Meh. Use Chisel rules. Str = damage, straight up.


What would really stop a regular SR team dead is a classic vault with a mechanical lock. Good luck brute-forcing your way through that bastard. Glass tamper plates to auto-seal it if you try and drill. Triple combination lock. Eight bolts as thick as an Ork's bicep. Hoo boy, that's going to be a prob-

OH WAIT. The mage just mind controls a guy to open it. SECURITY BREACHED.
Magic: Oh, that was easy..

Too bad about that time lock.....

Or the Watcher that's sitting in the vault set to scream it's head off if it sees any magic in the area.

Which gets Boris, the Earth Elemental cranky.

Thanks suoq, I'd never noticed that! They're just called Key Locks in the rules section, and it only mentions transponder keys. So, definitely the same skill for all old locks, and much easier than maglocks to crack.

Unless, as discussed, Mr Electronics-Genius neglects to buy lockpicking. Which, after all, to most shadowrunners might seem like the equivalent of their gun specialist buying up his bow skills - a ridiculous investment in obsolete tech skills.

Right, but even then, I explained earlier why they're easier. At worst for a purely mechanical lock, you get Autopicker + Agility - 1, against 6. If there are transponder keys, it's messy and it's now Hardware *anyway*, but still easier than a maglock.

Glad for this discussion, folks-- I'd skipped over the limitations on the lockpicking skill. As in, 'don't forget to take care of electronics.' Next time I build a second-story character I'll try to remember!

Surely, at worst, you don't get the autopicker?

Why are you taking AGI - 1? You're not defaulting at that point as the Autopicker would replace the skill much in the way the medkit replaces your First Aid skill if you lack it, right?

It's not clear that's the case. The rules seem to say that you can either use the Autopicker as the skill, or add it to your skill test. Locksmith can be defaulted, so it doesn't say you can't add it to your defaulted skill test. In fact, you may not even have to take the -1: it says "Autopickers (p. 335) add their rating in dice to this test; their rating may also be used in place of Lockpicking skill." Not 'in place of the Locksmith + Agility pool'; this *is* the same as a Medkit, while (for example) Visual Spotter software says, "Use the software’s rating as the dice pool for visual-based Perception Tests to identify, spot, or track a particular shape/object."

Mayhem, be reasonable: why would anyone not have an autopicker?

Maybe they have a strength score and boot size greater than the door's barrier rating.

Oh, an autokicker? Hurr.

I actually have picked locks (not for a living, but I got 2 pins on a medeco with a sidebar, and 4 without, which is pretty good, imo). Picking an old lock without tools or skills should indeed be difficult. However, if he has the skills, he should be able to make tools (there's a video of someone picking a lock with a banana) with the stuff a normal team has, and if he has the tools, that's the end of that. I imagine picking locks would be a LOT easier with access to fiber optic cameras as thin as a human hair, handheld ultrasound devices, and wispy monomers. If I can actually see into the lock, even *I* could hack it, no matter how complex.

I remember hearing a story about a guy who saw a locksmith van parked in an overnight lot with a garbage masterlock on the rear door latch, so he picked it, took a Medco padlock out of the truck's inventory, used that to secure the latch and then hurled the key into the bushes.

Mean as hell, but kind of funny.

If you're a GM designing a security system, throwing in a few old-fashioned locks along with new-school mag-logs is a good way to increase the challenge of a run, i.e. it requires the PCs to invest in the locksmithing skill. This can be seen as dickish GM-ing, depending on what kinda group you've got. I'm planning on warning whoever rolls the Spec. Ops character in my next campaign that mechanical locks might show up, and throwing a 1 in Locksmithing might be a good idea.

Mechanical locks should probably be a rarity in 2070, i.e. Mr. Johnson's antique gun-case might have a key-lock on it.

The first game I ran had the item they were looking for locked up in one of numerous safes in a Warehouse, which dated from when the warehouse was built (1950), up until one that was installed just before Crash 2.0.

It was easier and cheaper to just leave the old safes where they were and forget them, rather than pull them out.

Businesses prefer swiping cards on electronic locks over keylocks because if a card is lost or stolen, it costs little time and no money to yank that card off the system, and probably a small fee charged to the employee to replace it. Assigning a key to each employee, or even only 2-3 that need to access that particular room/locker/box, is a huge liability. If said thing is particularly valuable, locks would have to be changed and new keys reassigned over a small piece of metal getting misplaced.

Your typical security man is probably more concerned with the efficiency and low-replacement cost of maglock keys over trying to 'pull a fast one' on a group of shadowrunners infiltrating the building which is NOT a daily occurrence. So I would save the traditional locks for older buildings and personal property, which to be fair means the team may still run into quite a few.

Feds/DoD are more interested in keeping people out of stuff and particularly in knowing if someone got into a classified area or gained access to classified material. So they rely on combination locks for classified stuff and non-master keyed mechanical locks for important non-classified stuff. You can use electronic access control to the perimeter, but the actual critical locks are not-network connected or reliant on any outside system to operate.

Except, by the SR4 rules, maglocks with lots of biometrics are much more secure.

I fail to see how the bolded statement is affected by either keys or combination locks.

Security (keeping people out) often involves three things or multiples of them
1) Something you have (key, passcard)
2) Something you know (combination, passcard)
3) Something you are (bouncer behind the door, biometrics)

Information assurance (knowing if someone gained access) is a completely different and more complicated field. Unless you're playing with a group of people who study information assurance for a hobby or a job, it's really not worth springing it on your players.

Well I wouldn't say that. Knowing that you've been robbed/hacked/whatever is a great element in SR; it's not exactly 'springing' it on people.

I may need to rephrase.

When players cover their tracks, and believe they have covered their tracks, they may react badly to the GM having the opposition knowing what has happened to a degree the players don't expect, even if the GM had written down a tracking mechanism that the players didn't know about or think about.

I agree it's a great element and I feel free to use such things in my games with my friends. This being dumpshock, however, I'm loathe to suggest people use "great elements" if I feel that suggestion will simply result in more flamewars and accusations.

Ah, *unexpectedly* knowing that you've been compromised. That's a whole different context. Still, if the players are relying on the idea that they've fully covered their tracks, they need to 1) know that's never possible (heh), 2) clearly tell the GM that's their intention, and negotiate. If they use a maglock passkey and the hacker does a *successful* matrix run to wipe/edit that swipe log, then obviously it's unfair to have the log *not* wiped.

See that whole (bleh) metagaming thread.

You can bypass any access control method by:
1) Forcible entry- Go to town with sledge hammers, power tools, plasma cutters, etc.
2) Extortion - I'll tell your secrets unless you give me X.
3) Kidnapping - I'll kill you or your kids if you don't open the vault.
4) Bribes - I'll pay you a million bucks for the Coke recipe.

A decent security system includes features to attempt to counter all of these if they are considered viable threats by the threat model. Since these are common, let's look at the differences.

On the entry to the room/container that contains a valuable item a typical electronic access system (as in prox card or similar) has the following weaknesses that a combination lock doesn't have.

I can copy the credential by it's RF signature.
I can get into the space (typically less sensitive then the controlled area) where the EAC controllers for the floor lives and make the lock open.
I can interrupt power to the maglock/strike.
I can steal the credential.
I can hack the computer controlling the EAC and have it open the lock for me.
I can mess with the logs of an EAC and have it forget that the lock opened or say it was opened by an authorized user at a different time.

Key locks are subject to having the key stolen (but they are normally only carried on the job and locked up in a key container otherwise) and having the key visually decoded. But they are subject to various well understood attacks and are normally used for non-critical areas where they are more subject to physical attacks than subtle attacks, as you can make padlocks that are very difficult to cut. Picking isn't obvious, but it normally leaves "some" forensic signs to a trained expert.

Good quality combination locks require that you know the combination to open it without force. As these are supposed to be memorized there isn't anything to steal without planting video cameras. In theory purely mechanical ones are subject to x-ray attack so you can decode the dials remotely. Supposedly the KGB had portable equipment (for some value of "portable") to do that on USG S&G 8500s. Plus you can use electronic dialers to attack them. So in theory you can open the container, photograph the secret plans and sneak back out without anyone knowing. Or you could drill the container, decode the lock and replace it with an identical lock that has the correct combination, repair and repaint the hole and sneak back out.

The modern versions with some electronic components has retry penalties and logs accessible on the dial and various elements other elements (like limited view angles) to make it a lot harder to attack successfully. In theory the best way to attack an X-09 that you don't know the combination to is to drill it, but it's designed so you can't recover the combination after you destroy the lock to open the container. So at best you leave the container with a lock that won't open, at which point they call in a tech and the security officer who look at why the container isn't opening. The security officer should find that the lock serial number doesn't match and/or the tech should see the traces of the drilling.

Which is why Kaba Mas sells something like 10 million bucks a year of these to the feds.

So… huh? I guess you're suggesting house rules?

Considering that the "cyber" part of the cyberpunk doesn't work in ShadowRun RAW, and they evicted the "punk" part from the game, why bother?

*shrug* I like it fine. We have fun, and it's still Shadowrun.

I could see house-ruling in more difficult 'high-security' vault-style mechanical locks if the players would be interested in that. By default, hacking and the various maglock options cover the same 'technical heist' concept, but if a player wants to drill a vault, throw together some vault-drilling rules!