SR5 stuff here!

I've finally gotten round to reading the Matrix chapter properly and now I have questions.

1. Can you target devices that are slaved to a host if you aren't inside the host? I.e.: I am across the corridor and see a maglock, the maglock is slaved to the host, can I hack the maglock straight away or do I need to enter the host first? What if I had a cable plugged into the maglock would I still need to get entry to the host first?

2. If you get a mark on the host does that mean you can use the Spoof Command action on any item slaved to the host?

3. How can you even hope to deal with IC? Just Jack Out?

4. Data Taps are wireless enabled, they make devices either end of the Data Tap directly connected. Could I place a data tap on something, wireless on, and hack the devices either end of the data tap from range by wirelessly accessing the data tap?

5. If I have a direct connection to a device I use that device's ratings and not the hosts, ok. I get a direct connection to a device that is part of the host, place a mark on the device and thus the host, can I then use any device slaved to the host as though I had a mark on it?

Thanks!

Do my best here.

Yes, assuming the device isn't in the Host (which, according to Aaron on the official boards, may not even be possible). If you directly connect to the maglock, you ignore any Host protection. As a bonus, if you MARK the maglock, you get a MARK on the host due to the slave/master relationship.


I believe the Spoof Command has to come from the owner. I'm not sure if a Host can be considered an owner. I'd say no as it seems just a bit too powerful.


Basically. You can usually go a few CTs with them as it usually takes a few CTs for the Host to load all of them up.

RAW, the wireless function of a datatap is to destroy the datatap remotely. With that said, it's often pointed to as one of the only possible ways for a TM to perform a direct connection hack, depending on interpretation. I'd allow it since TMs are already kind of fucked as it is.


Master/Slave MARKing relationship only works one way, from the bottom to the top, so you don't get a MARK on all the slaves if you have a MARK on the master. With that said, in the case of a WAN, if you successfully mark the Host (the Master), you can then enter the host, which provides the benefit of a direct connection to all devices that are slaved to it. So hacking the devices becomes much easier since they don't benefit from the Host's firewall anymore.

1) To my understanding, hard-wired access always gives you the ability to hack a device directly, and it defends with its own stats.

A device which is Slaved to something else can still be hacked directly, but it uses the stats of its master for defense purposes. If you successfully Mark the slave directly, you get a free mark on the Master as well - although if you fail the hack, only the slave gets a mark on you, and the master does not.

As for how this works in refernce to Hosts...


I take this to mean that if a Device is slaved to a Host, that necessarily means that it is part of the Host, and is inside it. Otherwise, how could the device and Host interact directly with each other?

If you access the slave device wirelessly, you do so through the Host. If you access it with a cable, you're technically accessing one of the constituent parts of the Host individually.

-

2) The Spoof Command matrix action specifically states it "only works on devices and agents, not IC, sprites, hosts, personas, or any other icons".

-

3) IC can be engaged in Cybercombat.


So basically hit it with Data Spike until it crashes.

-

4) I think you're slightly misunderstanding Data Taps.

If two devices are linked by a cable, you can "tap the line" by attaching a Data Tap to the cable between them and intercept the traffic crossing that cable. If you plug one of your own devices directly into the Tap attachment, you've essentially plugged it into the other devices which are connected by the original cable, and they all share a hard-wire connection.

As for the Wireless function, the Data Tap itself has a little Wireless transmitter and receiver, so you can tap a line between two devices, then remotely communicate with the Data Tap itself, having it relay information back and forth.

Yes, you could remotely access the Data Tap to hack the devices it is directly connected to. Yes, this hack would count as a direct-connection Hack for most purposes. The exception is that if things go the other way, and the device you're Tapped into tries to backhack you, it hits the Data Tap and suddenly runs into a Wireless Gap, so it wouldn't count as a Direct Connection to your cyberdeck or whatever else you're wirelessly connecting to.

-

5) No, you only have a Mark on the Host and individual slave you originally Marked - you don't also have Marks on every other device inside the Host.

~Umi

Ok, I read it though as the action targets a device and you only need a mark on the owner



So you 1. mark the owner, 2. target the device with the Spoof Command action.

You aren't targeting the Host, IC, Spirtes or Persona, you're targeting the device. You only need the mark on the owner. So the whole 'trick only works on devices and agents' thing means you can't Spoof Command on a host, but you could Spoof Command something in the Host's WAN?

In a corp site, who is the owner of a security camera? Or a maglock or computer archive? If a Corp. Security guard has a gun but the gun is owned by their Corp and not them I need to get a Mark on...Ares Macrotech if I want to Spoof Command the gun? 'Cos that sounds like it will end badly. Spiders may not be on every site but Ares Macrotech almost certainly has a Spider checking their 'owner' id...thingy.

Can you tell who the owner of a device is?



It has attributes equal to the Host rating (+1/2/3), is that it or do they have a 'Device Rating' to add to their defence pool too?

I.e.: I use Data Spike on one I roll Cybercombat+Logic [Attack], they resist with Intuition+Firewall (what's the Intuition of IC?) dealing [Attack]+Net Hits in DV, they resist with Device Rating+[Host Rating Firewall], what's their Device Rating?

In general then. How do I benefit from marking a Host?

Just reading the chapter and not trying it out...the whole process seems to basically boil down to 'keep rolling until you fail once, fail once and flee the scene immediately 'cos you're fucked, the alarms go up and it's a firefight'. Hacking only seems possible if you directly interface with a device because Hosts are rolling more dice than you to defend against your actions, Control Device requires having a wide variety of random skills to actually use the devices.

It seems very complicated and the dice pools you have to overcome - repeatedly because single failures can be catastrophic - are very high. You have to invest completely in decking to approach competent.

I'll have to see how it plays out at the table before casting final judgement but it's not reading particularly well right now. Doesn't help that I still don't know what I actually need to do to hack a security camera across a compound and make it turn to face a different direction, or open a Maglock from across a hall...

you don't need control device to make things perform a basic function, you can just send a command to open a door, tell a gun what to shoot, turn a device on or off, etc (on a side note, i'd recommend simply editing the camera rather than trying to make it point in a different direction).

control device would be something you might do if, for example, you want the door to sit open just enough to stick a gun through so that your team can use it as cover, or to override the sensors that detect resistance so you can use it to crush a person in the doorway when the normal safety system would make it automatically open again (and for that there is no appropriate skill, so you use the default listed in the control device action).

ownership is a bit screwy. officially, the owner is a person or legal entity, but that makes absolutely no sense; how does a laser sight identify which individual is controlling? the only way i can think of is to associate matrix ownership with a specific device (and the persona associated with it, if any), but that is not what the rules say. on this particular matter, you are going to have to house-rule it. telling who an owner is, however, should be simple enough (you can tell who has marked the device, and ownership is a sort of superior version of marking the device). you might not get a name, but you should certainly get whatever matrix ID is associated, which should generally be registered to someone i would expect.

as to difficulty of hacking, as was pointed out it's not quite as hard as you think. the first hack may be difficult, if you can't get a direct physical connection, since a host will protect any device it's connected to (on a side note, slaved devices have rules for how to hack them when they are slaved to the host but without a direct connection, which is only possible if devices slaved to the host still have a wireless presence outside of the host, so whoever said that a device on a host can't be hacked without a direct connection or being on the host is wrong; it is very hard, usually, but not by any means impossible).

but once you've got a mark on a single device connected to the host, you're able to log in to the host, which gives you a direct connection to every device that is slaved to the host... which means the host no longer gives them a bonus to their defence tests.

so for example, if you're in a facility full of devices that are typically device rating 3, if you can get a mark onto one of them (for example, by getting a cable to a door, camera, etc), you then log into the host and are facing that same device rating 3 (with probable accompanying firewall of 3, usually meaning a defence pool of ~6) against anything connected to the host. against anything not connected to the host, well, they've only got their basic defence pool too. multi-host setups get a bit harder, as it's going to involve repeatedly logging in and out of hosts (and the patrol IC will generally get a check to spot you when you log in) though.

with that said, yes having the highest dice pool possible is pretty important, because a single failed roll on a sleaze test means you're marked, which basically means you're completely and utterly screwed, so you really do need to be able to very reliably completely crush your opposition, even if that opposition is "only" 6 dice much of the time.

Bear in mind that the real trouble is getting files.

Files are not devices, so even if you are in the host, you do not gain "direct connection" to them. So, while if I get a mark on the host, hacking a camera to turn off is relatively easy (since you are just trying to beat Device Rating x2), trying to Crack a File or Edit it still gives the protection of the Host - which often can be FAR more dice than what you are rolling.

true, files can be pretty rough... but you generally don't need to do that *repeatedly* so it's a lot easier.

with that said, considering you are almost guaranteed to have to use an attack action to get a file (breaking file protection is attack, and who doesn't file protect?) you could have dicepools in the 30s and you'd still be detected after the first one anyways.

Send Command? Is that a Matrix action?

I see Send Message which allows me to send text or files or set up a live video feed (e.g.: I hack a camera, I broadcast what it records to the team mates) but is that the action to tell a door to open/close or a motion detector to turn off?

If I just turn off a motion sensor or a camera won't that alert anyone paying attention to their security that they've just gone down? Thus immediately alerting them that something is up?

Crack File is an Attack action so simply attempting it immediately alerts the target (and thus owner) that they've been attacked. Simply trying to open a locked file alerts the system that there's a Hacker about actively attacking it so I don't see that as a useful option until the closing stages of a run when you're already preparing to leave. Actually...there's not even an action for the owner to deprotect a file and you can't use Spoof Command on a file anyway so ignore that line of thought...

As an aside. There's this whole bit on ownership needing to be changed with extended hardware tests while it instead looks like a use of the Format Device action would make the stolen goods impossible to trace anyway, thus removing the risk of sending a warning about you failing to switch it over. Stealing stuff is much easier than it was made out in the ownership section...

For a Host system, and probably for a corporate facility's gear not on a host too, the Spider is considered the owner of the devices.
Page 360 "Since spiders are considered the owners or administrators of a system, they can command any of the devices in that system without having to gain any marks, since they already have the owner mark for all devices. "

That means if you want to spoof commands to a device inside a host, you need to have a mark on the Spider, not the host.


Maybe. Ownership counts as having 4 marks on a device, so if you use matrix perception to look at a device icon, you can examine it's marks. Marks do not carry an ownership "name" but it's possible to ID marks to a persona you are familiar with.
Page 220: "Seeing a mark does not automatically tell you who put it there, though. Usually, you can only recognize a mark if you have already seen the persona responsible for the mark, or if you’re familiar with his or her marking style."

Trying to open a file doesn't alert anyone. Succeeding alerts them. Attack actions that fail bounce off the firewall and raise no alerts (although they do increase OS and they can damage the persona that attempted the attack as it rebounds back onto them.)
Success at cracking a file's protection alerts the file's owner, which is not necessarily the Spider, and isn't directly the host. Hosts aren't personas and can't own anything.
Most files a shadowrunner would be sent to steal aren't owned by the Spider. A research data file would be owned by the researcher, for example. You could crack the protection on such a file inside the Host, and for the Spider to know the researcher would have to notice (hopefully he's asleep) and then they would have to contact the spider.

It's still a mess. Cracking protection should really be a Sleaze/Attack option, and the complete lack of a legal way to remove protection is a prime example of the poorly executed matrix rules.

In theory, protecting a file is somewhat like encryption combined with DRM. No one can do anything with the file, owner included, until the protection is removed, which is again silly when you note the lack of instructions for removing protection legally. I personally consider it to be a password situation, just like setting a databomb. If you feed the protection the correct password the encryption is removed and you edit and work with the file normally, depending on marks/ownership as usual.


A formatted device can not connect to the matrix and does not gain any wireless bonuses. This doesn't change ownership, because ownership is partially on the grids, not just the device. Page 236: "Ownership, at least in the Matrix, is something that is registered with both the device (or other icons) and the grids, so it’s a bit more involved than just putting a “Property of [blank]” sticker on it." Formatting just keeps the device off the matrix, which you can just as easily do by shutting it's wireless off manually if you have physically stollen the thing. The fact that a Hardware check is needed to alter ownership illegally implies that you're doing something akin to removing/replacing the ID chips in the device so that it's no longer matches the ownership listings out on the grid.

Of course if the object also have a few tags on/in it, you'll need to disable or destroy those too... or jam them with noise until you can deal with them.

In my Pbp Campaign (Nothing is Free in the Free Zone) we are experimenting with being able to make a Crack File action as a Sleaze action instead of an Attack action by taking a 4 dice pool penalty.

I wouldn't even bother with the penalty because sleaze carries it's own drawbacks already: Failing to crack protection causes an alert to the owner, and the owner of the file gets a Mark on you.

An interesting idea might be something like a hacker cyberprogram that prevents an alert when cracking a file. You'd still take full unresisted damage from failing to crack the protection, as it's still an attack action. Useful, but it sucks up another program slot that's only used for that one action. Sneak sets a bit of a precedent here, with it's complete negating of convergence tracking your location down, as do programs like Exploit, which provide a bonus only for specific actions.

That's a hard thing to answer without more details on how legal users interact with Protection. Right now, a protected file can't be opened or altered in anyway while protection is on, and there are no rules for legally removing it. Despite this, the book describes that users typically places their personal files in a folder and protect it so they can not be easily pursued by others. Page 222: "These files are visible to people who can see your commlink in the Matrix, so most people keep all of their files in a protected folder."

Honestly though, if you really want a file protected from hackers when you're not using it, just put it in the Host Archive when not in use, where it currently can't be interacted with by a hacker unless they somehow already had it marked, or get help from someone who has it marked. I assume that protected files can't be archieved because they can't be interacted with while protected.

it would certainly add a social component to datasteal runs.

yeah, archived files make no sense. i try to ignore their existence entirely.

i mean, it's basically 100% effective unhackable protection. archiving everything that you aren't currently accessing should pretty much be the default, because it completely removes one angle of attack (it leaves attacking the file owner open, but it's not like that isn't an option already anyways).