General consensus seems to be that the Wireless World section of the SR4 core book was inadequate in providing thurough and usable rules. This thread is intended to expand on the content provided in the core rule book, as a repository for user-created examples of matrix encounters, and function as an FAQ of sorts for the Matrix 2.0 in the 2070s.

Please limit posts to relevant information, questions and responses. I plan to link fruitful forum threads and sites on this thread as well as provide content.

This first post is a general glossary of terms that I have found come up regularly during matrix adventures. Some are derived terms, others are simply expansions on terms from the core rule book. All include examples.

********

General Networking

Device – Any mechanical or electronic equipment that is networked with other devices and may be connected to the matrix. A device may be subscribed to a network.

Subscription – an open connection involving a “hand shake� between devices and nodes. An access command creates a subscription between the accessed node and the accessing device. As a handshake and connection between two devices, a subscription also includes user access information including access privileges (user, security or admin). A commlink or other system's total number of open connections is limited by its OS and processing power - a device can manage as many simultaneous subscriptions (open connections) as its system x 2.

Example: Proto just got into a massive gunfight and his right cyber-arm is on the fritz again… then again a few Pred rounds will do that. Heading to Doc Atton’s Chop Shop and Used Book Store for some much needed fixit help, Proto logs onto the node in Atton’s shop and subscribes his cyber-arm to the shop’s triage node via his commlink. Allowed access to the arm, the shop’s triage agent orders the limb into a self diagnostic with a full data feed report. Within a few seconds the arm is whirring, buzzing and letting off the foul smell of burned coolant. Now if only Atton was as good with meat bodies as he is with cyber…

Subscription List – a list of users deemed friendly and allowed access to a node or device. A listed subscriber is allowed to connect automatically upon detection and request for connection. This automates the process of logging on and does not require a log on action to be performed. By automatically logging on and allowing open data stream immediately, subscription is a great way for friends to share data such as music, voice or video chat, pictures or other files without having to wade through ponderous user interface security. A subscription list is for all intents and purposes unlimited - it is merely a list of acceptable and friendly devices or nodes.

Example: LoCoPyRo is running surveillance for his team. Currently subscribed to his commlink are three roto-drones providing aerial reconnaissance as well as his three team mate’s commlinks. By subscribing his team mates’ commlinks, PyRo can send them real time map updates from his drones, manage and protect their micro-transceiver traffic and provide location tracking. PyRo’s commlink is running the Iris Orb OS and its System 3 is stretched to the limit with the six active subscriptions. When his dataminer buddy, Ch0pp3r, calls him up to send a datadump for a job PyRo’s poor OS takes a dump. Ch0pp3r is on the subscribe list for PyRo’s commlink with secure level privileges and automatically logs on and begins sending data, pushing the subscription total past its limit, slowing PyRo down just as the shooting starts…

Network Bridges – when a device or node is networked to a node, i.e. subscribed, a network bridge is created. Data must pass between the device or node and the subscribed node in some way or another, creating a connection that a hacker can exploit. A network bridge essentially describes a series of devices or nodes that are daisy chained to a control node; this control device often has a matrix connection.

Example: A security hacker is trying to hack PyRo’s team to assist security forces responding to an alert. The spider’s first priority is to take down the runner’s situational awareness. Rather than trying to grapple with the intruding hacker directly, the spider decides to hack into one of the runner’s commlinks to gain access to PyRo’s network. Once inside, the spider can begin to exploit the network bridges between the hacked commlink and the drones or the commlink and PyRo.

Node – A matrix object-location, the abstract building blocks of the matrix. A node is a location on the matrix where commands can be executed, data and programs exist etc. – a node functions as a “room� in the matrix in game terms. Nodes are specifically the matrix object and not the device that generates the object. A device may or may not have a matrix node depending on its purpose and network connectivity.

Example: D-Bass is hunting through a club for a mark. The Montmarte Lounge operates a social network that provides matchmaking and chat features for patrons of the club, checking active commlinks for relevant matchmaking data. D-Bass logs onto the social networking node and makes a quick computer + scan check to see who is logged on. Not finding his mark in the “room� of the social network node, he has to start looking elsewhere.

SubNode – a derived term for a node linked to other nodes. A subnode is a tiered instantiated matrix object-location. The Sub-Node is a branch off of a larger node, a room that links a matrix user to other rooms.

Example: After sniffing around for users in hidden mode and finding nothing, D-Bass decides to check back on the social networking node for any unusual activity. Running an illegal sniffer program in public dataspace is dangerous, but what else is a good stealth program for? His sniffer comes back with a chirping notification that it found several users that were spoofing ID and D-Bass sets about hacking. Sliding through a firewall, D-Bass logs onto one of the security conscious patron’s commlink and has a look around the hacked user’s commlink – a sub-node - trying to find a more definite form of identification. He seems to have over stayed his welcome when some IC comes swooping down to send him packing…

Complex Node-Networking – a derived term for large scale computer systems that are a series of complex node-networks. A complex network contains devices and nodes that in turn are hosts to other networks. A complex node-network functions as a series of rooms that a hacker must navigate to find whatever they are looking for. Each room essentially links to other rooms until eventually the desired individual subsystem is found. Access privileges are generally checked as a user logs on to each individual sub-node, some sub-nodes have unique access levels and others are simply restricted or hidden.

Example: D-Bass is searching around on a Renraku subsidiary’s financial computer system for some dirt on a corp exec to use as intimidation fodder. Initiating a computer + datascan he becomes aware that the system is setup into sub-nodes for employee records, internal accounting, security, and client records. Thinking that internal accounting might have show the exec as embezzling, D-Bass hops into the network to see what he can see. After hacking in he makes a computer + datascan and over 1,200 listings. Setting a browse + datascan agent up and giving it a list of search arguments to trawl through the data, D-Bass hops off the internal accounting node. Maybe the employee records will have some juicy paydata.

Commlink Terminology

Commcode– the commcode, or commlink ID, is software-level identification and functions as the unique user name for the commlink. It is somewhat analogous to a cell phone number but much closer to a screen name or e-mail address (in the 2070s, all three are basically the same thing, anyways) with a subscription list being a buddy list or address book. A commlink ID allows the network and other users to identify that particular user out of the myriad of matrix denizens.

Example: Proto is looking around for a hotshot cyber-doc to upgrade his current hardware. Tapping his contacts for some info he comes up with a few hits and gets the commcode “BandSaw187�. Now he has a dealer… that only leaves the nuyen.

Access ID – hardware level identification of a device network device. The physical address of a device is the access ID and is used by a system to identify locations of and destinations for data traffic. Access IDs are often used as authentication for security systems, essentially limiting access a subscribed node to a select group of devices (computer terminals).

Example: Now that he has a dealer, Proto wants to check up on good ole BandSaw187. As promising a title for a doc as that is, some background information would be nice and Proto taps a contact to do some datamining. Ch0pp3r hits the matrix and quickly finds the Access ID which BandSaw187’s commcode points to. Locating the Access ID, Ch0pp3r sets about creating a dossier for the user. Apparently BandSaw187, aka David Svinth, attended UC Berkley medical before leaving mysteriously two semesters before graduation. The lowest GPA graduate of a medical program is still called “Doctor�. How much different is someone that drops out a few months before graduation? Proto is not in a position to complain and instead sets out to make the extra cash.


PAN Modes

Active – in active mode a PAN broadcasts its user ID and relevant information for local networks. Common places that require active mode include high security locations such as airports or secure banks etc. In active mode the local network can send interrogation requests to a commlink which are automatically responded to. These interrogations can be for any particular data such as subscribed systems (cyberware etc) or loaded programs and failure to respond will trigger alarms.

Example: LoCoPyRo is chasing down a go ganger that stole from him. The ganger is screaming down the interstate towards the international airport and PyRo gets an AR request to set his commlink to active mode within the next kilometer or the authorities will be notified. Swearing madly, he sets his commlink to active mode, letting the whole world know that he is sporting illegal cyberware if an inquisitive network should ask. He has about seven tenths of a kilometer to catch this go ganger before he reaches the airport’s security line and that inquisitive network finds out exactly how much illegal cyberware he is running…

Passive – only authorized (subscriber list) devices can access your commlink in passive mode. Any other access attempts will result in a notification and request for authentication. The commlink is, however, still logging onto local networks and broadcasting its public ID.

Example: Proto is headed to the local megamall to hit a stuffer shack for some fresh ammo and some nutrisoy. Setting his commlink to passive mode, he can avoid the bombastic AR ad-softs that skulk about the megamall’s network without turning too many heads. Nearing the enterance Proto finds sea of Lonestar uniforms; apparently the mall was recently the scene of a local gang shootout. A Lonestar security drone hovers near and an ARO pops up on his commlink as the drone attempts to log onto his commlink and interrogate him. Declining the “invitation� to let Lonestar scan his (illegal) hardware, Proto is informed that he has exactly 30 seconds to vacate the premises before security is notified. Looks like it is time to go…

Hidden – in hidden mode a commlink denies connections to unregistered users, does not automatically log onto networks and does not broadcast personal information to any networks. Electronically speaking, the commlink can only be found if it wants to be found or if a hacker sniffs it out. Discretion often comes with a social cost, however, as it is considered very rude to operate in hidden mode.

Example: D-Bass is headed to a meet with his team to negotiate their latest contract with the Johnson. The meet is at a public park in Auburn and D-Bass will be providing electronic security. He arrives several hours earlier and sets himself up as a bum with his commlink in hidden mode, letting no one see him electronically and not broadcasting his ID; bums can’t afford commlinks anyways. Unless a security hacker is trying very hard to find a needle in a stack of needles, D-Bass ought to be able to monitor comm traffic during the meet unmolested and undetected.

******

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~Ernest Hemingway

I had planned a supplemental handout in .pdf form to expand on the planning, design and implementation of networks and their security in the 2070s. That plan is on hold now, as Knasser has done an incredible job on this topic already:

Example Matrix Sites - by Knasser
This page includes a link to the .pdf that Knasser made. This .pdf includes visualizations of several example networks and text descriptions of their systems. It is an excellent rubric for designing a network and security.

A fantastic resource.

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~Ernest Hemmingway

about subscription, note that the book talks about the persona in reference to the subscription list. this have lead me to theorize that the subscription list is there to limit the number of nodes, agents and drones a user can have active contact with, not the total number of devices another device can talk to.

the bigger question, synner, is what exactly does that list limit.
and sadly, while i have my interpretation, both this thread, and others, show that thats just one way of reading the current text of the book. and the faq isnt really helping by the looks of it.

people seems to think of the subscription is as a kind of nework firewall, limiting the incoming connections. but the more i read that bit of text, the more i have a feel that its the outbound connections that its limiting. and if that is correct, then i wonder if not the very name is misleading. subscription are commonly seen as access rights. if im subscribed to a cable service, im allowed to access their services. so its very simple to read the "subscription list" as controling who or what can access me, not how much stuff i can access at the same time.

By RAW, active connections and active subscriptions are limited (..yeah, what's the difference?) - no matter whether they are trivial and used for fluff, or important and used for Drones, Agents and Hacking Nodes.

Giving that SR doesn't know the wonders of piplines, multiplexing and the like, this means that you might as well connect to the net with an acoustic coupler.

I have a small request. Has anyone gone into actually fleshing out the differences between normal, security, and admin user privileges. I only ask because I have my Groups TM always going for admin access I always wander how far admin will get you as opposed to the other levels of access.

Access to:
User: what belongs to you - and what you need to work
Security: what belongs to you - and what you need to work... in this case including security stuff. Ugh.
Admin: whatever you want

Modernly (i.e. in real life), the number of connections a device can maintain is based on a combination of its networking software (usually part of the operating system) and the hardware it uses.

Make of that what you will.

If memory and bandwidth in SR4 are for all normal purposes 'unlimited', so is the number of active connections.

Unless of course you consider it a security feature and you disregard processing power (memory =/= processing power).

In response to a request for expanded user accounts information:

Account Privileges
This is an expanded definition of the account privileges found in the SR4 core book. Each provides a basic description of the type of access granted, functions that can be executed and each has examples associated with them.

User – the basic level of account privileges, user level connections have few rights. A user level connection is one of basic utilitarian purpose. With a user account, one would be able to access limited amounts of data of menial or highly limited consequence and would be unable to change or remove information. A user level account can generally only run a limited amount of programs, if any, and is unable to edit running programs.

Example 1: On the Dumpshock forums, an unregistered viewer has User level access. They may read the forums but cannot post, remove posts or execute any functions such as creating a profile for themselves. Their access is purely read-only and of limited amounts of data.

Example 2: D-Bass is hacking the Renraku computer system of a financial subsidiary. His first access point is through their main matrix portal and it is on this node that he must first log on. Making a hacking + exploit check, he is able to easily gain User level access, disguising himself as a lowly corp employee. This allows him to look around the node without having to provide incriminating information about his location, illegal programs he has running etc. While connected he can look around public data and programs, interacting with the Secretary agent if he so chooses and otherwise learning more information about the system for future hacking.

Example 3: On a campus network, the main public page is literally that: public. No permissions are required to view it. If the network maintains web-hosted e-mail, this requires a user name and password for logging on. For a student, this would be a user level account. The student account (user quality) allows them access to their e-mail, several pages of academic schedule information that are normally withheld, access to limited automated tech support and other basic functions of the network. Short of their e-mail, none of these functions allow the student to modify any data (they cannot set dates on the academic calendar, for example); they have read-only access.

Security – secure level access entails greater privileges, access to restricted information and connections, often with the ability to go beyond read-only interaction with data. A secure level user can access specific information of value to them and the system and can access / edit that information. Further, a secure level user is often the lowest access level that is allowed to connect intra-node without raising suspicion. Secure level access is also generally the first tier of access that is allowed to use or load agents.

Example 1: Basic forum accounts on Dumpshock, or any forums really, function as a limited secure level access. A registered user has the ability to read forum threads and then post comments, start their own threads, and edit threads they have access to (generally only their own). The system also maintains a profile of the user that allows them to modify information present in that profile, changing the way the user and the system interact. Security level users can generally run programs on specific nodes and edit several specific programs.

Example 2: D-Bass is tired of looking around the public sections of the Renraku system and decides its time to move on. After having done a (this is me hand waiving) computer + scan (10, 1 minute VR, 1 hour AR) check to case the system for secure level connections and browsing the Secretary agent’s logs for information (a hacking + exploit [Agent’s firewall] check), he finds a nice and juicy security account to piggyback. Once he is done hacking the account, he has secure level access onto their main network node which has its sub-nodes for employee records, internal accounting, security, and client records. His account allows him access to many of these sub-nodes but only allows him to access and edit data on a few of them, probably only things like client records for a given associate, employee records for his hacked user account etc.

Example 3: Secure level access onto a campus network would be something akin to a tech-monkey’s account privileges. Either as a technical support tech or a club leader or any other account type that demands the ability to both read and edit data, a secure level account will be able to access other features that were previously unavailable such as: a trouble-ticket system for tech support, edit privileges on the academic calendar (inputing data about a club meeting or event) and can access new nodes (trouble-ticket database and editing node, for example). The kinds of data they can modify are useful to them and to the system, though only for specific and limited uses. If the network maintains a file-server, secure level users can gain access to this server, add and remove files and execute a great many of them.

Administrator – as the title suggests, admin access is for system administrators. The scope of their connection privileges are vast and include most of the system. An admin user is able to access sensitive data that is useful to them and useful to the system, able to access and edit that data, input new data, remove access logs… just about anything. An administrator user can generally run programs (or agents), modify running programs, and execute illegal or highly sensitive functions or programs on the node without raising an alert. At the admin level, users are able to connect to nearly any intra-network node and perhaps several inter-network nodes.

Example 1: On any forum the administrators possess basic functionality well beyond other users. These include the ability to close, move, edit and open threads, ban or edit users and their privileges. Administrators engage with powerful tools and sections of the forums generally off-limits to other users and can send system wide e-mail, have access to personal information of registered users etc.

Example 2: The Internal Accounting node is looking very juicy and D-Bass queries the node for access. Access denied. His account is unable to get in or he needs an admin level account; either way it’s back to hacking. After hacking his way in with a -6 dice pool, D-Bass has admin privileges in the Internal Accounting node (intra-network). Once on the node he can search around for any information, sensitive information to the company and the system, and once he finds it he can modify or add data. After some snooping around he finds a financial log that suggests his mark has been embezzling. D-Bass encrypts the file further (going beyond merely editing, but full on encrypt / decrypt privileges), adds a databomb (accessing or modifying security systems on a node), and sets up a stealth agent on the node to run and hide the information (ability to add agents and run complex and maybe even illegal programs on the node). The blackmail is ready. Either the corporate stoop helps them or he gets taken care of. Going back to looking around the network node, D-Bass sees a portal to access off-site Renraku nodes; admin level access permits him to enter other systems (inter-network).

Example 3: On a campus network, system administrators get admin access. A system administrator includes professors, tech-support admins, department heads, the president of the college etc. These users have access to accounting information for billing and finance, they can get access to student records and transcripts, to academic records keeping software. If the network hosts files on a file server, an admin level user has unlimited access to these files, can add new ones, delete old ones, and run any of them. The data an admin user can get access to is fundamental to the running of the college and is of great importance to the user and the system.

I hope this is useful.

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~Ernest Hemingway

to expand on the dumpshock user example:

on dumpshock one can say that any person that dont log in is granted access to a "guest" user account. said account have only read access to the content of dumpshock, not write access.

but a logged in user also have write rights, in that one can create new threads and add to existing ones.

this would be the equivalent to a public matrix node. one where anyone can walk in and interact to a limited degree. hell, one may even classify it as a sub-user kind of access.

on a non-public node (say the hacker network of the books) that automatic guest/sub-user access does not exist.

In response to further clarification of what subscriptions are, why they are limited etc:

null

In response to the role of the Matrix in SR 4:

SR 4 is all about constant connectivity. Agreed.

There is a difference between incindental action and narrative action, however. Where unlimited commlink connections, unlimited program use, makes sense is during non-tense scenes. When initiative is not in question, when the results of the interaction are not disputed with the price of losing being character death or other such things, there is no reason to adjudicate how many things a person can do. In combat, however, there is a distinct need to manage the number of things that a user can do.

Joe Average can be connected to basically an infinite number of people with chat or telecom connections. Personally, as a GM, I consider telecom to be a single connection if I consider it a connection at all. Joe Average, however, is not a 1337 hacker slipping into and out of highly secure systems that are hell bent on finding and killing him.

I very much agree that general SR4 play should in no way really ever become a question of how many connections or whatever you have running. Theres absolutely no reason to nit pick that kind of detail.

In VR combat, the rules provide limitations that hackers use to differentiate themselves from each other. If every hacker on any commlink whatever can do a zillion things, there is less motivation to get a better commlink. Classic to nearly any RPG is the linear progression of equipment alongside experience that improves character skills and abilities.

As far as SR4 vs SR4, sure. Games have rules. Without the rules, everything is free form and up to the bias of players and GMs. Pure creativity is great, but the rules can be of great help when it comes time to resolve conflict in a game. The fluff butts up against the rules. Big deal. In Warhammer 40k fluff a Space Marine is a a machine of death capable of killing nearly non stop for a year on end. In the tabletop game, however, where people are playing and conflicts need to be resolved in a non-fluff way, they have limitations just like everyone else. Thats the price of fluff vs gameplay. Oh well.

Null.

I hope this thread can remain mostly content for the sake of helping people navigate the tricky waters of the Matrix in SR4.

Thanks.

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~Ernest Hemingway

**Edited for content**

So the solution for this FAQ is to apply the subscription/connection limit rules only to using Drones (those got group exceptions, too), Agents and Hacking.
Everything else just works.... even if you have a thousand peers.

Ok I'll admit it, this wasn't a useful post.

Ok I'll admit it, that wasn't a useful post.

Here's one that tries to be. It's just a slightly different view. I had to use some of the fluff from the rulebook to make this work, just didn't see any other way.

MATRIX 2.0 BASICS
Five years after the disaster of 2065 the Matrix of 2070 is composed of a near-infinite number of overlapping and interconnected wireless mesh networks used to control nearly every aspect of modern life. After the second catastrophic worldwide computer disaster in 35 years the priorities of the designers of the new Matrix were much more focused on ensuring there would never be a third.

So the new Matrix is built to ensure that it is secure, omnipresent, secure, accessible from all locations, secure and integrated into daily life. And did I mention secure?

[snip]

MATRIX TOPOLOGY
The Matrix a complex organism, a vast collection of billions of nodes all linked together in various networks that are themselves linked together. They are designed to allow random users traffic to traverse them without allowing the random users to actually access anything on the local system or network. Hence it is possible to get on the matrix virtually anywhere. So you can get on the Matrix in the lobby of Ares Space, but that doesn’t mean you have any way of accessing the actual systems that Ares Space uses.

At the bottom layer of the pyramid are individual users with their commlinks and personal area networks. These users and PANs wirelessly interact with other PANs and devices all around them in a wireless mesh network, as well as with the telecommunications vendors that you buy your commcode from who ensure that calls to your commcode will reach you, no matter where you are. Most commercial Commlinks are very low powered devices designed to work for a month or more on a single charge. To do this they have very low powered radios, limiting range to a few hundred meters at most, which provides great service pretty much everywhere that a normal person would go. Variant versions are available for those who need to travel into the dangerous dead zones.

The second tier are the huge number of wireless base stations installed by businesses, in residences or by telecommunications vendors, that Commlinks connect to In addition, commlinks can mesh connect with other commlinks over significant distances back to a base station if they can’t find a good signal locally.

Homes and offices are integrated through a terminal—or term for short—that tends to serve as its multimedia center (image scanner, full-size printer, video screen or holo display, larger speakers, and so on). It's a much faster connection than a wireless commlink, but (given the typically fast wireless connection and the things people do with their commlink) most people never really notice. This also provides local wireless access for commlinks and connects through a fiber link (in developed areas, via specialized wireless in others) to a company that provides the matrix connection. In general, people would no more not have matrix service than they would not have water or power.

The bottom of the pyramid are the service provider networks that transport data across a region, continent or world-wide. When properly functioning they are invisible to users. Only larger companies directly interact with them, as their sole purpose is to move huge amounts of data unnoticed behind the scenes and to stop large scale Matrix "events". The company that provides service to houses and small offices will typically have a contract with a small local service provider, who will contract with a large world-wide provider. This is unimportant to most users, the Matrix just works. It’s even unimportant to most hackers, as the service providers transport their traffic along with everyone else's. It only becomes important when someone creates “significant� events, at which point “things� start happening very fast. There will be no third worldwide computer disaster.

In response to a question asked of my by one of my gamers, I will be expanding on the topic of Agents in this post.

Agents
Agents themselves, as the book states, are intelligent programs that can use other programs. Their effectiveness is limited by their overall intelligence and quality of design (roughly, their Pilot ratings). An agent's payload is its loaded programs. All programs loaded into an agent must be active (and thus count against the system limit for reducing response). Either the agent's Pilot or the node's System (whichever is lower) determines how many programs the agent can load before degradation of performance. Agents loaded onto a node run with the Response rating of the node they are on. Further, an Agent's pilot program cannot exceed the System rating of the node it is loaded on.

An agent functions as an independent connection and any node it is loaded into must use a subscription slot for this connection. This requirement somewhat limits the ability of a system to maintain multiple agents. If a System 3, Response 3, Firewall 3 node has two agents on it when a hacker loads an additional two more agents, its Response is lowered by one for having so many connections and running programs, reducing the Response that the Agent's function at by one which in turn lowers the System by one. As a result of the load placed on the system, all of the agents function with a lowered Pilot rating of 2. These penalties reduce the number of programs an agent can run before reducing response further and the lowered response reduces matrix initiative.

These reductions serve to make it difficult and disadvantageous for a hacker to bring a whole host of minions with him wherever he goes. A hacker can choose to do so, but will likely reduce the node's computing rate to molasses in the process.

So that is a loose summary of how Agents function. But what exactly are the agents, what do they do and how do they do it. For this, example agents are provided. These basic agents are designed for specific functions. An agent’s pilot program functions at its rating or the system rating of the node that it is currently loaded on. Their pilot ratings reflect the System rating of the network that they are run on (a more complex agent requires a higher system rating node to function at peak efficiency).

Agents by Knasser
Knasser's Sample Matrix Sites .pdf contained several useful examples of agents and their functions:

Receptionist Agent (Pilot: 2, Analyze 1): A user interface system operates on this node to deal with visitors, i.e. take messages for the company, direct people to the appropriate person for their enquiry, etc. In VR, it takes the image of a Japanese elf in a crisp, tight suit. The corporate logo glitters in gold on her lapel and her face is VR perfection. If in AR, then the secretary's face appears as a connection icon in the interface. It is capable of holding moderately sophisticated conversations in areas of its expertise. If unable to deal with a visitor, it will contact a (meta) human for assistance. The agent will approach any visitor to the node that it detects with a matrix perception test (Pilot Rating + Analyze vs. Hacking + Stealth). If "killed", the agent will be restarted later.

Low Level Security IC (Pilot 2, Analyze 2, Attack 2, Armor 2): The purpose of this IC is to investigate and deal with any unauthorized intruders on the network. It is normally inactive and will only be triggered if the node itself detects an intruder or if it is approached / attacked by an intruder. After doing so, it will remain on alert for up to an hour, investigating any other intruders. Note that when the IC activates, this reduces the node's response time to 2. The IC will not pursue users beyond the current node, but it will send an alert to its masters if left active after a confirmed encounter with an unauthorized user.

Attack Security IC (Pilot 5, Black Out 5, Attack 5, Armor 5): An extremely nasty piece of IC software originally boosted from a Renraku system and thoroughly sanitized, this IC will use Black Out whenever it can, or fall back on the Attack program only if it must.

***Other tasks and agents, with examples (by me)***:

Agents by NoOnesShowMonkey

Search-Bot (pilot 3, browse 3, analyze 3, optional Decrypt or Scan 3): This search-bot is loaded onto a node with a set of instructions and search arguments and left to run. Its primary purpose is datamining. When loaded into an icon, it functions as a sort of sensor suite if Scan is loaded. When outfitted with the Decrypt program, the search-bot is capable of digging around in even a secure data haven.

Example: In earlier examples LoCoPyRo was searching around a Renraku financial system and found a datacache but did not have time to look through it and accomplish his mission. Instead, PyRo left behind a search-bot to sift through the data and locate paydata. Left with instructions to find sensitive materials (finance or defaulted corporate knowledge, 2 test) or anything with the target’s name, the agent begins to dig through the data on the node, decrypting as necessary.

Smoke and Mirrors (Pilot 4, Spoof 4, Analyze 4): This agent is designed to give a hacker increased exposure time in a secure system by constantly spoofing his data trail. Should the agent become aware (through analyze or the hacker issuing a command) of an active attempt to trace the agent or hacker, the agent begins a redirect action.

Example: Ch0pp3r is doing what he does best: breaking into a secure system and mining it for information. Rather than having to go through the headache of worrying about security, he has loaded a spoofing agent into his persona to do it for him. The slight load on his commlink is worth the security. While he is accessing an employee database looking for work and pay schedules he finds out that some IC is trailing him and trying to determine his location. The agent switches over to redirect automatically and buys Ch0pp3r some precious seconds (via a redirect using hacking + spoof) to find the data he is looking for and get outta dodge.

Ares U-Boat (Pilot 4, Stealth 4, Analyze 3, Black Out 3, optional Sniffer 3): The Ares U-Boat series of IC is popular for its sudden brutality. The IC lurks in a system, checking users one by one and if it detects any nefarious activity it strikes without warning. Most users are not even aware that it is tracking them until they are fried. These IC are often deployed in groups of two or three, a "wolfpack" in hackerspeak.

Example: PyRo is logged onto the Internal Accounting node of the Renraku financial subsidiary that his team is attacking. He has just found his paydata but it would seem as though the system has also found him. Confident that he has slipped in and out like the wind, gotten the paydata without getting a scratch, PyRo does not notice the U-Boat (failing his computer + analyze vs. the agent’s firewall + stealth) until it is too late. Before PyRo can even load up his defensive programs he is slammed by a hard hit from the Black Hammer. Looks like this hacking job won’t be as easy as he thought…

NeoNet Beagle Probe (Pilot 4, Stealth 4, Analyze 3, Track 4, Sniffer 4): The Beagle Probe is technically IC, though it does not directly attack a user. Instead the IC patrols a node, searching for unusual activity and checking every user that comes along. When it detects an unauthorized user (by computer + analyze or electronic warfare + sniffer) it can notify the system, set an alert and begin tracking the intruder. Should the agent be attacked, it will flee or shutdown, freeing up system for a combat agent.

Example: Skulking about the Internal Accounting node on the Renraku system is a Beagle Probe agent. PyRo seems intent on finding his paydata and does not realize that something may be amiss until there is a slight lag in performance as a combat agent loads up. Doing a quick scan of the network yields no information (computer + analyze), so PyRo sets about his work once again. Little does he know, a Beagle Probe has detected his illegal activity and has dispatched a U-Boat agent to knock him off the network.

Operator (Pilot 3, Sniffer 3, Browse 3, Decrypt 3): a common telecom program reborn into a surveillance application, Operator’s primary purpose is the automated detection, observation and interception of commcall activity. Operator logs all communications it detects and once it has begun surveillance of commcall activity moves on to another open connection. The agent may be told to focus on any particular bit of telecom activity or to remain in scanning mode until it finds a particular kind of telecom activity.

Example: LoCoPyRo is running surveillance for his team in at a public park, disguised as a bum. Figuring that two sets of “eyes� are better than one, he loads his Operator agent to help him scan the area for activity. Deciding that discretion is the better part of valor, PyRo has the stealth program loaded into the agent, trusting that a slow response time is better than being detected. The agent first detects and monitor’s the Johnson’s telecom activity and, at the behest of PyRo, looks for any activity connected to the Johnson’s commlink. Finding several different connections, the Operator determines that two of them are telecom and attempts to monitor them.

Again, I hope this is helpfu.

- der Menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~ Ernest Hemingway

About agents, you might like to add that there are two different interpretations and, as far as I know, there hasn't been any official answer about it.

1) An agent can be loaded on a node and act on another
Agent is loaded on rating 6 node A and its "persona" goes in rating 3 node B. It will still have it rating 6 because he's still running on node A

2) An agent has to load itself on a node to act on it.
Agent is loaded on rating 6 node A and it wants to go on rating 3 node B. It will unload itself from rating 6 node A and load on rating 3 node B, downgrading his attributes to 3.

If you don't have any official answer, please don't start an argument about it. It has been discussed numerous times and nobody has found any proof that clearly shows the canon answer. Both interpretation have their own advantages and disadvantages and, despite what some people like to say, their own consistency.

I find that the majority of the connection limits vs fluff issue simply goes away if one remembers (or if I may daresay reintroduces) the concept of the RTG/LTG.

This presumes one is counting a connection to the RTG/LTG as a single connection subscribed to your system, allowing connection to virtually any amount of nodes IF they are accessed via the RTG/LTG (in a similar way to open tabs on Firefox or IE).

Of course, this is simply my opinion/suggestion - I'm by no stretch of the imagination a Matrix specialist

Obviously, the only raison d'être of the subscription list is to prevent a rigger from controlling too much drones at the same time, to prevent a hacker from having too much agents on the run or and to simply prevent some exploits that could maybe happen if there was no such limitation.

Allowing to use only one subscription for the connection to the RTG/LTG would be ok for drones, but wouldn't for agents (in most cases).

The mesh network just costs more money which limits the size of the army. But in the Matrix there's virtually no limit on how many public nodes you can find to load agents on.

In response to how an Agent functions and interacts with Nodes and Personas:

Agents Continued...

Agent Response on Nodes and Personas
An agent can function as an independent program, relying on its Pilot program for intelligence (and in fact can be quite intelligent, at times nearing human levels of intellect depending on the subject and the kind of Agent). Agents may also be loaded onto a hacker's commlink and the hacker's "Persona", essentially adding the Agent's functionality to the hacker's icon like a piece of equipment or a spell.

Agents in a Persona
When loaded onto a commlink and a Persona, the Agent counts against subscriptions for that device and is a running program. Both of these conditions serve to eventually lower the Response and System rating of the Persona's commlink should there be too many programs running at once (the aforementioned "mob of agents or drones" effect).

Once loaded, however, the Agent can perform various passive functions on its own. If the agent is running an Analyze program coupled with Sniffer, it may manifest on the Persona's Icon by way of a pair of goggles or high tech sunglasses or some other appropriate metaphor. Such an agent would make Matrix Perception tests on its own every round to see what it could see and report back to the user.

Agents loaded into a persona can only affect that persona, granting extra abilities that its programs have, or affecting the icon it is loaded into. Common uses are for Armor or Medic programs, functioning as an automated combat medic.

An agent loaded into a commlink may engage an agent or IC or hacker that is attempting to hack that commlink. By the intruder attempting to open a connection on the node, there is sort of local instantiation of the intruder that can be attacked by the agent. In this way, an agent can be loaded onto a tech-luddite's equipment and will vigilantly guard that runner's system.

Example: Proto’s commlink runs a nasty chunk of software he has named “Butch�. “Butch� is an IC program given to him by his buddy LoCoPyRo. PyRo claims that he was getting tired of Proto’s complaining and getting hacked during runs, so PyRo setup some IC. In their next run a security hacker tries to hack into Proto’s commlink to mess with the linked cyber. When the hacker is almost in, “Butch� has at him. The poor hacker didn’t see the Black Hammer 3 coming… Looks like if this hacker really wants to screw with Proto’s gear, he is going to get a headache at the very least.

Example 2: See earlier example for "Smoke and Mirrors" the spoof program.

Agents on Nodes
If a user wishes to have an agent perform functions beyond the local or passive levels or wishes the agent to run autonomously while he runs off to do something else, the hacker must load the agent onto a node. An agent loaded onto a node uses that node's Response for its own and cannot run a Pilot program higher than that node's System.

An agent so loaded can autonomously run its program payload and go about its business. If its controller’s access permissions include mobility through other nodes (or if those nodes are public), the Agent can move from node to node if it is equipped to figure out how to do that (has an Analyze program for perception). An agent of sufficient quality may even hack its way into various systems if it is loaded with the necessary program suite. Such independence comes at a cost, however. The agent must report back for new instructions as it reaches various goals and this can create a datatrail back to its controlling hacker.

For an agent to engage in cyber combat on behalf of an Icon, it must be loaded into the Node so that its programs can actively and directly interact with (ie fight) the programs loaded into that node.

Note that all Agent programs are considered active and its rating is considered its System for determining program overload. A low System rating on a node can lower the Response of the Node and the Agent, further taxing the agent when its programs are too numerous for it to run effectively. The latest whiz tech can only run as fast as the subsystem (node) it is loaded onto and there is no Matrix constitution that states that All Nodes Were Created Equal. A company does not need a high speed, massive connection hosting server to manage information that only gets accessed infrequently and by a few users. Such a system would not need to accommodate the system load of several agents on top of a couple of hackers smashing the system apart with high tech programs.

It is useful to remember that the "reality" of the VR matrix is directly generated by whatever Nodes a user is in contact with. If the integrity of those nodes is challenged by way of overloading them, the literal world will begin to glitch, a "Bullet Time" effect may occur unintentionally as everything hiccoughs for a moment as the system tries to keep up. As a general rule, a Node has a System and Response rating equivalent to its use, sensitivity of information and intended program loads. A high security node needs a high System and Response so that several users can be going about their business while a security hacker patrols along side of multiple agents. This also means, however, that high security Nodes, by their nature, provide intense, high speed VR combat zones because the system itself is capable of rendering in high detail all of the chaos.

Example: Ch0pp3r is chopping his way into a particular slice of data heaven: a NeoNet telecom server. He makes his way onto the server and has a look around, deciding to snoop around in the Client Accounts node (System 2, Response 2, Firewall 2). The Client Accounts node is a large data storage node that is used in conjunction with several other nodes. Currently loaded is a Switchboard agent (pilot 2, Browse 2, Analyze 1) that scurries about and finds users data. Ch0pp3r gets unlucky and the Switchboard agent somehow scans him and finds his illegal programs and sets an alert. Ch0pp3r drops a Search-Bot to find him some paydata and gets ready for IC to show up. When the IC finally comes around, the node itself is at a snail’s pace. Switchboard, Search-Bot, Attack IC and Ch0pp3r are all active in the node, reducing system and response to one. Luckily, the IC itself will have a hard time doing anything (its Response is probably in the toilet, and so is its Matrix initiative) but that does not change the fact that Ch0pp3r must spend even more time finding his paydata… more time while the system is aware that something is wrong.

Example Agents that run on a commlink and Persona

Saw Bones (pilot 3, medic 3, armor 3): Saw Bones is an automated medic program that can be loaded into an Icon or Node. The Agent functions akin to a combat medic, identifying damage and doing its best to repair the wounded program or icon.

Example: MCCCXXXVII is hacking his way into an Ares Macrotechnology security server. Not the brightest idea, smashing through the front gates, but that’s what the circumstances allowed. He is immediately greeted by a pair of IC and things get rough. The first round of combat results in seven boxes of wound damage to his Icon. The next phase comes up and MC3’s Saw Bones agent kicks in and makes its Pilot + Medic check and fixes three boxes of damage. By the end of the round the two IC are toast and MC3’s Icon is nearly fried, but the Saw Bones is slaving away to fix him.

Mitsuhama X-Scan Pro (pilot 4, Scan 4, Sniffer 4): Mitsuhama’s offering for the surveillance market landed with a splash. The X-Scan Pro is a highly intelligent program designed to ferret out hidden mode commlinks, hidden nodes and generally find anyone who does not want to be found.

Example: Grot Harvey, hacker extraordinaire, is in the midst of a run at a Yakuza gambling establishment. His goal is a secure file server somewhere on the premises. He loads the X-Scan Pro with an additional Stealth program and lets it run while he plays some AR games. Within a few minutes the Agent has located four hidden mode commlinks and encrypted wifi traffic between three separate nodes. Logging all the information, Grot makes a show of “losing� some nuyen and leaves the gambling den in disgust. Hopefully he can crack the crypto, analyze the data he has and figure out if the server is out there.

Example Agents that run on a Node

Havok-Bot77 (Pilot 4, Attack 4, Exploit 4, Stealth 4, Analyze 4): When a hacker needs a distraction, he calls on the Havok-Bot77. The prime directive of this disruptive little chunk of software is to run amok in a system, crashing all mundane programs it comes across. When it detects IC or a security hacker, the Havok-Bot77 lets out a cackle, leans on the stealth program and flees looking for another unsuspecting and unarmed victim.

Example: When it comes time for Grot to smash his way into the Yak’s secure server at the gambling den and get the payadata he has no idea how he is going to do this and not get fried… He decides to try out the Havok-Bot77. Hacking his way into a secure account, he loads the Agent on to the network real quietlike and lets it rip. Within moments several programs that monitor cameras are crashed and the system alert status skyrockets. IC come flying out of nowhere to engage the nasty little imp. In all the confusion, Grot loads up his Exploit program, cracks his digital knuckles and starts to hack the server with all the subtlety of a thousand pounds of TNT. If he is lucky he will get in and out before the system can realize what he is doing and re-task IC to come and get him.

Search Bot: See earlier notation and examples of the Search Bot.

Useful information on this post has been cross-referenced and added to the main Agent's post as necessary.

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~ Ernest Hemingway

System's Guide to Paranoia v1.3 by Serbitar

An utterly amazing resource for understanding the ways of the wireless matrix in the 2070s from the shadowrunner's perspective.

Includes descriptions of how necessary and actively used a Commlink is, how vunlerable the wifi connection it actually is and how much any given ID hack can get you. Well written with some very classy quotes.

This should be standard reading for any tech-savy party member of a Shadowrun game. Completely indespensible.

Some golden quotes:

This is very helpful. Thanks 'monkey.

Can an Agent that is active in a person's Commlink call up another stored but not currently active Agent? For example, Muffintop has an Agent (Analyze, Sniffer, Spoof, Stealth) loaded into her Commlink. If it detects a hacking attempt, could it call up it's big brother (not active at the moment) to attack the intruder?

In response to questions about Agents being able to call in other Agents:

As intelligent programs that can use other programs, I am inclined to believe that they can start other agents. The tricky issue is whether or not the action of loading the agent requires a complex action by the hacker who is controlling the commlink either through system load or by active work to load the agent. I am inclined, for the sake of balance and sanity, to say that loading an agent takes a node a complex action (regardless of the hacker being active or not).

This is a very dangerous issue, however, as finding conditions that result in the spawning of agents can easily be exploited and bring a system to its knees. In fact, one of the matrix examples I am working on right now reviews this very phenomenon...

Anyhow, I will be offering an in depth example of a system that is setup for complete automation at a later date. In the mean time, I hope that this quick response is plenty.

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~ Ernest Hemmingway

Thanks.

Ok, same scenario as above. Would the Big Brother Agent that is called up need to include Analyze in its loadout in order to attack the intruder?

In response to the necessity of an Analyze program on a combat Agent:

If the intruder has been found by the system, it has been found. Unless the intruder makes an active and very serious attempt to hide, he is in the spot light and can be thoroughly (excuse the pun) lit up. Think of a discovered character who was at one time stealthed. They are considered in plain site (man I am punny today).

Personally, I ain't a bettin' man, but most hackers are not so slick as to duck and run immediately and play it slow. But then again, there are some pretty smart chummers out there and a few of 'em are stupid enough to plug a perfectly good brain into some computers.

A great way to keep a player on their toes would be to attack with programs that use Stealth regularly. Most attack IC that players (and NPCs) use will be combat heavy, leveling an Attack program next to Armor and skimping on Analyze. In general, however, Analyze is used for Matrix Perception. Without the program the agent would have to default to its Pilot rating. This may be enough to track an intruder and engage it, but I wouldn't count on it.

In general, however, any Combat IC Agent that is worth its 1's and Zeros will include a decent Analyze program.

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~ Ernest Hemmingway

That's helpful, thanks.

So, is there any limit on the number of non-active Agents that can be stored on a Commlink?

In response to the amount of inagents capable of being loaded into a commlink:

In SR4 with the advances in computing tech and memory, there is no particular reason to track storage space. Thankfully we do not need to tabulate our current memory on a graphing calculator as in SR3.

So no, there is no limit (other than nuyen) to the amount of programs or agents loaded onto a commlink.

I can remember, just a scant few years ago, operating on a 512 mb hard drive... And only a few years before that, such a drive was massive. Now I run on a pair of 150 gig SATA drives and they are a little "small" compared to a lot of things currently available... Oh SR4, the future I can't wait to have sometimes!

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~ Ernest Hemingway

Ok, that's what I thought, but I wanted to be sure. Thanks again.

More on Agents ...

Could a hacker send out a pair of Agents to work together (independent of the hacker), one a search-type and the other to protect the first and cover tracks?

In response to the tasking of multiple agents to a complex task:

Presumably, yes. Agents can work together quite well. The question at hand will be program load and inter-communication. I would guess that if a Pilot program is a barometer of general intelligence, that the Pilot program would be a good place to start in determining if Agents are capable of automatically performing any given task as a team without further input from the host. There is nothing in the rules that would suggest a hard limit, but I would suggest a soft limit of Pilot/2 rounded down. This would derive a number of Agents that can work together without causing problems of whole armies of agents marching off to hack the planet.

Without some manner of limit, a hacker is motivated to load a zillion mini-agents to do a task. Logically speaking, a low Pilot program is not expected to be able to figure out complex tasks (a dog brain, afterall), much less coordination amongst other agents working on that shared complex task. The limits built into Nodes for program load and subscriptions ought to do a decent job of handling over-taxing a system.

Good agent teams would resemble the stealthy pair of the NeoNet Beagle Probe and the Ares U-Boat, for example. Remaining entirely clandestine, the pair would stalk about a node, looking for trouble. Once found, the U-Boat can either engage or follow an intruder until other IC comes to assist.

The following is a rough guide to how intelligent a Pilot program is regarding the use of its programs, its ability to understand complex tasks and coordinate its effort, and to execute its tasks efficiently. The most important aspect is, however, the human touch: discretion.

*** content generated by me and in no way backed up by any rulebook ***

Pilot rating 1 - Dog Brain: A rating 1 pilot program is capable of understanding basic instructions in terms of geometry or timing. Examples would be to "go there, do this and then that". General intelligence would be limited to pre-programmed responses based on a specific topic.

Pilot rating 2 - Semi-Intelligent: At rating 2, a Pilot program can engage in more complex tasks, even compound tasks, limited reasoning, and is far more dynamic. Intelligence still is limited to an area of expertise, but the program is capable of realizing its own limitations.

Pilot rating 3 - Intelligent: By rating 3, a pilot program is capable of reasoning within its area of expertise with little instruction. A rating 3 pilot program can autonomously engage in basic level problem solving and regularly produce positive results. As a program, it is self-aware enough to know its own limitations and understand its role in the system to where it can take appropriate action and is capable of a surprising amount of animal cunning.

Pilot rating 4 - Very Intelligent: As a highly developed piece of software, a rating 4 pilot program has complex AI behaviors that can extend well beyond its basic functionality. Even complex tasks such as loading and unloading software dynamically or intelligently traveling nodes, can be attempted with a reasonable rate of autonomous completion. Interactivity is on par with a human for areas of expertise.

Pilot rating 5 - Extremely Intelligent: Programmed by truly talented hackers and software engineers, a Pilot program at rating 5 is almost a true AI. Self aware, intelligent, capable of learning and processing data at rates that are beyond that of humans, a rating 5 Pilot program can engage in extremely complex tasks and be relied upon to reach success. Self-awareness extends to being aware of other programs as complete entities with limitations, not simply as tools. A rating 5 Pilot program can, with sufficient input, function indefinitely.

Pilot rating 6 - Supra-intelligent: Representing the pinnacle of AI programming, a rating 6 Pilot program makes a mockery of most humans with its massive apprehension rate and uncanny capabilities. Completely self aware to a point even of human cunning, a rating 6 pilot program goes beyond a simulacra of human intellect to some strange in-between. Nearly any task can be reasoned through as any highly intelligent human with massive memory banks would be capable of doing. Perhaps its largest drawback would be the rank efficiency and the coldness of its operation.

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~ Ernest Hemingway

Gah... it looks like I will be needing to consolidate all the recent banter about Agents into yet another Agents Continued (part 2) post.

Expect some cleaning soon.

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~ Ernest Hemmingway

You've been extremely helpful. Sorry for semi-derailing the thread.

im sorry, i disagree with your assumption that the pilot limitd the things a program or drone can do. Anything can attempt something, but the pilot limits how WELL that can be done. Just like any other test. Just because Joe Blow made a Cha 1 face, are you only going to let him try to talk a little kid out of their lunch money?

If you read closely the Pilot program explanations they explain that the Pilot program gives a guide for how complex of a task can be expected to be performed with success.


Purely extrapolating "rules" based on the guidelines given above:

If you were to give a drone a simple task, such as "go there, do this", it is not hard to do. However, asking an agent to carefully hack its way into a secure node, load up some new programs, learn the node and its functions, choose which area of the node is most likely to result in a mission complete and then hack its way around other nodes looking for information or whatever its goal is... Then I think it is reasonable to assume that would take a Pilot (task difficulty) check. In the extremely complex task the threshold would be around a 3. A pilot 6 program can succeed that kind of task most of the time. Preperation on the part of the hacker to extend the "basic functionality" of the agent towards the task at hand would help a great deal.

When I have some more time I will post further explanation including a chart of what would produce modifiers, what a good threshhold is.

Note that this information is in no way required and in fact I would personally not even use it. This information is to be used as a reference for understanding what a player can expect from a drone. You can ask a Pilot 1 drone to do a complex series of tasks... and you can also expect it to fail regularly. If a GM has a good understanding of what a pilot program means, how they interact with Agents, and what an Agent can ge expected to do then he can completely forgo the rules. This is the best of all worlds. No rolls, no time spent, totally streamlined... But the book itself provides very little in the way of explanation or example regarding the intelligence of a pilot program or what a pilot program for an Agent is like.

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~ Ernest Hemingway

Hacking, a “How To�
a primer for hacking in SR4

Though the SR4 core book provides all of the tools necessary to go about a hacking scene, construct a network and navigate the complexities of hacking, the book itself provides little in the way of guidance or explanation. As a result, players, in my experience, are not sure how to go about hacking, what to do, where to do it and in what order. The purpose of this section will be to explain exactly these things and to use the tools in the book to create a scene, show how to do this and then how to run that scene.

Terms to know:

Hacking can be a rather complex process and it is good to understand a few complex terms before setting about the task at hand. When hacking a system, several key features come to the fore.

Accessibility: Where the network that you are hacking is located is a measure of accessibility. Whether a target is a commlink that requires the hacker to be within the signal range of the device or a closed network on a corporate campus, a hacker needs to know where to find that target network and the conditions of the hack.

Exposure: Once the network is found, even if only abstractly, a hacker needs a way in. The weakest link of a security system is generally the guard (he can be bribed, he falls asleep or becomes disinterested, he can be shot or strangled or knocked out) and often it as at the points of intersection between men and machine that a hacker finds the greatest exposure. Networks also require connectivity to function and this leads to exposure. Wireless connections to drones, cameras or any device that is logged onto the network can provide a hacker with the toe-hold needed to scale the security ladder.

Security: While a corporate campus can at times seem impenetrable, its network’s defenses of inordinate complexity and redundancy, every network must share information to function. Security sees to it that only those that who are allowed to access information can get to it. From IC to corp-spiders, difficult and confusing network design, cameras and motion detectors and even mundane or dual natured animals, it is amazing the diversity and complexity of security systems.

Sensitivity: To a skilled hacker, few things are impossible. In fact, most things can be done, given enough time or recklessness. Any system can be hacked. Some systems and their administrators, however, make it their business to make hacking their networks highly unprofitable. When a hacker is engaged in clandestine and hostile computer work he should never forget the scope of the job at hand. Should he bite off more than he can chew, he may get away with it but not live long enough to use the data. Sensitivity is a measurement of how meaningful data is on a network and of how far that data’s owner is willing to go to protect its integrity.

By reviewing these abstract terms, a hacker (or a GM) can quickly assess the steps necessary to hack a target. By reviewing this list, a hacker can quickly assess whether or not the job can be done and perhaps find new methods for completing the mission.

Example: Grot Harvey is trying to hack his way into a Saeder-Krupp employee database to find information for an extraction. Thinking of accessibility he comes up with several options. He can check the matrix for published public data, though this is unlikely to yield information about sensitive targets. Without having a reliable and direct source for information he settles on hacking the S&K subsidiary that his team has been casing.

Doing some legwork comes up with info on the system design: the employee records are held in an on site, closed and wired network that is routed through other Saeder-Krupp facilities in the region. His info also comes back with a word on Security: Saeder-Krupp maintains some very nasty IC and several security hackers that are on call. Its all BlackHammer out there, chummer.

Through various bits of leg work and minor hacks to gain information, Grot determines that there are several routes into the network. His team can kidnap a middle manager and make him “call in sick� to “telecommute�, piggybacking his connection. An alternative is to hack into the security devices on the exterior by staging a “maintenance call� on one of the cameras that must be in communication with the rest of the system in some fashion. Once in, Grot could hack his way back through the Security node and perhaps into the Employee System. A third option would be to infiltrate the Saeder-Krupp facility and setup shop right near the server’s location, drill through the walls and try to hack directly in.

Some more legwork reveals that security on site is tight with several patrols of armed guards making regular rounds. The guards make general use of dual natured dogs and the whole of the campus is wired for motion detectors and cameras. Presumably a High Threat Response team is on call. Saeder-Krupp is well known for handling problems “in house�, so LoneStar will not even be notified.

Grot decides on the following: Access demands that they get into the main Saeder-Krupp network without going through the main matrix nodes – too many hacking jobs, too much time in the system and too much security. For exposure he chooses the weak link of the networked camera as his way in. Security will be tight, with meat bodies and IC all over. Sensitivity is nearly high enough to have him call it off, Saeder-Krupp is known as an organization that you don’t fragoff and live to tell about it. Hopefully, if he is quick and thorough, no one will be the wiser!


***Later hacking templates will include:***

Can You Hear Me Now? - How to Hack a Commlink in all of its glory.
This is not the Cyberware You are Looking for – Hacking security devices on the fly.
More to come…

- der menkey

"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~ Ernest Hemingway