I've been playing this edition for 4 years now and still, for the life of me, I don't know how the Matrix really works. How about I give you my interpertation of the rules and someone fills in the blanks? Or maybe points me to a quick guide? I have the Matrix Crib Sheet, but this only serves to tell me what is rolled when, it doesn't tell me how to navigate the place or how to build a system.

So, I want to have an apartment building for my runners to go into. Don't worry about why, I just want them in this building. I say that the security is kind of tight. They have pass-key entry into the building on all sides and have the doors watched by cameras. I also have camera arrays on the inside of the building as well to watch hallways. There's also a database with information on the residence, payment and rent information, phone numbers, ect.

This isn't a small-time rental slum, so the security should be around A level on the node. I'm saying that the system is a rating 6 with a signal of 3 outside of the building. Firewall would be 5 and Response would be 6 (Please tell me if these numbers don't make sense for the kind of thing I have going).

Your friendly local hacker needs to find some personal information on a particular subject that happens to rent at this apartment. He sits in a local coffee shop about a block away from the place and goes in to probe the target. He knows he'll need at least security access to the apartment complex and he'll need it for a few days, so he takes the long route and probes for holes. He would roll his Hacking + Exploit program for each hour he's probing and he needs an extended test of System + Firewall + Security Access (14) to break in and register an account on the system's computer. After about 6 hours, he gets the hits he needs and is able to push his way in. On the login, the system makes an Analyze + Firewall (11, assuming the program ratings are the same as the system's rating) vs the hacker's running Stealth program (5). Assume the system fails and the person logs in.

At this point, the hacker is logged into the node, I assume, and can see everything the node facilitates. He'll see a bank of TV screens for the cameras, switches that control the MagLocks in the building, and a filing cabinet that holds all of the records that he needs. Say he wants to put a tap into the cameras in the building and route the info to his home mainframe for analysis. He also wants to make a quick search in the system's file records for the name that he's looking for and the info on them.

What types of checks are each of these, how many checks do they needs, what are the successes needed, how would the system respond, ect. This is where I get lost, obviously. Also, are each of the cameras just a device subscribed to the main node? The same with the Database and MagLocks?

Why not grab a copy of Eclipse Phase, which you can download for FREE, and see how they do it.

The reason I mention it, is that several of the people who put EP together are ex-Catalysts, who saw the issues relating to Shadowrun hacking and decided to do something different when they put together Eclipse Phase.

Even if it's not a direct conversion [one uses dice pools, the other uses d%], the ideas and methods should be transferrable.

It sounds like you have a good feel for how you want it to be laid out. Simply decide if you want all of these to be controlled from one area/node like the master control room described later, or if you want each section to be subdivided--each area/node handles a group of systems. Each has its own benefits and drawbacks, so it goes to the level of staffing/security at the facility.

Adjust the numbers to be the appropriate challenge for your players. That said 3-4 is your average terminal. 4-5 is security level, 5-6 is high end corporate/military security (per SR4A, WAR! changed these somewhat). 6 is higher than I would use for an apartment building unless there is something jinky about it. Remember the Hacker will need extra successes beyond the rating of the System to gain Security or Admin access. You can use the access levels as further security inside the node rather than raising the system level on the outside. Likewise tasking an agent to Analyze every new user who logs in can raise security without increasing the Rating.

Sounds fine.

If you are searching, use Data Search + Browse. Set the threshold to 1-4 depending on how specific they need to be.

To examine something, Computer + Analyze.

Writing a subscript to copy the feed continuously would be Hacking + Command, or Computer + Command depending on if their user level has access. Downloading old data is just a download action, no die roll.

The Cameras/Database/Locks could each be slaved, or they could be separate nodes. It depends on how the system is set up. Likely, the database would be a separate node because the security guards don't need access to the office files and the wageslaves don't need to know if the door on the third floor just opened.

The level of detail that you delve into on the hacking is purely up to the table. Often times for small hacks, I just use one or two die rolls, and save the in depth hack for when they are in the thick of it. Draw out a small diagram in the corner of your notes with numbers for the ratings and you will be good to go.

For a walkthrough on hacking, check out the Runner's Toolkit. Aaron Pavao also did a write up based on the Game, Set, Match fiction from the core book.

Play SR 1.

LOL.

I can't really help out but I have a similar question: Does someone have a "Hacking and Rigging for idiots" style guide around somewhere? Not houserules, just a guide that organizes what Players and GMs want/need to know to play in a well formatted guide.

http://www.mediafire.com/?2ymnmf2zymt

Did you already read Synner's The Idiot's Guide To The Matrix Thread for 3rd Ed and Dashifen's Idiot's Guide to the Matrix 2.0 for 4th Ed? Quite a few questions and answers there (if you can filter out the argument about otaku / technomancers).

The thing is, no system in SR will stand up to a hacker if the hacker has unlimited time. The easiest way I've found to make the time factor less of an issue is put a security sheath around most of my nodes worth protecting. That is a mid rating node that serves as the choke point to any nodes worth hacking and has some IC hanging out performing periodic analyze. That at least forces hackers to sweat a bit as their doing their 10 hour extended hack marathons.

In your apartment scenario this outer node can double as the complexes matrix access point and place to post community events and stuff.

Another thing I do for apartment complexes is require admin access to actually open the apartment doors.

Node slaving is really a continuation of the old SR2/SR3 chokepoint design anyway, with the exception of being able to spoof past it I guess.

It seems like most every system would do that by default, but maybe I'm not thinking that through enough.

The admin level requirement for opening doors is spot on, IMO (or at least security level).

I forgot when I started reading it, but Ryu's Guide To the Matrix has been my handy dandy reference guide for quite some time. He should finish it!

Slaving is not the same as chokepoint, in a chokepoint you have to bypass both nodes starting with the outer one, slaving is actually the exact opposite of that, once you have one you have them all, further no matter what one you access your forwarded to the other.

Security level shouldn't cut it for accessing individual apartments, your security guards will have security level access, how many complex residents want Joe Bob the minimum wage security guard having unrestricted access to their apartment, I'd wager not many.

So question: If a runner wanted to set up a secure node for himself, what would be the best way to go about that?


Judging from the guides posted here (thanks for those by the way!), Analyze+Firewall put up high is the best place to start. Makes it nearly impossible for someone to hack in undetected. But what other things would be helpful? If you get a high rating agent, can it use any program on your commlink, or do you need to get separate programs for it to use? Do you have to set up a defense like this for all of your nodes (for example, a rigger's drones), or can you link them to a centralized defense (ie slaving the drones to your commlink)? Does this also hold true for helping defend your team's gear?

Agents will need their own copy of programs.

Generally speaking slaving is a very good plan for defense on a budget plus ease of administration. A rigger will almost always want to slave his drones for example.

Likewise getting the team to slave up to the hacker is also a good plan so long as they trust the hacker.

Mostly buildings and other infrastructure that have spent hundreds of thousands if not millions of dollars riding on them will want to spring for compartmentalized security and defense in depth.

Man that gets expensive -fast-. Guess it's time to start pirating.




Okay, so there's no obvious downsides that I'm missing? (Except if your commlink gets hacked everything is suddenly compromised)

That's the one, single point of defense, single point of failure.

Alright. So how does response work in 4E for defense of a system then? I get how the hacker can get in, what he can do when he's in, and what the system rolls to detect the hacker. Let's say that they get in, but they're found by the system. Normally, the system doesn't go into massive alert right away.

I remember the 3E rules where each main system had a Security Sheaf that let you know what IC were turned on when, when the system called for a security hacker, when the system went to passive and active alert, and when it shut itself down. I liked that idea, so do I just try to replicate that for my security?

The hacker doesn't have a high enough stealth rating, so they're found out and the system launches an IC that has Analyze and Trace on it. It would first try Analyzing the hacker's icon and then run a trace if they think it's suspicious. How does a hacker defend against this?

Also, how does the Spoof program work? I know how the Exploit program works for breaking into a system, but Spoof used to be used to simply squeeze your way in passed a node you didn't want to bother cracking, or one you didn't have the time/skill to really force open.

One more thing, if I have the IC successfully Analyze, while it's doing the trace, the system can launch other IC if it thinks it needs it. In doing that, they can only launch a number of programs equal to double their System rating. But this also goes with all of the devices that the system has subscribed to it. Using the security sheath mentioned above, is it possible for IC from other layers of the system to cross over? Say the outer system controls some basic security, but the runner gets passed that and into the core system. Can the core system call in the IC from the outer layer to check in on the runner, or does it have to use it's own IC and launch it itself?

Thanks, by the way, for the answers so far.

Naah, you can always load your own programs into the Agents payload. In fact, that is how most hackers would do it. The issue is that each program in the agent's package counts as an active program on your program tally unless you design the agents package as a Suite, at which point it acts as a single program for slot purposes, but all its programs are suscepible as a single entity to counter-programs.

I didn't say it was the same, I said it was the SR4 continuation of chokepoints.

Good point about the security access, but I bet the head security guard would have those rights, or the authority to order a spider or someone to do it.

I'm too tired to directly quote rules, but I will do my best to do so without leaving you astray, some of the problem with the 4E matrix system is they made it very abstract which can be the systems greatest strangth and weakness.



The system has a specific alert against the hacker, there is no specialized passive or active alert. The biggest thing that being on alert affects is the hacker will loose any special security access they might have gotten and the system gets +4 on all rolsl to detect them. It will also carry out whatever it's programed to do in case of alert, scramble a security hacker (who effectively gets to log into the node "for free"), launching IC, shutting down, playing show tunes, you name it.


There's nothing precluding you from doing that, the system is built for simplicity, but there's nothing wrong with GM's dialing up the complexity.



Best way is not to be seen. Even when an alert is triggered the hacker can still try and avoid detection by pitting their hacking + stealth vs computer + analyze (remember that + 4 dice penalty from above, cuz it can start to slow one down.)


Spoof is for those times when you want to get a node to do somethign without hacking it. You have to have gotten a look at something/someone that has the right credentials to do what you want to do and then you use spoof to the convince the system that you are them.



It doesn't explicitly say one way or another but I can't see any reason why it would be not otuside the scope.

I would disagree that is how "most" hackers do it, but each game is different. Like a drone's pilot program you cannot spend edge on behalf of the agent, which is a drawback to that approach.

But the Agent cannot run any porograms that are not part of its own payload. If you want an Agent to be able to Analyze anything, the Agent must have an Analyze Program loaded into its payload. Same with any other program: Attack, Blackhammer, Stealth, etc.

Your reply does not seem to follow from my post. Sorry - I'm just missing the connection as well as the point you are trying to make...?

Maybe I can clear it up.

Lurker said that that Agents need their own progreams (This is true)...
Seerow said that that would be really expensive, and proposed the Pirating as a solution. (True to a degree, but since you can use your own programs and load them into the Agent, it is the worst choice)

I proposed just loading your own programs (which you have already) into the Agent, which is where the "How most hackers would do it" comment came from.

Then, Somehow we got from Agents running their own programs, to spending Edge on the roll, which an Agent cannot do. This came from you.

My response is that that does not matter, because if you want your Agent to do ANYTHING, it needs it own Program Load. So Spending Edge is an irrelevant topic at that point, because you are not performing the action, the Agent is. And for the Agent to perform that action, it needs its own programs.

To tie it all together. It is no more expensive to equip 100 Agents with their own program loads than it is to get your initial outlay of programs for the Hacker, because the hacker should use his own programs in the Agents. And this is indeed how Most hackers likely do it. You COULD spend the money for new copies for every Agent you have, but why would any competant hacker do so?

Probably did not help did it?

Okay, this makes sense, but doesn't breaking the copy protection to load the initial programs onto your agents then invoke the pirating rules anyway, resulting in your programs degrading? Or is there something simple I'm missing here?

Well, yes, it would indeed initiate degradation, if you track such things.
There are three ways of handling that.

1. Ignore Degradation, and assume that the hacker updates the programs in his spare time, and then patches all the agents packages with the update. Easiest method.
2. Figure the costs of the patches required to stay even, and then just append that to your lifestyle costs. Simple and elegant.
3. Force the issue, and Make the character make all the rolls (in whatever manner you wish, whether through his own programming skills, or access to a Warez Group) to stay current. Don't particularly like this one, but it does work.

I misunderstood what exactly "How most hackers would do it". I inferred "... would just use the agent to hack". Clear now and agree. Thanks.

Yea, that came from the misunderstanding about. Now working from a common baseline, it appears we agree to my off-topic point.

Yes. Thanks

Yeah, it's mostly the time issue that bugged me. I guess figuring the cost of patching and sticking that in lifestyle costs works well. Thanks.

Heh... Glad to be of service... It is Good to be on the same page.

OK...now I want to be on the same page too.

You're saying that an Agent can either use their programs (one you buy them and load onto them) or use your own program (one that you buy for yourself). If you use your own, you cannot, yourself, roll a test with that program, as it's currently being used by the Agent and the Agent would have to use it. So, a common practice that I'm starting to understand is that a hacker would really just have a docket of Agents that do common functions, such as an Agent that performs your Analyze and Sniffer commands. You would simply turn that Agent on, load them up with your programs of Analyze and Sniffer, and then have them auto-run to detect everything around you. You'd also have an Agent running common programs for Downloading and Uploading files. The real programs you'd want are ones that directly effect you, such as Armor, Stealth, Attack, ect. Things that you plan on affecting you or things you want to roll edge for, as you cannot roll edge for the Agent.

If this is true, I have a new query for you. Say your agent ain't doing that well, and you want to beef up the download speed by throwing more dice at it. Can you take over a currently running process from an Agent, load the program back onto your set, and then roll with edge for it? How would that happen, what kind of an action would that be?

This is actually a really good idea. SR4s Matrix rules are very similar and SR1 assumes you dont know anything about the Matrix. Just remeber SR4 does not require you to have CPU, SPU, IO and all the other nodes you can split and create what you want. The more nodes the more time the Hacker is going to spend soloing while your other players sit around so keep the node count low.

No...
You load a COPY of the programs you have into the Agent's Payload. Now, you have your own copy, that you use (and may spend an Edge point on to do things with), and you have a copy in the Agent that you are using, whcih you cannot spend an Edge point on. Some hackers strictly use Agents to do their work for them (Hackers in a Box), while others use them to protect their systems (These are typically called IC). I would say that for common data searches and what not, most would probably use an agent, if it is not all that important to have an immediate answer. Agewnts can be autonomous hackers. There are plenty of reasons you want that IC package running Analyze on everything that enters your Node. The most advantageous is that YOU do not have to do so.

If you wish to assist an ongoing process, you use the rules for teamwork to do so.

Does that help?

I know a few guides got linked; knasser has one as well, I'm not sure if that one got linked.

I will be including a sample matrix run in the next issue of the Dumpshock Datahaven (though production date is currently December).

Ok...so I CAN copy my programs into an Agent. So...I'm not understanding something. Sorry. When you give them a copy of the program, that's one that they use themselves and does NOT count against your programs loaded. Correct? I'm just trying to understand why you would EVER buy them their own programs.

Because by the rules most software has copy protection, and breaking that copy protection so you can give copies to your agents causes your software to degrade over time. This is something that can be completely ignored, fixed with money, or fixed with time, as outlined by TJ above.

Actually, as long as the Agent is running in your link, it DOES count against your program load for degradation. So an Agent with Analyze and Stealth counts as 3 programs loaded. You can use program suites (in this case the Analyze and Stealth would count as 1 slot, so 2 for program load counting the Agent itself) in an agent, and that would reduce the load, but it would make every program in the suite vulnerable as a single point for attack.

As for why you would buy them their own programs, you probably wouldn't. There is no incentive to do so.

Helping any?

Maybe...or it's making me more confused...

I can only have a number of programs loaded/devices subscribed at one time, which is System x 2, if I remember correctly. When you load up more programs or subscribe more devices, you lower your Response rating, which means your system is taking a hit on performance.

Why would I buy them their own programs? Because then I can give them the programs they need AND have the same programs loaded for myself while not having to worry about their drain on my system rating. I could then load up other programs which I need, such as Armor Stealth, Attack, Exploit, Spoof. Maybe I'm missing something here, but why would you want to swap out programs all the time when you just make sure you have all the programs you need right there and ready to go?

I created a Comprehensive list of all matrix actions a while ago ... I have it hosted on Aarons Site at this address http://pavao.org/shadowrun/miscellany/Comp...xActionList.ods

its created using open office its 15 pages long ... it has every action listed for every program from Unwired and the Core book (I even scanned through the other books as well) I hope this helps

Oddly enough, it doesn't do much. As far as I can see your Matrix Initiative Drops and that's about it.

Ironically, you are correct. It just drops your response.

Are you trying to be deliberately insulting?

Okay. You can have a number of SUBSCRIPTIONS equal to 2x System, before degradation sets it, any Subscriptions beyond that limit count as active programs, and reduce the Response accordingly.

You can have a number of active programs equal to your System Ratin -1 before your Response degrades. When you have System number of Programs it degrades by -1. However, it only reduces your Initiative, for most things. There are a fewthings that use Response, but not too many. There is a list int eh book which shows what uses Response. The Performance hiot is not horrible, but can be an issue if it gets to big, because you will start to lose out to your opposition.



Well, Registered Programs are automatically updated, though they leave a more distinctive datatrail. If you are a normal user, you likely purchase programs for your agents.

For hackers, you would likely NOT purchase programs for your agents, because you can just load them up from your own data storage. However, you STILL have to woory about the drain on system performance, because Agents (and their payloads) still count as active programs on your system, and tehrefore still affect System Degradation due to actively running programs.

Now, if you have a sufficiently high-end comlink, with an exceptional Response (say a 6-, you can run most of your programs, along with a few Agents/IC and still be okay. The Comlink my Cyberlogician runs has a Response and System of 8. I routinely run 30 programs concurrently, so Response is an effective 5. Not too bad. Of course, you can do okay with a Rating 6 as well; by only running 17 programs you run at an effective Rating of 4. Not too horrible.

Hopefully that was More Helpful?

I was commenting upon the irony that the Significant Performance Degradation that is actually experienced is just a small, often negligable (and easily ignored), hit to Response, instead of what it likely should be. Not trying to cause issues here.

And a drop in response limits system effective rating which in turn limits the effective rating of any programs.

Actually it does not. Limits are baased upon the unmoddified ratings.
Otherwise you would never be able to use a Metalink.

Drat! I missed that somewhere...

Happens to the best of us Redjack...

No, you're just remembering the original SR4 rules. The "doesn't affect maximum System rating" thing was a fix in SR4A.

Ah ha! Thanks!