How often does a node check for intrusion during a fly hack. The other way...says there is only 1 intrusion test. That imply's there are multiple in Hacking on the Fly..

Is there an intrusion check each time the hacker rolls on his extended test?
first roll 2 hits (intrusions test)
second roll 4 hits (intrusion test)
third roll 4 hits (breaks in) (intrusion test)

??

Yes, there's a check each time and they are cumulative towards breaking your stealth.

Both tests are extended tests. Think of it as a race. The hacker tries to hit the threshold for the hacking test, while the node tries to hit the threshold for the detection test. Each time the hacker rolls, the node rolls right behind him.

I will just add my other questions here:

#1. Ok I just have to set up this scenario and have you guys walk me through it. A team of runners sends this bad guy to a bar for a meat but while there they tell him to call them. Meanwhile one of the team strolls into the bar after he gets a go ahead from his teammates that he is actually there. No the teammate at the bar wants to locate the bad guys commlink, get the access ID, intercept his signal and see what the bad guy has on his pan and listen in on the phone call the bad guys makes after hanging up on the runners. What does the guy at the bar have to do? Assume the bad guy has his commlink encrypted??

-locate unknown hidden node (what qaulifies as a known node so its only threshold 4? knowing its a commlink or having the access ID?). What do you learn at this point? Do you learn mr bad guys acess ID or name or anything just from looking at a node? or is all that encrypted still?
-would you call for a matrix perception test to be able to get info from just looking at a node or is it readily available/encrypted?
-Decrypt node. Now you definately know his acess ID, name, sin and stuff right? Or would you call for a MPerception test now?
-intercept. Now you can see everything communicating with his commlink, but you only see whats being "said" you cant look inside the commlink to find out his schedule, files, the code to the lock on his car or house, you would have to hack your way in for that?
-last step is to start hacking or spoofing or just keep listening?

BBB says encryption may have a layer of ice on it? I have a very hard time seeing how that works. When does it activate? When you try to break encryption or when encryption is broken?? What does it need? Analyze to see it?

#2. When you locate a node, do you know where its at if its around you.

#3. How in the hell does one know they are being tracked in order to know when to run a redirect program?? Obviously thats standard op when hacking into a node. But what about when your not hacking and someone is trying to find you unbeknownst to you. It doesnt say anything about how agents/sprites(analyzing for trackers) or you would know you are being tracked.

thats all for now.... Im about to dig into agents and actual hacker vs combat, then on to drones. I've read through all this before but this is my second read through cuz im making a cheat sheet, and it all seemed pretty easy to understand this time around lol. Atleast this time I can more fully comprehend what a node is and stuff.

#4. Oh that reminds me... Are intercept tests just a threshold test or an extended test? If you dont get 3 hits you fail and you start over from scratch right?

I dont know jack about communications networks and stuff, nodes and signals seem a little backwards to me. I think it sounds more natural to find a signal and then use it to find a node. This would be cool because then you can goto a bar, scan some people next to you and spoof your signal to look like theirs. Then when somebody trys to find you they might see 2+ signals who all have the same ID, then they would have to go through and figure out which one you really are. I'd call it piggybacking. Currently you find the node first and then you find the signal... that seems a little to easy.

Ok its a known hidden node so the scan threshold is 4 (minimum), if the bar is exceptionaly crowded it could be higher. If there's only 3 other people in there, and they're all running everything public its going to be 4. You now have the stream...

Now you need to decrypt the stream (threshold excrypt x 2), this is an extended test.

Now you can apply your sniffer program (threshold 3)

You will have nothing but his communications, no access to anything you'll have to hack into his commlink for that. You can spoof things trying to pass off as one person or the other, or just settle in and listen knowing that it is impossible to catch a wireless sniffer. As to encryption having IC, wireless won't have IC, because it doesn't have a node to reside in. Encrypted files will have IC or data bombs hiding in them.



To save extra Matrix Perception tests, I would say yes if you are trying to intercept a signal thats across the room from you. The additional threshold on the scan program is how you make it more difficult to find the one.... On a glitch or critical glitch I might give them "a signal" but it wouldn't be the correct one. If its a random node, thats what the track program is for.



You have no idea you are being tracked... It sucks. Whenever you're doing something maybe spend a pass to do a redirect, or if you're done and fleeing from a node, spend 2 passes redirecting. My technomancer wasn't thinking once, and wasn't doing any redirects... He's now living in a different neighborhood. Most hackers/IC/whatever will track you before engaging in combat, unless they plan on Black ICing you quick to lock your connection. But if a hacker seems like he's going to be there for a while, track then attack.



Check out my webpage at the bottom for a Matrix cheat sheet for a list of actions and thresholds, or Knassers webpage for examples of nodes



Since its only 3, I think its just a threshold test, any net hits go towards the Matrix Perception check to find you. This is only if you are intercepting within a node, so doesn't apply to wireless signals.
EDIT: I guess its not net hits over 3, its just straight hits for the Matrix Perception to locate a line tap.

So let me take a shot at a few answers (we are running it freeform, check me on RAW if you want to):

Lets simplify your example first: You want to access a hidden, encrypted node. Specifically, you want to listen in on the nodes communication, and access to the nodes PAN.
1.) You are searching for a specific hidden node, so the threshold is 4, possibly increased by your GM for the number of nodes present in the bar.

2.) The node cannot be encrypted. The node is at max. in hidden mode because it is a comlink activly used for communications. Only files and connections can be encrypted, and only private nodes can be limited to encrypted communication. Yes, the book says you can encrypt a node and does not give further info. If your GM rules otherwise, you indeed decrypt. (You would do so anyway if you only wanted to intercept the signal.)

3.) Decryption gets you past encryption. Duh! You can intercept the signal of the target comlink by rolling EW+Sniffer(3). The wise move for this would be to intercept and record first, decrypt second. The way of RAW requires you to decrypt first.

4.) If you want a PAN device listing, you need to hack the comlink to get in on skinlink, DNI and wired connections. We found the node in step 1. Exploit (will require hacking on the fly unless you plan to be there several hours). RAW suggests Comlinks have only admin access (words fail me whenever I think about it), so any high-rated comlink will detect you, unless you are a TM with double-digit stealth. We have to exclude that factor first: Analyse. First hit: matrix ID (should it be needed for spoofing at some point), Second: Firewall Rating. Third: Response Rating. Assume the node has analyse running at Response. (The only information you get without analyse is what the nodes broadcast, and that may be made up). If you can likely beat

5.) Iced Encryption is not detailed by RAW. The way I would handle it: You access the file (as in "Decrypt"), the IC rolls Matrix Perception(your stealth, 1 turn). This would apply on file and node encryption only, network decryption should not be noticeable because you can intercept signals without being noticed, and decrypt those until the result is not gibberish.

6.) You apparently know the location of traced nodes - if your opposition is wireless, a general search for hidden nodes may be generate quite a bit of information on their gear.

7.) A trace is only indirectly noticeable. If IC enters your node, you should immediately analyse it. First information: Program load (no ratings). If trace is among those, you will be traced. Notice that Relocate trace does only provide a small delay (the ice will have more successes on the search than you have net hits on the relocate action), and even less of a delay if you have less IP than the IC.

8.) Intercept Signal is fortunately a success test.



Well, you can intercept any signal without knowing one of the nodes. Those would need to have a matrix ID (no WAN without adress headers), so you could indeed copy a random ID from a present signal by spoofing it. I have great hopes and some fear for Unwired...

Im sorry I should have specified, This is about a wireless intercept. I've located a node, i've decrypted it. Now Im trying to listen in on it. EW+Sniffer(3). I just have to keep rolling until i get 3 hits in one shot, or is it extended where i can get 1 hit and then 2 hit and im in.

Hey sorry ryu was typing the same time as you and didnt see your message first.

-ok both of you guys said that it would be threshold 4 because i know what im looking for? But what does my character know that makes it known. All my character knows is that one of these mofo's with a commlink is the guy. Thats all it takes? No Access ID.

-You guys didnt clear this up for me yet... When during that whole process above would I learn
A) the guys broadcasted SIN and related info
B) his access ID ( Phone # right?)

-When you are sitting there in front of a node do you know what it is a node for? A commlink, a coffe pot, a hardwired matrix point? When a commlink node say: "Billy Bob's commlink". Or is that like irrelevant, If i just look for billy bob's node and i pass the test i have found it no if's and's or buts.

- pg239 says jumping into a drone is a Complex action and on the same page its also a Simple action so which is it?

- Jamming as an attack method. I can put a directional jammer on a drone and then it can use a complex action to target other drones or nodes and try to jam them? There's no rolls involved to help it succeed? Like Pilot + EW vs targets Signal + ECCW. Each net hit improves or decreases the jammers rating for the actual jamming test. Jammer vs signal + eccw, if jammer wins node goes offline?

Fixed by errata ( http://www.shadowrun4.com/resources/sr4/sr4_errata_v15.pdf )



so it's a Simple Action.

Jamming is pretty simple:



You jam something, if it doesn't have a signal + ECCM > your jammer's rating, it's out. No rolls.

1. First thing to do (as you indicate above) is locate the commlink. This would be an Electronic Warfare + Scan extended test with a variable threshold based on the number of other nodes in the area, how much they know about their target, and what PAN mode its running in (i.e., active, passive, or hidden). This is a test where I highly recommend using the optional rule that you can't roll more times in the extended test than the dice in your pool making it difficult to find hidden nodes from among a larger group. Personally, I'd make this threshold quite high (15+) assuming the target is reasonably paranoid about detection.
   
2. Once they've found the node, they'll need to decrypt the information they can read about it. That's a Response + Decrypt extended test with a threshold of Encryption Rating x 2 and an interval of a Combat Turn. Yes, this means that they'll be able to decrypt communications probably faster than they found said communications in the first place.
   
3. Here's where one of two things could happened depending on the GM. Some GMs might force the searching hacker to perform an "Intercept Wireless Signal" action (Electronic Warfare + Sniffer (3) test) to indicate that they've "locked-on" to the communications coming from the node they just discovered. Others might assume that by discovering the node, you've already performed enough work to intercept the wireless traffic. Personally, I'd forgo this test in the interests of time unless the express purpose of the hack was to listen in on communications (which, I notice, you did indicate above).
   
4. Getting the Access ID would be a simply Computer + Analyze test. I would combat this with Firewall (+ Stealth) if their commlink is in passive or hidden mode. With that Access ID they could spoof his traffic if they need to.
   
5. I, personally wouldn't give you any information on the guy's PAN unless you hack your way into it. Once you hack it (using the Hack on the Fly rules, probably), I'd let a Computer + Analyze test (in other words, Matrix Perception) give you information about running programs, the rating of the device, subscription lists, etc. A Data Search + Browse test would give you details about his recent email traffic, maybe his favorite hang outs, etc. If you get information about his subscription lists, you could use Tracking or Detect Wireless Node actions to try and hack his friends, if it would be important to do so.

I take that to mean the the Encryption might be being performed by an IC program. In other words, an Agent program with a payload of Encrypt, Analyze, and an offensive program (Attack, Blackout, or Blackhammer). This IC could detect the attempt to decrypt the signal that it's encrypting with a Pilot + Analyze against the hacker's Electronic Warfare + Stealth. Be aware, this is just my interpretation. It's left intentionally vague so that GMs can come up with interesting hacker tricks. I expect Unwired might have more clarity, but until then, this is how I've run it in the past.



If you Track it (p. 219, SR4) you can find out information about it's location.



I usually run it as a System (+ Analyze) test. This would represent the system of the device realizing that someone is attempting to track it. The threshold for this test is the Hacker's Stealth rating and I accumulate hits just like Hacking on the Fly. Thus, it's possible for a hacker to track a target before the target becomes aware of the track depending on (a) the rating of the Hacker's Stealth program and (B) the DP for the hacker's Track action.



It's a success test with a threshold of 3. If they fail, they can try again, but remember the rules on p. 59 which state:





It's only easy if the node isn't hidden and protected. Then, the threshold for the Detect Wireless Node test should be 15+ as indicated in the book. Thus, it might not be possible for a hacker to find the target node before they run out of rolls, unless you don't limit the number of rolls in the extended test.

I think my post above clears this up, but I thought I'd make sure: I wouldn't give you any identifying information about the guy's system until you've detected the node and decrypted it. This doesn't require an Intercept Wireless Signal action as that's specifically to learn about the traffic on the node, not the identifying parameters of the node.



I use glitches during detection tests to point hackers at the wrong target. Sort of like false positives during a search. However, whether or not a commlink (or device) responds to a request for information is largely dependent on it's current PAN mode. Someone in Active mode would probably respond with a short message indicating that you've connected to the right node. However in passive or hidden mode, that may not be the case. Since this bad guy is in a public area and, conceivable, being careful about detection, he's probably running hidden. In that case, I'd require a Computer + Analyze vs System (+ Stealth) to determine if you've acquired the right target. If it's a simply device like a toaster, then I'd forgo the Opposed Test and just make it a Success test with a threshold of 1.

If you do not know which guy in the bar is the bad guy, then the threshold is 15. Otherwise you know its the third guy setting from the end. You're simply looking at signals around him till you find the one that is actually connected to him. He's obviously having an AR conversation with someone else, so of those connected to him, you need one that is carrying alot of information out of this room. The low ones are not actively in use, and the ones that don't extend out of the bar are probably him looking at the drink menu, or the newspaper. This is of course all fluff, and just painting the picture of how scan works. The adjusted threshold is used to handle this over abundance of information.

If he's running in public mode, then you have his SIN information at least as much as he wants known, and then your scan threshold drops. If he's running private or hidden then you will need to crack his commlink first, though you will probably have his Comm # just on the scan, since you have found the node. Perhaps run a Matrix Perception to get the commlink number off a node (with threshold based on operating public/private/hidden), would probably be a better way to go about it.

Thanx guys.

-about the pan info. If I intercept his wireless transmissions, I should be able to see what all his commlink is talking to just from the info passing through the air. I know its not as much as hacking his commlink and seeing everything first hand, including the stuff he has skinned and any other things but its something.

-tracking. Yes you can go the tracking route but thats more of a Im on this side of the planet and the target is on the other side. And you narrow it down to within 50 meters. Im talking about ok im standing in front of a building facing the street and I locate a node with my own commlink's signal range. Theres no way to tell if its to my right or my left? I do not like that section of tracking. I think it should be super easy to triangulate node positions no matter your proximity. Agents can open multiple nodes.... hmmm.

If you intercept transmissions you can get any information that is transmitted. So you'd be able to listen in on commcalls, you could probably see if he's browsing for data on the Matrix, maybe even detect if he's running a scan of some kind on the room. It is less information that a full hack, but you're right: it's better than nothing



I disagree ... I always though of track as a triangulation. That or, alternatively, of following a signal to its origin and then triangulating your own from there. Either way, trigonometry is involved somewhere!

No rule for this, but if you just want to physically trace a signal (assuming you're connected to it directly and its not being bounced through routers and repeaters), then I'd probably let someone make a significantly reduced tracking check. Probably threshold 5 to get general direction, and another threshold 5 to get distance. These are just numbers thrown out.

Everyone hops in the jeep and takes off, hacker tracing for direction, while every now and then checking to see if you're closing the distance. That could be pretty nifty if you want to hunt down a hacker or person who's moving, vs setting VR simmed in an apartment. The two commlinks would have to stay within the (lowest of the two) signal range, or you'd loose it. Hacking car chase..

Ok I got some good questions now.

-Is there any problem with encrypting a node, and encrypting files within that node? Or do you guys do the all or nothing? If you allow encrypted files within an encryption then what about individual files?? Each transmission going out from your commlink?

-First Example is a Drone. Ok I located a node, I hacked into the node, I Data Search + Browsed and found the user accounts. Now I can just Hack + Edit and change the admin to me?? There is nothing to stop me? Even if an agent/sprite spots me editing the account whats it gonna do? I could then try to sever the agent/sprites connection with a firewall+system vs hack +exploit test?? Do I replace firewall or system with my own attributes? Or do i just give that command to the node and it does it.

-What if im hacking a system. Once I find the user accounts. Is there anything beyond a simple hack + edit test to prevent me from adding/deleting security or admin level accounts? Do you guys turn that into an extended test? Against what? Is that auto-shutdown?

Encryption as long as its running covers everything. I don't think there's any Encryption over Encryption.

As long as you hack into the drone with Admin status (+6 threshold) which would have access to admin records than yes.

Agent or Sprite wouldn't have a connection, since it would be loaded onto the node, you'd have to crash it.

The drone will operate on its own Firewall and Pilot (System equivilant), even after you hack it. Its trying to sever the connection, not your commlink, so you would also command the node.

Hack + Edit would be adding or deleting...
Everything past this is my own idea on rulings, take it or leave it
...hits would probably be the threshold for a Matrix Perception to notice the alteration. Once found it would probably be deleted. Most systems will probably run routine log checks to find inconsistancies, so this might only stay open for a day or two at most when hacking into a corporation. A drone, once you get a hold of it, you can perform the proper formatting, reloading, whatever to make it permanently your own (don't forget to remove the RFID's). A commlink you might be able to stay on for days or even weeks before it would clean. [/Non-Canon]

Depends on the table, the group, and the game. There's certainly no reason you couldn't do this. You could also say that everything is individually encrypted, but the idiot security hacker encrypted it all with the same key which would mean that it's an all-or-nothing situation. But, for more (or better) security, you could encrypt different portions of a system with different keys (essentially different passwords for different important documents) and then force invading or snooping hackers to perform multiple decrypt actions. About the only thing I wouldn't do would be to have multiple encryptions on the same file since it's starting to get silly at that point and the rest of the players might be tired of watching the hacker roll dice.



I would say this depends on the access level that you hacked at. A normal User may not be able to edit the drone's subscription list and change its admin accounts around. I probably wouldn't even let a Security account do this. What your describing is an administrative action and, thus, would incur a +6 to the hacking threshold. A good hacker will still get in, but probably not before an alert is fired. Plus, I'd block the edit test with the a Firewall (+ Analyze) test, personally, indicating the fact that the system will try to protect such an important resource. Similar to how Windows will warn you if you try to modify a read-only file. Don't forget that if an Alert was fired, the Firewall gets a +4 modifier. That makes editing the accounts a little harder.

If the system spots your edit, it could stop the edit from happening. It's definately going to alert the rigger who runs the system. If an alert had not previously been in place, the system would go on alert. The rigger controlling the drone would probably log on and do his best to defend his system. And, since you've hacked into the node, he could engage you in cybercombat if he can find you. Hell, if he's smart, he engages you in cybercombat in one node while telling his Agent to track you back to other nodes in which you're active and then jumps you there, too. This is really bad news for the average hacker (even the exceptional hacker) since you can only act within one node at a time but you can get attacked in multiple nodes at once. I've dumped a few hackers off the matrix with this little trick. I've yet to get my current Technomancer character with it, but then again doing so might also kill the TM so I'm a bit conflicted about how nasty to be.

If you successfully get control of the drone and wrest it away from its owner, you wouldn't replace its attributes with your own. Drones, as independent devices, have their own Matrix attributes. Usually, for "normal" drones, their device rating is 3. Security/Military drones have a device rating of 4. Plus, Arsenal and SR4 provide guidelines for upgrading these systems for safer or more secure drones. Regardless, the attributes would stay the same and you could command the drone exactly as if it were your own.



This is mostly up to the GM of your game. Again, I'd require the hacker to have hacked Administrative user access (+6 to the hacking threshold) and then I'd require them to edit the files appropriately. If they get away with this, then they could have created a legitimate account for them to use and potentially even cut out other users of the system. However, I would at least consider the possibility that there are Agents (or maybe event Sprites or AIs, depending on the game) that would have access to some devices in the system and would periodically connect to a device to see its status. If you cut off that access, its conceivable that a person would go to the device to perform service on it. In other words, I probably wouldn't let this sort of hack last forever. It's a good idea for a short term need, but eventually someone is going to notice that they no longer have access to the device and take steps to solve the problem.

Cool, cool. Guess im a sexpert now on the matrix!!!!

Everyone is

Thats the (dis)advantage to the matrix rules, they're so ambiguous everyone is an expert.

I'm not!

Ok i think i found the hard part to the matrix lol. All the tests and what not are a piece of cake to actually figuring out how persona's and programs interact with nodes.

Hmmm ok first lets talk about persona's, programs, node/systems and response.( dont worry, no im not gonna ask about death spiral.)

Lets give our hacker R4 across the board on his commlink and programs.
1 agent: Pilot 4, Firewall= pilot 4, Response = system's response, System = Pilot 4
Our node/system will have Response 4, Signal 4, Firewall 5, and System 3. (is signal even worth mentioning for systems/websites?)
1 IC: Pilot = system 3, Firewall= pilot/system 3, Response 4

Ok..Our hacker easy breaks his way into the system unnoticed or atleast it appears that way. He was running Exploit 4 and Spoof 4(redirect) which is only two programs so no drop to his Response. Those programs are running off his commlink so they have no effect on the enemy system right?? The system has IC though and even though it hasnt spotted our hacker*wink* it does affect the enemy system. It is running Analyze 3 and Track 3 and isnt affecting anything.

Our hacker wants to dump his agent in the system and let it get its freak on so.... he spends a complex action and loads:
1 Agent(garbageman)
Browse 4
Sniffer 4
Edit 4
Analyze 4

Our hacker also takes a free/simple? action and unloads Exploit and Redirect. Our agent is in the node so he doesnt count towards our hacker. We are running 4 programs so the hackers response drops to 3. 4 programs = system = -1 response.

Garbageman right off the bat is Pilot 3, Firewall 3?(its software?), and response 3.
After it copies our 4 active programs it becomes:

Garbageman: Pilot 3, Firewall 3?, Response 2 (4 programs> system = -1) and has the programs:
browse 3
Sniffer 3
edit 3
analyze 3

I guess our hacker shoud load up Command, Attack, and Armor also..that only brings his total programs up to 7 so he still is only at -1 response or 3.

Now garbageman the IC and the hacker are all on the same node but it doesnt effect the systems reponse because the hacker is running off of the system, so that only leaves 2 other programs which is less than the system of 3. But if there was another ic program or our hacker loaded another agent it would make the whole system drop to response 3, possably alerting the system but forget that...

Hacker Commands garbageman to start seeking out employee accounts and to start wiping them out randomly(we hacked in with security/admin clearence).

Garbageman fly's off and starts browsing sniffing and deleting employee accounts

Hacker begins to analyze the IC in the node....................................
-------------------------------------------------------------------------------
Is that all right so far??
-Does Firewall and system of an agent/sprite get limited by the node's system rating?
-If Hacker unloads, browse, sniffer, edit, and analyze that means the agent can not longer tap into those programs right?
-It doesnt matter what node your agent is in he always has access to the programs you have loaded up?
-Wait how does that work when you leave an agent online and you log off ?? Shouldnt he lose all of his programs?
-Agents that you unload onto a system, those are actually copies of the main agent program right? It doesnt matter if they get destroyed or whatever? Wouldnt it be stupid to leave them behind, couldnt they be used to track you down or is that only when you are online?
---------------------------------------------------------------------------------------------

Next up are drones.....the stats of a Lonestar I-ball are:
Pilot 3, body 1, armor 0, sensor 2....these are stats for moving around and controlling it...
Inside the drones node though it would look like........
Pilot 3, System 3, Firewall = pilot 3, Response??

I figured out where firewall attribute comes from but where do you find out their Response? Do you go across the board?

1-Firewall is never limited by system. Agent's have their own system rating that I believe is only limited by the response of the node. So you could have a much higher rating agent on a lower rating system (never thought about that before... but it works)

2-If those programs are loaded into the agent, the agent has access to them, and will take them to the node with him. But the hacker wouldn't have access to them... At least from a basic reading of the book thats what it looks like since otherwise the part of having to pirate software wouldn't make much sense.

3-He has access to the programs loaded in the agent.

4-Again, programs are loaded into the agent, he has them, not you.

5-There can be only 1, unless you take the time (and your GM allows you), to copy the agent through pirated software... IE Agent Smith. The can only be used to trace you if they are constantly feeding you data. If you load them and tell them to run locally and wait for your return, there is almost no connection to you... Of course if you bought said program, it probably has registration codes/ids that could be used to find out who purchased the software. Just as leaving your car at a run site would probably be a bad idea.

6-For the I-ball, assume Response is equal to Pilot, since Pilot cannot exceed Response. Though combat drones I believe should have a Response (Device Rating) of 4. These would only include drones that come with weapon mounts already equipped, and some military vehicles.

A pilot's System rating is equal to its Pilot. So in this case, your Agent has 4's across the board with the exception of its Response which is equal to the Response of the system on which it's running. 'Course, if it's running on your commlink, then that would be 4 .



Signal is important for determining if a person is within range to hack. With a Signal of 4, the character could be out of range or might have to hop from his own node to another node and then finally to the target node (or more hops limited only by one's subscription limit). 'Course, this becomes dangerous if you're tracked since you could be assaulted in any one of those nodes.



I'm not sure if you meant Spoof or if you intended to mean Stealth. When hacking, the threshold to be noticed by the node you're hacking is the rating of the hacker's Stealth program. Thus, you'd really, really, really want to run it while hacking in and probably thereafter. Plus, you can only perform a Redirect Trace operation during an active track of your system, so trying to do it while your hacking doesn't make sense in this case.



Correct.



That also seems okay, but since the hacker wasn't running Stealth, above, it is highly likely that the IC has found him.



Unloading a program is a simple action. The book refers to it as a "Deactivate Program or Agent."



Yup. Agent Firewalls are equal to Pilot.

I ran out of quote blocks (interesting, that) and I couldn't post it all at once. Here's the rest:




Again, looks good to me.



Here's where things get a little screwy. Your Agent is currently attached to your personal (judging by your tally of programs listed about (7: Command, Attack, Armor, Browse, Sniffer, Edit, Analyze). It's arguable that you should be at 8, which is the program of your Agent itself. Meanwhile, the system is running only its IC an the IC's payload.

Now, according to the FAQ you get this:



That means if your Hacker is not intending to use Browse, Sniffer, Edit, and Anlayze (the four programs that are the Agent's payload) then these don't have to count against your limit. That would mean the hacker is only running Command, Attack, Armor and the Agent. That's still 4 which still reduces your Response (and therefore System) by 1 and reduces the effectiveness, overall, of your programs. Of course, if you unload the Agent into the system, then you'd no longer be managing that program and you'd be at three proggies, which is less than your response and everything is good to go. Incidentally, you still might want to be running Stealth at this point since IC right now only needs 1 success to find you if it's on patrol.

1. I've always assumed this: the system is limited by the response of the Agent, which is, in turn, equal to the response of the node on which the Agent is running. However, since the FAQ has told us that Firewall is not a program that is limited by the system of a device, I assume that Firewall is also a program that is not limited by the System (Pilot) of an Agent. Thus, an Agents System and Response may fluctuate during a hack, but it's Firewall will remain the same.
   
   
2. Nope. If they're loaded into the Agents payload (see p. 228, SR4) then the Agent can maintain the programs itself and the hacker doesn't need to run them at all unless she wants to use their capabilities as well. This was clarified in the FAQ (quoted above).
   
   
3. I'd only let the Agent swap programs for those that the Hacker is running if that Agent is still being used as a part of the Hacker's persona. If the Agent has been unloaded into a separate node, then it won't be able to as easily use the Hacker's programs.
   
   
4. See above answers ... if you log off and leave an active agent online, you better have given it copies of your programs to run as its payload. If you didn't, then it's just an agent with its Pilot rating and it's probably going to be toast.
   
   
5. That depends on the GM, probably. In my games you can't just spew forth copies of the same agent software. If you send your agent out in the greater universe of the Matrix then you can't whip up another Agent and send it out again to do something else. In other words, each Agent program you have represents a specific and unique entity that you can use. 'Course, if you crack the Agent program (those rules are also on p. 228) you could then make copies of it which would be independent Agents.
   
   As for getting crashed, I've personally always run it that if an Agent gets crashed on a different system, the Hacker has to go get it if she wants to use it again. That's my interpretation of the rules, however, and we've had some 15+ page threads on that topic alone. Also, I use glitches by Agents in cybercombat to reduce it's rating and (similar to the new Armor degradation rules in Arsenal, I suppose) so that Agents aren't indestructible and sometimes someone needs to buy new ones.
   
   If you leave them behind and log off, then they're acting independently and there's no way to use Track to find the Hacker. However, nasty GMs might use other system tricks to figure out what account loaded the Agent onto a node. That's why a quick Spoof of the datatrail (p. 224) is sometimes nice or even an Edit test to change the logs on the system (which could (should) be protected by said system).

Drones have device ratings listed on page 214. Normal vehicles and drones (probably like the iBall) have a device rating of 3 giving them 3's across the board. Security drones have a device rating of 4, and military-grade drones have a 5. All of this, however, could be customizable depending on the GM. I allow customization of commlinks and devices and whatnot at character generation provided the character has the appropriate skills needed to do so. Other GMs may not.

@nightwalker:
Everything you said sounds great except the part about agents and their payloads. pg228 says the agent takes COPIES of the persona's programs. Just like the actual agent is only a copy of the agent program on your commlink. If you dont crack your agent and you send him off to another node and he gets geeked are you out your 10k R4 agent?

Also in rereading that section about the payloads I misunderstood something. I thought the programs had to be active on the persona in order for them to use it but they have to be active on the agent. Meaning he can not take copies of all your programs and switch them out as he needs them.

@Dashifen
Forgot about stealth. Was worried more about matrix stats than skill usage.

Oh that reminds me. Why do I have to be getting tracked in order to be running spoof(redirect)? You dont ever even know when you are being tracked. The hacker is just blasting the line with static and fake signals and stuff INCASE somebody is trying to track him. If nobody is tracking him then its just noise nobody heres.

Maybe I misread something or got it mixed up but I thought redirect's increased the threshold for systems to find you during intrusion tests?

If the agent gets geeked then yep you're out the cash or time spent in getting him. As Dashifen said, you might be able to return to the system and pick up the pieces and repair, but thats up to GM. I'd think if its loaded on a system other than your own, as soon as he's crashed the systems going to delete the pieces. Or they'll send it off to their Network spider so he can realign it, and you'll be fighting your own agent next time you return to the system.

Agents/IC work best as assistants, because they will only follow the orders given them (they don't think on their own). So if you sent him to delete files and alter files, if he's attacked he might just try and finish what he was doing as fast as it can, instead of defending/fleeing. Also if you leave them they are very vulnerable, unless they are constantly in contact with you, and then you're very vulnerable. Sprites on the other hand (Go Techno's!) can only be spoofed or controlled by another sprite or Technomancer, and since they are considered (lesser) AI's, they have emotions/reactions to whats going on around them more than agents.

Ok this is to both of you guys. If your in cybercombat and the opponent attacks your programs in an effort to crash them then would those permanently be gone too??

I guess im in the middle of the road heh. I dont believe you can just copy/paste your programs infinitely but I also dont think they are one off's. I think when you upload programs and agents then you are making copies, even if those programs get trashed you still have the originals on your commlink for the next time.

Hmmm in the crashing OS segment it says agents can not be crashed. On the other hand it suggest programs can be rebooted in rating combat turns... thats probably what I would allow for agents to.

Guess that one will have to wait for Unwired lol. Aren't agents fairly easy to get killed? 10k a whack is pretty damn expensive.

I don't consider this to be a copy with respect to the rules for cracking software but rather a copy meaning that an Agent can use the programs of the person who owns that Agent. I wouldn't, for example, let an Agent pop onto a node and start using its programs. In my games, if you send your agent out as a separate, independent icon and it gets crashed then you are out a 10k Agent unless you go collect it from the node. You could, however, give instructions to your Agent to go to a specific "safe" node or something redirecting traces as necessary along the way rather than engaging in combat or other tricks to try and keep your agents safe.

I also degrade the rating of agents if they roll glitches or critical glitches in cybercombat, so I think I'm a little more nasty with these little toys than the average GM. But it does (a) keep the game interesting and (b) helps to curb obnoxious use of Agents if they're in danger when you do so.



Not necessarily. Any agent can operate in one of two ways: (1) as a part of your persona or (2) unloaded form your persona as an independent icon. This is mentioned in the second column of page 227 in SR4.

When operating as a part of your persona, the agent can use any program that you're currently running and swap its payload out for those programs as necessary. The hacker can even stop using a program that the Agent is using to help reduce the load on their commlink, according to the FAQ:



This lets us know that the hacker can stop using a program that's loaded into an Agent's payload and help to reduce the load on his commlink. In other words, an Agent running in your persona is more flexible than an agent running as an independent icon because it can access the programs that are active on the Hacker's commlink. Granted, swapping and running and deactivating software takes actions, so it might be dangerous and/or time consuming to change around an agent's payload during cybercombat, for example, but under other situations, things could move very quickly.

However, if the Agent is operating as an independent agent, then in order to swap out programs on it's own, they must be available to it online:



A GM could rule that some (or all) of the Common Use programs might, thus, be available online for an Agent to use. If I can use Google Docs online now, I have to assume that there might be Edit programs freely available for use someone on the Matrix for an Agent to tap into if it needs to, but if it's on a secure node of some kind, that may not be the case. It'd be less likely to encounter Hacking programs available, but other GMs may feel differently than I.

No. Crashing a program is the same as deactivating it, in my opinion. If you need that program back again, then you could reload it with a complex action, but that would take a whole initiative pass away. It's a great tactic, though, for players and GMs alike. I love watching a hacker's face as they get jumped by two IC. One which starts to crash his Armor program and the other starts whaling on him with Attack/Blackhammer/Blackout depending on the situation.



And that's totally cool, but I prefer to think of them more like drones. If you send a drone off to do surveillance and someone else nicks it, you're out all the cash you invested in that drone. Hell, in my game, the current Technomancer had a doberman drone loaded with a weapon that he hid and placed to watch an area in Hong Kong. He never had the chance to return and get the drone before they had to run away from the authorities and thus he lost his drone. Sucks, but that's life in the Shadows. Agents are similar to Matrix Drones, to stretch an analogy, and I like to make sure that they're also not an investment that a character makes at generation and then never has to worry about ever again.



When it says Agents can't be crashed, they mean you cannot use a "Crash Program/OS" action to take them out, you actually have to defeat them in cybercombat instead.



The rebooting in System combat turns is for crashing OS software, not normal programs. You can restart normal programs in 1 complex action by running them again just like normal. 'Course, if you want Agents to take longer to reboot, that's cool, too.



Depends on the Agent. A good rating 6 Agent with high programs is going to be as difficult (or perhaps more difficult) to defeat than a hacker.

They wouldn't be gone, just crashed. So it would take you a complex action to reload them. So he would drop your program, then get a free pass as you are spending it reloading. (Crash the Bio-Feedback Filter, or armor). For the purposes of agents, I would probably allow 1 copied program for an agent to carry. But multiple agents would each need a different program. Anything to inhibit agent armies. It only takes a few hours to rip a copy anyways, its just prep time, and not done on the fly. Crashing an Agent is effectively cybercombat, they can be crashed, but they aren't crashed like you would a standard program.

The problem with rebooting is something has to initialize it, and since the agent is on someone else's system, they aren't going to reboot it for you, but otherwise since an agent is a system/pilot it would take rating combat turns to reboot.

10k for an agent, everyone has their expensive loss.. 10k is minimum for a weapon foci, drones run about half, but when you load them with sensors weapons, and ammunition they get up there and they can be shot to pieces. Overall your hacker has the least amount of problems with cash once you have your hacking/common use programs. So don't complain too loudly especially to the mage who spends I think 1,000 per rating to bind a spirit? And thats not even a guaranteed success.

Hey dashifen (and any other Matrix Savvy), since we're trading Matrix know-how... How does this sound?

Ok as my teams Hacker (Technomancer), I have already set up back doors into two members commlinks. I've finally come to the point where I'm wanting to set up a sniffer program on the team's face's commlink. He knows more of what he's doing. And I'm not going to take chances of it failing (my technomancer acted erratically last time, and unsure as to the rest of the groups interpretation of it).

Now my question is once I get in there, should I be able to set up a sniffer program to include myself in all his communications, without having to be in the node myself to maintain it? According to BBB this is quite possible. Then to do so, I thread myself the wonder of Sniffer programs (Rating 10), bring along a sprite to assist (Rating 5 or 6..), and set it up. 10+4+5, 19 dice to do this. And I plan on using edge to reroll the misses. This should set up sufficient amount of hits, that it will take months before this sniffer is found.

Am I correct in this? I also plan on doing similar to one of the others commlinks (the medic's), though I won't be pushing quite the limits with it (though if I've already got them threaded, why not...)

Once the sniffer is in place I shouldn't have to sustain it anymore... The sniffer is used to set up taps, it doesn't represent the tap itself right?

You can't thread programs, only complex forms. However, I would argue that a tap is a "sustained" action, in that if you stop tapping someone's traffic you've got to reroll later if you want to start up again. If you want the traffic to be recorded to some form of backup device, then you're probably better of registering a data sprite and letting it handle things for you. 'Course, as a GM, I'd have that spirte screw around a little bit on the target's commlink after some time (mischievous little buggers do get bored after all).

I don't see how you could use a sniffer program to set up a tap, since it allows you to intercept wireless communications, ie., sniff them out of the airwaves, not directly from the commlink. And beyond that, I agree with Dashifen, that your complex form requires you to be there to use it.

The thing to do is register a Courier Sprite. Hack the comlink in question and install said sprite on commlink, have it use it's Cookie Power. If you've registered the sprite, you can keep it there indefinately, assuming the face never succeeds on a Matrix Perception (4) test (rolling Computer+Analyze). If the face doesn't have a computer skill, or even if he does and doesn't think to look, then, well, he'll never notice, will he? The cookie power allows the sprite to log details, but simply having the sprite there allows you to listen in on any communications, since you have a mental link with your sprite as long as you're online. So no tell-tale transmissions leaving the face's commlink, you can just mentally communicate with your sprite and get all the info...

This is what I'm thinking of doing. But it does look like I would have to stay in the node myself as well since the program is running there. I guess compiling a courier sprite and having it cookie would work as well, but I'm trying to think of ways that it can work for long term and not be detected very easily. As well cookie doesn't give details as to the information, it just tells what nodes it interacts with. So I will need a sniffer in order to do this. Basically I'm wanting a feed of details of every communication coming in or out of the commlink. I could maintain a link with the node so that I can keep tabs on it, working in multiple nodes...

It does look like the courier doesn't need to remain there in order to use Cookie power though, but it isn't a live feed, it would be something I'd have to redo constantly in order to get information, and keep it updated.

Ah, yes, I see that paragraph. But: "Note that this action only aplies to traffic passing through a wired medium; for wireless traffic, see Intercepting Wireless Signal, p 225." (SR4, 224)

So, I assumed that with a commlink, the communications would be wireless traffic. If you were doing this on a wired connection, I would say that your sniffer complex form could create a tap just like a sniffer program. But again, don't think that would work on a wireless commlink.

In our game, we say that anything your sprite overhears or sees, you can too, through your mental link. So leaving a sprite, with instructions to notify you if any communications began, would work... in our game.

The rest of the section talks specifically about setting it up on a persons commlink. Since this is one of the nodes the communications must pass through. Intermediate nodes could also be used of course, but with wireless usually those change frequently or are unused completely.

-Even if an agent/sprite was set to auto-sniff every "commcall" how would it relay that information back to the hacker? People would definately notice their commlink sending out messages. You could give the agent edit and make it make files for every commcall on the dude's commlink, then you could just go in through your backdoor and check the log every once and while?

-I dont see how you could hide a sprite/agent from the owner of a commlink. They have admin access so they should automatically see everything.

You can reference real-world workings of programs for an explanation there. A program can reside on your computer, eating up unused processing cycles, and then transmit it's information in with the "junk" information sent out over your comlink. Properly disguised, you'd never know anything was amiss unless you noticed an odd slowdown in performance somewhere. I would imagine SR4 programs aren't functionally different, just more complex.

You need to constantly Sniff for traffic from the target comlink. Your problem is that the sniffing agent will lock onto the next connection the target makes. If he has multiple connections, the agent will be busy streaming all to file. You somehow need to keep the agents node close to the target, so it is in interception range. Your comlink will not qualify. Also note that the same trick pulled on you would give away what you do - because of your data streams.

Sorry guys I want to back track for a second!!! I kinda lost focus on this question and let it drop but now I remember why i was asking.

-What information can you derive from just looking at a node or a encrypted node??

I walk into a bar with like 30 people inside. I grab a drink walk over to a booth and have a seat and flip open my commlink and begin scanning for nodes. I get a list of like thousands of nodes, some hidden. Do I see a list of commlinks with people's names, a list of appliances, a list of security camera's with positions marked??

Hmmm this makes me think of subscriptions. If a bar has 10 security camera's and they are all subscribed to the barkeepers commlink I would only see that one single node (the barkeepers commlink) right? I wouldnt see a node for each of the 10 camera's??

If my cyberarm is subscribed to my commlink then nobody would find my cyberarm in a scan they would just see my commlink?

However....if they decrypt my commlink and sniff it then they can see things subscribed to my commlink and be lead right to my cyberarm or the sec camera's and they could then view the sec camera footage or begin hacking my cyberarm.

Theres no way in hell I would have wireless turned on in my cyberarm im just giving examples heh. Going back to the bar... 10 camera's, 1000 camera's that could all be set up to count as a single subscription right ?? Im just trying to familiarize myself with what people actually see when they perform scans. They would never see toasters and refridgerators and all the little knick knacks people got on, they would only see the nodes those things are subscribed to. Which only leaves the question of what information is on those nodes. If i know the bartenders name is Freddy and I have a node with the name Fred Duponte and no other nodes with Fred on it. Then thats probably his.

Ok hidden nodes dont broadcast SIN info, which is why the law makes it mandatory that you dont go hidden. So hidden nodes would have no info on them. So even if someone locates a hidden node they wont know who's node it is until they hack it.... That makes it seem very unlikely that any hacker would try to hack into a hidden node unless there was only one around. Otherwise you would never know who you were hacking. The lowly scum shadowrunner or some whiz corp exec with 10 layers of black IC.

Active PAN w/ encryption = all info available
Passive PAN w/ encryption = all sin info (no public profile)
Hidden PAN w/ encryption = no info, cross your fingers and take a shot in the dark at which hidden node is the one you want.

Encryption wouldnt matter at this point. If you have your commlink encrypted it just means people can't listen in on your conversations or see INSIDE your commlink. It doesnt change what information is being broadcast by your PAN. Otherwise the law would be on your ass just like if you were hidden.

I guess if you narrowed it down to 10 hidden nodes you could decrypt and sniffer, or decrpyt and analyze the signals coming from the node to get information? Would that just give you an Access ID. I guess then you could do a computer + browse test with a massive bonus to match the access ID with a name..? But what if the target node was using a spoofed ID? You could grab a picture of the person off the net probably but then you would have to visually scan the entire room to make sure that person is or is not there and that would be impossable in some places....

Anybody wanna comment on this? How do you explain enemy or player hackers knowing which hidden nodes to hack if there are more than one?? How can they possably identify the right node?? I seriously doubt people are just going to randomly start hacking every hidden node until they get to the right one??

If it's a non-encrypted node, the information depends on the current mode of the device: active, passive, or hidden. Active and passive nodes will be reasonably easy to notice and find. Active ones might be broadcasting a general profile (like Facebook or MySpace sort of information) for commlinks, devices will probably tell you want they are and, if there's any public functionality (like the iMenu at the table where you sat down ) then you might find instructions and/or other interface hints. Passive nodes would be there but probably not respond to public connections with too much (or maybe any) information. Hidden nodes wouldn't be there at all without a more intensive scan (hence the 15+ threshold to find them).

If the node is encrypted, you would still get information from active nodes, but it would be encrypted and, thus, unhelpful until you decrypted it.



Again, depends on the mode of the cameras. I'd think that the average camera would be passive or hidden. If the former, then you'd see their node and if the latter, the node wouldn't pop up unless you specifically made an effort to find them. Plus, depending on the set up, cameras might not be wireless and, instead, wired directly to the security room or something. There's pretty much no reason to make them wireless because it only creates a weakness. 'Course, it might be useful to give them a skinlink for maintenance purposes (touch the camera, and you can interface with it for diagnostic purposes) but that's a little obvious if you're not careful.



Probably not, unless your Cyberarm is operating with a wireless connection to your commlink. More likely, your Cyberarm has a direct neural interface wired within the body and then to a datajack which can be plugged into your commlink. With that setup, you could disable the wireless on your Cyberarm and they wouldn't be able to find it without breaking into your PAN.



If they break into your PAN (detect, decrypt, and hack your commlink, in other words) and then analyze it (not sniff it), then they could potentially see what is subscribed to your commlink, yes. What they do with that information is up to them. I like moving the smart gun targeting reticule to the left by a meter or so .

The big reason for wireless on cyberware is "fluff." For maintenance and other purposes, with a wireless interface to cyberware, then a street doc or cybertechnician won't have to cut you open to get diagnostic information on your 'ware. For a cyberarm it's even less important since it's on the outside of the body, but giving the cybertech the ability to diagnose a leaking internal air tank is probably handy rather than having them cut open you abdomen to notice that there's a bullet hole in your extra lung.



I wouldn't call them one subscription, but since the subscription list is essentially limitless, the result is the same: all the cameras can be subscribed. Plus, the drones chapter indicates that you can send single commands to groups of drones (or in this case, camera devices) and have them all respond, so you could definitely do this if you want to.



That's probably up to interpretation, but I wouldn't disagree with what you've said. I don't personally run it that way in my games, but I assume that the reason decryption is so easy is that the corps and governments have required backdoors in the encryption schemes. Hackers have learned of those backdoors and exploit them just as easily as law enforcement does. Thus, encryption isn't a concern to law enforcement -- they can just break it when they need to and the average SINner either doesn't know, doesn't care, or trusts the government/corporation to be acting appropriately. Shadowrunners, on the other hand, probably know better.



Personally, I think the threshold of 15+ you need to detect a wireless node indicates that all the work has been done to find the appropriate node. The program triangulates on areas where it can detect small amounts of traffic but not a node until it can hone in on the one you're looking for. If there's 100 hidden nodes in the area, especially if they're all clumped right around the target, increase the threshold to 20+ or maybe even 25+ and then you need some kind of super hacker (or assistance from sprites, teamworking Agents, etc.) to find your target without trying another angle.

To get an access ID you would need a successful Matrix Perception test on the target. If you haven't decrypted the target, then I wouldn't give you much information because even the access ID would be encrypted. Just like when you submit credit card information online today, all of the data transfered between your computer and the server is encrypted and the exchange of keys for that encryption happens first so that, for your session, the server knows who you are and what key to use for you. If the target was using a spoofed ID, then you'll still get an access ID, but it won't ever correlate to the target's actual identity. You could still use it to spoof commands to drones that he's controlling with that spoofed ID though.

If they break into your PAN (detect, decrypt, and hack your commlink, in other words) and then analyze it (not sniff it), then they could potentially see what is subscribed to your commlink, yes. What they do with that information is up to them. I like moving the smart gun targeting reticule to the left by a meter or so .

Once you get to a node yes you can force your way in and risk the target becoming aware of your actions. But while you are still outside you can decrypt its ass and identify everything its is communicating with (cyberarms if they are set up that way, glasses, smartlink if its set up that way, earbuds, a trodenet, any other devices in that persons pan).

Hmmm I was thinking you could goto a commlink node see it talking to a hidden cyberarm and then slide over to it, bypassing the commlink node with the deadly IC, and start hacking the cyberarm directly. But that doesnt flow with the rules I dont think. I dont think you could sniffer PAN communications, I no longer think they would show up. They specifically say if you make a PAN a hacker has to go through the commlink first. Sniffer must only pick up other kind of signals like "phone calls". Kind of inconsistant. A signal transmission is a signal transmission whether its commlink to commlink or commlink to cyberarm but whatever.....I will let that go till unwired.



I wouldn't call them one subscription, but since the subscription list is essentially limitless, the result is the same: all the cameras can be subscribed. Plus, the drones chapter indicates that you can send single commands to groups of drones (or in this case, camera devices) and have them all respond, so you could definitely do this if you want to.

Hmmm I can't find that part about grouping things together into one subscription, I think it was in the part about rigging entire systems. But pg212 on linking and subscribing says exactly what I said above. You can make devices only talk to other devices. Nobody can hack stuff in a PAN until they go through the comm. They said you can't SNOOP things in a pan. That is very poorly worded. Did they mean Sniffer? I imagine so. I dont really agree with that. I dont see how a sniffer program could NOT see wireless transmissions between stuff in your PAN and the commlink. And by extension spoof commands to it without ever having to hack into the PAN's commlink....

But I accept that it works like that and doesnt effect me one way or another.



That's probably up to interpretation, but I wouldn't disagree with what you've said. I don't personally run it that way in my games, but I assume that the reason decryption is so easy is that the corps and governments have required backdoors in the encryption schemes. Hackers have learned of those backdoors and exploit them just as easily as law enforcement does. Thus, encryption isn't a concern to law enforcement -- they can just break it when they need to and the average SINner either doesn't know, doesn't care, or trusts the government/corporation to be acting appropriately. Shadowrunners, on the other hand, probably know better.

That would make every law enforcer on the street a compitent hacker. I seriously doubt that would be the case. But its a minor irrelevant point that we dont have to agree on =).


Hey does anyone know of a place to submit these questions so they can be answered in unwired.

I would think that if you sent an email to info@shadowrun4.com that they would forward the message to the proper location (if the info address is not right one already)

Because its on your PAN doesn't make it hack proof. The cyberarm is safe due to
1) Could be run wired (or skinlinked) to a commlink, no wireless signal.
2) Could be run neurally, no connection to anything. (Data jack usually for maintenance)
3) Cyberlimb Signal rating 0, you'll have to be sitting next to it in order to hack it.

If you get into the commlink you have access to his PAN, so its usually easier to go via this way then trying to hack while sitting next to him. Cyber sammy redlines his arm to destroy hacker nerd next to him...

As to nodes on a scan, pretty much anything public or private will show up, broadcasting whatever information they want. Some areas will require you to have specific information broadcasted, and you could be stopped for broadcasting too little. Cops probably just want some form of Encrypted SIN ID put out, they can then just copy it directly into their database to check, but other people won't have the decryption to break it (easily.. Fake ID's do exist, so someone's got the ability) Other people (facebookers, myspace people), will broadcast name, age, sexual preference, color of panties, and most soy beers they've drank before passing out and waking up next to a troll. Yeah there's the paranoid, and then there's those who tell you alot more than you want. It's the 15+ threshold that says you'll find the node you're looking for, when looking for hidden. Unless of course it doesn't exist, then you won't find it, but you searched real good.

"Because its on your PAN doesn't make it hack proof. The cyberarm is safe due to"

Your talking about in general right? As in somebody can hack your comm and get to the things on your pan. You are not saying that people can hack things on a PAN without going through the PAN's central node right? Cuz that contradicts pg212. If its on a pan its safe from hacks and "snooping" unless and until you go through a PAN's central node..

@everyone!! Please stop bringing up how to make cyber immune to hacking, thats not the issue. Never asked about it. I just used it as an example of something that somebody may have subscribed to their PAN(however unlikely and idiotic that may be)! Just replace all instances of cyber arm with glasses.

You're example and Nightwalker's response are both valid though.

Here's the text from p. 212 that I think you're focused on, Abbandon:



That doesn't say that devices are invulnerable to hacking if they're a part of a user's PAN, only that if you want to access devices in a PAN, those devices can be ordered to refuse a connection unless it comes through the hub of the PAN, i.e. the owner's commlink. However, those devices might still be hacked since that represents an illegitimate way of gaining access.

Thus, if someone has their glasses connected to their PAN, they can tell the glasses that they don't want any information to be displayed unless it comes through their commlink. Then, the commlink mode and software can help to limit the AR information that the glasses would make available to the user. But, if someone hacks the glasses, then I'd allow all sorts of stuff to be placed in the user's filed of vision.

To avoid this, the glasses might be skin linked or might only have a signal of zero or they could be wired into the user's commlink directly. These three security measures would help to make the glasses far more secure than even a PAN can do.

"Rather than allowing any stranger access to all of your electronics, anyone that wants to interact with your PAN must connect to your commlink first." is for legitimate users only.

Hackers can spoof the address of the central node and are good to go, no need to hack the comlink. Intercept signal, read matrix IP, good. Leaves only exploit and decrypt to do.

Oh your right. "Offers only a degree of protection".... I conveniently omitted that part from my reading hehehe. Yeah so now im back to what Ryu said. locate, decrypt, grab ID, sniffer comm traffic, spoof/hack.