So I’m a bit board and was toying with an ideal for an all hacker/rigger 6 man shadow team.

I was setting up in an armored (level 20) GMC Hauler w/Trailer (sorry just can’t call it a Zugmaschine). All the upgrades would be defensive in nature to allow it to evade/hide/disable pursuit after the run.

All the riggers would have optical links to a custom nexus located inside the hauler acting as a gateway.

Packed inside the hauler would be 30 drones with a tactical mix of size, weapons, and movement modes and running an extensive tactical network.

Runs would mostly be smash and grabs/hijacks of valuable cargo.

Anyway, I was planning out my subscriptions so that each rigger could backup some of the other riggers plus have control of several drones and I quickly hit my max number of subscriptions.

Then the light bulb came on. If my commlinks, nexus, and drones all have their subscriptions maxed, a hacker can’t subscribe to any of my nodes to attempt to hack in. Kind of like a denial of service attack in reverse.

Combine that with my plan to have all my drones scripted to only accept commands that start with its serial number + a number that corresponds to the next available number on a file that only the nexus and the drone have copies of. (The list would be a very long list of 9 digit random numbers of which each time the drone takes a command the script deletes the number and advances to the next random number.) This type of code is not encryption and is unbreakable without the key.

Only option left for a hacker would be direct attacks. With 6 hackers plus many IC and agents this would be hard to say the least. Any damage to a node would be quickly healed and the attacker would find himself attacked in mass in return.

Would love to hear what you guys think so have fun. I only ask that if you find a flaw, give examples and rules page numbers so I can check it and see how to counter. And also learn more about the game as I’m still a bit of a novice.

You don't need a subscription to hack anyone. Subscription is only required for simsense (or other massive data exchange)



No. You cannot invent unbreakable algorithm. Everything is handled by the hack test. Doesn't matter what fluff you invent for your security method, you do not change the encyption/decryption test.

These two attempt to break the setting premise that hacking is possible and widespread. Effectively, if what you suggest is possible, they everyone would do it with everything and the premise becomes broken. However, since the premise must be true for this to be SR, your suggestions - however plausible - cannot work in the setting.

If you can think about it, then some people whose job it is to think about such things and program new Encrypt/Decrypt program have found it before. The point of the rules as they are isn't to force you to find how to bypass them but to give you a fun setting to play in.

The game wouldn't be fun for the hacker if he couldn't hack anything, and if he can find a way to make his nodes unhackable then it's unlikely that nobody has had the same idea before. So either everybody has unhackable nodes or everybody has hackable nodes...

It would be nice if you could hack things and we could still have Encryption in the game. As it is now, there is no Encryption of note. Only various ratings of ROT13.

Back in the old days, we had to hack the system that had the encryption keys or get them from a person, or find them in a vault. Maybe that was bad game design. I however enjoyed it.

It's still possible with "dramatic encryption" or, in a more limited way, "strong encryption" according to Unwired. To put in simply: a simple signal that'd be better if it was decryptable is decryptable, a very important data that'd be better if it couldn't be decrypted with an encryption program can't.

Unwired p. 55 Actions needing a Subscription-Accessing a node is listed as an action that requires a subscription

Hacking is the action of accessing a node without a passcode (see SR4 p.221 last paragraph under Hacking and Accounts)

There are other things you can do like Crash OS or Spoof Command but these things are done from outside the node.

While checking on this I did happen to see the last sentence of Subscriptions p.55 of Unwired that alowed more subscriptions at the cost of response as if they were programs so I get to shoot myself down on maxed out subscriptions being a block to unwanted access.




The scripting is not and I repeat not encryption. Encryption is the encipherment of information using a code or an algorithm so that someone can intersept a cypher and not be able to read the information. Since the command I would be sending to my drones would have no encryption (or more likely the standard game based encryption) there is nothing for SR4's super advanced decrypt programs to work on. Of course you could spend a complex action and send a spoofed command with an attached random number at the front of it (good luck on trying that a few times). Which you are free to do since you would have already intercepted my wireless signal, detected my ID, found my drone, and spoofed my ID to send it a command. But by then the drone's simple 3 line script (see Unwired p.100 if you don't understand about scripting for mooks, bots, and drone pilots) would have deleted that number and moved to the next valid number.

And as to several other poster's assertion that I have to dumb down logic to play this game, I would ask, what about all of the shadowrun and RL examples of where individuals pulled off huge heists by simply thinking outside the box. Is that not the core of what shadow run is? The shadowrunner giving the finger to "some people whose job it is to think about such things" is the root of this game.

Thinking putside the box != rules manipulation to come out ahead.

Claiming you are hack-proof does not make it so. Here's a simple excercise - run your logic by your GM and see if he sagely nods his head and says "yeah, you're right".

Just because the entire signal isn't blanketed by a code, or comprised of it, doesn't mean this isn't encryption. It just means you've got an encrypted header which needs to be validated before it can move on. It's low grade crypto at that, since it's essentially a message-pad system. Your number can't be randomized at the time of transmission, as the drone would have no idea what number to expect, but rather a copy of the 'pad' would be stored on both drone and nexus. All a hacker would need do is hack the drone and they'd have the list of valid numbers. Pick one and they're in.

Given he's got the drone set up not to accept any incoming commands/transmissions that don't have that number, you'd have to hack the nexus instead. Other than that, your plan is sound.

You are very much correct except for the bit about "encrypted header" once again the word encryption should never enter the conversation. The number would be stored on a "pad" file on both the drone and nexus. The nexus would have the pad for all 30 drones but each drone would have only its pad. Of course once you have hacked the drone as an admin its yours anyway so having that drone's list of codes would be worth about as much as the binery used to code the list.

This is nothing more than System Design and Topology to shape it so that a hacker has less options and is "pushed" to do what I want him to do. The game is full of systems that are hard to crack because of chokepoints, layering, or additional verification systems. If it were not there would be no such a thing as a bank in shadowrun. Any fool with some money to spend on a commlink and some programs could raid the bank if it was just that simple.

part of hacking is getting in when you shouldn't be able to. the drone is ALREADY set up by default to not take orders from joe schmoe on the street. that doesn't mean it's hackproof. if you can get it to analyze the header, then you've gotten it to read data. if you've gotten it to read something, there's potential for that something to be used in hacking the drone.

it has already been said: if you can make things unhackable, then nothing is hackable and you may as well just pack up your bags and go home, because you aren't playing shadowrun.

he can slave the drones, but if anyone gets his AID then they can command the drones. period. you can encrypt your signal so that they have to decrypt it to get your AID, which will slow them down, but you cannot make it unhackable, or else 5 minutes into the game someone discovers your unhackable technique, and 10 minutes later no one has a hackable node and your decker team are completely useless lumps of metahuman flesh.

it's a game, stop trying to interpret the rules in the worst possible way so that you can then justify your attempts to break the game with statements about how it's in the rules.

A one-time pad cipher is still a cipher. As Digital Heroin pointed out, it's not a very sophisticated cipher, either. And hacking a drone to get its pad is hardly useless; it gives you an entry to the network, and allows you to look like an authorized user when you start talking to the nexus, where you can get the master pad, which gives you control over the whole network. Boom, your "unhackable drone network" just got hacked.

The "pad" on the drone is only used by the drone's script to verify incoming commands, it is not used in any way to send commands to the nexus or other drones so it is not a way into the system.

I don't mind you disagreeing with my style (everyone gets to play the game how they want) but please refrain from making things up out of the blue to attack my plan.

As to everones assertion that putting a script on a drone is encryption please read the book. If I put a script in the drone that said ignore red heads, by your definition that is encryption.

It is not encryption by the definition of the rule book. Also, it is not the classical difinition of cypher (which delt with changing the text of a message by some form of substitution (mechanical, code, mathmatical, etc) but witch still left the coded text/bits that could be analyzed by cryptanalysis for mathmatical patterns).

Further if you would kindly never put something I did not post in quote's. I did not say (and I quote you here where you were falsely quoting me) "unhackable drone network". It does prevent spoofed command and you can quote me on that.

and then 1 packet gets lost and you lose control of your own drone until you hack into it yourself. this will probably happen on a fairly regular basis, given you're dealing with a mesh network comprised of potentially hundreds of moving transmitters, including your drone, all of various strengths, with hundreds of RF signals if not thousands all fighting to be heard. if it transmits and then automatically destroys the old number and replaces it with a new one, that means i just wait until you transmit a command, jam it from your drone, record the number, and then use that to spoof your drone to give me control. how would i represent doing that? well, i'd probably represent it using electronic warfare skill. you know, the one that is basically all about encryption. and it would probably help to have a program designed to break codes (which you are using, after all, whether you call it a code or not)... hmmm.. oh, i don't know, how about decrypt? so it would be an electronic warfare + decrypt to crack your code... oh hey wait, that's identical to decrypting! whaddya know!

of course, to be fair, we need to figure out how hard it is to break the code (and again, it is a code even if it's not fully encrypting the transmission). so we could do something crazy like factoring in the electronic warfare skill of the person who designed these packet headings to make the code look like something other than a code, and oh... i don't know... how about that program that is designed to help design difficult to break codes? what's it called again? oh right... encrypt.

huh. go figure. this is starting to sound an awful lot like just encrypting your connection. imagine that.

The Programs in Shadowrun are meant to be hugely broad and powerful. If you have a Script on a drone that it will only accept orders in latin hexameter (unrhymed), the drone will still obey the hacker who successfully Spoofs a command. I think some discussion of language as a barrier shows up in the admittedly much-despised FAQ, but this is the practical output:

Spoof is the Doctor's psychic paper. If it beats you, the command is accepted as legit.

That is the whole of its function, but it really seems to do just that - it doesn't matter what the command structure is. You can think of a lot of reasons why this ought not to work, like your system, but the game design - and the specific way in which Programs function - mean that, in Shadowrun, hacking offense stomps all over defense.

If my drones are set not to accept commands that don't include a clip of Pirates of Penzance, a Spoofed command will appear in all ways to the duped drone's "mind" to contain the clip. Otherwise, anti-Spoofing protection becomes, as you note, relatively trivial, even with the limits of Shadowrun scripting.

http://en.wikipedia.org/wiki/One-time_pad
It's encryption. Period. You can play word games all day long, but a one-time pad IS encryption. Even if you're only encrypting one character, you're still using encryption to secure your network. Moreover, the drone still has to send data back to the nexus: its position, its condition, what it sees, what it's shooting at, what's shooting at it. Therefore, hacking the drone DOES give a hacker a way into the network: the nexus receives an access request with the correct prefix number and grants it, and the enemy hacker now has the master pad and control of every drone in the network, and you're screwed. I'm not "making things up," I'm doing what you didn't: thinking your idea all the way through.

What it really comes down to is this...

1. Get the best encryption software that you can procure... Obtain or write it if you can...
2. Obtain or write a state of the Art Firewall...
3. Obtain or Write a powerful Databomb and place it on the access node of the Subscription/Drone Interface... if the hacker does not scan for it (they should if they are a true hacker), then they run into it and probably get dumped from the network (possibly even geeked if it is a powerful databomb, and they were in VR)... best possible solution in my opinion...

Note, however, that all of this is only a Speedbump for a hacker... he WILL eventually crack your encryption, break the firewall, and if he is competent, detect and disable the databomb...

Once that is done, he will have his way with your network...

To help stall this, use the above scheme on all access points and drones... it WILL slow them down... It will NOT, however, stop them if they are in any way competent...

On another matter, how long would it take for cops/corps to figure out it's yet again the same team when they notice the huge truck and the drones? Tracking the truck down isn't then that difficult and a big truck is an easy target for some big gun, which corps do have available. 6 man team can get maybe... 1,5mil worth of equipment to keep them safe, but for a megacorp, that's pocket money they can toss against the team. That's why the teams typically in shadowrun are highly mobile and covert for not getting busted or recognized after few runs to be the same group. For some corp assassin group that setting would be ok, but I don't see it as shadowrunners to have a mobile HQ with every egg in the same basket.

But hey, if your GM allows all that stuff and the players (and the GM) understand the possible consequences, go for it. If I would GM that stuff, the hacking "trick" that was heavily allready discussded might be allowed, but expect the equal from the enemies. After all, it's not a completely new & original idea that nobody else has come up with ever before so others would use it, too. So I'd let you pick: you have a perfect protection against all hacking, but so does everyone else, too OR use shadowrun rules for hacking

I'll echo what everyone else has been saying: there is no way to "invent" unbreakable encryption or an "unhackable" or "unspoofable" network. If there was, the thousands of Network Security Specialists working for giant multi-national megacorporations probably would have thought of it by now.

Bottom line:
* Slave your drones to the master Nexus
* Encrypt the subscriptions, each drone's Node, and your Nexus' node
* Stick a big Data Bomb on the Nexus and possibly each of the drones (if you can afford it)
* Get a really good Analyze program and run it on the Nexus, get an Agent or 2 to constantly patrol your Nexus and look for intruders
* Have one of your Hacker/Riggers patrol the Nexus and all your drones, looking for signs of intrusion

This will slow down an intruding Hacker as much as you possibly can. There is no way to keep them out forever. The best you can hope for is to slow their intrusion, then detect them when they finally do get in so you can kick them out. Yes, Shadowrun network security bears very little resemblance to RL network security. It is more fun this way: more Cybercombat and less taking 1.5 million years to decrypt something.

Not to mention, at the implied processing speeds of 2070, your "9 digit random number" could be brute-forced in a time period best described in "seconds with a prefix."

You know what program does this automatically with little to no effort on the part of the hacker? Decrypt.

Basically, your unbreakable code is breakable by the most rudimentary decryption method.

Actually, you can. However, it only works between two infinity machines. ;P

A drone that is "jumped into" can't be spoofed/hijacked at ALL in SR4A. Have 4 'jumped into' gun/surveillance drones and 2 PC's overwatching and hacking and fighting using hardwired weaponry on the hauler.

But that does not meazn that it cannot be hacked... once you are in, you can cause all manner of mayhem to the Jumperd in rigger...

Of course, if you are completely hardwired, then no hacking is possible... But then you will not be hacking/rigging outside of the closed network either...

Actually, there's a 100% guaranteed way to keep drones from getting hacked.

Run 'em by a tether.

I never said it was a particularly practical way...

Definitely Impractical...

Though Hacking the tether point could still give you control of the drone...

You could also turn off your drone's wireles capabilities. It would purely run on its own dog brain and provided list of instructions. Downside is, if you need to change your plan (and frankly when don't you), you are shit out of luck.

Drone Rigging is definitely an art...

Quite right. I later posted "can be intruded on" but did not correct my original post.

Some minds indeed think alike... whether they are great is debatable...

I was wondering...No on mentioned just using EW and jamming the whole dang network. You could do that and still be able to use your stuff provided you have your very own keys and encryption in place to ignore your own jamming. We do it even today.

While this is indeed true, I think that I will let someone else tackle this one...

For one thing, it makes any kind of stealthy approach impossible. In the wireless world of 2070 people tend to notice when all their junk stops working.

True but you are trying to stop a huge truck with all of these drones that are really hard to hack on the fly. They are making noise, so you shut them up. At that point there is no need to stealth. Just take out that truck. Well I guess you could just air strike the damn thing and be done with it. A couple of 500lbs bombs should do the trick.

Seriously though. I have read the Unwired book and sure as a GM he would get away with that once, Maybe even twice in game. Why? Because he put in all of that prep time to come up with a good plan. But after that you would have to expect that the opposition isn't stupid and will come up with counter measures for just such an action. So sure go ahead and do all of that stuff. I will as the GM...BLOW YOU UP!

I have bigger guns
I have more people
And I have a Gamemaster screen
I can cheat if necessary

I added the last line, just so the full context is there.