How can one best protect their home and property against Hackers and technomancers?

And just how much would such protection cost?

Internalize your network, level everything around the building for a few hundred meters, and build a good sniping tower. For times when you can't personally man the tower, a dozen or so drones (on the internal matrix, of course) with LMGs should do a decent job.

Taking a look at the Security section in Unwired can help a lot with this. There are many low and no cost ways of improving security. Remember that all nodes have alert response scripts that kick in any time an alert is triggered, this happens when the node detects it's being hacked or if an agent or spider(or YOU) sees the intruder and activates the alert. There are some opposed tests that happen here but I don't have the material handy. The Firewall of the node gets a +4 to all actions against the intruder, and instantly tried to disconnect the user from the node(another opposed test here). It also can run a script that like teleports the spider into the node when an alert is triggered.

this is just something built into most nodes that is often overlooked by Gms.

Also, building small networks with layered encrypted information(encrypt everything, btw) all equiped with agents(or IC) is a good way to seal in information.

There's also an extended test you can do to encryupt that is quite nasty, it takes as long to decrypt as it does to encrypt(the period for the extended test becomes the amount of time spent on teh encription, usually limited to 24 hours)

more top come

The numbe rone defense against hackers is that you're a small nobody with no real data of worth. You're one of millions of homes in the 'plex, so the odds of you getting attacks are virtually nil.

Security companies, of course, want to trumpet how vulnerable you are in order to sell more product, despite the fact that a real criminal, rather than a bored teenager, is going to be able to get past them with relative ease. A Firewall is nice, but a high-level hacker can cut through them. Wireless paint on the house keeps out intrusions, unless they walk inside your house (Then you have much bigger problems). Simply not having any wireless devices is possible, but that's just an awful life in the 70's! Etc etc etc

Honestly, just like with earthquakes, the best defense is to hunker down and cross your fingers that they don't happen.

Was thinking along the same lines as Wakshaani. If you're coming off the same as the wageslave next door then you can be more easily overlooked. You'll want to keep your outward appearances like everyone else. Head down, not a lot of noise, and blend in.

And you can also include an array of data bombs with Pavlov and Biofeedback options secretly nested into each node. If the hacker's overconfident and none too careful they'll set it off every time they try to log onto one of your nodes. Oh, and do check out the Spoof Chip in Arsenal (it's not just for cars, you know). It can be quite the handy little bugger.

If you set up a cheap fiberoptic wired system(the dude doing it for you might look at you weird) by wiring together a few commlinks you can make yourself a cheap, powerful nexi that can only be accessed through the main wireless node. Run a bunch of agents on each one and get yourself some nasty defenses.

RC has some indications of the kind of Matrix security you get with your lifestyle.

For the truly paranoid I would recommend a separate security node to manage the six dozen sensors you secrete about the place, keep it hidden and link a couple of obvious cameras to the CHN. Then hopefully intruders will assume the CHN is all that's there.

High-end firewall that didn't come from a Corporation, Black-IC & Tracking Program Loaded Agents, Virtual Boxes, Honey Traps, and a Lead-Weighted Club that can't be hacked while you're beating Hackers/TMs for trying to wreck your stuff.

If you're human, a membership in the Humanis Policlub might not hurt either.

A high-rating Firewall coupled with a high-rating Analyze, running on a node Optimised for Firewall? Not quite so easy to cut through - especially if you Encrypt the node itself. Nothing's hack-proof, mind you, but eventually any smart Hacker says "there's better ways for me to spend the next several days".

An Onion / Layered strategy works well, too: have a typical, Joe Average network for the majority of your home needs (lights, grocery ordering, etc). Then have a separate non-wireless network and note "behind" that front layer, with all your secure data (for things like placing orders with your fixer, or checking the ShadowSEA job boards, etc).

Oh, and I want to drive this home. ENCRYPT EVERYTHING. It buys you full combat rounds(sometimes lengthy extended tests) and is so easy to do.

This is great because it's cheap. And similar to what I was saying with a commlink with a wired network. But this double! Because not only do you have all of these nodes sitting behind a main access point that helps secure all of those nodes, but all of those nodes have a system rating that can back up that main access point with IC and Agents.

Dynamic Strong Encryption on the node, with an interval of one day. It'll take a hacker FOREVER to get inside the node - and EVERY INITIATIVE PASS the node gets a chance to "see" the hacker, and trigger any of a number of potential responses.

Dynamic encrypting is when you encrypt while they decrypt and it changes almost to footrace rules. Strong Encrypt is when you use a whole day(or long extended test) and it becomes the increment by which the enemy extended test is preformed. It says in unwired you are not allowed to dynamic encrypt with strong encryption. Only one or the other.

EDIT: Which makes sense, you shouldn't be able to quickly alter an encryption you spent all day on while the enemy is decrypting it.

Ah, I missed that bit. Whoopsie!

The best defenses are, in order:

1) Why is it online in the first place? If something doesn't need wireless on, turn it off. If it does, segregate it. Your cyberware doesn't need to be online. 99% of your stuff doesn't need to be online. If something is online, it should be because it really has to in order to function.

1.5) A lot of people houserule the Mutual Signal Range requirement for hacking away. If your GM does, then skip this step. Otherwise, make sure you refuse Public accounts (duh) and set all privileges on your shit to be Admin Only. Also, if something does need to be online, don't give it more signal than it actually needs and use Routing to reach stuff.

2) Okay, so some stuff does have to be online. Slave everything to the best-defended node you can. A technomancer is ideal because only other Emerged can hack a technomancer's bionode, but you may not have one.

3) Okay, so that thing you are slaving stuff to? Strong Encrypt it. That will slow hacking attempts down. However, Firewall/Analyze, on its own, is not going to catch a decently equipped hacker with a Stealth program. Seriously, Firewall 6, Analyze 6 is only 12 dice, Stealth 6 requires 18 dice on average to catch. However, against Matrix Perception Tests made by an icon, it's Hacking+Stealth vs. Computer+Analyze, which is much better. This means you need something sitting on your node, spamming Analyze on anything and everything it sees. Something like a Paladin sprite or another hacker or a technomancer would be ideal, but if not, use an Agent. Make sure to optimize it's MPT: that means in particular Optimization (Analyze) and the Home Ground autosoft.

Optimise the node for Firewall, and it's 13 dice.

Also, where are you getting that Stealth is going to need eighteen dice to catch?

If you're Hacking on the Fly, the node gets to roll it's Firewall+Analyze as an extended test with an interval of 1 Combat turn, against a threshold equal to your Stealth program - so, 5 or 6. Meanwhile, you're using Hacking + Exploit, same interval, against a threshold of the node's Firewall. +3 for Security, +6 for Admin. So the hacker's threshold is likely to be 12, the node's threshold is usually going to be 5 or 6 (against PC-scale hackers). When the node detects the hack attempt, a Restircted Alert is triggered - giving the node a +4 die pool bonus against the hacker. Suddenly, 12 dice (Firewall 6, System 5, optimised) becomes 16 dice, to try and simply disconnect the hacker.

If the hacker takes a slow-and-careful approach, the Node gets only one check to see if it notices you ... using Firewall+Analyze, against a threshold of the hacker's Stealth. But, you see, that step is why there's an Agent running on the node, or an adjacent one, running Analyze constantly. Meanwhile, with the same thresholds of 6, 9, or 12 ... and intervals of 1 hour or 1 day? Getting in will take a serious amount of time. Time during which a scripted, scheduled reboot might happen.

...

Hacking isn't all that easy, when the system architect has half a clue.

I think a good house rule would be that you can dynamic encrypt a strong encryption as long as it done by the hacker(because he did the initial encryption) and he has to spend basically just as much time as the enemy hacker to continue dynamic encrypting. As you could imagine this could be a lengthy and annoying process for both hackers, and the enemy is likely to give up. Basically you would make a dynamic encrypting extended test on the same period as his strong decryption test. I think that makes sense. It would be a little breaking if an Agent could do it though.

Why is anyone going to Hack on the Fly if you have Strong Encryption running?


Yes, that's exactly what I said.

You also missed the bit where firewall is an attribute of the device and not limited by response, it's *not* a piece of general software as every device has it built-in and it can be upgraded independently of system, signal, and response. p222... upgrading matrix attributes (including Firewall) are capped at +2 improvement. It is neither a Common nor Hacking program type.


Analyze on the other hand... I can see no reason for it not to be optomized & ergonomic on almost every system known. You're looking at a limit of rating 12 (optomize 6) without ergonomic on a rating 6 system. I can see this being done for the most security conscious of systems. (or optomize 5, ergonomic 1... nice for a utility you are practically ALWAYS going to have loaded at all times).


Hardware mod for optimization of firewall is edge case... technically allowable since it only says software and the firewall is still considered software. Or you could optomize the hardware for one particular OS giving it +1 die on System.

Not exactly. Look on the last two posts of the Broken Rules thread to see how clustering commlinks is actually not very efficient at all.

Depends on what you have Neraph... with SR4a the response degradations aren't nearly so nasty to so proc limit isn't as bad as it used to be.

When dropping response also dropped the quality of your programs... using clustering to increase proc limit helped a lot as did the ergonomic program option for stuff you generally keep running all the time.

Also, in some cases... what you want is a single node with higher subscription limit... and it does increase your available subscriptions quite a bit.

Response Degradation seems to be the same to me...

Don't forget that you can make multiple identical drones/agents one subscription. I don't see much problem with subscription limits as-is.