'Tis cool. It's just really easy to confuse my poor old addled brain when it comes to the Shadowrun Matrix rules.

Well I was coming from a GM "put this in my game" perspective. I suppose if you want my "this is legal under RAW and I don't care how much my hacker player cries" version, the following would probably do you.

Version 1: Elegent.

Response 6
System 6
Firewall 6

Analyse 6
IC: Pilot 6, Analyse 6,
Databomb 6, Stealth 6

Now we pit an elite hacker with 5's in all skills and 6 in all programs against this. Repsonse to any detection will be immediate shutting off of wireless by the commlink as a free action. The hacker will hot sim because he enjoys the rush. Public level accounts are disabled, meaning security or administrator, only.

Hack On the Fly: Hacker rolls thirteen dice, threshold 9 (security access). Average time to get in is three rounds. Average time to detect hack attempt is two rounds. Chance of getting in undetected is really low. Commlink will shut off the wireless before access can be gained.

If able to probe (again, lots of GM reasons handy why this could be awkward with a commlink), then thirteen dice, threshold 15 (security access). Likely takes four hours. Chance of detection, is only about 1/5. Hacker probably in. Chance of getting past the IC undetected, is about 60% in the hacker's favour. So overall, it's about 50:50 chance of being undetected. This time the data bomb is stealthed so the hacker has to detect it, which is around a 40% chance of success. If it isn't detected then the databomb will erase the data before it can be retrieved, the hacker will have to soak six boxes of damage and the commlink will shut off wireless. If it is detected, then the hacker has a about a 40% chance of successfully disarming the bomb (ties go in favour of the databomb due to needing net hits).

Cumulative chance of getting data with probing is : 80% x 60% x 40% x 40% = 8% chance of success. I call that pretty low, for an elite and well-equipped hacker.

But here is where we make the hacker cry with RAW compliant cruelty.

Version 2: Mean.

We make the above commlink an internal head-implant, connected to a separate comm via a touch link and all other connections turned off. The separate commlink has stats as follows:

Response 6
System 6
Firewall 6

Analyse 6
IC #1: Pilot 6, Analyse 6
IC #1: Pilot 6, Analyse 6

I wont bother writing everything out long-hand, but the chance of our elite hacker (better than the girl in the last example) making it through to the paydata and getting out undetected (via probing) is now about 0.8 x 0.6 x 0.6 x 0.8 x 0.6 x 0.4 x 0.4 = 2% or about 50 to 1 against. Like those odds?

The disadvantage with commlinks is that you're quite limited in how you can set up the security. The advantage is that it's not a big deal to turn the wireless off and shut out hackers with a Free Action.

As a GM, I would probably make more interesting set-ups for the sake of players, i.e. something that was less about stacked odds, and more about tracking them down and frying their brains, but does the above meet your requirements, Fortune?

I actually said that roving IC opens up new vulnerabilities earlier when I raised the issue. I don't mind you agreeing with me, but your tone suggests you think you're disproving something. The book suggests using roving IC. It's a technique that I use in some of my systems, but not something I usually make the back bone of my security model. I'm saying it's a viable technique, not the be all and end all of Matrix security.

You've misunderstood the point of my example. You said that IC should be stationed in a check point node. The customer zone, where they might file invoices, check their accounts with you or update sales orders of any number of other things, is somewhere that needs to be within your checkpoint. But it's obviously something that needs to be outside your main accounts and other areas. So you need a second check point after it. And then some employees have access to some areas inside, but not others. Very soon, you need lots of little checkpoints. Also known as - having IC on the nodes you want to protect. I said that I used checkpoints nodes to some extent, so please don't phrase things as if I'm arguing against their existence. My example was to show that in practice, it can't be the basis of your security model because the demands of security are too flexible.

And I disagree. I gave a good list of reasons why I thought that agents running remotely is permissable in the rules. If you want to discuss it, then go back to that list and pick apart each reason. Don't just state that it isn't, please.

Also, I disagree with you when you say that "Remote IC is the way to do things." I gave several disadvantages of this, It is one approach that has both positives and negatives. If you are trying to implicate me as having said that, then please don't because you've misunderstood what I'm saying.

The financial and realism implications of running your "hundreds" of IC programs I've already discussed. The idea that "most anything with a wireless connection" is a "rating 3" node is absurd. Especially if you're extending it to wireless keyboards and monitors which I'm pretty sure you are.

I tend to treat a whole bunch of networked terminals and server(s) as a single node as the rules suggest.

If this refers back to the issue of remote agents, then the point is that the agent is "present" in, is not the one running it. Does your browser cause a strain on the web server's processors when it renders a big graphic? Does your copy of Word cause a strain on the server when you open a document from the network and start laying out graphics in it? No in each case because the bulk of the work is done on your own machine and the server just passes out data and accepts some in return. Easy file manipulations. When an agent is requesting information from a node, or writing data back to that node, why does it need the entirety of its processes to be loaded up onto that remote system? If an agent can't operate on a node without running on that node, then how does it enter that node once it's successfully run an exploit on that node? Does that mean that they can never hack in on anything less than Admin settings so that they have permissions to boot themselves there? If a node can send VR data to a persona, allowing it to make decisions and carry out actions from its own system, then why can't it do the same for an agent? How can the node even tell whether its being accessed by a hacker's persona or an agent? After all, both might have logged themselves in under the same boosted username!

And thus you ignore everything I just said about maintenance, updates, legal recourse in the case of a security failure. Not only do you ignore these important questions but you invent a bigger problem of your own - stealing software! Ripping off latest Renraku IC package, bad idea for hard to trace professional criminal. Ripping off same software when you're a public company - monumentally stupid idea. Aside from giving infinite blackmail potential to the hacker who cracked the software for you, and giving every disgruntled employee, every business relation who visits your systems for a VR meeting and every AR script kiddie who tries to break in and gets booted off by Security Software Model #5567 a legal "destroy this company button," I say aside from that, the consequences of not catching all the trips and call-homes in the software are equally lethal to your business.

Well we just flat out disagree on this one. If a GM allows teamwork rules to apply to exploit tests, all participating personas and agents should be subject to counter checks. If they're to help with exploiting the node, then they presumably have some sort of interaction with it. I don't see them all gathered round one agent which pours forth the attempted exploit routines of a dozen agents simulataneously and passing back feedback and such to each of the agents in return (not to mention hacking on its own).

I think Ravor has already addressed the problem of multiple edit actions, triggering alerts, node shutdowns, etc. But for me the point is moot, because if the GM allows the agents to assist each other in an exploit, then they each have a chance to be detected and some will be.

A GM doesn't allow teamwork tests to apply to everything, nor allow an unlimited number of participants either. You can't make a baby in one month by getting nine women pregnant.

Well it stops them returning any useful data home, and I believe the word "shutdown" has been passed around a bit, by this point?

In other news: rains of brimstone, seas boiling, dogs and cats living together.

Very good point. It's funny how a single preconception can mess everything up. I immediately visualised some rich corporate exec and thus went straight on to assuming people were trying to steal data. You're right that the situation could easily be the ambush of some poor, now blind, samurai. Probably stick with the outer commlink with the dual analyze - detecting the intruder is the main thing. But swap in some heavy combat IC for your main link. You still need to protect data and the combat IC will do that, though not as reliably as the data bomb due to the possibility of sneaking past it.

The hesitancy to use more than Analyze with the IC? Well because we're looking at a very small system and I can't use some of the techniques that I use in more complex office systems, I don't feel that I can go head to head with intruders. At least not confidently .So I had to explore different tactics, the most obvious one being exploiting the (usually) more limited consequences of severing wireless connections. It's an option that's less available to systems with lots of people working on them and through which a hacker might have entered through a wired connection from another node or a terminal within that node. As I had a built-in beat any hacker card to play, I just wanted to maximise my chances of noticing the hacker - so as much analyse as possible. I did qualify both posts by saying that I would likely do things differently in my actual game. The comms I posted are pretty boring in game terms.

Would I do things differently were it my own PC? Sneaky question! Yes, I probably would. I'm not sure what exactly, but I'd find the posted set-up too dull. I tend to be pretty nuts as a player. I'd likely make good use of team-mates and set up something that took advantage of our group network. I would also be minimising the potential damaging data on my commlink and put some more emphasis on identifying and tracking intruders rather than security. After all, their stolen information wont save them when I ring the doorbell. You could expect my persona to be stealthed and tracking them. If dumb enough to hot sim, they'd be black-hammered whilst I traced their physical location. An agent I carried with my persona (both entering from a dedicated commlink for that purpose) would provide support in cyber-combat so hopefully provide some edge.

Why do you need a second checkpoint after it? Node A is guest access/checkpoint. It is connected directly to node B which is main accounts. You must go through A to get to B. Therefore, even with main accounts on a different node, your checkpoint is still effective. Employees with differing access can be solved by assuming your own people won't hack you, and maybe hiring a single spider (who would be in charge of the upkeep/maintanance of your IC as well).

They are permissible, they just affect the node they are running IN, not the node they are running from. Check the sentence I've quoted multiple times if you don't believe me.

Rating 3 is default. If it has a wireless connection, its likely to be rating 3. Therefore, most nodes are rating 3. If I'm running differeing programs in all those networked terminals, then you are rather forced to treat them as individual nodes, otherwise, you're saying I can't run individual programs on each of my devices. Why not count a shadowrunner as a single "node" equal to his commlink, regardless of how many devices are hooked up to it?

Yes, the browser does, because the server has to receive and process the request, validate it, seek the file on the hard drive, transmit the data, and receive an acknowledgement. For a better example, does running everquest on your computer cause a strain on the main game servers? I mean, all they're doing is processing the data your computer sends them. Your computer is doing all that hard work of drawing the pretty graphics. All the servers are doing is passing out data, and receiving data. Same with FPS game servers. They just pass data through, but do you cause a load on them? YES! YOU DO! Now, to get away from your real world analogies. Exploit allows the agent to get itself on the node somehow. Its an exploit, it lets it do what it wasn't supposed to be allowed to do. Nodes can't pass data to/from an agent like a persona because the rulebook says so.

Yes, I do, because all your legal doom&gloom talk isn't relevant to the situation. You're saying its not broken because corps can't do it. I'm saying a corp can do it, especially if they have their own coding division, or are extraterritorial. Either way, it isn't relevent to the discussion about remotely operating IC/agents.

Read the teamwork tests again. Theres no reason the agents can't subdivide out seaching for known exploit vulnerabilities. Theres nothing that says the helping agents can't just search out the information required to cause the exploit, and thats the nature of the dicepool bonus. The one making the actual attempt is the only one creating any sort of connection to the target.

Agent edits one in, that one logs in, edits in more, repeat. Exponintially faster.

How so? They have admin access. First action is analyze to see what alerts are triggered upon doing what. Next ones are to shut those alerts off. Also, the reason you can't reboot it from wehre the security center is, is because the agents delete the valid security accounts. Security either has to hack into their own system, or just pull the plug physically.

It's a bit more complex then that, because once you start changing the system load people are going to notice unless you are also editing whatever you have to in order to fool 2070's answer to "Window's Task Manager". And even if you are covering you bases that way the system you've blizted is doing something otherwise it would be offline, so you've also got to fool everyone into thinking that everything is still normal or an alert in the meat world is sounded.

Yeah, that's my point, it's silly to think that the Security Spiders couldn't hit a button in the meat world and shut-down the system from the security center, only a very stupid Spider goes toe-to-toe against a hoard of attacking Deckers/Agents instead of physically pulling the plug from the comfort of his chair.

"Assuming your own people wont hack you?" Wow! Wouldn't want to be the CEO that hired you as security admin. I wonder if HSBC bank use that approach when I want to check my account balance. After all, my data must be inside the checkpoint. Tarantula - you need a more complex security model than one well guarded gateway on the outside of your system. You need security systems (IC) present in the areas they are guarding.

Yes, you said that before. I disagree and my list of reasons for thinking so is still there. If you want to convince me you need to address why I'm wrong, not just tell me I am again and again. When I say remote agents in this context, it is obvious that I am talking about agetns that run remotely. I'm very familiar with the sentence you've quoted and it doesn't contradict what I'm saying.

I'm having trouble believing that you mean this. That you actually treat wireless keyboards as rating 3 nodes (rating 3 system, rating 3 firewall, rating 3 response). But that is an actual, specific example that you gave, earlier.

See, that's the sort of thing that's a little annoying. In the example I gave I compared rendering the graphical interface and images in the browser with retrieving a file from a hard disk. The first is much more intensive than the second and that is the point. Your attempt to make reading a file out to a network port sound like the big burden is on the server is unconvincing. If I can sit at home retrieving data from other systems and doing all the complex things at my end, why can't an agent do the same? An agent is very sophisticated. It must include a large amount of decision making software, libraries of routines for exploits, browsing, searching. Why does all that have to be copied across and done on the "server" end of things. After all, the agent can do all these things on a local node if accompanied by a persona and all the resource hit takes place on its native node. Why is that suddenly not possible because the user leaves that node and goes elsewhere?

Oh wait. This time you said it in capital letters. Your argument suddenly became more convincing. You know I can easily turn this argument around and say does the FPS cause a load on the client? Yes, it does. And more of a load, I'm pretty sure. So don't use that as an argument to say that agents have to be running on a remote node. When you say that "Nodes can't pass data to/from an agent like a persona because the rulebook says so" I disagree because that isn't what the rule book says. That's your phrasing. The rule book says that agents can be run independently by loading them on other nodes and then says if they're running independently they use the response rating of the node they're running on. This doesn't contradict what I'm saying and I'm also hard pushed to see why an agent suddenly stops being able to do things because it doesn't have a user with it.

You're rephrasing what I've said again. I'm not saying it's not broken because corps can't do it. It's not broken anyway. I'm saying that your neglect of numerous serious issues is unrealistic.

And there's nothing to say that they can. I don't need to re-read anything. There's nothing that says using teamwork to strip a car to parts can't involve one person doing the work and thirty people shouting at him about which nut to undo next. That's kind of the analogy of what you're suggesting for agent team work - only one actually doing things and the rest making suggestions. It's up to a GM what is required to participate in a team test, or not. But I personally don't see hacking a node as "searching for information on known ... vulnerabililties." And I expect most other GMs don't see it that way, either. I see trying to hack into a node as being a much more interactive process for each agent.

If I allowed teamwork tests for exploit tests, I'd definitely subject each participant to the node's counters.

You may be able to claim that each terminal gives you a ( Rating 3 ) Node, but considering the principles behind Fourth Edition, that would be including your wireless keyboard, monitor, and everything else connected to that terminal, and the printer, water cooler, ect are most likely ( Rating 1 ) at best.

And provided that you want your wageslaves to be able to get their work done you aren't going to want to host IC on those Nodes that would cause a responce drop, so you simply aren't going to get hoards of IC without buying additional hardware to run them on under knasser's vision of Agents.

And although I interpret things differently to Ravor and think agents can run on nodes other than the one they are present in, there are some good reasons why the agent horde isn't feasible, so I don't use them that way, either.

Love that "oddly enough." I obviously have that effect on people!

noonesshowmonkey - I'm happy for my post to go into the FAQ. If you want me to tidy it up a bit so it can stand alone, that's fine, but it'll have to wait until tomorrow.

-Khadim.

As I said, OR have a spider. I'm sure anyone who wanted any kind of security wouldn't be relying on IC alone. Thats what spiders are, they're your computer security consultants. And they would be your patrolling security.

"Agents use the Response attribute of whatever node they are run on; this means that the attributes of an agent operating independently may vary as it moves from node to node." SR4, 227. This is the reason they cannot do the same. This sentence. It says they operate differently.

No, they can't. Metahumans deck via simsense in VR. Agents don't have senses, so they can't use simsense. Obviously, they're forced to utilize some other method. Probably something along the lines of interpretting the raw data, instead of having it condensed down to a VR representation. An anology from the matrix movie, would be that while characters see the world as real, buildings, people, and all that, agents would see it as the 1's and 0's. Why? Because, its all just data to them, and its up to their programming to interpret that data. This is all fluff arguementation though, because the book says that the attributes of an agent operating independently may vary as it moves from node to node. You can say "No it doesn't." all you want, but that doesn't change what the book says.

No, it doesn't. Again, because there is a sentence in the rulebook saying they affect the nodes they're operating on. Which varies as they move from node to node. I understand your arguement is that if they're running on my commlink they are only connecting to the distant node. Nothing say that that is how it works either. The part of the sentence which says "may vary as it moves from node to node" is what tells me that when an agent connects to a new node (via valid passcode or exploit) it MOVES to that node.

Why would it weep blood? Just limit the agent's abilities by the response rating of the node he is in, for that persona only. If he's connected to node a with response. and node b with response 3. Then his persona in node a will be performing worse than in node b. Not very hard now is it?

Why have roving IC, when it can just have a persona in each node anyway. As you just said above. Besides which, by your example, as soon as the IC moves to the toilet paper ordering, by virtue of it having itself and its analyze program, the orderer freezes. So, the hacker gets frozen in that node too. That sucks.

You're right, make it each terminal instead. Those are described as being rating 3 on the table in page 214. How many office workers do you have? If you allow remote IC not to penalize the system they are running on, and only the one they are spawned from, then you have that many roaming IC, making hacking utterly worthless.

I like how you focused on my expansion of your example. All everquest servers do is pass data back and forth to their clients. All FPS game servers do is pass data back and forth to their clients. Arguably, the graphical representation of the games on the users end is more demanding than passing data, and yet, lag exists, and servers can become overloaded. But if theres no load caused, then how can they become bogged down? They can't, even if the load caused is small, its still a load.

Yes, a FPS client probably does cause more of a load on the client than on the server. But its not as if it causes 0 load on the server. It does cause some load, and its not negligible. You're right, the rulebook doesn't say that they can't pass data to and from them like a persona. It doesn't say that a node can pass the data to and from them like a persona either. It says they use the response of the node they're running on. Not the response of the node they were spawned from, or the node they were loaded from. The node they are running on. Which is where their persona is located.

Its far more likely for the corp to have the funds to get the IC defensive army than it is for a shadowrunner to have the agent army. If we're going to debate this, we have to assume they have it or can get it somehow. Otherwise, the point is moot because it never happens. In which case, the whole arguement is worthless.

"Probing the Target If you have the time to properly case your target, your hacking attempt is more likely to be successful and unnoticed. Using this method, you discreetly probe your target over an extended timeframe, identifying system flaws that can be exploited for access." 221, SR4. That says searching for info on known vulnerabilities to me.

Thats your call as a GM. If theres a teamwork test on first aid, I can easily see one person stopping the bleeding, while another preps an antidote, and the last is readying the bandage. But only one can actually access the wound at a time, the others just have things ready to go for him. I don't see why this can't be the same as an exploit test. Each agent is tasked with finding an exploit unique from the ones the others did. The agent hacking in then just tries them until one works.

I'd argue that if you're going to subject them all to the penalties, if they succeed, all the agents gain access as well. It goes both ways.

It's inevitably more expensive to have 24/7 coverage by hackers than it is to have IC in the areas you want to secure. Less reliable, too, I should think. I use roving hackers for very secure systems. But you're arguing against the use of IC which is a staple of Shadowrun. Say that roving security hackers are a good way to secure a network and I'll agree with you. Use them as some sort of suggestion that you shouldn't use IC in the important areas of your system and I will disagree strongly. So will the entire history of the Shadowrun setting.

You seem to think my disagreement with you stems from not having read the book. I think it's probably likely I've read it more than you. Agents are limited by the response of the node they are run on. That is what I said. What I also said was that the node they are run on is not necessarily the node they are interactiing with. Just the same as when you have an agent running on your commlink and you are in a remote node.

But they do. Every time you take a persona with you into another node that is exactly what is happening. You say:

How is VR the condensed version of the data? If a human in VR wants to see a collection of files, you get a detailed graphical representation of the files and you move them by graphically picking them up and re-locating them somewhere else. If an agent works by another method as you suggest, it'll be "get a list of files" as text, copy them with a "move files from X -> Y" command. VR is a lot more work for the node than simple protocols. That's going with your assumption that it is handled differently. I think an agent could be capable of handling VR representation if there were a reason to want that. Either way, the representation of the data that the node sends to the agent doesn't affect that a node can send data. We know that it can.

There is nothing in the main book that tells you to do this. You've come up with a house rule to patch things, but if an agent couldn't operate on a node remote to the one it is running on, then the book ought to give us official rules. Why can't another GM just say that it runs on the node with the highest response? And as to "not very hard now, is it?" tell me what you'll do when you have four agents overlapping on these nodes, and thus impacting the repsonses differently according to which they're run on? What order do you resolve the response impacts? What do you do when you have agents in some nodes and not others, creating overlapping Response degredations? I enjoy maths, but not necessarily as part of a role-playing game. There is a incredibly simple solution though, which is that the rules say you run on a single node and maintain a remote connection to the others.

Well the book suggests roving IC and I like to stick to the book. Also having it present in multiple nodes means dividing it's attention as it wouldn't be able to analyse intruders in the multiple nodes simultaneously or protect data in multiple nodes, etc. And there are limits in how many nodes you can access simultaneously.

That's how it works under your interpretation. Under mine, an agent can actually interact with the node. The hacker wouldn't be frozen in your example, however. The hacker is not using the response of the node he's visiting.

I'm not sure how this is an argument for agents needing to be run on any node they are interacting with. I used the example of a browser to show that I can access a remote system with a program running on my local machine. You then said that the server had to do work to support this, presumably to indicate that it was analoguous to the agent running on the remote system. But it isn't because the server's work is nothing to do with the actual handling and processing of the data on my local machine. I'm really not clear on how Everquest changes the principle at all.

The book never says anything like "nodes can't pass data to and from an agent like they can with personas" That's your own phrasing and interpretation. And a few lines down in the same post you say:

"discretely probe your target" and "identifying system flaws" sounds like interaction with the node to me. Trying things out, snooping, that sort of thing. Not Googling for a list of exploits. I don't think allowing one agent program to be the "voice of hundreds" for all of this makes sense. Nor does googling for a list of exploits. If that's the bulk of how you hack a node, then I don't see why it takes any time at all because every agent will have a complete library of exploits prepared and ready. Remember data storage is effectively unlimited in SR2070.

@Fortune I haven't forgotten your question. Just running too many programs on my node, at the moment.

Cool. As long as you saw it, I'm not worried, and can be patient.


... for now.

on this page for much of anything useful to be left...

Just thought I would lighten the mood and add one more useless post to the pile.

Such strange things happen on forums.

- der menkey
"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter."
~ Ernest Hemmingway

Why do you say that? The system can run an analyze program (obviously, since it gets analyze + firewall to defend against attacks). Its easy to set the system to send an alert to the security decker if it detects an intrusion. This has book validation on page 222. "Most nodes are programmed to automatically alert security personnel or the owner/user of the device when an alert is triggered. If the node contains security hackers (or if there are any on call), they will be alerted and will come looking for the interloper." The node could also load IC instead, which is also common, and avoids the response issue of having the IC constantly active in the node.

No, my disagreement is that you consider an agent that is interacting with a node to not be running on that node. The part of the sentence that says "this means that the attributes of an agent operating independently may vary as it moves from node to node." would be absolutely unnecessary if it worked as you mention.
SR4, 217-218. "When you are accessing a node, you may set your Analyze program to automatically scan and detect other users/icons on that node with a Simple Action. A successful scan will be reported to you. The program will maintain that task for as long as you are on that node or until you kill that process." Here, the words "accessing a node" and "on that node" are used to describe the same connection. This shows that accessing a node is the same as being on a node. This contradicts your assertion that an agent can interact with a node without being "on" that node.
SR4, 220. "If you don’t want to maintain a connection to that node, you can run a Browse-equipped agent (p. 228) instead." This shows that agents are able to run without any connection back to your commlink. You can run a browse program on a node with an open connection that can be traced to you. Or, you can send an agent to do it, with no data trail because its operating independantly of you.
If an agent operating independatly has no connection to your commlink, then it obviously is not operating utilizing your commlinks hardware. This is why an agent operating remotely utilizes the response of the node its persona is in. Because its not connected to your commlink in any way. When you are running them off your persona, you can utilize your commlink's stats, as there is an open connection, between your persona and your commlink.

The VR is a condensed version of the data because: SR4, 217, "Perception within the Matrix is entirely computer-generated. Because you do not actually see, you are reliant on your commlink and programs to tell you what is “around� you in the Matrix. The vast majority of Matrix activity (data traffic, background processes, etc.) is highly uninteresting and would quickly overwhelm your senses, so the bulk of it is filtered out." Yes, if a human in VR wants to see the collection of files, he instructs his commlink to show him those files, and it stops filtering them out. This branch isn't relevent to the discussion though, as its all based on fluff. So I'll stop exploring it now.

Agents can operate on remote nodes. By utilizing their response rating. Multiple personas just utilize the response of the node they're interacting with. 4 agents overlapped on node. I'll do a quick example. Say we have 4 agents, 1) rating 4 w/ 4 programs. 2) Rating 3 w/ 3 programs. 3) Rating 2 with 2 programs. and 4) Rating 1 and 1 program. They are connecting to nodes A) Rating 6, B) Rating 5, C) Rating 4, and D)Rating 3. All four agents connect to all four nodes. Since they're all connected to each node, each node is going to suffer the same penalty. Agent 1) is 5 programs, 2) is 4, 3) is 3, and 4) is 2. 5 + 4 + 3 + 2 = 14 programs. Node A) Takes a response penalty every 6 programs. And such takes a drop of 3. Node A) Runs at response 3. This limits all connected agents to a maximum effective rating of 3. Node B) Takes a response penalty every 5 programs. Thats a drop of 4. All agents are reduced to an effectiveness of 1. Node C) takes a penalty every 4 programs. Drop of 5. Thats more than it has for response, so it freezes. Node D) takes a response penalty every 3 programs. For a penalty of 5. More response than it has, so it freezes as well. Still easy.

The book equally suggests having security spiders on call. Otherwise, who is maintaining your roving IC network? I'd say most matrix security contracts would be a mix of IC to sound alerts, and track/hack intruders, as well as on-call security spiders. Your game, you decide what you prefer though. Both are equally valid in the book, and thusly I'd be just as justified to say only security spiders and no IC.

I agree that with your interpretation an agent could use the node. In my example, the hacker could not use the node. He wouldn't be able to connect to it even. Its so slow, it can't do anything, and as such, can't connect to him, or send him any data, nor can it interpret any of his commands.

I'll wait to further this branch until you refine your browser example after reading my previous points.

The first quote from me was in a previous post, you replied to it, quoting my post. I replied to that, quoting both your and my post. Then, you now say I contradicted myself, when after I read your point, I admitted that you were correct, and that the rulebook does not say they can't pass data like a persona.

And updates come out constantly. Any stored vulnerabilities would likely be worthless, and it'd be only the new vulnerabilities being currently discovered that would be usefull, unless you could find out what version is being run, and could use a known vulnerability for that version.

Also, you didn't address my point that if you're subjecting all the agents to the penalties, then they all get to access the node upon success as well. Do you agree with that?