[Lethe]

A1 Hacking on the fly pg 235. do hacking + exploit target firewall extended test. to create a security account is firewall +3 admin is firewall +6. The target responds with analyze + firewall target your stealth rating. If it detects you an alert is triggered see pg 238 alerts.
A2 Probing is an test as above with interval changed but target only gets one chance to detect you.(pg 235)
(basically you find a flaw in the security of the system see pg 97 unwired, hacked accounts for what you would get this is what you get.)
Now if you have an account it is easer to hack your way in, but for A1 and A2 you only need to detect the target and it to accept input.

In order to hack a node, you must either be within mutual Signal range of the target node’s device or have an open subscription with the node through the Matrix.

Those two actions you mentioned are actually the only actions that require subscription or mutual signal range, because those are the only ones described under "hacking". You've been completely wrong there.

Public < User, so if Public also granted subscription rights this would not make any sense.

Exactly.

Otherwise hacking across the globe would be impossible

No, for that see:

You got it all right already. But there are a few more options:

• Having admin access to your teammates commlink should qualify for being in mutual range, if his commlink is in mutual range.
• With public access you still can trace subscriptions from that node you want to hack, hack that user and steal his account.
• If you traced an user with at least security rights, you can use his access id to spoof/create yourself an account.
• You can also intercept an subscription with sniffer and insert fake traffic to create yourself an account.

The most common option would be, without the need of finding a subscription for a security account:

• Trace any subscribed user back to get his access id.
• Spoof the node with his id to change his password.
• Change your access id.
• Login yourself as that user with new access id and password.
• Hack the node with that subscription to create yourself an admin account.
• Logout and login on the new admin account.

[Sichr]

...
The most common option would be, without the need of finding a subscription for a security account:

• Trace any subscribed user back to get his access id.
• Spoof the node with his id to change his password.
• Change your access id.
• Login yourself as that user with new access id and password.
• Hack the node with that subscription to create yourself an admin account.
• Logout and login on the new admin account.

That might work. Nice. Thanx

[Blue_Lion]

A1 Hacking on the fly pg 235. do hacking + exploit target firewall extended test. to create a security account is firewall +3 admin is firewall +6. The target responds with analyze + firewall target your stealth rating. If it detects you an alert is triggered see pg 238 alerts.
A2 Probing is an test as above with interval changed but target only gets one chance to detect you.(pg 235)
(basically you find a flaw in the security of the system see pg 97 unwired, hacked accounts for what you would get this is what you get.)
Now if you have an account it is easer to hack your way in, but for A1 and A2 you only need to detect the target and it to accept input.

In order to hack a node, you must either be within mutual Signal range of the target node’s device or have an open subscription with the node through the Matrix.

Those two actions you mentioned are actually the only actions that require subscription or mutual signal range, because those are the only ones described under "hacking". You've been completely wrong there.

Actualy those two actions are used to get access, you can also read the story of the two hackers in the book that is how they got into the drone. They start without access you are punching your way in threw the fire wall. You are using exploit to find a whole in the secerty to get  in when you are not suppose to. Read game set match on page 112. They use exploit to get access to the drone without having an account.
Also if you read the proxy serevers they are used to hack threw matrix conections with a -1 respaunse.

[Blue_Lion]

...
The most common option would be, without the need of finding a subscription for a security account:

• Trace any subscribed user back to get his access id.
• Spoof the node with his id to change his password.
• Change your access id.
• Login yourself as that user with new access id and password.
• Hack the node with that subscription to create yourself an admin account.
• Logout and login on the new admin account.

That might work. Nice. Thanx

No spoofing is sending false commands not gaining an account. Gaining an account is done with exploit.

[Blue_Lion]

Hack on the fly Eploit pg 230
"You can attempt to creat an account for yourself on another node. This is a hacking+ exploit extended test. When you reach the threshould, you gain and account on the target node. This process is described in more detail on page 235.

Spoof comand (spoof) pg 232.
You send a command to a device  or agent pretending it is from anuthorized source. You must have an access ID from withch the target accepts comands.

pg 235 Hacking
The easeiest way to get access to a node is to have permission. This does not  have to be your permission; you can get passcodes, passkeys, or other authorization form legitimate usesers of the node. This can be done by social engineerin, intimidation, theft, or any other means at your disposal. Most ofthe time the , a haker is at a loss for a cirtified way into a node, and must resort to hacking.

The goal of hacking into a node is to creatt your own account on target node. in order th hack a node you must either be within mutual Signal range of the target node or have a open subscription with the node through the matrix.


So the rules say that hacking and hacking on the fly are used when you don't have legitimet access and you only need to be able to conect to it threw the matrix or mutural signal. You dont need legitemate access ID to hack/exploit into a node.

Spoofing is for false commands and payments.

[Lethe]

So the rules say that hacking and hacking on the fly are used when you don't have legitimet access and you only need to be able to conect to it threw the matrix or mutural signal. You dont need legitemate access ID to hack/exploit into a node.

Spoofing is for false commands and payments.

First, you really have to learn to edit your posts. All over the board i see double and triple posts of you.

Second, the rules only state that you have to hack yourself an account. Spoofing is just a program, but also uses the hacking skill! - for a reason. Only because the book give examples of how to do it with exploit, doesn't mean its not possible with other actions.
Be imaginative, commands are really any commands that a spoofed account can legally do, and yes it might also include the creation of new accounts with a spoofed security account.

[Nasst-767]

Thanks everyone, it made it all very clear. =)

The stay-at-home hacker seems to be viable if he acts from his teammates' comlinks (with admin accounts).

I wonder...

If I have admin access to a comlink with a simrig subscribed to it. May I hear, see, and feel what the simrig user is hearing seeing and feeling? May I "project" thoughts into his mind? (I'm not thinking brainwashing, I'm thinking mental comunication). If so, that would be really useful for a stay-in-home hacker.

EDIT:

Oops, seems like you can't spoof a node =(.

Can I change a node’s system settings (accounts, subscription lists, etc.) by using Spoof?

No. Nodes cannot be spoofed. Peripheral devices have nodes (usually slaved to a master node in the network), but the Spoof Command action bypasses the node to communicate directly with the device. The Intercept Traffic (p.230, SR4A) action may be used to insert false traffic into a node.

Intercept traffic has heavy limitations, so long distance hacking just became a LOT more difficult.

[Tsuzua]

The problem is more that spoofing can only apply to targets with a pilot rating or a peripheral device (SR4A 236).  You can also spoof slaved devices (such as a slaved commlink) if you have the master's access ID (UW 55).  So if you're trying to hack an independent nexus, the spoof won't work.

[Blue_Lion]

The problem is more that spoofing can only apply to targets with a pilot rating or a peripheral device (SR4A 236).  You can also spoof slaved devices (such as a slaved commlink) if you have the master's access ID (UW 55).  So if you're trying to hack an independent nexus, the spoof won't work.

Yea that whould be exploit as long as you can subscribe or conect to it from the matrix. Not shurew why people think you need a stolen account to hack.

And the repeated messages I do is because usaly i respand to one message at a time.

[Nasst-767]

Yea that whould be exploit as long as you can subscribe or conect to it from the matrix. Not shurew why people think you need a stolen account to hack.

Because it says so in the rules? That have been invoked (and quoted) multiple times in the thread?

Well, it's either that or mutual signal range but the thread is about long distance hacking, so no mutual signal range.

And the repeated messages I do is because usaly i respand to one message at a time.

Well... Use the edit option.

[_Pax_]

And the repeated messages I do is because usaly i respand to one message at a time.

Ao so I - by cut-and-pasting each response into Notepad, until I've gathered them all together in one long post (with 5 or 6 carriage-returns between distinct replies).  Then I put up that "one, long post" all at once.

[Blue_Lion]

And the repeated messages I do is because usaly i respand to one message at a time.

Ao so I - by cut-and-pasting each response into Notepad, until I've gathered them all together in one long post (with 5 or 6 carriage-returns between distinct replies).  Then I put up that "one, long post" all at once.

We just have difrent ways of doing things. I focus on one at a time makes it easer for me to keep track of.

[Sichr]

Well, it's either that or mutual signal range but the thread is about long distance hacking, so no mutual signal range.

Exactly. For long distance hack you would need stolen account on the target, or you need a subscription on the node that is in mutual signal range with your desired target.

One thing to reconsider:
It is quite easy to Trace user for some "public" or low-sec nodes, and after getting his AcessID, it is just quick hardware operation to change your own commlink to the same AcessID. Question os, how this would be recognized by meshwork
This for sure is not enought to use his access, since you also need a password, but it offers some nice oportunities for social engineering, since on public nodes, where only AcessID is required to gain acess, you can tace back any activity that is linked to his/your AccessID

And one more thought on the long distance hacks...
For most operation you will still need team on site, to ged rid of physical countermeasures or to bridge your signal to areas wther wifi is cut off or otherwise inhibited. But, this makes some nice runs i remember from my table...get in to get acess for unknown hacker and hope he is trustworthy enought that he wont trigger the alarm or send guards on your tail to cover his traces...

[Blue_Lion]

Well, it's either that or mutual signal range but the thread is about long distance hacking, so no mutual signal range.

Exactly. For long distance hack you would need stolen account on the target, or you need a subscription on the node that is in mutual signal range with your desired target.

One thing to reconsider:
It is quite easy to Trace user for some "public" or low-sec nodes, and after getting his AcessID, it is just quick hardware operation to change your own commlink to the same AcessID. Question os, how this would be recognized by meshwork
This for sure is not enought to use his access, since you also need a password, but it offers some nice oportunities for social engineering, since on public nodes, where only AcessID is required to gain acess, you can tace back any activity that is linked to his/your AccessID

And one more thought on the long distance hacks...
For most operation you will still need team on site, to ged rid of physical countermeasures or to bridge your signal to areas wther wifi is cut off or otherwise inhibited. But, this makes some nice runs i remember from my table...get in to get acess for unknown hacker and hope he is trustworthy enought that he wont trigger the alarm or send guards on your tail to cover his traces...

No subscription was used for conection over the matrix not logging in/accounts they are two difrnet things. The wording is probaly just throwing people off. The whole part where it talks about hacking clearly says you do not have an account stolen or other wise. If you had his account you whould not need to hack in, bucause normaly you only need the access for 1 run.

pg 224 main book talks about it as a conection, basicaly at this point you get public access just general info about the node. No authentication. (aperntly all nodes have this level) You whould most likely only get the nodes Adress ID, and the abilty to fill out forms for access and maybe the name of it from a secure node. That whould make public access the log in screen on a E-mail site, server.

Physical counter measures have nothing to do with the matrix they are for physical threats, the hacker only needs a ground team to get the data if something is stand alone or local access only. Witch most labs and research centers whould be.

[Sichr]

No subscription was used for conection over the matrix not logging in/accounts they are two difrnet things. The wording is probaly just throwing people off. The whole part where it talks about hacking clearly says you do not have an account stolen or other wise. If you had his account you whould not need to hack in, bucause normaly you only need the access for 1 run.

Not that I understand your post as a whole, but just that part that is relevant for me:

If you have user account, you can hack yourself an admin account.

Now. Lets get over theory, give me example how would you hack the node if you are in Seattle and the node is in Cairo. Consider it R3 device, with all attributes, software and hardware = 3

pg 224 main book talks about it as a conection, basicaly at this point you get public access just general info about the node. No authentication. (aperntly all nodes have this level) You whould most likely only get the nodes Adress ID, and the abilty to fill out forms for access and maybe the name of it from a secure node. That whould make public access the log in screen on a E-mail site, server.

again...IDN exactly what you are talking about, but I can assure you, that any of my hacker/rigger characters dont have anything like public account or public acess rights on his commlink/ drones. And I dont expect any high profile target...i.e. corporate nexus, would have one.

Physical counter measures have nothing to do with the matrix they are for physical threats, the hacker only needs a ground team to get the data if something is stand alone or local access only. Witch most labs and research centers whould be.

Now this is exactly the reason why wifi inhibiting materials were invented...to stop physical threats.
Nope.
It only takes a few hundreds of litres of WiFi inhibiting paint and whole facility is effectively cut of from outside world, and the only way how to get in is to get in physicaly, or have i.e. Satelite uplink linked by long optical line to drone that is inside the facility and works as a retrans station (or physical tap...like Micro tapper bug). More on this topic pls. read in Unwired, p. 55 (Networks), p. 129 (intro on Techniomancers), and SRA, p. 264: WiFi Negation