I've been reading a lot of Unwired recently in an attempt to better understand all things Matrix. I've been reading about slaving and I had an idea, but I'm not sure how it plays out.

If I have Commlink 1 plugged into a datajack, and everything I want connected to it either wired in or skinlinked then that'd be unhackable, correct? (Unless someone was touching me)

If I then have a second commlink slaved to the first, and connected to it by cable, but wireless and matrix connected, how would it be hacked? You have to hack the master to reach the slave, but the master is unreachable unless you can hack back to it through the second device? I aren't sure. Thats why I'm asking. It's more of a thought that came to me rather than something likely to come up in a game, but I was musing over it and thought I'd ask. Cheers for any insights

The slave just forwards any connection attempt to the master, therefore you could just hack the master over the wireless connection of the slave

NiL nailed it: if you're online, you're online.

There are some good old threads about 'standard procedures' and slaving that address this in nauseating detail.

Or unless a sprite already has an account on the node, or a repeater drone lands on you, or someone has a pathway through the matrix and an open subscription. Basically you’ve denied Mutual Signal Range (MSR), so all regular ways to hack someone without MSR still work.



By attempting to hack the second comlink, you end up hacking the first.



So to answer in a complete sentence, attempting to hack the second node forwards the connection attempt to the first node, which can be hacked. At least that is my interpretation of Unwired 55.

Also the FAQ

Q:Can you subscribe to a slaved node or device?
A:A slaved node will not accept any subscriptions except from its master node; any attempt to use the Log On action to access the slave node will cause the user to Log On to the master node (provided they have a valid account and/or passcode). A hacker can attempt to subscribe directly to the slaved node if they have a physical connection (Slaving, p.55, Unwired).

Q:If a group of devices were daisy-chained together, one slaved to the next, could you hack the last device directly, or would you need to hack them all in successive order?
A: You can hack the last device directly (previous question), but at no point would you have to hack each device sequentially. The master node gives access to all slaved nodes and devices in that network. Some systems are set up so that you must hack a particular node before you can access a different node, these are called gateways.

Daisy chaining doesn't really work so well due to the wonders of mesh routing.

This doesn't quite answer your question, but if you are trying to secure your PAN, your best bet is still to use skinlink, Up your firewall, and use a stealth program, encryption, and data bombs.

A stealth program doesn't stop a hack attempt, but severely slows it, as a prospective intruder has to detect each facet of your security before he can attempt to deal with it. A comlink without a stealth program is wide open for examination.

However the way to play it is as follows--SOP as far as I see it):
1. Your Main commlink node is hidden and contains all those illegal programs that you're not supposed to have.
2. It has a signal of 0 (Basically 3 meters) and connects to your disposable commlink where you have a higher signal.
3. The disposable commlink is just that and depending on area of town (good or bad) you adjust it as public or hidden. Broadcasting your fake sin as needed.
4. Any cyber is slaved to your main commlink and the signal kept to a 0 or skinlinked.
5. Yes, hacking attempts can be made against your hidden node at anypoint, butthey would need to first spot it after realizing your broadcastin link is not your true link.

Also, FAQ

How can a character protect his cyberware from hacking?

1) Turn off or remove any wireless links (p. 31, Augmentation).
2) Use a direct physical connection rather than wireless (externally-accessible implants only).
3) Keep the Signal rating low so a hacker would have to be within close range.
4) Use a good Firewall program.
5) Use a good Encryption program.
6) Stay in hidden mode.
7) Slave the implant to your secure commlink (Slaving, p. 55, Unwired).
Install Data Bomb, ECCM, or IC programs

To say the same thing everyone else is, but in a different way, it would be hacked through that cable that connects them.


Or turn all that stuff off, of course. There's really no reason at all for your whole PAN to be online all the time. Turn on the devices you need when you need those devices, and after ascertaining whether or not it's safe to do that. If wireless security in real life sucked as much as it does in Shadowrun, wouldn't you just turn off your cell phone when you didn't need it, or else never have anything on it you didn't want the entire world to see?

Burnout all wireless on all cyber.
Have an internal comlink.
Have a Datajack.
Connect external Comlink with wifi to Datajack via cable only if really needed.
Else, disconnect cable. You are now safe and secure and have a disposable comlink broadcasting your fake SIN and doing spam defence and the such.

You want stable?
You want safe?
You want secure?
You use a cable or stop complaining <.<

That's [roughly] what all of my [augmented] characters do, even the ones who aren't tech-savvy, because you presume somewhere along the line, someone would have said to them, "Bro, there's only one way to do this..."

There are scads of reasons for your PAN to be online all the time. It's just that you *could* bite the bullet and turn it all off, if you really needed to.

Yeah, it's the only way to be sure.
Also, the Datajack itself gets a Firewall.
And the Comlink gets a firewall and at least one agent doing a system wide sweep every minute or so.

And the smartgun gets a Cyber Safety chip installed (Augmentation, p. 40).

Back before all this wifi nonsense, we had subdermal Induction Datajacks and Induction Pads for our Smartlinked Weapons <.<

The cyber safety chip is exactly this - and it costs 0 essence too.

No, the Cyber-Safety-Chip is something different.
In SR3 it worked by using the Induction Pad of the Smartlink or the Induction Datajack in your Hand.
In SR4, Smartlink is Eye-Ware, so no contact anywhere, if it's not skinlinked somehow.

Well, the safety chip only functions with an implanted smartlink - or with a cable from a datajack to your goggles

What would some of those be, out of curiosity?

Communications, AR, games, convenience, searches, TacNets, remote controls, … basically anything. Certainly not "really no reason at all". Together with your 'what do mundanes have to fear from mages' question, I'm starting to doubt your imagination!

Could you please explain how any of those require your PAN to be online all the time? [Emphasis mine.]


You should probably get used to the idea that sometimes I ask questions to spark conversation, or to learn someone else's ideas, not because I don't already have an answer.

[edit: Also, I definitely didn't ask, "What do mundanes have to fear from mages?" If what I did ask was unclear, please feel free to ask me to clarify!]

Because you'd be using those all the time. (Lack of emphasis mine.) Ooh, I forgot sensor feeds!

You didn't ask a question. You made a (ridiculous) categorical statement. It's clear that, far from "really no reason at all", there are a number of reasons. That's not at all to say that a shadowrunner couldn't turn it off, especially in certain circumstance, but that's not what you said. If that's just you sparking conversation… ugh.

(I'm pretty happy with my paraphrase of your actual question about mundanes. I didn't use quotation marks, so it's clear that's what I was doing.)

I'm sorry, but I don't understand how you'd be searching all the time. Could you please perhaps explain? You've said several times, "There are a number of reasons," and "You'd be using those all the time," and so on, but you haven't explained, or given any reasons. Saying a thing is so does not explain how or why it's so. Why do I need my entire PAN online all the time?


Yes, I did: "What would some of those be, out of curiosity?" was the question I asked. I asked it to learn your beliefs on the subject: if you're not interested in sharing those beliefs, please, feel free to say so.


You used single quotes instead of double quotes, which isn't a convention I'm familiar with for paraphrasing; my apologies. Is this a common convention?

Your paraphrasing, however, is completely and wildly incorrect, incomplete, and ridiculous. If you'd like to know why, please ask. If you don't, please stop pretending it's accurate, when the person who said it politely mentioned it wasn't.

I didn't just say searching. I gave a whole (non-exhaustive) list of examples.

You need it on because you're using it; you need your whole PAN because it's typically a single unit, without annoying complications; you need it all the time because many of the things you're using, and especially in aggregate, are used all the time. I'm not being obscure, here. As I said, there are special circumstances when these aren't true, but that's hugely different from "really no reason at all".

I understand it to be a common convention, yes. *shrug* Maybe you're misreading my paraphrase. I'm happy to forget it, it was the most minor of points to begin with. Serves me right for making a joke.

Indeed you did. But I wasn't simply asking for searching, I was using it as an example of a thing you hadn't provided any reasons for needing to have your PAN online all the time for; it wasn't intended to be exhaustive, either, only one example among many.


Why would you be using your PAN all the time, though? I use my smartphone a fair amount, but always? Could you please give reasons you'd need your entire PAN online all the time?

I don't mean, 'because you're doing stuff with it,' I mean reasons. I don't wear a seatbelt, 'because, in aggregate, there are situations in which it might be useful,' I wear it because, for example, another vehicle might strike me, and I could be thrown violently forward, a situation in which the safety belt would prevent me from colliding with the steering column and being injured, something I like to avoid. You need it on all the time because the situations in which someone else might hit you [for example] are unpredictable, so you can't just pop the thing on, use it, and pop it off. There's a reason, more specific than, "because you're using it," for wearing a seat belt.

For another example, a cell phone could be turned off until it's necessary, but if it's intended for two-way unscheduled communications, this would be impractical, since someone couldn't dial in to you. There's a reason that it's necessary for a phone to be turned on, if that's its intended use. A similar argument would obviously be made for a commlink, if you wanted to be able to use it for two-way communications.

Are there similar, equivalent reasons a shadowrunner might have for leaving their PAN online all the time?


If you consider the PAN to be "a single unit," we mean something very different by the term. What is it you mean?


To be perfectly honest, given your attitude, I didn't interpret it as a joke: I thought you were being a dick, and playing it off like you were making a joke. Usually, when someone misrepresents something you said and then throws up their hands and says, "I was paraphrasing! I was joking!" it's because they're trying to be a dick without getting called on it, trying to ride the ride without having to pay for the ticket: "Your mother's a whore," gets you a punch in the face, but add, "Just kidding!" and everything's kosher. But if you weren't being offhandedly dickish, then gee, well, I just feel horrible for misrepresenting you.

You don't sound very sincere about misrepresenting me. Given your attitude. I dunno how I could have been any more obvious about paraphrasing *or* joking, given the single quotes, the exclamation point, the winking smiley… so we'd better just give it a rest. Believe whatever gives you joy. For the record, I'd insult you to your face.

Of course the PAN is a single unit. It's the commlink in the middle, connected to the matrix; and everything else hooked up to it. You could selectively unhook and rehook bits, which I mentioned ("annoying complications"), but at the cost of time and reduced functionality. You could have the bits individually go online, but their Signal prolly sucks, and they're not hack-safe. The standard way of controlling those bits is also via the central commlink, so they'd all be connected to it anyway. Again, you can *not* do that, but it's a pain and often slower.

Given that the PAN is based on the commlink, I think you just mentioned the simplest (as you said, "obvious") example. Of course, and as I said, it's always possible to go radio-silent… it just sucks. If you don't care about talking to your team or anyone else, running a TacNet, commanding drone, getting sensor feeds from those cool drones, etc., then maybe you don't need your PAN online at the moment. But clearly someone might want to do any of those things, which means there's at least one reason to leave it on. All the time. The whole PAN.

Let's be clear about what "everything else" would mean: "cyberware, AR shades, clothing-based storage, weapons, or any other devices you carry." [SR4a, p219.] Are these the devices you would leave online all the time?


The thing that I'm trying to understand is why it sucks: how does it impede your life to not have your AR shades online all the time, whether you're using them to display data from online or not?

Now, I'm not saying everyone would selectively disable their PAN. I turn the wifi radio and the bluetooth off when I'm not home or in the car, respectively, to save battery, and I often disable background data for the same reason. I wouldn't expect everyone to do this: my dad would just turn it all on, and charge it if the battery went low. Similarly, I'm not saying everyone would selectively turn off the wireless radios on their cyberware, camera/glasses, data storage devices, or weapons, but a shadowrunner would, I think, have to be pretty insane to leave all those things on all the time. A shadowrunner would be, in my view, more-or-less utterly nutty in many circumstances to have wireless radios enabled on any of those devices, given the nature of their activities. I think there's no reason that someone would "have their whole PAN to be online" while they're breaking into a secure facility, but if there are reasons that doing so would be helpful, I think it'd be cool to hear what they are.

I still hold that having separate wired 'internal' and wireless 'external' PANs isn't overly expensive or hard to do, and virtually eliminates the possibility of an outsider hacking anything really important.

Wired PAN for your important gear, like cyberware and other electronics that don't absolutely NEED wireless to function.

Separate wireless PAN for the handful of devices that cannot function without wireless connections, like TacNet, communications, drone control, etc.

Wired PAN is hackproof. Wireless PAN ideally is disposable in case it does get hacked. The two PANs shouldn't be connected except when necessary.




-k

Yes, "any other devices you carry" are the devices I would leave online *ALL*. (Hehe.)

That's just to save battery; not a concern in 2070. If I didn't have to worry about battery (or maintenance), I'd never turn anything off.

My AR shades aren't necessarily online, but they're connected to the commlink, which is. That's the PAN, always online (unless, as always, you have a good reason to turn it off). Even if everything else is skinlinked, the commlink's job is to be online, for itself and all those devices. In fact, I've been assuming we were talking about a fully skinlinked PAN (including gun) + hack-resistant commlink, because that's just SOP. It doesn't matter.

Did you just ask the original question again, again? I'm getting tired of repeating myself. Communications, TacNets, controlling drones, sensor feeds, looking up external info (including with agents and other automatic things), games, local AR, and many things I'm just forgetting.

Now, I don't recall "while they're breaking into a secure facility" being part of your original statement; that clearly falls under my repeated caveat, even though I'd wager many people *would* want their comms and TacNets, etc. while doing exactly that. So, even if we narrow your statement to be only runners, only in secure facilities, it still doesn't make sense. There are reasons someone might want to be online; it's not inconceivable, insane, or utterly nutty… depending on the exact circumstances.

--
It's true, Karma, though still a bit of a pain. My problem is usually when those two sets want to talk to each other. TacNets want your sensors and smartlink, and that includes some of your cyber, for example. What you call "the handful of devices" needing wireless, I call 'most of the really important ones'. The ones you probably want your *good* commlink on, running the good programs; having two of those does start costing more.

Yeah, that's an example of different types of people having different usage scenarios, not an example of why someone in Shadowrun would turn off the wireless link on a device. Someone in Shadowrun would turn off the wireless links on their devices for security reasons, not to save energy.


Then they're online, if by proxy. The connection they use determines the level of security risk you face. If you're using a wireless radio - as we've been discussing up to this point - the risk is somewhat greater than if you use skinlink connections.


Yeah, I've asked the original question basically every post since the first, because I still don't feel like I've ever gotten an answer. Here's the thing: you're listing a bunch of things you use wireless connections for, but providing no explanation as to why any of these things requires constant connection of the whole PAN to the Matrix.

For example, you list, "games" as a reason why someone would need their whole PAN online all the time. But if they're not playing any games, why would they need to have their whole PAN online because of games? Like, "games" isn't a reason I'd have my handgun on the Matrix. "Games" are a reason I'd have a wireless connection, maybe, but even then they wouldn't be a reason I'd keep that wireless connection turned on while I was breaking and entering. So "games" does not appear to be a valid reason to have your whole PAN online all of the time.

Similarly, "controlling drones" doesn't appear to be a valid reason to, for example, keep your handgun connected to the Matrix, so it also would not be a reason to have your whole PAN online all of the time. In fact, it would appear to me that controlling drones would only require you to have a small portion of your PAN online, and then certainly not all the time.

You've given several lists of reasons to be online in Shadowrun, absolutely. The things I'm stuck on are "whole PAN," and "all the time," and "shadowrunner." Everyone knows why you'd want to get online in Shadowrun: what I'm asking you is why a professional criminal would leave his AR glasses connected to the Matrix while he's asleep in the car. [As one example.]


My original statement included the words, "all the time." I've since used that phrase 13 more times, usually in italics or bold, sometimes with special attention drawn to that highlighting. You yourself have used that exact phrase, five times. Several times - I ain't counting - I've specifically referred to shadowrunners and professional criminals. This is one reason I specifically brought those things up.

That said, "breaking into a secure facility" is just one example of a time and place when a shadowrunner might want to be prudent about what devices are online; asleep in the car, walking down the street, and while playing racquetball would be three more.

Ah. I misunderstood you, I guess. If you meant "all the time" as 'never ever go offline, 100% uptime', then no, there is no reason. But that's so totally obvious that I assumed it's not what you meant. It's the same as saying water is wet. If so, forget I said anything; I agree, water is wet. I have trouble believing this misunderstanding is the case, because you've seen me specifically and repeatedly say, 'obviously, there are times when you'd want to go dark'. This statement clearly shows an incompatible reading of "all the time", and I've just been agreeing all along.

However, if you meant "all the time" like normal people do, that they keep their commlink online (and therefore their whole PAN, because the commlink is the online component of the PAN) at all times that special circumstances don't alter this default state, then I still don't see the problem. Personally, I'd want comms, sensors, drones, TacNet, etc. running "all the time", by default. Because they offer several great reasons to do so. I understand there's a tradeoff there, but it's so far from "insane" that I assumed you were using hyperbole.

--
The whole PAN because there's basically no such thing as 'not the whole PAN'; you don't turn off all the devices linked to your commlink and controlled via it just because you're doing something else. Many of them are continuous or background functions.

… all the time because, for example, TacNets require a constant connection; so do many other things, which I refuse to re-re-repeat.

… shadowrunner, because they use TacNets (again, for one example). Maybe not games, especially if your runners are boring Pros. I feel like I specifically said (several times) there are many cases when you wouldn't want your games (etc.) running, so I dunno why you keep mentioning things like that.

His AR glasses aren't connected to the matrix, they're connected to his commlink, which is (cuz it's a commlink). They're connected to his commlink because that's the only way they have any function. They're probably skinlinked anyway, so there's not really any reason to turn them off. And while he's asleep so he doesn't miss a call. You keep acting like it's 'all these devices online'. It's one device online: 'the PAN', via the commlink.

I don't know, man. I was really hoping you'd sell me on your position, because you seemed really sure of it, but the more times I ask without any answer, the more I'm convinced we're either completely failing to communicate, or else you don't actually have any support for your position, but now you feel trapped and won't admit it. Either way, I don't think I can in good conscience continue to ask the same questions without answers. You definitely haven't convinced me that I'd do well to have my whole PAN online even the vast majority of the time,* but I appreciate your efforts.

If somebody else also holds the same position - that a professional criminal's whole PAN should be online the vast majority of the time - and would care to explain why that would be, I'm definitely still curious.

*Which is, you're absolutely correct, what we both meant by "all the time," I agree.

At this point, I'm so bored to death of repeating myself, I don't care what you're sold on. One of the mods has a rule about conversation quagmires, and I'm afraid we're well beyond it already. I can't imagine how else I could tell you, and it's such a clear and basic fact; you can't 'support' 'water is wet'.

You clearly didn't mean '100% uptime', but rather "the vast majority of the time", so we know that my misunderstanding wasn't the issue. It's possible you missed my own goal: you said there was no reason anyone would do that, and I say there's *not* no reason anyone would do it. That's different from saying everyone should do it. I can simply imagine several common reasons someone might.

*Sees "100% Uptime", flashes back to bad memories of IT work, and crawls back into corner to cry*

100% uptime is a myth.
99% at best.

Not 99.9? Or 'five nines', etc.? Hehe. That's kind of my point, though: when someone says, 'I have my cell phone on all the time', they don't mean literally 100%. They mean, except when the battery dies, or I'm on a flight, or in the theater, or when I'm ducking calls…

I base my commlink security on the Tips for the Evil Overlord’s Crooked Accountant.

The first 3 of these rules are as follows:

1) Keep a set of books listing those activities of the Evil Overlord which would be a credit to Gandhi. Show these records to anyone who cares to see them.
2) Keep a second set of books that lists the activities in the first set of books, plus those activities that look fishy at a cursory glance, but at closer examination are perfectly within the letter of the law, and maybe bend it a little. Show these books to auditors who aren't fooled by the first set of books, and then only when the Evil Overlord has no choice but to allow examination. Keep them a bit disheveled so that anyone looking at them will think you were caught with your pants down.
3) Keep a third set of books, listing everything the Evil Overlord is up to. Show these books to the Evil Overlord when he wants to see them. Show them to nobody else. Store them in thermite-packed cabinets so that they can be destroyed with extreme speed.

I carry 3 commlinks, which correspond to the above rules:

Commlink 1: Rating 2, Default Mode Public. This commlink is ludicrously squeakly-clean. It contains only fully legal software, no questionable data at all, and a real SIN linked to a fully legal bank account for mundane purchases.

Commlink 2: Rating 4, Default Mode Passive. This commlink is there to fool anyone who isn’t fooled by the crappy public commlink and goes looking for a 2nd one. It contains some slightly questionable “gray” programs, like good encryption and hidden directories of files that look private, but nothing actually illegal.

Commlink 3: Rating 6, Default Mode Hidden. This commlink is the real deal. Anything illegal is stored here. Firewall 6 and Analyze 6 running at all times. Probably Black Ice, too. Upon activation of a spoken phrase or unauthorized access, it will immediately erase all programs and data, and keep overwriting all (then) free storage sectors with random bits indefinitely, until told to stop. Better to have to reload from hidden offline chip copies than be caught with the good stuff here.

You could try the daisy-chain-of-wired-only-commlinks trick, with your primary commlink on one end and the only commlink with an actual wireless circuit on the other. Every commlink in the chain has an agent that continuously runs scans to find intruders, and massive defenses designed to slow down an incoming hack as much as possible. If the hack gets far enough, the agents are programmed to send a signal up the chain that simply resets every commlink, perhaps causing a brief interruption for the owner but automatically dumping the infiltrator completely out of the chain.

Basically, instead of one fortress, he has to penetrate a series of fortresses, and if he makes even one mistake and alerts anyone in those fortresses to his presence, he has to start all over.

Not all GMs will allow this, though.



-k

Yeah, the problem with a set-up like that is there's a bottleneck at the slowest running 'Link, which is at the...

...

I'll shut up now.