I apologize. I did a quick search for this topic, but didn't find it quickly enough.

When exactly do you need to spoof a command? If you hack into the Rigger's commlink that has all his drones subscribed to, can't you issue commands from his commlink without spoofing? If you are trying to issue commands from your own commlink, after you hacked into the drone itself, do you need to spoof a command, or are you in complete control of the drone at that point?

It sounds to me that when a rigger (for instance) issues a command to a drone (for instance) he already has access to, the Access ID is checked, but it's glossed over in the course of roleplaying. If the opposing team's hacker (for instance) wants to issue a command to the drone, he can do so if he is in mutual signal range and has located the drone's node. But, does he have to hack the drone itself, or is it enough to simple send a "message" to the drone with the command and the legit access ID?

Am I thinking of this right?

The Dread Polack

Spoofing commands is for when you have NOT hacked the rigger's node nor the drone itself. You merely send a command that appears (to the drone) to have come from the hacker. If you want to send another command, you spoof another command. You need to successfully analyze the riggers node (so you can pretend to be it) and also I believe you need to decrypt the signal.

Use Spoofing when you CBA to hack the drone, but first Analyse the controlling Persona to get his Access ID. Each Command issued requires a separate Spoof. If you hack the drone, you can command it as though it were your own.

you can also use spoof to tell agents and IC to go away. (which is convenient when you CBA to hack a security or higher clearance, etc.)

Spoofing is something my hackers rarely have to use. The only time I did have to use it was when I was running up against Knight Errant Sec forces. All of their drones were slaved through a master K-E nodse. But there was no way I wanted to hack that. So I set a sniffer waiting for someone to log in with security access, took his comm code and decrypted his logs. It didn't give me passwords or anything, just allowed me to mock up "being him". Then I could try to give the server a command from "his" comm, which would relay to the drones.

It worked a few times, then we got shot up...K-E are a bunch of dicks.

Spoofing is exceptionally useful for hackers in real world combat. Its much faster (and usually safer) to Spoof a mook's gun or cyber eyes than to hack them, even OTF. The yield isn't as high, obviously, but if you just need to disable the mook long enough for your sam to take them out, than Spoofing is great.

Ok then. Two follow-up questions:

1) I assume then, that you must detect the node of the device you're commanding? In the case of drones, I imagine this is usually hidden.

2) In order to get the access ID, don't you have to have access to one of the nodes? That generally means hacking, right? In CollateralDynamo's example above- how did you get the access ID ("intercept traffic" pg 230 4E- anniversary edition) from the master K-E node? Did you hack one of the mook's commlinks and get it there?

Thanks for the help, guys, I think I'm getting it. I've actually been playing for years, but never as a hacker, and I just started GMing.

-The Dread Polack

I'm away from books right now, but I'll see if I can help via memory.

1) Well that depends on the methods of data transference. You might need to find the hidden node a hit it with a tight beam signal giving it the command if that is what it is programmed to expect. However, as wireless data is everywhere, as long as you have discovered the right encryption method, you should just be able to send out a spoofed command on the right channel while physically near the device you want to command. The hidden node will pick up the message and act on it without you even finding it.

2) Somebody's comm access ID, iirc, is something that is low security level in access. In my example, a hacked user account on somebody's comm was enough to get the access ID required. Since we didn't want to get caught, I quickly sealed up the user account and scrubbed any thought of my interference in the log. Since we could go with a "slow hack" and gaining someone's access ID isn't even a required action, you are damn near impossible to detect. Then you have the access ID, and can try to spoof admin level commands from that node, simply because you were a user on it for two seconds some time ago.

That is my recollection of spoofing law.

If its a mook, isn't easier to just shoot them?

I have three TMs at my table and they have found its easier to shoot a mook than to waste the time finding his nodes and hacking them.

Technically, one of them AXES the mooks... so I guess he does hack them...

BlueMax

Haha, well...it could be easier to go the murder route. But dead people who have security access will generally be missed in under a 24 hour time frame. So once you commit that crime you are racing the clock.

Also, in my example. Since you have a drone slaved to a non-hidden (but highly secure) node. You can sniff the non-hidden node for user traffic. This means you can figure out who is using the non-hidden node without ever actually meeting with any of the mooks in the meat. You don't have to waste time actually figuring out who they are and meeting them. In that specific case, I could see it being better just to go the hacking route. And don't forget, for every properly executed assassination there is an equally improperly executed assassination.

Also, my hacker is intensely squeamish and is only willing to shoot at someone if it is over trid display (i.e. he is jumped into a drone) even then, he is against killing as anything other then a last resort...so not really an option.

Might be. Generally though hackers should be better at Spoofing then they are at shooting. Plus you can Spoof from behind cover without exposing yourself to direct or suppressive fire and a hacker should definitely be better at Spoofing than soaking damage. Its all very situationally dependent tho.

Not necessarily. If it is obvious who is controlling the drone you can just get their Access ID and then transmit new commands. Even if the drone is "Hiding" from queries by your Access ID, it is still actively "Listening" for commands from the riggers Access ID.

Also, if you have good reason to suspect the presence of a Hidden node (like say, a drone's) you only need 4 hits to detect it. Finding hidden nodes is only really difficult if you are just randomly searching for hidden nodes in a sea of wireless traffic.

No. The Access ID is what gives the node a presence in the Matrix, and a node has to transmit its Access ID in order to be connected to the Matrix. Its part of the machine language that is required for the node to send and receive data, otherwise things would get mis-routed. You *do* have to detect a node first if it is Hidden and/or decrypt a node if it is encrypted, but baring those security measures the node has to give up its Access ID. The only exception to this is a node which has its wireless disabled. In such cases you cannot detect the node at all (and it doesn't really need an Access ID except maybe for communication between PAN devices).

Couple thoughts to add...

First, remember that Spoofing can be tricky to set up. If a Drone Rigger is controlling it in VR, the drone will give him priority and likely completely ignore external commands. If the drone is running completely autonomous - that is, running its script without outside help - then you won't be able to swipe an ID from the traffic, as it's not communicating with base. However, if you stay quiet and wait for your chance, you'll eventually catch the Admin checking in...and then you know what his traffic looks like.

As somebody mentioned, you could always hack the Admin's node directly and steal the access ID while you're in there...but at that point you're basically stealing the stereo out of a car you've already jacked. Spoofing is for situations where you don't have Admin access, but still want to bring your skills into play.

I don't know if I'd bother trying to spoof cyberware and smartweapons, since most of those will be skinlinked or otherwise hardwired. However, drones, vehicles and security systems are all prime targets. If the site's admin is sloppy, you may even be able to send commands to change the valid admin IDs, locking the admin out and giving you full access. I wouldn't expect the GM to let that become a habit; there are some simple steps that a thorough admin could take to lock it down - but come on: it only has to work once and your party will think you're a god.

Method,
What role do you for Spoofing if the enemy slaves items?

Thanks for you POV on the spoof vs shoot debate.

BlueMax

Ah, this is something that didn't occur to me. I assumed that to send data, such as a message or command, you need to designate a recipient. How do you spoof a command to a specific drone if it's not sent directly to it's node or commcode? I assume that a rigger has a list of subscribed drones listed by some sort of designation, like "DAL-234" or "Jimmy". Just because you see the Dalmation doesn't mean you can simply send out a spoofed command into the airwaves and expect it to listen, can you?



CollateralDynamo said he "set a sniffer waiting for someone to log in with security access, took his comm code and decrypted his logs." This sounds to me like an Intercept Traffic action, which, according to the book "To do this, you must have access to a node through which all of the traffic passes." That means you'd have to hack into one of the commlinks or drones (I assume a user account will do). In order to Spoof a command, "You must have an access ID from which the target accepts commands (usually by making a Matrix Perception test on the authorized source or by tracing its icon)." Which requires, in CollateralDynamo's case, hacking the master K-E node or another node it is currently logged onto and tracing it back. He also said "comm code" and not "access ID" which are actually 2 different things. Maybe he meant access ID. To spoof a command, you need an authorized access ID- a comm code won't do.

Pg. 223 of SR4, anniversary editions says that "Your persona also bears your access ID." This says to me that even if you're logged onto the rigger's commlink, any commands coming from you are still coming from your persona, not the authorized rigger's persona. The access ID is associated with the persona, not the node. However page 232, under Spoof Command, says "You send a command to a device or agent, pretending it is from an authorized source." Does source mean node, or persona, in this case?

If you've hacked the rigger's Commlink, spoofing might be unnecessary as long as you're still logged onto his commlink, but I can see situations where you don't want to stick around in his commlink, and having rolled a matrix perception check and recorded his access ID, you can then log off and use his access ID from your own commlink to spoof commands to his drones. I think you'd still need to specify what drone you're issuing a command to, however, and so you'd need to either detect it's node or also copied down it's comm code from the Rigger's subscription list.

I hope I'm not being a huge pain about this, but this one is really killing my brain. I'm either missing something or this is just another one of those vague areas I might have to make a GM call on. Thanks again for the help.

-The Dread Polack

Spoofing, SR4A, 236: You can also use the Capture Wireless Traffic action to find legitimate orders and then Trace the communication back to its source, which will net you the access ID.

Capture Wireless Signal (Sniffer), SR4A, 229:You eavesdrop on wireless traffic going to and from a device. You must be within the device’s Signal range to capture the traffic

The section you're looking at is primarily for intercepting traffic over the Matrix - wireless signals don't require you have access to a connected node - or rather, whatever you're using to listen to the signals becomes that node.

Unwired states quite clearly that Slaving gives no protection from Spoofing. If you have the master's Access ID the slave will still think the command came from the master.

Mike is right. A Martix-enabled device operates in multiple hardware/software/network modalities. The difference here is between what I think of as "meshed routing" (which utilizes the Matrix) and "direct wireless transmission" (which is more like Bluetooth). The "Intercept Traffic" action is specific to Matrix traffic which undergoes data parceling and meshed routing, thus you have to be active in the sending or receiving node as these are the only places where the data is whole. But "Capturing Wireless Signals" only requires you to be within signal range of the sending or receiving node.

It doesn't make a lot of sense, but thats how the rules are written.

Someone came close to saying this.

But a drone which is being actively RIGGED cannot be spoofed. It won't accept any commands or remote control operations until you forcibly evict the rigger from the node.


Just being in full VR doesn't meet this threshhold. The rigger could be in full VR controlling the drone via a command/remote control interface. But if he's actively rigging the drone (which anyone in VR can do if I understand it properly... just people w/ control rigs get a +2 die bonus now), that takes priority over everything. Then you need to hack your way into either his commlink or drone node and attack him.

Nice thing about that is, the guy can only rig one drone at a time. If the site's spider is busy making sure you don't swipe his patrol drone, he might not notice the nice men with the shiny guns hopping the fence on the other side of the compound. Even if he's not distracted, once you know where he is, you also know where he ain't - hit there, and hit fast.

Okay, that's what I was missing. I had merged "Capture Wireless Signal" and "Intercept Traffic" together in my head. Now it all makes sense

Thanks guys.

-The Dread Polack

Yeah, I tried to convince my guys of this but they preferred to track to the main node on occasions where the meat wasn't just going to kill the owner.


BlueMax