Full Version: SR4 Matrix and the plot
Why does the agent need to break copy protection? Couldn't his hacker creator do it, then have the agent use Edit to copy the now unprotected software?
As I said this is a game, sometimes reality must be suspended. Whilst I'm no network specialist I have a basic grounding from studying computing for four years, albeit with a software development bias. I understand these ideas for security, and I still believe even in rl some things like sales records would need to be accessed real time. However if it is a choice of reality or fun I would throw reality straight out the window.
This is naturally something every group will vary on, since some groups might be filled with highly technical people and others not. I've noticed there are a few areas in SR where different groups take different stands based on people's backgrounds, the most obvious two to me being the matrix for some of us and firearms etc for the military or ex-military people. It is also in some ways perhaps a matter of personal balance about what you find fun. Myself I can suspend my disbelief simply to make life more bearable for myself.
In short I don't think there really sia right or wrong so long as you can cope with the direction you take and the GM/players enjoy it.
This is naturally something every group will vary on, since some groups might be filled with highly technical people and others not. I've noticed there are a few areas in SR where different groups take different stands based on people's backgrounds, the most obvious two to me being the matrix for some of us and firearms etc for the military or ex-military people. It is also in some ways perhaps a matter of personal balance about what you find fun. Myself I can suspend my disbelief simply to make life more bearable for myself.
In short I don't think there really sia right or wrong so long as you can cope with the direction you take and the GM/players enjoy it.
Personally, I'm arguing from a position of what the rules say. We can invent fluff reasons for any position we choose, and I can produce very good fluff reasons against the botnet argument. But everything I'm saying so far is drawn directly from the RAW and hasn't varied from it.
| QUOTE (knasser) |
| Most of what you've done looks fine, and valid points are that a hacker can probably log off, take naps, etc. and that Admin access can open up the potential for a PC hacker to think a little outside the box. But there are a couple of mistakes. The main one is that each time you Stealth past some IC or hack a node, you have taken it as a test in isolation. The problem with that is that just because you have a 70% chance of success at something, it doesn't mean that you're going to succeed four times in a row. In the examples given, by the time your hacker reaches the pay data, he will only have a 20% of not having been spotted. The odds are 4:1 in the corp's favour. |
Sure, but when a Decker who for whatever reason has decided to basically brute force her way through your system (As Crusher Bob and kzt has pointed out, it would be alot easier and safer to sniff around until you found someone with legal access to Node D.) still has a ~20-25% chance of breaking through to paydata whose release might very well hurt the corp is going to been seen as an unacceptable risk by any reasonable CEO.
| QUOTE (knasser) | ||
Regarding whether IC can run on one node and be present in another, by RAW it can. There is no distinction between IC and agents in the rules:
Just as your agent can run on your commlink and bounce from node to node, IC can be run on a specialised node and travel the system accordingly. It's actually a very sensible way of doing things. |
Sure, IC and Agents are exactly the same rules-wise, the problem is that I read the following and come away with a different spin on things.
| QUOTE (knasser) |
| Shadowun Fourth Edition; page 227]Agents have their own built-in Firewall attribute, equal to their Pilot rating. Agents use the Response attribute of whatever node they are run on; this means that the attributes of an agent operating independently may vary as it moves from node to node. |
So I'm not so sure that you can have an Agent present in Node A but using the resources of Node E given that they are operating independently.
| QUOTE (knasser) |
| Actually, it's not System that drops when you exceed the required number of programs, but Response. And the node has a Response of 5 so that when the encryption IC activates, it drops to 4 which is still sufficient to keep System at 4 and not reduce the effective levels of the IC. It's actually why I gave the node Response 5 |
No, because Node D is running enough programs to force a second Responce drop at ( System 4 ).
Node D
Responce 5
Analyze
IC A
IC B
Analyze
Responce 4 (Remember that the drop takes place at System, and not System +1)
Armor
Attack
Encrypt
Armor
Responce 3
Attack
So in order to remain at Reponse 4 you need to either buy System 5 or drop two programs off of the node's load, and the node is running at Responce 4 even before the second IC gets activated.
| QUOTE (knasser) |
| Now we have a disparity in how we see the rules when it comes to the Encryption IC. The intention in having the paydata locked by IC#2 in Node D, is that you can't copy the file because it's locked by the IC. In order to get that file, you have to either use a decrypt attack or crash the IC and take the whole thing home with you to decrypt later. The BBB says that IC is sometimes used as a form of defence (under the rules for decrypting data) so that has to mean that you can't get data without defeating the IC. And you can't just copy the IC because it's a running program. If you were able to just copy IC then you'd be able to just copy any agent that attacked you. IC is explicitly a type of agent in the book, and you plainly can't just copy one when you're in combat with it. |
| QUOTE (Shadowrun Fourth Edition; page 225) |
| Note that some encryption schemes may incorporate IC as a second line of defense. |
Is this the quote you are referring to? I read it and to me it clearly means that the IC is embedded into the encryption and is activated once the file is decrypted as a second line of defense. However I guess we'll have to wait for Unwired to see which one of us is reading it correctly since there don't seem to be any actual rules either way.
| QUOTE (knasser) |
| In order to get that paydata, the hacker is going to have to find some way of surviving the IC storm that's waiting for him. |
And I still disagree, if the IC is part of the encryption scheme then it isn't even going to be activated until Shade tries to decrypt the file offline.
| QUOTE (knasser) |
| I don't want to get hung up solely on discussing the encryption IC, though. The accumulating chance of detection is a very significant problem as well. Remember that if the odds aren't stacked enough for the corp for your liking (and they're already quite stacked), it can always splash out and buy a couple more rating 3(average) IC programs and really skew them. The principle is solid. |
Sure, the problem is that the odds are still too high in favor of the Decker, as for simply throwing more IC at the system, tell me, exactly how much does this system of yours cost to setup legally?
And remember that both of us only went through the example where Shade was most likely to fail, her chances of sucess goes up greatly using kzt's and Crusher Bob's sugestion.
| QUOTE (knasser) |
| The Shadowrun setting doesn't support that. For one, the entire Matrix has been designed to prevent self-replicating viruses. |
Are you sure of this? I may be missing something but if that is true then Emergence goes right out of the window since there isn't any reason to fear a new Mega-Virus if viruses can't exist anymore.
| QUOTE (Ravor) |
| someone with legal access to Node D.)[/i] still has a ~20-25% chance of breaking through to paydata whose release might very well hurt the corp is going to been seen as an unacceptable risk by any reasonable CEO. |
It's just under 20% chance of being undetected in the example given. I rounded up. I felt that this was sufficient to show that it is not trivial to break into a system which is what people have been saying. This is a professional standard hacker with good equipment doing his best and odds are very good he'll fail. However, I can reduce it much, much further without resorting to keeping my systems offline and crippling my efficiency. You ask:
| QUOTE (Ravor) |
Sure, the problem is that the odds are still too high in favor of the Decker, as for simply throwing more IC at the system, tell me, exactly how much does this system of yours cost to setup legally? |
Well you need a comparable system to this even if you're not connected to the Matrix. You're the one that keeps telling me how corps are being attacked every day, so they need to deal with the break-ins. Otherwise your security consists of a locked door! So if you want to reduce the remote hacker's chances even further, we only really need to consider the extra cost beyond that. Lets say we add two rating 4 agents w. Analyze 4. Analyse is all they'll really need as they just have to alert the combat IC, or log users off a node, or whatever. Additional cost = 20,800
. That's an additional two opposed rolls of eight dice vs. nine dice (assuming hot sim) that the hacker must make. We've now reduced our well-equipped and professional hacker to a 9% chance of going undetected. Repeat that and the hacker is down to 4%.| QUOTE (Ravor) |
So I'm not so sure that you can have an Agent present in Node A but using the resources of Node E given that they are operating independently. |
I can see how you could read it that way, but it seems pretty clear to me that an agent can run on a node (i.e. a PCs commlink) whilst being present in another. It doesn't make sense otherwise. It would also be very confusing when an agent was present in more than one node at once, eh?
| QUOTE (Ravor) |
No, because Node D is running enough programs to force a second Responce drop at ( System 4 ). Node D Responce 5 Analyze IC A IC B Analyze Responce 4 (Remember that the drop takes place at System, and not System +1) Armor Attack Encrypt Armor Responce 3 Attack So in order to remain at Reponse 4 you need to either buy System 5 or drop two programs off of the node's load, and the node is running at Responce 4 even before the second IC gets activated. |
You're right. My apologies. Adjust the System rating from 4 to 5 and we're good again. That's if you don't mind the corp splashing out an extra 500
. 
Regarding the Encryption IC, you could not play it that way if you wished. My interpretation is also valid however, and I've provided a good logical reason for why mine makes sense... so unless a GM were deliberately trying to create a world where Encryption was weak, then you can use IC this way. Wouldn't you as GM prefer to have this option?
But I will be very, very surprised Unwired doesn't make this explicitly one of the ways of doing things. You can't deny that it makes good sense and is in line with other SR 2070 Matrix technology.| QUOTE |
And remember that both of us only went through the example where Shade was most likely to fail, her chances of sucess goes up greatly using kzt's and Crusher Bob's sugestion. |
Kzt's example being that a login and password could be stolen? Try a biometric reader, plus known password, plus passkey. It's a good start, yes? But we seem to have gone back to the question of working from home. You're actually arguing that offices aren't safe maintaining an outside connection in general!
Anyway, there are plenty of companies that are keen to have remote access systems today with the same risk. And before you say it, no the strength of encryption doesn't make a difference to KZT's attack because a stolen username+password affects today's systems just as much. So I think companies in 2070 will be happy to do the same.
| QUOTE (Ravor) | ||
Are you sure of this? I may be missing something but if that is true then Emergence goes right out of the window since there isn't any reason to fear a new Mega-Virus if viruses can't exist anymore. |
Emergence is all about how the media make scapegoats out of people and fabricate baseless lies, the gap between fear and reality, and all that. If I recall correctly, it was the main point it.
But my main point was that the rules don't support what Kzt was talking about.
| QUOTE (knasser) |
| Secondly, working your way through the outside of a system to get to the good bits can take time. A lot of time. In fact, unless the hacker wants to hack on the fly, also known as the "Guys, I'm taking a 1 in 3 chance of blowing the run before we even start" approach, then it's going to take hours to get in. At least. There are numerous occasions when you don't have hours to spare. You need in right now, and physically penetrating the compound is often one way of jumping past the security. |
Case [from Neuromancer] is a talented Decker, and he took DAYS to scope out the target networks that he hacked.
So does the guy in Swordfsh.
My point being that hacking on the run is not the best way to do things..
..It's much better to do some research, tweak software for the network to be hacked, etc.
Just my thruppence..
| QUOTE (knasser) |
| In a world that was devastated by a computer virus, with perhaps hundreds of thousands dead, do you really think that the carefully designed structure of the Matrix supports sudden and massive replication and assault by agents? The rules don't support it. |
Yeah, which is why following the crash of 29 and the horrible disaster that followed all online data being destroyed NOBODY did off line backups? Hence they were all destroyed 35 years later? This is supposed to show that computer security and operations are run by vaguely intelligent people?
Give me a break. You can't determine anything from the fluff, unless you assume that you are required to get a lobotomy before you can touch a computer. In which case the history make complete sense, because it's all being carried out by people suffering from induced mental retardation.
Everyone can hack. Hackers are glamorous. The fluff shows lots of kids hack. It's obvious that not all hackers get hunted down and killed when they are learning or hackers would be an uncommon archetype, as role playing a dead guy is kind of boring and nobody gets born with skills and software.
| QUOTE (knasser) |
| It's just under 20% chance of being undetected in the example given. I rounded up. I felt that this was sufficient to show that it is not trivial to break into a system which is what people have been saying. This is a professional standard hacker with good equipment doing his best and odds are very good he'll fail. However, I can reduce it much, much further without resorting to keeping my systems offline and crippling my efficiency. You ask: |
No, what people have been saying is that without real world encryption you can't have the same level of data security that corps enjoy in the real world, and if a Decker running ( Rating 4 ) programs has basically a one-in-five chance of being able to brute-force hack her way through your entire system then that isn't an acceptable risk.
| QUOTE (knasser) |
| Well you need a comparable system to this even if you're not connected to the Matrix. You're the one that keeps telling me how corps are being attacked every day, so they need to deal with the break-ins. Otherwise your security consists of a locked door! So if you want to reduce the remote hacker's chances even further, we only really need to consider the extra cost beyond that. Lets say we add two rating 4 agents w. Analyze 4. Analyse is all they'll really need as they just have to alert the combat IC, or log users off a node, or whatever. Additional cost = 20,800 . That's an additional two opposed rolls of eight dice vs. nine dice (assuming hot sim) that the hacker must make. We've now reduced our well-equipped and professional hacker to a 9% chance of going undetected. Repeat that and the hacker is down to 4%. |
You see that isn't quite true, once you force a Decker to use the "hack on the fly" rules as well as deal with the physical security that you were going to have to buy anyways you don't need to keep piling on Agent after Agent in order to hose her chances of sucess, you've already done that in a far more cost effective manner when coupled with buying some ( Rating 6 ) Firewalls.
Locked doors are quite effective when they take away an intruder's greatest tool as well as allow you to use assists that you already have anyways.
| QUOTE (knasser) |
| I can see how you could read it that way, but it seems pretty clear to me that an agent can run on a node (i.e. a PCs commlink) whilst being present in another. It doesn't make sense otherwise. It would also be very confusing when an agent was present in more than one node at once, eh? |
Sure, assuming that you allow Agents to be present in multiple nodes at once without being loaded into a Decker's persona in the first place.
| QUOTE (knasser) |
| Regarding the Encryption IC, you could not play it that way if you wished. My interpretation is also valid however, and I've provided a good logical reason for why mine makes sense... so unless a GM were deliberately trying to create a world where Encryption was weak, then you can use IC this way. Wouldn't you as GM prefer to have this option? But I will be very, very surprised Unwired doesn't make this explicitly one of the ways of doing things. You can't deny that it makes good sense and is in line with other SR 2070 Matrix technology. |
Actually no, I don't agree that your interuptation really jives with Fourth Edition at all, and will be suprised if Unwired does actually work this way. That one sentence states that you can use encrypted IC as a second line of defense, not that the IC becomes the primary defense with encryption as a weak afterthought.
Also as an aside, I didn't set out to make encryption weak in the Sixth World, RAW did though.
| QUOTE (knasser) |
| Kzt's example being that a login and password could be stolen? Try a biometric reader, plus known password, plus passkey. It's a good start, yes? But we seem to have gone back to the question of working from home. You're actually arguing that offices aren't safe maintaining an outside connection in general! |
Yes, I am arguing that it isn't safe to keep your sensitive data online, to me the idea of a tele-office is at best a connected side issue. However you were the one who insisted on using a tele-office as an example of a corp being able to provide security so if you don't want working from home to be an issue then don't bring it up.
As for linked passcodes and passkeys, sure they provide an extra layer of security. The problem is that they are only as protected as the wageslave's apartment so they aren't a magic bullet either. Also unless the corp in question is going to actually trench in hardwired connections to every access point then it's not really that difficult the intercept Matrix traffic.
| QUOTE (knasser) |
| Anyway, there are plenty of companies that are keen to have remote access systems today with the same risk. And before you say it, no the strength of encryption doesn't make a difference to KZT's attack because a stolen username+password affects today's systems just as much. So I think companies in 2070 will be happy to do the same. |
Sure, a stolen username/password would allow you into today's systems. However encryption does play a huge role in ensuring that anyone intercepting your traffic only gets a bunch of glibberish as opposed to being able to see everything that you're doing. Also once they are in, the legal account isn't going to help them with whatever encryption keys they might need to decrypt a file, so yes, encryption DOES play a huge role in today's security.
So no matter how you slice it without real encryption you simply can't have the same data security that is possible today. You can't look at what companies do in the First World today to figure out how things work in Shadowrun, things just simply don't work the same way.
| QUOTE (knasser) |
| Kzt's example being that a login and password could be stolen? Try a biometric reader, plus known password, plus passkey. It's a good start, yes? But we seem to have gone back to the question of working from home. You're actually arguing that offices aren't safe maintaining an outside connection in general! Anyway, there are plenty of companies that are keen to have remote access systems today with the same risk. And before you say it, no the strength of encryption doesn't make a difference to KZT's attack because a stolen username+password affects today's systems just as much. So I think companies in 2070 will be happy to do the same. |
The actual example that I used was putting sniffer on the wired connection. In the real world, people connecting remotely to vaguely secure networks used encrypted connections (SSH or VPN) such that all you see is noise. You can't steal the passwords, because it's all encrypted.
In SR, I see the actual user name and password. And adding biometrics doesn't help, because I see the actual data being sent and I can just add that to my attempt to login.
Anyhow, with a sniffer on line I'm also seeing the data stream itself. Which, if it has anything useful in it, I can steal.
So there are three options if you want to run home offices: Assume that everything that is being sent is public knowledge (like the old analogy of email being akin to writing your message on a postcard for anyone handling it to see) or extend the physical security perimeter of the company to that of every employees house.
Or assume that encryption really works and just deal with it. It's not that hard to make it work in a rational fashion.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.