Help - Search - Members - Calendar
Full Version: New Hacking Programs, Fresh off the Line!
Dumpshock Forums > Discussion > Shadowrun
Pages: 1, 2
CrystalBlue
I've looked through the list of programs that are available to hackers and companies and thought it could use an increase. No book I know of (I haven't read much of Unwired) has more programs, so I thought of some programs I myself code for or use on a daily basis and retro-fitted them to Shadowrun. Some of these might be broken or overpowered, or they need tweeking. If you think something should be changed or tweeked, or if there already is a program out there that does what one of these does, let me know.

Fortify (Computer): This program ramps up the difficulty to overtake an icon through use of any hacking program. It launches debugging code into the middle of certain parts of the icon to detect and redirect common-use hacker attacks and malicious code, dumping them out of sensitive sub-routines. For each hit generated, increase the target number of any unauthorized access (any check from the Cracking group) except for hostile programs (such as Attack, Blackout, Black Hammer). This program can only generate a total defense up to the programís rating and an icon can only be fortified once. If another Fortify command is issued on the icon, the new number may replace the old check.

VeriFly (Electronic Warfare): This program begins to Ďscrubí connections to ferret out hacking attempts by running credentials through rigorous authentication. While in this mode, the user of this program must sustain the use of it, imposing a -2 penalty to all their other checks as they keep the program active and running. The user makes a check with all net hits (capped at the programís rating) imposing a penalty against the iconís Stealth program, unless the icon spends a simple action to Ďverifyí their credentials manually each phase they are in the system.

TarPaper (Hacking): With this program, the user slows down network and computer traffic, restricting certain access points constricting bandwidth by filtering it through query analysis. It does not outright check and verify the data, but it filtersís it based on the type of programs running. Once an icon has been Analyzed successfully, TarPaper can be used to lower the initiative of an icon. While active, the program imposes a penalty to initiative equal to itís rating to the target icon. The user of this program also may choose to spam the target, instead rolling an opposed roll vs the iconís Response + Firewall. If successful, the target iconís initiative passes are reduced by one. If used on an icon when they have only one pass left, they lose that pass. If the target has no passes left, this penalty is applied to the next initiative round.

Erosion (Hacking): This program breaks down code, pulling it apart at the easiest and hardest-to-notice ways in a much longer-term then an attack program does. It does not simply try injecting code error into a program, it literally pulls the code apart and resaves the program back to the icon. When used on an Analyzed icon, the user rolls an opposed test vs Firewall + Rating of the program being targeted. If successful, the erosion lowers the rating of the program by 1. If the program reaches a rating of 0, it is lost and dumped off of the targetís icon. The erosion program targets all copies of the program loaded onto an iconís node, so a hacker that loses a program cannot use it again until they load a clean copy of the code back onto their device.

SubClause (Computer): A program may use and implement harder-to-crack security services by using redundant verification and confirmation. Commonly known as the TOS pop-ups and other pop-ups that spam a user to enter name and password again or to accept a set of circumstances, else they lose out on access. Any user of this program running this actively automatically spams users when they attempt to log in to the network, regardless of legal or illegal credentials. When an icon attempts to login to a system with an actively running SubClause, they may review the warning message. The user of this program chooses one of the following: add dice to the dice pool of checks made by all friendly icons on the system, lower the defensive programs of all logged in icons by itís rating (Armor, Stealth, ect), or allow the system to use a psudo Edge on any check made on the system. All of these ratings are equal to the SubClause program rating. Once a user agrees to these warnings, the SubClause program imbedís itself into the icon logging into the system. This embedding sticks around so long as the user is logged into this node. If logging out, the embedding erases itself. The icon may rolls an Exploit + Hacking vs SubClause + Computer. If successful, theyíve found a loop-hole in the code rules and bypasses the embedding.
Draco18s
Here's my reply:

QUOTE (Draco18s @ Aug 24 2011, 02:38 PM) *
6) Reduce the number of programs. First aid is possible without a first aid kit. Hacking needs to be possible without 12 hacking programs.

QUOTE (Traul @ Aug 24 2011, 03:13 PM) *
I cannot agree more with all of that.

QUOTE (Seerow @ Aug 24 2011, 04:03 PM) *
3) On the topic of the matrix, stats should play a more prominent role. Everything else in the game uses stat+skill, yet the matrix uses skill+program. This kind of goes in hand with the need less programs, but really, I'm saying drop the vast majority of programs, and make all of the various actions usable by default with stat+skill, then programs can be bought to open up new options or improve existing options (like you could have a program that acts as a first aid kit, either replacing your hacking skill if you're untrained, or giving a bonus to your check if you have hacking). These programs should be cheap though, again similar in cost to medkits. Your biggest expense should be getting that nice commlink or nexus, then getting addons and the like is pretty easy.
Yerameyahu
On the contrary, hacking is unlike first aid. Most things are *not* possible without the right program, by intent. This is in general, not specifically about these proposed programs.

An actual overhaul of the program rules/action would be nice, though. There's no reason there can't be a class of programs that allow actions, and a class that merely enhance.
Draco18s
QUOTE (Yerameyahu @ Aug 25 2011, 09:54 AM) *
On the contrary, hacking is unlike first aid. Most things are *not* possible without the right program, by intent. This is in general, not specifically about these proposed programs.


My reply is more "we don't need MORE programs. D: " than anything.

We've already got "too many," most of which are largely unneeded.

QUOTE
An actual overhaul of the program rules/action would be nice, though. There's no reason there can't be a class of programs that allow actions, and a class that merely enhance.


Overhauling the matrix is grounds for another thread, and while we've all tried to simplify or better the hacking rules, no one's managed to do something that's "acceptable."
While it's true that hackers will need hacking programs to do their job, what I'd like to do is make those programs....less important and more consolidated. You pay $500 for "Exploit." It has no rating and simply says "you're a hacker now. You got the skill to use it?"
Yerameyahu
I agree, there are dozens of programs and it's nuts. If they made the Options rules more flexible instead, that might help.

Certainly, I wasn't suggesting doing it *here*. smile.gif

I really think it's a feature of the Matrix rules that money (gear) and not skill determines what you can do. They're not supposed to be like mages, and it's not supposed to be cheap. This doesn't mean that's the best way, nor that other setups can't exist instead (we've seen mage-style, ammo-style, etc. etc.).
Kirk
On the other hand, slight tweaks of the arguments you're making could be used for magic and meat combat.

Why do I need to have all these different kinds of gun rules and types, after all. It's just shoot. One roll, is the other guy dead or not?

yeah, not quite what you meant, but it's got a strong taste of it nonetheless.
Makki
you guys should read Eclipse Phase.
There's one Hacking skill that is used for all tests. The Exploit program is necessary to hack and expensive, but doesn't give any bonus.
And there's only one skill "Kinetic Weapons". You use it for all kinds of guns.

@topic I don't like your programs. they're all overpowered and the "cap at program rating" is a new unnecessary addition
CrystalBlue
Well, understand why I do this.

Given the hacking rules as they are now, hacking is insanely easy for a hacker. To get admin access to ANY large corp, you only need 12 successes which, given the hacking pools I've seen, is do-able in either a few hours or a few phases. So a hacker's going to get in. That's not even a question. And the likeliness of a hacker having a Stealth program running under 6 rating is very low. So, for the system to notice him, I'd have to get 6 successes on 12 dice. That's really not fair for the computer. And then, after that, the hacker has full access to EVERYTHING that node has.

Again, this might just be my confusion of the rules. I had an earlier thread trying to make sense of these rules and how to challenge the hacker, and I didn't get very far when I tried writing one up. I created an apartment complex that they need to get into and they're in a hurry. I created an outside node that then had a bridge inside to the inner CPU that they needed to get to. So they had to brute force their way through two of them. The external system is only 2 and the internal system is 4. I'm rolling shit against a stealth program 6 and hoping they're all successes.

There has to be SOMETHING I can do to a hacker, and I still can't see what that is. More programs that need to be circumvented is the solution. I am honestly at a lose as to how a node is supposed to be constructed with LESS programs. Stat + Skill works in theory, but then you have a mish-mash of arbitrary rules that have no clear definition. It heralds back to the days when my friends used to play D&D by saying "You roll a 15. You kill the dragon. Good job." Simplicity puts too much onus on the story teller to construct every possible outcome.
Draco18s
QUOTE (Yerameyahu @ Aug 25 2011, 10:06 AM) *
I really think it's a feature of the Matrix rules that money (gear) and not skill determines what you can do. They're not supposed to be like mages, and it's not supposed to be cheap. This doesn't mean that's the best way, nor that other setups can't exist instead (we've seen mage-style, ammo-style, etc. etc.).


Gear definitely matters, I'm not debating that. But in order to draw the "not a hacker" characters into the matrix on occasion, the basics should be possible with a minimum of expenditure. For a character to be a dedicated hacker, though, they'll want "all the extras" and have more options than "shoot to kill" as it were.

The gun nut has 4 different kinds of ammo and 6 different guns, all for different situations. The face has a concealed holdout pistol with regular ammunition. Functional and capable in a gun fight, but only has one choice.

A hacker has 10 different programs, all for different situations. The rest of the party has the basics. Functional and capable on the matrix, but have limited choices.

QUOTE (Makki @ Aug 25 2011, 10:23 AM) *
@topic I don't like your programs. they're all overpowered and the "cap at program rating" is a new unnecessary addition


This, also.
CrystalBlue
QUOTE (Draco18s @ Aug 25 2011, 09:36 AM) *
But in order to draw the "not a hacker" characters into the matrix on occasion, the basics should be possible with a minimum of expenditure.


Maybe I don't have the mind for this game then. Not everyone should be a hacker. In fact, not everyone should be buying programs and putting points into Computers and Hacking. That's like saying that every character should have Automatics and Longarms and every mundane character should have Spellcasting, just because. Is it logical for the infiltration specialist to have a commlink with a small exploit and stealth program? Sure does. Does it make sense for a troll to be carrying around a spoof program? Doesn't in my book.

Maybe runners will have high-end commlinks with IC protecting it from intrusion, but there is no reason the troll tank should have hacking programs and skills. It doesn't make sense, in my opinion. Since the skills all say that basic uses of them do not require having points in them, any Joe on the street can Google for something. That doesn't require a Computer skill and shouldn't require a Browse program.
suoq
Off topic:

QUOTE (Kirk @ Aug 25 2011, 08:10 AM) *
Why do I need to have all these different kinds of gun rules and types, after all. It's just shoot. One roll, is the other guy dead or not?

The fun part is, you don't. You can take a small subset of the gun list, mods, etc. and still do everything The variety of guns is a flavor mechanism.
Programs on the other hand are like Pokemon. You have to get them all. And for the most part they're complex for no reason. Analyze, Browse, Data Search, and Edit could all be a single program. It certainly doesn't make a lot of sense that if you buy Edit without Browse you can edit it but not read it. (And what the difference is between a rating 2 and a rating 6 browse program is still baffles me.) Why isn't Command part of System? Scan could go away completely and be replaced by Sniffer for detecting hidden nodes.

------------------------
Back on topic:

Fortify and Verify: This seems like unnecessary complexity to the use of firewall. What is the goal here in making firewall more complicated?
Tarpaper: This functionality already exists in game (Pg 87 Unwired).
Erosion: Why not just delete the program and remove all copies?
Subclause: Again, I'm missing the goal of this, unless pizza delivery in your town takes longer.

Your goal here appears to be complicating the already time consuming (read: Everyone at the table starts opening their laptops and surfs while the hacker and the GM do massive amounts of dice rolling) hacking rules. I'm not sure why.
Kirk
QUOTE (CrystalBlue @ Aug 25 2011, 09:55 AM) *
That's like saying that every character should have Automatics and Longarms and every mundane character should have Spellcasting, just because. I


No, it's more like saying every character should have a weapon and some armor. And if the game designers had allowed purchase of a spell defense or mitigation that could be used by mundanes it, too, would be an "always" item.

The street sam needs a good firewall and should probably purchase an agent that runs a small set of programs looking for intruders. And a smart one will just like a smart mage or technomancer will pick up some armor and weapon.
suoq
QUOTE (CrystalBlue @ Aug 25 2011, 08:34 AM) *
Given the hacking rules as they are now, hacking is insanely easy for a hacker. To get admin access to ANY large corp, you only need 12 successes which, given the hacking pools I've seen, is do-able in either a few hours or a few phases.

What kind of hacking pools are you seeing?

Note that Firewall (5) + Hardware Optimize: Firewall (1) + Analyze (6) (with optimize 3), can be run on most cheap commlinks at under 12 availability and for very little nuyen. Do not make the mistake of leaving the defense at SR4A levels when the offense is using Unwired, War!, etc. Give your large corporations the firewalls, etc. in War!, as well as Mooks that don't have mercy programmed into them. Use honeypots (targets that look attractive but have no actual value while having agents with trace functions).
CrystalBlue
I don' know, maybe this was a bad idea to put here. They were ideas to make hacking more of a challenge. Hacking back in 3rd edition was deadly and serious. It was always a race between the decker and the security sheaf, seeing who got to what first. It was interesting. Hacking in 4th edition, for the last four years of me play, has been a simple "Uh, yeah. You break in. What do you want to do?" Because there was no risk. No serious opposition. Break into node, grab data, get out. There isn't a constant watch on the clock or IC patroling the area, scrutinzing every icon they saw. Am I just stupid, or did the corps's Matrix security get WORSE after the second crash, because I can't find a way to really make the hacker sweat.

My hacker usually can get an exploit of 6 and a hacking of 6. And that's an extended test. That can go on for as long as it needs to, if they're probing. And then, when they break into the node, they only have one roll that detects them. If it's a hacker with a good Stealth program or a smart Technomancer threading their complex forms, the system rolls a small amount of dice vs them and gets not enough. The hacker's in. Now what's stopping them? The system doesn't get to keep making checks on them. And the hacker doesn't have to continue to roll exploits or hack anything, he has Admin access. Security files, gone. Bank numbers, downloaded. Smiley face on the AR screens. And victory. And the system just takes it like a...well...some complex bondage metaphor. >.>;;

I created the extra programs because they sounded fun and they sounded like security procedures we do at my company. Not to the same extreme, but we limit users in a number of ways by controlling how people get to our data, even after they've logged in with correct credentials. Maybe not so much the malicious code, but the theory is the same.

But maybe you guys are trying harder to just justify, to me, why the matrix rules are crap and putting more programs into it doesn't solve it. Look, I agree with you. I don't like the Matrix rules. I want my 3rd edition back. But I play with what I'm dealt and the 4th edition is what I'm playing with. There's nothing I can do.

Draco18s
QUOTE (Kirk @ Aug 25 2011, 11:19 AM) *
No, it's more like saying every character should have a weapon and some armor. And if the game designers had allowed purchase of a spell defense or mitigation that could be used by mundanes it, too, would be an "always" item.

The street sam needs a good firewall and should probably purchase an agent that runs a small set of programs looking for intruders. And a smart one will just like a smart mage or technomancer will pick up some armor and weapon.


This.

The problem is that right now, the cybersam who doesn't have a good comlink and good programs is vulnerable to hacking to the degree that it will get him killed at the push of a button and he'd have not only no way to defend himself, but no way to even know that it's happening.

And in order to keep an enemy hacker out, you have to spend something like 10,000 nuyen.gif (and the hacker is better still, anyway). In order to defend yourself from a hacker, you need to be a hacker. And unlike "defending against spells means being a spellcaster" you can't have one in the party and cover everyone (that is: a mage can counterspell the entire party. The hacker cannot "counter hack" for the entire party).
Deadman Trigger
Given the hacking rules as they are now, hacking is insanely easy for a hacker. To get admin access to ANY large corp, you only need 12 successes which, given the hacking pools I've seen, is do-able in either a few hours or a few phases.


Reread the hacking on the fly rules and remember that megas aren't going to have anything of value on a public access node. Your team is going to have to get access to those nodes. Hacker won't have time to find the backdoor. On the fly rules make it an extended test and every roll the node gets a firewall check with the hits being cumulative....not so easy now is it?
Aerospider
QUOTE (suoq @ Aug 25 2011, 04:19 PM) *
It certainly doesn't make a lot of sense that if you buy Edit without Browse you can edit it but not read it.

You don't need Browse to read stuff - anyone with access to a file can read it, no program required. Browse just helps you find stuff that's buried under a shit-load of other stuff. You shouldn't need it if you know the file name of a document on a memory chip, but if you're in a vast corporate node and you only know vague details about the subject matter you'll get nowhere fast without it.
CrystalBlue
QUOTE (Draco18s @ Aug 25 2011, 10:51 AM) *
The problem is that right now, the cybersam who doesn't have a good comlink and good programs is vulnerable to hacking to the degree that it will get him killed at the push of a button and he'd have not only no way to defend himself, but no way to even know that it's happening.


And that's a stupid sam. If he's not smart enough to keep himself defended, then he deserves everything he gets. I shouldn't have to change the way the game is played based on the ignorance of players.


QUOTE (Draco18s @ Aug 25 2011, 10:51 AM) *
And in order to keep an enemy hacker out, you have to spend something like 10,000 nuyen.gif (and the hacker is better still, anyway). In order to defend yourself from a hacker, you need to be a hacker. And unlike "defending against spells means being a spellcaster" you can't have one in the party and cover everyone (that is: a mage can counterspell the entire party. The hacker cannot "counter hack" for the entire party).


This is untrue. A hacker can counter hack for an entire party. You allow the hacker to pan everyone together, so they all have to go through him before they can get to any of those devices. And the hacker can use his own agents to patrol everyone's devices. I thought this was do-able. If it's not, then I need to completely rework how my systems are built, because now you can't have a security layer around sensitive systems, which seems stupid. This does limit what the other runners can interact with, but again, the other characters shouldn't be hackers and shouldn't need hacking equipment. They need a good device and good security.
suoq
QUOTE (CrystalBlue @ Aug 25 2011, 09:49 AM) *
That can go on for as long as it needs to, if they're probing.
And the system firewall can find them and trace them while they probe.
QUOTE
the system rolls a small amount of dice vs them and gets not enough
Again, if the hacker is using Unwired, then the defense needs to use Unwired and War! and anything else you want to pull out of your pockets.

The good stuff doesn't need to be attached to the matrix. The real good stuff has no need to even be wireless.
If it is on the matrix, how does the hacker know the access ID of his target and how many systems does he have to go through to get to the node with the good stuff?
suoq
QUOTE (Draco18s @ Aug 25 2011, 09:51 AM) *
And in order to keep an enemy hacker out, you have to spend something like 10,000

Erika Elite @ 2500
Firewall 5 @ 2500
Hardware Optimize @ 500
Analyze 6 + Optimize 3 @ 900
Reasonable defense for 6400 nuyen.gif, barely over 1 BP, 1 BP when you consider you needed a commlink anyway.

Meanwhile, this node is running hidden. The commlink that's running public has a fake ID and nothing of value, however it also can be protected for a single BP.

Yerameyahu
I agree with Kirk and Draco18s: having a comm and programs for it is the same as having weapons and armor. Or hell, just armor. It's a Matrix 2.0 world, and you're a moron if you decide to go blind and naked in it. The fact that you can do significant things without investing much (at all) in skills is, AFAIK, the whole point of Matrix in SR4A; it's matrix for everyone. The hackers with high skills and top gear still rock out loud.
Draco18s
QUOTE (CrystalBlue @ Aug 25 2011, 12:01 PM) *
And that's a stupid sam. If he's not smart enough to keep himself defended, then he deserves everything he gets. I shouldn't have to change the way the game is played based on the ignorance of players.


Now read the fluff. Joe Blow on the street has none of those defenses. You need to own the latest and greatest hardware (and then optimize it to make it better), the best firewall, and then the latest and greatest Analyze software (optimized to run on the hardware) and all that does is when the hacker breaks in, it triggers an alarm. You've got nothing that keeps him from fooling around with you and your stuff after he's gotten in anyway (Analyze only says "hey, there's an intruder" it doesn't actually keep them out).

QUOTE
Meanwhile, this node is running hidden.


Which does jack. A real hacker can find hidden nodes just as easily as public nodes (the threshold is 1 versus 3 with a dice pool of 12+)

QUOTE
This is untrue. A hacker can counter hack for an entire party. You allow the hacker to pan everyone together, so they all have to go through him before they can get to any of those devices. And the hacker can use his own agents to patrol everyone's devices. I thought this was do-able. If it's not, then I need to completely rework how my systems are built, because now you can't have a security layer around sensitive systems, which seems stupid. This does limit what the other runners can interact with, but again, the other characters shouldn't be hackers and shouldn't need hacking equipment. They need a good device and good security.


1) Agents: agents are cheating. If you allow the use of agents, the game devolves into "turtles all the way down" because agents are "cheap" and you can run an infinite number of them.
2) Linking pans: sure you can slave devices to another device. The enemy just pulls out his Spoof program and....oh, that pan linking didn't help you at all, did it?
3) Security layers died with SR3, because no one liked the system maps.
Yerameyahu
Yes, it's very difficult to defend yourself (for long) from a good hacker. The system was apparently designed to allow them pretty significant ease, because otherwise they'd basically do nothing for hours and days. Either too-strong hackers, or no hackers. *shrug* That's an issue, and the GM can deal with it.

Still, everyone has decent access for doing some matrix functions, and should certainly have some okay gear for it. They *do* have and use agents, if only for data searches and things. The matrix is a fundamental part of life for even street trash, and you have to take that into account when considering the system and changes to it. It's not the astral, a special place just for the rare Awakened.
suoq
QUOTE (Draco18s @ Aug 25 2011, 10:36 AM) *
Which does jack. A real hacker can find hidden nodes just as easily as public nodes (the threshold is 1 versus 3 with a dice pool of 12+)
Actually it does quite a bit.
1) The hacker must be aware of the node, or at least have a good guess of where the device should be (SR4A 230)
2) It's an Electronic Warfare + Scan (4) Test which means mooks without an EW autosoft are incapable of doing it and even though a Scan 6 is cheap, Electronic Warfare is not a cheap skill for what it gives. The best bet for the hacker is a extended test during a meet but that means I'm getting screwed over at a meet, and that's bad news be it matrix, meat, or magic.
Yerameyahu
Well, only if he wants the easy version. He can scan for hidden nodes 'in general' at a much higher Threshold. It certainly does add another speed bump to use hidden mode, and that's the whole point of hacking defenses: slow him down.
Tymeaus Jalynsfein
QUOTE (Draco18s @ Aug 25 2011, 10:36 AM) *
Now read the fluff. Joe Blow on the street has none of those defenses. You need to own the latest and greatest hardware (and then optimize it to make it better), the best firewall, and then the latest and greatest Analyze software (optimized to run on the hardware) and all that does is when the hacker breaks in, it triggers an alarm. You've got nothing that keeps him from fooling around with you and your stuff after he's gotten in anyway (Analyze only says "hey, there's an intruder" it doesn't actually keep them out).


Joe blow does have the defenses, they are just not up to par WITH AN ELITE HACKER... There are other hackers out there that are not ELITE.

QUOTE
Which does jack. A real hacker can find hidden nodes just as easily as public nodes (the threshold is 1 versus 3 with a dice pool of 12+)


Public nodes have no real threshold if they are active, they are in your list be default. You may have to Browse for it, but you neither need a Scan Program nor a Sniffer Program. A Hidden node is MINIMUM of Threshold 4 (if you know where to look), a Threshold 5 if they are using Non-Standard Wireless, and a Threshold of 15+ if you DO NOT KNOW where to look.

QUOTE
) Agents: agents are cheating. If you allow the use of agents, the game devolves into "turtles all the way down" because agents are "cheap" and you can run an infinite number of them.
2) Linking pans: sure you can slave devices to another device. The enemy just pulls out his Spoof program and....oh, that pan linking didn't help you at all, did it?
3) Security layers died with SR3, because no one liked the system maps.


1. Agents are not cheating, they are a viable alternative to those who do not want to Hack for themselvces.
2. Still has to have the Master Device ID. Not hard to get, bujt it is still a step. And does not help you if you do not know what the Node being spoofed is capable of. So, SPoofing ios not all that useful for other's PAN's.
3. No they did not, they are alive and well in SR4. They just take effort. Which is Effort well spent, in my opinion.
Draco18s
QUOTE (suoq @ Aug 25 2011, 01:08 PM) *
Actually it does quite a bit.
1) The hacker must be aware of the node, or at least have a good guess of where the device should be (SR4A 230)


"That guy has cyber. I bet it has wireless. I bet it's a node. I bet it's hidden." indifferent.gif

QUOTE
2) It's an Electronic Warfare + Scan (4) Test which means mooks without an EW autosoft are incapable of doing it and even though a Scan 6 is cheap, Electronic Warfare is not a cheap skill for what it gives. The best bet for the hacker is a extended test during a meet but that means I'm getting screwed over at a meet, and that's bad news be it matrix, meat, or magic.


Autosofts are for drones not people. Secondly, mooks don't have it, hackers do. Any hacker worth his salt will have the skill.

Plus, who said it was at the meet with the J? Could be any time you're out and about, even with the extended test, the interval is one combat round, so even at a threshold of 15 and getting 1 hit per roll, that's 45 seconds. 45 seconds is a pitifully short amount of time (when the sam is sitting at a stop light? While he's getting a coffee and doughnut?)
suoq
QUOTE (Draco18s @ Aug 25 2011, 11:17 AM) *
"That guy has cyber. I bet it has wireless. I bet it's a node. I bet it's hidden." indifferent.gif

Every bugger on the street has cyber.

Having some random hacker on the street with enough hacking skill and tools to find a wireless node and get past the firewall described above is about as game friendly as having some random sniper or mage on a rooftop target your character for no reason whatsoever.

I'm not sure what you're so angry about, but it seems your goal is to be angry and invent corner cases. Good luck with that.
Draco18s
QUOTE (suoq @ Aug 25 2011, 01:23 PM) *
random hacker


Who said it was random?

In the course of the run isn't it conceivable that an enemy hacker will attempt to take out you and your team? When they do, it's not going to be during a firefight. It'll be before, so that during the fight they take control and screw you over.

Not to mention that this is a two way street: the team hacker hacking the enemy from across the ocean in seconds, causing the cybered guards to spaz out, thus eliminating them from combat (or potential combat).
Yerameyahu
Well, cyber will *not* have wireless, in most cases.
Draco18s
QUOTE (Yerameyahu @ Aug 25 2011, 02:20 PM) *
Well, cyber will *not* have wireless, in most cases.


Except that by the rules it does, explicitly. There's an entire sidebar dedicated to hacking cyberware.
Yerameyahu
Right next to the rules that say most cyber doesn't even have wireless, doesn't have it turned on if it does have it, etc. That sidebar is vague at best, much more harmful than helpful.
Tymeaus Jalynsfein
QUOTE (Draco18s @ Aug 25 2011, 12:21 PM) *
There's an entire sidebar dedicated to hacking cyberware.


But only if that wireless acces has not been disabled, which it will be 99% of the time.
Ascalaphus
QUOTE (Draco18s @ Aug 25 2011, 07:21 PM) *
Except that by the rules it does, explicitly. There's an entire sidebar dedicated to hacking cyberware.


I think they retracted part of that in Unwired.

In SR4, they went "yeah, all cyber has wifi for easy maintenance, but you can disable it".

Then in Unwired they changed it to "all cyber has wifi, but it's off by default. Here are some nanobots to sprinkle on someone to turn it on."

Which is still kind of fishy, but acceptable. Originally they wanted to enable "combat hacking", but after all the street sams complained they came to their senses.

---

Anyway, as regards "hacking is too easy": there are a bunch of methods in Unwired that actually turn hacking practically impossible.

* Nodes get Hard-Encrypted. That slows people down to a day to probe instead of mere hours.
* Data bomb everything.
* Encrypt everything.
* Firewall 6 on everything, because it's not limited by System.
* If it doesn't need wireless, then it won't have wireless.
* If it doesn't need to contact the outside world, then it won't have the means to go online. That means you need to go local to get access for a hacker.
* Segregate functions. The security network shouldn't mix with the accounting network.
* Everything important has a physical off-switch that cuts the power and/or connection.
* If a Node notices it's being hacked, it'll send a message to an external device to kill the connection. End of hacking attempt.

The hacking system just favors a defense-in-depth approach. But it can be secured. Protecting against DDOS is actually harder than preventing intrusion.

For Joe Sam, to secure himself against a hacker, all he needs is to switch off external communications. He'll lose TacNet and subvocal communication with his team, but he will be immune to hacking.

Also, a hacker can protect his team against hacking: just jam communications. Make sure your teammates don't carry too high a Signal on their commlinks and you should be able to interrupt their response to the hopeful hacker.

---

So, what do I have against these additional hacking programs you've proposed?

The most important one is that I think the game needs far, far fewer different program types. To do a typical hack, you need Exploit, Analyze, Stealth, Decryption, Defuse, Browse and perhaps five more.

To kill someone with a gun, you just need a gun, any gun, and bullets. You can pick guns with various benefits, but they all have the same basic function, and you don't need ten different guns used in the proper order to lay waste to your enemies. The choice in guns diversifies your options and adds flavor, but it introduces comparatively (to hacking) little bookkeeping.

That's what programs should be like: there should be a choice between the MCT Hacking Program, which is solid and powerful, or the Renraku one, which is faster and sneakier, but not so great if you get spotted.

---

Finally, "buying" hackers: I don't like it. I know the argument for it (dystopia, machines think faster than people), but I don't like it. I don't like saying "your character matters less than his equipment".

If you decide that your metahuman mind is important, it gives you a solid basis to then cut down Agents to a power level where the Agent Smith problem isn't so problematic anymore: because metahuman minds are simply better. (It also makes brain-in-a-jar "Agents" far creepier, but those aren't so easy to mass-copy.)
Draco18s
QUOTE (Ascalaphus @ Aug 25 2011, 02:53 PM) *
Anyway, as regards "hacking is too easy": there are a bunch of methods in Unwired that actually turn hacking practically impossible.


And if you can make hacking impossible, then there's no reason to be a hacker. If Steve Sammy can make himself immune to hackers, then what stops a corporation (with millions of times the disposable income) from making itself unhackable?

And if a target is unhackable (which is easy) then what does a hacker do?
Tymeaus Jalynsfein
QUOTE (Draco18s @ Aug 25 2011, 01:07 PM) *
If Steve Sammy can make himself immune to hackers, then what stops a corporation (with millions of times the disposable income) from making itself unhackable?

And if a target is unhackable (which is easy) then what does a hacker do?


Physically penetrates the facility and hacks from INSIDE the system. It is the Tried and True method.
Draco18s
QUOTE (Tymeaus Jalynsfein @ Aug 25 2011, 03:15 PM) *
Physically penetrates the facility and hacks from INSIDE the system. It is the Tried and True method.


What if the exterior door (opaque) has a hardwired camera on the other side monitoring the door for "being in the state of not being closed"?
suoq
QUOTE (Draco18s @ Aug 25 2011, 02:19 PM) *
What if the exterior door (opaque) has a hardwired camera on the other side monitoring the door for "being in the state of not being closed"?

Get a new GM. One who understand this mission is supposed to be a challenge to be overcome. Not a cakewalk and not rock falls.
Draco18s
QUOTE (suoq @ Aug 25 2011, 03:24 PM) *
Get a new GM. One who understand this mission is supposed to be a challenge to be overcome. Not a cakewalk and not rock falls.


Likewise the players shouldn't be able to do the same to their pad, should they? wink.gif

In which case, it's a rules problem. smile.gif
CrystalBlue
Really guys, I didn't know this was going to spawn another conversation about Matrix and the rules and have it spiral downwards. I just wanted an opinion on programs. I'll just make these into Agent or Sprite special abilities, which will make it be a little more acceptable.

I didn't mean to light fires.
suoq
QUOTE (Draco18s @ Aug 25 2011, 01:27 PM) *
Likewise the players shouldn't be able to do the same to their pad, should they? wink.gif

In which case, it's a rules problem. smile.gif

No. It's still a GM and players problem. If your players are doing that to their pad then a storyline results from it. Someone is trying to get into their pad. Who? Why? If someone knows where the pad is, is it safe to go back there?

If the GM is screwing over the players, the players need a new GM. If the players are screwing over the GM, the GM needs new players. The rules in the book do not make people's personal behavior problems go away.
Draco18s
Sounds like you're the kind of person who'd be ok with a set of rules that includes the I Win Button. The first person to push the button wins the campaign.
Kirk
QUOTE (Draco18s @ Aug 25 2011, 11:36 AM) *
Now read the fluff. Joe Blow on the street has none of those defenses. You need to own the latest and greatest hardware (and then optimize it to make it better), the best firewall, and then the latest and greatest Analyze software (optimized to run on the hardware) and all that does is when the hacker breaks in, it triggers an alarm. You've got nothing that keeps him from fooling around with you and your stuff after he's gotten in anyway (Analyze only says "hey, there's an intruder" it doesn't actually keep them out).

Actually, Joe Blow has a firewall which is part of those defenses. And Joe Blow can set his node to passive or hidden, and according to the fluff does so at various times.

And for that matter, Joe Blow doesn't have a passcard or a triple-set magnetic lock and half a dozen firearms, either. Joe Blow is Joe Blow.

QUOTE (Draco18s @ Aug 25 2011, 11:36 AM) *
Which does jack. A real hacker can find hidden nodes just as easily as public nodes (the threshold is 1 versus 3 with a dice pool of 12+)


No. EW+Scan[4], or EW+Scan[15+,combat turn] extended test. Neither of those is 1 or 3. With 12 dice the hacker's got about an even chance of picking up the hidden node in the first case, and takes about 5 combat turns for the extended test. It's inevitable, but not "easy".


QUOTE (Draco18s @ Aug 25 2011, 11:36 AM) *
1) Agents: agents are cheating. If you allow the use of agents, the game devolves into "turtles all the way down" because agents are "cheap" and you can run an infinite number of them.
2) Linking pans: sure you can slave devices to another device. The enemy just pulls out his Spoof program and....oh, that pan linking didn't help you at all, did it?
3) Security layers died with SR3, because no one liked the system maps.


1) You cannot run an infinite number of agents.

2) That spoof program's harder than you think. Oh, getting the access ID is pretty easy. But to spoof you've got to minimally beat an opposed test: your hack+spoof vs the target's system+firewall. If the target's got a brain in the head the signal is encrypted and all commands are admin. That means first you have to crack the encryption (inevitable, but takes 3 to 5 combat turns) and then your test is at -6. If your target's running 5 system 5 firewall you need at least 16 dice to have a 50/50 shot. and that's all assuming your target didn't get coached by his team's hacker.

3) which means you haven't bothered to read unwired.

Here's a simple thing which I happen to like better than the slaving. I own two commlinks, my very good one and my cheap one. I wire them together and turn off the wireless portion of my good one. My good one is system 5, has a firewall of 5 as well. My cheap one, rating 2, has an optimized rating 4 databomb (Pavlov option) that triggers on logon (unless, of course, the password is known). It also has a rating 2 kitsune that does nothing but watch the databomb; alerting if the bomb is defused. My good comm gets that alert.

Picking up the databomb on an analyze isn't really that hard. Defusing it can be a bit tricky. But that happens to be the alarm trigger for the majority of my defenses, which includes just physically rebooting the cheap comm.
Seerow
QUOTE
(inevitable, but takes 3 to 5 combat turns)


It is worth noting you can actually make cracking that encryption much harder. Unwired Page 66 has a nice little treat known as strong encryption. You spend up to 1 day encrypting your commlink, and from that point on anyone attempting to decrypt it has to deal with their extended test intervals being 1 day. You can't encrypt your signals this way sadly, but anyone wanting to defend a specific node should be using strong encryption to make it take more time than it's probably worth to get in.

If you combine that with dynamic encryption (same page, spend 1 complex action to increase target's encryption threshold by your hits on an electronic warfare+encrypt test), and it becomes literally impossible to break, because you can encrypt far faster than they can ever decrypt. (Interestingly despite both of these options being literally on the same page there's nothing about changing the interval for for dynamic encryption on a node that has been encrypted with strong encryption. So even though it took a day to set up, you can modify it on the fly with 3 seconds, while the opposing hacker is still spending days trying to get in).
Draco18s
QUOTE (Kirk @ Aug 25 2011, 03:45 PM) *
Actually, Joe Blow has a firewall which is part of those defenses. And Joe Blow can set his node to passive or hidden, and according to the fluff does so at various times.


"Only" a firewall is going to do Jack Shit at keeping intruders out.

QUOTE
No. EW+Scan[4], or EW+Scan[15+,combat turn] extended test. Neither of those is 1 or 3. With 12 dice the hacker's got about an even chance of picking up the hidden node in the first case, and takes about 5 combat turns for the extended test. It's inevitable, but not "easy".


I was off on the threshold (and it IS threshold 1 to find public nodes, check that same section).

Oh, and if it takes 5 combat turns, then it is easy. indifferent.gif Most people take more than 5 combat turns to make coffee.

QUOTE
1) You cannot run an infinite number of agents.


Right. Only 1 on each toaster you own.
(How many toasters do you own?)

QUOTE
2) That spoof program's harder than you think. Oh, getting the access ID is pretty easy. But to spoof you've got to minimally beat an opposed test: your hack+spoof vs the target's system+firewall. If the target's got a brain in the head the signal is encrypted and all commands are admin. That means first you have to crack the encryption (inevitable, but takes 3 to 5 combat turns) and then your test is at -6. If your target's running 5 system 5 firewall you need at least 16 dice to have a 50/50 shot. and that's all assuming your target didn't get coached by his team's hacker.


By RAW you can't spoof any device because you can't get the access ID of the device your trying to spoof as, due to the way the rules are written.

QUOTE
3) which means you haven't bothered to read unwired.


Lets say it's been a long time and it did nothing to help clear up the issue that "the rules for the matrix suck."

QUOTE
Here's a simple thing which I happen to like better than the slaving. I own two commlinks, my very good one and my cheap one. I wire them together and turn off the wireless portion of my good one. My good one is system 5, has a firewall of 5 as well. My cheap one, rating 2, has an optimized rating 4 databomb (Pavlov option) that triggers on logon (unless, of course, the password is known). It also has a rating 2 kitsune that does nothing but watch the databomb; alerting if the bomb is defused. My good comm gets that alert.

Picking up the databomb on an analyze isn't really that hard. Defusing it can be a bit tricky. But that happens to be the alarm trigger for the majority of my defenses, which includes just physically rebooting the cheap comm.


This is a door with an unhackable camera looking at it. And you didn't even realize it.

QUOTE (Seerow @ Aug 25 2011, 03:53 PM) *
It is worth noting you can actually make cracking that encryption much harder. Unwired Page 66 has a nice little treat known as strong encryption. You spend up to 1 day encrypting your commlink, and from that point on anyone attempting to decrypt it has to deal with their extended test intervals being 1 day. You can't encrypt your signals this way sadly, but anyone wanting to defend a specific node should be using strong encryption to make it take more time than it's probably worth to get in.


SR4 wanted "hackers to hack in combat time" and thus made the matrix run at the same speed as the meat and use combat turns and have the hacker on-site with the rest of the team.

Then they did this, putting intervals back at hours+

QUOTE
If you combine that with dynamic encryption (same page, spend 1 complex action to increase target's encryption threshold by your hits on an electronic warfare+encrypt test), and it becomes literally impossible to break, because you can encrypt far faster than they can ever decrypt. (Interestingly despite both of these options being literally on the same page there's nothing about changing the interval for for dynamic encryption on a node that has been encrypted with strong encryption. So even though it took a day to set up, you can modify it on the fly with 3 seconds, while the opposing hacker is still spending days trying to get in).


And this. These two options make a node unhackable by GM fiat, effectively removing the hacker from the game by virtue of making his role impossible to perfom.

(To quote an observation about the D&D Monk: "The class wouldn't be a trap, if it weren't for every other class ever.")
Kirk
Draco18s, it's too easy, but it's too hard, but it's too fast, but it's too slow...

In simple, it appears to me you don't like the Matrix, no way, no how, and you're determined to deride any explanation. I think, therefore, that I'll stop discussing this with you. Not real fond of arguing just to argue these days, and "we agree to disagree" suffices.
Draco18s
QUOTE (Kirk @ Aug 25 2011, 04:39 PM) *
Draco18s, it's too easy, but it's too hard, but it's too fast, but it's too slow...

In simple, it appears to me you don't like the Matrix, no way, no how, and you're determined to deride any explanation. I think, therefore, that I'll stop discussing this with you. Not real fond of arguing just to argue these days, and "we agree to disagree" suffices.


That's untrue. wink.gif

While I do gripe about those attributes, I'm well aware of the fact that I gripe about both extremes.

But I also recognize that there's no middle ground. Or, rather, there is one, but it's knife-edge thin and takes very little for the rules (or even just an unaware GM) to nudge things off balance one way or the other.

There's three primary things I want out of hacking:

1) Hacker is onsite
2) Teamwork is required
3) Hackers can't trump non-hackers in combat by virtue of hacking their [cyber, comlink, gun] and pushing buttons.
Tymeaus Jalynsfein
QUOTE (Draco18s @ Aug 25 2011, 12:42 PM) *
Sounds like you're the kind of person who'd be ok with a set of rules that includes the I Win Button. The first person to push the button wins the campaign.


How do you get that from what was posted? I sure didn't. wobble.gif
Draco18s
Sorry TJ, let me be more clear.

QUOTE (Draco18s @ Aug 25 2011, 03:42 PM) *
Sounds like suoq is the kind of person who'd be ok with a set of rules that includes the I Win Button. The first person to push the button wins the campaign.


Although your group wouldn't be far off, either, TJ. You've got all these gentlemen's agreements to never have more than 15 dice to anything.
Kirk
QUOTE (Draco18s @ Aug 25 2011, 03:47 PM) *
That's untrue. wink.gif

While I do gripe about those attributes, I'm well aware of the fact that I gripe about both extremes.

But I also recognize that there's no middle ground. Or, rather, there is one, but it's knife-edge thin and takes very little for the rules (or even just an unaware GM) to nudge things off balance one way or the other.

There's three primary things I want out of hacking:

1) Hacker is onsite
2) Teamwork is required
3) Hackers can't trump non-hackers in combat by virtue of hacking their [cyber, comlink, gun] and pushing buttons.

But the GM can always nudge almost any part of it off balance. I've seen it done with magic. I've seen it done with gunplay.

As to your three points I'll note:
1) Ritual mages do not have to be onsite;
2) Mages do not have to do teamwork;
3) Mages can trump non-mages by virtue of summoning their possession spirits and standing out of the way.

Look, the bottom line for me is that hackers aren't as over powered as you believe them to be. They have weaknesses. They have to deal with the other guy's hackers. They have to avoid the other guy's mages. And a knife in the back can't be hacked.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012