ok, This came up in a recent session, and I'm having a little trouble getting the book to be clear on the subject.
All of this has to do with your location in the matrix, or more specifically your personas I guess.

when using the spoof command, do you have to actually be in the node you are spoofing?

also, how do you get into a node? the book actually seems pretty vague on this. at points it seems to imply that you can just walk in, but if you are spotted as an unauthorized user, then you have issues with alerts and ICE and so on, but at other points, it seems to suggest that you can't get into a node without first probing a crack or hack on the fly to get an account.

as a side question, can anyone point me in the direction of where any of the books say normal hackers cannot enter a bionode? can agents?

if you don't need to be in the node you are trying to spoof commands to, and nothing without resonance can get into or hack the bionode can TMs just spoof all day from inside their bionode without fear of reprisals until a TM or sprite is sicced on them?

No, you don't.
That's the point of spoofing. You don't need access to the node itself, but you need to know an access ID that has the rights to give orders to the node you want to spoof...


Well, most nodes that deal with a lot of different personas have a public access with very limited rights. Just like today's online stores or the dumpshock forums. Everyone can come along and have a look, but if you actually want to do something you need a user account. If you don't have at least that, you will need to hack the node.

-CJ

No, you are just sending a fake command to the target. The only time your persona enters a node is when you subscribe to it.



If you know the ID/Address of the node, and you either have an account on that node or it allows for public accounts, you can just spend a (simple?) action to subscribe/log-in to the node.



It's in unwired under the technomancer question. Sprites and Technomancers can hack a bio-node but not mundane hackers or agents.



A couple things:
1) They have no fear of DIGITAL reprisal.
2) You can only spoof so much. Want pay data out of a node? You have to go in after it. Really, spoofing is only useful when dealing with peripherals or drones. With peripherals, there is very little you can do and they can either tell their drone to go into autistic mode (wireless off) or they can jump-in (in which case you can't spoof commands).

what's to stop you from spoofing a command to a node and telling it to download the paydata into a peripheral device you have?

In order to tell the node to do that, you need to know exactly what to upload, and this is more than a little bit difficult to do without being inside and having Analyzed it well enough to know what to ask.

hmmm, very true, not knowing the location in the folder hierarchy, and even file names would make It difficult. though with enough spoofed requests I'm sure it could be done. like telling the node to create a file with Its folder hierarchy and file names on it and send that to you and go from there. bit that is really a backwards way of doing things to try to avoid digital reprisals.

Maybe it is hardcoded that data transfer (other than virtual files like websites or something) must be per subscription. You know, because of data verification, encryption, security etc.

Would be to easy to let it send you all that stuff in an email.

spoof a command to create a valid account for the peripheral download target. easy enough.

I think what we're getting into now isn't "how to prevent spoofing" but a slightly more important topic: What exactly can be spoofed? The rules are AWFULLY vague on the subject.

QFT

That's assuming the person your spoofing has access rights to remotely create accounts, as opposed to logging into the node to create the account. Given that that would be a HUGE security hole, I can't imagine spoof replacing hacking to that extent. The key question is: could the person your spoofing legitimately perform the action requested?

You're right, though, in that what is allowed is vague and up to the GM. I figure spoofing commands work best with physical devices (toasters, doors, drones, etc.), less so with computers/nexii/commlinks (spoofing an incoming call, though, would make sense).

You just need to *get* a good Access ID to Spoof. That can entail Tracing or other Matrix data-gathering (which is fun, and the point).

Ok, after thinking about for a bit, here is good guideline on what a spoofed command can or cannot do:

A spoof command cannot emulate any software. If a spoofed command requires a specific piece of software to perform, it cannot be spoofed.
Example: You want to modify a video stream. You can't spoof the command to edit it (for even a single IP) because it requires the Edit program. You COULD tell the device to simply pause or stop the stream but not change it.

A spoof command CAN command a pilot/agent program to use a piece of software if it already has it loaded (loading the program would require a second spoof command). You can't command a pilot/agent to do any command it isn't capable of doing (either due to physical limitations or lack of software). You can't command a agent/pilot to load any software it doesn't have on it's system.

Lastly, and most importantly: You can only spoof command to a peripheral device or one that has an agent (no spoofing command to someone's commlink or to a nexus).

What about, say, a banking/accounting node that accepts data packets, processes them, and returns a receipt? Could a hacker spoof a data packet, in order to get (i.e. attempt to intercept) a receipt packet?

Spoofing an error message data packet to a commlink/nexus from one of its peripherals, forcing diagnostics and/or a dispatched technician?

If you jam or stop the original source you can spoof a false, pre-recorded feed to the receiver.

This is certainly wrong. Spoof Command works in every situation that Issue Command works.

Dahrken, you can do that, but it's not Spoof Command, it's Intercept Traffic, AFAIK. Even if you're stopping it with Spoof Command, the sending side seems to still fall under the Intercept Traffic functions.

And you are most certainly mistaken. I am quoting straight out of the SR4A corebook.

Sorry. I must have been thinking of other uses of spoofing, and applied them to Spoof Command instead. Thanks for pointing out the (obvious) mistake. The text says, "You send a command to a device or agent, pretending it is from an authorized source", but it's clear later on that it *only* means Peripheral devices.

this brings something to mind, do simply walking down the street with your AR in active mode broadcast your accessid to anyone within range?

If yes, i can see kids that have gotten a low grade spoof of some node grabbing a bunch of them at the mall and then playing around with what they can use them for.

Meanwhile this is contradicted in Unwired because no two writers share a real, working concept of how the matrix works.

For example the Juhseung Saja IC gives an example of spoofing itself over to other commlinks to commit crazy murders.

So, if you could spoof a "load program" or "download" command to any node, then you're looking at the same kind of cheese as spoofing an enemy drone to subscribe to your link. Drop agent in with at least security level clearance and it can kill all alerts you trip as you brute your way in every time. "I win" button FTL.

True. The rule of thumb I use when I come across contradictory sources is that "The newest source wins" on the theory that SOME quality checking happens =p