I need a bit of info on drones. How do I beef up my drone's defenses to hacking? I assume that all drones are Rating 3 devices. As of SR4A does that mean that we can only raise their signals and responses up by +2 to a max of 5? And do any drones start with device Rating 4 (ie Security Drones)?

Can someone give me a step by step example of maxing out a Doberman or an Optic-X?

And if you could go that extra step with an example illustrating a hacking attack on a drone that'd be awesome.

Thanks gang

For the first two questions, "commercial" drones are divice rating 3. Any security drones would be device rating 4, and military drones would be device rating 5.

As of SR4A, you can modify them to +2 on their various matrix attributes before needing to install a special modification (See the PDF erratta/update document). However, unlike a commlink, there are tons of other things you would probably rather spend a modification slot on.

Besides, if you are resourceful, drones are not all that hard to acquire...

Usually I toss a better comlink on the drones I've put some effort upgrading, using the drones own commlink(using direct link between the 2 devices) to hitch onto the gateway commlink. Allows me to run autosofts on the drone and defenses on the gateway without the 2 suites reducing the overall response of each node.

From there I'll be running massive encryption (minimum 1 hour encryption on the nodes) and dynamic encryption on the links.

For the links if possible get a rating 6 unusual communication as well so the network remains much harder to find.

Really the longer it takes them to find you and the longer it takes them to do something usable with your network, the more likely you'll find them on your network before they do anything nasty.
Other tricks might be to use directional signals or laser connections to reduce the chance of being located/having your signal intercepted. They just have other problems that you'll need to plan for.

Ok Let's look at the Doberman:

Security Drone = Device Rating 4

Response 6 Module = 8,000 or 4,000 (If you do the Hardware build yourself via Parts)
Signal 6 Module = 3,000 or 1,500 (Again if you do the Hardware build yourself via Parts)
Pilot 6 Program = 15,000 for Legal or 1,500 for Pirated which will degrade every 2 months and cost 150 per 2 months to maintain (If your GM uses the Unwired rules.)
Firewall 6 Program = 3,000 or 300 for Pirated with 2 month patching up keep of 30

Adaptability Autosoft with Ergonomic Option Rating 3 (Max Rating for Program) = 1,600 or again 160

Ok if you want to make it harder for them to Hack your drone getting a IC agent with a Analyze program. Also get Encryption program as well. If you want to make it harder to hack just slave it to your comlink and then script the drone not to accept unslave command without a physical (Fiber Optic) connection to drone.

I'll just show you your dicepools and the hacker stat roll combo, for Hacking or Spoofing your drone

First Hacker must find your signal for your Hidden mode Drone....Assuming he does not have the Access ID already. This is scenario of a Hacker seeing a drone and attacking it with no intel ahead of time.

Assumptions being made:

-You have Admin access only accounts on your comlink and Drones (no reason for any others)
-Using SR4A rules.
-Assuming you devices are all running Analyze programs
-IC Agent only accepts commands from Physical connections from Admin User.


For Spoofing Commands (Note a Jumped in Drone can not be Spoofed since Rigger in complete control):

1) Hacker Rolls "Detect Hidden Node" Complex Action = Electronic Warfare + Scan Program Test (4) (This is if the Hacker can see the Drone visually or know its current location.)

2) Hacker Rolls "Capture Wireless Signal" Complex Action = Electronic Warfare + Sniffer (3)

3) Hacker Rolls "Initiate Cryptanalysis" Complex Action = At the end of each Combat Turn the Hacker Rolls Electronic Warfare + Decrypt (encryption rating x 2, 1 Combat Turn) Extended Test. Till he breaks your encryption.

4) Wait for Hacker Comlink to decrypt Traffic....2-4 Turns later....Move to step 5

5) Hacker Rolls "Trace User" Complex Action = Computer + Track (10 + any Stealth Program Running on your Comlink, Complex Action) Extended Test to get Access ID of Your Comlink.

6) Hacker Rolls "Spoof Command" Complex Action = Hacking + Spoof Vs. Drone's Pilot + Firewall (+ Adaptability Autosoft and/or Fuzzy Logic Mod in Arsenal) Since you are Running Admin accounts on Drones Hacker takes a -6 Dice pool modifier.

To Hack into and steal Drone without above mentioned Slaving:

1) Hacker Rolls "Detect Hidden Node" Complex Action = Electronic Warfare + Scan Program Test (4) (This is if the Hacker can see the Drone visually or know its current location.)

2)Hacker Rolls "Hacking on the Fly" Complex Action = Hacking + Exploit (target’s Firewall + admin account increase it by +6, Complex Action) Extended Test. Every Time Hacker rolls you roll Analyze + Firewall (hacker’s Stealth) Extended Test. If you see Hacker before he hacks in...Launch IC with Attack program to attack Hacker's Icon.

3)Hacker wins Drone becomes his since all he has to do is log you off.

4)Resident IC program running Analyze can roll "Observe In Detail" Simple Action = IC Rating + Analyze Vs. Hacking + Stealth, Resident IC program can do this roll 2 times for every IP....so that's 6 times per Combat Turn.

5)When IC wins attack Hacker....or Terminate Connection or other nasty things....once Hacker gone you can log back in as you can have IC reset your account access when Hacker is booted.

I think that covers some of it. Let me know if I messed anything up folks or missed anything.

Most of the time its just easier for the GM to shot your drone....sometimes its quicker!

Excellent work; thanks for taking the time Jackal. My rigger pally is going to love this info.

There is nothing specifically in the RAW that permit such a configuration: whether a device can differentiate between "physical" and "wireless" connections. It would entirely be up to your GM whether such a set-up is possible or not. While you're arguing for it, remember: what's good for the goose is good for the gander. If you want to have "unstealable" drones, then your opposition most certainly has them as well.

If it were my game, I would say that an Admin account is an Admin account. If you (as the Rigger) have Subscribed the drone to your Commlink, then your persona is already in the drone's node. If the intruding Hacker triggers an Alert while hacking the drone (a virtual certainty if they have to get an Admin account), you will be in the node ready to defend it. With two users with Admin Access in the same node, I would have them make Opposed Tests to get the drone's system to do what they want, to see who could get the drone to "listen" to them at that moment in time.


Slight change here. The Stealth program on the target's commlink is a dice pool modifier to the user initiating the Trace, not a Threshold modifier:

5) Hacker Rolls "Trace User" Complex Action = Computer + Track - (your stealth program rating) (10, Complex Action) Extended Test.

Only the Redirect Trace action increases the Threshold. However, that action can only be done from the Node where the Trace is being initiated, so its not much use in this situation since you would need to be in the intruding Hacker's commlink (not likely).

Jackal or Malachi, since both of you seem to have a solid grasp on this aspect of the game let me ask you a follow-up question:

What if the Rigger in question was actually a Technomancer (Dronomancer more specifically); what changes, if any, would the person trying to steal the drone face then? Conversely, what if the 'drone thief' was the TM; would there be any changes?

Ah, excellent question Caadium.

As far as subscriptions and Access Accounts and such go, the rules are unchanged for a TM. The TM can (and often will) have Admin Access to the drone and can have it Slaved to his PAN ("Biological Node"). TM's do have an Access ID that can be located with a Trace User action and can be Spoofed by an intruding Hacker to send commands to the drone, or to hack into it even though it is Slaved. (If you Spoof the "master" node's Access ID you can hack into any nodes Slaved to it since the Slaved nodes think that you are their "master.")

The difference comes with the nature of the TM's Biological Node. Although the TM appears to have a Persona originating from a Node, standard Matrix equipment will not recognize it. In the previous example, an intruding Hacker can trace the Drone's connection back to the Rigger's Commlink, then hack the Rigger's Commlink to gain control of the entire network at its source. This is not possible for a TM. The TM's "biological node" is immune to hacking by traditional Matrix equipment. When a standard hacker attempts to gain access to a TM's biological node they'll probably get some really bizarre error.

"Cannot find node port connection protocols? What the frag?"

This is the "freaky cool" aspect of TM's. They aren't using some piece of gear to interface with the Matrix, they're just there.

OTOH, another TM because they operate on the same Resonance "wavelength" as other TM's can hack another TM's biological node just as if it were any other Matrix node. The only catch is that you cannot do the slow "probe for weakness" on a TM's biological node, and you must get Admin Access (does your brain really have any other access level?). While "in" the biological node another TM (or Sprite for that matter) can:
* access slaved devices
* edit subscriptions (like to drones)
* intercept traffic in and out
* crash the node

All of this is covered on pp. 135-136 of Unwired, under "Hacking the Biological Node."

If the intruder is a TM and the Rigger is using standard Matrix equipment, there are absolutely no rule changes. The intruding TM can Spoof or Hack the drones exactly as Jackal lays out.

My question was actually based on how the living persona aspect comes into play. Let me see if I have it straight, in the simplified form.

The drones of a TM can be hacked directly just like any other hacker/rigger's drones. There are no changes because you are going after the hardware, and not the living persona.

The living persona only protects the drones from outside hacking (not counting other TM or sprites that is) if the attacker attempts to take control of the entire network instead of one drone directly.

That is about how I thought it would all work, but I was just looking for clarification. Now, to take this one step further, what happens if someone attempts to hack a drone with a TM, or sprite for that matter, using it in Captain's Chair mode?

From Unwired p55


The above would have no real meaning without saying this:


Since a simple spoofed command of "slave to Access ID such and such" would give you the drone on a silver plater. Once you agree that's possible then picking port of wired vs. wireless drops out for scripting.

That stat in the terminate connection that you are closing a port the hacker is attempting to use to access the device. Well in with slave Nodes it can tell if its being hacked by wireless or wired...since it would just forward wireless to the master node. Port 1 is wired datajack....Port 2 master node 3-1000+ is wireless forwarded to Master node.....Since scripting is per RAW a way to limit actions your "dog brain" programs can do its reasonable to be able to differentate ports for commands. Remember the more limits put on your machines the more restricted the use is.

I know good for the geese is good for the gander...I am prefectly fine with that...but it sure does limit what corporate spiders can do with their drones...since they have more then one guy working them. But for single folks running personal drones and such...this makes a lot of sense to operate like this.

Besides Spoof still works just fine and without proper defense against it...its almost as good as hacking control.