Reading about Hackers now in SR4th edition, I couldn't exactly find in the book WHAT is the limit of things they can wirelessly hack... Does this include things like your Thermal Vision Goggles, or can he make you punch yourself with your Cyberarm?

I mean normally people would say that you'd have to be very close in order to hack that person's equipment due to the signal strength but you could just use a Signal Relaying Drone to get around that problem right?

Just trying to get a feel for what I should be warning my players about before they all start buying equipment without Wireless functionality.

There are reportedly going to be more rules on hacking 'ware in Unwired, so until that comes out to clarify things it's worth taking things on DS with the odd pinch of salt. What follows is my interpretation of what could be done.

In answer to your example; I would allow a hacker to interfere with night vision goggles, imposing a dice pool penalty on the user until they pulled them off or rebooted them. A cyberarm couldn't be used to punch it's owner, as it has no autonomous capacity (it won't drag it's unconcious owner out of danger, for example). A hacker could inflict a dice pool penalty by hacking a cyberarm, and messing with the sensitivity settings or sending conflicting signals or some such fluff. Basically the worst In would do is impose a dice pool penalty up to about a -4, based on what the hacker wanted to do, how clever they were about describing it, and how many hits they got in their edit or attack (or whatever appropriate programme) test.

As far as actually being in a position to hack someone's 'ware or gear, you first have to compromise their commlink through an exploit programme, or at the very least spoof it, so the 'ware will actually add your 'link to its subscription list. If the user or any IC they're running notice this through analyse, they can interfere (resolve matrix combat) or move out of signal range of your relay drone (or just shoot the fragger) dumping you from their PAN. Once you're into their system then you can run whatever programmes you think will interfere. Of course, at this stage the victim can shut down their commlink, or reboot their 'ware or gear, removing the penalty for being hacked, as well as any AR boni they get from their 'ware or gear. This takes a simple action or more if they are not using DNI or trodes to control their PAN.

As far as players being suspicious about wireless functionality, I have the same problem with some of mine. One skinlinks all his gear and sets his 'link to 0 signal, forgoing any AR benefits he might get from the rest of the team. Another just has virtually no wireless gear, but since he has Gremlins 4, even the stuff he does have doesn't work half the time.

A properly set up and defended VR net including datafeeds from drones and everyones augmentations can be very useful. The only receiving wireless nodes should be as tough to hack as you can make them, and incorporate layered defenses. Pretty much everything else should aim to be Skinlinked or DNI, with any wireless capacity turned *off* via hardware switch, Skinlink or DNI.

I think Skinlink is the answer to whether you can hack goggles or not.

I had been wondering this myself. I think it says in the BBB anything with a wireless signal could be hacked, but doesn't give rules for hacking gear and ware. Alternately short of a skin link I was curious if it really mattered or not if the ware had a signal big enough to just interact with your PAN. Taking into account of the signal rating of your comm, wouldn't anything broadcasting within it's broadcast range be a viable target?

I'm really hoping Unwired explains all of this like mentioned above. For now I'm not messing with it in my own games short of technomancer fluff that doesn't affect the players.

It's been suggested that anything without a rating has Rating 3. Once you've got Analyse and Firewall software, it should probably be running in every node (at 3, where node limits apply), just for Intrusion Detection purposes. Think of it like memory-resident Antivirus in computers behind a firewall.

It doesn't take a hacker to continually scan for wireless signals in your vicinity. Assuming that relay drone couldn't be hidden when transmitting, that would basically pop up on everyone's HUD as soon as it gets within signal range, so you still have an issue.

I mean, even if it was a micro drone, that should be pretty easy to detect if an enemy hacker is trying to use that as a relay device...

But why does the hacker need a Drone to reach you?
Everyone is one the net. That seems to be the whole point of the definitions.
It would seem therefore that if the hacker knows where you are in the network, he should be able to reach you and hack your commlink. Having hacked your commlink, he can then hack anything else skinlinked or within wireless range of that.
The difference Skinlink makes is that even if the hacker can find another wireless node near enough to you to normally be able to pick up gear signals, he still can't. (And skinlink is dirt cheap, so do it anyway.)

Otherwise, we end up back in the rules from early editions where you had to hack your way through the phone network to get to your target system. The RAW for 4th edition seems designed to get us out of that morass.

Yours,
JoelHalpern

Actually, hopping nodes is RAW.

Not quite. You can have an active ARNet within a Team without the Wireless Web knowing where you are, or you registering a presence on it. So even if there's a node of Matrix 2.0 that a hacker could jump off from, your gear might not be in range of it, even if it were turned on. Signal rating 0 means you have to be quite close to scan it out if it's hidden; *that*'s what the crawler relay drone is for: sneaking close enough to get within range o f any short-range devices that are still on.



That's true if your net-connected commlink is connected to your other equipment.

I think the assumption is that the hacker is trying to directly hack the 'ware or the gear in question.

Usually the commlink will have the most security since it has the highest signal, and routinely interacts with the local wireless network, through which it can be hacked. However'ware and gear will still have a wireless signal which a relay drone would allow you to access, thereby bypassing the security on the commlink, although this is really up to the GM at present, as the rules for hacking 'ware are sketchy.

As you say, skinlinking all your gear protects against this, but it is an investment of nuyen, and it depends on how security concious your runner is.

I still find it hard to believe that an active node within 3m of the team is going to stay unnoticed, no matter how physically small or hidden it is.

I agree. If it is actively pinging the runner's network it would show up as a node, if he bothers to make a matrix perception check. Which is why I suggested that as soon as he realises someone is hacking him he can move out of range of the drone or shoot it. This is why even if your gear is not skinlinked you're reasonably safe from being hacked except through your commlink. In the heat of battle it might give the hacker's team an edge though, as the target has to faff with his PAN settings.

Matrix perception checks take time. Better to have every node loaded with Firewall and Analyse so the character doesn't need to make a perception check that they might not have time for; their gear will do it for them... Better still to have your stuff inaccessible. Why would you leave the wireless connection on your cyberarm on? It's hooked into your meat nerves for use and control; the wireless is so your tech can access the diagnostics without needing to breach the synthskin. If (you or) it gets garked badly enough that you can't use the DNI to activate the wireless again, a little scalpel incision can access a jackport, but otherwise, WiNet is more convenient.



In the heat of battle, who has time to do Matrix Perception tests on every bit of C-ware and combat augmentation tech every round? Even if you have a decker, they will often be too busy to run signal scans to find stealthy nodes, or they'll find several and not be able to tell without further action which is offensive and which are just sending normal HELO packets and offering comms (that's the enemy hacker's Stealth/Spoof/Exploit pool vs the examini) . Turn it off, turn it off or get hacked. It only has to happen once and you are (potentially) *hosed* good and dead when the enemy Edits you out of the access/subscription list of your cybereyes.

I think you misunderstood me slightly.

The matrix perception check is to notice that there is a node close by, before the hacker has even attempted to use said node as a bridge into the runner's 'ware or gear. If he does spot it he can act to move out of range or destroy the drone before the hacker can attempt to exploit his PAN. When the hacker makes his exploit attempt, then the runner's firewall and analyse gets a chance to spot the incursion, and if it does it will flag it up to the runner. He can then move out of range of the node the hacker's signal is coming from, or blast it.

I agree that 'ware's wireless should be able to be turned off, to prevent hacking, but I'll wait until Unwired comes out before making any definite judgement. As it is, lacking any hard rules for hacking 'ware, I intend to leave it inflicting a dice penalty akin to the AR dice bonus you can acquire, which can still be crippling, but isn't an instant death sentence.

With regards to your specific example; I wouldn't allow a hacker to blind you by effectively shutting down a set of cyber eyes. What they could do to them is edit the subscription list to remove your smartlinked Predator, (-2 dice) or change the vision mode from lowlight to regular (hello visibility penalties).

Technically a Hacker could turn off your cybereyes or start to run the diagnostic readouts over your eyes thus blocking out your vision or maybe just causing a distraction and visibility die mod.

But yes a hacker can effectively turn off any piece of ware that is emitting a wireless signal.

Or connected/subscribed to a device that is emitting a wireless signal.

I think this is a question to ask the GM at your specific table. The reason why I say this is that turning off eyes would need to be something that can actually be done by the device. I don't think I would say turning this device off, is a normal function of the cybereyes. Reboot? Maybe, but it would be so quick that I'd only apply a -1/-2 modifier at best.

If you GM is thorough, s/he probably has a mental list of what most devices are capable of doing and won't let a hacker go beyond those functions just because conceptually it could work that way.

Technically if you can reboot a device you can power it off. Plus when you go in for maintenace on any of your 'ware, which you need to do as this may or may not be covered within your lifestyle costs. But the cyberdoc would be able to turn off the device if it needed to be repaired in some fashion. Not only a reboot to upload software/OS upgrades, but a full shutdown to add new hardware or fix damaged hardware.
This is why most cyberware only has an admin level security access.

I'm confused.

It is my understanding that Analyze is a Program. In order for it to be utilized, a character would either have to actively use it himself (Skill + Program test) or have an Agent do it for him (Agent Rating + Program test). I am unaware of any rules or even fluff that depicts the Analyze Program as being able to just sit on a node and run itself, but then again I really suck at all this Matrix crap.

Bottom of page 217, last paragraph on the page.

When you are accessing a node, you may set your Analyze
program to automatically scan and detect other users/icons on
that node with a Simple Action. A successful scan will be reported
to you.

Unless that has been errata'd...

Again, I'd check with your GM. I run it that the cyberdoc would "unplug" the device and removing the power would shut it off. There's no software switch to do that. We are not talking about a flashlight here, but a cybernetic implant that's connected to your nervous system. It makes sense that once its installed, its always on.

And a reboot would be fractions of a second, in my mind. Therefore, it would only give a minor penalty.

I would normally agree with you Fortune. (Which is why I think a node needs IC in order to use an Attack program against a detected attacker.)

However, in this particular regard, BBB pg. 221 in the seciton on Breaking In explicitly states that the Node gets an "Analyze + Firewall" test against a threshold of the intruder's stealth to detect an intruder. (For Hacking on the Fly, the node gets a test every IP, presumably cumulative. For Probing the Target, the node gets one test when you actually go in.)
So the text is clearly stating that there is no need for IC or Human to have this test. Which makes sense since otherwise nodes without IC would be completely unable to detect intrusions at all.

Yours,
Joel Halpern

Thanks. I went and found the damn references, which it turns out I did know about after all, but with it being an exception to the general order of things, I promptly put aside and forgot.

So, is Analyze in fact the only Program that can be utilized in this manner? This manner being the ability to sit all alone in a node and combine with Firewall to make tests.

No, every program can - that's detailed in the Programs section.

I was writing a longer response to Rotbart, and reread the BBB.
There is a word tucked into the top of page 226:
"Note that if a node, agent, IC program, or sprite is running the program, substitute the System (rating) for skill."

This would suggest that a node can run programs without needing IC!?

However, this raises two problems of its own:
1) It refers to sprites, and we know that sprites, like technomanges, can not directly use programs.
2) Then what is IC for? It is very expensive stuff just for the opportunity to take a roll to detect intruders. Since the IC can not be higher rating than the System of the node it is running on, the only capability IC would give you is the extra detection roles, based on GM whim.

There are two models I can imagine that allow nodes to run software, but still make use of IC. One model is where the node and the IC can both attack the intruder. The other approach would be to consider that the IC is actually running on another node with a higher System (say a rating 6 ssecurity system supervising a bunch of rating 3 and 4 systems.
The problem with both of those is that it gets rapidly into the armies of IC problem. Meaning that hackers MUST remain undetected, as the defensive swarm will overcome the hacker.

Can you actually set your equipment to emit it's Signal output to Rank 0? (3 meters)

I see no reason why you shouldn't set your signal rating below what it is capable of transmitting. However, I think such a modification would require physically modding the piece of equipment (a hardware test), and would not be something you can turn on and off at will with the exception of some specific pieces of kit(for example, commlinks).

The question as to whether nodes can run their own programmes is an interesting one. From my understanding, Agents and IC have some degree of decision making capacity, whereas a node does not. Hence, I would rule that where a program requires a choice be made (attack a target, edit/encrypt a file, etc.) it cannot be used by a node. Where the program can be applied to everything (scan, analyse, possibly even armour) it can be run by a node.

Hopefully there will be some more detail in Unwired. And on that note: I WANT A RELEASE DATE!

<sigh>

Modern Day Wireless Routers have a software path to reduce the signal strength. Modern day Communications radios have the feature of variable signal power, some by a manual switch others by software.

In my games, a player can reduce the signal on his/her implants to a 0 or to nothing being transmitted at all.

WMS

June the 17^th.

Of course, I have no authority, inside information, or veracity as far as release dates for Catalyst (or any company) products go. But you now have a release date, albeit probably flawed.

They're looking at finals this previous and presumably the next week, so I'd say the PDF will likely be up in a week thereafter. Speculation, but fairly likely.

There's a specific reference to broadcasting your more sensitive SIN details at a shorter range, so I'd certainly say you should be able to regularly.

I can wireless access my printer and router, but can't switch them off - that requires a hardware activity [physically pressing the on/off button]...
...But I can repeatedly reboot the Router, so it's unusable for 30 seconds at a time.

I personally can't imagine that every piece of tech gear available has the ability to reduce it's broadcast range, any more than you can reduce the range of your WiFi or Bluetooth connection.

Every transmitter in SR4 is most likely a soft-radio, so you can do pretty much everything by re-configuring it by software.

And yeah, it's possible to change transmission power and timing (and thus, range) for BT and WLAN IRL.

However, you can press a button on your computer (or if you set it up right, on your keyboard) that sends your Operating System a command to shut down your computer completely without any further action on your part. A Soft Shutdown is a reality today and would definitely be a reality in 2070. This could easily be adapted to most all peripherals if needed. The real question is whether or not they would decide it would be needed and would thus be adopted to said peripherals.

Edit: Honestly, come to think of it, I wish I could reset my printer and router by a network powerdown/up. It would only save a few seconds most times (not to mention it might be yet another security hole to deal with) but man would it be nice.

Your router can be accessed via software today. In the menu there you can turn off the wireless signal, and/or reduce the signal strength.

WMS

I don't think anyone is seriously debating that it is impossible to turn signal on or off, or even adjust the signal on certain equipment today.

In SR4 signal should be easily adjustable - depending on the piece of kit - and on those where it's not, it should be adjustable with some modification.

For definite one shouldn't be able to increase the signal rating above the maximum rating bought for the equipment without investing in signal upgrades.

In some network printers, specifically ones that have an OS like UNIX or LINUX you can issue a software command such as shutdown ( it may be a script we have on some of our network image printers.) I can login to the printer from the command line and run the shutdown command. The printer will then completely shutdown.

I can see the same thing for any cyberware system as it is a network system which would have some sort of OS running on. One that would be a bit more robust than Windows. I would imagine somthing similar to UNIX or some other compiled language (ie C#* - )

Is that the printer itself, or just the print server?

I'm not completely familiar with corporate-level technology by any stretch of the imagination, just breaking into the field myself, but I haven't heard specifically of a printer that runs an OS.

You see, when I imagine the OSs with respect to hacking, it seems much more visual to me. I see almost the same approach as hacking in the movie Hackers (which, while silly and completely inaccurate, is quite entertaining if you haven't seen it) instead of something like nowadays where you write and compile scripts with languages like the Cs, Java, and the like. With the introduction of AR and VR into everyday computing I'm sure the operating systems are much more complex than they are now and are much more network oriented (with respect to hacking) than software oriented. At the very least, they're more like Ubuntu: a passable (if not outstanding and more on par with something I'd expect from Windows before any UNIX/Linux build) GUI with a powerful, ungimped command line if they hadn't begun or completed eschewing the command line all together.

I envision programming more akin to making something in Flash or VB more than C+ or anything completely text-oriented.

@ Bishop>>specifically the Codonics Image Printer. It has a SPARC CPUI board and run Solaris UNIX OS. This is termed as an intelligent peripheral.

You can login via the console over IP address and using the command line.

I am a network guy in my day job and in my opinion devices would be adjustable in terms of signal strength. Obviously you can do that now with Wireless routers and though you can't really do that now with Bluetooth devices, its because security is partly based on need and current threats. No one is really hacking bluetooth devices so the threat isn't there. In 2070 the threat of your device being hacked is there so why wouldn't they put that functionality in?