[Sichr]

So the right use is to create the loop with edit in advance and stream it realtime to the signal while the operation is in process - sniffer. I could hardly imagine that edit is able to alter realtime stream...maybe with some delay for changes to apply.

Should this be used to Spoof command instead of Spoof? Because if Im able to alter the signal, Im also able the result of actions depending on that signal?

[Dakka]

This is the future we are talking about.  The Edit program is capable of a great many things, including on the fly editing of intercepted traffic.  To continuously edit the traffic would probably cost you a Complex Action every turn as you remove your team from the feed each Combat Turn.   Of course if you need your actions for other things, inserting a loop acquired beforehand is also possible.

[Sichr]

Yup. It is almost hard to imagine that but it should work that way.

[FastJack]

Spoof is for identification of your avatar on the Node/System in question.

[Sichr]

Well now it sound like, for instance for driving a drone, all I need is to sniff the right frequency, decrypt it and and then send the drone my own Commands, I dont even need to pretend that I m legal source...
Really???

[Ultra Violence]

To answer the original Thread Necromancer's question it is entirely possible for the hacker to do most of his work for a run from a coffee shop 8 miles away.  Or the trunk/rigger pod of the escape vehicle.  Or his apartment which he never leaves.  The reason for this is EVERY wireless device, and they practically permeate every section of the 6th world, acts as a wireless router sending traffic on its way to it's destination.  It is possible to encounter matrix dead zones that don't have enough wireless devices in the area to reach back to the hacker, but that should be pretty uncommon especially in cities.  Every once in a while tho the team falls off the network and the hacker should panic.



Depending on the building, the building itself is unlikely to be a node, but somewhere inside it is a Nexi that has the buildings public access matrix node on it, and it's entirely possible the iconography of said node is shaped to look like the building, or it's lobby.  The Signal strength is such that for the not very technical minded the building may as well be the node, but it does run on hardware inside the building.

What do you mean by "fall of the network"?. Also, what's the point in mutual signal range if you can just network your way to a node via the matrix?

Also would I be right in assuming that one you have hacked into a building nexi you would still need to hack into other devices within that building separately?

[Dakka]

If you are hijacking a legitimate feed then you ARE pretending to be a legal source.   You could possibly input fake commands via Sniffer, but the Drone will still reject commands that aren't from an authorized user.  You have choices in how you get around this, but eventually that drone has to recognize what you want it to do as coming from an authorized source.

[Dakka]

What do you mean by "fall of the network"?. Also, what's the point in mutual signal range if you can just network your way to a node via the matrix?

Also would I be right in assuming that one you have hacked into a building nexi you would still need to hack into other devices within that building separately?

What I meant is there are matrix dead zones.  Not enough wireless devices to form a coherent network.  If your team walks into one of those, or say into an area with Wireless Inhibiting Paint, then the hacker down the street will no longer be able to connect to their nodes.

Unwired has a fair bit about Matrix Topology and sytem design/security.  In general yes, the node that anyone can access from the street is not the one the juicy information is sitting on, but it can lead to it.

[Sichr]

Question is, how the drone will differ me from legitimate source. Command came from encrypted chanel, using the right encryption and electronical signature. All I do is that I change Command "Fly to XYZ" to "Attack target at XYZ"

Or maybe:
"Switch to the comunication protocol that follows "

[Dakka]

Yes, that could work.  But you are "pretending to be a legal source".

[Sichr]

Well, I dont know...
Zup, I am pretending to be the rigger in comand. But, Is there any way to defend against this? You know, it works both ways. If I want to protect my drones against such Hijacking, what should I do. I was thinking abou databomb or IC in encryption of the signal,. But all I found in the rules were IC or databomb attached to node or icon...

[Xzylvador]

In FastJacks early and very clear example, he's capturing the user ID with the Sniffer and Trace...
I always figured that to sniff and trace, there'd need to be an authorised user communicating with the node at that moment.
Like, it's only possible to sniff + trace at the moment the person living there (authorised ID) is sending the "it's me, everything's safe" signal to the node. That's the signal you capture and can later re-use to spoof the alarm into thinking you're the authorised ID.

But from the example, I'm guessing that's wrong of me?

[Dakka]

You counter with very high Matrix Perception.  System 6 Analyze 6 should be on ALL your devices, no excuses.  The threshold to spot someone snooping your traffic is equal to their hits, so while they may get in, it should take them some time to decrypt your traffic.  If you see them you proceed to Nuke them for all they are worth.  Remember, to use the Sniffer route an Icon must be present in either the drone node or the rigger node (or some node through which all the traffic passes), so someone already has to hack in before they start inserting commands.  Given that, if you are facing down an armed combat drone hacking yourself an Admin account is probably faster than decrypting the rigger's signal and inserting fake commands. 

[Ultra Violence]

Would every node have a public access level.

I only ask because it says that you need to either be in mutual signal range or be subscribed to the node before you can attempt a hack.

So if a node had no public subscription access level (therefore you can't subscribe without a valid access ID) and the lowest access level was User, then you would be left needing to be in mutual signal range to hack.

Does that make sense and is it right or am I getting confused?

[Sichr]

Now I got it.
So if you are using Capture wireles traffic (EW+sniffer) you are able to listen, and potentialy track the source etc. In this case, nobody is able to find out that you tapped the signal.
But oyu are not able to intercept or alter anyhowe the trafic.
So my previous examples with edit didnt work, you shpuld also have the right ID from tracing and then you may use it to spoof a command. As I understand it...