Hank
Oct 26 2007, 05:26 PM
Somebody must have thought this through more thoroughly than I have. I'd like to hear what people think of this scenario:
Hack Deckerson is on a rating 4 node browsing through e-mails; his meatbody is in a secure-room in some dumpy MCT warehouse. Somehow he attracts the attention of some IC, but, since it's the only security he sees, he crashes it.
Across town, in another secure room, a red light flashes. The alarm in the warehouse activated an optical connection, and the room full of MCT security hackers draw straws to see who gets to load up some binary doom and go geek the shadowrunner. In seconds, two security hackers and three rating 4 IC load onto the warehouse node. If the intrusion had occurred on a MCT node available from the public mesh, well, the security hackers in the next room deal with that one.
Wouldn't this be the corporate standard model? The only argument against I can see would be that the optical connection could be severed/tied into directly, but it must be activated from the secure-room, the cable is already there (i.e. free), and anyone who ties into it to go attack the security hackers....well, he's got some brass ones.
Oh, and I don't need to know that Hack Deckerson just isn't very bright. That I know.
Aaron
Oct 26 2007, 05:29 PM
This is precisely the sort of thing that I hope will be included in Unwired.
Dashifen
Oct 26 2007, 06:27 PM
I do this sort of thing now. Crashing IC, I feel, can be detected by the system. If nothing else, the system might notice that, all of a sudden, it's more responsive ... especially if crashing the IC raises the nodes Response attribute.
That being said, I suspect to see some oldies but goodies back in Unwired like Trap IC and Party IC. Probably rules for supression, too.
Regardless, I think it sounds like a good way to mix it up a bit with your hacker.
fistandantilus4.0
Oct 26 2007, 06:36 PM
Supressing crashed IC is definitely something I miss, and have decided to house rule in until it gets included. I miss psychotropic IC to. But that's just 'cause I'm mean.
Fortune
Oct 26 2007, 06:47 PM
QUOTE (fistandantilus3.0) |
Supressing crashed IC is definitely something I miss, and have decided to house rule in until it gets included. |
In what way have you chosen to implement this house rule?
Kyoto Kid
Oct 26 2007, 08:22 PM
QUOTE (Fortune) |
QUOTE (fistandantilus3.0 @ Oct 27 2007, 04:36 AM) | Supressing crashed IC is definitely something I miss, and have decided to house rule in until it gets included. |
In what way have you chosen to implement this house rule?
|
...well, in our group we basically do it the "old way" by holding back 1 die from the Hacking pool per IC construct suppressed. So yes if you go around crashing IC whenever you meet it (instead of finding more creative ways to get around it) your pool is going to suffer.
QUOTE (Dashifen) |
That being said, I suspect to see some oldies but goodies back in Unwired like Trap IC and Party IC. |
...party IC"? wooohooo, Kegger!
...uh what? Not
that kind of party IC?
Buster
Oct 26 2007, 09:23 PM
QUOTE (Hank @ Oct 26 2007, 12:26 PM) |
Somebody must have thought this through more thoroughly than I have. I'd like to hear what people think of this scenario:
Hack Deckerson is on a rating 4 node browsing through e-mails; his meatbody is in a secure-room in some dumpy MCT warehouse. Somehow he attracts the attention of some IC, but, since it's the only security he sees, he crashes it.
Across town, in another secure room, a red light flashes. The alarm in the warehouse activated an optical connection, and the room full of MCT security hackers draw straws to see who gets to load up some binary doom and go geek the shadowrunner. In seconds, two security hackers and three rating 4 IC load onto the warehouse node. If the intrusion had occurred on a MCT node available from the public mesh, well, the security hackers in the next room deal with that one.
Wouldn't this be the corporate standard model? The only argument against I can see would be that the optical connection could be severed/tied into directly, but it must be activated from the secure-room, the cable is already there (i.e. free), and anyone who ties into it to go attack the security hackers....well, he's got some brass ones.
Oh, and I don't need to know that Hack Deckerson just isn't very bright. That I know. |
I'm not sure if this thread is supposed to be about whether or not crashing IC would alert security, but I have some clarifications about your scenario that might help you.
A few clarifications:
1) There may not be a warehouse node at all. It may sound like a line from The Matrix ("there is no spoon"), but don't confuse physical addresses with logical addresses. Nodes are logical addresses that may or may not correspond to physical locations. The warehouse security cameras could easily be subscribed to a security systems node in some security company's headquarters in Tokyo.
2) You never have to subscribe to a node to access the Matrix. The mesh network known as the Matrix is considered to be ubiquitous and omnipresent (except in extreme cases such as inside a reactor core, in an abandoned mineshaft, or some specially sealed chamber). You may be bouncing your matrix connection through a microscopic wireless bridge floating around along with the dust on the floor, which in turn connects to a wireless bridge built into the glass in the window, which in turn connects to a wireless bridge on the streetlamp outside but you never have to say "I'm subscribing to Streetlamp#42435 in order to check my email and then go hack MCT's warehouse security cameras."
If you want to hack the cameras, you can try subscribing to them, then hacking their device defense systems (firewall, etc). If the warehouse was a closed system (wireless blocking spray paint), and they have some records in their computer system, then you would need to be inside the blocked walls to find some wireless access point to hack into the closed system to get what you want.
But if the hacker was just sitting in an MCT warehouse reading his email or even if he was hacking into an MCT system, MCT would never know anyone was there unless he tripped a physical alarm in the warehouse or they traced him back to that location with Trace IC.
Hope this helps.
Hank
Oct 26 2007, 10:57 PM
QUOTE (Buster) |
If the warehouse was a closed system (wireless blocking spray paint), and they have some records in their computer system, then you would need to be inside the blocked walls to find some wireless access point to hack into the closed system to get what you want.
But if the hacker was just sitting in an MCT warehouse reading his email or even if he was hacking into an MCT system, MCT would never know anyone was there unless he tripped a physical alarm in the warehouse or they traced him back to that location with Trace IC.
Hope this helps. |
This is sort of my question...I'll try to ask it more clearly.
Even on a closed system, wouldn't holy-hell erupt anytime an alarm is tripped? Forget the security hacker in the building...wouldn't MCT centralize their matrix security, connect to closed systems via hardwire, and have, effectively, a barracks full of security hackers and IC available to travel to any MCT node, be it a closed system or otherwise? It's not an issue of cost; skillwired wage-slaves are cheap, commlinks are cheap, and optical cable is already in the ground, I'm guessing largely unused. It's just an issue of security, and I think you could connect closed systems to distant closed systems via hardwire without compromising the security, provided the connection is controlled within the closed system.
So anytime you trip an alarm, a node wouldn't simply have active IC or whatever...it would be crawling with security hackers/IC, with frequent patrols afterwards, whether you're hacking a super-secure closed-system or just on the low-end, but closed, warehouse inventory node.
Obviously MCT is just an example...I'd figure every Corps would have this.
mfb
Oct 26 2007, 11:12 PM
no, because suspicious activity does not equal decker attempt. a wageslave could have forgotten his password, some third-party program might be improperly configured, or maybe it's the punkass son of the CEO having fun with some Matrix graffiti. corps automate as much of their security as possible. once any suspicious activity is confirmed as a decker intrusion, they throw out some hardcore security deckers, sure--but even then, not all of them, because their security deckers are too busy handling other security matters for all of them to respond to every little intrusion.
Redjack
Oct 27 2007, 04:29 AM
QUOTE (Buster) |
You never have to subscribe to a node to access the Matrix. The mesh network known as the Matrix is considered to be ubiquitous and omnipresent (except in extreme cases such as inside a reactor core, in an abandoned mineshaft, or some specially sealed chamber). |
It is important to remember that there is still an underlying backbone and the matrix is not just a mesh network. ergo it is not that extreme to connect to wired gateways.
QUOTE (BBB @ pg206) |
This network connects through numerous gateways and hardwired base stations... |
A mesh network suffers one basic security problem: man-in-the-middle attacks. While running an encryption program reduces this risk, it does no eliminate it. Intercepting Traffic [BBB, pg224] discusses this very risk.
I personally prefer to keep my subscribed devices in Signal rating in order to negate that risk.
QUOTE (BBB @ pg213) |
Note that for two devices to communicate with each other (as opposed to one-way communication), the devices must be within range of the weakest signal rating involved. |
The thing to remember is: the more nodes your signal touches the more logging that occurs. Running ghosted (ie Hidden; BBB pg211) keeps you from being able to receive calls and messages from people outside of signal range, but still allows the team to establish a PAN based team-net and control all subscribed devices.
Kyoto Kid
Oct 27 2007, 05:26 AM
...so basically what you are saying is to get to your matrix "destination" by hopping through various nodes, you leave a log entry at each node. In a sense, this is similar to leaving a datatrail that can be traced back?
Redjack
Oct 27 2007, 01:03 PM
I would say this is how I explain The Datatrail as presented [BBB, pg216] and methods to limit that datatrail (in addition to spoofing) from being able to be traced to you.
Seven-7
Oct 27 2007, 04:32 PM
In the real world you have to actually connect to routers before it takes any information from you, such as MAC address and IP.
In Shadowrun it seems that simply if your signal overlaps a node and your commlink scans it you leave a datatrail, as far as I can tell.
Buster
Oct 27 2007, 06:13 PM
I'm sure it's the same in SR4, it's just all automated. In non-hidden mode, your commlink will be autoconnecting all the time with every wireless transmitter it can find. It's really a brilliant system because the more transceivers you are in contact with, the greater the reliability and bandwidth.
Redjack
Oct 27 2007, 07:03 PM
QUOTE (Seven-7 @ Oct 27 2007, 11:32 AM) |
MAC address and IP. |
MAC (Media Access Control) address is the lowest identifier given to a NIC (Network Interface Component). A DHCP (Dynamic Host Configuration Protocol) server will assign an IP address and relate it to a specific MAC address. That IP then becomes the unique address (assuming a public IP is assigned) to the device. Even today, a MAC address can be software overridden (equates in the game to part of spoofing).
So a mesh network carries traffic indiscriminately across its public interfaces, keeping its private interfaces secured by a firewall. One great way to keep your identity from being logged everywhere is to compromise a node within your signal range and then shell back out onto the matrix. Think of it like telnet or ssh. Once you telnet/ssh into host #1 then telnet/ssh out to host #2, it appears as though you are originating from host #1, not your com link.
Voice/text services are based in some of the some principles as today, like VOIP & Dynamic DNS. Based upon a central provider being authoritative for you "phone number/LTG number" calls to you are routed to your current location on the matrix. That central provider can hold messages for you.
The cool thing is that it is all possible. It is also not perfect and the weaknesses can be exploited by a hacker (or a well stocked script-kiddie). The speed at which it can be hacked or encryption broken are the two points that with our current understanding do not seem plausible.
kzt
Oct 27 2007, 07:16 PM
QUOTE (Seven-7) |
In the real world you have to actually connect to routers before it takes any information from you, such as MAC address and IP. |
No, you have no control over packet routing from your PC to the destination once it leaves your local site. If you run one end or the other you can influence this set of choices, but you have no control over what the intermediate systems do. And every system that your data touches can make whatever record they deem appropriate.
The routing protocols make decisions as to how to get packets from your PC to the destination based on various metrics, like bandwidth reliability, hop count, cost, politics, etc, all encapsulated in the programing that weights them in various ways. And at each intermediate node this decision gets run again, with the preferences of the person or organization controlling how the router weights the various metrics. It can choose to just throw your data away instead of forwarding it.
At every step the router can suck out the data on your packets and do with it whatever it wants, like replicate it to an NSA collection site. But in fact, for >99.999% nobody cares and the traffic just gets forwarded without any records.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.