Ok, this begs several questions in my mind - not to start an argument, but rather just out of simple logic. If option 2 above is the case of how agents are supposed to work, how do they go about loading onto the second node in the first place? Since logically they'd have to first hack the firewall (unless it was a public access node)?

Also, wouldn't option 2 make spoofing one's datatrail or tracking said trail impossible (presuming personas would have to log unto nodes to effect them and the data logs that make up a datatrail are logically housed on external nodes)?

Unless of course, one rules that they can hack a node from the outside (ie run Exploit on it) but must be on the inside of the node to effect it (ie run Attack to crash it, Edit, etc)? A compromise solution maybe (but one that still leaves makes spoofing/tracking a total pain)?

Perhaps I'm just being dumb - as I've said, the Matrix is hardly my specialty.

Also note that the first sentence of p. 228 indicates that agents can be offloaded into "a particular node separate from your persona" and p. 227 (last sentence) tells us that "[agents] loaded into your persona have the same datatrail, so Track programs that go after an agent will trace back to your own point of origin."

This has always indicated to me that if you have removed an agent from your persona, besides reducing the load on your own systems it also separates the datatrail of the agent. I've forced spiders and other forensic hackers to track an agent back to its point of origin (where it was offloaded) and then depending on player actions (i.e., did they remove a log of who began to run that agent in the node) they might be stumped or they might be able to perform a new Track action to try and find the PC.

I know - I've avoid such discussions like the plague in the past! I'll run the search fu tonight (getting tired) but just wanted to put the thoughts out there.

See, this is why I avoid Matrix discussions like the plague Some of you guys are WAY beyond my knowledge/understanding of computer science, and frankly it hurts my wee brain at times

I think I see what you mean - the agent is essentially received in queue (or something - basically the modem equivalent?) and is on the node without having access (That require a Spoof test to get it into the node's queue to begin with, as you note?. Wouldn't they have noted that in the rules if the was the intention - assuming one cares about RAW that is.) It would essentially be using the nodes own resources to hack the node (??? How could it do that without breaching the firewall? Wouldn't that require CPU control to insert it's code into the RAM-equivalent to be run?).

Limited queue size in essence? As a security measure not a bandwidth issue. And this queue is also what bounces transmissions around to enable the functioning of the mesh network, right? Is this kinda what you're talking about Dashifen?

Ok, the way I see it, the login data (access IDs, login time, logout time, etc) would be stored on the node itself - as opposed to in this hypothetical queue that anyone can get into - logically for security purposes. In order to read (ie per the track program) or alter (ie the spoof program) your datatrail, you'd need to get past the firewall of each node you access (unless you already have security/admin access) in order to view or alter these logs logically if this is true. Not just agents but anyone. You couldn't logically spoof your datatrail by just running a program on your commlink (as the RAW states you can).

If this is correct, wouldn't the fact that the RAW lets you spoof your datatrail without all this work imply that the designers meant for option 1 above be the case? (Or were just lazy/wanted to make play easier, since what I just said makes no sense from a security standpoint)?

That sounds right.

Actually that's (with the queue and other stuff) the kind of things I add to the rules... I tend to see the Matrix rules as just a base canvas just like the combat rules will explain how I can shoot, how the enemy can dodge and how I can move but not how I can jump over the enemy, press my gun against his head and shoot.
So I just consider: I want to protect my system from hacking agents, what do I do? I choose which nodes are authorized to send an agent. I want to hack this protection, what do I do? I can edit the list, but that requires an access. If I want to hack without altering the target node, I need to fake my request to make the node think I am on the list, which can be done with the Spoof program. Another way would be to make the node think I am not an agent but just random data and then to reconstruct the agent inside the node, that'd be exploit. I like it that way, but it might put off those who prefer to have a fixed set of rules and action. In that case, I'd recommend you to take a look at Serbitar's (or other's) alternate rules.

Anyway, you might skip all this and just consider that the exploit roll takes care of that too... But actually, if you want to play it strictly according to the rules, you'll just roll exploit without knowing exactly which rating to use .

A virus/trojan runs on your computer to hack it. Doing that without breaching the firewall is simply what hacking is about.
Let's take the (simplified and hopefully simple) example of today's hacking of through a virtualized computer . The target computer is running a virtualization program which 'emulates' another computer with its own Memory. Basically, the virtual computer should not be able to access the rest of the memory of the real computer, right ? But if you are able to overflow the memory of the virtual computer (and if the virtualization program is badly written) you'll overflow into the memory of the real computer. Hacking is all about lateral thinking.

Edit: actually, that wasn't the thread I remembered, though it was a good one. There was a thread where we discussed the differences, if any, between an icon and a persona which related to the method by which agents could move from node to node.

As a player, I could accept doing that, but as a GM I prefer to actually have some idea of what's actually happening in-setting. That and I like to know how many dice I should be rolling, so ratings are kinda important

Thank you for your explanations btw - they are helping out a lot!

If you want a canon answer to that question you can try asking the FAQ. I tried a long time ago but didn't get any answer.

EDIT:
@Dashifen: I think you're referring to this one.