There's been a lot of really interesting discussion here recently regarding decking and its lack of realism and smooth mechanics. The following is an attempt to improve the whole concept start to finish with the SR2 rules. For those who might remember, I started up a brand new group of SR2 players last year, and it's been going quite well. I had originally spliced together a rules packet for them which you might remember.

Now, I've done it again with a complete revamp of the flavor and rules of decking in SR2.

LATEST VERSION UP HERE: SR2 Decking Rules & Fluff Rebuild

This packet has two main goals:

1) Justify & rework the flavor of decking to account for modern technology enough so that the concept of decking as presented becomes plausible (pages 1-11)

Koekepan in the 6th edition thread made a brutally honest point that is basically: Decking at its heart is portrayed as a combination of judgment and blinding speed on a hacker's part, but reality has no analog where the supposed advantages of the deck add up. How does the Direct Neural Interface make "superhacking" possible?

As Flaser and a few other users pointed out, you pretty much have to pull the handwavium/quantum computing trigger. Both of these have severe problems with reality. I have attempted to boil it down to the idea that the DNI/VR interface allows extreme efficiency & creativity in using prepared tools, scripts, exploits, etc. (cyber programs) against a hostile learning system in a real time environment. My answer has three parts:



2) Balance and streamline the decking rules in SR2 which, honestly, sucked. A lot. (Rules start page 12+)

Please note, that I am not finished. I am putting it out here to see what you guys think about both points and to get your suggestions on both the flavor and the balance of what I've done as well as to share the work with anyone who'd like to put it to use in their own game. The rules rebuild is meant to streamline all decking actions into a quick flowchart (seen near the end of the packet on page 29). It also attempts to make all 4 stats (Bod, Evasion, Masking, Sensors) useful. The basic decking process is pretty much run program versus IC: IC resists by rolling against one of the deck's attributes as appropriate.

You may also notice that I have been sprinkling in some Shadowtalk. My players love the Shadowtalk, so I've been trying to give them more of it. Specifically, you might recognize a few user names from these boards. If I see someone make a good point, I'll add it into the shadowtalk with that user's name,. I have already sent some of you a PM, but if you see your name and feel your point is misrepresented, you are mischaracterized, or wish to not be referenced, please just let me know, and I'll take it out immediately.

The rules and flavor are still in rough format, so here's what I'm acknowledging needs to be done right off the bat

TO DO:
1) Edit, Edit, Edit. It is currently disorganized somewhat with some redundant material and overlap.
2) More shadowtalk & revise internal notations
3) Play test and continue balancing revised mechanics based on feedback
4) Rework costs & active memory figures to make memory scarce, but not too scarce
5) add artwork, shadowtalk time stamps for April 2050, & other flavor

EDIT: Title typo gore, oh nos

I once made a few half-assed attempts at building a better matrix, my justification for DNI and the whole "consensual hallucination" was a bit different: The human mind requires sensory stimuli and metaphors to absorb information. In the days of yore it used to be text lists of active "sessions" from "users", or a "waste bin" icon on a 2D "desktop". With ASIST you can pour tremendous amounts of data into the brain, but all the information still needs to be "anchored" to a visual or other representation.

Apart from fluff justification, the idea was that every icon in VR comes with a bunch of subliminal information which makes deckers know what that icon of a quacking duck represents (unless it is intentionally misrepresented) without having to analyze it.


This is pretty heretical but...I think SR5 actually had a good idea for streamlined hacking: If a wireless camera is physically sitting right in front of your nose, you should be able to hack it right away without having to go through through 20 SANs before reaching the I/O node (what happened to those btw?) representing that camera in VR. Running through those 20 SANs should of course still be possible for an off-site hacker or in advance of a run, but if the hacker could hurl a rock at the cam in meatspace, he should not have to take that detour.

Decking, given the constraints of the world it is written into, is entirely plausible in SR2.

Where are th rules, actually?

2nd paragraph top post: https://drive.google.com/open?id=0B-GV0IfKz...RmlvWkN3SXRBejg

They start around page 12.

This sounds really interesting, but alas I can't reach the googledrive.

Could you perhaps attach a version to the thread?

Thanks!

Here you go: I just rehosted it on a non-google drive so this should work for you.

It's a big work in progress, and it needs a LOT of editing and play testing, so I'll keep plugging away at it as I get feed back.

SR2 Matrix Rules Rebuild & Fluff

Working on general editorial comments ...

No comment on the first 11 pages, except that I like them.

Page 12, clarification needed: if the security rating is so high that the pool drops to a negative number, is the pool then 0, while target numbers are raised?

The parameters around "engaged with" need to be clarified with respect to black IC. Attacking? Being attacked by? Scanning? Being scanned? Where is the line drawn?

Page 14: Propose rephrase sentence in paragraph 3 to say: Some SPUs are simple roadblocks meant to slow intruders down or keep them out while others are machines dedicated to specific tasks and purposes.

Proposed added flavour text:
>>>>[Lazy SysOps make penetrations so easy. Exploit a camera at the edge of a parking lot, ride it to a SN, open a link to an SPU, then own the CPU. This won't work in Mitsuhama, but you'd be surprised how many C and B corps can be attacked this way. Even branch offices of A corps. For this reason it's not a bad idea to have a portable SAN that can hook into all kinds of connections. Or mod your deck for the purpose.]<<<<
-- Koekepan

>>>>[Some datastores don't really delete things. What's written on them is intended to be permanent. At that point your Erase File operation is enacted when you light the fuse on your thermite charge.]<<<<
-- Koekepan

Pages 17/18: Clarifications on the relevant vulnerability of hot sim/cold sim/VR goggles/tortoises/other means of access. Either here or elsewhere.

Proposed discussion around page 21: How onerous is it to replace the chips if they are damaged? Can a decker jack out, flip open a panel, yank out a smoking chip and slot a new one before jacking back in and being ready to rock? Could a team's medic do it on the fly while the decker is still jacked in and the weapons specialist lays down covering fire? (My tentative answers are respectively: not very, yes, and no.)

Page 25: Can one decker run a Relocate job on another decker's link to defend that second decker from a trace?

Page 26: Much more discussion of Tortoises needed. What if someone doesn't want to hack the gibson? What is to prevent a savvy attacker from going: "I'm going to run this scripted exploit on that poorly secured secretary's terminal, then use her ID to locate her boss in the building so that my extraction team can make him an offer he can't refuse." and doing it entirely separately from any kind of virtual anything? What is to stop a team in suitable uniforms with fraudulent work orders from putting the DS on a pallet jack and rolling it out of the building to be ripped apart at their leisure? Hacking the Matrix is all well and good, full of vitamins and minerals, and makes your external genitalia all turgid, but what list of things is totally, utterly, ludicrously impossible without it? And more importantly, why? As a GM, I would want to know so that when my team wants to slip a manager a mickey and abscond with his pocket secretary, I can judge the plausible outcome.

Other topics to cover:

Can I upgrade a pocket secretary to be a deck? If not, why not? Can I have multiple layers of routing so that I can have three cheap Radio Shack decks offering a line of defence before my expensive primary gets toasted?

Also, you've written nothing about typical defensive strategies, such as airgapping, honeypots, security deckers, and I didn't see much in the way of discussion about Agents either.

If you like, I can sketch up some general ideas on security measures, corporate responses and so on.

Koekepan,

Loving the feedback. Anything you're willing to throw my way I'm all ears. I am at work right now, but as I can incorporate changes, I'll rehost the file with updated versions.

To your specific points, yeah, I need a lot more development on what you've pointed out. That's one reason I'm here as I am not a programmer, so there's a lot I haven't thought of. I'm trying to walk a fine line between touching on / justifying / making realistic the flavor while also keeping the new rules extremely streamlined.

I really really like the idea I've cobbled together of 1) run program versus IC 2) IC resists versus relevant attribute 3) result. None of this whole execution run tests junk from SR2.

I'll make mods / incorporate all the feed back soon.

Thanks!

Yes. Functionally, I don't think this will really come up in a game, but I put it in as a "you must be this tall to ride." I think it flavors the game a bit, and makes a decker who gets into a system with a high rating feel accomplished. Also, I subtract pool dice because I have not modified how the pool is calculated and 2nd edition deckers can easily get 15+ pool dice. This was originally so high because they were running both execution and run tests. With only a run test now, I needed to dilute the pool a tad. Also, I think it's a neat little mechanic that represents the decker getting distracted by the heavier security.



Yeah, I'm still playing with. I think if it gets a single hit on you, then you're engaged. But, that might be a bit late. Maybe I'll come up with a special test for the "hook" when it's activated. I can see players just jacking out as soon as they spot it, but then again, if they run, they won't get the paydata, so maybe just having a successful attack be the line is what should happen.



Nice. Added.



Agreed. I'll tackle that later. I want to percolate on it a bit.



Pretty much how I see it. As long as you have the appropriate MPCP add-in, it's like swapping out some fried ram with the same make/model. I'll make a note somewhere.



Hadn't thought of that. Probably given that canon shadowrun talks about decker's defending other deckers. I think it'd be like a harmless spell, yes you could try to resist the group mage giving you invis, but you allow it to happen because it's helpful. Yes, you could stop him from interfacing with you and helping relocate, but why would you?

I'd imagine that relocating IC for another decker would be like that Animatrix episode where they're all distracting the AI and reprogramming it running around an Escher-esque setting while laughing and confusing it.



Yeah, I had avoided touching on this until the end, but I'll need to address what can and cannot be done without a deck soon. Consider this pending.



As I said in my last post, I'm very appreciative of any additional thoughts that you, or anyone else, may have.

The corporate admin wants to know:

Is there an intruder?

Who is the intruder?

Where is the intruder?

The corporate admin wants to:

Shut out the intruder.

Hurt the intruder.

Protect the data.

The key elements of doing any of the above revolve around identifying intruders and acting upon that knowledge. This is what IDS (Intrusion Detection Systems) are for.

A lot of this is your run-of-the-mill white IC. See an anomaly, scream. Alert, shutdown, done.

However, the honeypot is a different approach. Here's an example:

I'm a consultant for P-MITA Inc., a corporation that enhances socio-stakeholder outcomes by providing productive diversions for incarcerated re-education students. They manufacture NERPS for us. A lot of their misguided future P-MITA workers who are as yet unincarcerated would love to break into our controlling systems and generally wreak anarchic havoc, because that's the kind of sociopathic scum that they are until we have re-educated them.

I propose that we set up a few CPUs that look exciting. We can call them things like "NERPS production control" and "IncarcEmploRoster" and so on - but they actually do nothing, except just some fake busywork, and a hell of a lot of constant reporting. If anybody connects to them, we know that they do not belong, and all their connections, network-wide, can be safely and immediately dropped.

Or attacked.

You know, whatever seems like a good idea on that particular Thursday.

Another element of operational security:

People, we need some layers in here. Some data just can not leave. Our outer layer is connected to the Matrix. It's guest connection stuff, PR materials and marketing. It's on, it's live, and defended but we absolutely do not put anything valuable on there.

Next layer, day-to-day operational data that we really would prefer not get out, but won't break us if it does. Sales figures, timecards, front line employee contact information. It's online, but it's patrolled and monitored.

Next layer is stuff that must really not get out. It is not on the public Matrix, it's only accessible by specific personnel at specific terminals, and it only runs certain applications. Corporate R&D labs, management HR information and so on. Key, black site stuff.

The final layer is stuff too sensitive for that. Mechanical typewriters, locked buildings and shotguns.

Any questions?

Latest version up: SR2 Decking Rules & Fluff Rebuild 4.20.17 Version

Made lots of tweaks as suggest by users.

Added "Decking defined" section on page 27 to discuss what decking is when the rules refer to it. Adds a bit of logic to when and why you'd need to "deck" versus slip a USB drive into the secretary's unguarded desktop. The key difference is that decking is generally the go to choice when you need to move FAST against a COMPLEX system.

Added "system defense administrators" section to page 11.

Added timestamps to shadowtalk.

Added tweaks addressed in replies to Koekepan from myself.

TO DO:

Tweak actual rules from page 13 down
Tweak item & program costs to fit gameplay starting wealth / average wealth earned per run
tweak deck active memory starting figures & maximums.

Good stuff so far.

I would add two items as major considerations.

The first is agents.

By your approach, decks and decking aren't magical; they're just extremely fast interfaces for complex probes and cracks. There's no reason that you can't have an expert system do the same, more or less like AI baddies in a computer game. It will just have limited ratings and won't do much of anything that it isn't told to do, in broad terms. Is this the perfect way to crack your way into a system? No. But it's low risk (aside from the costs of failure and discovery) and it allows for running multiple agents at a time. In a sense, this allows a single decker to either stand off, and let the computer do the work (which can also be valuable during legwork) or to mix it up and direct the agents more intelligently during a Matrix run.

The second issue is what can be done without a cyber interface. You currently handwave it in terms of being possible, but slow. I could very easily see a decker saying: "Frag this drek, if we're breaking in, let's just take their drek with us instead of hanging around while I try to get cute with their black IC." At that point the question is how much they can do with weeks, rather than seconds. And if they're using a keyboard and mouse to do it, who cares? Even if the black IC fries a keyboard, they laugh and replace it.

Another issue that really deserves some attention is the differentiation between decking, rigging, and how the two overlap.

To your first point, I've been breaking decks down as rationally as possible, but I've been thinking about it all evening and I still really REALLY want decks to have an X-Factor.

That's why I talk about decks and living minds in the early shadow talk, but I've been steering away. I'll think about it tonight some more, but I still want some kind of mystique where some things just can't be done without a deck. At least not done the same way. There's supposed to be a sort of simple elegance about decking versus working out the problem in a lab on a whiteboard.

There are two approaches to that.

The first is the one you've been taking: seconds, instead of days. Deckers go in fast and hard and rely on instinct to rape systems that would have taken old-school hacking weeks to plan and execute. When seconds count, that's a powerful argument. It's why I shoot varmints instead of waiting for a trap to get them, eventually.

The second is the idea that it is not, contrary to decades of industry work, all ones and zeroes all the way down, and there's something special about the way that computers work now that is somehow more amenable to brain-driven reshaping than before. (Pro tip: "quantum" stuff does not supply this.)

What do brains do, in this context?

Rapid pattern analysis and application of heuristics. (Lots of other stuff, but nothing as quickly.) Specifically, during ingestion, a lot of pattern analysis happens. Unfortunately, this is actually nothing that couldn't be done with either a petri dish of suitably trained rat neurons, or a suitably configured dedicated chip.

So, absent Mira-Tek computing, the question has to be why the frenzied speed of a fighting cock on meth is crucial. The answer has to be a dynamic response landscape, i.e. a learning IDS. Whatever you're doing, as unsubtly as you're doing it, will undeniably be picked up by the IDS and it will respond to cut you off unless you can adapt faster than a grifter at a cocktail party. Could you tell agents to do everything you're doing, faster and better? Yes - but you can't adapt your agents as quickly as you can adapt yourself. Could you gingerly survey the landscape for weeks and achieve all the same goals? Yes - but not before zero hour plus five minutes.

The answer to "what is special about decking" is then that decking is a fast, nasty, loud, dangerous way of achieving what any sane individual would do in weeks, because you don't have weeks.

So why does this matter to shadowrunners?

If you have a target that can be pre-cracked, such as a set of security cameras surveilling your target installation, that are somehow accessible ahead of time, it doesn't matter. Go ahead, take weeks, you won't be doing your run until those cameras are cracked like an egg anyway. However, if you have a target that you can only reach for thirty seconds before you need to run out or die? Decking is pretty much the only game in town. These are the most dangerous, and consequently the most valuable targets.

Result: decking is one technique in the arsenal of the competent electronic penetration specialist, and not the one reached for just because he wants free pizza this week.

The bad news is that this means you need non-decking rules as well, for developing and using cracks. However, it also means that your decker isn't automatically hideously crippled just because a deck got a bullet through it.

Another thing that might make decking, or at least VR/AR useful, is that it may be a decent way of handling tacnets. The decker who is managing fifty different moving icons can't focus on where to put his damn feet all the time, so he might as well be slumped behind a filing cabinet while the firefight rages. This is the same argument that applies, more or less, to rigging.

I hope you find these lines of thought productive.

Edited to add: I forgot to mention, this explanation also makes a lot of sense for the original Echo Mirage crew. They didn't have time to figure out what the worm was up to, so they needed to move fast. The worm was self-modifying, so faster operations were beneficial to them. They went in, fast and loud, and they won, with a high casualty count. Could they have waited around, analysed the realm of possible conformations of the worm code, and broken that? Sure, but they'd have been left with the smoking rubble of the networks around them.

Yes, I have been pushing the first part pretty much as my X-factor, but I think there may be more meat to play with. Especially if we consider the existing lore. For the record, I am not a huge fan of the Otaku and especially not Technomancers, but they are still a part of the universe. I think having some kind of X-factor where the gestalt of a living brain + cyberdeck is greater than the sum of its parts is pretty cool. You can see some of my shadowtalk where I mention the resonance and such simply as part of the "there's always more out there/a bigger fish" type of thinking. I think it's healthy to have to kind of mystery hanging.

That said, I do agree that in theory genengineered neurons should be able to do the same thing. For now, I would say that the theory does not align with the practice. Science is missing something. Is it the biology of metahuman cells? The mind? The magical conjunction of the physical and astral bodies? In fact, this is a HUGE part of my current campaign. I think that Earthdawn, Eclipse phase, and Shadowrun all kind of hint that, yeah, you could maybe, kind of, possibly, one day, somewhat sort out the mysteries of the universe and totally master the astral and physical realms with The Culture level technomagic.

Until that particular facet is sorted, the X-factor is still at play and no one quite knows what it is. In my campaign, I have Darke, who was corrupted by the horror Artificer, running "Project Synthesis" which is drawing on Halberstam to work out the physical and electronic aspects of this while the McCarthy Danaan family of Tir nA nOg is providing Cybermancy expertise and the blood mage gestalt is providing major magic mojo to force it all together with the goal being a sentient biological/electronic hybrid AI that can cast spells and manipulate mana.

Not unlike the Theran pillars to keep the mana level high. Except they want to use the astral bio-computer AI to open the mana floodgates and bring the horrors over faster.



I agree completely. In my campaign I am shifting the decker to the electronic warfare specialist role, and I will eventually be issuing my players another supplement revising riggers and pointing out the difference between the two. To me, deckers can do 95% of all rigging jobs just a well. A dedicated rigger uses the VCR in the brainstem to control a vehicle on an intimately personal level. This gives speed and instinctual control with physical machines just as a deck gives instintual advantage with higher level thought processes. A dedicated rigger is really only needed when you're flying ultra-high performance machines doing Air Combat Manuvering or rolling a multi-axel combat vehicle over severe terrain at 100 MPH and you need the ability to individually control the torque on every single wheel, etc.




This is more or less how I see it, but when I have an AI in my games, (without commenting on whether or not the crash virus was a true AI) I always say that incredibly specialized hardware is required to host the consciousness. To me, that's what Echo Mirage targeted. The virus was controlling a lot, but there were only so many pieces of hardware in the world that could host such a complex system, so that's how they knew where to strike. In my games, an AI can't "escape into the matrix" unless it has a prepared destination capable of supporting it.

Q: Do you know anything about hackers? Can you dance with the console cowboys in cyberspace?

A: What?

https://www.youtube.com/watch?v=BNtcWpY4YLY

Latest version up: SR2 Decking Rules & Fluff Rebuild

I'm running into a bit of a time crunch, so I'm mostly satisfied with the fluff (obviously tweaks and additions will occur), but I need to start drilling down on the rules system.

At its heart, the system is very similar to melee combat.

1) Attacker rolls program + hacking pool dice versus IC rating
2) IC rolls rating + additional node dice (similar to hacking pool) versus relevant deck attribute (sensors when resisting analyze, Computer skill when resisting an attack, versus Masking if resisting a sleaze, etc., etc.)
3) Compare successes. Winner with 1 or more successes takes all.

There are three big questions I have regarding these rules:

1. Are the probabilities balanced?
2. Is this straight forward and easy to understand?
3. Is it fun? More fun, at least than the previous rules.

Here’s an example of how this works. The decker has 4 main attributes. When he runs a program against a hostile system, he rolls his program + pool dice versus a target number equal to the system’s rating. So if the Intrusion Countermeasure (IC) rating is 6, his TN is 6.

Then his successes are set aside and the IC resists rolling its rating + system rating (think NPC dice pool) versus a target number equal to the attribute of the appropriate type. If he is running a sensor program, the NPC rolls versus the decker’s sensor attribute to resist. Masking program versus masking attribute. Etc.

Bob the decker has sensors 6 and Analyze Program 6. He has 9 pool dice that will be allocated (special rule allows for 9 dice to be added to 6 skill see sensors attribute in packet).

He rolls 15 dice versus a TN of 6. His probabilities of success for 1-6 successes (7+ irrelevant and too low to list)
# of success / % of achieving

1 93.51%
2 74.04%
3 46.78%
4 23.15%
5 8.98%
6 2.74%


The AI then rolls 9 dice (6 IC rating + 3 for system rating)

1 80.65%
2 45.73%
3 17.83%
4 4.80%
5 0.90%
6 0.11%

They compare successes. Net successes determines the winner. As you can clearly see, Bob has the advantage. But, HOW MUCH of an advantage? There’s a ~50% chance he gets at least 3 successes and only a 17% chance that the AI matches that.

To make it easier, let’s look at one success. 9/10 times Bob gets one whereas the AI only gets one 8/10 times. The question is, quantifiably, how much of an advantage is there? It's been 10 years since I've had statistics and finite math, so I'm sure there's something I'm forgetting to consider, but as far as I can tell, Bob gets 1 success 9/10 times versus the NPC's 8/10. This means that he's packing a 9 to 8 ratio or a 12.5% advantage to get one success.

Granted, most of the design balancing will be done when I make the system, but these look pretty evenly matched. Obviously, if I drop the AI’s rating to a 5 the odds go WAY down. SO again, the balancing is done mostly when creating opposition NPCs, but still this seems workable. I just need to find the right balance. Obviously, I can’t throw tons of evenly matched NPCs against the decker or they’ll die, but I can’t make it too easy either. I think this system actually allows for the razor’s edge balancing, but I’m not sure.

If the NPC is rolling versus Bob’s Sensor attribute of 6, and he’s rolling against a rating 5 IC, he’s going to kick the shit out of it.

Bob's 15 Dice\Success chance
1 99.77%
2 98.06%
3 92.06%
4 79.08%
5 59.59%
6 38.16%

I've been using http://www.pvv.ntnu.no/~bcd/SR/dicerollcalc.html to calculate my probabilities, but I need a more robust tool where I can enter the target numbers and # of dice in play for each party and then compare the two matrices to be able to rate opposition against each other.

At this point your easy option is to build a little spreadsheet, and see at each given success level for either party, what the aggregate chance for higher success is from the other party.

Sure, you could impress a stats professor someplace by working out the relationship, but you want answers, not a gold star.

Hmm, the link seems to be down...



That's an interesting idea, because it harkens back to the original invention of decking...In Neuromancer at least the most secure ICE is maintained by weak AIs. Problem is, what about system which are not giant corporate mainframes with enough spare CPU cycles to run a machine learning counter-intrusion system?

Pet peeve: it doesn't harken back. "Harken" isn't a word.

"Hearken" is a word, and it means to listen. (Think of the german "hoerchen".)

"Hark" is a word, and it means to call. You're harking back to an old idea, or hearkening to the ideas of old.

Anyway, aside from that, your smaller corps would be able to have weaker (i.e. lower rated) defences. What that actually means in terms of size, depth and so on, and the likely costs of maintenance is something that Xasten should consider, but there's no reason to ignore it as a possibility.

Alternatively, you hardly need a decker at all, and their defences are likely to be of other sorts. Such as shutting down hard and fast, and recovering from known good data.

The way I see it is that low to mid level IC is reasonably affordable. The cutting edge stuff that will really slow your decker down or kill him is where it gets expensive. SOTA and all that comes into play.

As much as I'd love to keep filling my little book up, I'm getting near my publication deadline, but I think it's really looking great from all the discussion here, so I really appreciate everyone's continuing efforts and discussion.

Latest Version: SR2 Decking Rules & Fluff Rebuild

I really like how this thing has turned out, one thing that needs some clarification though is why the powers that be allow this state of affairs to stand... the answer that a secure system is unusable is not good enough. Granted, if all you're doing is researching some novel amino-acids you might not want the hassle of fool-proof security, but what if you worked on something truly black? We need some sensible answers. Here's my 5c:

"Why are all systems riddled with vulnerabilities? Last I heard the concept of secure programming was already a thing in the '10s and there was even a programming language where all operations where inherently secure." - Naive n00b

"It was... and it was also unlike anything else on the market, meaning you'd have to rewrite your code-base from zero. The mathematical proof wasn't solid either, all they had was the potential to be exploit free, while all other always Turing-complete languages were mathematically proven to be inherently exploitable. Given how anal lawyers get even over how many 9-es you put on your service level agreement it was no wonder the idea never took off." - Old Hand

"Pfhht... academics and script kiddies. Listen to someone fighting in the trenches. Money. With corps it is always and ever all about money. For the suits software was never more than just another product. So what if it's riddled with bugs? That's the best kinda product! One that you can charge service fees forever with nice ever more expensive sub-licenses for different levels of delivery and extra fees on top for bulldrek spec compliance checks.

I tried to sneak in some lang-sec code once... Never more. It was the only time I got called in to the so called OFFICE with big capital letters. Turns out unintentional bugs that seem to sneak into the code when no one is looking are fine and dandy as long as they earn the corp money." - Corp-programmer

"Couldn't you just write this lang-sec code when you're working on something important?" - Naive n00b

"Not unless you're willing to start from zero. Literally nada. However even that won't save you. Even if you had the nuyen and elbow grease on hand to rewrite your compilers and all your assorted code from scratch you'd still need to inter-operate with all the other code out there... and no before you get cute, you can't just box stuff in lang-sec code and call it a day. A communications protocol is already a computing model of sorts and most of the drek out there is inherently insecure." - Old hand

Of course, this also depends on how likely it is that some poor slot will get a Predator retirement package. If getting cracked is a death sentence, they will do one of a few things:

a) change jobs

b) do everything in their power to secure it all, even if they have to rewrite all the things. Crazy? The alternative is death.

c) keep anything that matters the hell away from computers.

In today's age, this doesn't happen too much. Big companies get pwned all the time and it barely blips on the news cycle. Once in a while some dude somewhere gets fired or sued. Big deal.

This dynamic changes like flipping a switch when a high velocity hindbrain piercing is on the cards. Mortal terror is one hell of a motivation.

Air gaps are your friend. The only truly secure computer is one that is never connected to anything, including a monitor, but that's not particularly useful.

It used to be a word at least, and since I was talking about the figurative stone age using old-fashioned words seemed appropriate


The question was more about individual commlinks/pocket secretaries, which also should have some kind of security.


Anyway, since the writeup mentions P and NP I just remembered something: Otaku can solve NP problems. RA:S page 69, Puck and Scarecrow evaluate Otaku candidates. The test is "Given the following system of Boolean formulas [...] supply the single solution that satisfies all the equations. You have ten seconds", in other words the satisfiability problem.
So when assuming the "mind magic" quantum stuff exists, it might be capable of similar feats at least on a small level.

Maybe he was more about the misspelling as it is properly hearken.