Suppose you hack a secure military node. You achieve admin rights, despite their impressive firewall.
a) Can you use Admin rights to shut down the firewall?
b) Can you copy their firewall program (which is better than your own)?
How would you handle this/attempts to do this?
Full Version: Software Theft
QUOTE (Ascalaphus @ Jan 14 2010, 10:13 AM) 
Suppose you hack a secure military node. You achieve admin rights, despite their impressive firewall.
a) Can you use Admin rights to shut down the firewall?
b) Can you copy their firewall program (which is better than your own)?
How would you handle this/attempts to do this?
No, and no.
a) Can you use Admin rights to shut down the firewall?
b) Can you copy their firewall program (which is better than your own)?
How would you handle this/attempts to do this?
QUOTE (Ascalaphus @ Jan 14 2010, 10:13 AM)
Suppose you hack a secure military node. You achieve admin rights, despite their impressive firewall.
a) Can you use Admin rights to shut down the firewall?
b) Can you copy their firewall program (which is better than your own)?
How would you handle this/attempts to do this?
a) Can you use Admin rights to shut down the firewall?
b) Can you copy their firewall program (which is better than your own)?
How would you handle this/attempts to do this?
a) Not entirely.
b) Probably not.
If this is a UCAS military node, there will be separation of duties implemented. Therefore you can expect that services on a given node are likely provided by a different node. If the node you broke into is actually the firewall node, then perhaps yes. Otherwise, the firewall is provided by another system which operates independently, and the answer is no. Also note that in these cases, what you're doing is likely being logged by the IDS. Little things like logging on are unlikely to make too much of a splash (although that depends on different conditions - is this a public facing node?) However, shutting off the firewall will make alarms go off all over the place, whether done by a legitimate admin or a decker.
To answer your second question, absolutely not. Even assuming the firewall is entirely software (which it almost certainly isn't), tell me the last time you've successfully copied an entire functional security program between computers without the install CD.
To answer your second question, absolutely not. Even assuming the firewall is entirely software (which it almost certainly isn't), tell me the last time you've successfully copied an entire functional security program between computers without the install CD.
QUOTE (nezumi @ Jan 14 2010, 10:57 AM)
Even assuming the firewall is entirely software (which it almost certainly isn't)...
By RAW, Firewall is a pure software component, which somehow is not limited in rating by either Response or System.
Yours,
Joel
If you have Admin rights then I would assume you have control over the node and as such you can suppress if not shut down the firewall. I don't think you can copy the program (just like you can't copy a program running on your system now). So if you wanted to allow others in yes I would allow you as a GM to turn off the Firewall and allow your hacker buddies to have access but no you couldn't copy the firewall as you don't have access to the source code and as such can't recompile the firewall to work on your system.
QUOTE (hahnsoo @ Jan 14 2010, 04:20 PM)
No, and no.
Why not?
QUOTE (nezumi @ Jan 14 2010, 04:57 PM)
If this is a UCAS military node, there will be separation of duties implemented. Therefore you can expect that services on a given node are likely provided by a different node.
Is this possible under RAW? How does it work?
QUOTE (nezumi @ Jan 14 2010, 04:57 PM)
However, shutting off the firewall will make alarms go off all over the place, whether done by a legitimate admin or a decker.
But can you hack yourself up to a permission level where you can disable the alarm?
QUOTE
To answer your second question, absolutely not. Even assuming the firewall is entirely software (which it almost certainly isn't), tell me the last time you've successfully copied an entire functional security program between computers without the install CD.
Bandwidth in SR4 is aid to be up to the level where even vast databases complete file transfers at the end of each combat round...
Anyway, assuming the firewall is part-Hardware. What about IC & Payload? Those are clearly software in normal cases. Could you copy them? Why not? (And I don't mean the process as it's running; I mean the program on disc. Though something might yet be learned from observations of the program as it's running.)
Let me be clear: I want to know how this would or wouldn't be possible; ways companies can protect themselves against this, limit damage.
QUOTE (nezumi @ Jan 14 2010, 04:57 PM) *
If this is a UCAS military node, there will be separation of duties implemented. Therefore you can expect that services on a given node are likely provided by a different node.
Is this possible under RAW? How does it work?
I don't know. I don't play SR4. I do however work in security for a government agency, with a gentleman who used to work in computer security for the Army. Everything is available free via DITSCAP. Separation of duties is pretty old, and I can't imagine you can't set up a system where one node doesn't cover the other. Does SR4 seriously allow more complex security methods with a pair of webcams than it does with the most expensive government computer systems?
QUOTE (nezumi @ Jan 14 2010, 04:57 PM) *
However, shutting off the firewall will make alarms go off all over the place, whether done by a legitimate admin or a decker.
But can you hack yourself up to a permission level where you can disable the alarm?
POSSIBLY, but the theory is you'd be hacking into a completely different system, and you'd have to do it faster than that system alarms (or more accurately, faster than people follow up on those system alarms), and I imagine they have technologies to prevent altering audit logs after they're written, so...
QUOTE
To answer your second question, absolutely not. Even assuming the firewall is entirely software (which it almost certainly isn't), tell me the last time you've successfully copied an entire functional security program between computers without the install CD.
Bandwidth in SR4 is aid to be up to the level where even vast databases complete file transfers at the end of each combat round...
It's not a bandwidth question. Just looking at Windows, my firewall is stored in Program Files, with files in the windows folder you'd have to track down, significant registry modifications, installed dlls and I don't know what shell modifications. All of this is security stuff, so its going to have protections on it, and its expensive gear so it's going to have copy-protection too. With a cheapy, software-only program you might manage it if you know what the missing pieces are, where they are or how to create them yourself. With this sort of thing, the time and knowledge required would be... significant. I doubt you'll have that luxury on a military system.
Anyway, assuming the firewall is part-Hardware. What about IC & Payload? Those are clearly software in normal cases. Could you copy them? Why not? (And I don't mean the process as it's running; I mean the program on disc. Though something might yet be learned from observations of the program as it's running.)
IC? Possibly. I don't konw. IC doesn't have a real-world equivalent. There would probably be protections on them, but I can't tell you what they would be.
If this is a UCAS military node, there will be separation of duties implemented. Therefore you can expect that services on a given node are likely provided by a different node.
Is this possible under RAW? How does it work?
I don't know. I don't play SR4. I do however work in security for a government agency, with a gentleman who used to work in computer security for the Army. Everything is available free via DITSCAP. Separation of duties is pretty old, and I can't imagine you can't set up a system where one node doesn't cover the other. Does SR4 seriously allow more complex security methods with a pair of webcams than it does with the most expensive government computer systems?
QUOTE (nezumi @ Jan 14 2010, 04:57 PM) *
However, shutting off the firewall will make alarms go off all over the place, whether done by a legitimate admin or a decker.
But can you hack yourself up to a permission level where you can disable the alarm?
POSSIBLY, but the theory is you'd be hacking into a completely different system, and you'd have to do it faster than that system alarms (or more accurately, faster than people follow up on those system alarms), and I imagine they have technologies to prevent altering audit logs after they're written, so...
QUOTE
To answer your second question, absolutely not. Even assuming the firewall is entirely software (which it almost certainly isn't), tell me the last time you've successfully copied an entire functional security program between computers without the install CD.
Bandwidth in SR4 is aid to be up to the level where even vast databases complete file transfers at the end of each combat round...
It's not a bandwidth question. Just looking at Windows, my firewall is stored in Program Files, with files in the windows folder you'd have to track down, significant registry modifications, installed dlls and I don't know what shell modifications. All of this is security stuff, so its going to have protections on it, and its expensive gear so it's going to have copy-protection too. With a cheapy, software-only program you might manage it if you know what the missing pieces are, where they are or how to create them yourself. With this sort of thing, the time and knowledge required would be... significant. I doubt you'll have that luxury on a military system.
Anyway, assuming the firewall is part-Hardware. What about IC & Payload? Those are clearly software in normal cases. Could you copy them? Why not? (And I don't mean the process as it's running; I mean the program on disc. Though something might yet be learned from observations of the program as it's running.)
IC? Possibly. I don't konw. IC doesn't have a real-world equivalent. There would probably be protections on them, but I can't tell you what they would be.
QUOTE (Ascalaphus @ Jan 14 2010, 11:13 AM)
b) Can you copy their firewall program (which is better than your own)?
Copying is easy. No problem.
But you can't run it.
Software isn't just a file executable binary but all of the interactive operations required to use it.
Take a look at the browser you are using right now to interact with dumpshock. Take away your internet connection, your account on dumpshock, your account to connect to the internet. Can you copy your browser software? Sure you can. It's easy. Is it useful? Will it serve the purpose and use you want to put it to? Probably not at all without lots of other things first.
In SR4, a Hacker could grab that software, but they would need to Exploit or Spoof the software every time they tried to use it. Is this worth the effort? Only the PC can decide.
QUOTE (DireRadiant @ Jan 14 2010, 08:40 PM)
But you can't run it.
Software isn't just a file executable binary but all of the interactive operations required to use it.
Software isn't just a file executable binary but all of the interactive operations required to use it.
So why not also download those? There's a script for them somewhere.
I can see how you'd store some software for matrix-connected node A on node B, but if node A is using B-softs and on-line, then node B is accessible via node A. Also, some software would probably be on node A for dependability reasons; otherwise if you break the connection to node B, node A is suddenly bereft of it's software source.
QUOTE (Ascalaphus @ Jan 14 2010, 02:28 PM)
So why not also download those? There's a script for them somewhere.
I can see how you'd store some software for matrix-connected node A on node B, but if node A is using B-softs and on-line, then node B is accessible via node A. Also, some software would probably be on node A for dependability reasons; otherwise if you break the connection to node B, node A is suddenly bereft of it's software source.
I can see how you'd store some software for matrix-connected node A on node B, but if node A is using B-softs and on-line, then node B is accessible via node A. Also, some software would probably be on node A for dependability reasons; otherwise if you break the connection to node B, node A is suddenly bereft of it's software source.
You have to also realise that the Firewall is compiled and configured for that server which may or may not (most likely not) using the same OS as your Comlink. Further even if you do have the same OS, you don't have the same system settings and thus the program won't run.
QUOTE (Ascalaphus @ Jan 14 2010, 04:28 PM)
So why not also download those? There's a script for them somewhere.
I can see how you'd store some software for matrix-connected node A on node B, but if node A is using B-softs and on-line, then node B is accessible via node A. Also, some software would probably be on node A for dependability reasons; otherwise if you break the connection to node B, node A is suddenly bereft of it's software source.
I can see how you'd store some software for matrix-connected node A on node B, but if node A is using B-softs and on-line, then node B is accessible via node A. Also, some software would probably be on node A for dependability reasons; otherwise if you break the connection to node B, node A is suddenly bereft of it's software source.
If I hacked your DS account and changed the password you could no longer respond to this thread as Ascalaphus. Copy all the software you want wherever you like.
QUOTE (DireRadiant @ Jan 14 2010, 02:40 PM)
Take a look at the browser you are using right now to interact with dumpshock. Take away your internet connection, your account on dumpshock, your account to connect to the internet. Can you copy your browser software? Sure you can. It's easy. Is it useful? Will it serve the purpose and use you want to put it to? Probably not at all without lots of other things first.
I'm intrigued. I'm running IE 8 right now to view this page. My other XP box is running IE 6. How doest one simply 'copy' IE 8 over to IE 6? Considering you can't uninstall IE without crippling Windows, I'm very intrigued. Or for that matter, why can't I copy Firefox onto a jump drive and just run it off of there? I can find all the program files, I have the internet connection, passwords, etc. Why doesn't it work?
So thinking about in the real world (and maybe I should'nt) I would say you could copy it if you shut down the firewall and booted from another OS on the same device. Otherwise no, its running you could copy part of it but you could never hope to get all of it while its running.
edit: You might actually be able to run Firefox from a jump drive. I can run World of Warcraft off a jump drive. But these are hacks and not standard installs.
edit: You might actually be able to run Firefox from a jump drive. I can run World of Warcraft off a jump drive. But these are hacks and not standard installs.
QUOTE (TBRMInsanity @ Jan 14 2010, 01:26 PM)
... which may or may not (most likely not) using the same OS as your Comlink.
This is a great point. You could make a strong argument that Firewall is specific to the OS and you can bet the UCAS government node does not run the same OS as the PC's commlink (or any commlink for that matter). That alone should be sufficient to dissuade the player from stealing it.
QUOTE (nezumi @ Jan 14 2010, 05:50 PM)
I'm intrigued. I'm running IE 8 right now to view this page. My other XP box is running IE 6. How doest one simply 'copy' IE 8 over to IE 6? Considering you can't uninstall IE without crippling Windows, I'm very intrigued. Or for that matter, why can't I copy Firefox onto a jump drive and just run it off of there? I can find all the program files, I have the internet connection, passwords, etc. Why doesn't it work?
You mean it isn't really as simple as copying?
QUOTE (TBRMInsanity @ Jan 14 2010, 10:26 PM)
You have to also realize that the Firewall is compiled and configured for that server which may or may not (most likely not) using the same OS as your commlink. Further even if you do have the same OS, you don't have the same system settings and thus the program won't run.
Yes, the rather large amount of OSes still in use in SR.
Okay, so maybe the firewall was a poor example; but reading the books I get the impression software normally isn't OS-specific unless it's specifically (exceptionally) in a proprietary format. Silly as that may seem I suppose, but they probably didn't want to bother with compatibility rules; otherwise IC might not do shit to someone running the wrong OS to understand their biofeedback signals or something like that.
But I think it's unlikely that every high-sec corp is running it's own secret OS, somehow miraculously able to interface without a hitch with the outside world. So there'll be moments when you do have a matching OS. What about stealing some programs?
Also, what about disabling? If admins have the permissions to install updates to the firewall, wouldn't that put them in a position to sabotage it, too?
You can't use Admin rights to shut down a Firewall. There are protections against this, even against Administrators. You CAN, however, attempt a Disarm operation on the Firewall, although it's not like disarming a regular program. See Unwired p112 for details.
As far as copying, it's not about bandwidth. It's about the fact that nearly every single piece of legal software in SR4 comes with the Copy Protection program option, as listed in Unwired (p 108-109). Yes, this is yet another magico-mcguffin piece of work that handwaves the problem, but that's RAW for you. This includes commercial OSes, and if commercial OSes are Copy Protected, you can bet your buns that a top-secret high-level military grade firewall will also be Copy Protected. Cracking Copy Protection takes an interval of hours and a Threshold above 10 (depending on the program), but you probably won't get that long to view and copy it. I'd imagine that you'd also need to access the actual whole software rather than just the object-code Matrix business end of it.
Even then, as a GM, I'd rule that the Firewall for a Nexus (which you are probably hacking as a "secure military node", rather than a personal commlink) is sufficiently different (given that they are bought using different rules entirely and are more expensive) that you can't just do a copy-paste job to your commlink. To another Nexus, perhaps.
As far as copying, it's not about bandwidth. It's about the fact that nearly every single piece of legal software in SR4 comes with the Copy Protection program option, as listed in Unwired (p 108-109). Yes, this is yet another magico-mcguffin piece of work that handwaves the problem, but that's RAW for you. This includes commercial OSes, and if commercial OSes are Copy Protected, you can bet your buns that a top-secret high-level military grade firewall will also be Copy Protected. Cracking Copy Protection takes an interval of hours and a Threshold above 10 (depending on the program), but you probably won't get that long to view and copy it. I'd imagine that you'd also need to access the actual whole software rather than just the object-code Matrix business end of it.
Even then, as a GM, I'd rule that the Firewall for a Nexus (which you are probably hacking as a "secure military node", rather than a personal commlink) is sufficiently different (given that they are bought using different rules entirely and are more expensive) that you can't just do a copy-paste job to your commlink. To another Nexus, perhaps.
QUOTE (hahnsoo @ Jan 15 2010, 05:34 AM)
You can't use Admin rights to shut down a Firewall. There are protections against this, even against Administrators. You CAN, however, attempt a Disarm operation on the Firewall, although it's not like disarming a regular program. See Unwired p112 for details.
As far as copying, it's not about bandwidth. It's about the fact that nearly every single piece of legal software in SR4 comes with the Copy Protection program option, as listed in Unwired (p 108-109). Yes, this is yet another magico-mcguffin piece of work that handwaves the problem, but that's RAW for you. This includes commercial OSes, and if commercial OSes are Copy Protected, you can bet your buns that a top-secret high-level military grade firewall will also be Copy Protected. Cracking Copy Protection takes an interval of hours and a Threshold above 10 (depending on the program), but you probably won't get that long to view and copy it. I'd imagine that you'd also need to access the actual whole software rather than just the object-code Matrix business end of it.
Even then, as a GM, I'd rule that the Firewall for a Nexus (which you are probably hacking as a "secure military node", rather than a personal commlink) is sufficiently different (given that they are bought using different rules entirely and are more expensive) that you can't just do a copy-paste job to your commlink. To another Nexus, perhaps.
As far as copying, it's not about bandwidth. It's about the fact that nearly every single piece of legal software in SR4 comes with the Copy Protection program option, as listed in Unwired (p 108-109). Yes, this is yet another magico-mcguffin piece of work that handwaves the problem, but that's RAW for you. This includes commercial OSes, and if commercial OSes are Copy Protected, you can bet your buns that a top-secret high-level military grade firewall will also be Copy Protected. Cracking Copy Protection takes an interval of hours and a Threshold above 10 (depending on the program), but you probably won't get that long to view and copy it. I'd imagine that you'd also need to access the actual whole software rather than just the object-code Matrix business end of it.
Even then, as a GM, I'd rule that the Firewall for a Nexus (which you are probably hacking as a "secure military node", rather than a personal commlink) is sufficiently different (given that they are bought using different rules entirely and are more expensive) that you can't just do a copy-paste job to your commlink. To another Nexus, perhaps.
Ah, those answers are quite helpful. It kinda sucks about the copy protection handwave. I suppose that DRM technology will actually work in 62 more years
So, if you managed to hack the commlink of someone who'd removed copy protection - say, a rigger who wanted to use the same autosoft for ALL his drones - you could copy it. Would this then simply be a matter of succeeding in a Data Search check to find the file?
(Hmm. And perhaps also hacking a drone just to get that expensive autosoft..)
AS a GM if I wanted a player to be able to steal a program I would either:
a. Have the source code available on the server they just hacked and then they can follow the software creation rules in Unwired to create the program.
b. Have an executable install program that the user can steal (if their OS matched the server's OS) and install.
Option b would be the same as stealing the software from a computer store while with option a I would say the program is more then likely still in alpha or beta stage and I would attack negative traits to it (lemon and gremlins come to mind).
a. Have the source code available on the server they just hacked and then they can follow the software creation rules in Unwired to create the program.
b. Have an executable install program that the user can steal (if their OS matched the server's OS) and install.
Option b would be the same as stealing the software from a computer store while with option a I would say the program is more then likely still in alpha or beta stage and I would attack negative traits to it (lemon and gremlins come to mind).
QUOTE (Ascalaphus @ Jan 15 2010, 06:44 AM)
So, if you managed to hack the commlink of someone who'd removed copy protection - say, a rigger who wanted to use the same autosoft for ALL his drones - you could copy it. Would this then simply be a matter of succeeding in a Data Search check to find the file?
(Hmm. And perhaps also hacking a drone just to get that expensive autosoft..)
(Hmm. And perhaps also hacking a drone just to get that expensive autosoft..)
Again, probably not. The running program files are distributed, and not the same as the install file. Some places will keep install files on a shared server, so possibly hacking into a place like that can give you some nice toys, but most end users don't do that (I've known a few, however, and in the case of hacked software, it's far more common, because IRL, hacked software is usually downloaded, not bought).
So...
1) The rigger has the install file and you can find it and install it with a simple data search
or
2) There's no install file. You can copy 90% of the software, but it'll take some time, skill and research to reverse-engineer the remaining 10% to get it running (so use whatever the rules are for programming, but cut the threshold to maybe 20%).
But if copy protection is so awesome, why doesn't everyone use it on critical paydata files too?
Shhh!!!
QUOTE (Ascalaphus @ Jan 15 2010, 01:26 PM)
But if copy protection is so awesome, why doesn't everyone use it on critical paydata files too?
It's not really that copy protection is so awesome as programs are designed to be highly optimized for the system they are compiled/installed on. Taking the program out of its home is like throwing you into space. You just can't function properly there, critical errors occur.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.