I would like to use agents or IC to protect my drones from hacking attempts. If the agent and all the programs it's using are running on the drone's node however, it counts for the drone's processor limit and will likely reduce its response (especially if the drone is using some autosofts to act on its own).

What if I use one or more separate commlinks that are fully loaded with agents that "assist my persona" instead of "acting independently" and establish an AR connection from each of those commlinks to all my drones? Technically, I would have all of those agents in each drone's node, without affecting the drone's response. I would not control those AR connections, simply order all agents to permanently scan each drone's node for intruders and attack them. The only program loaded in those commlinks' personas would be Stealth, in order to hide the defenseless personas (since I'm not monitoring those connections at all) while my agents do the job. I don't even need to carry those commlinks with me, they could be hidden at different places around Seattle to confuse anybody trying to track my physical location. Finally, the agents could run at their full rating without the need to boost the drones' matrix attributes, which would save a lot of nuyen and at least compensate somewhat for the additional commlinks' and agents' costs.

Would that work?

Sure, it would work. The only downside I can think of is if many of your drones get attacked at the same time, you won't be able to defend them all (well) at the same time. Also, if a hacker did his homeword and sicovered this topography, it would be very easy to knock out the defending node beforehand, then take over the drones leisurely.

Still, IMO, the downsides are acceptable for the amount of cash you'd save.

Ok, thanks.



Well I can live with that. It's still unlikely to happen, and anyway the aim is not to make an impenetrable defense.



Indeed. I could use this system to defend the commlinks' nodes too though, which would then benefit from the exact same protection as the drones.



Not only am I potentially saving cash (I didn't verify), but I can have a lot more agents in each drone's node than that node could possibly support by itself. It all comes down to the number of agents that can run per commlink and the nodes' subscription limits.

I'll be the first to admit that the Matrix is not my forte as a GM, but what if you were to slave all those commlinks to your main comm? Then each slaved comm can run an agent that defends a drone's node remotely, but any attempts to hack the slaved comms will bump the attacker up to your main comm to deal with you, right?

{edit} Or couldn't you slave all the drone's nodes to a single commlink that is loaded with IC?

===== SUBSCRIPTIONS
A node can have ( System Rating * 2 )in subscriptions
Slaves each require a subscription [Unwired, pg204]
Slaves nodes may only be subscribed to the master node and thats it. [Unwired, pg55]
To access a node requires a subscription. [Unwired, pg204]

This means each slaved node eats up a subscription on the master node. A matrix connection uses an additional subscription. Each drone is its own node also requiring a subscription.

Thats a lot of subscriptions if you want to have 5 agents in 5 drones you'd need 10 subscriptions to have the drones subscribed and one agent covering each. If you want to get to the matrix thats an 11th subscription.

===== PAYLOAD
Note the payload section in SR4A, pg234. Programs on agents count against the processor limit of the node. This means a loaded-to-bear agent with 5 ergonomic programs and 6 regular programs is going to fill a response-6 node. The way around it is Sprites. They ignore Response being Resonance-based creatures/constructs.


===== SUMMARY
All in all you're better off with a talented hacker or high-rating fault sprite to guard the slaved network.

...and don't forget, in "Jumped In" mode you cannot have your drone hijacked. It can be intruded on but the intruder is powerless to tell your drone what to do.

Would maxing out the connections on all your drones personal node assist in preventing intrusion?

No, because you can exceed the Subscription Limit by RAW... it just starts to degrade your respnse, just as using excessive programs does...

Source?

AFAIK if the rigger can access the matrix and his drones and YOU can access the matrix you're subscriptions are already set. Use the matrix as your vector in. If not, shoot down a drone, repair/juryrig the commlink portion of the drone and use a hardwire through that subscription as your vector in. Maxing subscriptions means introducing vectors and you just need to see how to take advantage of those extra ways in!

If you want to prevent intrusion tell the drones what to do then instruct an agent inside it to turn off the wireless for 6sec. Then one combat turn later it will be back on the wireless and you can issue one more instruction then kill wireless again, etc. Limiting ALL access is a pretty good way to limit the chance of getting hacked.

Unwired... Page 55 under the Topic of Subscriptions...

My hero!!!
(I honestly never knew that... thanks for the page ref sir!)

Your Welcome...
Always willing to be of service...

I've been using this trick for a while. I use a rack of cheap nexuses (Response 3) in a safehouse somewhere running cracked copies of Firewall and System 6. I find the sweet spot is a Processor Limit of 15. Set up one nexus with all the others and your drones slaved to it and all the other Nexuses have room for 2 Agents/IC each.

Any incoming hacker has to penetrate the main Node before anything else and it is swarming with IC. Give it strong encryption and perform rolling encryption on your wireless signals and you are pretty much air-tight.

You've lost me with these "vectors." You didn't quote anybody, so I don't know what you're responding to.



This is flagrant metagaming and won't fly on anyone's table, sorry. Issuing orders isn't an instant of thought followed by exactly six seconds of thumb-twiddling. It's constant adjustments via your command panel to react to the situation at hand. We just resolve the results every six seconds or so for simplicity.

... are you sure of that? I'm pretty sure when you issue an order, such as "kill target X which is designated" the pilot/dog brain runs off to do it. I don't see a reason why you can't put into the Pilot's script (don't even need an Agent) "Recieve order, disable wireless for 6 seconds, then reactivate."

You could do that if you trusted your GM not to screw you in the two and a half combat rounds that your drone was completely beyond your control.

Heck in that time even my Melee Phys Ad could have hacked your drone and sent it back to blow you into tiny little chunks....

Setting up a script to tell the drone to "Go do X, and shut down wireless while doing X (unless other pre-defined circumstances (things you know it won't be able to handle without oversight/back-up, things its programming doesn't cover, etc) come up before it finishes its assignment)" is fine. Similarly, having the Drone's wireless connection blinking in and out so that it's only open to having signals sent to it every other turn is fine (though it seems a bit odd to do it that way). What it sounds like you're wanting, however, is "my drone only has wireless enabled for the portion of a combat round in which I am acting and is disabled whenever it's anyone else's turn," which doesn't work, since most/all of the difference in order of actions represented by initiative is an abstraction.

Think shoot-outs in old Westerns. Both gunslingers move to draw and shoot the other at (roughly) the same time, but one of them is slightly faster and manages to shoot their opponent before they can get a shot off. That's what the difference in initiative is intended to represent, even if at the table it looks more like the other players sitting on their hands waiting for the Street Samurai to finish his/her action.

"Why did you let him hit you?"

"It was his turn!"

~Press Start (the Movie)

Some Defensive measures I've Thought to use:

Giving drones a hefty comlink to run a number of defensive programs.
This gives the drone plenty of space to run its autosofts behind the defensive node. They would be directly connected so as to avoid any means to bypass.

Since the drones are being slaved to the riggers link, they can send their access log onto riggers comlink/nexus.

24 hour full encyption on all nodes.
Dynamic encryption on all links.

Obviously running in hidden mode, but add in rating 6 non-standard wireless link.

I'd consider a botnet full of agents and IC on the riggers node, and moving around the network hunting for others.

Feel free to poke holes in these ideas.

The dog brain follows the orders. If the interval being 6sec bothers you change it to 10, 15, or whatever you like. I try to use multiples of six seconds to make it simpler to have it turn back on. You could also tell it to turn back on after 6 increments of a variable with +1 per long burst fired, +2 per 10 rounds of full auto fired, +1 per 2sec spent aiming and bog it down as much as you like. I've used the timed-wireless-off before and its not for the meek of heart. Imagine if your favorite honey comes out of a club panicking from a firefight and your drone kills her dead as shit because you had no way to tell it to stop.

And yes, I can twiddle my thumbs in combat as my drone's dog brain acts. I spend a lot of time along with the multiprocessing echo doing nothing but updating the tactical AR and e-sensing opponents thankyouverymuch.

Well...
Using Strong Encryption (24 Hour) and Dynamic Encryption would remove the abilities of the Hacker Completely, which would completely eliminate the utility of any Hacker types (includiong Technomancers)... These schema make sense in the real world, but have no real place in a game that makes these archtypes useful... Implementation kills the archtypes...

Instead, Slave all nodes to communications nodes that are controlled... slap on High rating Encryption, and high rating Data bombs on all access points and then utilize patrolling IC for defense... You will still probably get hacked, but it WILL slow them down greatly, and may even manage to keep your nodes somewhat clean... keep in mind that all nodes are in a perpetual state of being hacked in the world of 2072, with viral advertising, surveillance, etc.

Just my preference though, as this allows the hacker to still be useful (though challenged)... resetting the decryption test to 1 roll per day will destroy the capabilities of hackers/technomancerssuch that you will need new characters for those players...

Seems counterproductive to me...

Couldn't they attempt to attack the encrypt program directly?

If this is your first account here Tengu, then congratulations and welcome.

Back to the topic at hand. I meant what I said litterally. The poster I was responding to said it was metagaming. I say it's not, for the reasons myself and other people have stated.

However, to answer your point, yes, I'm sure you could set up a really bitznitchy script that turns itself on and off at "random" intervals, in a pattern that only you (and anyone else who has ever take a standardized test before) can figure out. If I act before everyone else... wait, upon re-reading your example, you appear to be agreeing with me. Faster is faster. If you can shoot the other guy before he can shoot you, then you can give your drone an order then shut the wireless off.

To directly attack a program , they must BE IN THE NODE... until they actually crack the node, then no, all they could do is decrypt it... and honestly, once decrypted, why bother bringing down the Encryption, just reboot the system, everything will go down with it...

Telion, commlinks on drones are important but their need can be mitigated with program options. Check out the Ergonomic and Optimization-3 program options in Unwired. [pages 114-115]. Notes that you could also have a third option if its a rating 6 program.

When using a drone that comes with a weapon mount it counts as a security drone in the opinion of most (if not all) GM's. This means its commlink is 4/4/4/4
Load qty4 rating-6 ergonomic programs and qty8 non-ergonomic programs and you've got 12 programs running. The node then suffers a -1 for being overloaded. With Optimization-3 your 12 modded programs still all run at rating 6 and intruders without Optimization for their programs suffer.

Buying program options for every program is tedious [Do you get your Databomb with Pavlov or Optimization... decisions, decisions!] but they work pretty well. Just a thought to add to your list of ideas, sir!

Pavlov, definitely. "Hello, daddy, hello mom, I'm your d- d- d- d- d- ... DATA BOMB!"

For Data Bombs, Pavlov is definitely my favorite...

Thanks for the welcome. And sorry, I missed the change in users between your question of why it was/could be metagaming and the original suggestion.

Whether it's metagaming or not depends on how it's being handled. A rigger with quick reflexes on these things being able to shut down their drone's wireless before a hacker can get in is fine, roughly equivalent to the prior example of a faster gunslinger being able to shoot the other guy before they can shoot you. If they're fast enough, they might even be able to do that with a reasonable degree of consistancy when the Drone's wireless comes back up to request new orders (though I'd expect that after a couple of iterations of this, the hacker is going to be finding a way to make sure that their slowness in reaching for the enter key isn't going to continue to remain a factor). The problem shows up if the rigger starts trying to use this to insist that there's only a wireless connection during their action. (For a rough parallel here: imagine a gunfight where one of the participants tries to get the maximum benefits from cover while recieving none of the penalties for it by walking from one bit of cover to another and firing on their action - since they started and ended their action behind full cover, their opponents have to deal with that when attempting to shoot back, but since they were out in the open when they actually shot at them, they get none of the associated penalties.)

I say "is too much to ask for both?"

The issue isn't with your actions as described, it's with the idea that you can game the initiative system to be immune to hacking. The world doesn't work like that in-character.

Also, switching wireless on and off, opening and closing connections, giving orders, and shooting things all take actions. Don't have my books with me, so I'm going from memory here:

Switch wireless: simple
Connect to device w/passcode: simple
Give orders: simple
Gunnery: complex

So, let's take an ideal situation. You're sending the drone in to shoot up some guards. You're connected, you have set up action scripts for the drone to follow, and you're in cold sim VR.

Turn 1, IP 1: You tell the drone to "kill wireless, shoot guard, reopen wireless." Drone switches off its wireless (a simple action) and rolls into position (since it can't shoot this pass).
T1 IP2: Drone fills a guard with lead. You twiddle your thumbs, because the drone is cut off.
T2 IP1: Drone switches on its wireless, and waits for orders. You tell the drone to run silent again and shoot the other guard.
T2 IP2: Drone cuts wireless, and takes aim, because it can't shoot this pass. You're back to twiddling.
T3 IP1: Drone shoots. Your knuckles are getting sore.
T3 IP2: Drone comes online again. Lather, rinse, repeat.

You're shooting twice per three turns, and a non-brain-dead hacker can just hold his action to spoof the drone on T2 IP1, when it's waiting for orders. Plus, the drone must be in active mode, because you have to connect to it, so the spider doesn't even have to FIND the node. Your guard dog is saying "hi" to everything.

Drones are, to some extent, similar to Spirits in this regard. You could identify a series of targets that you want eliminated and leave the drone to get on with it while it's wireless is disabled.

However, if the situation changes whilst it is incommunicado it's up to the dog-brain to cope with it. This is bad.

In addition it occurs to me that whilst it is radio silent the drone cannot contribute or benefit from a Tacnet. That's a major, major downside in my opinion.

I've pursued this sort of thinking before in another thread where I postulated that using an Agent to manage a dual-channel comm's approach, where two inter-leaved comm's channels were alternately dropped and re-encrypted, would create a system that could not be cracked under any set of circumstances. It was never possible to decrypt a channel faster than it was re-enrypted.

I was eventually persuaded that this was a bad approach not because it didn't work but because it did.

What's good for the Goose is good for the Gander and un-crackable systems suck all the fun out of Shadowrun.

For this same reason I am leery of actually using Strong Node Encryption in play even though it is perfectly legal according to Unwired.

I opt instead to voluntarily just use Strong File Encryption and Dynamic Signals Encryption although it should be noted that I tend to ignore the 'awareness' restriction on Dynamic Encryption because it's stupid.

I'm still getting up to speed on the SR4 matrix rules, but my instinct would be to stick a nexus loaded with IC in your van and have them patrol your drone network. I'll have to see if that's useful under the rules, but it seems like something that would match the fluff.

Emphasis mine.

Immune to hacking? Yeah, while wireless is off.
Is wireless off a disadvantage in many ways? Yes.

If my hacker is facing a Submerged TM I'll happily tell an agent to switch off wireless for X amount of time and then let the agent use ITS action to turn it back on. I instruct the Agent then to do *whatever* until the drone is back on the Tacnet/TAN.
I never stated it was a win button, merely that while wireless is off wireless cant be used to hack the drone. [and Sprites without a matrix connection disappear as do intruding icons as they visit dumpshock-land involuntarily.]

Not necessarily.

True, a TM shapechanged into an african swallow under the movement power of an air spirit and using the Skinlink echo could, yes, potentially catch a rotodrone and hack in.

[But in all seriousness, we're talking wireless here and if someone can find a way around using wireless more power to them. No plan is foolproof.]

Capsule rounds.

Activator Nanites.

This being the crux of avoiding the pursuit of invincibility on the network...

if you can't break into the network, why not render it useless and jam it. Obviously there's counter measures, but an invincible network may not have funded that form of defense.

It also seems to the double com link idea, you could locate each signal separately then attempt to take down the encryption with the help of others.
1 hacker manages to break the encryption, sends key to others in 1 round. They gain rights and then deal with encyption process again.
Since they already have an account they can shut down the encryption and begin on the rest of the network. This being without IC or spider or anything else that could feasibly go wrong.

I think you are talking about my dual-channel example. Under the assumption that such is the case.

No.

Each channel is re-encrypted at least once every combat turn.

The cryptanalysis action is an extended test with a minimum interval of one combat turn. By the time you get to roll, and you are going to need twelve hits, the scheme you are trying to crack is using different keys and all your effort is wasted.

It is a fundamental problem with the encryption action being faster to perform than the decryption action.

I was, and you are correct. I was just trying to grasp how you were going about it and missed that it was base 1 combat turn instead of a pass for decryption.
Now I know that you can also rush it and make it 1/2 a combat turn with greater risk, but you can swap links and re-encrypt pretty swiftly as well, especially if you have agents assigned to perform that operation.