Help - Search - Members - Calendar
Full Version: Wired networks in a wireless world
Dumpshock Forums > Discussion > Shadowrun
Pages: 1, 2
booklord
So let's see if I got this right.

The matrix crashes.

A new wireless one is constructed in its place.

The otaku increase in number and evolve into Technomancers and show the ability to access this matrix through some sort of matrix telepathy.

Is it just me or would this cause a major rush by the corporations to go back to wired networks for their facilties? For security reasons?

Likewise for cyberware ( if rumors that technomancers can effect it as well are true ) Obviously corporations would take a strong look at giving their forces old-style cyberware that wasn't subject to any technomancer manipulation.
blakkie
QUOTE (booklord)
So let's see if I got this right.

The matrix crashes.

A new wireless one is constructed in its place.

The otaku increase in number and evolve into Technomancers and show the ability to access this matrix through some sort of matrix telepathy.

Is it just me or would this cause a major rush by the corporations to go back to wired networks for their facilties? For security reasons?

Likewise for cyberware ( if rumors that technomancers can effect it as well are true ) Obviously corporations would take a strong look at giving their forces old-style cyberware that wasn't subject to any technomancer manipulation.

There are long, detailed threads about this from a long time back. At least 2 months. My search-fu isn't strong enough to find them though.
mfb
i don't think it'd cause any larger rush than the prevalence of hackers in general. that said, any corp infosec officer who doesn't make his high-end research lab a wired system, or at least a wireless system contained by Faraday cage, is an idiot.

and, really, in 2070, a wired system isn't necessarily going to be much more secure than a wireless system, unless you monitor the wired system very closely. all that has to happen is for some researcher to plug in his mp3 keychain player into your ultra-secure wired system, and all of the sudden, your ultra-secure wired system has grown a wireless access point.
booklord
Faraday cage?

In any event its basic security. Any security sub-system would only be accessible for secure jackpoints. Any secure research system would obviously have several security safeguards to prevent someone from making it accessible to the matrix.

For ultra-secure locations, I'd expect that a corp would not only use an isolated wired network, but would have jammers in place to prevent anyone from accessing the wireless network while inside the facility.
Kagetenshi
Faraday cages block EMR.

~J
Backgammon
If I recall correctly my electricity course, all you need to do to build a Farraday cage is to "box" in the area with metal poles. The EMR shoots out, but makes a "force field" between the poles.

In any case, it's very very easy to do. Your computer case, for example, is a Farraday cage. You may google for more details.
hahnsoo
The SR4 solution is simpler... Wireless-blocking Paint. Yeah, Lead Paint. Great.
mfb
feed it to your kids!
Wireknight
It's not lead paint, and it's real, a paint containing aluminum and copper sold by an outfit called Force Field Wireless. However, it dulls (rather than stopping cold) radio frequencies, and does so for all of them, not just those that specifically carry data. I'm not familiar enough with metallurgy or optics to understand how hard it would be, with future advancements in material engineering, to create materials that inhibit only certain data-carrying wavelengths. Without that feature, it's more of a drawback than it is a boon.
hahnsoo
QUOTE (mfb)
feed it to your kids!

That would explain why these technomancers are living antennae, what with the high metal content. smile.gif Okay, maybe not. But it's a better explanation than the one FanPro is giving.
Wireknight
Heh, as a fly on the wall for the technomancer discussion, the higher-ups essentially declared it to be so, and then told the writers to figure out why and how.
Smed
QUOTE (hahnsoo @ Aug 21 2005, 04:27 PM)
The SR4 solution is simpler... Wireless-blocking Paint. Yeah, Lead Paint. Great.

Actually conductive Paint is not that much of a stretch. It does not take much thickness at all to block high frequency radio waves. Once you get past the skin depth for a given frequency, you've got a decent shield. There are already coatings on the market that can be applied for this very purpose. They are used today to make EMI shields in some consumer electronic products.
Nyxll
It is actually more efficient to wrap the outside of your house in tin foil, (note not aluminum) than to use any of these paints. Remember to use copper screens on your windows. The width of the holes must be less than the wavelength you are trying to block. I am actually looking at ways to make my house into a faraday cage.

The problem with wireless is that what can be encoded can be decoded. You are vulnerable to man in the middle attacks. This will not improve in the future. As encryption gets more sophisticated so does decryption. It only takes listening to 5 or so million packets to figure out your encryption key with wep. Wireless transmissions will never be secure as long someone can eavesdrop. If you have a point to point beam, where no one can listen in ... then it could be secure, but if someone else can listen to your signal, you are going to get hacked, or duped.

A wired system IS going to be more secure, as you need to gain physical access to the network. Wireless waves do not just stop midair. With a wired system you can also trace data packets to find out where someone accessed. Much easier than trying to locate someone around a broadcast node.


QUOTE
Heh, as a fly on the wall for the technomancer discussion, the higher-ups essentially declared it to be so, and then told the writers to figure out why and how.


Someone should have brained the higher ups. just because someone got a wireless laptop and router at home doesn't mean it will make your game cooler. Whoever thought this up and implemented it should have a Panther Assault Cannon enima.

Edited:
[sarc]Oh, and of course infrastructure, we know that wireless nodes repeating across the continent is infinitely faster than the fibre optics, which transmit at the speed of light and suffer no distortion[/sarc]


Kagetenshi
QUOTE (Nyxll)
As encryption gets more sophisticated so does decryption.

This is not remotely true. Encryption by its very nature advances faster than decryption, provided that the people designing encryption aren't idiotic.

~J
Nyxll
QUOTE
This is not remotely true. Encryption by its very nature advances faster than decryption, provided that the people designing encryption aren't idiotic.


It absolutely is true. Look at all the vulnerabilities and exploits out there. I am sure that most of this stuff is hacked in labs way before the public finds out. Wireless sniffers and hacks were out within weeks of new technology. The tech takes years to develop, and the exploits, decryption and hacks take weeks possibly months.

The two a linked like ying and yang

Please tell me if encryption is so secure, who come wireless is not yet? it has been out for years. Man in the middle attacks are a vulnerability. Even VPN tunnels are vulnerable.
Kagetenshi
Wireless encryption breaks my "provided the people designing encryption aren't idiotic" requirement.

Take GPG. Introduced in '99, one minor weakness discovered since then. Or we could go with something that's already been broken, like SHA-1 hashing (I know it's redundant, but someone might not know what it is): published in 1995, broken February of this year. Even then, it isn't trivial—they reduced the number of operations required to find a collision from 2^80 to 2^69.

Edit: this has apparently been reduced to 2^63 within the past week.

As for why wireless is still vulnerable, I honestly don't know this one but my guess is that security is sacrificed for inexpensive hardware and ease-of-use. Man-in-the-middle attacks of the information-falsifying variety are solvable with public-key cryptography and encryption strong enough to defy cryptanalysis.

~J
Nyxll
QUOTE
Wireless encryption breaks my "provided the people designing encryption aren't idiotic" requirement.

Take GPG. Introduced in '99, one minor weakness discovered since then. Or we could go with something that's already been broken, like SHA-1 hashing (I know it's redundant, but someone might not know what it is): published in 1995, broken February of this year. Even then, it isn't trivial—they reduced the number of operations required to find a collision from 2^80 to 2^69.

Edit: this has apparently been reduced to 2^63 within the past week.

As for why they're still vulnerable, I honestly don't know this one but my guess is that security is sacrificed for inexpensive hardware and ease-of-use.


You have to remember that not the entire transmission is encoded this securely. Only the key is transmitted that securely. The bulk of the communication is done with a lower level of encryption. I took a VPN course for our firewall, ( a week of paid time off basically) ... there are 2 levels of encryption used. the more secure is used to decide how to communicate, then the lower is used for the bulk of communication. It takes a great deal of resources to encrypt and decrypt data.

This makes me ask, if there is a new paradigm shift or encryption method how does an otaku adapt, or is this part of the fading?
Kagetenshi
QUOTE
You have to remember that not the entire transmission is encoded this securely. Only the key is transmitted that securely. The bulk of the communication is done with a lower level of encryption. I took a VPN course for our firewall, ( a week of paid time off basically) ... there are 2 levels of encryption used. the more secure is used to decide how to communicate, then the lower is used for the bulk of communication.

And this is why VPNs are weak. There's nothing requiring the lower level of encryption to be used, people just don't want to deal with the consequences of full high encryption (as above, ease-of-use and required hardware).
QUOTE
It takes a great deal of resources to encrypt and decrypt data.

Absolutely. This is a part of the price that is to be paid. The computational price of encryption/decryption with the key is decreasing today, though, while the computational price of cracking encryption is skyrocketing. Nothing short of quantum cryptography will change that (or, for each individual method, cryptographic weaknesses being found).

~J
Ellery
I'm pretty sure you can do good encryption with computational costs that scale somewhere between (key length) and (key length)^2; decryption for an authorized user takes a similar amount of time. However, to break good encryption by brute force, the costs scale as 2^(key length).

With even a moderately fast computer, it doesn't make sense to use keys less than 512 bits in length. The SHA-1 style attack might reduce the search space from 2^512 to 2^400 or something--still something that would require the computational power of the universe to crack by trial and error.
nezumi
QUOTE (Nyxll)
It is actually more efficient to wrap the outside of your house in tin foil, (note not aluminum)

Silly question, why not aluminum? Would Al still at least work for weaker devices like the whatsit chips stores put on products to keep them from being stolen?
Nyxll
Tinfoil is much more effective at blocking EMR than aluminum. Aluminum tends to get penetrated too easily. If I could pull off the brick and had 15K around I would also consider galvanized steel.
booklord
How about just plain jamming the wireless signal?

Runners are detected in a secure facility. The security office decides their system has been compromised and hits a switch which sends a jamming signal throughout the complex. Suddenly all wireless matrix activity becomes so much static and access to the system is only accessible to those who can physically jack in.

Any reason that wouldn't work in SR4?

( Let's assume that the facility holds the data from MCT testing their latest pharmacudical by using black op teams to spike the city water of Portland, Tir Tairngire. In other words something that would warrant ultra-extreme security measures )
Kagetenshi
Jamming prevents your own communications as well. It's a good emergency response, but not something you're going to want to use for prevention.

~J
hobgoblin
that kind of thinking is similar to wondering why hosts dont have a physical kill switch on their connection. to much attacks and you just pull the plug on the outside connection...
booklord
QUOTE
that kind of thinking is similar to wondering why hosts dont have a physical kill switch on their connection. to much attacks and you just pull the plug on the outside connection...


Well if the kill switch is computer controlled then the decker simply has to disable the kill switch. I seem to recall reading in one SR3 book te only way you could be sure was to have a living person stationed at the plug.

But even then, widespread jamming may not be necessary. Wouldn't it be possible to selectively jam the frequencies of the wireless network?
Kagetenshi
QUOTE (hobgoblin)
that kind of thinking is similar to wondering why hosts dont have a physical kill switch on their connection. to much attacks and you just pull the plug on the outside connection...

The reason is because in 99% of instances the damage incurred by that killswitch being triggered is an order of magnitude greater than the damage incurred by a decker getting away.
QUOTE
But even then, widespread jamming may not be necessary.  Wouldn't it be possible to selectively jam the frequencies of the wireless network?

Certainly, but you lose some of the benefits—for example, unless you're completely certain that the information has not been compromised yet, you risk it being transmitted to someone in position to make an escape.

~J
hahnsoo
Nodes can initiate a "Terminate Connection" or a complete Shutdown when an alert occurs.
Nyxll
QUOTE (booklord)
QUOTE
that kind of thinking is similar to wondering why hosts dont have a physical kill switch on their connection. to much attacks and you just pull the plug on the outside connection...


Well if the kill switch is computer controlled then the decker simply has to disable the kill switch. I seem to recall reading in one SR3 book te only way you could be sure was to have a living person stationed at the plug.

But even then, widespread jamming may not be necessary. Wouldn't it be possible to selectively jam the frequencies of the wireless network?

If you know you are going to be flooded or you are compromised you can always have a device that severs the connection. You hide the node in some obscure sub system. You could also put a filter on the host's firewall blocking that 1 route/id or all outside traffic. Ideally you would not do so, a company like Ares or MTC will have thousands of people connected remotely, it would mean severing them as well. It is possible, but not practical. Instead of just IC you would also have other deckers in there, which is something that was not really reflected in previous editions. Mind you, having someone continually doing security audits would be tedious, since there are programs and sk's that will be combing the system.

Re Jamming there are a few different methods. You can do a raw all signal jam that would try and cancel all signals for that frequency. I think that trying to jam a specific signal in the midst of an open spectrum would be like trying to change the direction of a river by squirting a water pistol into it.
hobgoblin
QUOTE (hahnsoo)
Nodes can initiate a "Terminate Connection" or a complete Shutdown when an alert occurs.

yes but its overrideable by the attacker right?
this makes it at best a software disconnect.

im talking about physicaly pulling the plug...

and the damage depends on the level of traffic that the host gets.
still, if its a high outside traffic host then yes, pulling the plug would be bad.
but if you had a vanishing san solution going it was a bit strange that there wasnt a routine of having the resident decker pull the physical plug after the scheduled connection was indicated as disconnected nyahnyah.gif
Kagetenshi
The damage depends on a lot of things.
  • Who needs access to the box and how badly they need it
  • What's running on the box
  • How cleanly everything on the box recovers from a power failure—some things can get nastily corrupted when they're abruptly stopped mid-stream
  • How long the box takes to start up again, and how much additional power draw is experienced during this process
  • How many legitimate users are going to suffer dump shock as a result

~J
hahnsoo
QUOTE
yes but its overrideable by the attacker right?
this makes it at best a software disconnect.
It's an opposed Firewall + System test against the hacker's Exploit + Hacking skill. If the hacker used a passcode instead of Exploit, then the Exploit program does not apply. System Reset is an Extended System + Response test (10, 1 Combat Turn) and can't be stopped.
hobgoblin
QUOTE (Kagetenshi @ Aug 22 2005, 06:13 PM)
The damage depends on a lot of things.

  • Who needs access to the box and how badly they need it

  • What's running on the box

  • How cleanly everything on the box recovers from a power failure—some things can get nastily corrupted when they're abruptly stopped mid-stream

  • How long the box takes to start up again, and how much additional power draw is experienced during this process

  • How many legitimate users are going to suffer dump shock as a result
~J

i didnt say a systemwide killswitch, only one on the connection between the matrix and the host. ie, eqivalent of pulling the ethernet cable...

so only point 1 and 5 realy apply. that is unless for some reason they have not yet reinvented resume ability on file transfers nyahnyah.gif
Kagetenshi
Then change points 3 and 4 to deal with loss of network connection, reducing severity as appropriate. Point still remains.

~J
hobgoblin
QUOTE (Kagetenshi)
Then change points 3 and 4 to deal with loss of network connection, reducing severity as appropriate. Point still remains.

~J

yes it will allways be a harsh response but sometimes its a needed response no matter the costs.

given stuff like CI i would not do so against most script kiddies and so on, but when someone in the area of fastjack or similar then nothing else may be effective...

this followed by a full backup of all data files and a complete reinstall of all software to make sure that whoever visited didnt leave a backdoor or root kit nyahnyah.gif
Kagetenshi
If it's against someone like FastJack and you get that much warning, they screwed up.

~J
BitBasher
You think too complicated, it doesnt have to be a software kill switch, but a physical one. a simple unlinked non matrix accessed copper wire with a current so when the current dies a solenoid stops working and the wireless connection physically unplugs. That's just an example of lowest common demoninator security that's a whole lot better than what's offered. Same as in SR 3 when an intrusion is detected just physically knock the server off the net. KISS.

in SR4 fastjack MAY roll 2 or so more dice that everyone else. Elite hackers are no longer so.
Kagetenshi
It isn't (always) better for all the reasons I list above. Knocking servers off the 'net is a big thing to do.

The fact that it's a physical kill switch makes the actual connection-cutting easier, but makes the side effects worse.

Your point that elite deckers aren't anymore, sadly, stands.

~J
BitBasher
Oh, I'm aware of the ramifications. I work in IT myself, but given the choices under the circumstances with which we're dealing I would definitely lop off my wireless net connectivity in exchange for hobbling an intrusion. heck, in this instance you don't even have to kick a server off the net as long as you have a physical connection to the net. Kick off the wireless users and allow it a few seconds to do a graceful shutdown of errant connections, or instead simply suspend them.

Either way it gives a simple option better than "let wireless hackers give me the proverbial salami". biggrin.gif
Kagetenshi
There's also the issue that in general it should be assumed that an intrusion isn't identified in the course of normal decking. Active Alert is the earliest point I'd consider intrusion to be confirmed.

~J
BitBasher
QUOTE (Kagetenshi)
There's also the issue that in general it should be assumed that an intrusion isn't identified in the course of normal decking. Active Alert is the earliest point I'd consider intrusion to be confirmed.

~J

I was also thinking in cases where my sec team is shooting at someone. I wasn't thinking about silent intrusions, this doesn't really apply in that case. smile.gif
Nerbert
QUOTE (Kagetenshi @ Aug 22 2005, 12:09 PM)
Your point that elite deckers aren't anymore, sadly, stands.

I don't understand why people are sad about the apparent lack of "l33tness" in SR4 characters. (This statement is off topic and no one needs to respond to it.)
Kagetenshi
Ah, I see. Yes, I could see that happening in those cases, especially if a wireless network is present.

Nerbert: you don't understand why we're sad that legends in their own time are now marginally better than everyone else?

~J
blakkie
QUOTE (Kagetenshi @ Aug 22 2005, 11:28 AM)
Nerbert: you don't understand why we're sad that legends in their own time are now marginally better than everyone else?

Yes, it's sad when the hero gets grit on his chrome pedestal, leading to him appearing mortal.
booklord
QUOTE
in SR4 fastjack MAY roll 2 or so more dice that everyone else. Elite hackers are no longer so.


Exceptional skill quality (hacking) (7)
plus
Exceptional attribute quality (edge) (7)
plus
Logic 6

would still make FastJack someone who could toast most matrix systems.

( 20 exploding dice on a single matrix test. If I'm not mistaken. Seven times between each refresh )
Nerbert
QUOTE (Kagetenshi @ Aug 22 2005, 12:28 PM)
Nerbert: you don't understand why we're sad that legends in their own time are now marginally better than everyone else?

More to the point, I don't see why "legends in their own time" ever existed at all (I don't mean that they shouldn't exist, just that they shouldn't necessarily be any more then marginally better then everyone else.). In the real world people like FastJack and Cpt. Chaos are legendary precisely because of the nature of Legends. Someone did something somehow and the details get lost in the bragadoccio. Check out the Firefly episode Jaynetown for the kind of thing I'm talking about. (Heh, check it out anyway, it might be one of the best pieces of television ever written.) Quick summary, a man steals a lot of money from a work crew boss, he's flying overhead with the money, his ship is damaged and he has to push the money over the side in order to make good his escape, the money falls on the enslaved workers and afterward they revere the man as a hero even though he was really just a thief who would have kept the money for himself.
blakkie
QUOTE (booklord @ Aug 22 2005, 11:40 AM)
QUOTE
in SR4 fastjack MAY roll 2 or so more dice that everyone else. Elite hackers are no longer so.


Exceptional skill quality (hacking) (7)
plus
Exceptional attribute quality (edge) (7)

would make FastJack someone who could toast most matrix systems.

I think it would be Exceptional Attribute (Logic) for Logic (7), likely the appropriate attribute though maybe there are others, plus Lucky to give him Edge ( 8 ) if he is human. For some reason i always thought of Fastjack as human, but now that i think about it more i'm not sure there is any direct canon evidence of his metahuman status.

EDIT: Given past min-maxing rules i suppose he would be a blind albino elf or something. wink.gif
BitBasher
QUOTE (booklord)
QUOTE
in SR4 fastjack MAY roll 2 or so more dice that everyone else. Elite hackers are no longer so.


Exceptional skill quality (hacking) (7)
plus
Exceptional attribute quality (edge) (7)
plus
Logic 6

would still make FastJack someone who could toast most matrix systems.

( 20 exploding dice on a single matrix test. If I'm not mistaken. Seven times between each refresh )

Yep, and that's what, two dice better (if that) than a starting jackass can get for just penciling it in on a character sheet.

In the real world there are people out there that are more than a tad more competent that Joe jackass, but in SR4 the degree of competency of Wayne World Class over Normal Joe is shockingly Jack Squat.

It's just annoying for a starting character to be able to say "Hey, if anyone can beat me in melee it will only be dumb luck, im literally and provably the best in the world."
nezumi
*sigh* Stupid boss made my post late. I'll put it up anyway.

Keep in mind, security is based on three things: Confidentiality, Integrity and Availability. A hostile decker may threaten all three, but shutting down certainly threatens the lattermost. In many cases, it will not be preferable, especially when you can throw IC at it, shut down particular parts, or keep the decker busy for a few more seconds until your own deckers get in to deal with him.

In any cases where availability is the most important aspect of the system's security, shutdowns will be far more unusual compared to other methods. Of course, if the question is confidentiality or integrity above all (such as a research server), shut down may be pretty close to top of the list.
Rolemodel
QUOTE (BitBasher)
Yep, and that's what, two dice better (if that) than a starting jackass can get for just penciling it in on a character sheet.

...And years of acquiring resources, contacts, equipment, etc.

Which, apparently, can add up.

It almost sours my stomach to use a 3rd edition D&D example, but you'll note that a +5 l337-Longsword-Of-Floofy-Elfishness is alot better than your run of the mill Shortsword.

Especially if you know some people that can enchant it with Floofy-Elf slaying.

SR4 equivalent? Whiz Deck-erm-Hacking gear, plenty of pull inside the shadows, a dominatingly powerful reputation, and years of knowledge acquiring the, as they say, tricks of the trade.
counterveil
QUOTE (nezumi)
Keep in mind, security is based on three things:  Confidentiality, Integrity and Availability.  A hostile decker may threaten all three, but shutting down certainly threatens the lattermost.  In many cases, it will not be preferable, especially when you can throw IC at it, shut down particular parts, or keep the decker busy for a few more seconds until your own deckers get in to deal with him.

In any cases where availability is the most important aspect of the system's security, shutdowns will be far more unusual compared to other methods.  Of course, if the question is confidentiality or integrity above all (such as a research server), shut down may be pretty close to top of the list.

Very very good point. Ideally, for each host (or host type, or groups of host types, etc.) there will be a policy. This policy will be well-known to anyone on the level1 reaction (NOC) staff. Even better, the policy will be applied by automated systems that are able to make responses based on heuristics or logic-chains. Of course...those automated systems often screw up royally and kill one part of the CIA model (usually the A nyahnyah.gif).

Incident Handling is a very very touchy subject and in doing any research into the topic you will find various means of dealing with this. Some orgs choose the 83-page document that covers every possible means of reaction to intrusion, others will go with a general reaction process document around the size of 15 pages. It's all dependent on what fits your organization best, and how you choose to deal with an incident. Some will contact the authorities, others will not, etc.

As a security professional these days you will find yourself part techie, part project manager, part legal professional, and part researcher. I don't imagine it will be much different in the SR timeline.

Back to topic - wireless networks...as far as general access to corporate/gov networks I'm sure wireless is totally ubiquitous. However, at a secure facility it would practically be suicide to make any secure host (i.e. server, NAS or SAN) directly available on this wireless network. I'd imagine they would all be wired, behind so many firewalls, semi-intelligent intrusion detection and/or prevention devices, that access to them would be pretty difficult without the necessary permissions.

As much as anyone says Defense in Depth (or the "castle theory", or "layered security", or whatever you want to call it) is dead, it will always be applicable just as it has been since the first wooden stakes were put up around sheep.

Generally accessible servers (i.e. web servers running over ubiquitious and compromisable ports) will always be in a lower-security segregated subnet (and maybe even accessible wirelessly), while the servers with the real jewels will be wired, in a secure physical location and - one would hope - with the best host-based security money can buy.

Oh, ok all that in an ideal situation. Given budgetary considerations I'm sure that only a few, select installations are like this. And the Safeway on XXX and XXX streets is not one of them wink.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012