I've been trying to design a technomancer, and reading the various threads about them.
(One-on-one game I have agreed to GM, I am providing the matrix NPC, and the player as asked for a TM. I want to keep the team NPCs to the same starting level as the player.)

It looks like the key is to count on using Sprites for any action where you don't need a lot of hits, and you don't have to have the CF handy no matter what.
So, things like Scan, and Edit, seem to work fine via sprites.
Obviously, Attack better be a CF.

It looks like I could actually use a Sprite for Exploit, but for feel / style, I want that to be the TMs actual focus. So he has to have the CF.
Presumably Stealth is necessary (as you don't get any warning when you need it.)
Similarly, since you use Analyze just to see, it seems you need that.

The three questions I had were:
Armor: If you are going to use it at all, it better be an actual CF. But is it worth having?
Command: Does he need this to instruct his car to go somewhere? I'm not talking about jumping in, just directing the Van to go somewhere. It seems he shouldn't need it for driving. What else does it help with?
Browse: It seems that by the book he could summon a Sprite when he wants to browse. But it feels so painful to have a technomancer who can't actually look for information directly?

For now, I will assume Aaron's reading that I don't need Sniffer / Spoof.

What other CFs does the TM need to have himself. (As opposed to low grade threading, or calling a temporary Sprite. (Registered Sprites take time, so I don't want to assume I always have the right one handy.)

Thanks,
Joel

PS: Yes, it is very tempting to solve the whole question by switching to Frank's Matrix rules, but for many reasons I would prefer not to do that if I can avoid it for that game.

Only if you intend on trying to win (as opposed to fleeing) cyber-fights.


Yes yes yes yes yes yes yes. Also yes.


Again, how long to you intend to hang around in a fight? You usually have a little time to run as IC that runs on an alert needs to load up programs first. Armor isn't a bad investment, though, so it's going to depend on your focus.


Command is used to control devices from your (living) persona. Think of it like a remote-control interface.


Don't dismiss those CFs too quickly. Sure, you don't need them for hacking, but if you just need to send a device a single command (like telling a lock to open or a drone to return to base), the sniffing and spoofing can be faster and safer.


His rules are fine, but they're pretty high-resolution and place an emphasis on the Matrix in terms of time and energy that I personally find too high. [EDIT: on closer reading, I also disagree with some of the ways technology and networking are portrayed as working.]

Thanks for the reply. You raise some good points I have to think about. (Skipping Attack and Armor would free up quite a bit.)
With Spoof, I guess what I am missing is how I would get the ID I have to spoof. It seems that in order to spoof a lock, I would have to see someone open it, and then before they move on get a good lock at them so I could spoof them.
That seems a bit of a corner case. (The rule as written makes sense. It just seems to make it hard to apply the Spoof program / form.)

(Sniffer / Decrypt presumably would be particularly useful for eavesdropping. That seems to be a case where I can call a Sprite.)

Joel

PS: The other aspect is that if I use Sprites for all Scan / Sniffer / Decrypt operations, I can probably skip the EW skill completely. Is that too foolish?

Lack of errata is not the same as proof of concept. Casting Analyze Device on a knife to make the knife more effective in combat is also a rational interpretation - one that I again reject. Using this rationale, we could take a rock. We could attach an RFID tag to this rock. Then we could use a sprite's Analyze on the rock. Now every time I do anything with the rock - kill someone, pick my teeth, go bowling, etc - I would gain bonus dice because my sprite is telling me all about the properties of the rock. In a nutshell, no. Knowing more about my rock does not enable me to hit you more accurately with it. Analyze is for technical objects, or doing technical things, or flying complex aircraft, or whatever. Not stabbing people or shooting them.
Similarly, "They didn't errata it fast enough" is a false defense, because they also didn't errata Bloodzilla right away. Just for example.

You can interpret the rule however you want, but I'm not compelled to accept a retarded implementation of rules simply because someone hasn't stuck their finger in the dike yet.

Can't a mancer substitute less often needed CF as programs running on an ordinary link? he cann have the all-five superlink for 78K, use it for everyday hacking, keep some CFs to thread on top of them when the shite hits the ventilator, and he's flexible enough ... to pimp his skills a little, he can register a machine sprite and have it to an extended service diagnosing said link, effetively giving himself + (sprite*2/3) dice for all his actions with said link, so he doesn't feel too ineffective.

Same goes for his weapons and other important gear, really. I recommend a tricked-out assault rifle for open combat, a tricked-out NeMax für infiltration work as primary arm, and a vibro knife as secondary, all being diagnosed for extra dice, so he doesn't need to push his skills too high. Also, an emotitoy is a must (and has to be diagnosed too for extra dice). He really needs to invest most remaining BP into infiltration and athletics, since that's the only skill groups (besides martial arts, which, as a non-priamry combatant, he propably won't need) where his diagnosis sprite won't do him much good.

Of course that build entirely depends on whether a TM can use his hacking skills group with ordinary commlinks, and doesn't need to buy the skills twice (hacking-TM and hacking for people). The rules seem a bit ... foggy ... as to that. So, can they?

As a GM, I wouldn't have my TM buy those skills twice.. seems redundant. I think it absurd the notion that a TechnoMancer could not also use regular hacking skills.. I think I remember a chapter introduction where that guy used to work for some corp and they killed his girl doing technomancer experiments on them.. How I understand it, most technomancers were normal before gaining that power.. Why wouldn't they know how to use a comlink?? In same chapter intro, I believe the girl was a computer person for said corp.. She had to know what she was doing before her power manifested.. Technomancy did not come about till after the crash.. How in god's name did those people use computers until then??

They can use commlinks just as well as other people without the skill...
And I disagree that the split doesn't make sense, it makes perfect sense, one way is about knowledge and logic (the mundane way) and the needed equipment is a commlink, the other way works through intuition and instinct and you need a technomancers brain (in your head and working)...
Now I can see why you would rule the skills are the same, but that would be because no one wants to pay twice for the same skills, but I believe it does make perfect sense...

I rule that the skills are halved to the area you don't work in normally so a TM with electronic 4 would only have electronics 2 when using a link or vice versa.

That could work..

It make TMs i bit better at normal hacking but not gods at both. Should it round up or down is the only factor atm.

05 Quality
40 Resonance 5 (exactly this amount IMO)
42 Compiling 5 Registering 5 (+spec)
--- Living persona + virtual friends

30 Cracking 3
20 Electronics 2
30 CFs at rating=response: Analyse, Exploit, Stealth, Browse, Edit, Armor
--- Now he can use the living persona and hack a visible node on his own.

167 BP while buying everything at chargen that is expensive later. I´d build an orc with high mental stats, and max out on the number of CFs. Consider Attack and Sniffer (one-on-one sessions for a hacker will have more advanced network security than usual games). Support Operation used on Spoof permits you to effectivly control the enemy drones, and you don´t need to hack a door in order to pass through. Once Unwired brings security logs, Spoof leaves less traces.

No EW is definitly possible right now, but I´d wait for Unwired before walking that route.

"Mmm, that's delicious!"
"And just look at that shine!"

The trick is to get the access ID (with a single net hit on a Matrix Perception Test), which is easier or harder depending on where the source you'll be impersonating is. If it's present (like a rigger in a vehicle), you can just find the rigger's node and make the Matrix Perception Test to get the access ID. If the expected source is remote, then you'll have to track its traffic back to where it's coming from and get the access ID that way. Note that the acquisition of the access ID can be done in legwork, too.

Hackers <> Technomancers
TM|Hackers = Matrix

If you consider TMs as people who focus on controlling matrix Devices directly, and Hackers as people who do Matrix then you can get a sense of the difference between them, and why it isn't the best thing in trying to shoehorn a TM as a Hacker.

Think of the TM as the person who can manage any bit of Hardware that remotely has any Matrix use. And hackers as Software specialist.

The Hacker|Software person can do great stuff with the entire Matrix as a playground. They can use the software to get hardware to do stuff.

The TM|Hardware person excels at controlling devices, and can use devices to play with the entire Matrix.

http://www.somethingawful.com/d/flash-tub/...g-cartoon-2.php
This is what I think of when I think of a Technomancer/Hacker.

Just a hypothetical question: If I were to house rule that essence loss did not effect resonance for TMs, would it break anything? It would give TMs the ability to boost their base stats, and chip some skills, which might make them a bit more well rounded. What's the down-side? Does this lead to the becoming too overpowering after a moderate amount of karma, or would it just bring them to parity?

The biggest exploit I can think of is rigging. Machine spirits and all the rigging ware would get really huge really quick.

I think that would work well. The higher BP cost for resonance and CFs will still balance their extra abilities. You might want to rule that tech advantages for hackers (like the math SPU) don´t work for technomancers, so that hacker have a way of keeping up.

Ok, I've seen lots of people discussing pros and cons about technomancers and discussing what tasks TMs can be good at... but what I haven't seen are actual builds of TMs that are good. Anyone have a built TM that doesn't fail at life?

What does that even mean?

Not being confrontational, just honestly have no idea what this particular complaint entails. What makes a rule set "high resolution?"

-Frank

They are The Ones, after all.

At least 720 lines per paragraph!

The rules seem pretty clear to me that a TM has to buy standard hacking skills separately from his TM hacking skills. The two do not overlap, a TM can't teach a mundane to hack, and a TM can't learn from non-TMs or tutorsofts. Similarly you cannot thread regular programs, only CFs can be threaded.

Emotitoys and empathy software are broken even without Diagnosis, so that's a whole other debate.

It also appears that I am not alone in considering that Diagnosis does not improve the non-electronic functionality of a weapon, hence does not contribute to shooting or stabbing skills. Your insistence that things like a Smartlink can be made to work better through Diagnosis, and thus provide more dice, is the only thing supporting your TMs are overpowered argument. I have already covered my opinion on this, and while that doesn't disprove your own theories, neither does your interpretation convince me.



There are a few problems with this.

Threading is going to be tricky with the electronics group at only 2
Similarly, your dice pool for all computer related shenanigans is pretty poor at only 7 (Electronics 2+CF 5)
You've not taken into account regular attributes, and while you don't necessarily need to spend all 200, you'll probably need to in order to get your living persona at least competitive with a hacker's, and having a high enough charisma and willpower to take advantage of compiling without being knocked out. Assuming you pare it down to 190BPs, you still only have 43BPs for contacts, gear and other running skills (infiltration, a modicum of social tact, some combat skill).

It's not impossible to make a TM, but overall you get more versatility and immediate power playing a hacker, at the expense of (distant) future potential. If that's the way you want to roll. go for it, but I'm just addressing the OP with my criticism of the way TMs are designed and costed.

Things may improve a good deal with Unwired, as TMs might have far more ways to interact with stuff like digital ghosts than hackers, more ways to use sprites, more uses of threading, and more effects of threading, but in the core RAW TMs make a very poor investment IMO.

TMs should use their "official" comlink to run agents, which can in turn run all kinds of programs. A few low-rated CFs are cheap to buy ingame, I´d not bother with 100k¥+ for a complete link and two other skillgroups.

As for the Diagnostics power, the German limit to purely electronic devices, explicitly forbidding vehicles and guns, does make a lot of sense.

The different version of skills that TMs have should work well with comlinks, unless the German wording is "special" on that occasion, too. No teaching, no talent softs, but no limit on usage.

Yeah, but where does it say that mancers cannot use ordinary commlinks that way (and ordinary programs?) Yes, they treat software in some more untuitive way that cannot be learned by mundanes and cannot be bought on skillsofts. They do, however, according tot he rules, manage to use standard links and software nonetheless.


Then how would it improve a vehicle's performance, which is also primatily based on mechanical means? A Smartgun uses electronics for as much stuff as a vehicle does. I see no great difference there, to be honest. And on a side note: The German rules ruled out either to be affected by Diagnosis, and to me, that makes a lot more sense. It's just never been put into international rules as of yet (though I do hope somene puts it up for errata'ing).


Quite simply, international rules support this. Synner says so (he did in an example thread about riggermancers versus riggers a while back, and explicitly said "yes, that's how it works"). I am not interpreting here. And I am with you, that doesn't make a lot of sense from a common sense point of view. doesn't change a thing about how the rules work, though.

The passage stating that TM cracking and electronics skills are not interchangeable with mundane skills has been quoted. TMs can learn CFs from other TMs, so it's not a case of these things not being able to be taught, but they are, for all intents and purposes separate skills by RAW. I really can't see how it can be interpreted any other way without taking liberties with context.

The English language RAW (I've not seen or read the German rules) does not give any indication that a smartlink can be made better by any means. It gives a flat +2 dice, and does not require any rolls to use it. If there was a means in game to rewrite or modify smartlink software to give a better bonus, then I can see how Diagnosis would work, but there isn't because that would be absurdly imbalanced. As it is, virtually everyone uses smartlinked weapons for the +2 dice, unless they have some compelling IC reason not to.

I've not read Synner's thread about riggermancers in a lot of depth, so I don't recall him posting explicitly about TMs Diagnosing cars. I don't think that some argument made by Synner - dev or not - in response to an online argument can be given as much weight as the RAW or the FAQ.

I've not made any suggestions that Diagnose could be used on cars, although it does make a little more sense than guns, as there is far more potential for data monitoring in a situation as complex as a car, and that telemetry data could prove useful for handling etc. However, I can see how if it did work in cars, then it could be extrapolated to affect guns, which I suppose is where this whole debate started.

As a GM I would not permit this use of Diagnosis for reasons of game balance, and because it requires extensive extrapolation of a particular reading of the RAW. I consider the intent behind Diagnosis is to give TMs a preternatural connection with the way electrical hardware works. It was not, in my view, intended as a replacement for any combat or vehicle skill.

TM skills are not interchangeable with mundane skills. They can use common hardware, but use it differently. Therefore they should be able to use a comlink in whatever way works for them. They can´t teach their skills to a mundane, and they can´t use their own CFs with skillsofts.

See the errata 1.5 on this. Apart from resonance, TMs use common hacker skills.

The question is, can they use common commlinks and programs?

Yes, and actually they basically have to. TMs have no internal memory. Without a comlink you couldn't be broadcasting your SIN, or getted soycaffe from vending machines.

So they are like gnomes. A good idea at the time, but not something I would play.

Why exactly can't a TM be broadcasting a SIN without a commlink?

Because being a TM doesn't even give you 8-bytes of storage. I'm sure a TM can memorize there (fake) SIN easily enough, but they would have to consciously recall and send to everything asking for it. Image having to chat with every node on street.

EDIT: Nothing actually stops them from broadcasting a SIN. It's just a royal pain.

1) I´d only ever thread by 2 rating points anyway. I don´t need high Software.
2) I´d spend 170 points on attributes, 20 on race. Statline of 4 2 3 3 4 5 4 5. 167 on the kit below makes it 357 BP, or 43 BP left. Gear is lowish, say 10 BP, Contacts about 10 BP, leaves us with 23 + whatever you get out of qualities for other skills. And I´d like to spend 10 BP more on CFs. I´d buy the influence group. As for the secondary skills, that is not possible. If you want to try, start there: Jaids Rigger-TM
3) The current potential is there. A stable of registered sprites rating 5 as backup, a compiled sprite 5 as workhorse. 10 dice against (sprite rating) hits fading damage is only dangerous if you are already deep in enemy territory. Rating 10 on your CFs, whenever you can spare a complex action, and the process does not take long.

The question of how a TM does the Active|Passive|Hidden PAN business is an interesting one, but keep in mind that the TM is a Living Persona, and any matrix Device interacting with the TM perceives the TM though that Living Persona. This is no different than how a Matrix device perceives and interacts with a Hackers commlink. Once scanned and subscribed that Hacker's Commlink appears in the Matrix Device as a Persona.

There's no question it's easier for a TM to have something to store data in. But it could be anything, including that armored underwear.

Sorry, I'm coming to this debate late and I may come across as argumentative, but what's new, neh?

Spoof.

I'm about to have an embolism listening to Aaron tell me that the rules say you don't need spoof to hack a hidden comm-link that is only connecting to pre-approved comm-codes.

Holy Christ on a bicycle dude. I don't give a rat's hairy rear end what the rules do or do not say or are intended to mean.

If my comm-link only accepts packets from a fixed list of nodes you need to spoof one of those nodes period and if the rules say different the rules are wrong wrong wrong wrong wrong and need to be fixed pronto.

Clearly there is an issue here with the 'mesh network' nature of the 2070 Matrix. Regardless, no no no no no.

If there is a suggestion that all devices, regardless of whether they are in hidden mode or not, form part of the wireless backbone and are constantly receiving and retransmitting packets I can grok that. I can also envisage a situation where these mesh-wireless protocols are being run on the devices primary hardware on the devices primary operating system in such a way that faults in the network protocols themselves would permit exploits to end-run the Firewall.

I can also envisage hackers taking such devices and SMASHING THEM WITH A HAMMER.

There should never be any possibility of any packet getting within a hundred miles of an execution unit until it has been screened by the firewall.

My servers iptables setup drops all smb traffic that did not originate from one of the three IP's I have chosen, each of which is tied to a specific MAC address.

All such dropped traffic goes directedly to /dev/null, does not pass Go and does not collect so much as an ACK let alone $200.

For such traffic to get past the firewall without spoofing it's origin it would need to exploit a buffer overflow in the firewall itself. A buffer overflow that just isn't there. I mean seriously, a firewall with that sort of vulnerability would be pwned within seconds of connecting to the net.

Even if devices in hidden mode do continue to re-transmit data as part of the wireless-matrix infrastructure this functionality should utilize discrete hardware in the device that can only pass data down an internal fibreoptic link to the main device which is entirely free to treat that data any way it chooses.

Simply put, if the behaviour that Frank et al expect to see here can be achieved by ripping out one comm-links wireless and connecting it to another comm-link with a fibreoptic cable then after about six seconds all commercially available commlinks will be exactly that packaged nicely in a single box.

Nobody in their right mind buys stuff that is so flawed, not when there is an alternative that works properly and costs a negligible amount more.

Certainly you can think of at least one way to attack this set-up without sniffing packets or overflowing the firewall buffer. In fact, I'm willing to bet you'd be able to come up with one, realize why it wouldn't be feasible to run on today's technology, and then be able to make an educated guess as to how more advanced computing resources would make that attack work, maybe even in the span of a few hours (as is the case with probing) or even a few seconds (as is the case with hacking on the fly).

Of course, then there's the argument that the advanced computing resources would be unable to hold up against the power if IPv30 (or whatever), although you might realize that there's a mathematical fallacy to that argument involving the progression of computing power versus the escalation of the size of an address. This is not to mention any discussion of quantum computing (and don't bother with quantum encryption; that was hacked recently).

But you'd be right about advanced computing resources working on defense as well as offense. Your server would be running its own defenses with its own advanced computing resources, analyzing traffic and watching for attacks (get it? Analyzing?).

But this wanders a bit from the point. Anybody that thinks that they can secure their network with a MAC filter (or an IP filter, which is even weaker) should probably read more Schneier. That and let me know where they live so I can bum their wireless if I'm ever in the neighborhood.

I would agree. If we want to get into discussions about what is actually realistic, grounding in Bruce's discussions, as well as some of the other networking security thinkers, would be necessary.

While much of the security stuff for Shadowrun is sufficiently believable that I can work with it, I have generally concluded that the cypto stuff is the way it is in order to make the game practical, not because it is believable. (Breaking cypto by finding people's notes, or performing social engineering, is probably more believable. But I suspect that it would make that aspect of the game much slower, and probably much less genre.)

Joel

PS: My personal suspicion is that by 2070, with all the disruption, the protocols will probably look and function internally VERY differently from IP / TCP / HTTP. But it doesn't affect the game at all.

IN SR 2070, no. Otherwise they would have at least some thought put into security. There have been a few minor events in the last 10 years or so of 2070 that suggest there are some systemic weaknesses in SR computer security, but nobody fixed them. Sure sounds like the IETF in action....

IETF, ITU, ANSI, ... (I have played with a lot of these groups over the years.)
Lets not try to argue about who is or is not good at dealing with security issues. I will readily agree that there is plenty of mud to go around.

Joel

You got me, I'm no network engineer and I've no idea how you would go about overcoming this without spoofing the IP and MAC address.

I can think of any number of ways of doing it to my server but they all involve coming in on a port that isn't MAC filtered.

Assuming that every port is MAC filtered, that there are no weaknesses in the code that handles incoming packets before they get passed to the firewall and that this very first buffer that the firewall uses to screen packet headers is bullet proof I'm stumped.

Unless the packet headers contain sentient data patterns capable of sneaking out of the buffer and implanting malicious code elsewhere in main memory.....

Face it, this is the most trivial level of network security we're talking about here. The very first place data is ever stored when it enters a device, the most secure set of registers in the entire system. You are suggesting that malicious code can somehow escape this cage before getting shit-canned for coming from the wrong place. Given that this system has sixty years to be refined and honed to a fine art.

Hell by that time it should be entirely possible to examine the ipvn header in real time or filter it using some advanced version of a FPGA (like one of those kids toys with the holes to push the shaped blocks through, just better) and to cease listening to incoming data packets that don't come from an approved source before the first bit of actual data arrives.

If the data never gets stored in any register anywhere in the target system how, exactly, is it supposed to circumvent the 'MAC' filter?

I'm not saying that this is a very useful network. It cannot connect to the Matrix at all, for example, but it can't be hacked without spoofing the packets.

If you know better enlighten me. Give an actual example.

Well, I'm no expert, but if a Decrypt program can, in seconds, defeat the best encryption available in the game world shouldn't an Exploit program be able to find the open ports in your firewall and break its way in within the same time frame?

In 2070, offense trumps defense, for whatever reason.

I know this is a second post, but I didn't want to edit and have people miss it.

Given the raw processing power in 2070, is it not theoretically possible that one could send waves of commands at a targetted PAN that will eventually hit upon a command that is received and accepted, allowing you to access as a user? I mean, if you use spoof, you are spoofing access. If you use Exploit, you are doing some B&E and making access, are you not?

No open ports in firewall.

Iz all clsd!

...well something is receiving data. Since there are powerful algorithms to attack heavily encrypted files and decrypt them, there should be equally powerful algorithms that attack a firewall and find a header that it will accept. Seems very logical to me. If you aren't receiving any data, then your wireless is disabled.

It'll accept any header with the right source IP address and MAC. This is achieved using....?

You're missing my point.

Yes, you could sniff to find traffic and spoof the other device, this has been established.

What I am suggesting is that it should be easily possible to skip this step entirely by simply shooting out dozens of intelligently selected headers and narrowing down possibilities until you find one the firewall pays attention to. There is the elegent way (Sniffing and Spoofing) and the brute-force way (Exploit). By the time 2070 rolls around, it seems that brute force is faster and more easily detected then Spoofing.

That said, I'm playing into your hands by dropping my argument down to specifics. Point-in-fact, defenses are powerful, offenses can defeat them, as evidenced by the encrypt vs decrypt example. The game rules let you Exploit w/o Spoofing. My theoretical example to support this is that the Exploit program forcibly breaks down the firewall by tossing out thousands of potential Spoofs, which would be called Spoofs except that Spoof is specific to what you are spoofing and has an variety of spoof uses. Exploit is general across all firewalls and works specifically to defeat them.

I don't see any problem using Exploit in this manner. Especially since its an extended test and could take longer then a Sniff+Spoof if the program rating and skills are low.

Not to mention, Spoof and Exploit give you different kinds of access to a system. If you spoof something specific, you gain the access of that specific thing. If you exploit, you gain whatever access you can create for yourself without the system realizing it shouldn't let you do that.

I can see handwaving decryption. Quantum computers might even make such brute forcing possible. Maybe.

Spamming a node with random IP's?

Assuming ipv6 and using x-rays at the very highest frequency range as a transmission medium and only transmitting enough bits for the IP address, none of the rest of the header.

2*10^21 seconds to get through all of them.

I think that's about 63 Trillion years. (I'm sure someone will correct that for me, but that's a good ballpark)

You can't just handwave that. You have to try them all until you get the right one.

No.

You have to scan for sample packets and then spoof your packets with that 'discovered' address.

The universe will be long gone before you stumble upon it by random chance.

Sure, but like all good programs you can make it smarter then that. Otherwise there would be no difference between a powerful rating 6 Exploit program and a simple rating 1. Same goes for a sniffer and a spoofer. If you have a stupid sniffer, it will take longer to sort through the data available. There are probably vast swaths of the 63 trillion years worth of possibilities you can discount reliably by asking a few simple questions. Even more by doing a little more work with available statistical analysis. Hell, it would probably take a lot of the passive headers your own comm is receiving and start with those, essentially Spoofing but without all the information.

Also, with regards to hand-waving the decryption vs. encryption, technically it should be possible to encrypt something so largly and so thoroughly that it would take a very fast computer 63 trillion years to cycle all the possibilities...but then thats why the devs described 2070's decryption algorithms as being not only fast but powerful. Powerful, in the software industry, generally meaning robust, smart, and efficient. It is my opinion that it would be very easy and practical to extend this 'hand waving'. Especially since, in game terms, using either method doesn't necessarily result in a timing difference and both give access to a node in different ways (if its an admin you're spoofing, you get admin access...no such instant possibility through exploiting, from which you must work from the ground floor up to get admin).

The game isn't a simulation. Its nice to have a good injection of realism to keep us grounded from time to time, but its set 62 years in the future where magic exists. There is a certain suspension of disbelief that players and GMs alike must accept while playing. This is one of the things I would think to be really easy to accept. I mean, wired reflexes? Essence? Magic? And then there is using Exploit to get past a firewall without spoofing. Its practically the description of an exploit program.

Sorry, you want to suspend belief in the straight forward and relatively trivial method that does work?

All so you can choose to suspend disbelief in a method that doesn't and never will.!?

See, Encryption needs to be handwaved because otherwise it cannot be broken.

Brute forcing IP filtering does not because Scan/Sniffer/Spoof already does that job very effectively.

Quantum computers are theoretically capable of factoring arbitrarily large Primes in a single 'clock cycle.' There is no equivalent 'theoretical' technology that will permit you to achieve such a Sisyphean task as brute forcing an ipv6 address let alone a 2070 ipvn address.

You'll note that your proposed solution here was to sniff a few packets and use the addresses in the headers as a short list to 'brute force'.

So, basically, what I said in the first place. Except without the added step of pin-pointing the correct one before you try every key you have in the lock.

I fear you've watched to many movies where the 'heroes' plug some black box in and it runs through all the possible passwords till it hits the right one.

Only a moron writes software that you can crack passwords like that. Three strikes and your out pal.

Alert, Alert, initialising Trace and IC countermeasures, zap, arghh, hissss, thud.