log-in as a user and browse through their brochures in their corporate lobby, etc, but he wants more than that, so instead he tries to hack the site at Security level using the rules on pg 221. A couple of days later (he's using AR), his comm pings to let him know that he's in. Without stopping to consider whether he ever bothered to spoof his data trail (he did not), he quickly starts uploading his own matrix iconography turning the dull grey virtual reception room of the original site into a pornographic wonderland. As a security level account holder, carrying out changes on the site node is now one of his privelages. At least it will be on a node like this because such a node would require this functionality. It might not be on the node that manages drone guard systems for example.

IC, agents and pilot programs are generally very sophisticated within their areas of expertise. You can tell your car to pick you up at the restaurant at ten. You can instruct the house node to wake you up again if your daughter isn't in by midnight. It's a GM call how sophisticated the trigger conditions are that you can give the IC on your node, but I suggest tending toward the generous. You'll note that one possibility for the upper management node, is that the IC can even check with the known list of users for that node (as it's such a short list) and see if they're currently listed as being on site or not. That's a higher-rating IC mind you.

Keep in mind that the IC first has to know that the hacker is there by defeating their stealth, and secondly, IC is not usually active all the time. It's explicitly noted in the nodes where the IC is continuously active and what conditions it uses for investigation.

Heh! That's why it's last on the list.

Yes. This would be possible, but as you pointed out, highly unlikely to go unnoticed and it would require a pretty skillful hacker. Any player that pulled it off would be justifiably proud of themself. So long as you
can build a bridge between your target and you then you can hack it in theory. The problem is that if you look at the way the site is set up, there isn't actually a direct link between any of the office systems and the security system, despite the fact they are both wirelessly operating in the same location. It's like two people with commlinks in the same room - you can't simply hop from one to the other if they're not communicating with each other. What you can do is try to make them communicate and this is where the fun starts. What you're trying to do when you bash your way in through the Matrix site node is subvert its wireless functionality to let you add a new subscription (the security node). Now some nodes will have that as a natural part of their functionality, but I'd argue that for the Matrix Site node, you would need Administrator access. You are essentially trying to use their "webserver" or phone exchange as a commlink, after all, so I'd say you needed to be able to reconfigure some basic settings.

So to do what you're proposing, I think you would need to take the following steps.

First the hacker must locate the matrix site or other matrix connection of the office complex to the rest of the world (easy) and then hack that node (a little more difficult) to such a degree that you could use it to access other nodes (administrator access +6). If we take a good hacker (Hacking 5, Relevant Programs at 5), then it's Hacking + Exploit (14). All this would be very different if there were a direct link between the security node and the matrix site node (or the office nodes which probably should connect). But there isn't so this is how the hacker is forced to play it unless they come on to the site themself, smuggle in a commlink they've already subscribed, etc.

Anyway, the hacker is very good and likely to hack the matrix site though it will probably take five hours in pure VR and five days in AR with a chance of glitching even for Miss 5+5. Smuggling in the commlink would have been a much better plan.

Once in however, the hacker can begin the real work of hacking the security node. Ironically, getting in will actually be easier than the Matrix Site node as administrator access wont be required. We're looking at a Hacking + Exploit (11) roll. That's going to add a few extra hours or days to the overall hack attempt and this is a good illustration of how GMs can use time limits to constrain hackers. You wouldn't want to be hacking a system like this on the fly. Once in (assuming no glitches or detection), the hacker is going to be very reliant on her stealth program to hide from both the IC and any other users on the system who might start asking "Hey, Bob! What are you doing at work today?". With the IC at the level it is, there's a fair chance that they could be noticed at this stage. The humans aren't likely to be running Analyze, however. Now from here you can jump to the Drove Hive node and try to hack this one. All of the drones are subscribed to this so you can manipulate any of them if you have hacked this node properly and dealt with the IC. I'd require Administrator access if you actually want to subscribe this node to the Matrix Site node directly, but other than for inviting your friends in to play or coming back later, you don't actually need to do that as you're currently in.

A simpler method might be instead of going from the Matrix Site node to the Security Node, go directly to one of the drones or the Drone Hive node. They're all operating in Hidden Mode though, so you need to locate it with an Electronic Warfare + Scan (4) test and that assumes that you know that it is there. Remember that if the hacker is doing all this investigation herself, no-one will have told her how things are set-up. and the book recommends thresholds of 15+ on an extended test for finding things that you don't know are there. Shows the importance of good intel.

Does that help, or does it just make things sound complex? It's probably a lot more complicated than expected because there wasn't actually a link between the security node and the rest of the site.

I generally agree with what you say. The effect of user access is a GM judgement call. Mostly where I have specified restrictions, they've been at a more fundamental level than file access. For example, the abilty to remove other users on the security node in Example #2 requires Administrator access, but I didn't put any restrictions in preventing people at user level from accessing files. In this area, I agree with you. The case of the Accounts system (Node 5, Example 2) which is probably what you're referring to, I guess I was envisioning it as a special case. I had in mind that the node iteslf was set up to preserve records of all transactions due to its nature and that to interefere with this process was more than a normal user would do. So you can alter the files with your normal hacking rolls, but to change the basic node process, requires more. On reflection, this could cause a shift in how the game plays, but you can now see where I was coming from. I think I like it in this instance, though I wouldn't apply it to every node. It makes a clear distinction between the skill of the job that the hacker does. Does he slip the fake data in and get out, or does he create fake archival data and alter historical records in case of a thorough investigation? This sort of gradiation can add a lot more detail to a run. So I agree with your take on things, but I'm offering some different options. What do you think?

I think a lot of the difficulty arises not because there needs to be a distinction between logical and physical items, but because many are unfamiliar with the idea of the logical items in the first place. The way that I see things going (and which I see the Matrix as being the logical conclusion of), is distribution and non-locality. I can see that today in a primitive form with Google Office and its kin. The Matrix isn't the Internet, it is fundamentally different, and I see the user being very removed from the underlying infrastructure. And yes, I include hackers in this for the most part.

If there is a distinction that needs to be made,I wonder if it's not between devices and nodes. It seems there are cases where it stretches the belief to "enter" some devices. It might also resolve some of the unintuitiveness of people's personas on commlinks as well. It's a lot easier to get your head around things thinking in AR terms than it is VR where devices are concerned.

This is what I had in mind. The real question basically comes down to: will scanning for nodes find (if enough hits) any node within signal range of the node you logged in or just the ones within signal range of your commlink? In addition: suppose someone gives me the Access ID of one of the drones, will scanning from somewhere not nearby (e.g. in a pub downtown somewhere) find it? I'd guess you'll have to login to at least the public node and then scan and hope the drone is within signal range of that node?

With the qualification of "enough hits" that you mentioned, yes you can locate the drone directly within range of the node instead of your commlink. That's why I would require someone to get the administrator access if they were using the Matrix Site node for this purpose as they'd need to subvert it's basic configuration. The node doesn't have a connection to the security node, normally. If someone smuggled a commlink on site for you or you flew in your own drone, then it would become a lot easier. Still tricky to find the hidden drones however.

I'd set the drone signal to 3 to prevent them being controlled from far away, but with signal 4 you could do this if you were near the site.

The site isn't intended to be a player vs. GM site. It's just meant to be realistically secure and fun. If you wanted to be a bit more thorough, one thing to do would be place an additional IC on the security network with high track, analyze and stealth ratings. When a drone started misbehaving, instead of the bruiser IC that I put in the hive node coming in, the sneak IC stealths in and starts running track on the intruder. I very much like the Drone Hive node - it's like having all the other drones mentally ganging up on the rogue.

Thank you. It's feedback like that which makes me go back and finish Example #3.

The link in the first post is the same, but now includes an updated file. I'm focusing my efforts on another project now, so you'll probably see things posted on my site less frequently from here on. But I intend to finish off this document at any rate.

As always, comments are appreciated,

-Khadim.

That's my aim with this. The Matrix rules work, but are chronically short of explanation. I think that I can justify everything in the examples as RAW and I'm very happy that it's balanced so far for good gameplay, with a view to integrating the hacker into a normal team in the first two examples. (The third is obviously and intentionally a character-specific environment).

Thanks for the comments.

-K.

Yes. You're absolutely right. I've just gone through it and counted four of them. The curse of 'cut and paste' strikes again! (Ha!-Ha!-Ha!)

Have corrected this and re-uploaded. Thanks,

-K.

The door test is still my benchmark.

"You're running through a corporate compound, alarms are going off, red lights flashing, and, suddenly, your escape path is cut off by a security blast door dropping into place! The guards are hot on your heels ... what do you do?"

"I hack the door!"

For the life of God's green Earth, I can't figure out how this is supposed to happen, assuming that there's no pre-installed account from the hacker's part in the system, proper. I've gotten a few attempts tossed at me, ranging from, "You can open a door without a test, out they go" to "Try to find a node using Scan, get info from Sniffer, use Exploit to get in, use Exploit into the system, use Exploit to make an account while hiding from ICE, use Exploit to upgrade to Security. Use Exploit to upgrade to Administrator. Use Broswe to find where you need to be. Use Exploit to hack into teh door commands, proper. Use Command to unseal teh door. Use Command to open teh door. Use Edit to erase mention of this. Use Sniffer tofind teh cameas. Repeat above steps to erase camera. Log out."


Which is something like twenty initiative passes, while the rest of the group is DYING and it takes forever and the whole mood is lost.

The entire hacking system needs a serious, serious rewrite, aimed at those of us without computer knowledge. Several programs seem to do nearly the same thing and step on one another's toes, basic rules contradict one another, and the whole broadcasting your SIN around ... yikes.

Everything else, I get. I get *easily*. Heck, I even understood the old way of decking, tho no one ever ran a Decker for the classic reasons, and I enjoyed it. But the modern Wireless version?

Madness.

IMHO, there should be two systems:

A light, AR version, with quicker "Want to do this? Then roll this." speedy resolution, to keep the game flowing and to let Hackers hang out in realtime with everyone else.

A heavy, VR version, where mostly only Hackers go, which is more complex but allows you to do things that you can't do in AR or that, at the least, would take a while.

The AR version lets you run in, go, "Phoenix, we got cameras," he goes, "On it," the cameras shut down, you go past, an so on.

The VR version has him on 'overwatch', scrambling communications, unlocking doors, keeping the Panicbutton signal from going through, and so on.

I just can't figure out why my brain refuses to wrap around this.

Okay. Well if you've finished ranting generally about the Matrix rules in my examples thread, here is how I would handle your scenario:

See, this here is something to look at. Who decided that a blast door suddenly came down? You did as GM. It's denying your own responsibility to then criticise the rules for it taking a whole minute for the hacker to crack and open the lock. If the rules said that it took three seconds, you could equally criticise the rules because it happened too quickly for you to create a tense, drawn out situation whilst the PCs protect the hacker. It depends on what you want, but you work with what the rules give you. And there are plenty of ways to tweak things however you want. Does the door have a wireless connection or not? Does it have a visible maglock, if so is it a biometric lock, a keypad or something you could crack with a maglock passkey? If you want to make it a single roll to get through, like you said, then it requires a passkey and the hacker can simply roll the rating of his passkey vs. the rating of the maglock (which is something else you get to choose as GM). At the opposite end, you could decide that the door has no wireless connection and is controlled centrally with no hackable / accessible lock. The hacker then has to log-in to the facility's network and locate and hack the security node that controls it whilst fending off the IC that guards it.

The system is extremely flexible for the degree of difficulty and time that you want.

Well again, you as GM are making it that complicated. If it's a wireless node, then Scan is sufficient to reveal it so you can make a hacking attempt. You don't need to Sniff the traffic. Likewise, you don't need to run Exploit to upgrade to Administrator, you simply add the +6 threshold at the time you make the roll, though I don't see why only administrators could open a door. I doubt the installer of the system wants to be woken up every time a security guard wants to go through it at 1:00am. You wouldn't need a Command program to open the door either, assuming that controlling the door was a basic functionality of the node. So we have two rolls:
Electronic Warfare + Scan to find the node
Hacking + Exploit to break into it.

Alternately, you could use Sniff to intercept traffic to the node and then spoof a command to open. This is more involved, but if the hacker has earlier got hold of a matrix id for a legitimate user of the system, then it's still only a couple of rolls (find the node, then spoof a command to open the door). But I mention this approach only to clarify how you might use Sniff as you have it in your example.

You have that. For version one, the GM decides the door has a basic maglock passkey system as I described, or else an accessible wireless node that controls the opening and closing of the door. One or two rolls respectively.

For version two, the node that controls the door has to be located through the site's system, looking for it and then cracking it and defeating the IC.

You place the door there. You decide how difficult it is to bypass. The rules will support quite a considerable range, so if the players all die because the blast door drops... it's only one person's fault.

Likewise - I probably over-reacted. It was useful as we drew out another example of how a GM can set things up, so it's all good.

And the offer extends this way too - if you're ever in the Bristol area of the UK, come along for a meal and a game! Can always use a good player or a guest GM!

I'll have Example 4 up soon, I hope. Example 5 will take a little longer, but will be special. I'm going to take extra care to make sure it could be integrated into a regular, non-hacker focused game without detracting from the other player's fun.

-K.

With a decent hacking skill and those program ranks, it's possible, though for the sake of internal consistency you need to be careful how you arrange things. What you must avoid is setting a precedent where anyone with an average skill and good programs can get government secrets. If that were the case then the UCAS would not be standing. So if I wanted a player to get hold of some government secrets I would add some justifications for why it's not lethally difficult. Suggestions would be:

The secrets are old / low-priority and therefore archived somewhere less secure.
The hacker gets hold of them through a weak point, such as a government agent accessing his work system from his commlink at home.
A contact inside the government sells a temporary user account that will get the hacker past the heavy IC on the outside of the system.
The hacker physically infiltrates her way to a more accessible part of the system, bypassing much of the security.

Things like this. They all allow you as the GM, to have the players hack what you want and still have a world where government systems are deadly to anyone other than a great hacker. And two and four are likely to depend on the rest of the team also, so that's another plus.

Of course if you're talking about an NPC and you just want it to be possible for the sake of the story, then yes - it's still plausible that a hacker could do this. But you should be prepared for a long job as all the stealthing into high rating nodes and sneaking around systems could take days at the least. You can use the same "lucky break" techniques you'd use for players to speed things up if you want. Perhaps a commlink is stolen and the agent doesn't report it because he fears for his job, or is injured and in a coma or somesuch. And in the meantime, the commlink is in the hands of Dave the Hacker.

Does this answer your question / any use? It's certainly possible. Just make sure you have the sort of justifications for it that you can take away again if the players start annoying you by getting where they shouldn't.

-K.

Oh it certainly helped, thanks
In fact, I wanted to run an old SR3 mission (actually, it's to have my players in Kansas) adapted to SR4 standards : Mission : Mars and it involves getting some informations on a secret NASA mission of 50 years ago.
As it's quite old, I think they could have put it in a less secured node. Or I could play the stolen commlink thing, it would be intesting to involve my other players

Edit : Just adding another question, is it possible to have building isolated from the matrix (no external connection+wireless blocking walls) but with some sort of wired connection to a device connected to a security site (like a satellite connection to a military base or something like that). Would the hacker have to enter the building to hack the node from the inside (that's what I want ), or could he just stay outside, hack the satellite emitter, and enter the building that way?
I want my hacker to enter the building to hack its security, not remain secured outside
Beginner GM question, I know x

Perfectly possible and some GMs do it habitually. (Like most things, it should be used for variety, not to prevent a player from ever getting full use out of their abilities). You can have wireless inside and wireless blocking walls and windows or you can even have everything inside the building wired only as well. I mention this only because some players are sneaky enough to get round this by setting up their own relay. I.e. you could have a microdrone on the roof drill through and act as a bridge across the wifi-inhibiting walls. Wireless world -> Drone -> Internal Network. All it needs is one breach like this (people setting up a little transmitter through a whole in the wall, etc, is another one), and there goes the whole basis of your security.

There are lots and lots of wired connections to the Matrix. Much of the underlying infrastructure of the Matrix is wired even in 2070. If you want to access your office in Tokyo all the way from Seattle, you aren't using wireless all the way. You're using wireless to the nearest Matrix station, which eventually routes your signal through pacific cables (or satellite) and out of a station at the other end (perhaps back to wireless).

So to answer your question about how to force the hacker inside the building, your solution is fine as is, but keep one eye out for player sneakiness as described. They wont (or shouldn't) be able to interfere with either a satellite uplink or a fibre optic cable running underground. It's possible, though not likely, that the building itself is entirely disconnected from the Matrix. If so, then the hacker will not be able to sneak in through the Matrix. More likely, the building will have a Matrix connection ( they make trid-phone calls, don't they? ) but you can keep this secure by either making it hard to find (high thresholds on the browse roll) or, much more likely, just smothering the connecting node with IC and high ratings. If you impose a time-limit on the hacker's success, then it wont be possible for them to take the long time necessary to probe the node and sneak in through VR. If the building is a secure lab or something where there will be less need to connect to the rest of the world, then it's more plausible that the whole thing could be disconnected from the Matrix anyway.

Do bear in mind that you don't have to do this to force a hacker inside. It could be that the building has wireless all over the place but the Very Important Computer in the Big Secret Lab remains accessible only through a direct wired connection.

Hmmm, interesting point. I would've thought so.
Maybe it can run it at 5 if the node that it's running on is 5 or higher?