Help - Search - Members - Calendar
Full Version: Commlink Security
Dumpshock Forums > Discussion > Shadowrun
I've seen a fair number of people posting about 'secure' Commlinks in the past, and it got me to wondering exactly what this entailed.

So, I would love to see examples of what other people consider to be a very secure Commlink (and preferably why) for a shadowrunner, be they a hacker or not.
Securing a commlink is easy. You take a pocketknife, and you jam it repeatedly into the wireless module.
Usually, just running Analyze was good enough for the hacker I used to play. I could power-cycle the commlink if a hacking attempt was in progress, and I had a good enough System and Response Rating to make that process quite brief.

As a corollary, when I'm the GM, I usually run my (para)military units with electronic warfare in mind. For example, in our last session, the hacker managed to pwn an attacking special ops soldier's PAN and shut off his cybereyes. The soldier's response was to drop into cover, tell his team he'd been hacked, and reboot.
I prefer running multiple PANs and using a beta-grade Datajack as a really nasty chokepoint to protect my cyberware.

Oh, and adapt everything you own to use skinlinks, only your commlink and your DNI interface (Trodes or Datajack) should be using wireless at all in most situations.
QUOTE (Ravor)
I prefer running multiple PANs and using a beta-grade Datajack as a really nasty chokepoint to protect my cyberware.

That could work, as long as you don't want any connectivity between your cyberware and your commlink. Like being able to use AR.
Well, that is why when I want to be able to use DNI I use a Simple Action to command my before mentioned beta-grade datajack (Which is loaded with the nastiest IC I can find.) to subscribe itself to my commlink and when I'm done I cut the connection until it's needed again.

As for AR, well that is what smartglasses and earbuds are for, even if I do have cybereyes/ears.
So, nobody loads IC on their Commlink?
The Jopp
QUOTE (Fortune)
So, nobody loads IC on their Commlink?

IC are usually run by the system when an intruder is found which means that they are only useful IF it finds someone.

I usually go with a pair of agents running analyze so that they add two extra analyze checks against intrusion.

When an intruder is found they switch to attack/blackout program and pounche whatever is found.
As far as I knew, Agents = IC.
The Jopp
QUOTE (Fortune)
As far as I knew, Agents = IC.

Actually they are listed as separate programs like pilot. Pilot/IC/Agent all have the same cost but they function slightly differently.
AFB right now, can your commlink autonomously run any security programs without an agent/IC running (other than firewall)? Does the agent have to have the Electronic Warfare program to run security programs?
It looks like a comlink can run analyze by itself. (from the hacking in rules).

"Good" runner security usually involves one cheap comlink with low security that serves to broadcast their fake sin while out in public, to order that double espresso soycaf, and stuff like that.

Next you have the "real" comlink that you'd use to talk to team members, which operates in hidden mode.

First you want to take the ratings as high as you care to. You can start with 5 but if you have a hacker in the party they can make you a "6" from parts you can buy. You can also later upgrade your firewall beyond rating 6 to, well, I guess infinity since it isn't limited by response/system like all your other programs are. Though I think the highest they've published was 10 I believe and that was on a big Ares system.

Also if possible (GM discretion, probably involves some rolls by the team hacker) remove the "user level" functionality from the comlink. "security" level as well if you can. You're the only one who should be using this thing, and you should be the admin. This makes it harder for people to hack the thing.

Your first line of defense is just your system rolling it's 10 or 12 die against the hacker trying to beat your 6 or higher firewall (plus mods if you removed use or security levels). Since their stealth is practically limited to 6 it means that if they don't get in on the first try they're probably detected.

Your system can try to shut down their connection, which may well work, otherwise you'll have to powercycle or call in the team hacker.

If you have level 6 hardware you can run 6 "big" programs. Little ones like a web browser or map software don't count. One is analyze and another is encrypt (which you are using on all communications). For IC you'll have two running analyze. One should be "embedded" in the encryption. This is in the rules, but is horribly ill defined, go to the bottom of the page on the left column of p225 and see what you think. Personally I give the IC a matrix perception test for every decrypt roll the player makes. If the IC detects them it suddenly activates on whatever device is doing the decrypting. Sending off messages to it's boss that it's been activated and by whom if it can tell. And generally raising havok (the idea being that some kind of instance of the IC and it's program was transmitted with the encrypted file and as it's being examined little software hooks in the program may get triggered.). Of course you could argue that this IC shouldn't have to "run" on your system at all. At which point you'd get more programs. I figure it, or equivalent power, is being spent embedding the thing in all communications, mostly as a form of game balance.

For your last two programs have another IC also loaded with analyze just continually making perception tests inside you comlink. This, in time, will catch people who got past your initial system.


Ok, practicallly this makes your comlink really rough to hack by standard hackers. Even your teams hacker will get detected more often than not. Even hacker adepts probably will get caught if they aren't spending edge.

However, did you read emergence and wonder why everyone spazzed about the TMs and hated them? Here's why.

A good TM will make your system their bitch, and there is absolutly nothing you can do about it.

Now there is some GM discretion there. They could rule that crashing IC automatically causes an alert. But that isn't raw I don't believe. They may also rule that IC on their home system can't be spoofed on their home node even by people with admin status (I give a strong modifier).

If they do both eventually your IC will catch the TM. But the TM will probably have had his fun by then.

Of course that applies to prime runner type TMs. Little Timmy with resonance 3 and hacking 3 is probably going to get caught fairly quickly.
Well, what I'd do is take the wireless commlink out of the equation when I know I'll be having a combat situation...

Turn off wireless on cybereyes (and any other cyberware you have), connect smartlink via a datacable from datajack to a commlink that has had the wireless chipset removed and a skinlink installed (this commlink is basically just a router that will convert the DNI data from the Datajack into a format that goes through the skinlink), using skinlinks on the smartgun itself. No wireless anywhere, still use smartlink. For communications, just use a micro-transeiver - and have a pre-discussed system for changing the frequency after each message sent or received (like the 'Smokey and the Bandit' method: stay on odd frequencies, start in the basement and work your way up, switch to even frequencies and return to the basement when you've gone through the spectrum, if you go through that (chatty aren't we) then go to every third frequency, every fifth, etc). Wireless signals are kept at a minimum that way, since the transeiver just sends out when you're talking - its a high-tech walkie talkie. Furthermore, they are inexpensive to get a high device rating - which equals signal. So your signal 6 walkie talkie can maintain communications inside a facility with wireless jammers and anti-wifi paint. With commlinks you don't want a high signal, since they can be hacked from further away at that point. A PAN and data-sharing amongst the team is nice... right up until the facility you're B&Eing turns out to have wireless signal detection sensors (BBB page 325). So turn the wireless commlinks off, and maintain radio silence with the micro-transeivers unless absolutely necessary.

If you HAVE to have AR aside from the smartlinks (or datasharing), then have a separate commlink from the one above with no essential systems on it. This commlink should connect to a pair of Image Linked Glasses or contacts and nothing else. And it should absolutely NOT have a skinlink, as that would give Hackers an 'IN' to your skinlinked PAN. If you go this route, make sure you have an Agent program with Analyze, Attack, and Track to act as IC. But no matter how much IC you put in, a proper hacker or TM will almost always break through.

This system would mean that to hack your cybereyes or smartlink, TMs or Hackers would have to somehow stick a skinlink commlink to your body and keep it there long enough to do their job. Not an easy thing to do in a firefight. Like the BBB says on 224, the best defense against hackers is to simply turn wireless off. And like it says on 304, "Any device's wireless capability can be turned off with a simple command" - you just have to take an action to turn it back on if you need it later.

- Scope_47
How does switching from a commlink to a microtransceiver help? Isn't it still wireless traffic that can be detected, intercepted, and decrypted? Can't a commlink rotate frequencies too? I assumed that trick was why we need Sniffer programs.
Yeah it often doesn't work too well to try applying real world knowledge of wireless/computer security to SR4.

The first reason is that you know about as much about network security 63 years in the future as people knew about modern day stuff 63 years ago, when beating the enigma code or any good form of alphabetic substitution scheme would take massive resources.

They would probably say that something the size of a laptop being able to beat such cryptology quickly would just be silly.

The second reason is that it makes extra headaches for the GM. Oh sure you can hack the elite military forces communications. But they can't hack us because we're changing frequencies! Why don't the elite military forces do the same thing? Well I guess they're just stupid, and clearly never saw Smokey and the Bandit.

So now as the GM if you let them do their hoping thing you either have to deal with everyone else doing it too, maybe have to retcon some stuff, and now have to houserule how to beat it.

And then they'll tell you about how public key encryption is unbeatable or whatever.

Don't fall for that. The only ways of improving security beyond RAW are through FOBs and RFID sort of things, which are established through RAW as GM plot devices. You don't even really have to go into the details of how they work. For example I think one of the SR mission adventures had some kind of RFID thing on one of the NPCs. If they players had it then they could access a main Ares system with piles of paydata, and without it they totally can't. Does that bend the rules a little? Yeah. But, you know, there was an RFID involved.
Well, page 320 of the BBB says under micro-transeiver 'this classic short range communications device is perfect for discreet operations'... and anyway, I would expect (just from what is written in SR4, keep in mind that I never experienced a previous edition, so I'm only going on what I read in the SR4 book and on these forums) that military and higher-level security forces would use the same stuff. I've only run street level games so far as a GM, so miltech enemies haven't come in yet, but when/if they do then they won't be using commlinks for communications. And yes, my street-level antagonists do indeed use commlinks with very low security - a hacker's paradise. I just don't see military personel in a world with incredibly skilled hackers (not to mention Technomancers) relying on something that is more expensive and not any more secure.

And I never said that it couldn't be intercepted, I said it couldn't be hacked... it can be jammed and listened in on, and its signal can be overridden with a different communique if the person doing it is really fast with the spoofing... but its not going to let someone waltz into your datafiles and get identifying information, contact numbers (for your team members if nothing else), and worst of all the id code of the commlink so that they can track it via the matrix, etc like it would if you had a commlink open. The changing frequencies isn't meant to make it impossible to crack, its an action to slow them down and keep the opposing force's communications countermeasures actions tied up - a slowing down tactic. Point being, if someone wants to frag your communications - they are going to succeed, so you might as well minimize damage. The easiest way to take out communications is to use an area jammer - but that takes out your own as well. Microtranseivers are cheaper than commlinks to get the signal rating high enough to defend against most low level jammers, and they don't introduce other security problems. If they get compromised, only communications get compromised.

As for the network security thing, I know that the BBB said you can turn wireless off... skinlinks bypass the need for wireless... so you get a wired connection to cyber through datajack, and skinlink to guns. I don't see how real world tech vs future tech comes into it... if you could tell me, I'd appreciate it.
QUOTE (Scope_47 @ Jul 26 2007, 01:47 PM)
... but its not going to let someone waltz into your datafiles and get identifying information, contact numbers (for your team members if nothing else), and worst of all the id code of the commlink so that they can track it via the matrix, etc like it would if you had a commlink open. 
Microtranseivers are cheaper than commlinks to get the signal rating high enough to defend against most low level jammers, and they don't introduce other security problems.  If they get compromised, only communications get compromised.

Good points. But you'll still need a max-security commlink. So unless you've got a hacker to program for you (or lots of time to program it yourself), you'd need to spend lots of money securing two devices. So in that sense the microtransceiver ends up being twice as expensive as one max-security commlink.

Also it's a simple thing to tone down your Signal for when you don't need to blast through jammers. I don't know if it's an explicit rule anywhere, but it would be true.

Of course in either case you'll need a cheapo dummy commlink so you don't get hassled in high security areas.

I'm pretty sure the idea of frequency switching is assumed to always be true for any comm device. Otherwise the sniffer program wouldn't be in the major class of programs, it would only be a simple police frequency scanner.
The future thing being that I believe there is no RAW rule for frequency hoping. And as a GM I don't want to deal with it. So I wouldn't deal with it, unless it was directly relevant for some reason I can't think of. I'd just say that the systems are designed to automatically hop off of crowded frequencies and have schemes for reaquisition. Sniffer systems therefore also hop.

Though I'd rather not actually explain it away like that, since some rule might get added later. But you get the idea.

That said micro-transevers have their place. If all you want is communications they are a simple straightforward way to do it.

Comlinks do offer some advantages though. Such as encryption (possibly) backed up by IC, along with the option to do map overlays and the like.

You can kind of game your GM a bit there though. The importance of maps and other positioning software can be circumvented by the fact the players are probably pointing at the map with their fingers and spending 10 minutes deciding what to do while their characters are on "pause" between the .25 seconds between a couple peoples actions.
You're absolutely right. But IMHO, its better to not have the commlink turned on at all when you're in, say, a Mitsuhama factory stealing a prototype whatyamawhosit. Its unnecessary so long as you use the microtranseivers, and you don't have to worry about that off-chance lucky/skilled hacker getting data off your commlink.

The commlink itself still needs to be beefy for the more day to day stuff like meeting a fixer/johnson, storing contact numbers etc. I just think its silly to have it vulnerable in a place you know for a fact will be out to find comms, track them, and attach nice bounties/wanted posters to the owners.

I know its an extra expense, but isn't it worth it?

Also, commlinks are from what I understand constantly transmitting. I just have a personal thematic issue with a covert ops agent who is being sneaky while constantly transmitting. Radio Silence is a good thing smile.gif
QUOTE (Scope_47)
I know its an extra expense, but isn't it worth it?

Oh now I get it, you're a security program salesman!

Excellent point about needing to turn off the chatty-and-full-of-incriminating-evidence commlink when you need to be super-stealthy. You'll need secure communications in that case so put me down for one max-security microtransceiver too. How much of a commission do you get? biggrin.gif

It's times like this when a mage with the Extended Mind Net spell is worth his weight in nuyen.
Well sunnyside I personally don't allow that type of meta-gaming, if your characters are in a time-sensitive situation then so are the players, you don't get to use OOC chatter as unbeatable, undetectable encryption combined with a time distortion bubble. (Don't get me wrong though, I don't demand "Real Time" battles either, but you do need to make your choices quickly and without OOC input.)
True, but the characters are experienced skirmishers, and players aren't. In real life, soldiers have all kinds of shorthand, jargon, hand signals, and assumptions that players just don't. So players would need 10 minutes to discuss tactics when their characters would just make some hand signals and broadcast "Attack pattern delta omega!"
That's a whole 'nother discussion and it varies from GM to GM. Personally I'll cut them a fair bit of slack early on, especially if new to the system. And then expect them to turn it up a notch as time goes on. But I'd be more leanient the better software they have for transmitting info.

And I rather enjoy some of the connectivity a comlink gives you. Such as hooking up your cybereyes and audio and transmitting what the face is doing inside to the party. Probably not the best choice for security it's true. But it's great for play at the table when other people can make perception tests, offer advice, or spring into action when needed etc.

Which is why I fleshed out the "IC in the encryption" rules (see other thread here). As that leaves encryption fast to decode, but also makes it effective.

By the way having that be common does NOT make things worse for hackers. When people trust their communications they generally put more across them. So it's plausable some sec guards might be using their comlinks to communicate and might be sending each other their locations in realtime, giving views from each others helmet cams etc.
Sure Buster, and if the players wanted to take the time to come up with pre-arranged attack plans during downtime and use their Free Action to broadcast an attack plan such as in your example then by all means they would be allowed to do so, (Hell with AR displays it might even be possible for a dumb trog to not frag it up.) but they still aren't getting to hold up the game to go over tactical plans in the middle of a time crunch.
I don't know, I like SR, but I'm not going to spend weeks running tactical drills. I'd rather have a GM who likes players spending a few minutes coming up with clever tactics instead of zerging all over the board.
Well personally I like the idea of trying to capture the feel of "life-and-death-in-a-spilt-second" decisions that must be the norm in the Shadows, which in my expirence amounts to more then just "zerging all over the board" and doesn't prevent the usage of clever tactics at all.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012