Help - Search - Members - Calendar
Full Version: Hacking bank accounts
Dumpshock Forums > Discussion > Shadowrun
Pages: 1, 2, 3, 4, 5, 6
ShadowDragon8685
Honestly, if someone had a certain minimum amount of money and skills to start with, I'd let them parlay this into a positive quality that abstracted it into giving them a steady source of cash, basically Day Job rebranded and maybe with a higher nuyen payout and the downside that every month a not-exactly-thorough search will be rolled against their relevant stealth abilities to represent the chance of a dogged investigator or a really unlucky derp moment putting someone on the trail.
Draco18s
QUOTE (almost normal @ Nov 20 2012, 02:27 AM) *
I feel like you missed the self deletion point. You can't have a computer program delete everything. At some point, you start deleting the algorithms that hold everything together, at which point all further commands fail.

I'll respond to the other points in the morning.


Well fuck. Every uninstaller for every program ever no longer functions.

(And yes, yes it is possible to "delete yourself" step 1: when a program is run, it is now in RAM and no longer requires disk access to run, because of this fact, it can erase the sectors of the hard drive where the program is stored permanently. Then the program exits. It is no longer a running program and the OS garbage collects the RAM.)
almost normal
QUOTE (Draco18s @ Nov 20 2012, 08:49 AM) *
Well fuck. Every uninstaller for every program ever no longer functions.



I'll thank you if you never work in any tech department. Ever. You clearly have no idea what you're talking about.

A computer isn't going to work off of RAM when you tell it to stop reading the RAM. There's always *something* left over, and when that something is enough algorithms to continue a process like RAM access? It's complex enough to hold other information as well. At some point, "DELETE EVERYTHING LOL" breaks down.
Draco18s
QUOTE (almost normal @ Nov 20 2012, 11:23 AM) *
I'll thank you if you never work in any tech department. Ever. You clearly have no idea what you're talking about.

A computer isn't going to work off of RAM when you tell it to stop reading the RAM. There's always *something* left over, and when that something is enough algorithms to continue a process like RAM access? It's complex enough to hold other information as well. At some point, "DELETE EVERYTHING LOL" breaks down.


Having actually programmed in Assembler, actually, yes, yes you can.

Works like this:

Step 1:
- Delete all files on the computer.* A running program can delete its own executable.
Step 2:
- Get address block of the current instance of self (very doable, I personally do not know how, but I know that it's possible given programs like Cheat Engine which can get a list of memory blocks for every running program.
Step 3:
- Set counter to 0x000000
- Loop the following:
- - if counter is outside the memory block of this program, then set the memory value at the counter to 0.
- - increment counter
Step 4:
- set counter to the first memory block of this program
- Loop the following:
- - set the memory value at the counter to 0.
- - increment counter

The program will erase all files off the hard drive, then crash every running application on the machine, except itself, until it wipes out all RAM values, then it begins overwriting itself with 0s as well. Eventually yes, the program will encounter a memory location that is effectively the next instruction, and set it to 0, crashing itself, but there'd be practically nothing left of the program at this point, as all variable blocks are defined before all functions, and as we're working in assembler, we're using a register (not a RAM address) to store our "counter" variable, thereby leaving only the remnants of a program that nukes computers. There'd be literally nothing left to trace back to anyone.

This process would leave little more than a smoking crater where there once used to be a warehouse. There'd be fragments of the program itself left over in volatile (!) memory, but it'd be incredibly difficult to recover (as you would need to determine the values held in RAM without shutting off the machine--unfortunately as there is nothing else on the machine to allow you to load and run programs....).

*Some files will be locked by the OS, such as the OS itself this is unavoidable. For the most part, these files can be ignored, or you can perform a cleanup action on these files between steps 3 and 4 (the point at which there is no longer an OS enforcing the lock).
almost normal
QUOTE (_Pax._ @ Nov 20 2012, 01:20 AM) *
And, you don't need to create a new AccessID every time you copy an Agent.

When that agent goes online you do.

QUOTE
The rules don't even hint at suggesting such a thing

No. They explicitly state it in the core rulebook.-

QUOTE
(Unwired p114, "Replicate" program option).


There is no Replicate program option on page 114. There is an Autosoft option on page 113, however. That, of course,

...Says nothing about the need for an Access ID whatsoever, to the surprise of no one.

QUOTE
one Pilot 3 (Replicate 3, Corrupt 3, Command 3) that copies itself over, and does the actual stealing of money.


Completely missing the crucial step of gaining access in the first place. It can't just 'copy itself over' without access. Also, if those are the 3 programs it has loaded up, how the fuck is it going to hack? It's not bringing everyone else with it!


QUOTE
And if you wish to suggest that at any point in time, one of those steps "cannot work" ...? The entire game and it's premise crashes down around our ears.


HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA.

"If you disagree with me, then shadowrun will asplode!"

Funniest fucking thing I've seen today.
Halinn


QUOTE (almost normal @ Nov 20 2012, 04:46 PM) *
There is no Replicate program option on page 114. There is an Autosoft option on page 113, however. That, of course,

...Says nothing about the need for an Access ID whatsoever, to the surprise of no one.

What you're looking for is on page 110-111, section header "Copied Agents and IDs"


QUOTE (almost normal @ Nov 20 2012, 04:46 PM) *
Completely missing the crucial step of gaining access in the first place. It can't just 'copy itself over' without access. Also, if those are the 3 programs it has loaded up, how the fuck is it going to hack? It's not bringing everyone else with it!

Oh, cute. Selective reading. Here's what was immediately before the small bit you quoted: "One Pilot 3 (Cascading 3, Exploit 3) to create the account". Please note how it has one agent to do the hacking, and then one to go on the commlink and fuck shit up.
almost normal
QUOTE (Halinn @ Nov 20 2012, 11:00 AM) *
What you're looking for is on page 110-111, section header "Copied Agents and IDs"


No. I'm not looking for that section, since I've already made mention of the rules. It's cute that you think you're teaching anyone anything though.

QUOTE
"One Pilot 3 (Cascading 3, Exploit 3) to create the account". Please note how it has one agent to do the hacking, and then one to go on the commlink and fuck shit up.


Please note how that doesn't solve the problem of one agent trying to hack hundreds or thousands of commlinks while using the same AID.

It's best not to jump into a conversation until you understand what's going on and can keep up. It's quite rude otherwise.
Halinn
QUOTE (almost normal @ Nov 20 2012, 05:05 PM) *
No. I'm not looking for that section, since I've already made mention of the rules. It's cute that you think you're teaching anyone anything though.

Please note how that doesn't solve the problem of one agent trying to hack hundreds or thousands of commlinks while using the same AID.

It's best not to jump into a conversation until you understand what's going on and can keep up. It's quite rude otherwise.


First of all: take your patronizing tone and shove it you know where.

There is no problem at all with the agent hacking all those 'links with the same AID because there will be nothing linking that to the hacker.

It would seem that unlike you, I have actually read the replies in this thread.
NiL_FisK_Urd
QUOTE (_Pax._ @ Nov 19 2012, 10:52 PM) *
meanwhile, the target link has a threshold of 8 to detect the attempt. (Possibly more if there are appropriate autosofts.)

I don't know where you get the 8 - according to SR4A, p.234, the threshold to detect an intruder is the rating of the stealth program alone - in your example this is 5.
_Pax._
QUOTE (Midas @ Nov 20 2012, 05:32 AM) *
An agent staying unnoticed for an hour? Yeah, right.

An agent on Joe Q. Average Wageslave's commlink - no IC, no Spiders - which is doing nothing? Yeah. One hour, or twenty. Barring a system reboot, there's nothing TO notice, unless someone takes the time and effort to scan the ENTIRE file manifest for that commlink. Which 99.999999999999999999999% of people who don't bother to get a comlink with better than 2's and maybe 3's, is typically going to do daily, let alone more often than once an hour.

QUOTE
Not sure how many Joe Wageslaves would have Firewalls of 2 or less.

Most of them. We're talking non-management workers here. Sony Emperor (Res2 Sig3; 700¥), running Renraku Ichi OS (Sys2, Fir2; 600¥), with a Basic User Suite (300¥, includes Analyze 2). The total price of that is 1,600¥; I dare say the average Wageslave makes less than 5,000¥/month - IOW, "not quite enough to afford a Middle Lifestyle". Probably down in the 2,000¥/month range, which makes that very vasic, "all 2's" commlink most of an entire month's salary.

QUOTE
I thought the premise was a hidden pocket hacker.

It's still not one hack; it's three thousand hacks, for 5¥ apiece.

And with that random up-to-an-hour delay, it's not going to happen in one place; it's going to happen in as many places as those three thousand people can reach in an average of half an hour - including by car, by train, by bus, or maybe by boat.

QUOTE
Not so. If the runners do their job and make a clean getaway, the corp won't spend hours tracking them down because they will know the handover will have taken place by the time they do so. This is a strawman that is clearly against the fluff, because yes, if the PCs don't use a tag eraser or faraday cage and can be tracked in real time the corp may do that.

The handover for the cash takes place before the authorities even know there has BEEN a large-scale hack, let alone that it was one person (and not, say, a few hundred separate teenaged pranksters). So the same rule would apply.

And, handover or not: if the full weight of The Authorities (or whoever) is going to come down on a hacker for a mere 15K¥ lifted from a few thousand security-clueless wageslaves ... then it will come down twice or three times as hard, at least, on someone who directly costs said Authority several million or billion nuyen.
Lionhearted
QUOTE (_Pax._ @ Nov 20 2012, 08:08 PM) *
Most of them. We're talking non-management workers here. Sony Emperor (Res2 Sig3; 700¥), running Renraku Ichi OS (Sys2, Fir2; 600¥), with a Basic User Suite (300¥, includes Analyze 2). The total price of that is 1,600¥; I dare say the average Wageslave makes less than 5,000¥/month - IOW, "not quite enough to afford a Middle Lifestyle". Probably down in the 2,000¥/month range, which makes that very vasic, "all 2's" commlink most of an entire month's salary.


And that's why subscriptions with binding time exist, to allow you really nice things you can't afford.

As a note on the entire thread: The problem with developing computer rules for RPG's is that the target demographic is likely to have a good understanding how things should work. Leading to either overly elaborate and complex rules or huge sweeping abstraction. Personally I really don't feel like learning actual computing principles to play a game
_Pax._
QUOTE (almost normal @ Nov 20 2012, 10:46 AM) *
When that agent goes online you do.

Unwired, p111, emphasis mine:
"Note that when an agent program is copied, the access ID
built into the agent is copied as well.  is means that any copies
of the agent will have the same access ID. This is not a problem
when a hacker is running such copies simultaneously from his
persona (as his access ID is used in that case), or if the copies are
operating autonomously in independent nodes.
If a copy tries to
access a node on which an agent with the same access ID is already
running, however, the node will automatically refuse access (even
if the agent tries to hack his way in, the attempt will automatically
fail).  is security feature both deters piracy and prevents mass
invasions by agent mooks (the so-called “Agent Smith” scenario)."


Each copied Agent, operates solely on the single Commlink it has been copied to. And uses Command 3 to operate the Commlink, so the bank sees the Commlink's accessID, not te Agent's.

QUOTE
No. They explicitly state it in the core rulebook.-

See above. They directly state the exact opposite of your assertation.

QUOTE
There is no Replicate program option on page 114. There is an Autosoft option on page 113, however.

Pardon the misnomenclature, you're right it's an Autosoft. However, it is on page 114 of my (fully up to date) PDF copy.

QUOTE
Completely missing the crucial step of gaining access in the first place. It can't just 'copy itself over' without access. Also, if those are the 3 programs it has loaded up, how the fuck is it going to hack? It's not bringing everyone else with it!

Way to see only HALF OF A SENTENCE. The second half, even.

The "dropper" commlink has TWO Agents on it. One to hack, one to steal money. Hack-agent gains access, then creates a new, completely-legit Admin level account. The credentials for said account are handed to Theft-agent, which then replicates itself onto the target commlink.

Lather, rinse, repeat.

QUOTE
"If you disagree with me, then shadowrun will asplode!"

Funniest fucking thing I've seen today.

More like, "if you follow the logical consequences of what you are suggesting, then it becomes impossible to run the shadows in the first place."





QUOTE (NiL_FisK_Urd @ Nov 20 2012, 12:23 PM) *
I don't know where you get the 8 - according to SR4A, p.234, the threshold to detect an intruder is the rating of the stealth program alone - in your example this is 5.

My bad - I misremembered it as being "stealth+hacking", or in this case, "stealth+pilot". My money is still on the 8 dice hitting 4 successes before 4 dice hit 5 successes, though.
NiL_FisK_Urd
QUOTE (_Pax._ @ Nov 20 2012, 08:36 PM) *
My bad - I misremembered it as being "stealth+hacking", or in this case, "stealth+pilot". My money is still on the 8 dice hitting 4 successes before 4 dice hit 5 successes, though.

Actually, it's 8 dice hitting 8 sucesses (2 for Firewall, +6 for Admin access) vs 4 dice (2 for firewall, 2 for analyze) hitting 5 sucesses (your stealth program) - that is more of a close call actually.
almost normal
QUOTE (_Pax._ @ Nov 20 2012, 02:36 PM) *
See above. They directly state the exact opposite of your assertation.


I've always stated your two options were each agent uses the same AID, and thus all are succeptible to being caught very easily, or you take an extreme amount of time to hardcode them with their own AIDs.

You keep denying this and then point to the rule which says I'm right. I don't think you get it.

_Pax._
QUOTE (Lionhearted @ Nov 20 2012, 02:20 PM) *
And that's why subscriptions with binding time exist, to allow you really nice things you can't afford.

And they're in the Shadowrun rules? GREAT! Point me at them, so that my shadowrunners can sign up for them and get better commlinks, software, and firewalls than they could afford, too!!

...

What's that, you say? There aren't any rules for it?

Then we're back to what I posted, now, aren't we? Because what's good for the goose is good for the gander; if you can get a commlink for a discount as an unimportant (and probably unnamed NPC, then you should damned well be able to do so as a PC too. Even if it required you to have a non-falsified SIN.
almost normal
Further.

QUOTE
Agents (or IC) acting independently of your persona, whether
on your commlink or on some other device, use their own hardcoded
access ID to identify
themselves to other nodes.


They use their own AID, *not* the commlink they're trying to operate.
_Pax._
QUOTE (almost normal @ Nov 20 2012, 02:42 PM) *
I've always stated your two options were each agent uses the same AID, [...]

[facetious] Wait, TWO agents? What two agents? Didn't you just insist that the one agent being used, was unable to actually hack it's way in? Why yes, yes I believe you DID. [/facetious]

Now we see the intellectual dishonety you bring to the table. It's "one agent" when that benefits you, but "two agents" when that benefits you.

It has always been two agents, each with their own AccessID, one of which recopies itself onto each target commlink.

QUOTE
and thus all are succeptible to being caught very easily, or you take an extreme amount of time to hardcode them with their own AIDs.

You buy one, one, Agent. You copy it once. You patch one copy for a new AccessID.

And that's it. You're done. Forever. Those same two Agents can be used and re-used ad infinitum - and each of the two has it's own, separate, unique-to-it AccessID.

The Hack-agent does the intrusion with it's Hack-agent AccessID. Once it creates an account on the target commlink, it is no longer involved, and has in fact moved on to analyzing and hacking the next commlink.

Once access is acquired, the Theft-agent Replicates onto the target commlink with it's Theft-agent AccessID. That replicated copy never interacts directly with any node other than the target commlink. The original Theft-agent copy never does anything except replicate onto commlinks the Hack-agent gains access to.

All of this, EVERY BIT, is in perfect keeping with the rules for copied Agents on page 111 of Unwired, and the Replicate autosoft on page 114 of Unwired.

QUOTE
You keep denying this and then point to the rule which says I'm right. I don't think you get it.

Right back at you: you don't get it. Intentionally so, I suspect.
_Pax._
QUOTE (almost normal @ Nov 20 2012, 02:49 PM) *
They use their own AID, *not* the commlink they're trying to operate.

... "Command 3".

The only node the Theft-agent interacts with, is the Commlink it's on. It directs that commlink to perform actions on other nodes. IOW, it suborns what amounts to the user's absentee Persona: "This is not a problem
when a hacker is running such copies simultaneously from his persona (as his access ID is used in that case), [...]"
Draco18s
QUOTE (Lionhearted @ Nov 20 2012, 03:20 PM) *
Personally I really don't feel like learning actual computing principles to play a game


Neither do most people, leading to abstractions that allow for abusive things, that really would never be possible, but the abstract nature of the rules allow it.
almost normal
It's Always been two agents? So your cunning plan was to steal 10 nuyen?

Again, your use of command is irrelevant. The rules are clear. Your bullshit personal attacks only make it clear that your grasping at straws. I'm exiting this conversation before you get even nastier.
Draco18s
QUOTE (almost normal @ Nov 20 2012, 03:59 PM) *
It's Always been two agents? So your cunning plan was to steal 10 nuyen?


Nice straw man you've got there. Would be a shame if anything happened to it.
_Pax._
QUOTE (almost normal @ Nov 20 2012, 02:59 PM) *
[...] bullshit personal attacks [...]

Mirror, mirror, on the wall ...
Tymeaus Jalynsfein
QUOTE (_Pax._ @ Nov 20 2012, 12:08 PM) *
An agent on Joe Q. Average Wageslave's commlink - no IC, no Spiders - which is doing nothing? Yeah. One hour, or twenty. Barring a system reboot, there's nothing TO notice, unless someone takes the time and effort to scan the ENTIRE file manifest for that commlink. Which 99.999999999999999999999% of people who don't bother to get a comlink with better than 2's and maybe 3's, is typically going to do daily, let alone more often than once an hour.

Most of them. We're talking non-management workers here. Sony Emperor (Res2 Sig3; 700¥), running Renraku Ichi OS (Sys2, Fir2; 600¥), with a Basic User Suite (300¥, includes Analyze 2). The total price of that is 1,600¥; I dare say the average Wageslave makes less than 5,000¥/month - IOW, "not quite enough to afford a Middle Lifestyle". Probably down in the 2,000¥/month range, which makes that very vasic, "all 2's" commlink most of an entire month's salary.


So... Let me see if I have this right... The Agent copied has 3 programs: Replicate, Command and Corrupt. HOW, exactly, do you expect that agent to find the appropriate data to respond with to any query to the target Comlink? None of the porgrams loaded are going to cut it, as the best that can happen is that the Agent tells the comlink to simply respond (command) but unfortunately, it cannot choose what to respond with. You (and many others apparently) are assuming that the Comlink knows the appropriate response. However, if it is a biometric Verification request, or Question Response that is required, HOW is the Agent to know what information to send? It does not. Because it cannot even attempt to locate such information to start with (That would be what Analyze and Browse is for, which the Agent Lacks).

Secondly, with the assumptions in play, that the target is a Rating 2 Comlink (from immediately above in Pax's Response), the second the Agent loads to the Comlink, its Response runs to 0 (without even mentioning the other programs that may already be active). Not very subtle there, is it? So, it is an immediate response degradation severe enough to alert the User, becasue the Comlink just effectively locked up. Way to go Roger Ramjet.

One of many reasons this scheme does not work. *shrug*
Draco18s
QUOTE (Tymeaus Jalynsfein @ Nov 20 2012, 05:29 PM) *
One of many reasons this scheme does not work. *shrug*


One of the many reasons that agents, as written, don't work. Look at the pre-statted ones. There's a hacking one that lacks exploit, for example.*

Ironically, it's also why Technos don't really "work" either.

In any case, you just need a third agent with the required programs. Need more than 2? (Replicate takes the third slot). Get a fourth agent.

*IIRC, it has Stealth, Decrypt, and Spoof.
NiL_FisK_Urd
QUOTE (NiL_FisK_Urd @ Nov 20 2012, 08:41 PM) *
Actually, it's 8 dice (3 for Pilot, 5 for Exploit) hitting 8 sucesses (2 for Firewall, +6 for Admin access) vs. 4 dice (2 for firewall, 2 for analyze) hitting 5 sucesses (your stealth program) - that is more of a close call actually.

With Stealth 5 you have a 8.8% chance to get noticed on roll#2, 36.8% on #3 and 66% on turn 4.

Your chances to get into the node for turn:
#1: 0,02%
#2: 12,65%
#3: 57,62%
#4: 88,47%

That means your intrusion will be spotted fairly often - and the intrusion happens while the target is in vincinity of your commlink.
Tymeaus Jalynsfein
QUOTE (Draco18s @ Nov 20 2012, 02:44 PM) *
One of the many reasons that agents, as written, don't work. Look at the pre-statted ones. There's a hacking one that lacks exploit, for example.*

Ironically, it's also why Technos don't really "work" either.

In any case, you just need a third agent with the required programs. Need more than 2? (Replicate takes the third slot). Get a fourth agent.

*IIRC, it has Stealth, Decrypt, and Spoof.


Which still does not fix the Response Issue. *shrug*
Midas
QUOTE (_Pax._ @ Nov 20 2012, 08:08 PM) *
An agent on Joe Q. Average Wageslave's commlink - no IC, no Spiders - which is doing nothing? Yeah. One hour, or twenty. Barring a system reboot, there's nothing TO notice, unless someone takes the time and effort to scan the ENTIRE file manifest for that commlink. Which 99.999999999999999999999% of people who don't bother to get a comlink with better than 2's and maybe 3's, is typically going to do daily, let alone more often than once an hour.

Not necessarily. Might be a standard procedure if they enter a corp compound within that hour. The corp desn't want malicious hackers piggybacking in exactly the same way to steal paydata or the company presudent's schedule for his trip to the airport. And quite a number of your Joe and Jill Salary(wo)men will likely be passing such checkpoints within the hour, and if your agent is stashed at a transport hub many within minutes.

QUOTE
We're talking non-management workers here. Sony Emperor (Res2 Sig3; 700¥), running Renraku Ichi OS (Sys2, Fir2; 600¥), with a Basic User Suite (300¥, includes Analyze 2). The total price of that is 1,600¥; I dare say the average Wageslave makes less than 5,000¥/month - IOW, "not quite enough to afford a Middle Lifestyle". Probably down in the 2,000¥/month range, which makes that very vasic, "all 2's" commlink most of an entire month's salary.

I will concede that at a busy public place there may be enough lower salary targets around with an off-the-shelf RI OS, but there will also be quite a number of people (say 50%) running higher Firewalls (and increasing Firewall is both desirable and inexpensive for your average salaryman).
I think you are out on some of the salaries though, to run a Middle lifestyle with a spouse and two kids, putting a bit aside for holidays and hospital bills and emergencies is going to have to earn more like 8K a month, half that at around 4K a month if both parents work lowlier jobs.
It is always the poor that get targeted by thieves ...

QUOTE
It's still not one hack; it's three thousand hacks, for 5¥ apiece.

This I understand. What you don't seem to understand the time this would take. Let's say for sake of argument 50% of passersby are using Firewall 3+. Your protocol for the hacking agent's scan would likely yield some false negatives, so it may take a few attempts to find a suitable target.
Next you have to hack in and create your admin account (+6 threshold). Again there is statistically significant chance of detection, so some of these attempts will end in failure.

Once you have your admin acount, your cloned agent double replicates itself and all the programmes it needs into the commlink. Given the slow Response of such commlinks this may take time, and could be aborted if the target wandered out of mutual signal range before the agent had fully downloaded.

The process is as fast as the slowest of these above processes, and I reckon 1 successful completed hack per minute isn't a bad rate of return. Even at 2 successful hacks a minute, you are making 120 hacks/hour for 600 nuyen. That's a lot of hours (25 to be precise) to get your 15K.

Next, to prevent the account being traced you use an offshore account with a oily haired banker that takes a 30% cut to stonewall the authorities with talk of client confidentiality and lawyers if the transaction gets traced. You're down to 10.5K. Given the cash you have burned in the disposable commlink, the agent(s), the (presumably cracked) programmes they need to accomplish their tasks you are probably not left with too much loose change for your efforts.

Assuming that all that time your stashed commlink were undiscovered all this time, and that none of the commlinks that detected a hacking attempt reported it to the mall security/cops in all this time ... which seems like pretty slim odds to me.

QUOTE
The handover for the cash takes place before the authorities even know there has BEEN a large-scale hack, let alone that it was one person (and not, say, a few hundred separate teenaged pranksters). So the same rule would apply.
And, handover or not: if the full weight of The Authorities (or whoever) is going to come down on a hacker for a mere 15K¥ lifted from a few thousand security-clueless wageslaves ... then it will come down twice or three times as hard, at least, on someone who directly costs said Authority several million or billion nuyen.

These two things, a mass small-value hack and shadowrunning are two separate things, and the latter is a strawman which has no bearing on the former.
I have news for you, in that you are not the first person to have that eureka moment about a pocket hacker and a mass hack. Corp kids may have tried it, other hard up hackers may have tried it, 2 bit thieves may try it. Corp mall security and police in busy public areas probably deal with it on a daily basis. Hence the randon sweeps and monitoring of commlinks in hidden mode, hence someone whose commlink rolled statistically well and detected the attempted hack going to the mall cop or beat cop to report it.
It is not the amount of money that is the issue (although 15K a day over time is probably comparable in cost if not more expensive than the prototype steal), in both shadowrunning and mass hacks it is the amount of time before you are discovered. With shadowruns it is 10 minutes once the alarm is raised before the HTRT arrive, with a mass hack in a busy place maybe it is a matter of 1 or 2 hours. Good luck recouping the money you burned on the commlink and agent you burned in that time frame.
Draco18s
QUOTE (Midas @ Nov 21 2012, 01:50 AM) *
Given the slow Response of such commlinks this may take time, and could be aborted if the target wandered out of mutual signal range before the agent had fully downloaded.


Mutual signal range is "yes" if you're inside a city. You can relay off a dozen nodes if you need to, and do so without interruption (it's handled automatically by the matrix subsystems). So not really a concern.

I've made fun of this frequently. "Oh, there's a signal 0 camera at the end of the hall 40 meters away and I can't get closer? Fine, I bounce my signal off the vending machine, the water fountain, and the RFID chip in that guy's underwear. Voila, mutual signal range. And my response isn't even effected."
_Pax._
QUOTE (NiL_FisK_Urd @ Nov 20 2012, 04:48 PM) *
With Stealth 5 you have a 8.8% chance to get noticed on roll#2, 36.8% on #3 and 66% on turn 4.

Rolling 4 dice, versus a threshold of 5? I find that remarkably hard to believe.
_Pax._
QUOTE (Midas @ Nov 21 2012, 12:50 AM) *
I will concede that at a busy public place there may be enough lower salary targets around with an off-the-shelf RI OS, but there will also be quite a number of people (say 50%) running higher Firewalls [...]

So, your intrusion attempt is preceded by a couple Analyze rolsl to gt the matrix attributes. And you don't even TRY, if the firewall is over 2 or maybe 3.

QUOTE
I think you are out on some of the salaries though, to run a Middle lifestyle with a spouse and two kids, putting a bit aside for holidays and hospital bills and emergencies is going to have to earn more like 8K a month, half that at around 4K a month if both parents work lowlier jobs.

IMO, "middle lifestyle with two dependents and useful savings does not, to me, speak of the dystopian environment Shadowrun is supposed to be. The vast majority of shadowrun denizens, legal and illegal alike, "barely get by".

QUOTE
This I understand. What you don't seem to understand the time this would take.

Obviously, I disagree with your assessment. I believe 3-4 per minute (since it shouldn't take more than two combat turns - five entire IPs - for the hack to succeed, and while the replciation is underway, the NEXT hack can already begin).

QUOTE
Next, to prevent the account being traced you use an offshore account with a oily haired banker that takes a 30% cut [...]

Full stop. No, it's not a 30% cut. It's 100¥ to have the account for a month, no SIN required (Unwired, page _). Since the account will be closed and dead within 48 hours, with all the funds transferred out, you don't care what questions get asked in a week.

QUOTE
Given the cash you have burned in the disposable commlink, the agent(s), the (presumably cracked) programmes they need to accomplish their tasks you are probably not left with too much loose change for your efforts.

Keep in mind, the programs are a once-per-lifetime purchase. They can all be loaded onto the next commlink used for the next mass hack.

QUOTE
These two things, a mass small-value hack and shadowrunning are two separate things, and the latter is a strawman which has no bearing on the former.

Nope, no strawman involved. Everything that anyone has asserted as "why it won't work", would in turn render Shadowrunning impossible. BEcause if they do such things for smallfry crimes, they will do at least the same thing to prevent multi-million nuyen crimes.

This is, quite simply, a place where the setting requires the players to also grasp the Idiot Ball, in the interests of making the setting continue to work at all.
Sengir
QUOTE (Draco18s @ Nov 20 2012, 10:44 PM) *
Ironically, it's also why Technos don't really "work" either.

?
Technos have their own stats, independent of the node they are in.
NiL_FisK_Urd
QUOTE (_Pax._ @ Nov 21 2012, 11:10 AM) *
Rolling 4 dice, versus a threshold of 5? I find that remarkably hard to believe.

Then go, take a math schoolbook and read about "Binomial distribution"

Or use the excel function called "BINOMDIST"

either
=BINOMDIST(5;8;1/3;0)+BINOMDIST(6;8;1/3;0)+BINOMDIST(7;8;1/3;0)+BINOMDIST(8;8;1/3;0) [Calculate and sum each chance to get exactly 5-8 hits]
or
=1-BINOMDIST(4;8;1/3;1) [Calculate 100% minus the chance to get 0-4 hits]

BINOMDIST(X;Y;Z;M)
X = Number of Hits
Y = Dice rolled (1*4, 2*4, 3*4)
Z = Chance to get a hit with one die (1/3)
M = Not Cumulated/Cumulated (0/1)
Tymeaus Jalynsfein
QUOTE (NiL_FisK_Urd @ Nov 21 2012, 05:53 AM) *
Then go, take a math schoolbook and read about "Binomial distribution"

Or use the excel function called "BINOMDIST"

either
=BINOMDIST(5;8;1/3;0)+BINOMDIST(6;8;1/3;0)+BINOMDIST(7;8;1/3;0)+BINOMDIST(8;8;1/3;0) [Calculate and sum each chance to get exactly 5-8 hits]
or
=1-BINOMDIST(4;8;1/3;1) [Calculate 100% minus the chance to get 0-4 hits]

BINOMDIST(X;Y;Z;M)
X = Number of Hits
Y = Dice rolled (1*4, 2*4, 3*4)
Z = Chance to get a hit with one die (1/3)
M = Not Cumulated/Cumulated (0/1)


As much as I hate to argue this, you are missing a small point of the Argument. _Pax_ is saying that the Rated 2 Comlink will never detect the initial hack if the Stealth program is Rated at 5. It cannot ever get 5 hits to detect initial intrusion.

What _Pax_ is missing, however, is that the Comlink can detect the agent once the hack has taken place, since it is a roll off between the Comlink and the Agent. Since it is a roll off, and neither can make use of Edge (assuming automated responses, and not an active hacker) then it is possible to detect the agent. *shrug*

And regardless, once the Agent is loaded onto that low-end comlink, it locks up, as it has now exceeded the Response Limit on the Agent Alone. And yet, no one deigns to address this particular point (it is like it is being ignored completely). It does not break the game to have this happen, nor does it invalidate the World and cause Shadowruns to fail outright. It is a fact of the Technology involved on the low end. Low End Comlinks are not going to be a viable target becasue of this flaw in the logic, and High end Comlinks are quite capable of detecting such an intrusion. So, where does that leave the Hacker who wants to pursue this line of work? Pretty much no where.
NiL_FisK_Urd
QUOTE (Tymeaus Jalynsfein @ Nov 21 2012, 05:03 PM) *
As much as I hate to argue this, you are missing a small point of the Argument. _Pax_ is saying that the Rated 2 Comlink will never detect the initial hack if the Stealth program is Rated at 5. It cannot ever get 5 hits to detect initial intrusion.

That is only true if you probe the target (which has an interval of hours), not with hacking on the fly.
QUOTE (SR4A @ p. 235: Hacking on the fly)
Such brute force hacks can attract attention. Each time you take a Hack on the Fly action, the target node makes a free roll on an Analyze + Firewall (hacker’s Stealth) Extended Test.

Look at the example on p. 236
Tymeaus Jalynsfein
QUOTE (NiL_FisK_Urd @ Nov 21 2012, 09:15 AM) *
That is only true if you probe the target (which has an interval of hours), not with hacking on the fly.

Look at the example on p. 236


True, assuming it takes more than a pass to get the hits (and is something I did not consider in the plethora of math involved). And with a Target of 8, it will likely take a pass or three to accumulate the required number of hits, and Yes, that gives a roll (cumulative) to hit the Stealth Rating with OTF Hacks. Sorry if I misrepresented the case. On-the-fly hacks are definitely more susceptible.

And in a Race for Admin ( 8 ) vs. Stealth (5), I am not really sure who I would bet on. Penetration is likely to take 2-3 passes, and Detection is likely to take 2-4 passes. Thanks for clarification NiL_FisK_Urd.
Draco18s
QUOTE (Sengir @ Nov 21 2012, 06:38 AM) *
?
Technos have their own stats, independent of the node they are in.


Agents are limited by how many programs they can load, making most of them useless, or come in pairs.

Technos are limited by how many "programs" they can buy at chargen, due to the sheer cost of them, making them have to hyper-focus at single tasks and be useless elsewhere.
Lionhearted
QUOTE (Draco18s @ Nov 21 2012, 06:56 PM) *
Agents are limited by how many programs they can load, making most of them useless, or come in pairs.

Technos are limited by how many "programs" they can buy at chargen, due to the sheer cost of them, making them have to hyper-focus at single tasks and be useless elsewhere.

Not completely worthless, threading does alleviate it a little bit
Draco18s
QUOTE (Lionhearted @ Nov 21 2012, 02:00 PM) *
Not completely worthless, threading does alleviate it a little bit


A little bit.
Though I am recalling some errata that nipped threading a little, but I don't recall the details (something to alleviate the "I thread -> 1 hit -> drop thread, rethread -> 4 hits" thing). But I don't remember the exact change that was made.
Sengir
QUOTE (Draco18s @ Nov 21 2012, 07:28 PM) *
A little bit.
Though I am recalling some errata that nipped threading a little, but I don't recall the details (something to alleviate the "I thread -> 1 hit -> drop thread, rethread -> 4 hits" thing). But I don't remember the exact change that was made.

It's a Free Action now
NiL_FisK_Urd
A technomancer could pull this off, but he needs a Rtg. 6 crack/sleuth sprite and a Rtg. 6 data sprite OR a Rtg. 9 sleuth sprite.
Draco18s
QUOTE (Sengir @ Nov 21 2012, 02:36 PM) *
It's a Free Action now


That's what they did, right.
_Pax._
QUOTE (Tymeaus Jalynsfein @ Nov 21 2012, 11:03 AM) *
What _Pax_ is missing, however, is that the Comlink can detect the agent once the hack has taken place, since it is a roll off between the Comlink and the Agent. Since it is a roll off, and neither can make use of Edge (assuming automated responses, and not an active hacker) then it is possible to detect the agent. *shrug*

I'm not missing that. But AFAIK, that roll onlyhappens when the agent tries to do something. If it sits there, quietly, doing nothing .... I don't believe that roll-off even happens. I may be worng, of course - a page reference to that effect would be helpful.

QUOTE
And regardless, once the Agent is loaded onto that low-end comlink, it locks up, as it has now exceeded the Response Limit on the Agent Alone.

I was under the impression that programs loaded into an agent, only counted against the System limit if they were in use ... just like programs loaded into a hacker's Persona. So while the Agent is doing nothing, an thus, running nothing, it's only one program against the limit.

And absolute worst case, you decide to be less fancy, and just have the Hacking Agent immediately conduct the 5¥ transfer the moment it has access.
ShadowDragon8685
You can also make the Agent and the programs loaded onto it Ergonomic. (Or at least its payload.)
Tymeaus Jalynsfein
QUOTE (ShadowDragon8685 @ Nov 21 2012, 08:46 PM) *
You can also make the Agent and the programs loaded onto it Ergonomic. (Or at least its payload.)


So, I have a Comlink rated 2. I am running Analyze, Browse and Encrypt (why should I bother to purchase Ergonomic functions for programs if I never run the risk of overloading my own comlink?). The second the Agent is loaded, My Comlink Crashes. Simple as that. And those are typical programs that will likely always be running. Who cares if your Agent Payload is Ergonomic. Even still, the Agent can only have 2 Ergonomic Programs (The Agent will run at the Rating of the Comlink), so the three programs loaded will STILL overload the comlink if one of my common programs is not running, assuming I do not have an Ergonomic Program Running already (IF I was going to do that, it would be a Reality Filter). The assumptions that Joe Wageslave is stupid are just so amusing.

There is no reason that the typical user would not be running those 3-4 programs. SO ANY attempt at a surreptitious loading of an Agent will still alert the user to shenanigans. It really is that simple. And any arguments to the contrary are just really ridiculous. Since the Agent cannot even tell what programs are loaded and running, as it does not have the programs in its loadout to even determine such information, it cannot even give a proper command to shut services down before doing anything. *shakes head*
_Pax._
QUOTE (Tymeaus Jalynsfein @ Nov 22 2012, 12:36 AM) *
So, I have a Comlink rated 2. I am running Analyze, Browse and Encrypt [...]

Why Encrypt? Your typical wage-slave has no need of it, and it's not part of the Basic User Suite. So why would Joe Average Citizen bother running Encrypt on his commlink?

Also, while the programs are LOADED on your 'link, why are they all RUNNING at once? Joe Average and Sue Typical don't need to be running all of that at once. when they're not actively doing something, the 'link is probably just running Analyse, and maybe Browse.
Halinn
I'd also imagine that the Common Use Program Suites from SR4A fall under Unwired's Software Suites rule, where it just counts for 1 program. So an off the shelf commlink with likewise OS and programs (i.e. what Joe Average is assumed to use) is running one program. Simple as that, agent with ergonomic programs doesn't kill it.
Tymeaus Jalynsfein
QUOTE (_Pax._ @ Nov 22 2012, 02:27 AM) *
Why Encrypt? Your typical wage-slave has no need of it, and it's not part of the Basic User Suite. So why would Joe Average Citizen bother running Encrypt on his commlink?

Also, while the programs are LOADED on your 'link, why are they all RUNNING at once? Joe Average and Sue Typical don't need to be running all of that at once. when they're not actively doing something, the 'link is probably just running Analyse, and maybe Browse.


Encrypt is a basic program that is useful to stop hacks. Even Joe Wageslave understands that. And it is insignificant in cost.
As for Analyze running. Kinda useful, don't you think? And Browse. I CONSTANTLY have my browser up and running whenever my computer is running. So again, not a stretch. Same with basic analysis programs. 3 VERY basic Programs. You could even throw in Scan to detect those Publiuc Profiles that you like so much as a social person (becasue you cannot Browse what you have not scanned), if you want, and it is even FREE when you purchase your comlink (at Rating 1, anyways, which is all that the average person really needs).

Even by your own admission, Analyze and Browse are a minimum, and if they like their own custom interface and iconography, then Reality Filter fits that bill as well. That is Miminum of 3 (Analyze, Browse, and likely Scan), and as many as 5 programs (adding in Reality Filter and Encryption) that are immediately useful to any Joe Average or Sue Typical. The ONLY way your scheme works is to intentionally ignore common, useful programs for the average person. Many, if not all, of these will likely always be running.

So again, a Minimum of 3 non-Ergonomic Programs with 2 Ergonomic programs. Look at that, all slots filled (leaving only 1 Crash Slot, the one that will bring the comlink to its knees). Sad to say, that incompetent Agent will load onto that particular comlink with its 3 payload programs (regardless of whether they are active or not) and then you get Comlink Crash.

And even if you (as the hacker) start shutting down programs prior to the load (which is not going to happen, as you wanted an automated solution so as to leave less of a trail), when My Up and Running Scan, Browse, Analyze or Reality Filter shuts down, I will be automatically alerted (either the windows close in my AR, or my iconography changes) so that I can then take steps to investigate, initiate a Forced Logoff of all connections, or just reboot. If you choose to shut down the Encryption, then the ARC automatically reboots to restore theservice and dump anyone in the Link, sinn that should NEVER shut down on its own, and when it dfoes, that is an indicator that the system has been compromised.

So, exactly how does this scheme of yours really work out for you at that point. Because, again, if you are targeting low end comlinks, like you say, they will likely be non-viable for this particular scheme. Once you move to high end comlinks, well, then they are not nearly so easy to crack, and their users are probably people that you want to not screw with in the first place. I am just not seeing the viability of your scheme. *shrug*
Tymeaus Jalynsfein
QUOTE (Halinn @ Nov 22 2012, 06:01 AM) *
I'd also imagine that the Common Use Program Suites from SR4A fall under Unwired's Software Suites rule, where it just counts for 1 program. So an off the shelf commlink with likewise OS and programs (i.e. what Joe Average is assumed to use) is running one program. Simple as that, agent with ergonomic programs doesn't kill it.


Assuming they bought a suite. Not a likely choice for someone with a Rated 2 Comlink, as they can get the same programs for less at that rating.

The Power Suite is 1240 Nuyen (Analyze 3, Browse 4, Command 2, Edit 4, Purge 4, Scan 2)
The Net Wizard is 480 Nuyen (Analyze 3, Browse 3, Command 1, Edit 2, Purge 3).

Standard Scan 1 is Free.
Custom Package: Analyze 2, Browse 2, Encrypt 2, Reality Filter 2, Edit 2 is only 500 Nuyen. Put Ergonomic on a Single Program and you get it for an additional 300 Nuyen. (A direct Comparison with the Net Wizard for all Rating 2 Programs (Analyze, Browse, Edit, Purge), with Command 1, is 450 Nuyen, which is still cheaper than the Net Wizard unless I add an Ergonomic Option).

Purge is Nice, but it is a Rating 2 Comlink. Might get it or not. Again, only 100 Nuyen for a Rated 2 Purge if I want it (I replaced Purge with Encryption for my base Selection).
Command is also not too bad, but generally not necessary for the typical user, assume that if we have it, it is rated at a Rating 1 (Like the Net Wizard Suite), for an additional 50 Nuyen (I replaced Command 1 with Reality Filter 2 in my base Selection).

The published Suites are mostly useless to the Rated 2 Comlink, as they lose a lot of their functionality, as you paid money for ratings you cannot even use (if you want to use them you have to add the Optimizarion Program Options, and that just costs more money). The only benefits are that they can all run in a single program space (as they are inherently Ergonomic; and they could scale if your average person chose to go to a Rated 3 Comlink). Not bad, if you have the money to waste. If the average person wants Encryption, they must still purchase the Rated 2 Program for 100 Nuyen, and the Customized Iconography is also an additional 100 Nuyen. So the Net Wizard Suite is still 30 Nuyen More Expensive than the Package I put together (680 for the Suite vs. 650 for the Package I put together; Of course an Ergonomic Option on the custom package will add 300 Nuyen to the Custom package). The Only selling point of the Net Wizard: Single Program Space. The reason I did not include Scalability as a Selling Point is that the AVERAGE person will not upgrade to such Hardware (we are assuming Average People use Rating 2 Hardware after all). If we want to include Scalability, you must also include the costs of the Optimization Options on the Suite Programs, assuming you want to use the Rated 2 Hardware (so an additional 300 Nuyen on the Net Wizard). *shrug*

Joe Wageslave may or may not purchase a suite. It is a close comparison, money wise.
Professional Users will indeed purchase such a package, as it behooves them to do so, and it is likely that they will actually purchase a more powerful, customized version of the Power Suite if they are Heavily into the profession. *shrug*

And as for your comparison, so they have a Net Wizard/Power Suite running. Then you add Encryption and Reality Filter, and there you go, 3 running Programs, your loaded Agent once again crashes the system. *shrug*
NiL_FisK_Urd
QUOTE (Tymeaus Jalynsfein @ Nov 22 2012, 04:53 PM) *
And even if you (as the hacker) start shutting down programs prior to the load (which is not going to happen, as you wanted an automated solution so as to leave less of a trail), when My Up and Running Scan, Browse, Analyze or Reality Filter shuts down, I will be automatically alerted (either the windows close in my AR, or my iconography changes) so that I can then take steps to investigate, initiate a Forced Logoff of all connections, or just reboot. If you choose to shut down the Encryption, then the ARC automatically reboots to restore theservice and dump anyone in the Link, sinn that should NEVER shut down on its own, and when it dfoes, that is an indicator that the system has been compromised.

That is only true if someone who knows computer stuff configured the comlink - but Sue Typical and Joe Average are not likely to have ranks in the "Matrix Security" knowledge skill. Most of them will ask if you mean a part of a cathedral when you say "ARC".

Also, if your browser crashes, do you (i mean you as a real person, not a shadowrun PC) initiate a Forced Logoff of all connections/reboot or do you just restart firefox/ie/whatever?

Next, Scan is only used to find Hidden nodes - all other nodes are automatically detected (note that the rulebook lists System as required program, not Scan).
QUOTE (SR4A @ p.229)
Detect Active/Passive Wireless Nodes (System)
You automatically find all of the nodes within Signal range that are in Active or Passive mode.


Analyze, Browse, Command and Edit are normally purchased as a "Common Use Program Suite" (SR4A, p. 232), which, according to UW, p. 128, only counts as one program when calculating for processor load.
Security conscious users will also run encrypt and maybe purge (because viruses and trojans are more likely to encounter than hackers), but these users will most likely use DR3+ comlinks.

Also, the MSP (which is included in lifestyle) provides a remote-operated agent with browse and edit, which even makes the "Common Use Program Suite" dispensable for many users. (UW, p. 201/202)

And the thing that bothers me most: You do not need to load the agent into the hacked commlink, you can access it from the (expendable) commlink. Even better, you could use a flying microdrone as a relay for your hacking attempts.

If you really have to load the agent into the mook comlink, let it use "Server-Side Programs" (UW, p.109) that you installed on a hacked nexus, therefore only using 1 processor slot on the mooks 'link (the agent itself).
NiL_FisK_Urd
QUOTE (Tymeaus Jalynsfein @ Nov 22 2012, 05:24 PM) *
Assuming they bought a suite. Not a likely choice for someone with a Rated 2 Comlink, as they can get the same programs for less at that rating.

The Power Suite is 1240 Nuyen (Analyze 3, Browse 4, Command 2, Edit 4, Purge 4, Scan 2)
The Net Wizard is 480 Nuyen (Analyze 3, Browse 3, Command 1, Edit 2, Purge 3).

You are mistaking the "Program Packages" from UW, p. 127 (which is not a suite and therefore does not get the benefit of the reduced processing power) with the software suites on SR4A, p. 232, that can only be purchased with a comlink.

Basic: Analyze 2, Browse 2, Command 1, Edit 2, 300¥
Basic+: Analyze 3, Browse 3, Command 1, Edit 3, 400¥
Pro: Analyze 4, Browse 4, Command 2, Edit 4, 600¥
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012