okay. SR4 says it's going to streamline things, especially Matrix things. let's talk about what it should be, especially from a rules perspective. i've listed my requirements in no particular order below. note that while i've put a lot of thought into these concepts, i've put very little into their execution. this is primarily a list of what needs to change, and only secondarily a list of ways to change it.

Tests
a single roll against a TN with little variance should resolve most actions. a wide array of ridiculously high TNs, which are modified by a ridiculously large number of reductors, is completely ridiculous. personally, i think all decker-hackers should use Channels, a la otaku. at least, the mechanic should be similar: a small number of multi-purpose, very expensive programs.

i also think that the ACIFS should be reduced by at least one. get ride of Slaves completely: this is the realm of rigger-hackers. replace all Slave operations with rigger-hacker actions. i think Index and Files could possibly combined; Access and Control can certainly be combined. jesus, you use Access for one thing: Logon to X! it does not deserve its own stat. either that, or expand Access to include all forms of electronic warfare and cryptography in general (since cracking crypto is basically all Access is anyway). want to listen in on your enemies' comms? Access test. want to gank control of a rigger-hacker's drone network? Access test. you get the idea. a name change would be appropriate: Crypto gets my vote.

even better, give hosts one TN, which is then reduced by a decker's programs. for instance, you could have a rating 10 host. if you're performing an Access action--oops, Crypto action!--and your Crypto program (or whatever) is 5, then your TN is 5.

Hackability
everything on a computer should be hackable, and every computer with a network connection should be hackable. i want to play a Comp Sci major who hacks girls' pocsecs for their numbers, goddammit. i want to be able to gank control of the IC that's attacking me, and send it after the security deckers that just popped in. i want to be able to hack another icon and pervert his actions. this includes cyberdecks, or whatever replaces them: the connection is two-way. i want to hack cyberdecks. i want to be able to hack a computer so completely that i can change the ACIFS ratings, reset my security tally, and delete IC--and i want everything in that last sentence to be hard as hell.

Definitions
i want simple, non-detailed definitions for computer-related statistics. basically, i want to know if ACIFS are hardware, software, or firmware. i want to know how much Mp a Red host has. i want to know how many users an Orange-6 host can handle, and i want to know what happens when you overload it with connections.

Crafting
related to the above, i want to be able to build hosts. i want to be able to pay more for a host that's pocket-sized, or nanowoven into my clothes. i want a server in my goddamn sunglasses.

Similarity
everything needs to use the same damn rules. none of this 100Mp wristtop computer / MPCP-8 cyberdeck / Orange-6/10/12/11/10/11 host crap--everything that can be hacked (see Hackability, above) should use the same stats as everything else that can be hacked.

Security
the entire concept of security sheaves should be reworked. it's interesting, but in the end, it's both limiting. the sheaf system means that computers can't proactively respond to intruders (unless the computer operator can afford IC Constructs, and it's a very reactionary proactivity even then). moreover, the reactivity of computers to intruders is incredibly limited. there's no way to respond intelligently to specific methods of attack.

i think that every host should have a security controller. a single piece of IC (larger/more important systems might have more, but one would be the norm) that handles all security for that host. as hackers gain attention, this controller would spawn countermeasures as required. it should be possible, though difficult, to simply take the controller down in combat, neutralizing all security for as long as it takes the host to rebuild the controller (several minutes for low-end hosts, several rounds for high-end). to keep things simple and streamlined, the mechanics controllers use for spawning countermeasures should be similar to summoning nature spirits.

Countermeasures
countermeasures should do more--and less--than just attack things. after all, hackers appear as glitches in the system. in the real world, it's very rare for guards of any stripe to be given shoot-on-suspicion orders, where anything that moves at all (wind, animals, wandering children) gets an automatic three-round burst. yet that's exactly how IC reacts to everything, in SR.

instead, the first response by the security controller (see above) should be to spawn a countermeasure that raises the TN for the specific action that the controller detected, or which allow the controller to gain more information about any further attempts (a la probe or scout IC).

SIMPLICITY
jesus christ, hacking should be simpler. none of this crap with 500,000 programs that take up 15613.54Mp which you then have to find the square root of in order to discover how much time it takes to get to hell with that. operations should be action-based: write up a definition of what an Index action is, or a File action, or an Access/Crypto action. we don't need four seperate Logon to X actions. we don't need umpteen billion Locate X actions that all use the same goddamn program, subsystem rating, and skill anyway.

I disagree with just about everything you say.

~J

I suspect Kagetenshi is truly embracing this whole April Fool's thing?

I agree with most things you're saying here, and I completely agree with the basic concept of making things simpler and more uniform. Maybe then I'd finally bother to actually learn the respective rules.

No, I quite honestly disagree with almost the entirety of what was posted above. I think it varies from a bad idea to downright ridiculous.

~J

You honestly think it's a good idea for the hacking rules to be multiform, fragmented, and as complex as possible?

"As complex as possible"? It's painfully obvious that as you say you haven't bothered to actually learn the rules, as they really aren't that bad. They might get up to the complexity of Ranged Combat.

Regardless, I'd agree that a lot of the duplicate operations need to be combined into one. The only reason why Logon to RTG and Logon to Host would be different tests is because there's an edge that can affect one but not the other, but that edge isn't necessary. There's a lot else that could be done to improve and streamline the rules. However, the issue with the current rules is primarily lack of organization and ease of reference rather than any complexity inherent to them. Just because I think one direction of change is absurd doesn't mean that I'm against all change.

~J

The Decking section in SR3 is longer than the Ranged Combat section, and is just as fully packed with rules which you need to know to run decking properly. Unlike in ranged combat, in SR3 decking you've got 27 actions, nearly all of which come up regularly, the facts and usage of all which you need to know by heart or you'll be going to be referencing the book a lot. You constantly use 19 different utilities for these 27 actions, and again you need to know by heart how these function or your book is going to wear out fast.

AFAIK, the Matrix books make it yet a lot more complex than that, on par with the rigging rules post-R3. And those were a pain in the ass, even after I dedicated a whole week of all-nighters to trying to understand it and apply it into actual vehicle design and combat.

And even if decking in SR3 were as simple as ranged combat (which I disagree with), that'd be too complex. Decking is, in many/most games, something which doesn't happen often and only concerns one player at a time. For it to be integrated easily into the rest of the run, the rules for it need to be simple.

Keep in mind that the length of the Decking section is largely due to the descriptions of utilities and operations. That being said, while I don't know what they're doing the fact that they're eliminating cyberdecks and moving a decent chunk of Matrix access wireless suggests that it may not be unreasonable to expect every non-technophobe character to have their hand in the decking pot. More importantly, though, all of those twenty-seven actions are very simple: one number minus another number, both static, and then two rolls (which can occur simultaneously, as the host doesn't need to allocate pool). Until things like traces and stolen passcodes come into play, that's pretty much it.

The potentially complicated part is program size. I'm considering playtesting a bit to see if eliminating program size as a factor is unbalancing; either way, that'd be one area that could potentially be tightened up somehow.

Incidentally, thanks for keeping it civil. I was needlessly harsh above, which I apologize for; it's been a long couple of weeks.

~J

No worries. I think I'm too tired right now to get decently pissed off right now.

I am willing to admit that the basics of the system may not be too complicated for me to comprehend, but that the way the whole thing is layed out in SR3, combined with the limited use I have for the rules, just puts me off and makes trying to learn the rules difficult. Having hacking be more prevalent in SR4 than decking is in SR3 should help, as should the over-all streamlining that is (hopefully) happening.

On another note, the physical combat rules are an apt comparison in that those can do with a lot of revision as well, and a significant part of that has to do with having similar rules for all related actions -- e.g. using the same attack resolution for ranged and melee combat.

pretty much what austere said, kage. you keep saying that ranged combat is of equal or greater complexity than decking, but that still doesn't make it true. i've laid out the comparison before, but i'll do it again here.

ranged combat
-number of base TNs: 4, plus the power of the weapons involved; and except for those, the base TNs don't change at all.
-number of possible actions: ~21
-types of rolls: 3
-modifiers: 32

decking
-number of base TNs: 25, counting ACIFS as 1 TN each; most of the TNs changed every time you change hosts or meet up with a different opponent.
-number of possible actions: 31, using only SR3, not counting program-specific actions such as Medic
-types of rolls: 9, i think, possibly more
-modifiers: 14, most of which must be matched up to specific action types

while decking has fewer modifiers, it's worth pointing out that matching up the modifier to the TN is more complex than it is with ranged combat--that is, in ranged combat, you just pick what modifiers apply and add them up, rather than having to cross-index the modifier to your desired action. decking also has nearly as many base TNs as ranged combat does modifiers. decking has only a few more possible actions, but those actions are severely limited, depending on what programs you've bought. in ranged combat, the question of whether or not you've got the right program loaded (in addition to all the other factors) never comes up, as it does all the time in decking.

decking is not, by any possible definition of the word, easier than ranged combat.

I disagree, but I need to go drive someone to the airport. More this evening.

~J

can we take it to a thread in the regular SR section? two reasons: one, it's an argument that's more about SR3 than SR4; two, no offense, but you're the only guy in the entire world that holds this opinion, and i want this thread to focus on my crazy ideas.

that could work. you could have knowsoft links that cost, say, 0.01 Essence per level; skillwire sets would simply have a Total Rating and Max Rating stats. i don't think it's necessary to get rid of Mp, personally, but it's a viable way to streamline things and i wouldn't be heartbroken to see them go.

But then we wouldn't have any more threads about how many bytes is one pulse.

I think that Making "hacking" like spells/spirits would remove alot of the personality of the game. Having mages and tech-mages that are the same, but for the medium they operate in takes alot away from the game.

Also, will multiple hackers on one host be addressed? Its seems like hacker gangs would make sense, but the rules in SR3 for multiple deckers on one host, well... just don't exist.

oh, they exist. they're just a horrifying, tentacled mass.

Cellphones are hackable. They may require a different protocal or whatever, but they can hack the mobile speed pass and pretty much anything else that operates in a network.

Define "hackable"? The mobile speed pass most certainly does not operate on a network; last I checked, it's simple RFID.

~J

They broke the encryption code. And the speed pass is part of a network, a key to it even - in my abstract opinion.

I guess by hacking, I mean reprogrammable or subvertible.

No, the speed pass doesn't connect to a network. It's not part of a network any more than the key to my house is part of my house. Moreover, it isn't applicable because RFID is designed for the sole purpose of giving information to anything that asks. It's pure cryptography, nothing more.

Unless someone leaves Bluetooth-equivalent on all the time, there should be no interface to the phone by which it will pass out information.

~J

I'm not saying things should be hackable if they aren't accessible.

http://www.wired.com/wired/archive/12.12/p.../phreakers.html

Honestly, I don't really care about the rules at this point. I'm just having to change my underwear thinking about the whole WMI thing.

Walking down a hallway with whatever equipment is required for the wireless hack, forcing doors open with my mind, turning turrets onto security guards with a thought.

It's BETTER than magic.

i'm not talking about brainhacking, or even cyberware hacking. i'm talking about hacking things that, by all logic, ought to be hackable--like cellphones, IC, desktop computers, etcetera.

Icing on the cake, mfb. I'm just looking forward to be able to just target my haXXor reticle on a maglock and bust that thing open without drooling all over myself like I've had a lobotomy.

I'm still wondering what kind of 'ware will be required for a hacker. I still like the idea of having at least some kind of internal signal boosting. Of course, rating 0 flux is something around 250 meters of range, innit?

I love decking, but the idea of doing it without going limp and useless and being able to do it in real-time with other folks? That sounds pretty awesome.

Edit: Plus, it'd help speed up the thing if all on-site hacking didn't have the imagery. You could keep that for normal surfing and searches and non-site, but being able to just look at something and have a mental pull-down menu of tricks would be nice.

Also, I'm wondering if you could just scrunch down hacking into about 10 or so utilities. The five host ratings, and like, five other for rigging, EW, worms, and non-standard stuff. Turn it into cyberware or something with low essence cost, and it stops decking from becoming an afterthought.

Edit Twice: Ruin my fun, why dontcha, K10? *weeps in the corner.

I'm not saying it can't be done, just... don't expect it to be "risk free".

Of course, the problem with a wireless matrix is that wireless hackers are now exposed to... er. Wireless ICE. I dunno if that'd even be possible, but I'd hate to just be snooping around someone's camera phone, looking for porn, and then walking head-first into a giant block of RARRRRRRRGH NONONONONO *spits and foams*

Not that that'd be likely, either, but... it could happen, right?

I'd expect the danger of being a l33t net rigger is still lethal feedback.

I'ma cry if they reintroduce MIJI, anyways. Wonder how wireless rigging will work, though. I imagine they'll just make Captain Chair mode the only one available.

hopefully, MIJI will be introduced as a completely reworked, extremely simplified mechanic.

Because it'd be really hard to do full-on immersion rigging without an RAS override?

MIJI? Not familiar with the term.

And who says (and note I haven't actually seen the new Matrix rules) the SR4 Matrix doesn't allow for that? I recall someone above suggesting parralels with magicians and astral space - this sounds like projection for hackers/deckers.

there's no reason that partial immersion can't be full-x.

I'm not saying that it's not possible. In fact, it's most likely what's going to be done.

My main concern with leaping into drones over a wireless network without an RAS override would be messy, to say the least. With astral space, both 'bodies' you're moving are roughly the same. Using astral perception, you move both bodies in the same way at the same time.

However, to 'rig' your spirit, via astral projection, you have to leave your meat body behind.

I'm just having trouble conceptualizing the idea of moving two separate body sistems at once. Your own, and the drone. I imagine decking will work like an overlay system, like some kind of incredibly geeky smartlink.

Edit: MIJI. Meaconing, Interference, Jamming, and something else. It's an incredibly complicated system of rules for fuxxoring up other people's connections.

i doubt that will be possible. you jump into a drone, you'd best be sitting down--just like astral projection.

or the implant allows you to order your body around just like it was a anthro drone. still, that opens the body for takeover attempts unless the "drone" control turns of the moment you exits the other drone or it only allows commands from inside the implant (alltho that can probably be faked somehow if the opponent is resourcefull ).

thats allways a problem i have had with the RAS. sure the brain looses the input from the body but thats not equal to the body going limp as the RAS chip should be fully able to control the body by inserting the needed signals to keep the body upright.

alright i'm gonna throw my $0.02 in here and say this,

the statement made at the top of the page may have been made in all april fools fun. however, they are in fact completely wrong. when hacking a system you have different protocols the deeper in that you go, there are different more difficult encryptions, and programs can be placed to monitor access to certain files and not have to watch the entire computer itself,

i'm not sure what you mean. can you quote the statement you're referring to, for easier reference?

top of the page, i realize he is stating what he wants the rules to be but unfortunately it doesnt reflect reality, even the combat rules reflect reality

i see where mr warrior is going. his post shows how security is normaly done in a RL network. firewall on top, a dmz area thats somewhat open to the net and the network behind there again, maybe even on a diffrent network protocol so that while the firewall and the dmz talks tcp/ip the network behind uses ipx or something else. and then you may again have higher security systems behind that seperated by yet another protocol change or maybe even physicaly split from the network so that anyone that wants to access it have 2 terminals that they use (either with a kvm switch or by having 2 screens, keyboards and mouse).

hmm, i kinda follow your post mfb. yes, making sure that a tabletop, laptop and a cyberterm behaves the same could help bigtime. still, in matrix the non-cyberterms where defined as tortices(sp?) and where basicly bumped offline with a kill prosess action (often done automaticly when the user managed to trigger a passive alert).

having the host fight back actively by doing a kind of spot check to target the decker and then do diffrent stuff to help lock on to and id the type of threat could allso be interesting.

reducing the number of host stats, maybe. access is just that, the security level on accessing the host. control is how simple it is to gain control over the internals of the host. so suddenly if i have a "script" that allow me easy access to a host i can then take complete control over it? (sounds a bit like win9x to me ). index is a search index for everything on the host, files, users, addressbooks, everything. files control how simple it is to mess around with any files stored on the host, i cant say i see the similarity. slave is how simple it is to gain control over attached hardware. maybe it should be under control, i dont know.

and making the tests more static isnt simple without removing the stuff that makes deckers deckers, the utilitys. and thats like taking the spells away from the spellcasters. just think about all those limited use detection spells. when was the last time someone used that spell that allow the mage to write down a complete inventory of everything within range?

we have 101 diffrent software today. yes you can bundle them all up into one but then you only have 101 diffrent software that share a gui. utilitys are like tools, you dont use a hammer to turn a screw (unless its some swiss army knife kind of hammer, and those are kinda jack-of-all-trades but masters of none. the hammers head have a bad habbit of getting in the way).

and the hackability of most home devices? easy as pie unless someone have invested in data encryption

i'm not saying get rid of programs. i'm saying get rid of programs that are only used for specific actions, such as read/write, deception, validate, etcetera. mages don't need a Cast Spell spell, so why the heck should deckers need a Hack Computer program? "for the sake of realism" is not a viable answer--there is no more realism in the Matrix rules than there are in the magic rules.

programs should make a variety of tasks easier to complete, not just one task each. basically, replace the one-program-per-task paradigm with the paradigm used for spells. spells are effect-based; rather than looking at a situation and then designing a specific spell to aid you in that situation, you have a spell that creates an effect--which you then figure out how to apply to the various situations you find yourself in.

the thing is that there is a lot of limited effect spells out there, designed for one task and one task only. how is that diffrent from the one task utilitys?

that's hardly the norm, though. spells are not, by default, single-task effects. they are general effects, which can be applied to a variety of tasks. that's the difference--by default, progs are single-task effects.