Shadowrun

Shadowrun Play => Rules and such => Topic started by: Stainless Steel Devil Rat on <04-06-18/2049:58>

Title: Talk to me about IC
Post by: Stainless Steel Devil Rat on <04-06-18/2049:58>
So I'd like to think out loud and get some opinions from other perspectives than my own.  Generally: How does IC know what Personae to attack after it's been deployed by the Host?

So from a meta standpoint, "obviously" the IC attacks the Player's hacker because the hacker is the protagonist and the IC is the cyber antagonist and opposing protagonists is what antagonists do.  GM omniscience is enough to direct the IC "NPC" to attack the PC Hacker from the meta perspective.

But in universe, it seems there are some holes in the lore and/or rules.  Something besides GM omniscience has to guide the IC to attack the hacker.  Patrol IC is described as being the first line of cyber defenses.. it performs matrix perception actions to find trouble.  But that's the rub... you can't even get into a host without having a mark on the host, which makes you for security purposes a legitimate user.  And that's a comment from the Patrol IC's own description!  So obviously there's no reason the Patrol IC to be looking at the hacker's persona.  It must be looking at marks on the host, which it can theoretically determine somehow as fraudulent.   There's really no guidance "fluff" or a hard mechanic for determining when the Patrol IC "sees" the Hacker's shenanigans.  It pretty much seems to boil down to the GM's whim.  "Yeah, this is bogging down.  You've been in the host long enough; alarm goes off because the Patrol IC finally sussed you out.  Here comes more IC..."

Now if the hacker fails a sleaze action and a Host mark gets put on his persona, it seems fairly obvious that the system should go on alert and start deploying further IC.  A failed attack action seems it should probably work the same way, although the host and its IC don't have the benefit of having a mark on the hacker's persona.

So let's say a failed attack action is the case.  Or a hacker having successfully erased the Host's mark after a failed sleaze action.  Without a Host's mark on the persona, how does the IC know who to attack in an in-universe sense?  Again the hacker appears to the Host to be a legit user, as his mark is still on the host.  It seems clear that the IC is willing to attack "legitimate" users, as it's mentioned in the Lore more than once.  Can a Host "remember" or designate a persona as a known/suspected problem icon, even if there is no mark upon it, and that's the in-universe basis for GM omniscience guiding the IC to target the PC hacker?
Title: Re: Talk to me about IC
Post by: Marcus on <04-06-18/2253:02>
So as soon as your character takes any illegal action on the matrix they get an Overwatch score. This is mostly likely to first occur when they jump to a corp grid they don't really have access too. As soon they get OS, the clock is ticking, unless there is a TM involved sooner or later they are going to be hunted down and booted out (Convergence). How quickly that occurs is based up on a list of things and I sure we all understand how that works.

But host are different when you enter a host, while your in it, your OS doesn't go away and it keeps climbing, probably accelerating as you do bad things in the host. But it won't converge on you in the host, (See Core 247, Host Convergence), but if your in host when you reach convergence, it does give the host 3 marks on you and begin launching IC, which clearly knows who to attack based upon your OS, and having 3 marks on you will make a lot easier to find you.

Gotta keep in mind the DemiGods will take you out as soon as you step outside that host as well. So you better just log ASAP.

Philosophically it works fine, IC is Intrusion Countermeasure. If the host starts getting monkeyed with then its programmed to start spawning IC.  You did something to start it, and as it connected to GOD your account is flagged as up to no good. It still may not be able to find you cause your so damn sneaky, but it's gonna try.

Title: Re: Talk to me about IC
Post by: Lorebane24 on <04-06-18/2256:15>
This is a little off topic, but I feel like, while a potent deterent, the way demiGODs and GODs work is a little boring?  Does anyone else think it would be more fun to actually stat out corporate demiGODs, at least, and let PCs throw down with them when they're feeling gutsy?
Title: Re: Talk to me about IC
Post by: Stainless Steel Devil Rat on <04-06-18/2301:20>
Quote from: Lorebane24 on <04-06-18/2256:15>
This is a little off topic, but I feel like, while a potent deterent, the way demiGODs and GODs work is a little boring?  Does anyone else think it would be more fun to actually stat out corporate demiGODs, at least, and let PCs throw down with them when they're feeling gutsy?

They are statted in Data Trails.  Their Drones are in Rigger 5, too.
Title: Re: Talk to me about IC
Post by: Marcus on <04-06-18/2346:54>
Given that the current vogue method of hacking is the sleaze stat swap lurker, we really haven't seen a lot in the way decking brawlers that we used to. The Dynasty Warriors method of hacking just isn't loved these days, a real part of that is of course is the deck price limitations.
My last decker build in the creation section, was a cyber combat build, and even I would admit, in terms of actual decking it's still not as effective as lurker builds.

More fun to play in my opinion, but not as potentially effective.
Title: Re: Talk to me about IC
Post by: Stainless Steel Devil Rat on <04-06-18/2349:38>
So barring a failed attack/sleaze action triggering the Host to deploy IC... what sorts of thing would trigger the Patrol IC to sound the alarm?  That's it's reason to be there in the first place after all..
Title: Re: Talk to me about IC
Post by: Lorebane24 on <04-07-18/0003:50>
Honestly, I found the rules  a little vague as well.  I generally just treat blending in in the Matrix like I do blending in in meatspace, and any time they go somewhere they're not supposed to be or do something they're not supposed to do, I do a random check to see if any patrol IC was in that area at the time (with it becoming more likely as they do more shit, effectively creating a trail to follow), and if it was, it starts searching for the perpetrator with matrix perception and shit.  I know it's not RAW, but it's worked well in my games so far.
Title: Re: Talk to me about IC
Post by: Stainless Steel Devil Rat on <04-07-18/0013:15>
You know I'm thinking you're on the right track.  I suspect the way Patrol IC is supposed to work is as a Ticking Clock device.  Its matrix perception checks only serve as theater... the GM hints that time is running out as the Patrol IC is "getting closer" to detecting the hacker, and sounds the alarm whenever the GM decides that time's up/it's time to Push The Envelope.
Title: Re: Talk to me about IC
Post by: firebug on <04-07-18/0556:35>
Quote from: Stainless Steel Devil Rat on <04-06-18/2049:58>
So I'd like to think out loud and get some opinions from other perspectives than my own.  Generally: How does IC know what Personae to attack after it's been deployed by the Host?

So from a meta standpoint, "obviously" the IC attacks the Player's hacker because the hacker is the protagonist and the IC is the cyber antagonist and opposing protagonists is what antagonists do.  GM omniscience is enough to direct the IC "NPC" to attack the PC Hacker from the meta perspective.

But in universe, it seems there are some holes in the lore and/or rules.  Something besides GM omniscience has to guide the IC to attack the hacker.  Patrol IC is described as being the first line of cyber defenses.. it performs matrix perception actions to find trouble.  But that's the rub... you can't even get into a host without having a mark on the host, which makes you for security purposes a legitimate user.  And that's a comment from the Patrol IC's own description!  So obviously there's no reason the Patrol IC to be looking at the hacker's persona.  It must be looking at marks on the host, which it can theoretically determine somehow as fraudulent.   There's really no guidance "fluff" or a hard mechanic for determining when the Patrol IC "sees" the Hacker's shenanigans.  It pretty much seems to boil down to the GM's whim.  "Yeah, this is bogging down.  You've been in the host long enough; alarm goes off because the Patrol IC finally sussed you out.  Here comes more IC..."

You make a very reasonable point, that a Patrol IC has no reason to simply go scan you immediately, as the point of a mark is that it makes you seem like an authentic user.  Luckily, I can answer this part for you and provide sources.

First, a Patrol IC goes around scanning basically everything.  On devices it would probably check for "the marks on an icon, but not their owners" as the number of marks on a device should not change without the Patrol IC being informed (such as scheduled maintenance for a specialist to come in and mark the device to alter its software).  On persona, it would presumably check "the last Matrix action an icon performed, and when".  This could potentially alert the IC to a hacker by finding out they have taken an illegal action (anything with Attack or Sleaze as the limit).  Both of these are options on the chart on page 235 of the core rulebook.  A Patrol IC would also presumably go for "if you are in a host, whether there is an icon running silent" as well.

As for how often they would check the player, in Data Trails on page 86 there is a chart for Patrol IC.  As per that chart, the number of combat turns inbetween the player getting scanned is rolled, modified by how high the host's rating is, ranging from Once Every Combat Turn (Rating 1-2) to once every 3d6 Combat Turns (Rating 11-12).  If the PC is silent, then I'd make these actions the "looking for silent icons" roll that the IC should be doing every so often, and then if the IC has spotted the hacker's icon, then when the time has passed, I would have it make "last matrix action" rolls.

As well, if there's a Security Spider on site, they are able to direct the IC, telling them what actions to take and on whom, meaning a hacker might trick the patrol IC but seem suspicious to the spider, and after a fight breaks out, the hacker needs to fool the spider first.

Quote
Now if the hacker fails a sleaze action and a Host mark gets put on his persona, it seems fairly obvious that the system should go on alert and start deploying further IC.  A failed attack action seems it should probably work the same way, although the host and its IC don't have the benefit of having a mark on the hacker's persona.

So let's say a failed attack action is the case.  Or a hacker having successfully erased the Host's mark after a failed sleaze action.  Without a Host's mark on the persona, how does the IC know who to attack in an in-universe sense?  Again the hacker appears to the Host to be a legit user, as his mark is still on the host.  It seems clear that the IC is willing to attack "legitimate" users, as it's mentioned in the Lore more than once.  Can a Host "remember" or designate a persona as a known/suspected problem icon, even if there is no mark upon it, and that's the in-universe basis for GM omniscience guiding the IC to target the PC hacker?

"Erase Mark" in the case of failing the Sleaze action wouldn't reset the alert; the matrix history of why you were being targeted is still active (the host remembers that it marked you, which is probably logged as the provoking action somewhere) and even though the mark is gone, the alert and attack have not been disabled by anyone, and you haven't even left.

If you left, reset, the host alert was disabled, and then you hacked your way in, the IC would probably not "remember" you.  Your temporary access would probably be seen as a random new account or something similar, or if you were granted a free level 1 mark, the public nature probably means the host does not save that data.

As for a failed attack action, they are not alerted.  Failed attack actions simply cause you damage.  On a successful attack action, they know they are being attacked--  I might cut down the time between the IC rolling against the player to represent a shift of priorities in the Patrol IC.  As well, any Spiders on site will be out for blood, and a security decker might be alerted.

So with this knowledge, hopefully you can see the logic and context the IC work in and see how it's not down to just GM omniscience.
Title: Re: Talk to me about IC
Post by: Stainless Steel Devil Rat on <04-07-18/1124:21>
Thanks firebug!  As usual, I've learned something from your insight.  I had glossed over the actions on the matrix perception table, and indeed the answer was right there the whole time!  Indeed I also caught for the first time that the list of things you can learn from a matrix perception hit (pg 235) is explicitly descriptive rather than proscriptive.  Very wide open, indeed.

Ok so I don't have any thematic problems with how IC knows to home in on a hacker's icon when the host has no marks on that hacker.  You've also convinced me to turn on my ear on the topic of fail vs succeed on Attack actions.

Patrol IC is still a bit iffy for me though, at least when it comes to NOT running silent inside the host.  I had been viewing the rules dynamic of once you've got your mark on the host, you're legit in the eyes of IC and there's no reason to take the -2 dice for running silent unless there's spiders present.  So in light of being able to see what your last action was on a matrix perception test, maybe there is indeed reason to be running silent inside a host.  At least you get a chance to oppose the perception roll that way, in exchange for being "inherently suspicious".  While you can potentially avoid being perceived, once the Patrol IC has a single hit on its own host (which you can't control) it'll learn that someone is running silent, and that's bad for you as the gig is halfway up.  I like this dynamic as it's basically the matrix equivalent of sneaking around a corp facility wearing a chameleon suit: yeah you're harder to see, but you eventually WILL be seen and man when that happens there's no explaining your intentions away as harmless.

If you're not running silent, I suppose if the GM wants to preserve some agency for the player rather than just arbitrarily telling the player "Patrol IC sounds the alarm" after X turns, the GM could/should tell the player that the Patrol IC's attention is coming over your way and you're about to be scanned again at the end of this round/beginning of next round.  That gives the player the opportunity to perform an innocuous matrix action inside the host so as to remain looking innocuous, or to decide whether pressures in the physical world are more important than preserving the quiet inside the matrix world and to keep hacking despite the IC's impending scan.

I'm pretty happy with my synthesis of how Patrol IC works.  There's pros and cons to running silent or not silent as each strategy has advantages over the other.
Title: Re: Talk to me about IC
Post by: firebug on <04-08-18/0634:04>
Quote from: Stainless Steel Devil Rat on <04-07-18/1124:21>
If you're not running silent, I suppose if the GM wants to preserve some agency for the player rather than just arbitrarily telling the player "Patrol IC sounds the alarm" after X turns, the GM could/should tell the player that the Patrol IC's attention is coming over your way and you're about to be scanned again at the end of this round/beginning of next round.  That gives the player the opportunity to perform an innocuous matrix action inside the host so as to remain looking innocuous, or to decide whether pressures in the physical world are more important than preserving the quiet inside the matrix world and to keep hacking despite the IC's impending scan.

I would probably let the PC use the chart in Data Trails to have an idea of how long they have in-game.  As IC (and anyone on a host) don't have to specifically walk around and can basically just pop over to whatever they want to see depending on the host.  So basically, I wouldn't give the PC the information of "the IC is starting to get closer" as much as I'd say "you know it's 1d6+2 combat turns until it checks again, so try to play around that with the knowledge that everything after three combat turns is getting lucky and taking a risk".  Basically, if the character knows the host's rating, he can have an idea of how long the interval between checks could be.  That's how I'd GM it.

My opinion on the "silent or not-silent" strategy is that if you know you have multiple combat turns between being scanned, going non-silent is easy.  Just do a basic Matrix Perception test before you get scanned and take your time with the handful of actions you can safely take.  However, this only applies while doing Sleaze actions.

The moment you do an Attack action, you need to be Silent, as if you're not, the Spider and IC may begin to immediately analyze you to find out if you did it.  At that point, running silent is basically your timer before shit hits the fan.  It's the yellow streetlight of hacking, if you catch my meaning.
Title: Re: Talk to me about IC
Post by: Senko on <04-11-18/0115:20>
Personally I always tend to view the automated IC as a low level agent program so its running quietly in the background checking everything is going well. Picture a cop constantly stopping the hacker and asking to see their papers "marks" if they're in the wrong place, doing the wrong thing those wont matter and the alarm gets tripped. If they're where they meant to be and doing what they're meant to be they're still operating with a forged passport and each time it gets checked the IC has a chance to notice the discrepancies.

Theres's also some short stories that seem to indicate there's also a certain degree of environmental effects to consider as well i.e. you alter what your in. However those get confusing.
Title: Re: Talk to me about IC
Post by: Xenon on <04-17-18/1454:36>
Quote from: Stainless Steel Devil Rat on <04-06-18/2049:58>
it performs matrix perception actions to find trouble.

One of the things it can find out with a Matrix Perception test is: "The last Matrix action an icon performed, and when". If the last action was an illegal matrix action then.....

Quote from: Stainless Steel Devil Rat on <04-06-18/2049:58>
how does the IC know who to attack in an in-universe sense? 

Patrol IC is trying to spot the icon that attack the host. If the icon is not running silent then the icon will be spotted automatically. If not then it is resolved as an opposed Matrix Perception test.

Quote from: firebug on <04-07-18/0556:35>
First, a Patrol IC goes around scanning basically everything.  On devices it would probably check for...

I don't think IC can interact with Device Icons out on the grid, even if they happen to be slaved to the Host...
Title: Re: Talk to me about IC
Post by: firebug on <04-17-18/1802:19>
Quote from: Xenon on <04-17-18/1454:36>
I don't think IC can interact with Device Icons out on the grid, even if they happen to be slaved to the Host...

If the IC can't interact with those device icons, how do you do any hacking of icons slaved to the host while inside the host?  One of the points of hacking into a host in the first place is for the Direct Connection to all the devices in the WAN.

I'm absolutely certain a device slaved to a host may have its icon accessed from inside the host.  In fact, it's the only way, as when you’re outside of a host you can’t interact directly with icons inside it.  That's part of why hosts actually do make things more secure.

However...  It's possible I'm wrong, and that it's possible for a device to be slaved to a host without the icon being in the host.  If someone can show me where the book says I'm right or wrong (before I find it), then I appreciate it.  If not, then I'll bring this to the errata team.
Title: Re: Talk to me about IC
Post by: Xenon on <04-17-18/2313:59>
Quote from: firebug on <04-17-18/1802:19>
If the IC can't interact with those device icons

Maybe it can. I just have not read anything to support that it is something that IC normally do.

Quote from: firebug on <04-17-18/1802:19>
However...  It's possible I'm wrong, and that it's possible for a device to be slaved to a host without the icon being in the host.  If someone can show me where the book says I'm right or wrong (before I find it), then I appreciate it.  If not, then I'll bring this to the errata team.

If you attack a slaved device out on the grid it get to defend with master ratings, but there is nothing really to stop you from attacking it out on the Grid (except GOD). You can also always spot it out on the Grid no matter how far away you are (but noise might become an issue). You don't have to enter the host. And you can't be attacked by IC when messing around with the device no matter if it is not slaved, part of a PAN or part of a WAN - unless you happen to do it from within a the Host it is slaved to.

You can avoid fighting master ratings by establishing a direct connection. Either by physically connecting to the device or by being inside the Host it is slaved to. This will cut down the distance to 0 meters. But the icon will still be out on a Grid, never inside the Host.

We had a very good discussion about this when I was active on this forum back in '14 or '15.
Title: Re: Talk to me about IC
Post by: firebug on <04-18-18/0849:33>
It's a shame I don't remember it, then...  I do think that's how I've been doing things, but now I'm not sure that's actually explained anywhere in the books.
Title: Re: Talk to me about IC
Post by: Xenon on <04-22-18/0428:07>
https://forums.shadowruntabletop.com/index.php?topic=11514.msg243927#msg243927



Also this:

p. 233 GRIDS. Grids on a Run
All the devices and people in a Shiawase facility will be using the Shiawase global grid
(All devices will be on the Grid. No devices will be inside the Shiawase facility host. Some devices will be slaved to the Shiawase facility host for better protection but they will still be out on the grid - in this case the Shiawase global grid. if you enter the Shiawase facility host you will have a direct connection to all devices out on the Shiawase grid that are slaved to the Shiawase facility host).
Title: Re: Talk to me about IC
Post by: Marcus on <05-31-18/1802:18>
Are you implying that a PAN constitutes a host for the purposes of attack devices slaved to said PAN?
Title: Re: Talk to me about IC
Post by: Xenon on <05-31-18/1929:58>
Not sure I understand your question.


A wireless enabled physical device will have a corresponding matrix icon. An icon that you can see and interact with out on the grid.

The owner of a wireless enabled device can choose to slave it to his commlink, cyberdeck or RCC (be part of a personal area network, or PAN for short). The device will still have an icon of its own out on the grid. You don't need to first hack or "enter" the master device before you can hack the device. In this edition the master device does not act like a router or server for the slaved device. You still interact with the device icon directly. However, the slaved device now does get to use the firewall rating of the master device when defending itself against matrix attacks (if the firewall of the master is higher than its original firewall rating) and if an attacker get a mark on the slaved device he will also get a mark on the master device. A decker that directly connect to the device (for example via cable between the device and his cyberdeck) can hack the device out on the grid without fighting the firewall of the master device (and without worrying about noise or grid penalties). You do not get a direct connection to devices in a PAN by having marks on the master device in the PAN.

The owner of a wireless enabled device can instead choose to slave it to a host he own (be part of a wide area network, or WAN for short). The device will still have an icon of its own out on the grid, a device icon can not be be inside a host (only icons in a host will be personas -such as deckers, spiders, agents and IC- and files). You don't need to first hack or "enter" the host before you can hack the device. In this edition the host does not act like a router or server for the slaved device. You still interact with the device icon directly. The slaved device now get to use the firewall rating of the host when defending against matrix attacks out on the grid and if an attacker get a mark on the slaved device he will also get a mark on the host.

While inside a host you can normally not interact with icons (such as devices or files or personas) out on the grid, but while you are inside the host you will actually be considered directly connected to any device out on the grid that is slaved to the host. This mean that a hacker inside a host can hack devices out on the grid that are slaved to the host, and without fighting the firewall of the host (and without worrying about noise or grid penalties).


It might be easier to think of SR5 devices as real life blue tooth devices, but instead of just 10m range... the blue tooth of SR5 will have unlimited range. To gain access to a jambox paired to an iphone you don't have to first hack the iphone. You can hack the jambox directly. In SR5 it is harder to hack a jambox that is already paired with an iphone, but if you manage to hack the jambox then you get to exploit the pairing to get a backdoor access into the iphone that the jambox is already paired with.

Also, if you directly connect your hacking device to the jambox with a cable then it will be easier to hack it since it can't borrow processing power from the firewall of the iphone, but you can still exploit the backdoor into the iphone the jambox is paired to.

In earlier editions the matrix acted more like a real life home network where you first had to hack and enter a top node router or server before you could gain access to the devices on the network. Doesn't work that way in SR5. You interact with devices directly.
Title: Re: Talk to me about IC
Post by: Marcus on <05-31-18/2018:09>
Yes I follow and understand all that, but going into PAN and having IC attack an icon/device inside said PAN didn't make sense to me.
Title: Re: Talk to me about IC
Post by: PingGuy on <08-27-18/1317:22>
Quote from: Xenon on <04-22-18/0428:07>
p. 233 GRIDS. Grids on a Run
All the devices and people in a Shiawase facility will be using the Shiawase global grid
(All devices will be on the Grid. No devices will be inside the Shiawase facility host. Some devices will be slaved to the Shiawase facility host for better protection but they will still be out on the grid - in this case the Shiawase global grid. if you enter the Shiawase facility host you will have a direct connection to all devices out on the Shiawase grid that are slaved to the Shiawase facility host).

I won't argue with RAW of course, but I do see an issue with how this tightly written explanation affects other situations.  Say I have a host, with a device hard-wired to it, and that device does not have wireless.  Where does that icon appear?  By RAW it would still appear outside of the host, but it seems like the host would be the one putting it there as the Matrix has no way to know where this device is, other than what the host tells it.

And of course these situations would be rare, as wired-security is supposed to be, but they should still be expected, and the Matrix should handle them in a way that makes sense.  If directly wiring something doesn't actually provide any benefit then nobody would do it, and the book does at least say that people do it.

Is there anything in any of the books that says device icons can't (as opposed to don't) show up inside a host?  I'm guessing it isn't covered because of the wireless assumption, but without that it's suddenly a question without an answer.

IMO, among the mega's this would never be an issue.  But for a low end host, with an owner who is tight on nuyen, using obfuscation and layering security would make sense.  Sure, the new Matrix could have been designed not to care about that, and the mega's won't care if it affects those with less nuyen, but it seems like people would find a way to make it work.
Title: Re: Talk to me about IC
Post by: Finstersang on <08-28-18/0855:49>
Slightly OT, but I think itīs pity that that there is no "Passive IC" - which was a thing in 3rd Edition - in 5th Edition. All current IC, even Patrol, has its own Initiative track and basically behaves like an NPC. In play, this means more rolls, more bookkeeping, lenghty Matrix Combat session that usually annoy both the Decker and the non-Matrix players and, as you pointed out, a lot of judgement calls by the GM on how the IC recognizes and prioritizes threats. Most of the time, Decker at my tables just logged out and said "fuck it" once IC was alerted - and not just because of the danger to get fried, but because they didnīt want to draw the scene out.

Now imagine if we (and our fictional security Spiders) had a different type of IC in our toolbox, that has the same limitations as the existing "active" IC, but instead of acting like a NPC, it doesnīt have an Iniative track and imposes some kind of passive, (or conditional/periodic) effects to deter hackers instead - basically, the Matrix equivalent of auxilary Security Systems instead of armed Guards. Some Effects my include:


Additionally, a blacklist and/or whitelist inside of the Host may be used to control which user is subjected to which effects. This might also be used to determine target priorization for active IC, to get finally get back on topic again. ;)
Title: Re: Talk to me about IC
Post by: Iron Serpent Prince on <08-28-18/1317:58>
Finstersang, I'm going to hazard a guess that you never really play Deckers.  Either that, or you only did so under GMs that take it easy on Deckers.  Unless Kill Code has some tasty tidbits that fix the issues, how many other Archetypes can proclaim proudly they have to potential to end their entire careers - if not lives - not to mention risk the safety of their entire team with one failed roll?  ;)

I won't go into my entire rant about Deckers, but the tip of the iceberg is:

Let me just say that IC is the one of the least of the Deckers worries.
Title: Re: Talk to me about IC
Post by: Finstersang on <08-28-18/1736:52>
Iīm usually the GM, and thatīs also the main perspective Iīm posting from. Iīm quite aware of the fact that the Matrix rules (not counting in Kill Code and some upcoming errata pieces) are in a bad place right now, as well as 5th Editions balancing between Man, Magic and Machine/Matrix in general. As you might also tell from my current signature  ;D There are countless threads where people vent over these issues, and rightfully so. Iīm often one of them, salty little me. But I donīt want every thread about Matrix issues to turn into the same circlejerk about how bad Deckers and TMs are and how bad the odds are stacked against them while the Summoner can basically solo the whole mission with a Level 12 Cheese Spirit right out of chargen. Itīs true. I know. Luckily, I have control over my own houserules  8)

As a GM, I can always adjust the difficulty for Hackers once Iīm aware of the balancing problems. Ditching the ridiculous suggestions for Host Ratings in the Core Rulebook is a good start. But with all the nested dice rolls, the bonus ruleset and the fact that teams rarely have more than one Matrix specialist, I have also to deal with a pacing problem - I have to do my best to avoid a situation where the run is interrupted too much by a solo hacker minigame. And one problem here - not the biggest, but a problem nonetheless - is the fact that host security is done by active entities with their own initiative tracks (and IC are actually the least complicated of them!). Thus, I advocate for the return of "Passive IC" because I think GMs need less intrusive challenges for Matrix runs.

Pacing is also the reason why Iīm advocating for:
Title: Re: Talk to me about IC
Post by: Beta on <08-30-18/1144:26>
Reading and re-reading this thread, something finally hammered its way through my thick skull (firewall I may have; data processing apparently not so much).  At least, based on what I'm reading, it seems to me that:

When you are hacking a camera or a lock slaved to a host, you don't have to worry about ICE


There may be times when you want to go into the host (such as when it's firewall is high enough that you want to edge one roll to get a mark on it, go into the host, then use the direct connect to only go versus the device rating of each slaved device that you want to hack).

Am I correct in this?  And if I am, what can be done about it, from the host/security point of view?  Send a spider out onto the grid to .... do what I'm not too sure.  But otherwise I don't see an option for _actively_ defending devices.
Title: Re: Talk to me about IC
Post by: Stainless Steel Devil Rat on <08-30-18/1159:13>
Quote from: Beta on <08-30-18/1144:26>
Reading and re-reading this thread, something finally hammered its way through my thick skull (firewall I may have; data processing apparently not so much).  At least, based on what I'm reading, it seems to me that:

When you are hacking a camera or a lock slaved to a host, you don't have to worry about ICE

  • The device is on the grid, so you don't have to go into the host
  • IC only runs inside a host

There may be times when you want to go into the host (such as when it's firewall is high enough that you want to edge one roll to get a mark on it, go into the host, then use the direct connect to only go versus the device rating of each slaved device that you want to hack).

Am I correct in this?  And if I am, what can be done about it, from the host/security point of view?  Send a spider out onto the grid to .... do what I'm not too sure.  But otherwise I don't see an option for _actively_ defending devices.

The way I understand it a device slaved to a host won't simultaneously be out on the grid.  Because it's "in" the host, even if it's significantly geographically removed from wherever the physical computer serving as the host is located.
Title: Re: Talk to me about IC
Post by: PingGuy on <08-30-18/1217:13>
Quote from: Stainless Steel Devil Rat on <08-30-18/1159:13>
The way I understand it a device slaved to a host won't simultaneously be out on the grid.  Because it's "in" the host, even if it's significantly geographically removed from wherever the physical computer serving as the host is located.

That seems to conflict with this:

Quote from: Xenon on <04-22-18/0428:07>
p. 233 GRIDS. Grids on a Run
All the devices and people in a Shiawase facility will be using the Shiawase global grid
(All devices will be on the Grid. No devices will be inside the Shiawase facility host. Some devices will be slaved to the Shiawase facility host for better protection but they will still be out on the grid - in this case the Shiawase global grid. if you enter the Shiawase facility host you will have a direct connection to all devices out on the Shiawase grid that are slaved to the Shiawase facility host).

Which is what I posted about further up the thread.  It's very clearly stated, but I don't think it makes logical sense.

For my campaign, which starts tomorrow, I'm going to go by the RAW for the most part.  Anything that is slaved to a host via wireless will follow this convention.  But for anything using wired security, with wireless disabled, I will show the device inside the host.  That won't happen often, but I feel like it needs to be an option.
Title: Re: Talk to me about IC
Post by: Finstersang on <08-30-18/1353:24>
Ah, this one is confusing many players:

A device can not not inside a Host, but it may be slaved to it. A slaved Device (letīs say, a camera) can then use the High Matrix Attributes of the host to defend against hacking. The Icon of the device is outside of the Host, out on the Grid. You can hack it without having to go inside the host. In many situations, this might be the smarter choice: You donīt need a Mark on the Host and you donīt need to worry about IC.

However, when you go inside the Host, you can still affect the devices that are slaved to it, because everyone inside the Host is treated as having a direct connection to it. Sadly, still no explanation on how this looks like in the Matrix iconography. Are there some kind of "windows" in the host ??? However, a direct connection means that the device is acessible from inside the host as well. This also means that the Device doesnīt benefit from being slaved to the Host and will defend only with its own attributes against your attacks.

This means there are multiple ways to proceed here:


Quote from: PingGuy on <08-30-18/1217:13>
For my campaign, which starts tomorrow, I'm going to go by the RAW for the most part.  Anything that is slaved to a host via wireless will follow this convention.  But for anything using wired security, with wireless disabled, I will show the device inside the host.  That won't happen often, but I feel like it needs to be an option.

In short: Wireless Devices (i.e. their icons) can be accessed both from inside and outside the host they are slaved to. The concept of "wired" hosts hasnīt really been explained very well in the rules until Kill Code , which dropped this very day. Iīm currently sifting through it. From what I understand, itīs now officially possible to have:

[li]"Local Hosts", which may or may not be accessed from the Matrix and have some kind of physical backbone that you can attach wireless-disabled devices to. In this case you would be forced to enter the host to hack the slaved devices. Iīm not entirely sure on that one, but it would make sense.
[/li][/list]

Not that many tables already assumed these kind of security architectures exist  ;D
However, according to Kill Code, these are rare, because the suits prefer universal accessability and put too much trust into GOD, most likely while the IT guys are grinding their teeth in frustration. Just like in real life  ::)
Title: Re: Talk to me about IC
Post by: Finstersang on <08-30-18/1623:09>
Quote from: Finstersang on <08-30-18/1353:24>
  • "Local Hosts", which may or may not be accessed from the Matrix and have some kind of physical backbone that you can attach wireless-disabled devices to. In this case you would be forced to enter the host to hack the slaved devices. Iīm not entirely sure on that one, but it would make sense.

Nevermind, I misread something *Sigh*.

Instead, we now have so called Industry Hosts (Kill Code, p. 44). They work differently: As it seems, the devices slaved to these hosts are still out on the grid, but are not treated as if they are directly connected to anyone inside the host (Yet, they are also somehow "within" the host?). Anyway, they still profit from the Master-Slave protection against attacks from inside the host. Which would mean that thereīs no point to enter it except data extraction ???

Not sure if Iīm missing something here. Maybe this type of host is supposed to actually have slaved devices "inside" of it instead of having them out on the grid. However itīs not explicitly stated that Industry Hosts, in contrast to other hosts, are able to do so. Itīs implied at best, because everything else would be a massive design fail  ::)

(The other new host types are actually well thought out and properly described, though)   
Title: Re: Talk to me about IC
Post by: PingGuy on <09-04-18/1511:31>
Quote from: PingGuy on <08-27-18/1317:22>
Quote from: Xenon on <04-22-18/0428:07>
p. 233 GRIDS. Grids on a Run
All the devices and people in a Shiawase facility will be using the Shiawase global grid
(All devices will be on the Grid. No devices will be inside the Shiawase facility host. Some devices will be slaved to the Shiawase facility host for better protection but they will still be out on the grid - in this case the Shiawase global grid. if you enter the Shiawase facility host you will have a direct connection to all devices out on the Shiawase grid that are slaved to the Shiawase facility host).

I won't argue with RAW of course, but I do see an issue with how this tightly written explanation affects other situations.  Say I have a host, with a device hard-wired to it, and that device does not have wireless.  Where does that icon appear?  By RAW it would still appear outside of the host, but it seems like the host would be the one putting it there as the Matrix has no way to know where this device is, other than what the host tells it.

And of course these situations would be rare, as wired-security is supposed to be, but they should still be expected, and the Matrix should handle them in a way that makes sense.  If directly wiring something doesn't actually provide any benefit then nobody would do it, and the book does at least say that people do it.

Is there anything in any of the books that says device icons can't (as opposed to don't) show up inside a host?  I'm guessing it isn't covered because of the wireless assumption, but without that it's suddenly a question without an answer.

IMO, among the mega's this would never be an issue.  But for a low end host, with an owner who is tight on nuyen, using obfuscation and layering security would make sense.  Sure, the new Matrix could have been designed not to care about that, and the mega's won't care if it affects those with less nuyen, but it seems like people would find a way to make it work.

I'm going to counter-point my own post.  I still believe it should be possible to have devices show up inside a host.  But after running a session where I did just that, I now understand why that shouldn't be the norm.  Quite simply, the attention you get for touching a device inside a host is much greater than what you get for touching one outside of a host.

For example, I had a few devices inside a host to catch the attention of the TM that was there performing a data steal.  They were mainly there for him to screw with if he had some time to kill after getting the data.  Due to the risk of being found by patrol IC and getting attacked, he didn't stick around long.  He did view the camera device just to see what it was looking at, but that was about the extent of it.

Now, if I would have put these devices outside the host as they would normally be, he could mess with them until his overwatch score gave him a problem.  So if he needed to do longer term monitoring of the cameras he could hack a mark, control device and sit on it until convergence was closing in.  The IC wouldn't be an issue, but maybe the spider would.

Now in this case, none of these devices would be in use if they showed up outside the host, the whole point was to hide their existence.  So it was the right call at the time, but I would have designed this run a little differently if I had realized the nuances of the placement I was arguing for.  Lesson learned.