Shadowrun
Shadowrun Play => Rules and such => Topic started by: jtkirk22 on <04-05-20/1240:00>
-
Hi,
1. Hacking devices within hosts:
Gaining access to a host will
allow interaction with the
icons and devices on the inside.
(p. 185)
Does that "interaction" imply that a hacker has automatically have access to that device, if he successfully hacked a host? Or does it require a second bruteforce/backdoor to access the device (e. g. a camera)?
2.) Hacking devices within a PAN:
Generally speaking, in order to get
to a device attached to a PAN, one
must _FIRST_ gain access to that PAN.
(p. 173)
Does "first" mean, that a hacker has to do a "second" hack (bruteforce/backdoor) to grant access to a slaved device within an PAN?
In addition, the German version of the core rulebook says something interesting about device rating that is not part of the original rules. Maybe it will be added later one?
If a device has no attributes, the Data Processing
and Firewall rating of the device is equal to their
device rating (p. 245).
This would mean that most devices would be better-advised NOT to be part of a PAN that is build around a kommlink, if there device rating is higher than the kommlinks data processing/firewall rating. It would only make sense, if hacking a device slaved within a PAN would require two hacks: the kommlink/cyberdeck + device itsself. Otherwise, in most cases, a slaved device woudn't have any benefits in a PAN.
Would be glad about help!
Thanks in advance!
-
1) access is measured by host/PAN, not by device. So yes once you have access to a host, you have that same level of access to everything inside/controlled by that host.
2) no. same answer as 1). Once you have hacked access to the PAN, you have that same access to everything in the PAN. What the "first" means in the quoted rule is a reference to most hacking actions not being possible at "outsider" user access level, so usually you "first" must gain better-than-outsider level access.
3) Can't comment on the German rules. In a house rules context, make of it what you will (although, note that that rule puts commlinks in an awkward position where their D/F stats are far lower than their device ratings...). And yes, as you observed, that rule means you're better off NOT protecting your gear!
In an official context, the german language rules mean nothing to the english language rules. In the english language version, that quote is very much not true. If a device lacks a value for a stat, then that value is 0. (see the Host Hacking Example sidebar on pg 178- the host has no spider so it rolls 0 dice for Willpower/Intuition to defend against hacking.) The benefit of being slaved to a pan is that you can sub the D/F stats of the commlink (and the mental attributes of the commlink's owner) down to the slaved devices in place of their (presumed) 0s.
-
Just a fun note:
P.174 (+ Errata): "The Data Processing attribute is the limit of how many devices you can slave to it."
In other words: RAW, actual functioning PANs/WANs with some kind of protection arenīt really possible with commlinks. 3 of the 6 commlinks have zeroes in their D/F Array, which means that they canīt have Data Processing (and as such, slaves) and an actual Firewall at the same time. Even with the best Commlink in the CRB, you can either slave 1(!) other device in Firewall 3 PAN or a whopping 3 devices to a Firewall 1 PAN.
Hard to tell if that is actually intentional (a deliberate buff to hackers and riggers?) or just yet another argle bargle foofaraw... Are all the "Standard Consumer" PAN really supposed to be just consisting of 3-4 devices at maximum?
And yes, the german version doesnīt make sense either ::)
-
unofficially, I find that the best way to reconcile the device limit is to say that's only the number of devices you can SLAVE. You can PROTECT as many as you want, where you don't flow the D/F stats (which are rather small anyway) down but you still extend the PAN owner's mental attributes.
officially... yes the device limit makes PANs very difficult to use effectively. Although there's no rule against daisychaining commlinks this time around, and since you can clearly have multiple devices contributing to one persona (cyberdeck + cyberjack...) there's no reason to say you can't. So if you have lots of devices you want to protect, just buy lots of commlinks and set up a complicated pyramid scheme to protect them all. Top of the PAN is a 2/1 or 3/1. Naturally you swap D/F for maximum firewall, and the 1 device you can protect is in turn another commlink, running 0 firewall (because the PAN already is getting the 2 or 3 from the top commlink) and maximum DP, which in turn connects to more commlinks. Ultimately you assign a 1/0 commlink to each individual device you want to protect, and it's 2 or more tiers removed from the top commlink in the PAN assigning its firewall to the whole complicated mess.
Or, as I prefer, just ignore the # limit on devices.
-
Ignoring the limit could be a solution. However, Data Processing has almost no value then compared to Firewall...
Hmmm. Maybe a Limit of Device Rating PLUS the current Data Processing Attribute?
-
Ignoring the limit could be a solution. However, Data Processing has almost no value then compared to Firewall...
Hmmm. Maybe a Limit of Device Rating PLUS the current Data Processing Attribute?
If you're performing matrix/rigging actions, there's still a hell of a role for DP. But sure, if you're not a hacker or rigger: if you ignore # of device limits then there is no role for DP. However, I don't find that to be a big deal. YMMV.
Device Rating + DP could work as a house rule. It still results in the need for a stupid daisychain pyramid though, as most runners will have at least half a dozen or so items that give wireless bonuses and warrant protection. But it'd absolutely cut down on the sheer number of commlinks necessary to protect everything.
-
As a street SAM player I would like to make sure I understand this so I don't have some set off any grenades I have or some such.
So If my device, lets say my gun, is not protected by anything. A hacker would just need to have the proper access to it before he could do stuff to the gun.
1) Data Spike: outsider is all that is needed so on turn one the hacker could start trying to put damage on my gun to make it malfunction or brick it. Question though, how many matrix damage boxes does my gun have? I am thinking 8 since it doesn't have a Device rating and so (DR/2)+8 would just be 8. Page 174.
2) If he wanted to control the device to say eject the clip he would need to first have user access. To do so, he would have to use a major action on turn one to gain user access via brute force since probe takes minutes to do. then, if he succeeds he would be able to control device on his second major action. I would be alerted to the intrusion though. For defense against the Brute force what would I use? What is the device rating on a gun? I am thinking it is 0 since one is not listed and also according to page 174 "If the device doesn't possess one or more of the Matrix attributes, then the applicable attribute is treated as if it were 0."
3) Adding the weapon to his PAN does not seem to slow the hacker down or hinder him from doing any of the above since gaining an access level to the PAN gives the hacker access to the devices on the PAN. The only thing I can see that it gives me is access to the device ratings of the commlink to use for protection use which at best is 3/1 compared to the 0's in all of the guns attributes, correct?
4) To any of the above I could run all my electronics in silent mode to increase the number of actions to access my equipment by one minor since the hacker is probably using a Deck, Jack, or has Resonance for the perception test. The hacker would need to spot the target device. This also brings up a question on Matrix perception is it one test to spot any hidden target singular or any hidden targets plural? Reading the first sentence versus the last of the actual action has me wonder which is true. The second Paragraph under matrix perception on page 178 makes me think it is singular.
-
1) Unfortunately, there isn't a reprint of the chart from 5e giving you guidelines on what Device Ratings should be for devices that don't have one explicitly given. However, I don't believe they should be presumed to be 0 in absence of an explicit stat (see the example of drones using a Device Rating equal to their Sensors). of course that doesn't help you if you don't have/didn't play 5e. As a rule of thumb, if it's not a matrix comms device, assume the device rating isn't going to give a Matrix Condition Monitor any higher than 10. Since you round up, MCMs should always be at least 9.
2) If he wanted to Control Device, yes he needs access. However, if what he wants to do is make your gun eject the clip, that's something that can be done via Spoof Command (make the gun think YOU said to eject the clip) and that can be done as an Outsider. Note that this exact same action can be used on your grenade, making it think YOU said to explode inside your pocket.
3) Adding it to your own PAN is not going to slow down a good hacker very much. A crappy hacker, maybe. If you have a great commlink and/or great mental stats. The ideal situation is for your team to have a Matrix specialist (Rigger, Decker, TM) and slave your drek to THAT runner's PAN. But yes, failing having a matrix defender, you'll add the firewall of your commlink plus your relevant mental stat for every device in your PAN when those values are better than what the device has on its own (which should be basically all the time)
4) Running silent won't help you much. Unlike in 5e, Matrix Perception isn't versus one device selected blindly. One Matrix Perception roll is simultaneously checked against every silent device in the hacker's vicinity. Rolling your Willpower + 0 Sleaze dice versus a hacker's Matrix Perception pool is a virtual guaranteed failure.
If you don't have a Rigger or Hacker in the team, you're better off just running wireless-off entirely. Forfeit your wireless bonuses until you CAN get a matrix specialist for your team. Well, that, or take your chances and hope the opposition doesn't try hacking your stuff. See the "Turning it off" rules for wireless on pg. 247. Note that it's a big difference from 5e in that it's 1 device turned wireless off for 1 minor action, rather than *everything* for a free action! And there's an Electronics Skill test involved to boot (so you might wanna get at least 1 in Electronics)
5) You didn't ask, but also take note: Unlike 5e, damage on the Matrix Condition Monitor imposes dice penalties exactly in the same manner as wounds does on a Physical/Stun CM. If your gun suffers 3 matrix damage from a Data Spike, you suffer -1 dice when using that gun. Or that cyberware. Or etc.
-
Well that is unfortunate. Especially if the matrix specialist can only guard only a few devices. (Data Processing) and yes I missed spoof.
I do have access to all editions of the game and have played for quite a while but i was wanting to know how 6th edition deals with a device that doesn't have a listing or attribute and the text seems pretty clear that they have a 0 attribute if it is not listed and without contradictory information at this time I will stick as close to the book as I can and say that they also have a 0 of there DR. This means that a Pan on a trans-avalon would at least give you a better protection over not having a PAN even though it is only a 1 it will at least give a single die to defend against an brute force attack and a least give 4 dice versus Spoof.
I am not sure I agree with your answer to number 4 the text doesn't seem say against all devices simultaneously it specifically says on Page 178 "The other way to use Matrix Perception would be to analyze one particular icon or search for a hidden icon.This is also an Electronics + Intuition test and is opposed by the Willpower + Sleaze of the target." Also under Matrix perception action on Page 182 "A successful test gives you information about the target." both of these strongly point to perception being a singular thing and not something that is all hidden things in your view are found.
The only thing that potentially points otherwise would be the last paragraph of the Matrix perception action on Page 183, "This test can also be used to attempt to spot any icons in the vicinity that are running silent."
This with the previous comments seems to me to mean that you can select any icons as the target of your perception and not the any and all icons are the target of your perception.
Basically if I don't see an icon of the gun I could do a matrix perception looking for the hidden icon for the gun so I can hack it, but not that the GM now has to roll an opposed test for every hidden icon in their immediate area.
-
...
I do have access to all editions of the game and have played for quite a while but i was wanting to know how 6th edition deals with a device that doesn't have a listing or attribute and the text seems pretty clear that they have a 0 attribute if it is not listed...
The short answer is "GM fiat determines the Device Rating". Other than the size of Condition Monitors.. Device Rating doesn't really mean anything anymore. My guess is that's why no space was devoted to legislating Device Ratings for non-comms gear.
I am not sure I agree with your answer to number 4 the text doesn't seem say against all devices simultaneously it specifically says on Page 178 "The other way to use Matrix Perception would be to analyze one particular icon or search for a hidden icon.This is also an Electronics + Intuition test and is opposed by the Willpower + Sleaze of the target." Also under Matrix perception action on Page 182 "A successful test gives you information about the target." both of these strongly point to perception being a singular thing and not something that is all hidden things in your view are found.
Searching for hidden icon(s) is a different test than analyzing a spotted icon. What that is saying is that you don't both analyze for info AND spot on a single roll.
Yes, it'd be less ambiguous if it said "search for any hidden icons in the hacker's vicinity." However, that IS, basically, what it already says on page 183, as you noted already.
This with the previous comments seems to me to mean that you can select any icons as the target of your perception and not the any and all icons are the target of your perception.
Basically if I don't see an icon of the gun I could do a matrix perception looking for the hidden icon for the gun so I can hack it, but not that the GM now has to roll an opposed test for every hidden icon in their immediate area.
Well note that you don't roll per device per se. The writer's intent is if you spot a silent running PAN, you spot the whole PAN. Just roll once and it covers every device in that PAN.
The TL;DR here is there is no such thing as the "dozens of silent running stealth tags defense" versus your silent running stuff being spotted. (not that that defense was sound in 5e anyway, as of Data Trails...) Matrix Perception isn't supposed to frag the hacker over on action economy. One Perception roll spots (or fails to spot) ALL the silent running stuff.
-
The TL;DR here is there is no such thing as the "dozens of silent running stealth tags defense" versus your silent running stuff being spotted. (not that that defense was sound in 5e anyway, as of Data Trails...) Matrix Perception isn't supposed to frag the hacker over on action economy. One Perception roll spots (or fails to spot) ALL the silent running stuff.
Yes I was not trying to gain the random icon rulings from 5th, I was just stating that I think it is a minor action per icon that is hidden that you want to spot. you can say specifically what icon that is whether it be the PAN or a host or the cameras or what not. I just don't think it is every hidden icon in your spotting range, if spotting range is still a thing.
-
The TL;DR here is there is no such thing as the "dozens of silent running stealth tags defense" versus your silent running stuff being spotted. (not that that defense was sound in 5e anyway, as of Data Trails...) Matrix Perception isn't supposed to frag the hacker over on action economy. One Perception roll spots (or fails to spot) ALL the silent running stuff.
Yes I was not trying to gain the random icon rulings from 5th, I was just stating that I think it is a minor action per icon that is hidden that you want to spot. you can say specifically what icon that is whether it be the PAN or a host or the cameras or what not. I just don't think it is every hidden icon in your spotting range, if spotting range is still a thing.
Once a FAQ gets published, I'd hazard a guess that it's going to say "one check for however many hidden icons". Naturally, until then it's pick the opinion you like better.
As for spotting distances... no, there's no firm value like in 5e. It's GM discretion now.
-
ah, I see, thanks SSDR, it is very helpful as always.
-
Just a quick chime in .. SSDR has it right. I obviously didn't get that stuff written as clearly as I wanted and could have used another round of review.
-
Hi
Hello there, again ;-)
1. Hacking devices within hosts
Does that "interaction" imply that a hacker has automatically have access to that device, if he successfully hacked a host?
It mean that before you are allowed to take the Control Device action or the Change Icon action etc you need to gain User access on the network the device is connected to and before you are allowed to take the Reboot Device action or the Format Device action etc you need to gain Admin access on the network the device is connected to.
You only need to gain User or Admin access on the network the device is connected to, once.
You don't take another test in order to gain User or Admin access on individual devices within the network a second time. Once you have User or Admin access you are no longer considered 'outside'. Once you have some level of access on this network you also have the same level of access on all devices connected to this network.
2.) Hacking devices within a PAN:
Does "first" mean, that a hacker has to do a "second" hack (bruteforce/backdoor) to grant access to a slaved device within an PAN?
It means that in order to take actions that require User or Admin access on a device connected to a network you first need to gain User or Admin access, once, on the network.
It does not mean that you need to take a second second Brute Force / Probe+Backdoor Entry test on each individual device.
In addition, the German version of the core rulebook says something interesting about device rating that is not part of the original rules. Maybe it will be added later one?
I was bit surprised when you mentioned this the first time over at reddit. This is how it used to work in the 5th edition, but this got deliberately changed for the 6E (both firewall and data processing values of commlinks have been explicitly lowered compared to 5th edition to reflect that devices normally have a firewall or processing rating of 0 in this edition).
The most likely scenario here is that it seem as if the translator (German Pegasus) took some liberty when translating and, wrongly, reintroduced this rule to 6E while doing the German translation.
This will have the undesired side effects of making commlink defense would become weaker than almost all your other devices and as a result there would be no longer any point of slaving devices to your commlink at all. This goes against Rule as Intended by the author of the English version as well as Rules as Written in the the English version.
Basically if I don't see an icon of the gun I could do a matrix perception looking for the hidden icon for the gun so I can hack it, but not that the GM now has to roll an opposed test for every hidden icon in their immediate area.
In previous edition you had to take a matrix perception test to spot individual devices and if the individual device was running silent then the test was opposed but if not and within 100 meters then spotting was automatic. After that you also had to mark individual devices before you could control them.
In this edition matrix perception is always opposed, but in this edition all icons are also normally immediately obvious and does not require a test to be spotted at all (there is no 100 meter ī'limit' in this edition).
Also, in this edition you either run your entire network silent or you don't. If a network is trying to hide (silent running) then you need to take one opposed matrix perception test to spot the entire silent running network.
In this edition you no longer mark individual devices, in this edition you gain User or Admin access on the entire network (including all individual devices that are part of the network) just once.
-
TBH, I think most of this is all nice and well. I rather have my PC hackers a bit OP instead of that slow-ass high-risk-low-reward dredge from the previous Editions. As long as the opposition offers hacking opportunities and doesnīt have hacker, rigger or host support themselfes, even a hacker can easily and reliably disable weapons, communication with just a few actions and even without the bloated dice pools for high-end hackers. And why not? Other Archetypes can do worse without requiring a "teched-up" opposition.
And for non-hacker PCs: Well, NPC hackers arenīt that common. If youīre too paranoid to use your wireless bonuses, thatīs understandable. But you can risk it. You can still delay potential hackers by going silent. You can still react by turning off the wireless functionalities. And, most importantly, you can always ask your teamīs hacker or rigger for help.
That being said: That slave limit still seems a bit silly when you keep the stats of regular Commlinks in mind. Are "consumer" PANs really supposed to be comprised of only 1-3 additional devices at best? That seems awfully small considering how many everyday objects have wireless functionality. Can I even properly use these without putting them inside my PAN?
Or am I missing something here? Is there supposed to a difference between having a device as a part of the PAN, having the device slaved to the PAN and "protecting them" (with your own mental attributes) or is all of that the same?
-
TBH, I think most of this is all nice and well. I rather have my PC hackers a bit OP instead of that slow-ass high-risk-low-reward dredge from the previous Editions. As long as the opposition offers hacking opportunities and doesnīt have hacker, rigger or host support themselfes, even a hacker can easily and reliably disable weapons, communication with just a few actions and even without the bloated dice pools for high-end hackers. And why not? Other Archetypes can do worse without requiring a "teched-up" opposition.
And for non-hacker PCs: Well, NPC hackers arenīt that common. If youīre too paranoid to use your wireless bonuses, thatīs understandable. But you can risk it. You can still delay potential hackers by going silent. You can still react by turning off the wireless functionalities. And, most importantly, you can always ask your teamīs hacker or rigger for help.
I like the cut of this jib.
That being said: That slave limit still seems a bit silly when you keep the stats of regular Commlinks in mind. Are "consumer" PANs really supposed to be comprised of only 1-3 additional devices at best? That seems awfully small considering how many everyday objects have wireless functionality. Can I even properly use these without putting them inside my PAN?
Or am I missing something here? Is there supposed to a difference between having a device as a part of the PAN, having the device slaved to the PAN and "protecting them" (with your own mental attributes) or is all of that the same?
It's a bit of rules-lawyerly gymnastics on my part to argue that you can "protect" a device without "slaving" it. A completely unofficial opinion, that. But it's a bit of arbitrarily-created middle ground between flatly ignoring the device limit rule, and having to daisy chain lots and lots of commlinks for a single user of modern gear.
-
Yeah, buy 20 Commlinks, slave one thing to each Commlink, toss the Commlinks in a bag, make the NPC Hackers hack 20 different PANs to find your stuff. Wheeee!
Or log into the public library host in Melbourne and leave your Persona parked there.
Or, do the sane thing, ignore the limit of protected devices, let the Decker/Rigger/TM handle the Matrix stuff.
-
My preference is this (and I think I left the rules vague enough to allow it since I couldn't just eliminate device limits which ate down right silly considering that has progressed to the point that hard disk memory is irrelevant why would connectivity be an issue beyond distance and signal lag which is what noise covers)
Device limit is how many devices you can have slaved to you PAN and therefore share a firewall and matrix defense and be fully protected ... but the amount of devices that you can "link" is unlimited.
However this opens up the fuzzy territory of what happens when someone hacks one of my linked but not slaved devices? Well a linked device is vulnerable but even though it it is linked to your PAN hacking it does not get past the PAN firewall because said device is not "inside" that firewall. Swapping devices in out of your PAN between slaved and linked is at most a minor "change device aetting" action. So most devices you carry or own can be easily interacted with but don't really need "protected" most of the time.
Also as a side note regarding the Pegasus ruling regarding device rating and attributes ... using that rule would require adding a commlinks device rating to its D/F pool. I would use dr/2 added as evenly as possible... so a Meta Link becomes 1/1 but the Transys Avalon becomes 6/4.
-
Thanks for your detailed answer!
Just one question:
see the Host Hacking Example sidebar on pg 178- the host has no spider so it rolls 0 dice for Willpower/Intuition to defend against hacking
Probe lists two dice Pools: Willpower + Firewall OR Firewallx2. Does that example mean, that the Firewall attribute of the Host is = 1. And the Host rolls Firewallx2 = 1x2?
-
Thanks for your detailed answer!
You're welcome! As you've seen, your questions ended up spinning off some 2nd order questions that have been of interest to the forum :D So thank you, too!
Just one question:
see the Host Hacking Example sidebar on pg 178- the host has no spider so it rolls 0 dice for Willpower/Intuition to defend against hacking
Probe lists two dice Pools: Willpower + Firewall OR Firewallx2. Does that example mean, that the Firewall attribute of the Host is = 1. And the Host rolls Firewallx2 = 1x2?
It's an implicit assumption that when there's a choice between two dice pools offered, you use the better/larger of the two. In that example on pg. 178, the spider-less host has a firewall of 2. The host can resist probe with 0 Willpower + 2 Firewall, OR 2 Firewall + 2 Firewall. Obviously the 2+2=4 dice pool is what you use rather than the 0+2=2 dice pool. That example doesn't go beyond the probe step, but naturally following a probe you'd want to do a backdoor entry. That does not have an option to pick between resistance dice pools: it MUST be willpower+firewall. In this expanded example, the host must roll 0+2=2 dice because there's no spider to lend the host a willpower stat.
-
My preference is this (and I think I left the rules vague enough to allow it since I couldn't just eliminate device limits which ate down right silly considering that has progressed to the point that hard disk memory is irrelevant why would connectivity be an issue beyond distance and signal lag which is what noise covers)
Device limit is how many devices you can have slaved to you PAN and therefore share a firewall and matrix defense and be fully protected ... but the amount of devices that you can "link" is unlimited.
However this opens up the fuzzy territory of what happens when someone hacks one of my linked but not slaved devices? Well a linked device is vulnerable but even though it it is linked to your PAN hacking it does not get past the PAN firewall because said device is not "inside" that firewall. Swapping devices in out of your PAN between slaved and linked is at most a minor "change device aetting" action. So most devices you carry or own can be easily interacted with but don't really need "protected" most of the time.
Hmmm interesting... So this basically means that it can be a deliberate choice to leave a device unslaved (not unlike 5th Edition, now that I think about it): Apart from the slave limit, access to a slaved device = access to the whole PAN, including the other slaves. Meanwhile, unslaved devices are practically defenseless, but a hacker has to chew through each of them seperately.
Also as a side note regarding the Pegasus ruling regarding device rating and attributes ... using that rule would require adding a commlinks device rating to its D/F pool. I would use dr/2 added as evenly as possible... so a Meta Link becomes 1/1 but the Transys Avalon becomes 6/4.
Huh, thatīs actually a pretty good houserule even without the Pegasus rules change (which, for once, I donīt really donīt like in this case). Iīd limit that to "nuclear" setups with a single commlink, though. I.e., when used in conjunction with a cyberdeck to form a persona, the D/F pool of the Transys Avalon would still be 3/1.
-
My preference is this (and I think I left the rules vague enough to allow it since I couldn't just eliminate device limits which ate down right silly considering that has progressed to the point that hard disk memory is irrelevant why would connectivity be an issue beyond distance and signal lag which is what noise covers)
Device limit is how many devices you can have slaved to you PAN and therefore share a firewall and matrix defense and be fully protected ... but the amount of devices that you can "link" is unlimited.
However this opens up the fuzzy territory of what happens when someone hacks one of my linked but not slaved devices? Well a linked device is vulnerable but even though it it is linked to your PAN hacking it does not get past the PAN firewall because said device is not "inside" that firewall. Swapping devices in out of your PAN between slaved and linked is at most a minor "change device aetting" action. So most devices you carry or own can be easily interacted with but don't really need "protected" most of the time.
Hmmm interesting... So this basically means that it can be a deliberate choice to leave a device unslaved (not unlike 5th Edition, now that I think about it): Apart from the slave limit, access to a slaved device = access to the whole PAN, including the other slaves. Meanwhile, unslaved devices are practically defenseless, but a hacker has to chew through each of them seperately.
Also as a side note regarding the Pegasus ruling regarding device rating and attributes ... using that rule would require adding a commlinks device rating to its D/F pool. I would use dr/2 added as evenly as possible... so a Meta Link becomes 1/1 but the Transys Avalon becomes 6/4.
Huh, thatīs actually a pretty good houserule even without the Pegasus rules change (which, for once, I donīt really donīt like in this case). Iīd limit that to "nuclear" setups with a single commlink, though. I.e., when used in conjunction with a cyberdeck to form a persona, the D/F pool of the Transys Avalon would still be 3/1.
Oh I don't think it would be a major issue, would need played with to see. Even then the Avalon would be somewhere between a rating 2 and 3 cyberjack and still not have access to the edge actions or initiative boost, and can't do VR without additional gear.
-
Hmmm interesting... So this basically means that it can be a deliberate choice to leave a device unslaved (not unlike 5th Edition, now that I think about it): Apart from the slave limit, access to a slaved device = access to the whole PAN, including the other slaves. Meanwhile, unslaved devices are practically defenseless, but a hacker has to chew through each of them seperately.
Hackers would probably want to first gain User or even Admin access on a network that have a lot of devices they plan to interact with (since while they are considered User or Admin they can legally control them without their individual control actions generating overwatch score on their own). This would be resolved via a single Brute force / Probe+Backdoor Entry action followed by individual Control Device actions.
But most of the time they would probably skip the whole User or Admin access for individual devices that are not part of any network. Instead they would probably just impersonate a legit user and send instructions to the device to have it act on (this is an illegal cracking action, but since the device is not part of a network it will probably not have any dice to defend with and thus the action will not generate overwatch score from opposing hits). This would be resolved via unopposed Spoof Command actions.
-
Just one question:
see the Host Hacking Example sidebar on pg 178- the host has no spider so it rolls 0 dice for Willpower/Intuition to defend against hacking
Probe lists two dice Pools: Willpower + Firewall OR Firewallx2. Does that example mean, that the Firewall attribute of the Host is = 1. And the Host rolls Firewallx2 = 1x2?
Mental attributes:
Okay, so you never ever replace a mental stat of a dice pool that is required for a matrix action check with a device stats (e.g. willpower <=> firewall)? The check is made with the stat that is mentioned in the matrix action - whether or not the defending device has mentals attributes. Right?
Hmmm interesting... So this basically means that it can be a deliberate choice to leave a device unslaved (not unlike 5th Edition, now that I think about it): Apart from the slave limit, access to a slaved device = access to the whole PAN, including the other slaves. Meanwhile, unslaved devices are practically defenseless, but a hacker has to chew through each of them seperately.
Hackers would probably want to first gain User or even Admin access on a network that have a lot of devices they plan to interact with (since while they are considered User or Admin they can legally control them without their individual control actions generating overwatch score on their own). This would be resolved via a single Brute force / Probe+Backdoor Entry action followed by individual Control Device actions.
Controlling slaved devices:
I am not 100% sure, but I believe your assumption is wrong. In my understanding, controlling a device requires both:
a) You need to grant the access level needed for a matrix action (e. g. User)
b) You need to perform the individual matrix action needed (e. g. if you want to edit a file, you still need to do the "edit file" action including all checks).
"Reading files":
There are a lot of matrix actions, but I miss an action for "reading files" (e.g. watching video from a hard drive, listen to recordings, reading text files, etc.). Does this require no action/check, as long as this data is neither protected nor containing a data bomb?
House-Ruling devices without attributes:
If a device has no attributes, the Data Processing
and Firewall rating of the device is equal to their
device rating (GERMAN core rules, p. 245).
As we know, this German rule is not planned to be within upcoming Errata. But we also know that there are two problems:
- the limited amount of slaves for kommlinks
- any device that does not have attributes explicitly mentioned seems defenseless against hackers (because their attributes are "0").
There are a several clever house rules in this thread that try to treat these problems. But these changes impact the difficulty of hacking (because it makes hacking harder).
1.) So, I ask myself: Is it intended by the core rules that devices without attributes are defenseless? If yes, then I would ignore the German rules that use device rating as DP/F attributes. If no, then I would use it.
2.) Using the rule changes the game.
- a) It puts kommlinks in that awkward situation that their DP/F rating is lower than their device rating -> house rule needed.
- b) All devices that have no attributes listed get a DP/F rating equal their device rating. That boosts the defenses of all such devices.
- c) Hacking gets harder (because all other devices get higher stats). So, I assume that Cyberdecks/Cyberjacks also should be adjusted, shouldn't they?
Would do you think about that?
-
The check is made with the stat that is mentioned in the matrix action - whether or not the defending device has mentals attributes. Right?
If you go through the list you will notice that most opposed tests either don't use a mental attribute at all (just opposed by matrix attributes) or let you substitute the mental attribute for a matrix attribute (often the Firewall rating of the network the device is connected to).
But yes, when it comes to opposing Matrix Perception (both for when finding a network that is trying to hide as well as analyzing individual icons), Backdoor Entry (but not Brute Force or Probe), Control Device (but only in cases where there is no test associated with the device) and Spoof Command (against devices that does not have an auto pilot) you would either use the number of dice equal to the mental attribute of the 'owner' or corporate hacker (also known as a 'spider') currently defending the Host OR use 0 dice (if the device is unattended and does not have an 'owner' actively defending them or if there is no 'spider' defending the Host network).
I am not 100% sure, but I believe your assumption is wrong. In my understanding, controlling a device requires both:
a) You need to grant the access level needed for a matrix action (e. g. User)
b) You need to perform the individual matrix action needed (e. g. if you want to edit a file, you still need to do the "edit file" action including all checks).
I am not sure what part you are disagreeing with here (or if we are saying the same thing).
Are you arguing that you need to take another Brute Force or Probe+Backdoor Entry action against every single device and file on the network after you are already became a User or Admin on the network...?
What I am saying is that:
- Unless you are happy with just using Outside actions (which include both legal actions such as Matrix Perception or Send Message and illegal actions such as Spoof Command or Data Spike) you first need to gain access. To the whole network. By using Brute Force or Probe+Backdoor Entry. Once.
- Once you are considered a User or Admin on the network you can start using actions against individual files and devices that require User Access (both legal actions such as Edit File or Control Device and illegal actions such as Crack File) or Admin access (both legal actions such as Format Device or Reboot Device and illegal actions such as Crash Program or Trace Icon).
There are a lot of matrix actions, but I miss an action for "reading files" (e.g. watching video from a hard drive, listen to recordings, reading text files, etc.). Does this require no action/check, as long as this data is neither protected nor containing a data bomb?
There is no test involved if you wish to listen to, view, or read data that is not protected or hidden in any way.
Once you already have the correct Access level (most files probably require that you are considered a User, but there are probably also many public files that can be listen to, viewed, or read by not having any access at all) you only need to take further tests if the data is protected in some way (encryption, data bomb...) or if you wish to edit, copy or delete it.
I guess, for extra clarity, they could have added a Read File with a 'No Test'-flag (similar to how they have a Send Message action with a 'No Test'-flag on it), but at the same time they were also trying to save word-count. And to be fair, there was also no explicit Read File action in 5th edition, either.
Edit:
...the limited amount of slaves for kommlinks
If you find this to be an issue then either just house rule that:
- You can slave an unlimited amount of devices to your PAN
- Or that the limit only applies specifically to drones and vehicles
Edit2:
any device that does not have attributes explicitly mentioned seems defenseless against hackers (because their attributes are "0")
This just mean that wireless enabled devices that are not part of a Host network or a PAN will be less protected against hackers. This is intended. This was also the fact in previous edition as well. Not sure what you are trying to fix.
-
Hmmm interesting... So this basically means that it can be a deliberate choice to leave a device unslaved (not unlike 5th Edition, now that I think about it): Apart from the slave limit, access to a slaved device = access to the whole PAN, including the other slaves. Meanwhile, unslaved devices are practically defenseless, but a hacker has to chew through each of them seperately.
Hackers would probably want to first gain User or even Admin access on a network that have a lot of devices they plan to interact with (since while they are considered User or Admin they can legally control them without their individual control actions generating overwatch score on their own). This would be resolved via a single Brute force / Probe+Backdoor Entry action followed by individual Control Device actions.
But most of the time they would probably skip the whole User or Admin access for individual devices that are not part of any network. Instead they would probably just impersonate a legit user and send instructions to the device to have it act on (this is an illegal cracking action, but since the device is not part of a network it will probably not have any dice to defend with and thus the action will not generate overwatch score from opposing hits). This would be resolved via unopposed Spoof Command actions.
And this is the part were the whole current RAW (and RAI?), and especially that way too low slave limit, just becomes really weird (unless the devs want to promote complicated commlink daisychains, which I doubt). I mean, the missing firewall Attribute is one thing, but a completely unopposed roll? This makes any form of hacking a total joke. As Xenon mentioned, it wouldnīt even start OS. Furthermore, the Attacker will also generate Edge every single time , as long as he brings a combined Attack+Sleaze of 4 or higher to the table.
I have a strong feeling that this sentence is the sticking point about the whole thing:
P. 179: "A persona actively defending for a device or host can use the other pool with the device or host attributes."
And boy, is it sticky...
First: Whatīs the point of that sentence in its current form anyways? If I (i.e. my persona) defend for a host or device, why would I want to use the (likely, lower or even nonexistent) pool of the target I want to defend? The one that the target would use anyways? Shouldnīt this be the other way around - the target using the personaīs attributes, including the mental attributes?
- Could it be that this sentence is supposed to be read as: "If a persona actively defends for a device or host, you can use the pool of your persona ("the other pool"), BUT (alternatively?) with the Matrix(!) Attributes of the device or Host."?
- This is at least what happens in the example on p. 178, so...
Second: What is "actively defending" supposed to mean? There is no Matrix action associated with it, so it seems to be some kind of passive state. How do I declare it? Is there a limitation?
- Is it the same as a Master-Slave-relationship? Is it something I initiate by putting the device in my PAN (which may or may not be the same as a MS-relationship, argle bargle...).
- Do I need to have an active Persona and monitor the Matrix in VR/AR? Is this the "point" of the whole thing: To force users to watch out for their stuff in person?
Not gonna lie, Iīm starting to get quite disappointed with the current state of the Matrix rules (Both the english and german ones). That whole "devices donīt heave any defenses without belonging to a network" might have been all fine and dandy, but combined with the slave limit (afaik, it was added by Errata?), the whole thing thing absolutely falls apart for all forms of "consumer electronics". RAW, the 6th would be practically littered with 100% unprotected wireless devices.
Is this really supposed to be the actual RAI or are we all missing something here?
-
On my phone so I may not go as deep in detail as needed so bear with me ...
actively defending just means it needs to be part of a network
Having a choice of what set of attributes you use works both ways ... as a player you will almost always want to use your persona because you will better off, but this also means that a spider working in a host doesn't need hot shot gear when they can just using the host attributes.
As general statement I can say I never intended to have such low slave limits in fact I wanted no limits at all. I also never wanted devices to be completely defenseless on their own. But not everything I wanted made it in to the final version ... including errata.
IF you wanted to house rule something that worked as I originally designed the new matrix system. Then add device rating to all commlink firewalls, ignore device limits, and allow all devices to have firewalls equal to their rating.
-
Just one question:
see the Host Hacking Example sidebar on pg 178- the host has no spider so it rolls 0 dice for Willpower/Intuition to defend against hacking
Probe lists two dice Pools: Willpower + Firewall OR Firewallx2. Does that example mean, that the Firewall attribute of the Host is = 1. And the Host rolls Firewallx2 = 1x2?
Mental attributes:
Okay, so you never ever replace a mental stat of a dice pool that is required for a matrix action check with a device stats (e.g. willpower <=> firewall)? The check is made with the stat that is mentioned in the matrix action - whether or not the defending device has mentals attributes. Right?
Right. If the defense pool is Willpower + Firewall, then nothing ever subs in for Willpower in place of Willpower. (Device Rating and Host Rating both used to sub in for absent attributes in 5e- this is a deliberate change)
Hmmm interesting... So this basically means that it can be a deliberate choice to leave a device unslaved (not unlike 5th Edition, now that I think about it): Apart from the slave limit, access to a slaved device = access to the whole PAN, including the other slaves. Meanwhile, unslaved devices are practically defenseless, but a hacker has to chew through each of them seperately.
Hackers would probably want to first gain User or even Admin access on a network that have a lot of devices they plan to interact with (since while they are considered User or Admin they can legally control them without their individual control actions generating overwatch score on their own). This would be resolved via a single Brute force / Probe+Backdoor Entry action followed by individual Control Device actions.
Controlling slaved devices:
I am not 100% sure, but I believe your assumption is wrong. In my understanding, controlling a device requires both:
a) You need to grant the access level needed for a matrix action (e. g. User)
b) You need to perform the individual matrix action needed (e. g. if you want to edit a file, you still need to do the "edit file" action including all checks).
Ok, 95% of the time what you want is Spoof Command, not Control Device. If you want a maglock to open, that's Spoof Command. If you want a traffic light to change, that's Spoof Command. If you want a grenade to explode inside the other guy's launcher, that's Spoof Command. You only need Control Device if you're using sustained control over a device, like remotely driving a drone or firing a remote weapon platform. Pretty much, if what you want to do doesn't involve rolling a non-matrix skill to "control" the device and only takes one action to resolve, that's Spoof Command.
"Reading files":
There are a lot of matrix actions, but I miss an action for "reading files" (e.g. watching video from a hard drive, listen to recordings, reading text files, etc.). Does this require no action/check, as long as this data is neither protected nor containing a data bomb?
That action is Edit File. (yes, even just reading it without copying/changing/deleting the data)
House-Ruling devices without attributes:
If a device has no attributes, the Data Processing
and Firewall rating of the device is equal to their
device rating (GERMAN core rules, p. 245).
As we know, this German rule is not planned to be within upcoming Errata. But we also know that there are two problems:
- the limited amount of slaves for kommlinks
- any device that does not have attributes explicitly mentioned seems defenseless against hackers (because their attributes are "0").
There are a several clever house rules in this thread that try to treat these problems. But these changes impact the difficulty of hacking (because it makes hacking harder).
1.) So, I ask myself: Is it intended by the core rules that devices without attributes are defenseless? If yes, then I would ignore the German rules that use device rating as DP/F attributes. If no, then I would use it.
Yes, the intent is that unattended devices are supposed to be essentially helpless vs hacking. Note that the assumption though is generally everything WORTH hacking should be either part of a PAN or defended by a Host, though. But a can of Dragon Piss? Sure, it's defense pool is 0+0=0 dice to defend against hacking because it's unlikely that anyone would bother to add it to their PAN nor would the host running the vending machine it came from likely bother with protecting the cans inside it, too.
2.) Using the rule changes the game.
- a) It puts kommlinks in that awkward situation that their DP/F rating is lower than their device rating -> house rule needed.
- b) All devices that have no attributes listed get a DP/F rating equal their device rating. That boosts the defenses of all such devices.
- c) Hacking gets harder (because all other devices get higher stats). So, I assume that Cyberdecks/Cyberjacks also should be adjusted, shouldn't they?
Would do you think about that?
Well, house rules always need to be evaluated for these kinds of 2nd order "ripple" effects. However, it's my opinion that flatly ignoring the number of devices limit is the rare house rule that meshes into the canon just fine without causing problematic implications. Yes, if there's no limit then DP doesn't mean much for people who don't take matrix actions (I see that as not problematic) and it also means that Riggers can control an infinite number of drones (maybe so, but there's still influences elsewhere that keep that number from being truly infinite: riggers still don't have infinite nuyen, nor does any table have time to allow one player to resolve infinite actions during combat)
-
I am not sure what part you are disagreeing with here (or if we are saying the same thing).
Hehe...yes, we were saying the same thing. Just mixed it up, because of my bad English - sorry! (Thanks btw. for all your fantastic help on reddit! Helped so much!)
IF you wanted to house rule something that worked as I originally designed the new matrix system. Then add device rating to all commlink firewalls, ignore device limits, and allow all devices to have firewalls equal to their rating.
Will do so. Sounds reasonable and seems to fix some things decently.
"Reading files":
There are a lot of matrix actions, but I miss an action for "reading files" (e.g. watching video from a hard drive, listen to recordings, reading text files, etc.). Does this require no action/check, as long as this data is neither protected nor containing a data bomb?
That action is Edit File. (yes, even just reading it without copying/changing/deleting the data)
This is TERRIFIC! Looking for that answer for so long!!Thanks!
-
Ok, 95% of the time what you want is Spoof Command, not Control Device. If you want a maglock to open, that's Spoof Command...
If you already have User Access then you have the option to not take the illegal Spoof Command action (opposed hits will always generate overwatch score on you!) to open up a maglock. You can also directly control it yourself with the legal Control Device action (which will not generate overwatch score on you!).
-
Question so to mitigate your overwatch score when on a run that you want to do Team Overwatch on, you should gain user access to the host which will allow you to use control device on anything on that host like doors, cameras, maglocks and the like? Because control device is legal you would gain less of an increase to your overwatch score, correct?
-
Question so to mitigate your overwatch score when on a run that you want to do Team Overwatch on, you should gain user access to the host which will allow you to use control device on anything on that host like doors, cameras, maglocks and the like? Because control device is legal you would gain less of an increase to your overwatch score, correct?
That's a fair point.
And yes, your access to the host extends to everything the host controls. This is also true of runner PANs, as well.
-
Question so to mitigate your overwatch score when on a run that you want to do Team Overwatch on, you should gain user access to the host which will allow you to use control device on anything on that host like doors, cameras, maglocks and the like? Because control device is legal you would gain less of an increase to your overwatch score, correct?
That's a fair point.
And yes, your access to the host extends to everything the host controls. This is also true of runner PANs, as well.
Also a factor is that just maintaining access regardless of what actions you are taking accumulates OS too. So it a matter how long vs how many actions that determines which method is better.
-
Question so to mitigate your overwatch score when on a run that you want to do Team Overwatch on, you should gain user access to the host which will allow you to use control device on anything on that host like doors, cameras, maglocks and the like? Because control device is legal you would gain less of an increase to your overwatch score, correct?
That's a fair point.
And yes, your access to the host extends to everything the host controls. This is also true of runner PANs, as well.
Also a factor is that just maintaining access regardless of what actions you are taking accumulates OS too. So it a matter how long vs how many actions that determines which method is better.
Backdoor Entry gives an exception to that, so most of the time that's what players will use.
-
Question so to mitigate your overwatch score when on a run that you want to do Team Overwatch on, you should gain user access to the host which will allow you to use control device on anything on that host like doors, cameras, maglocks and the like? Because control device is legal you would gain less of an increase to your overwatch score, correct?
That's a fair point.
And yes, your access to the host extends to everything the host controls. This is also true of runner PANs, as well.
Also a factor is that just maintaining access regardless of what actions you are taking accumulates OS too. So it a matter how long vs how many actions that determines which method is better.
Backdoor Entry gives an exception to that, so most of the time that's what players will use.
Yeah but then you're trading time for that privilege... not always the best or available option
-
Well... it's "only" a minute to do the prerequisite probe. Those extra minutes could matter if the site has an architecture of hosts rather than a single host in 5e style. Of course, if you must progress through a series of nested hosts, then Brute Forcing your way through becomes exponentially worse in comparison as you have to take OS for each host you're maintaining access to/through.
But yes, if you don't HAVE minutes.. or if you want to rely on Attack linked actions rather than Sleaze (for some reason), Brute Force has those niche advantages.
-
Well... it's "only" a minute to do the prerequisite probe. Those extra minutes could matter if the site has an architecture of hosts rather than a single host in 5e style. Of course, if you must progress through a series of nested hosts, then Brute Forcing your way through becomes exponentially worse in comparison as you have to take OS for each host you're maintaining access to/through.
But yes, if you don't HAVE minutes.. or if you want to rely on Attack linked actions rather than Sleaze (for some reason), Brute Force has those niche advantages.
Yes ... and I intentionally made the backdoor hack the most favorable option as long as the situation allows (though I think ONE minute is too favorable.. I think I had it at o e hour originally but should be 10 or 15 minutes at a minimum) much like real world hacking taking the time to use the systems weaknesses against itself.
-
Question so to mitigate your overwatch score when on a run that you want to do Team Overwatch on, you should gain user access to the host which will allow you to use control device on anything on that host like doors, cameras, maglocks and the like? Because control device is legal you would gain less of an increase to your overwatch score, correct?
Yes! =)
If you do not have time to prep (and you do not have access on the network already) then you will probably often depend on illegal spoof commands just like SSDR wrote above (where each of them cause overwatch score on opposed hits) or, if you wish to control them directly yourself, brute force your way into the network with just a single major action (but this will count as "illegal User-access" which mean your overwatch score will automatically increase each round!).
If you have time to prep then you would instead spend a at least a minute or so to probe the network for vulnerabilities and then exploit it to gain entrance via a backdoor. Unlike brute forcing your way into the network, this will not count as having "illegal Admin-access" which mean your overwatch score will not automatically increase each round. Once inside you can run matrix overwatch by legally control each device with the control device action which will not increase overwatch score on opposed hits.
6E p. 180 Backdoor Entry
If the test is successful, you gain Admin access to the target, and it does not count as illegal Admin access (though taking illegal Matrix Actions will still increase your Overwatch Score).
6E p. 176 Overwatch Score and Convergence
Things that increase the Overwatch Score are as follows...
Maintaining illegal access to anything on the Matrix: +1 OS/round for each host where you maintain illegal User-level access, +3 OS/round for each host where you maintain illegal Admin-level access.
Having said that, Spoof Command actions are only opposed by Data Processing while Control Device actions (if there is no skill associated with the device) are resisted by both Willpower and Firewall.
To quote Yoda; "The Dark Side is quicker, easier, more seductive... easily they flow, quick to join you in a fight. If once you start down the dark path forever will it dominate your destiny"
The two actions are also used when influencing drones, but both of them work different in this scenario;
Piloting a drone with your own piloting skill to perform stunts or sneak with a hostile drone or using your own engineering skill to fire its on-board mounted weapons will not be resisted at all as long as you maintain user access on the network the drone is connected to. You just take the piloting or engineering actions directly.
Spoofing a command to the on-board auto-pilot of a drone to have the drone using its own auto-softs and ratings, however, will be opposed by both the on-board pilot and the firewall of the network the drone is connected to.
-
On my phone so I may not go as deep in detail as needed so bear with me ...
actively defending just means it needs to be part of a network
Having a choice of what set of attributes you use works both ways ... as a player you will almost always want to use your persona because you will better off, but this also means that a spider working in a host doesn't need hot shot gear when they can just using the host attributes.
As general statement I can say I never intended to have such low slave limits in fact I wanted no limits at all. I also never wanted devices to be completely defenseless on their own. But not everything I wanted made it in to the final version ... including errata.
IF you wanted to house rule something that worked as I originally designed the new matrix system. Then add device rating to all commlink firewalls, ignore device limits, and allow all devices to have firewalls equal to their rating.
Thanks for the (still pretty conclusive) answer. Kinda begs the question: Is the wonkyness of the current version intended or just yet again due to some, ehem.... misfortunes in the editing/errata process? (Donīt worry, you donīt have to answer that ::))
TBH, while I like Banshees original vision, I donīt really mind the current lower defense dice pools (unless they go down to zero, that is...). After the last 2 Editions, I like the fact that hackers can now get stuff done even with mediocre dicepools if they find vulnerable targets. It also emphasizes the defensive role of Deckers (and Riggers!) in a team. And the importance of an active security Spider in a host as well!
But with the added device limit and the low F/D of a standalone commlink PAN, it starts to become a bit too hard to believe. Just take a standard Smartgun Setup: Thatīs already two devices that you will definitely want to secure (at least a little bit): The Smartgun and the Smartlink Reciever*. With a mid-level commlink, that means your PAN is already full, which means that RAW, any other wireless device you use has a defense pool of Zero. Are multi-commlink Daisychains** really supposed to be a norm?
*And thatīs already under the assumption that each Gun Accessory / Vision Mod etc. doesnīt count as a seperate device!
**if they are possible to begin with, everyone is just kinda going with that assumption...
-
Having said that, Spoof Command actions are only opposed by Data Processing while Control Device actions (if there is no skill associated with the device) are resisted by both Willpower and Firewall.
so spoof is not Data Processing or pilot ....... and Firewall? it is Data Processing ...... or Pilot and Firewall?
For example I am spoofing a Trans Avalon with D of 3 and F of 1 I would be going against a 3 not a 4?
-
[quote author=Xenon link=topic=31179.msg536548#msg536548
Piloting a drone with your own piloting skill to perform stunts or sneak with a hostile drone or using your own engineering skill to fire its on-board mounted weapons will not be resisted at all as long as you maintain user access on the network the drone is connected to. You just take the piloting or engineering actions directly.
[/quote]
No, only OWNERS can do that ... hacked access is NEVER owner access so if you had to hack it to use it then Control Device is what you should be using. I know that is a point that is not clealry defined, but the whole point of Control Device is control devices you don't own, Owners don't need to use it at all but hackers do.
Edit: this is why it talks about legitimate access levels in the control device description
-
Having said that, Spoof Command actions are only opposed by Data Processing while Control Device actions (if there is no skill associated with the device) are resisted by both Willpower and Firewall.
so spoof is not Data Processing or pilot ....... and Firewall? it is Data Processing ...... or Pilot and Firewall?
For example I am spoofing a Trans Avalon with D of 3 and F of 1 I would be going against a 3 not a 4?
Spoof is (DP or Pilot)+Firewall ... Firewall is always a factor
-
Little side question about Spoof Command:
I was always under the impression that to successfully spoof a command from a credible source, the hacker also has to know that source. Is this correct?
For context: In 5th Edition, the hacker even needed to hack that "credible source" for a Mark - thankfully, that extra delay is now gone. But it would still make sense if the hacker first have to find (or at least successfully guess) a user with the right credentials. Of course, in most cases, that user should be obvious enough for the hacker to not need waste extra actions - f.i., if is a Smartgun, the bloke holding it very likely to be its accepted user. However, zhat may be not so clear if the "credible source" is hiding in the Matrix or if there is no obvious source around the device in question.
(For additional clarity: Iīm assuming that a"credible source" does not automatically have to be part of the PAN as well, and sometimes not even a persona. F.i., a Trideo Projector in a corporate conference room - which might be slaved to the local WAN - could also accept orders from a remote control/"presenter")
-
I would say that's either irrelevant or incorrect.
It's normally not an issue.. the spoofed command appears to come from the host or the PAN, as appropriate.
-
Little side question about Spoof Command:
I was always under the impression that to successfully spoof a command from a credible source, the hacker also has to know that source. Is this correct?
For context: In 5th Edition, the hacker even needed to hack that "credible source" for a Mark - thankfully, that extra delay is now gone. But it would still make sense if the hacker first have to find (or at least successfully guess) a user with the right credentials. Of course, in most cases, that user should be obvious enough for the hacker to not need waste extra actions - f.i., if is a Smartgun, the bloke holding it very likely to be its accepted user. However, zhat may be not so clear if the "credible source" is hiding in the Matrix or if there is no obvious source around the device in question.
(For additional clarity: Iīm assuming that a"credible source" does not automatically have to be part of the PAN as well, and sometimes not even a persona. F.i., a Trideo Projector in a corporate conference room - which might be slaved to the local WAN - could also accept orders from a remote control/"presenter")
Any "required credentials" can be assumed included as part of the action. The primary change and subsequent use of spoof command is that is only a single command for one single action anything more complex requires control device.
-
hacked access is NEVER owner access so if you had to hack it to use it then Control Device is what you should be using.
If there is no test associated with the device you wish to use (for example opening a maglock or controlling an elevator) then you resolve it with Electronics + Logic vs. Firewall + Willpower. This part is clear.
But if there is a test associated with the device you wish to use (for example firing mounted weapons of a drone) then how would I resolve that (as it sound as if your intention is not that you simply take an Engineering + Logic vs Reaction + Intuition test after you already gained sufficient access level over the drone / the network the drone is part of).
Spoof is (DP or Pilot)+Firewall ... Firewall is always a factor
Spoof Command is using the notation "Data Processing or Pilot + Firewall" rather than "Data Processing + Firewall or Pilot + Firewall" (which is the notation that all other matrix actions are using!).
For example:
Erase Matrix Signature: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Format Device: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Jack out: "Charisma + Data Processing or Attack + Data Processing" (not "Charisma or Attack + Data Processing")
Jump into rigged device: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Probe: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Snoop: "Logic + Firewall or Data Processing + Firewall" (not "Logic or Data Processing + Firewall")
Edit File: "Intuition + Firewall or Firewall + Sleaze" (not "Intuition or Sleaze + Firewall")
Trace Icon: "Willpower + Sleaze or Firewall + Sleaze" (not "Willpower or Sleaze + Firewall")
Subject for errata...?
-
hacked access is NEVER owner access so if you had to hack it to use it then Control Device is what you should be using.
If there is no test associated with the device you wish to use (for example opening a maglock or controlling an elevator) then you resolve it with Electronics + Logic vs. Firewall + Willpower. This part is clear.
But if there is a test associated with the device you wish to use (for example firing mounted weapons of a drone) then how would I resolve that (as it sound as if your intention is not that you simply take an Engineering + Logic vs Reaction + Intuition test after you already gained sufficient access level over the drone / the network the drone is part of).
Spoof is (DP or Pilot)+Firewall ... Firewall is always a factor
Spoof Command is using the notation "Data Processing or Pilot + Firewall" rather than "Data Processing + Firewall or Pilot + Firewall" (which is the notation that all other matrix actions are using!).
For example:
Erase Matrix Signature: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Format Device: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Jack out: "Charisma + Data Processing or Attack + Data Processing" (not "Charisma or Attack + Data Processing")
Jump into rigged device: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Probe: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Snoop: "Logic + Firewall or Data Processing + Firewall" (not "Logic or Data Processing + Firewall")
Edit File: "Intuition + Firewall or Firewall + Sleaze" (not "Intuition or Sleaze + Firewall")
Trace Icon: "Willpower + Sleaze or Firewall + Sleaze" (not "Willpower or Sleaze + Firewall")
Subject for errata...?
Control Devuce is essentially a sustained ability, first gain access to the network, then use control device to gain control of the device, then use it with appropriate skill. Should be language in the first part of the action description that says as much.
Spoof command should technically have 3 dice pool options following that format. I put pilot in there for drones because they don't have Data Processing
-
first gain access to the network, then use control device to gain control of the device, then use it with appropriate skill.
Thanks!
Spoof command should technically have 3 dice pool options following that format.
- Data Processing + Firewall
- Pilot + Firewall
- ?
-
first gain access to the network, then use control device to gain control of the device, then use it with appropriate skill.
Thanks!
Spoof command should technically have 3 dice pool options following that format.
- Data Processing + Firewall
- Pilot + Firewall
- ?
Spoof ... your right nevermind. I had to go back and check my notes and compare to what got printed.
So yeah .. that one slipped through format editing
-
IF you wanted to house rule something that worked as I originally designed the new matrix system. Then add device rating to all commlink firewalls, ignore device limits, and allow all devices to have firewalls equal to their rating.
Would you also allow all devices to have not only firewalls, but also data processing equal to their device rating? (like suggested in the German Core Rules, p. 245)? Or only Firewall?
For some opposed checks that would mean a huge increase of dices for the defending device.
-
Spoof ... your right nevermind... that one slipped through format editing
Thanks for revisiting this one.
I will be submitting this to be made official, but have decided to post it here to get feedback and have at least be a house rule option in case it gets shot down.
Slaved devices = limit is the controlling device's Data Processing, these devices are part of your network but can also be controlled remotely. Primary use would drones, vehicles, and firing platforms, but I'm sure you could get creative with other devices.
Networked devices = limit is infinite as long as your able to be connected. Noise or other signal blocking would be a factor. A networked device is part of your network (PAN) and therefore gains all of the strengths and weaknesses of your security. (Willpower and Firewall)
Unattached/unattended devices = these devices have no network connection of any kind what so ever, and only have their own built in security (often a barely existent firewall if anything) but also can not be used to gain access to a network.
So basically, the data processing limit only applies to drones and vehicles.
(I personally like this very much since it still mean RCCs are still important when it comes to slaving drones and it also does not seem to cause any unwanted ripple effects. Win - Win).
(this was also one of the suggestions to the OP earlier in the thread):
...the limited amount of slaves for kommlinks
If you find this to be an issue then either just house rule that:
- You can slave an unlimited amount of devices to your PAN
- Or that the limit only applies specifically to drones and vehicles
(emphasis mine)
Would you also allow all devices to have not only firewalls, but also data processing equal to their device rating?
jtkirk22, I think the idea here is that rather than giving matrix attributes to all devices (like the German translation did it) the suggestion from Banshee (see above) is that an unlimited amount of your devices may be 'inked' or 'networked' to your PAN (see above) and that the data processing rating (the 'slave' limit) only applies to devices you can 'remote control' (like Drones, Vehicles, Smartfiring platforms etc).
If you still rather want to pursuit the route of adding some sort of firewall (and/or data processing) rating to all devices then you probably also need to adjust commlink ratings. Then you probably also need to adjust RCC and cyberjack ratings. Then hacking get a lot more difficult and you probably need to adjust hacking rules in some way as well (if you wish to keep status quo that is). This is not a very clean solution. I would advice against such a house rule. Having said that, it is your table. Your rules.
-
IF you wanted to house rule something that worked as I originally designed the new matrix system. Then add device rating to all commlink firewalls, ignore device limits, and allow all devices to have firewalls equal to their rating.
Would you also allow all devices to have not only firewalls, but also data processing equal to their device rating? (like suggested in the German Core Rules, p. 245)? Or only Firewall?
For some opposed checks that would mean a huge increase of dices for the defending device.
Honestly, I worry about said increases. It means that Datajacks become less valuable, since you could just get a cheap Datajack, then use a DR6 commlink for better attributes. And it means a Rating 6 Commlink has a better Firewall than a Rating 6 Rigger Command Console. Plus hacking becomes far tougher when high-rating security equipment has a better Firewall than their Host can offer them. We get back to SR5's 'burst quickly', which makes the whole layered Host structure a nightmare.
A blanket 'no listed rating means DR/2' and 'commlinks are fine as they are, to encourage the more-expensive high-Firewall stuff' I'd find more fair, since it's more balanced, as long as people can easily supervise their gear, and means Hackers actually have a fair shot against the weaker stuff. If we're letting you daisy-chain PANs so that the Mage's commlink protects everyone else's and through those their gear, FW isn't a problem since you only need 1 3-FW commlink.
As for Data Processing, I'd be careful there: DP is slave limit (for example how many Drones you can protect with RCC firewall and share autosofts with), and used for Matrix Initiative. Boosting it has a big impact there.
-
If you still rather want to pursuit the route of adding some sort of firewall (and/or data processing) rating to all devices then you probably also need to adjust commlink ratings. Then you probably also need to adjust RCC and cyberjack ratings. Then hacking get a lot more difficult and you probably need to adjust hacking rules in some way as well (if you wish to keep status quo that is). This is not a very clean solution. I would advice against such a house rule. Having said that, it is your table. Your rules.
Thanks for your answer. Banshee spoke in this post (https://forums.shadowruntabletop.com/index.php?topic=31179.msg536519#msg536519) of "add[ing] device rating to all commlink firewalls". So, I wanted to make sure that this won't break the game.
Adding Firewall to commlinks makes hacking a bit harder - but it seems okay, as commlinks are hacked easily anyway.
He also said: "allow all devices to have firewalls equal to their rating."
I am a absolute new player. Can anybody tell me, if that rule is okay or will it break the game in some point? Are there further adjustments needed (e.g. for cyberjacks/cyberdecks), if I would use that house rule? That's how Xenon's sounded for me. Just want to be sure...
-
I wanted to make sure that this won't break the game.
It does. Further adjustments are needed.
- Unless you also increase ratings of commlinks you risk running into a situation where high rated devices will get less protection if included into a PAN
- As commlink ratings are increased you need to adjust cyberjacks to keep them competitive
- As firewall and data processing ratings are interchangeable you also need to adjust RCC ratings to keep them competitive
- As PAN ratings overall get increased across the board you also need to compensate hackers in some way to keep status quo here as well
- The list goes on.....
Which is why we (Banshee included) are instead suggesting that any number of devices can be networked (or linked or included) into your PAN, but that you can still only slave a number of drones and vehicles equal to your device rating. No further adjustments needed. This is clean. And it also seem to be aligned with the original intention of the Author.
-
As for Data Processing, I'd be careful there: DP is slave limit (for example how many Drones you can protect with RCC firewall and share autosofts with), and used for Matrix Initiative. Boosting it has a big impact there.
Minor correction to myself: DP is only how many autosofts it can share, slaves depends on device rating for RCCs (DRx3).
-
I wanted to make sure that this won't break the game.
It does. Further adjustments are needed.
- Unless you also increase ratings of commlinks you risk running into a situation where high rated devices will get less protection if included into a PAN
- As commlink ratings are increased you need to adjust cyberjacks to keep them competitive
- As firewall and data processing ratings are interchangeable you also need to adjust RCC ratings to keep them competitive
- As PAN ratings overall get increased across the board you also need to compensate hackers in some way to keep status quo here as well
- The list goes on.....
Which is why we (Banshee included) are instead suggesting that any number of devices can be networked (or linked or included) into your PAN, but that you can still only slave a number of drones and vehicles equal to your device rating. No further adjustments needed. This is clean. And it also seem to be aligned with the original intention of the Author.
Sounds good. Thanks for carification! :)
But does this also concern the statement to "allow all devices to have firewalls equal to their rating"?
-
Little side question about Spoof Command:
I was always under the impression that to successfully spoof a command from a credible source, the hacker also has to know that source. Is this correct?
For context: In 5th Edition, the hacker even needed to hack that "credible source" for a Mark - thankfully, that extra delay is now gone. But it would still make sense if the hacker first have to find (or at least successfully guess) a user with the right credentials. Of course, in most cases, that user should be obvious enough for the hacker to not need waste extra actions - f.i., if is a Smartgun, the bloke holding it very likely to be its accepted user. However, zhat may be not so clear if the "credible source" is hiding in the Matrix or if there is no obvious source around the device in question.
(For additional clarity: Iīm assuming that a"credible source" does not automatically have to be part of the PAN as well, and sometimes not even a persona. F.i., a Trideo Projector in a corporate conference room - which might be slaved to the local WAN - could also accept orders from a remote control/"presenter")
Any "required credentials" can be assumed included as part of the action. The primary change and subsequent use of spoof command is that is only a single command for one single action anything more complex requires control device.
Ah, thanks. Guess thatīs best way to go for simplicity sake.
From a GMīs perspective: Iīd probably still reserve me the liberty to ask for an identified "credible source" every once in a while, to create a little bit of narrative tension in a pinch: "I need to get past this door fast! Quick, find me an Exec so I can spoof the credentials!"
On the flip side, Spoof Command also offers an opportunity to reward clever thinking on the playerīs side. F.i., if the hacker has deliberatedly watched and waited for a certified user to legally use the very same command he wants spoof (like these newer kind of car thieves that intercept the signal of electronic car keys), thatīs something that I would award an Edge for.
-
IF you wanted to house rule something that worked as I originally designed the new matrix system. Then add device rating to all commlink firewalls, ignore device limits, and allow all devices to have firewalls equal to their rating.
Would you also allow all devices to have not only firewalls, but also data processing equal to their device rating? (like suggested in the German Core Rules, p. 245)? Or only Firewall?
For some opposed checks that would mean a huge increase of dices for the defending device.
Basically what Xenon said too ...
EDIT: Nevermind .. removed after reading more of Xenon comments
-
I will be submitting this to be made official, but have decided to post it here to get feedback and have at least be a house rule option in case it gets shot down.
Slaved devices = limit is the controlling device's Data Processing, these devices are part of your network but can also be controlled remotely. Primary use would drones, vehicles, and firing platforms, but I'm sure you could get creative with other devices.
Networked devices = limit is infinite as long as your able to be connected. Noise or other signal blocking would be a factor. A networked device is part of your network (PAN) and therefore gains all of the strengths and weaknesses of your security. (Willpower and Firewall)
Unattached/unattended devices = these devices have no network connection of any kind what so ever, and only have their own built in security (often a barely existent firewall if anything) but also can not be used to gain access to a network.
Godspeed to you ;)
I believe that the main reason why the slave limit was added in the first place was to give Data Processing a better purpose. Precisely, a better purpose in comparison with the Firewall Attribute. Before that, there was next to no reason not to take a setup with a higher Firewall (right now, only VR Initiative comes to mind). And then, someone tried die "fix" this problem with the slave limit, but instead created a much bigger problem due to the overall low stats of commlinks.
So, hereīs another alternative that just came to my mind: Data Processing Actions.
Just like the way Attack and Sleaze actions work, some (mostly, legal) Actions may profit from higher Data Processing and thus be hampered by a higher Firewall setup, imposing a negative Dice Pool modifier if the Firewall Attribute is higher. That may seem a bit weird at first, but just think about your everyday computer experiences: The more "secure" systems with proper firewalls, virus scanners, blockers, etc. are often a bit of a nuisance to work with, because you will be constantly pestered with warnings, constant updates, affirmation prompts, checks, small delays.... To me, that seems like a good enough explanation for some Matrix Actions being penalized if the setup of the PAN is more about security and less about doing stuff:
- Matrix Perception: An overzealous Firewall might block out more "potentially harmfull signals", making it also harder to find hidden stuff or have a closer look at Matrix entities.
- Matrix Search: The Firewall interferes with your searches and tries to hinder you from straying into unsafe territories - which is often were you find the more valuable informations.
- Edit File: "Are you sure you want to run this file?" "For your security, you can only view this file in safe mode, some functions have been disabled" "Due to security risks, this file format is not supported anymore..." You know what I mean. While there are no rules for file-embedded Viruses and such (yet?), that doesnīt mean that this isnīt a phenomenon a that your overzealous firewall wants to protect you from.
Other possible Data Processing Actions may include Format Device, Jack Out*, Reboot Device and Trace Icon. However, I wouldnīt overdue it here. Also, while it might be fitting for Encrypt File and Disarm Databomb, I also wouldnīt dub any of the actions as "Firewall Actions" (yet), since pretty much every defense test against attackers is already profitting from a higher firewall.
*"Please make sure to alway log of from the Matrix in a secure fashion", sayeth the firewall, while the hacker gets fragged by the black IC... ::)
-
Wait RCC's have a different Device limit than commlinks and Cyberdecks?
Wouldn't it be easier to just errata them to all be the same?
you would need only errata the following locations to fix this, Bold is my addition.
1. Pg. 267-268 "Unless otherwise noted, these accessories are compatible with commlinks, cyberdecks, and (with GM permission) other electronic devices. All peripheral accessories are wireless, and unless slaved properly, offer a sneaky ingress into a users PAN. Commlinks can have a maximum number of slaves equal to their Data Processing x 3. All other accessories are open connections and can be exploited."
2. Pg. 197 "An RCC can have a number of slaved drones equal to its RatingData Processing x 3.
That seems to be it fro the searches I did on the core book. Data Processing still has uses as it sets device limits and program limits as well as plays into VR initiative. Riggers can still have a good amount of drones attached to there RCC even lower level RCCs can have 9 drones, which I don't feel is a problem since there ASDF is not that great. Commlinks get a boost for those that want to have some devices plugged in 3-9 is better than the original 1-3 and the amount of changes is low. Adding a new classification though elegant can add more confusion especially since that classification will only exists ever on an external document where errata will at least sooner or latter go into the book and even further down the road into a corrected printing.
Wouldn't this be better?
-
Wait RCC's have a different Device limit than commlinks and Cyberdecks?
Wouldn't it be easier to just errata them to all be the same?
you would need only errata the following locations to fix this, Bold is my addition.
1. Pg. 267-268 "Unless otherwise noted, these accessories are compatible with commlinks, cyberdecks, and (with GM permission) other electronic devices. All peripheral accessories are wireless, and unless slaved properly, offer a sneaky ingress into a users PAN. Commlinks can have a maximum number of slaves equal to their Data Processing x 3. All other accessories are open connections and can be exploited."
2. Pg. 197 "An RCC can have a number of slaved drones equal to its RatingData Processing x 3.
That seems to be it fro the searches I did on the core book. Data Processing still has uses as it sets device limits and program limits as well as plays into VR initiative. Riggers can still have a good amount of drones attached to there RCC even lower level RCCs can have 9 drones, which I don't feel is a problem since there ASDF is not that great. Commlinks get a boost for those that want to have some devices plugged in 3-9 is better than the original 1-3 and the amount of changes is low. Adding a new classification though elegant can add more confusion especially since that classification will only exists ever on an external document where errata will at least sooner or latter go into the book and even further down the road into a corrected printing.
Wouldn't this be better?
Yes RCCs are different.. that is one of the things that make them special. Your change takes that away from them ... doesn't really weaken them any but does take away part of their advantage.
You would also still have to run some form of daisy chain to allow a hacker to run defense for a whole team.
Oh, if I get it approved it WILL show up in an a book somewhere
-
RCCs:
- Only mention Drones as slaveable
- Give their slaves more benefits than a commlink does
- Have static DP and FW, instead of an interchangeable DP/FW pair
- Have DP that may not equal their DR, which is why some RCCs cost more than others: DP/FW values differ
So they don't need to be made equal to Commlinks. They're very explicitly different beasts.
-
Control Devuce is essentially a sustained ability, first gain access to the network, then use control device to gain control of the device, then use it with appropriate skill. Should be language in the first part of the action description that says as much.
Just to make sure, I get it right (I might have overread something, because English is not my motherlanguage):
To control a device,
A) I have to gain access first.
B) After that I have to take one major action to take the Control Device action and get sustained control.
C) I can now use the device for anything I have sufficiant access.
1.) But what's the cost for using the device (e. g. opening a Maglock, firing a drone)? Is it another major action?
2.) Is it intended that Control device gives two opposed checks (one for sustained control + one for using the device)?
3.) In the German rules, if there is no test associated with the device you wish to use, it's made with Cracking + Logic (instead of Electronics + Logic). Which one is right?
-
A) I have to gain access first.
If you check the book you will notice that Control Device have an access level of: "User/Admin (can vary with action chosen)"
So yes, you first need to gain access on the device / the network the device is linked to.
B) After that I have to take one major action to take the Control Device action and get sustained control.
C) I can now use the device for anything I have sufficiant access.
It depend on the device.
For devices that have a test associated with them (such as drones and vehicles that have Piloting and Engineering tests associated with them) then, yes, you now have sustained control:
"While you have control, you can use the device as if you were the owner using a standard skill test..."
For other devices that have no test associated with it (such as opening a maglock or sending the elevator down to the lobby) you instead use the Control Device action (which is resolved as an opposed Electronics + Logic vs Willpower + Firewall test) every time you wish to do something with it:
"If there is no test associated with the device you wish to use, use Electronics + Logic vs. Firewall + Willpower. "
what's the cost for using the device (e. g. opening a Maglock, firing a drone)? Is it another major action?
It is resolved in two different ways.
For the maglock you take the Control Device major action (Electronics + Logic vs. Firewall + Willpower) to open it and then the Control Device major action again (Electronics + Logic vs. Firewall + Willpower) to lock it.
For the drone you take a Control Device major action to gain sustained control over the drone, an Attack Major action (Engineering + Logic vs Reaction + Intuition test) to fire it and a Use Skill major action (Piloting + Logic vs Perception + Intuition) to sneak pass a guard with it.
In the German rules, if there is no test associated with the device you wish to use, it's made with Cracking + Logic (instead of Electronics + Logic). Which one is right?
It was listed as an Illegal Electronics + Logic test in core but it got explicitly changed in the first English august errata to a Legal Electronics + Logic test.
This mean that if you are already made it inside the network then you can open up a maglock (without getting the attention of GOD) while if you are on the outside you have to illegally use Spoof Command to instruct the maglock to open itself (which might attract the attention of GOD).
-
Your reply is awesome! Everything put together on point and understandable! Thanks for that! :)