With everything wireless, it has become easier for hackers to ruin your plot by hacking everything from outside (proviidng they have good skills and programs) then getting any info available. It's hard to have a site completely cut from the matrix, as they need at least one connection to a security service for instance, and the hacker can hack everything from this point.
While it has its good points (like data searching without the trouble of finding a jackpoint, discussion with team members, ...), the drawback is hard !
Has the need of the hacker to physically go to the node's place disappeared?
How do you deal with that in your games?

Three words: Wireless blocking paint.

Not sure I'm following you. There were isolated systems off the Matrix proper in previous editiions and they still exist in 2070. Can't avoid having to go to the facility.

Sort of sounds like you're saying that just because a company's building has a Matrix connection to their off-site security monitoring firm that the hacker can exploit this connection to get carte blanche, and that's just not necessarily the case. No reason for the monitoring service to in any way share the same internal filespace as the rest of a company's network.

Truly secure data should not be connected to the same servers the wage slaves use to surf the web between cracks of the whip. Anything worthy of a well-paying run is likely to be land-line only, requiring the decker get inside the building, or a secure subsection of the building, in order to do his thing.

Also, if it's possible to "ruin your plot" I think you're looking at the GM's job from the wrong angle, but that's entirely opinion and something that's probably too big for this thread to contain.

Check out knassers totally awesome matrix site. He explains it all very well and has tons of GMing ideas:
http://forums.dumpshock.com/index.php?showtopic=17976

Every corporate facility is going to have something to the effect of VPN in Shadowrun. Corporations are always looking for more ways to get the most out of the wageslaves and one of the best is to even have them work when they aren't at work. I don't see any big corporation not having some way for a wageslave to connect from home to be able to get work done. This would mean having whatever access they needed to get the job done, which is going to be your whole network. I don't see things changing, even Microsoft, one of the most security conscious corporations out there today, has VPN access to their network. It is just something that is very necessary today in corporations to ensure optimum work productivity. I don't see that changing in 2070 in our future, and I don't see that being any different in the very corporation focused world of Shadowrun.

Even the US government uses VPNs. The only places I can see having their network completely closed off, in Shadowrun, are places where all employees live on-site. Even then, such places will be connected to the main corporate or government network. Otherwise, it becomes way too difficult to manage that network and ensure strict security policy on that network. Not only that, but I think the management at the main corporate headquarters would want to be able to get data from offsite without having to travel to every offsite facility.

Even if you block something with wireless paint, there is going to be a link somewhere that will let a hacker in. I have already listed an exception to this rule, feel free to add any you can think of. The hacker bar in Knasser's PDF is a good example of another exception.

One other thing to realize, if a network is completely closed off from the outside world, that means it is also completely closed off TO the outside world. Anyone on that network won't be able to make a phone call to any of their clients or partners; unless there is another network running right along side it that is, you guessed it, open.

Plus you have to remember that unlike the real world, encryption in the Sixth World is a joke, so unless the corps are run by morons, Matrix Security isn't going to relay on anything that requires decent encryption to actually work, so yes, Wi-Fi Blocking Paint, hardwired connections, and offline networks are going to be a big part in any corp security plan.

I would think that wireless setups would mostly handle trivial applications. Data that needs to be restricted to a particular area would be offline -- not connected to the matrix at all. It could be on the keyring of an exec -- think of the future of usb thumb drives . It's better to disconnect the computer from the matrix then spend a fortune trying to come up with software based security.

If you want to read a modern take on corporate security, check out Corporate Espionage. It's a really good book and covers physical security and managing software security.

So let's say your runners are hired to obtain data. There are a few approaches:

1) break-in and steal it (probably more fun to play)
2) find someone inside to steal it for you
3) get a job inside and steal it

And your team will have to weight the risks with each approach.

tweak

Yes, yes I remember your argument against offices existing, the problem is that you are forgetting something very important, the onsite and offline node is more secure for one very important reason, in order to hack it at all a Decker has to first deal with physical security.

So unless the corps are run by morons, in a world where the best encryption money can buy is a joke they aren't going to keep their sensitive data on a Matrix connected system for any Decker to hack into. What they would do is keep it on an offline system and only connect briefly whenever it's necessary to do so. (Yes, this means that a clever Decker can use social engineering to arrange for a hacking window, ect.) The everyday functions such as telephones, ect that need a Matrix connection all of the fragging time would be handled by a different network.

So yes, offices still exist because the only way to have any real Matrix security in Fourth Edition is to only use onsite networks and not be connected to the Matrix at large.

*Edit*

Afer all, it's not only secret research labs that are handling sensitive data whose release would hurt a corp, it's a pity that without decent encryption even your typical office has to use the same tactics as your hardcore SK Lab does to provide Matrix security.

I break into his house, very carefully detangle the wad of cables behind his desk, find the one that runs to the wall port and add a very small device that sits between his terminal and the port. This establishes a connection to a device I have elsewhere on the matrix. Then I can listen to all the traffic bidirectionally and add additional traffic as desired, which the user will never see but will look like it's coming from his device to the mainframe.

Lots of use of the word "moron" and (again) statements about how easy it is to hack any system that is connected to the Matrix, but still not answering the very simple question of what you would roll to hack the site.

I don't find your suggestion that the external Matrix connection gets turned on and off all day realistic to deal with

Remote Access Solution.

The purpose of this is to determine whether or not a site can have a reasonable expectation of security without using systems that are entirely separate from all other systems. Ravor has stated only a moron would believe this.

I have stressed even in the first post I made on this subject, that I am not talking about super secret research projects. I am talking about the average 2070 corporation. My point is that most of the world is fine operating this way.

What I will do is post a sample system of an office that does not make use of entirely disconnected systems and then I will show a sample hacker attempting to retrieve data from the site. Then I'll wait to see what anyone else does, whether they disagree with the rolls involved, the ratings of programs, or think they can see a better way of hacking the site, etc.

The network:

Normal Corp, a subsiduary of Standard Practices Ltd.

Node A (Distributed Network): System 3, Response 3, Firewall 4, Analyze 3, Encrypt 3).

This is accessed via wired in terminals in the employee's homes. It can also be accessed from the main office site itself. It's function is to provide a means for home workers to VR commute.

IC #1. Pilot 3, Analyze 3, Track 3, Stealth 3

IC #2. Pilot 3, Analyze 3, Armour 3, Attack 3

Both IC programs run on the Node E listed later, but operate in this node. Their instruction are to verify the authenticity of anyone logging into Node A. If they consider the visitor to be an intruder, IC #1 will begin a Track action against the persona whilst IC #2 will attack if required to prevent the persona from getting anything it shouldn't or causing trouble. Otherwise it will wait until IC #1 has completed it's tracking. When IC #2 attacks, it will also put the node on alert against that hacker if this is not already the case. Both IC agents communicate of course and work in harmony.

Node B (Department 1 Network): System 3, Response 3, Firewall 3, Analyze 3.

This is accessible wirelessly onsite, or else via Node A or C, which maintain active connections to it. The purpose of this node is to provide a work environment for the employees. Here they will do whatever it is they are paid to do.

Node C (Department 2 Network): System 3, Response 3, Firewall 3, Analyze 3.

For all intents and purposes, this is the same as Node B, though used by a different group of employees.

Node D (Management System): System 4, Response 5, Firewall 4, Analyze 4.
This is accessible only through Nodes B and C, both of which maintain an active connection to it.

IC #1. Pilot 4, Analyze 4, Armour 4, Attack 4
IC#2. Pilot 4, Encrypt 4, Armour 4, Attack 4

IC #1 will verify the authenticity of any visitors to the node and immediately attack them if they are not legitimate. It will also put the node on alert against the intruder if this is not already the case.

Node E (IC System): System 4, Response 5, Firewall 4, Analyze 4.

This node is accessible only from the Management node ( D ). It exists purely to run the IC which normally makes its way from this node to Node A.

Paydata could be situated on any of Nodes B, C or D, but D is the most likely.

The Hacker

I take the following hacker (relevant attributes only).

Logic 4, Hacking 3, Cyber-combat 3, Stealth 4, Exploit 4, Spoof 4, Decrypt 4
Commlink: System 4, Response 4, Firewall 4

Note that he has what the book calls a “professional� level of competence in his field and is given better than average hacking programs.

The Hack

I'll skip locating the node as it's usually not difficult. The first stage is to attempt to probe the network. I'm assuming that the hacker is hot-simming as this gives him the best chance of success.

The hacker rolls Hacking + Exploit + Hot Sim (System + Firewall, 1 hour). That's nine dice with a target of seven hits. The hacker will probably succeed in around three hours. At the same time, the node gets to roll Analyze + Firewall, needing Stealth hits. That's seven dice against a target of four hits. The odds are against success, but it's about a 20% chance of being detected.

Throughout this example, I'll be going with the the laws of probability, so the hacker gains user level access to the node.

Now however, the hacker finds that there's some pretty serious IC protecting the system. Both IC#1 and IC#2 get a chance to detect the intruding hacker. That's Pilot + Analyse opposed by Hacking + Stealth + Hotsim. So six vs. nine in each case and ties resolving in the hacker's favour because net hits are required for information. Again the odds are in the hacker's favour, and there's only a 20% chance of being detected by an IC program.

However, that's three times we've given the hacker the benefit of the doubt. Probability doesn't work like this. There's been a 30% chance of being detected for the first test and 20% in the other two, meaning the chance of not being detected is 70%, 80% and 80% in the respective tests. That means the chances so far are 0.7 x 0.8 x 0.8 = .45. So our hacker now only has a 45% chance of not having been detected. And all he's done so far is enter the first node. The odds are that the hacker is now either being set upon by the IC or having his physical location traced (or both).

It's worth stopping here to assess the hacker being used. He's got what the book describes as a “professional� level of skill for his job, so this is what we would consider to be a “does it for a living� hacker. He's got better than average tools for the job. The Stealth, Exploit and Spoof programs alone are worth 12,000 which based on cost of living conversions, probably means he's got $7,000 worth of illegal, specialised software already and undoubtedly needs other programs, too. This is far from a casual hacker. This is the guy you'd hire. And he's probably caught at this point.

But is isn't definite failure. The odds are he's blown it, but we'll continue with the run because there's still a reasonable chance that he's in without detection. Now he can begin his journey to the paydata.

The next step would be to hack either Node B or Node C. I've set them to the same and the hacker probably wont know where he's going anyway, so it makes no difference here.

The hacker again rolls Hacking + Exploit against a threshold of System + Firewall. So that's nine dice against six target. It should take a couple of hours. There aren't any rules for re-setting the Analyse tests of the IC as the hacker is in their node for a couple of hours and a GM could make a big difference by allowing them to try again which would be allowable under RAW, but I'll skip that. It's something a GM can keep in mind if needed though. The node's chance of discovering the hacker is six dice vs. a threshold of four. That's only a 10% chance of discovery so again, I'm saying the hacker gets in. His cumulative chance of having been discovered after stealthing past everything so far now, is down to 40% though, and it's about to have a big drop.

From Node B / C, the hacker now takes on the real task of getting into the important systems – the management area. Firstly, our traditional Hacking + Exploit. Nine dice vs. eight threshold. It's going to take a few hours. (Our hacker's been at this for the best part of a day, now). Meanwhile, the node itself, is trying to spot the hacker and has its eight dice vs. threshold of four. There's a 25% chance of being spotted and our cumulative chance is now up to 70% likelihood of having been noticed. When the hacker gets into the node, he also has to hide from the defending IC #1 which is Pilot + Analyze vs. Hacking + Stealth + Hot Sim. Eight dice vs. nine dice. Heck of a risk! As ties go in the hacker's favour, he's got a 2/3rds chance of going undetected. And cumulatively speaking he's only got a 20% chance now of having got this far undetected. I'd be more or less happy to conclude at this point that with those odds the corp is the winner in this battle, but I'm going to finish this off.

The hacker now wants to get the paydata which is protected by some encryption IC. At this point, there are a couple of GM judgement calls. Does the IC know that it's being attacked? I don't think a GM should have any problem ruling that it does. So when the hacker begins trying to decrypt the paydata, it's going to respond and quite possibly trigger an alert, too.

The hacker rolls his Response + Decrypt + Hot Sim (Encryption x 2, 1 combat turn). So ten dice, vs. eight threshold. Average will be three turns. It's a simple action so it's not compatible with cyber combat. The Encryption IC will be attacking the hacker each combat phase and you can expect it to bring in its friend also. The hacker is not going to survive nine initiative passes of IC assault. So alternately, the hacker can attack the encryption IC directly, meaning he is at least putting up a fight. Again, that's going to mean the other IC piling in. If he's defeated the IC, he can then snag the file and probably decrypt at leisure, unless a GM were to rule it needs to be decrypted before it can be taken. The thing is, that even if he did defeat the IC (good luck!) the systems now on alert and there are so many things the system can do once it's detected him, that you can pretty much declare the run a failure.

So what we've done here, is set up a small, medium security system and pit a professional hacker with good equipment and skills against it. We've found that there's only a slim chance of him getting to the paydata undetected and that even if that were achieved, his chance of wrestling the paydata away from the encrypting IC is low.

I now await comments on whether anyone sees any other approaches the hacker can take to get the paydata.

Just read through this entire post and come to conclusion that were arguing about arguing??

RAW pg. 223 (boxed text) NETWORK SECURITY) Mentions means and methods for megacorp security. Cold storage,wifi inhibiting wallpaper and paint.

Along lines of what K is saying "Not all networks are configured as mesh networks."
The tiered network IS used creating layerd defenses. Includeing but sure not limited too traffic chokepoints,vanishing-teleporting-trap door-one way access. Also dual box idea also supported with the idea of private grids or isolated from matrix entirely.

Think both remote and traditional office settings are probably used in 2070 depending on need and security.

A note on encryption, yes encryption has become less effective in 2070 but still serves a purpose, slow down a hacker in your system buying system defenses some time. ( if using theory that file cant be downloaded until decrypted). Also RAW pg.225 some encryption schemes may incorporate IC as second line of defense......tracked while decrypting or attacked while celebrating!

Everyones game is there own, as GM its your job to bring "your" vision to life and keep your players coming back. "Have Fun!"

Neither one of us is arguing about what is and isn't possible or correct under the rules, which is good. We're arguing over where the line between usable and efficient falls, realism in a word, so inevitably different GMs will draw that line in different places.

I look forward to your assault on my network. I think any weaknesses are going to be on my implementation rather than principle, so if you do break it, then it will be useful to me in refining things for the next time. I'd like to comment on two things now though:

right... so in other words, that's not necessarily 50,000 attempts per day as SR would recognise it, but rather each group of (however many is "average") would be rolled as 1 attempt in SR.

that is, when a hacker is probing the target, they are not just making one "attempt", they are making, say, 100 attempts per second, and over the course of an hour, they start to narrow down an exploit they can use. perhaps over 2-3 hours, they finally actually locate a flaw in the security, and go to use it... all represented by 2-3 rolls, perhaps, but actually over those 2-3 rolls thousands, perhaps hundreds of thousands, of 'attempts'.

just as an example. so if you look at it as a matter of hundreds of thousands of 'attempts' per time the hacker rolls, you're looking at a much more reasonable number of "attempts per day" as shadowrun would define them.

Ok, now that I've had time to go over your setup here is how that I see it as playing out. (Odds were generated by http://www.unseelie.org/cgi-bin/dicepo.cgi )

Ok, Shade, our Decker has plenty of time and really needs some paydata to make her loanshark happy & pay for a new knee, so she is going to pull out all of the stops and do this right.

She probes Node A using her ( Hacking + Exploit + Hot Sim 9 ) and is most likely to get 2-4 Hits per roll so let's assume that she manages to hack herself Admin Access ~5 hours later. (She then jacks out and gets a bite as well as takes a nap so she is fresh for the actual datasteal itself.)

<<< >>>

After she's done with her nap and a quick snack Node A gets one test to detect her using ( Firewall + Analyze 7 )and is most likely to get 1-3 Hits, so she slips in undetected at Admin Access. (Admin Access seems like a waste, but if we assume that Shade has done her homework it'll come in handy in just a little while. Besides, if you have the time you should always make your first hack at Admin Access just in case your cover gets blown.)

Now since it's the IC's job to scan logins, they both get to roll their ( Rating + Analyze 6 ) and are most likely to get 1-3 Hits each. Since Shade really doesn't want to be seen she rolls her ( Hacking + Stealth + Hot Sim 9 ) and once again is most likely to get 2-4 hits so she is more likely then not able to slip past them. These two rolls are the first real danger that she has been in on this run as it's possible although not too likely that one or the other IC will spot her and start a query. (Remember that the IC only get to detremine one tidbit about her Icon per nethit, so they aren't going to instantly prounce on her, although a Trace program is in order. Also since she has Admin Access she should be able to come up with something to prevent a second scan assuming she passes the first.)

Let's assume that Shade has a basic knowledge of Matrix theory and practice, so she understands what Node A was and tosses a virtual coin to decide whether to hack Node B or Node C next.

Now Shade has a choice to make, what level of access does she really need in the next node? Although she has only been online for a few minutes does she want to grind away for several hours to hack herself Admin Access again or simply settle for User Access and only be at it for a couple hours tops? In the end she decides to strike the middle ground and hack herself Security Access, so assuming her average 2-4 Hits per roll she is likely busy for the next 3 hours or so before she is ready to access the next node.

Once she's ready Node C gets to make it's ( Analyze + Firewall 6 ) and has slightly less then a 10% chance of detecting Shade's backdoor. Since there are no IC in this node and it's unlikely that any of the wageslaves are going to run Analyze on someone who looks like a Security Decker she is pretty free to start hacking into Node D.

<<< >>>

Assuming that she once again opts for Security Access four hours later Node D makes it's ( Analyze + Firewall 8 ) and is most likely to get 2-3 hits, so Shade is more then likely safe, but like you've mentioned there is that 25% risk that the system will detect her, if that happens then perhaps she'll invest in some better programs next time. Still, with the odds in her favor she makes it into Node D itself.

Only to come face to face with some IC. The IC rolls it's ( Rating + Analyze 8 ) vs her ( Hacking + Stealth + Hot Sim 9 ) and you're right, it's a hell of a risk, luckly for her she gets to throw Edge into the roll and in fact would be dumb not to.

Secondly in order to finish the run all she has to do is complete 2 IPs worth of actions even if the IC detects her;

(Complex Action) Data Search

(Simple Action) Data Transfer

(Simple Action) Log Off

As for the IC enbedded in the Encryption, well it may be a nasty surprise if Shade isn't careful when she gets around to decrypting the data on her own time, but it doesn't play a part in the run at all.

So yeah, without decent encryption I still say that a corp isn't able to provide anywhere near the data security necessary to make "ease of usage" worth enough to risk a full time Matrix connection.

*Edit*

Something to point out is that if this system was set up to only connect as necessary, even if it were actually connected for most of the day, the "flickering" connection would have forced Shade to do all of her hacking "on the fly" and her chances of success drops drastically.

*Edit 2.0*

Although of course a person would have to assume another function for Node A since a remote office wouldn't work with a flickering connection.

*Edit 3.0*

Ok I give up, why is this fragging board eating my post everytime I try to edit it? I'm just really glad I copied this slitch of a post onto my clipboard.

Just my opinions here.

Not every run has to be a huge epic attempt to get something on a black project. In 2070 I could imagine a perhaps lower level team being hired by a C grade corp or even below to find dirt on a competitor or other useful information, perhaps even by somebody's ex. Financial and other account related records would be useful in this case. Equally purchase orders could be valuable as hints to what a corp or company are up to.

Thinking about it the whole breaking into someone's flat/apartment/house and getting access through their VPN could be quite a nice early run to shine the light on the matrix briefly, as much to get people used to the rules as anything.

Now I think people will probably take shots at me for saying this, but I think it is a perfectly reasonable thing for an average corp facility to do. Sometimes I think people forget that runs don't always need to be high level, and that there will be plenty of demand for what a corp would think is fairly mundane information with a low risk of being targetted in certain cases.

As to how many attempts RL networks receive a day, you really need to give a little leeway here since SR is a game and not rl. Real life needs to be applied to SR, but applied sparingly sometimes.

Well cx2 I completely agree with your basic premise, which is smaller corps get hit too, and something as "mundane" as finanial records, ect is damaging enough to a corp that the relatively low cost of installing a second network and having your primary network only connect when necessary is well worth it in terms of the extra security that is provided.

*Edit*

So basically I disagree with your conclusion because I agree with your premise.

You know, there IS one really good reason for having the network online most of the time. The best defense against a hacker is an IC busting security wiz of your own; even a fairly vanilla corp hacker can be quite dangerous if he's got the whole network at his beck and call, as well as enough juice on his commlink to bring his own agents to bear. Timed gateways are nice and all, but I would be willing to bet the corps would be quite likely to have a few semi-skilled hackers of their own babysitting and maintaing multiple systems remotely on any given day, and keeping your own people out of the system could potentially be more dangerous than exposing themselves daily to the underfunded script kiddies.

Okay. I'm going to take these things in order of my choosing. First Ravor, since he is the first person to ever actually answer my request to discuss the rules in actual specifics, when this subject has come up.

Most of what you've done looks fine, and valid points are that a hacker can probably log off, take naps, etc. and that Admin access can open up the potential for a PC hacker to think a little outside the box. But there are a couple of mistakes. The main one is that each time you Stealth past some IC or hack a node, you have taken it as a test in isolation. The problem with that is that just because you have a 70% chance of success at something, it doesn't mean that you're going to succeed four times in a row. In the examples given, by the time your hacker reaches the pay data, he will only have a 20% of not having been spotted. The odds are 4:1 in the corp's favour.

Regarding whether IC can run on one node and be present in another, by RAW it can. There is no distinction between IC and agents in the rules:

Best add some descriptions of how user accounts are set up on the system. After all, some sub-set of the employees is actually allowed to access the paydata you want and subverting their login ID is probably simpler than hacking everything directly.

Node A;
Assume that all telecommuting guys have user access whatever their boss-level. This means that getting yourself admin access on Node A will just give you the list of authorized telecommuters, but not what other parts of the system they can access, so still no dice here.

Node B/C
Hacking admin or security level access here should be possible too, and it's where the real info starts to come in. By listing the users/etc I should be able to get a pretty good idea of the users who would be able to access the paydata I want (in node D). As doing much hacking around in node D is likely to fail, my next stop is some houses. Where I subvert the home telecoms and shoulder surf for a while (actually have my agents shoulder surf while I nap) to find out who is authorized to access the paydata I want, then steal their login info, and then just login to the network and get it. As my user account is already authorized to get the data I want, the network already gives it to me in decrypted form, so no need to mess with the encryption there.

Now the question becomes, can I get all this done before the internal checkups of the network notice my hacked admin account on node A and Node B/C? The best bet would be to remove both accounts once you have the user list. Subverting the home telecoms of (some number) of high level users might be tricky, depends on how secure their home telecoms are, and where they live. But they are almost certainly easier to subvert than Node D.