A lot of arguments on this board bring up the idea that no sane non-civilian would ever have their wifi on because they might be hacked. It most frequently comes up when talking about street sams on a mission into a secure facility, but it's come up when talking about 2075 military forces, augmented sports player (combat biking and urban brawl players are certainly augmented). For the purposes of this argument, let's stick with Street Sams as part of a Runner Team on a mission.

We'll go ahead set this up a reasonable street sam that is taking precautions to protect his wireless. A good R6 commlink owned by the Hacker, a Wrapper program to conceal device types a bit, and even a box of Stealth RFID to toss out if he get worried.

If I'm a Street Sam (something like the Archetype on page 112,) and I have most of my gear's wireless off, because it's a run and that's what smart people do, which is to say that's what the team's hacker told me to do. However, there is a handful of gear my street sam will want his bonus from, including Smartguns. So I slave those to a Rating 6 commlink owned by the team Decker. Let's say the decker is like the one on page 121. I also have a Wrapper program running on a tiny Bug-Drone, so all my wireless gear shows up in the matrix looks benign. Lastly, I've got a small Altoids sized tin, coated in wireless blocking paint, full of stealth RFID tags which I spread all over the place if I decide to really mess with a spider.

This is a basic run, nothing too extreme or easy. We're breaking into a corp facility after hours to steal a small non-military drone prototype. The facility has decent security, including a Host system, some on-sight security guards (rating 2 NPCs, page 382), security drones, and an on-call remote spider (Rating 5 Elite Corp Security LT on page 384).

Keeping in mind that radio signal scanners either spots & tracks an icon or not (they can't look for the number of hidden hidden icons or get details on icons they have spotted such as verifying their icon,) that Security Guards aren't very good at matrix actions (security guard NPCs on page 382 lack the computer skill), that the Spider isn't within 100m of the facility, and is probably in the host system not on the local grid if present at all (let's assume he is,) and that Drones do not have a persona and therefore can't take matrix actions at all, in how much danger is the street sam from being hacked? What happens when combat breaks out and security suddenly knows he's there?

The most immediate question that comes to my mind is who exactly is hacking the street sam? The Spider could do it, but he'd have to leave his Host to try, and that's something the Shadowrun team's decker would love. Even if he comes out of the Host, he's not a member of GOD, even if he's a member of the same AAA corp and this is all happening on their site. Moreover, the street sam is on the local or public grid. If the Spider comes out of the host and starts hacking the street sam, he's going to start getting generating OS and might get converged on. (You really don't think a massive souless corp will let even their own people hack at will? I don't think they trust their own people that much. A spider can do what he needs in his own division's host, but I bet he's not allowed to just doing things anywhere in the matrix because he's not part of the corp's subset of GOD.

Assuming the Spider does come out of his Web Host to hack the street sam, can he really brick the sam's smartlink enabled cybereyes before the sam has time to turn the wireless off? IE: can he do it in a single action?

Uh, they can detect and spot hidden icons and they also pinpoint the location of the signal in the same action, so it's basically a Matrix Perception + Trace Icon in one action. The way the Bug Scanner description works, you don't even specify if you're looking for icons running silently, it's just that if there are any in the area, they have a chance to resist detection.

I think the real risk isn't the street sam's stuff getting bricked, but rather having the team's cover blown. If I'm the corp, I just stick an agent running constant matrix perception tests on a micro-drone (or other drone type) and hope that blows the cover of anyone not running totally wireless dark. Matrix perception tests are pretty hard to hide from, and even if the drone+agent has a smaller pool than the hacker, if there's an infinite amount of tests then variance will catch up with the samurai in the end.

The stealth RFID tags actually make this problem worse, because they add a bunch of weak, suspicious hidden nodes to the mix.

However, I consider the desirability of running infinite matrix perception tests and the ability to deploy matrix chaff in the form of wireless enabled toothbrushes to be the two biggest holes in the matrix system. I know it's not the purposes of this thread, but if anyone has ideas for how to housefule those then I'm all ears. My own blend right now is to strictly limit matrix perception tests (it's like sonar, if you get one then I get one), and to let hackers automatically matrix-spot anything they can physially point an antenna at.

Your basic premise involves having a dedicated member of the running team just to protect the Sammy, given that you can only have Rating x 3 devices in total slaved to the team Decker's cyberdeck, and commlinks provide essentially zero protection against a rival Decker's dicepools. Your average street sam is hauling around a dozen or so bits of cyber and gear that need that protection all by himself.

Without that Decker, the sammy's gear is toast.

Even though the Spider is well outside of the 100m range, he's inside the building's Host, and has all the time in the world once alerted. He's bricking roughly one item every other combat round with his Cybercombat of 7+ Logic of 5 vs the Sammy's Intuition of 3 + Firewall (None or by deck if he happens to have slaved his cyber to it), and the device resisting damage from the Spider's Atttack of 8 with Device Rating (2 for most everything the Sam's got on his sheet) + Firewall with an available (Rating/2 +8 ) boxes of damage each.

Since there are no visible effects of cybercombat damage, the sam's really got no way to discover what's under attack until it overflows and bricks.

Also, Security Spiders etc. are immune to GOD's concerns on the Matrix per the book, so yes, it is fully expected that the corps will turn them lose to hack at will on intruders because they face zero consequences for doing so. Welcome to extraterritorality.

Oh I agree with all that. I was unclear in my initial post.

I was trying to say that Radio Signal Scanners can't detect the number of hidden icons in an area, which is to say they can't determine if they missed something. They also don't analyze icons they do spot beyond "This is the icon" and "This is where it is." That makes them very vulnerable to the Wrapper program.

Well, you don't need to actually have the Decker dedicated to ust protecting the Sammy, he just has to own the Commlink that is protecting the Sammy's gear (Mind you, the only reason to do that is if the Decker has better mental stats than the Sammy, if not, then the Sammy can slave the stuff to his own Commlink. Either way, given that the whole idea of this exercise is that the Sammy turns off his non-essential gear, a rating 6 Commlink will protect 18 of the Sammy's devices, and if he only has the "essential" ones on (I will admit to not knowing the full extent of Blackjaw's essential devices, but I would assume it is less than 18) than the Commlink can protect them all.

I think Blackjaw's further point is that given that the Spider is inside the Host, he can't do anything to the Samurai's stuff unless he leaves the Host. This potentially allows 2 things, either 1) The team's decker is outside the Host, and can attack the Spider without worrying about IC as well, or 2) The team's decker is inside the Host, and now doesn't have to worry about the Spider (at least for the moment).

Next, as far as what kind of danger the Sammy is in, it depends. Assume your numbers are right with the Spider - Cybercombat of 7+ Logic of 5, but he has to account for Noise, which may be significant depending on how far away he is. The Sammy, on the other hand, resists with Int of 4 (the decker's) and a Firewall of 6 (the commlinks) which means that the Spider is only beating it by a little bit. What it probably means is that he does a significant amount of Matrix Damage to the device, but doesn't brick it in one shot.

Now, since Data Spike is an Attack action, it automatically lets the owner of the device (the Sammy) know that it is under attack (page 236). At which point, he takes a Free action, and shuts the wireless off for all of his devices (page 421) - at which point he is completely immune to the Spider's Matrix attacks.

Note - even if he doesn't buy a commlink, and has no Matrix support in the form of a decker, the worst thing that happens (from a Data Spike point of view) is that the Decker gets one attack, and then the Sammy uses a free action and disconnects himself from the Matrix with all devices.

So I am actually interested to see if the the threat is real. My inclination is that it isn't as bad as people think it is, but I'm open to changing my mind if evidence is provided. I admit I'm biased, but I want the real answer here.

That said, I disagree with a lot of your response:

1: Decker are supposed to be providing some matrix defense for their team, and they can do so for the entire team rather easily. The decker provides this benefit mostly passively, and can do it for the entire team through simply having a few extra $5000 rating 6 commlinks to accept the slaved devices. It's actually easier than having the team mage provide counterspelling. A rating 6 commlink provides Firewall 6, which is 6 dice towards protecting against rival deckers. All this, and it's not even costing the decker any actions.
2: He's not just protecting the Sammy. He can be actively hacking inside the host, and the sammy still gets the firewall and intuition of the decker, as is the rest of the team. With the wrapper program, these devices and extra links can be set to look like something safe, such as the RFID tags attacked to various every day items (candy bars, desk chairs, and all the other objects that are likely to be inside a building but not slaved to the host system.) A radio signal scanner is unlikely to raise an alert if a candybar is spotted in the building.

Of course once the sammy starts shooting, the alert is probably raised, so we can move on from there.

Without that sammie, the decker's probably getting shot. Teams are teams for a reason. As I've pointed out above, the decker providing protection for the sammy gear is actually very easy on the decker so there isn't much of a reason not to do it. If a Sammy is really that paranoid about even his own team's decker, he really should be using throwback devices.

He has to leave the host to interact with icons not in the host. That's a basic matrix rule about hosts, as noted on page 246: "When you’re outside of a host, you can’t in- teract directly with icons inside it, although you can still send messages, make commcalls, and that sort of thing. Once you’re inside, you can see and interact with icons inside the host, but not outside (with the same caveat for messages, calls, etc.)." Hosts and buildings/physical space are not the same thing. If he leaves the host he will need to look for the icons beyond 100 meters of his physical location to find the sammy's icons in the grid. I agreed that once he has some idea what to look for, say from viewing the sammy on a security camera feed or the goggles of a security guard, it's probably only 1 action for him to locate an icon for the sammy in grid space, such as his active cybereyes.


I think you're underselling the Sammy and forgetting some issues for the spider.
First, most devices have a firewall equal to their device rating (P 234: "For most devices, the Matrix attributes are the same as the Device Rating."), so that Rating 2 Smartgun will get to throw Firewall 2 + Intuition 3. Of course I noted earlier it's slaved to a rating 6 commlink, so it's actually 6 Firewall + 3 Intuition. Only, that commlink is owned by the decker, so it's actually Firewall 6 + Intuition 4.
Second, the spider is off-site, so he'll be taking a Distance Noise penalty outside of his host depending on distance. A datajack mitigates 1 points of this, and the example security expert lacks Signal Scrubber so that's all he's got. If he's more than 10 km away, he's taking a penalty of 2, 4, or 7, depending on distance. He's also on a local or national grid, and the street sam is on the public grid, so he's taking a -2 cross grid or public grid penalty too.
Note: Facilities that warrant on-site decker defense are much more dangerous than those with an off-site decker. Distance and grid penalties aren't such an issue inside a host, but to attack the sammy, the spider will have to leave the host.

That's a dice pool of about 10 (depending on noise and VR bonuses, 10 may be a high estimate) for the spider vs 10 for the cybereyes, once the spider finds them, which he can do fairly easily without giving himself away. Once found, he can launch a Datapsike at the sammy's eyes, but if it doesn't get through, it will rebound on him instead, so istn't without danger given the equal-ish dice pools. If the hit gets through, it's resisted with 12 dice (Firewall 6 + Device Rating 6) thanks to the commlink applying for matrix defense rolls.

You are right that the cybereyes probably have a a matrix track of 9 boxes (half rating 2 +8), but with the dataspike vs defense being about equal and then 12 dice to mitigate damage, I think it will take 2 or more hits to disable the eyes, which give the sammy time to turn them off.

I though they are immune to GOD while in their hosts. If they leave the host is that still true? (and a page reference/quote if I'm wrong on that.) As I noted, to attack the street sam, he has to leave the host.

Edit : Double post action!

This seems incorrect on it's face. If you've got a reference, I'd love to see it, but that would mean a 5k nyuen Rating 6 Commlink has the same firewall rating as a 826k nuyen Fairlight Excalibur, which is absurd. Mind you, it's these decking rules, so I wouldn't be surprised, just sad.



A radio signal scanner -is- likely to go off if a dozen or more (many more, given the gear list on that sammy) unidentified icons wander in, though. Even with Wrapper, that's a lot of out of place stuff to walk in off-hours. If nothing else, it's movement in an area that it shouldn't be in, which is suspicious in the first place.



Ah, there's the reference. These writers are going to drive me to drink. So many very, very important parts of these Matrix rules that are only defined in 'probablies' and 'abouts' instead of giving us concrete data to plug into the damn rules formulas. But at the end of the day, you've basically only created an argument that a Sammy who is doing literally everything (short of being smart and just not using wireless) he can possibly do to defend himself from a hacker is only moderately vulnerable. Even then, the Spider doesn't need to leave the Host, or even bother hacking anything.

All he has to do is trip the silent alarms, and make popcorn while he sets up a routine to record the fun. But still, even if he decides to continue hacking, the sole defense the sammy has is to turn all of his shit off, like he should have in the first place, because the spider has nothing better to do than dog him. If the team's decker decides to go live to fight, he's got to worry about GOD, and the spider doesn't.





SR5, page 232 :

Of course, G-men, security spiders, IC, and other users who are officially sanctioned by GOD never rack up an Overwatch Score, even if they’re really misbehaving. Such is life on the Matrix. And in the meat world, too, come to think about it.

Nope, they're straight up immune. Authorized megacorporate users using decks burned with chips GOD knows.

Page 222:

Your Commlink’s Matrix Attributes
Your gamemaster will occasionally ask for one of two Matrix
attributes: Data Processing or (if your hacker isn’t doing her job)
Firewall. Unless your commlink is a custom job, both of these
attributes are equal to your commlink’s rating. Just keep a note
by your commlink entry in your character sheet’s gear section.

Thank you for the reference. I agree with the "driving to drink" part of the 5th edition rules layout.


And of course, the team Decker should be hacking those scanners the same way he hacks security cameras. However, I don't think (your millage may vary) it's reasonable to assume the sensor trips an alarm, or even an alert to the spider, any time it sees anything new or moving. At least not in the mid-level security of the run we're talking about.


Slaving your gear to the Decker isn't doing everything possible, it's doing the most obvious thing you should do: turn off the unessiary objects, and let the decker protect what remains. Doing everything possible might include full matrix defense or simply turning everything off.

I also don't classify a "ELITE CORPORATE SECURITY LT" with a Rating 7 Cracking group, Logic 5, and a $549,375 15R cyberdeck as a minor threat. I think the Sammy holds up rather well considering the amount of matrix heat that brings.

Otherwise known as not hacking the Sammy's gear.

He certainly has something better to do: deal with the Decker in his Host. As you note above, the Spider is likely to leave physical security issues (the Sammy) to the physical security forces & drones. If a Sammy has made into his building without setting off a bunch alarms immediately, then he's probably got a hacker too, which means the Spider has threat he's specifically supposed to deal with.

It seems to me the entire thing relies solely on the Signal Scanner.

The Spider does nothing without the scanner flagging stuff up.

Any ways of stopping it working without triggering other alarms?

and then you run into problems when the security contracted/assigned to that company responds, and send half a dozen hackers over to screw you over, taking them less than a second to arrive and start getting to work.

and actually, if there's a bunch of unauthorized stuff wandering around the building, i would be surprised if that *didn't* trigger an alarm unless it was paired up with specifically authorized stuff (for example, if it's the RFID for a frozen meal from another company marching along with a guard's commlink, gun, cybereyes, etc, it's probably not gonna trigger anything... if it's just a pile of mysterious candybars floating through space, that's probably going to get passed along to someone to take a closer look at, and is most likely to lead to an alarm being triggered in very short order).

going wireless enabled most likely is going to trigger an alarm before you can even get the run going, unless you're doing a social infiltration or something like that (in which case not going wireless enabled would be likely to trigger an alarm, ironically enough).

once the alarm is going, it's not that hard to call in additional matrix resources from nearby to shut you down hard, meaning that you either need to shut down your wireless gear (and not have the wireless bonus anyways) or let your stuff get bricked one or two pieces at a time.

so sure, you can have your wireless gear active... until you need it, which will be very soon because you just told the security you're there by leaving your wireless on. have fun with that.

(also, just hacking everything as you go isn't exactly a great option... you either need to be getting a direct connection to each one, or you need to face off against the host's ratings. the former means you have to pass through the sensor's detection radius before you can do anything to the sensor, the latter means the hacking is very much non-trivial, and you can either choose the hacking option that always lets them know you're there when you succeed, or the hacking option that always lets them know you're there when you fail, which will happen eventually... neither of those are great options).

of course, if you've pre-emptively done all your hacking to get into the host, you'll have a much better time of it, since that will give you your direct connection. on the other hand, who's to say they don't have either multiple hosts (one for research, one for security, or for separate parts of the facility, etc) or even just some equipment that isn't connected to a host to mix and match their vulnerabilities.

Hacking it and doing a continuous Edit File as the team runs buy. Of course, that could raise some alarms if your decker is not very good or the Host is highly rated.

Question.

In prior editions was there this level of 'a random group of unidentified icons has appeared, investigate immediately!' response?

Or is this new with Wireless?

If not new how were corp sec. described as dealing with it?

The sense that icons could be detected when they weren't actively doing hacking things started in 4th edition with the wireless matrix. Prior to that there weren't concerns about icons appearing because there were no icons to appear.

In 4th edition this could nominally have been a problem, but it was very easy to run wireless dark (or close to it) and avoid signal scanners.

Since running wirelessly dark is more contentious in 5th edition, and since the wireless spotting rules are kind of a hash, we have a lot more debates about the subject.

I don't buy that anyone does this, because like with everything in reality, we get slack over time. For instance, people claim that all security personel will always have their wireless off, but when their IT guys want to do some maintenance it will become an uber pain in the arse to manually round up everyone that works at a facility and give them all checkups, firmware updates, etc. Over time, and with no incidents going from months to years, security tends to get slack. A corporation will see that there is money to be saved by having wireless on, and reasonably robust security (a decent host rating, ICE and spiders).

All this ultra-paranoia is the ultimate game breaking reality, because in reality people become lax with security. Sure runners might constantly be in situations that will make them paranoid, but we don't really care about what they do on a day-to-day basis. We want to know what the security is doing. If it can't be circumvented then the hacker archetype is pointless.

Here's another reality check for Shadowrun. We all seem super security conscious with matrix security to the point that it makes deckers redundant but are totally fine with the fact that most facilities will only have enough security personel that a runner team of 3-5 is enough to use smash and grab tactics.



That's the exact point to consider. tactical hackers should basically be a runner-only commodity. Corps will have spiders, and perhaps special forces hackers, but certainly every 5th security schlub isn't going to be carting around a deck.



Exactly. It depends how they do it but either way they have to be pretty damn competent to do it in less than 2 IPs.

Well, ya gotta give the whiny deckers something to do in SR5 since they apparently had little to do in previous editions.

Which is pretty entertaining, since my Cyberlogician had to triage his actions because he ALWAYS had things he could be doing on a run that involved Hacking. It is just that sometimes, shooting someone took priority over the hacking.

Which goes against the apparent "logic" of how hacking works in SR5 The way things are set, the hacker should be trying to digitally fornicate the opposition's smartguns and other various wireless things, not be shooting at them.

I so heavily disagree with that sentiment that I have difficulty putting it into appropriate words. It will ALWAYS be better to shoot someone than to try and hack their Smartlink. Especially since the Opponent Hacker will be so tied up in fruitlessly trying to hack my own non-wireless stuff that he will not actually see me killing him. *shrug*

And I'm with ya. "Never bring a computer to a gun fight."

There are two really problematic matters with the prescribed way of defending against hackers as a non-decker:

1) You have to effectively sign over ownership of cybernetics to a person that is not you yourself. A person who may even just be assigned to your team on a by-mission base. A person who is a career criminal and who you likely do not know all that well. That is a great amount of trust in a likely malignant stranger that's required. And who's telling the Sammy the decker will not insert a backdoor into his eyes for when they are on opposing teams?

2) High-Threat Response Hacker Teams (HTRHTs). Given the relative compactness of a metroplex setting, noise is less a factor than it is made out to be, and putting a team of combat hackers someplace within a 5 mile radius of everything is definitely possible. Either a AAA has it'S own in-house hacker team, or securicorps rent theirs out to other, smaller companies for a price. The HTRHT is on-site in what, one turn? - and will proceed as Jaid has described. End of runner team.

In the end, if you are discovered, you are done for. Forget ever using you targeting aids in the kind of situation where you need to shoot your way out of someplace - it'll be a system on alert and the Matrix will be swarming with hackers; you'll need to unwireless hard or risk vital implants being bricked. And there's really precious little a non-hacker can do without acting highly naive (1.) or the world decidedly ignoring possibilities for game convenience in a popcorn movie plot hole manner (2.).

And, given the wording of how security spiders are exempt from GOD overwatch, there's even a third possibility: proactive hacking. Given that security spiders are "never" going to raise an OS, they can just roam the grids and brick whereever they want whatever they desire, so a raid on a runner team (a Shadowrun staple) should start not only with a spirit materializing, but also with a few combat hackers bricking all cybereyes they can locate (I doubt the team decker is on Matrix overwatch all the time, so maybe they want to brick his deck too while they're at it). It's possibly just yet another instance of CGL's current writers being unable to write clearly, but ... well, read as RAW, this makes non-hacker mundanes and especially cybernetics heavy character types even more vulnerable.

Guys, you're starting to get a bit off topic. Weather or not hacking needed this kind or reworking isn't exactly relevant to this particular discussion.


Deckers aren't cheap. They are highly trained individuals equipped with hundreds of nuyen worth of gear each. A small team of them costs millions, that's just for one shift. Round the clock, "there in seconds" coverage would be extremely expensive. So expensive that for the same cost as a team of 6 deckers, you could get 5 combat experts implanted with the latest combat gear and rigger in a Nissan Hound, the "bleeding edge" & fully armed helicopter, to deliver them to which ever facility within your hypothetical 5 km just discovered Shadowrunners, and shoot them and their step van get away car to hell. 5 km isn't far to cover a Nissan Hound. Another example might be having powerful Spirits on call. They can arrive about as fast as hackers could through the matrix, but they can seriously mess runners up in the physical instead of just trying to hack devices. For millions being spent to have your hypothetical response team, a crop could keep a selection of bound spirits to send out to their facilities when alarms are tripped.

I think it's overkill. I think things have to escalate to a particular point before an HTR, virtual, physical, or astral, is called in, and they have to be scrambled, which will take minutes of communications even for virtual or astral versions. "You got a cyborg troll monstrosity firing rockets and lobbing grenades? Ok, HTR will be there in minutes." vs "You got break in? Buddy that's below my pay grade. Call me if something explodes, and keep in mind we'll be billing your department for the cost of the response."

Or off how Matrix Perception works, depending on your point of view. Running Silent should be the answer to a lot of these issues, but without Sleaze it's kind of a joke, and while the developer reponse was "slave your stuff to the decker's cyberdeck" that doesn't work for groups with a Technomancer, and cyberdecks have really small device ratings so they can't accommodate nearly enough devices. The other half of the topic is "can the street sam walk around without setting of alarms" thanks to his lack of access to Sleaze ratings, and what happens when the alarms have been tripped: how likely is it that building security will attempt to counter hack him, and what would that look like?

This really is gray area of the rules. Depending on how a GM interprets the effectiveness of signal scanners really affects how wireless gear can be used by players.

I'd argue that all icons are just icons floating in space to a signal scanner. They don't have the smarts to look at something and consider if it makes sense or not. That's actually pushing the limits of the Dog-Brian drones and software Agents of Shadowrun too. A Spider paying close attention to his radio signal scanner logs might notice it, but I'd argue, if only for reasons of playability, that the signal scanners just spot icons, and could probably set off alarms if those icons are of a type that should be a concern (weapons, mag lock sequencers, chameleon suits, etc.) A Spider looking at the logs might notice something, but getting an alert every time an benign looking icons is picked up is probably only a good idea in heavily secured facilities where they can do a full detail scan of every one and everything coming into the building to compare it against.

It could, in high security facilities that make sure they know about all the icon in their building and have the resources to tack down every single icon that suddenly shows up. I'm arguing that's not something most facilities do, as it's the equivalent of airport like full body and gear scanning everything that enters the building so you can compare that static data against anything new. I'm betting most buildings don't do that for the same reason that physical security isn't at 100% efficient in all facilities: human beings just don't act that smart, especially not cogs in a massive institutional bureaucracy. Also, signal scanners aren't 100% effective, and employees might turn their devices on after reaching their desk. The likelyhood of false positives vs runner teams in most buildings means an alert for the spider to look at something is what you'd get most of the time. The spider might look at the log on the signal scanner device, or he might leave his host and come look on the grid space, but I suspect spiders prefer to stay in their hosts.

Again, that's assuming the spider leaves the host to come attack you and that fellow spiders are somewhere on stand by, or willing to leave their posts, and come engage in grid-level combat. GM's call I guess.

Actually once you are inside a host, you are considered to have a direct line connection to everything in the host. The point of a Host system is that's like a big secure virtual building. Hacking into it is hard because hosts have high ratings and often higher firewalls, and once inside you have to deal with IC, but the devices are vulnerable. It's why spiders need to be very careful about what devices or on the host. Page 233: "If you are in a host that has a WAN, you are considered directly connected to all devices in the WAN." Page 359: "Creating a Host is akin to constructing a building and putting important things inside." A Decker can, and should, be disabling the security systems they will be encountering, but he will probably need to direct line connect to something on site first in order to get into the host to do that. Once inside the host, they can work on all the Cameras, signal scanners, and so on, although those device icons may be running silent inside the host too. Their most pressing issue is likely to be Patrol IC and/or the Spider.

Of course sections of the building may not be online, but then the sensors aren't in the host, and aren't sending alerts to the spider nor are they visible to the spider. It's also probably a section of the building with wireless blocking paint or wallpaper, so the Street Sam won't be online anyway, so the entire issue of spiders attacking the sam or other runners becomes moot in those areas.

Firstly, being master in the slaved device framework doesn't change ownership, so the Decker isn't effectively the owner of those devices, and can't therefore do anything that requires him to be the owner of those devices. It actually wouldn't give him the ability to do anything with them besides defend them in the matrix. To do more than that, the owner, the Sam, would have to invite him to place marks on the devices.

Second of all, the closest thing to a "back door" in this case would be marks. Marks vanish when you restart your device, or when the person who placed the mark restarts the device running their persona. Either way, hacked back door won't last long.
Even if the Decker were some how get the legal "open invitation for 3 marks" that invitation can be rescinded, the device restarted to clear the mark if it's there already, and the problem is gone. Long term hacks like true "Back doors" simply don't exist in 5th edition (yet.)

That means the only thing the Street Sammy needs to worry about is the Decker hacking him while they are working together on a run... which is about as likely as the decker needing to worry about the Street Sam shooting him for no apparent reason, or the whole team needs to worry that the Mage will use mind control magic on them. Professional runners aren't likely to be doing this kind of back stabbing and remain in the business. Either their Rep will take the hit and they won't be able to get work, or they will be shot by someone.

a cyberdeck isn't cheap, that doesn't necessarily mean there isn't a much less expensive version that is orders of magnitude more bulky, for example. also, you don't necessarily need one set of equipment per shift. in fact, you most likely don't. each person will have their own configurater files, but that's pretty much all you need. take a minute between shifts to transfer ownership, and you just trade off decks as needed.

every building pretty much has the ability to detect whether someone belongs or not. even if they turn of wireless on some of their stuff, it's extremely likely they have dozens of RFIDs on them. and heck, odds are good that their work commlink being turned on is their key into the building anyways. there's nothing incredibly difficult. first off, *any* unknown hidden mode icon is suspect. it doesn't matter if it's a candy bar or a main battle tank. hidden mode isn't normally used, it's suspicious. period. secondly, any icon that is not within about a meter or so of a legitimate icon is likewise suspect. it doesn't take a lot to generate a very simple set of parameters for who belongs that will quickly single out a typical runner team for closer inspection.

if the corporation goes to the effort to disconnect some devices from the host, and leave others connected, you either have two hackers or you only cover half the devices. most likely the devices in the host will be hard to access physically, while the ones that are harder to secure will be not connected to the host. that said, i don't know what makes you think that not being slaved to the host somehow prevents them from ever communicating with the host. do you think that your commlink needs to slave or be a slave to another commlink in order for you to make a phone call or send a text message to another person? sending a message via the matrix is a thing that happens all the time on a regular basis. there's nothing special or difficult about it.

A device for which there is not a description or hint of in the book. It would make sense, but it's neither RAI or RAW.

I'd love to argue that an add-on module for commlinks can provide them with a Defense-Only Sleaze rating, such as an updated version of the Non-standard Wireless Signal systems of 4th edition, or maybe just what ever system they build into the Stealth RFID chips already in 5th edition, but it's not in the book either.

The same is true of some of the physical (the cost of a single deck could get you implants for 2-3 people, and guns could be issued via shift like the decks), and especially the astral HTR teams (Bound spirits are bound spirits). The fast response 5km team hypothesis either makes all shadowrunning near fatal as soon as the first alarm is tripped, or it doesn't, regardless if the team is wireless off or on.
I continue to agree it's a reasonable response to a big problem: like serious firepower on the shadowrunner side, or a break in at a high security facility, but unlikely for average runs.

The book doesn't clarify here. Either random icons showing up is a great way to run security and all of the wireless rules in the book are just things security gets to use against you most of the time, or they aren't. I suspect that's not the intention of the poorly written rules, and it depends greatly on how much information the signal scanner can pass along with Host, the Spider in it, and how/where decision making takes place to determine if something is a problem.

Signal scanners don't note or care if an icon is hidden or not. They either spot/trace an icon or they don't. They don't look for the number of hidden icons, and they don't look for details on that icon. Once it's spotted, its not longer hidden to them. If you want someone to look for hidden icons, you need something with a persona to make matrix perception checks. Security guards are bad at this, so either you spider has to do it or you need an Agent on a drone, which may not be RAI.

And what exactly is taking these actions and making these judgements? Signal scanners are dumb little $300 boxes. They have no physical or matrix actions of their own. If a device comes near them they either see it or don't. The exact extent this extends to the Spider in a Host is still unclear. You can choose to judge the system as being very good, so again wireless is useless and far too much of the book is devoted to it, or you don't. There aren't any rules in the book either way.

If you want to call it poorly written, I'll agree with you.

I still submit that should the alarm sound, one way or another, the response is unlikely to be a Hacker death squad instantly showing up so much as the spider, and he's still unlikely to leave the host to hack the samy because he'll be too worried about the decker probably in his host. Even if he does come attempt to hack the street sam, he's unlikey to brick anything before the sam can react.

Yes the Radio Signal Scanner setup is annoyingly vague, and can have a drastic effect on gameplay depending on interpretation.

This was a misreading on my part. I thought we were talking about devices that weren't online at all, such as hardline only devices setup inside matrix free zones where secret data even the Spider isn't supposed to have access to is kept. I've reread the post, and you're clearly talking about devices on the matrix but not in the host. My mistake.

Devices outside the host clearly can send messages to things inside the host, and the reverse. It's one of the handful of things icons in the matrix can do across the barrier of in/out of a Host. Message are about the limit of the interaction allowed, however.

Any devices outside the host can be hacked by the Decker before the team enters the building, preferably setting their alert criteria to something the team won't trip so marks on the devices won't need to be maintained, and you can reset your deck before the run instead of gathering more OS. Devices outside the host will either use their own poor ratings, or will need to be slaved to something else. Commlinks, RCCs, and Cyberdecks are the most obvious choices, and they typically have lower firewalls than hosts.

Ok, I feel like I'm getting less civil than I should be.

I'm sorry if I've gotten rude.

I'm calling it a night.

the radio signal scanner is *one* way of tracking wireless signals. for less than 10,000 nuyen (retail, you can be sure megas get it for themselves at a lower price), you can have a drone roaming the site with an agent that will run matrix perception checks on a regular basis. it's cheap, it works very well, and gives that brain you were saying would be needed to do the basic analysis of what gets flagged for immediate investigation by a human.

the detection gear can run in hidden mode as well, btw; if you don't know whatever vaguely defined threshold of information is required, you can't even make a matrix perception check on it from beyond 100 meters. at which point, if it's that relatively inexpensive drone i mentioned, it can also attempt to detect you.

and while not every situation calls for the hacker doom squad, most of the time when shadowrunner teams are involved, *if* there is anything wireless enabled by the shadowrunners, it is likely to be one of those situations. if nothing else, it is likely that the facility employs more than one spider/security hacker (probably at least 2, more likely 3 with possibly a 4th that is on-call as a substitute in case of serious illness etc).very

going wireless enabled is like going on a run where you wear clothing specifically designed to contrast with the dominant colours of the facility that looks absolutely nothing like any sort of uniform or regular clothing employees might be wearing.

sure, you can do it. but it's gonna make you a lot easier to spot.

there's a ton of stuff out there to hack. hackers don't need to be able to hack black ops personal equipment or cyberware that should have pretty much been exclusively designed for combat situations where you can expect to have your vulnerabilities targeted.

But it shouldn't be. That's like saying it should always be better to shoot someone than to throw a fireball. When often, throwing a fireball is actually way more effective than shooting them.

The Matrix needs to be a real threat. Or else it makes no sense on how Deus was able to take over the SCIRE if everyone worth their salt could simply just turn off all devices connected to the Matrix and effectively give Deus a whole lot of nothing to do.


The same thing that protects runners when off a Mega Corp site is the same thing that will protect them in the Matrix. Extraterritoriality can easily be assumed to cut both ways. A corp spider's jurisdiction ends at the corporation's Matrix space, which includes hosts and the AR locations of Corporation Matrix Space. If it didn't work that way, then why not just send spirits and HTR Teams to a runner's house and murder them all while they sleep? That'd be more effective than brinking their gear.



That is not RAI or RAW. There is a very clear list of what a rigger can run on Drones and RCCs on p269.

As for my opinion on it. I do think a runner will need to be mindful of the Matrix, but not irrationally paranoid of it.

No such thing as perfect security. Odds are radio scanners, won't pick up devices slaved to a decker's deck assuming he's half decent at his job. And if the decker wins, the radio scanner sees nothing. I don't see any indication that it should somehow magically know that there are devices running silent, so it should just be ignored. However, maybe we're doing a social call with our Face, and they need an RFID tag which he doesn't have. Well, then we'll need our decker to hack the scanner and hit it with an edit command or spoof to give the false positive for our Face's disguise to stay intact. That might require our deck to get access to a maglock or security cam, and hard line in to to mark the Host. And once the host is marked, the decker won't need to stay hardlined. He can still hack in AR and wirelessly connect to the host. nothing in the rules that say hosts can only be accessed through hard connections, and its not like your mark on the host is going to go anywhere unless the host reboots for some reason.

Umm...this "axe murder them in their sleep" thing doesn't already happen in your games? I'm sorry, but I have a very hard time imagining a mega security team simply pulling up to their property line with a "Aw-shucks! Those crazy Shadowrunners done got us again!?! Time to pack it in boys!" *shakes fist at the shrinking tail lights* "Curse you, Reed Richa, err...Shadowrunners!!"

No, the megas call their plainclothes HTR team once they find and fix the 'runners and axe murder those punkass little bitches. Mount their heads on spikes in the front lawn and then hit up all the 'runner boards with trideo footage of them being brutally prison-sexed before they get their heads chopped off with a strongish message like, "This was the last 'runner team that fucked with Ares. Fuck us? No, FUCK YOU! Will your head be in a spike next?" Runners in a deep, dark hole but you find who they were? Snipe their mother. Gang rape their lover to death. Frag their cat. Tear their whole fucking world down so that people that they contact will turn them in or their whole family is slaughtered and still wave some reward at them as a great carrot.

Congratulations, your game is unplayable.

A Mega Corp would never do that, because Mega Corps aren't idiots. If they kill every runner that is able to actually do their job, they wouldn't be able to hire them later to do the exact same thing that happened to them to their competitors. Its just business. Having runs happen against them is just par for the course. This isn't to say that an exec who's project just got defunded because the runner team stole his prototype McGuffin; wouldn't try to get some revenge by hiring some other Shadowrunners to kill the ones that cost him his bonus. But it does mean that Damien Knight or the Board of Executives aren't going to know or care who those runners are and won't waste corporate funds to simply get revenge.

Don't shoot the messenger. Or in this case, don't shoot the deniable assets.

When the Corps get hit, they don't really care about the Runners who did it (unless the Runners gave them a reason to - like playing golf with the heads of CorpSec guards and pissing on the executive carpet). They're far more interested in getting the guy who hired the Runners - which is why if you bother to track the Runners down at all, it's only so they can lead you to their Johnson and maybe even kill/capture the bugger for you.

Sure, you threaten them a little. You have a stronger bargaining position if you play a little "Good Corp, Bad Corp" first. You tie them to a chair, you have your thugs rough them up a bit, you rattle off their misdeeds, you tally up their crimes, you explain just how much Bad Trouble™ they are in, and finally you point a gun at their heads, then pause as if to consider. They sweat it out while you "make up your mind", and of course you show them "mercy" - not too much, of course, but you definitely make them an offer they can't refuse.

Now you've got the team who hit you doing you a favor. If they succeed, you win. If they die in the attempt, you lose nothing. But it's actually in your best interest to bankroll them a bit, increasing the odds of success. Sure, you could go shop around for other Runners, but these ones are already under your thumb, which means they'll work for a discount. Plus, you already know they are competant, because they proved as much against your own forces. Treat them well, let them do the job, and then give them the right mix of carrot and stick to keep them working for you in the future, and not working for the competition.

~Umi

No, it isn't. It's saying that taking the opportunity to permanently remove an opponent (killing him) is better than taking the opportunity to hamper the opponent's performance (hacking his smartlink).

My Saturday night game actually had a bit of combat this last night. It lasted all of one turn before three of the five runners in the team had incapacitated four Russian thugs. One thug was on the edge of life (1P remaining in his damage track) after taking a punch from a troll, another completely passed out (stunbolt spell, single shot), one nutted by an ork, and one completely intimidated into surrendering after glitching on a dodge and dropping his SMG while avoiding said troll and ork and watching his buddies get leveled like wheat by a scythe.

I welcome SR5 theorycrafting to what a hacker or technomancer (with no readied sprites), in AR, could do in a single combat turn before the fight is over.

deus took over SCIRE because the whole thing was hardwired to him. he was *designed* to run the system, and was hooked up to the whole archology. of *course* he was able to take it all over. there were even specific rules for having a cable to your drones if you wanted to go there, btw, so that *gasp* your drones couldn't be hacked wirelessly! (shock! horror!)

almost as if once upon a time, the assumption was that you weren't too stupid to take precautions when you enter a zone where you are at the mercy of a superior foe, and close off your damned vulnerabilities so you don't get wrecked.

the thing is, when dealing with shadowrunners, in the matrix at least, the amount of time between "nobody even knows i'm here" and "facing half a dozen security hackers/spiders" can be a couple of seconds or less. in the meatworld, they have to actually send in a physical team that takes time. sure, you can send in a spirit pretty quick (2 IPs to be in the area once sent, if they have a metaplanar shortcut - and if they don't, well, good luck with that because you gotta get them through all the wards and stuff you use to keep spirits out ), but there's a reason security almost always incorporates humans, and that's because humans are better at doing what their corporate masters want them to do. for example, a fire elemental is very handy in a fight, but it's not likely to know that you absolutely do not risk taking a shot when your most important researcher is being used as a hostage, and likely isn't too worried about fighting next to that giant tank of flammable chemicals...)

Just an aside as I've seen several people mention it as their go to example.

Cybereyes.

Should never get bricked by a hacker.

The eyes have NO wireless functionality. There is no benefit to having them Wireless enabled. Not in a 'the risks outweigh the benefits' kind of way but in a 'it's all stick no carrot' kind of way.

Smartguns, your glasses with visual enhancement, earbuds with audio enhancement, Wired reflexes+Reaction enhancers are the things that you might actually have turned wireless enabled. Of those only the Wired+Reaction would be crippling to get bricked and their bonus isn't that useful in my eyes anyway - really expensive in both money and essence to make real use of.

Technically, cybereyes DO have wireless functionality.

Implanted Smartlinks. Unless you have a Datajack which is wired directly into your smartgun, the only way your eyes can communicate with your gun is via wireless. The same also applies to transmitting visual data to a standard cybereye Image Link.

Even with wired connections, if your Smartgun is wireless enabled, your eyes are vulnerable. Ditto for connecting to a commlink which is wireless enabled and sending a video feed to your eyes. If your cybereyes are receiving data from a device which is communicating with the Matrix, your eyes can be bricked.

Pretty friggin' stupid, neh?

So if you want to use a Wireless Enabled smartlink for that fancy Wireless bonus, don't stick the smartlink in your cybereyes - stick it in a pair of glasses or goggles or some other external device that you can just stop using if it gets bricked. Either that or learn to enjoy electrical fires inside your skull.

~Umi

Discussing Wireless bonuses is getting a bit off topic again. I was hoping to avoid making this yet another thread about how silly wireless bonuses are. For better or worse, they exist in 5th edition. I personally stand by my opinion that they were a good idea (risk for reward) that was poorly executed. My hope when starting this thread was to really nail down how much of a threat it is to have a few of them on, and what reasonable actions a Shadowrun team could take to allow their non-cyberdecked characters to keep some of them.

Back to wireless signal scanners: Having had a couple of days to dwell on it, I'm backing off on some of my rebuttals to Jaid and other's posts on the dangers of wireless devices on a run in terms of detection.

Before I go any further, I want stress that I'm not trying to make a rules as intended argument so much as a rules as written argument. I can't claim to know how the game developers expected this to play out, but I have a sneaking suspicion it's not how the rules imply it should work out. I guess I'm trying to find out if it's still reasonably playable.

A wireless signal scanner by itself is a fairly unintelligent bit of gear. It either spots & locates devices or doesn't. It's a helpful tool to carry around in a handheld sensor, but it has it's limits. What is clear is that a scanner that passes that information on to it's operator. If you use the device, you see the icons. That's it's primary purpose: to detect hidden or concealed devices for you.

If you integrate such a device into a Host system WAN, then it's therefore logically passing those spotted icons onto the Spider running the host. He can't "see" the icons directly from inside the host because the rules on interacting with icons outside a host from inside a host (and the reverse) are very clear.
BUT, it's also fairly clear that the device icon for the signal scanner itself, and therefore all the information the scanner is providing, is accessible because it's icon is in the host with the spider. In much the same way I expect all the security feeds from cameras can be integrated into a virtual bank of images, I suspect all the icon spotting information could be combined into a 3d display virtual display. Throw in a Mapsoft with a wireframe of the building, and it should be possible to map the movements of all detected device icons within the coverage of you scanners directly onto the a VR map of the building.

The sensor rules make Signal Scanners as cheap as any other sensor, as they all have the same price per rating, but still more expensive than a simple camera (which expressly includes a microphone as well.) A rating 1 camera $100, and doesn't need a housing. If all you want to do is look at images of a hallway to see who is there, a rating 1 works fine. An RFID housed rating 1 Signal Scanner isn't much more expensive at $140, but to get much quality out of your signal scanners you need higher ratings. An RFID sensor tag can hold a rating 2 sensor, but a $100 wall mounted sensor housing can hold rating 3 for $550 total. I suspect anything past this point is prohibitively expensive for full facility coverage, and would only be seen at security checkpoints, were smart runners will turn off their wireless if passing through, or simply avoid by breaking in somewhere else.

So the first question is how effective are these devices? The rules for sensors seem a little messy and I haven't found details for self-opperating/unattended sensors. (let me know if I missed them, things are scattered throughout the book after all.)
Signal Scanners are operated with Electronic Warfare + Logic [Sensor Rating] as per Bug Scanners on page 440. With their wireless on (which is assumed for this security setup) they can use the sensor rating instead of user's skill. While not expressly stated, I suspect you could leave this "autopilot" on continuously, but would doing so still provide you Logic or would the device only be throwing it's rating in dice? I'm not sure, but as this is an active dice pool, not a defensive one like firewalls, I lean toward no Logic unless you are using the device and interacting with it. In my opinion that means:
A character using the scanner throws his Electronics Warfare + Logic [Scanner Rating]
A character operating the device with it's "wireless bonus" throws Scanner Rating + Logic [Scanner Rating]
A device set to run by itself throws just Scanner Rating [Scanner Rating]

Would a network of a dozen or so of these things tied into the Host system count as being operated directly by the Spider? My opinion is no. They are separate devices. The spider could pick one and use his attributes & skills with it, in much the same way he could pick a camera feed and analyze the image, but I don't think you can argue that the spider is continuously using his abilities through the entire network at once. Agent programs lack the Electronics Warfare skill, so they aren't able to do so either.
That means, again in my opinion, unless there is an operator/spider actively suspicions enough to run a signal check through a specific sensor, the sensors are only throwing 3 dice each time a hidden device is brought near them.
It's also unclear if the device gets to keep throwing to detect an icon in it's radius, or if it gets the attempt only when the device enters it's radius. If the second, does it lose 1 die from it's pool on each subsequent attempts, thus making less likely? How often does it get to make an attempt considering it has no initiative? Again, the book seems to lack these details, but I'd go with one check per device each time the device is brought within 20m of the scanner.

This is resisted with Logic + Sleaze (if any). For the Decker, this isn't much of an issue. The Archtype Decker we are using for this example would have about 11 dice vs 3 to hide their deck and any gear slaved to the deck.

For the purposes of our example, the Sammy has slaved their wireless gear to a Rating 6 Commlink owned by the Decker as well. That means the street sam's gear gets 6 (decker's logic) dice vs the scanner's 3 if it's in hidden mode. Another reason to have a High Logic for deckers it seems.

You can further try to conceal issues with the Wrapper program, which is the software equivalent of putting on a disguise before walking in front of a security camera. If the device is spotted, it will look like and report back to the Spider what ever the icon is set to look like. There is sadly no dice roll associated with this, so it's not clear how good it is at fooling someone. As other posters have noted: Icon unexpectedly showing up in the building, and move around on their own, is suspicious, and at least worthy of sending a drone or guard to check out.

Another bad thing here is that there is no alert to the character that their icon has been spotted. You probably don't know that your smartgun (currently wrapped to look like a corp issued commlink) has been detected and that a drone or guard is on the way to check it out until that drone or guard shows up.

At this point, my opinion is that running with wireless gear is a risk (which I think it should be), but not a death sentence with a little planning. There is no reason to run with all of your gear's wireless bonuses turned on at all time, but it might be worth having a few things turned on, at least in short amounts of time while you need them. The B&E Expert might want the full bonus from their chameleon coat and may temporarily turn on their Autopicker's bonuses when dealing with the rare keylocked desk drawer, etc. The fewer icons you have running the fewer chances the signal scanners have to pick them up. A single candy bar wrapper showing up for a minute is less suspicious then a half dozen office chairs moving around the floor. If the entire team can limit their wireless devices to just a handful of icons, it might be possible to slave them to the Decker's deck. This would be particularly helpful to icons that you'd want on most of the time, like the B&E's chameleon suit, or the rigger's bug drone the team is using to scout and spot guards/drones/cameras/etc.

Unfortunately, the use of hidden icons has a draw back in the "detect number of hidden icons" matrix perception action. While the spider can't be checking these things himself unless he is on site and out of the host, it does appear possible to run an Agent program on a drone, and set it to continuously look for the number of hidden icon, then try to spot those icons if any are found. Hidden icons are inherently a problem and would raise alerts to the spider. Page 269: "A drone has a number of slots to use for autosofts and cyberprograms equal to half its Device Rating, rounded up." Page 269 also includes a side bar "list of handy programs for the savvy rigger and their basic function," but does not seem to explicitly limit riggers to using those cyberprograms. The list includes a number of both legal and illegal cyberprograms but leaves out obvious things like Browse or Edit, as it seems to specifically cover programs that can directly aid or defend riggers and their drones. In theory a rigger can run any cyberprogram they want, but they won't get much use out of many of them as their RCC or Drone lacks Attack and Sleaze ratings. Running Decryption on an RCC gives a +1 bonus to a stat the RCC doesn't have, is therefore wasted. Running an Agent on an RCC or drone limits the agent to only the legal matrix actions, but it's still enough to make matrix perception rolls. Intended or not, this setup seems RAW and as reasonable as anything else in a game with dragons and cyberspace. Note that while the agent can send a message to the Spider indicating it's detected hidden icons, or even reporting what icon's it's analyzed, it can't share this spotting information with the Spider/Host/IC. It's it's own persona operating outside the Host.

Countering the Drone/Agent combo requires hacking the drone. It's vulnerable because for the agent to do it's job of inspecting the grid-space representing the facility it has to be on the grid, and thus not in the Host. With a range of 100meters it may be possible to do this without getting to close to the 20m signal scanners, but if you know the agent is there, you could simply go looking for it from beyond that range. Hack it, and alter the agent's instructions so it stops looking for hidden icons, and leave it to go about it's rounds. You can even reboot your deck afterwords to clear your OS before the "real" part of the run gets going.

I think the number of threads which end up going back to the absurdity of wireless bonuses (at least in their current form) is indicative of just how much of a problem they really are for many, many people.


Except there're these things called Errata and Splat Books, and bad or broken rules are meant to be altered or even removed outright if they prove highly problematic and unpopular. It's not just a done deal and nothing can be done about it - people hate this rule, and they're going to keep complaining until it gets fixed. That doesn't necessarily mean remove the concept entirely, but it does mean make it actually make sense and actually perform the role it was intended to perform.

~Umi

Well this thread has gotten pretty off-topic with another 'wireless suckz0rz debate', but I'd like to try to address the original question.

Leaving aside the signal scanner / drone-agent / box of RFID tags debate (I don't think any of these RAI are actually supposed to be real security measures, though understand that RAW leaves all of these potentially open), I'd like to dive into what happens once a Street Sam is actually spotted. If a decker comes out on to the grid, I would first like to argue that identifying a Running Silent device without actually seeing it is more tricky than you're giving it credit for. For example, let's say there's 2 Street Sam's in the party and they're both carrying Ingram Smartguns and each have an Ingram Smartgun back-up in their pack. That's 4 Ingram Smartguns in a very close vicinity. I see no way by RAW for the decker to clarify which of those guns corresponds to which icon he's looking for. If he sees a camera image of them and knows their approximate physical location, I'd let him narrow his search to 'Ingram Smartguns Running Silent in the East Wing', and he could spot those 4 icons, but he'd have no idea which is which. I'd say he would have to choose randomly which to hack and might hack one of the back-up guns in someone's pack.

But that issue isn't too bad. Let's say he doesn't care about guns and he wants to hack some Wired Reflexes (no 'back-ups' there).



Let's assume this is the case. The decker also gains +2 for Hot-Sim, but that's cancelled out by -2 for the Sammy being on a public grid. That's a dice pool of 12 vs. 10 (the Decker's 4 Intuition and 6 Firewall from Commlink). You are correct that this is a tough battle for the decker, but that's a 53% chance of scoring at least 1 Net Hit. Let's say he's smart and hacks the Wired Reflexes once before attacking. If the Hack is successful, then a one-shot to the Wired Reflexes is very doable. Assume the corp decker has a pretty good deck with a high rating of 6. With Decryption (+1 Attack) and Hammer (+2 Damage), he's got a Base DV of 9. On top of that, if he's running Mugger, his 1 mark will add 3 more damage for a base dv of 12. If he gets just one Net Hit (a successful attack), that's 13 damage.

I don't believe slaving a device gives any benefits to Damage Resistance, only defense tests, which are expressly different from Damage Resistance tests. So the Reflexes don't get to use the Commlink's Device Rating/Firewall for Damage Resistance, only their Device Rating 2. This has no hope of preventing a one-shot against 13 damage. So, a one-shot is a very real threat IF the attacker gets a mark first and IF the attacker beats the defender in their attack with relatively close dice pools. Of course, once this happens, the Sammy will immediately flip all of his gear to Wireless OFF, so while there are some risks to running Wireless ON I don't think they remotely out-weight the benefit. Even with the potential for a one-shot hack of 1 of your devices, the ability to instantly flip all of your devices to Wireless OFF means you're foolish not to utilize their Wireless benefits.

double post

That's what you get for posting without wireless enabled

+1

~Umi

an extra 2 dice to your firearms pool is not worth the risk of getting blinded.
an extra 3 points to your reaction is slightly more worthwhile, but still not worth the risk of losing 5 points of reaction and 2 initiative dice (especially if your GM reads the bricking rules and doesn't interpret them to mean something different from what they say, which would likely make that also paralyze you and inflict a great deal of internal damage).

and actually, you can lose two devices at once, per hacker who's working you over. as i pointed out, it's very good odds that in case of emergency, the facility you're in can bring in at least two hackers in addition to the on-duty hacker (assuming that a shift is not 12+ hours... if that is the presumed shift duration, you're still looking at two hackers total, each of which can still fork to brick two devices at once).

it also gets a heck of a lot worse depending on how liberal your GM is with data bombs. i mean, realistically, you *should* be able to detonate them remotely, but there's nothing that says they are. if you can, then it's quite possible that a hacker could spend several IPs setting up, and then suddenly brick every device you had wireless enabled on all at once.

@Blackjaw

Ownership is next to undefined in the core rules. And the way I read it, you cannot slave things that you do not have ownership of. However, that's neither here nor there. So much about such critical rules is undefined. What a mess. Hardy's trademark handiwork.


So are corporate goons meant for threat response (elite CorpSec goon, p.284). You know, the people runners regularily kill (unlike deckers, who are unlikely to be killed, especially if they swoop in as a team, alpha the opposing decker's deck, and then go to town on anything wireless the taregts carry). Such an attack by a team of maybe 3 deckers (investing maybe 600 K in three decks, with a three-shift rotation of deckers and ownership transfer as per shift transfer) would cost as much as half a decent HTR team, and greatly increase any security operation's effectiveness. I cannot see why that's more expensive than throwing 250K per goon soldiers into the grinder.


Not really, all they need is a sitrep, which can be automated from agents or sensors in the facility.

@Deathstrobe

VEERYTHING in the arcology was WIRED to the SCIRE. With WIRES. that's how it worked. The thing was a CCSS nightmare. If it hadn't been, DEUS WOULD NOT HAVE HAPPENED AS IT DID. Because, precisely, everybody could just wireless-off their stuff and the AI could sit in the Matrix and sulk.


Not by the way the piece on SecSpiders is worded. Note the use of "never". This means Exterritoriality means nothing for these guys. They can just go about their business wherever and ignore laws. Which is what I referenced and you should have read.


Because we're talking about two different things. I am talking about the "runners tgot macguffin, ambush!" encounter that's in every other published SR adventure, you are talking about ... I don't really know. In my scenario, they would not hit the runners because they want to pose off, but because the runners have the MacGuffin and they want it back. They could just attack perceived runners in the same vein the US military attacks possible terrorists, but they'd have to identify a target first, and the error margin, going by American operations, would be massive. Wanton killing in your own markets is bad for business in the long run, though, and since SR megacorps do not operate primarily on value based management, that's the view the SR megas take.


"Riggers can utilize a number of cyberprograms that deckers usually use. Programs purchased for use on an RCC cannot be used in a cyberdeck and vice versa. As with decks, RCCs cannot run more than one type of program of the same type, even if you rename it. Here’s a list of handy programs for the savvy rigger and their basic function."

You and I have a different idea of 'very clear'.


Costing him how many actions?


RAI or RAW?

That is an idea which you have invented yourself, not one which is contained anywhere in the rules. The rules do have their issues as written, but you cannot fault them for extra-textual things you're putting on top of them.



Competent deckers are also rare, and there's not a damn thing that can be done about that. And in SR5's Matrix, you can't get by hoping for good luck if you're not good enough; you've got to have the skill and you've got to have the brains.

I suppose you have a writeup of the definition of ownership to back this up?

I suppose you have some text linking slaving and ownership? Because absent that, I don't need that definition; you cannot provide evidence for your reading, because your reading is extra-textual.

The for the record, the example Spider I have been using is the "ELITE CORPORATE SECURITY LIEUTENANT" on page 384. Using both Decryption and Hammer his base damage could be as high as 11, but he lacks the mugger program. I think I quoted 8 before from someone else's post without verifying the math, and it probably lacked the software boosts. As an "Elite Rating 5 Lieutenant" his stats and gear may be a bit on the high end for the average facility, but there weren't any lower end spiders in the NPC section to use instead, and I wanted a set base of stats for this discussion.

As for the 12 dice pool, you're assuming that the off-site night shift Spider is within 1km of the facility. I suspect he's not that close, which means with only his Datajack for Noise Reduction, he's probably taking at least a -2 distance noise penalty, and possibly more, if he tried to do anything on the Gridspace instead of in the host. I figured 10 dice was a reasonable value, but it could be as high as 12, and is 14 if he's attacking a Decker in his host. This is why onsite deckers are more effective than remote ones, but it also means the shadowrun team can shoot them and steal their deck, which costs half a million dollars new. Honestly, if I was pulling a run a facility where the spider has such a nice bit of hardware, I'd be tempted to run a trace on him, and if he was just 1km away, he might be worth visiting later expressly to collect his nice deck.

As for marking the sam first, to get bonus damage on a dataspike, keep in mind that marking the Sam's gear for extra damage is also a dice pool of 8-12, depending on distance noise, vs 10 on defense. If he does so with a Brute force, he's alerting the sam to the attack if he succeeds. If he does so with Hack on the Fly, he risks being spotted and marked if he fails. Either way there is about a 50% chance that taking the time to mark the target will alert them to the hack attempt, giving them a chance to turn off their wireless.

I thought damage resistance tests were a kind of a defense test, but if what you say is true, it very much changes my mind about the safety of devices from enemy hackers/spiders, as it makes it much more likely that a device can be bricked in one average attack instead of two to three average attacks. What are the chances the book clarifies this?

Page 358, PANs & WANs says: "When configured in this way, every device uses the Rating of the Master instead of its own when doing any sort of test." This particular line is a bit of a mess, as it would mean that a Commlink slaved to a Deck suddenly gets to use Attack and Sleaze ratings... which shouldn't work. Page 233 says the benefits of a PAN are only for Defense Tests. Defense test are never explicitly defined any more than Damage Tests are. Is a Damage Test a Defense against Damage?


You and I have a different interpretations of how corp facilities handle their security. I've seen your argument that the average corp facility should have multiple spiders on hand at all times and the ability to call in more quickly at a moment's notice. I disagree.

First of all, the multiple Spider and rapid on call decker squads are not described or implied in the book, nor are budgets for facilities that gives anyone the authority to claim it's a reasonable expenditure.

To my view, which is to say my opinion, corps are not likely to spend that kind of resources on most of the facilities. A corp has thousands of facilities and if each of them is spending the kind of money you're talking about on matrix security, that's a MASSIVE outlay of cash on something that doesn't contribute to the bottom line. A good deck and someone trained to use is large expense, far more than a security guard, on par with an attack helicopter. Corporations exist to make money, not be secure. They won't throw any more money at an issue then they can justify, and often times far less than they probably should. If a facility isn't getting attacked regularly, I doubt the exec in charge of it or the his regional boss, or the accounting department, etc is going to justify laying out so much money just for matrix protection. It's the same reason why even the "elite" corporate security guards on page 384 have rating 4 commlinks instead of rating 6. Hell, even the elite special forces only have rating 5 commlinks.

I suspect your average corp facility, which I define as one not working on a highly advanced project, black book project, or military gear, might have 1 spider on duty during the business day, possibly even physically in the building. He'd be running matrix security during the hectic day as people come and go, files move around, and deliveries and visitors show up. He might possibly acting as a kind of system admin as well, helping to deal with file sharing issues, etc within the Host.
Outside standard business hours, the building and host is much less active. I suspect instead of paying a small army of people to sit around waiting for a possible shadowrunner incursion (which I don't think happen to a particular facility more than one every few years at the most), the corps have a single on-call spider assigned to a group of hosts in their region or division of their particular corporate subsidiary, spending a portion of his shift in each host, checking in on things and making sure there is no evidence of a hack or break in, but mostly relying on the system's impressive firewall, the active Patrol IC, and the physical security measures in the facility itself. A single spider maintaining the status quo in 6 sites is a lot cheaper than 1-2 in each site with 6 more on call at all times, and in my (real life) experience, most corporations pick cheaper over efficient 9 times out of 10, especially when dealing with divisions that don't directly contribute to the bottom line, and deal with risk of possible future bad things vs spending a lot of money now and maintaining a force of well paid people that do very little most of the time (as they are waiting to defend.) Security doesn't produce products or make sales, so most facilities would throw "enough" money at it to be reasonably secure, not as much money as it takes to be completely secure.
That means the Spider may not even be in the Host when the players arrive, and likely wouldn't show up unless an alert is trigger, although he could get their quickly. It also means he's basically alone, and that even if he did have a friend to call in, it's probably a spider from another series of facilities farther away, and thus racking up larger noise penalties... or he's got to wake up one of the day shift spiders, which means it may be minutes or longer before they show up.
Higher security facilities are much more likely to have on hand spiders, 24 hours a day, and possibly access to multiple hackers, even if some of them are just on-call backup.
I think this is basically how matrix security was defined in 4th edition, and it matches the security descriptions of Border crossing hosts in the 5th edition Coyotes book, where only Very Hard border crossing rate an active Spider in the system most of the time.