Shadowrun Play > Rules and such
Commlinks and Personas
Xenon:
--- Quote from: Odsh on ---It should be trivial to link a SIN with a persona and this link would make crime fighting so much easier.
--- End quote ---
I see SIN as the equivalent of having a green card. Proof that you are a legit citizen.
And I see matrix persona as the equivalent of your combined steam+facebook+microsoft+google account. Your internet identity.
You have persons who lives in a country without having official permission to live there using the internet in 2022.
You have SINless people using the matrix in 2082.
Same thing really.
--- Quote from: Odsh on ---Your persona has certain access rights in the matrix (ownership, whatever). They are either granted to you in a way that the matrix likes and will remember in between reboots. Or they are forged in a way that the matrix doesn't like and will forget after a reboot.
--- End quote ---
This is perhaps not so different from how authentication (and authorization) worked back in 2022.
When you accessed a resource, web page, etc (or accessing the matrix) you typically showed your credentials to a third party token provider. A federation gateway of sorts that both the client and the server was trusting (such as keycloak). You are given a token. Instead of providing your credentials every time you click on a link you instead use and reuse the same token for all API calls you make (think single sign on). On the server side they never really saw your username and password. They just saw your token. And they asked the federation gateway if the token was legit or not. They could track all the calls you do with this token, but once you log out (or the token expire) and again wanted to access (when you reboot your matrix persona) you would again have to show your credentials - and even though you were still using the same internet user (matrix persona), the token you would receive the second time would be a different token than the last time you accessed the same resource.
I am not suggesting that the matrix is using OAuth2.0, but it could perhaps serve as en example to better understand why it is not completely impossible that you would start out fresh each time you access the matrix.
Odsh:
That analogy is a bit far fetched if I may.
The token in the OAuth flow is a way to grant authorization to a third party app without communicating your login/password. It doesn't mean there is no way to link suspect activity tied to that token with the corresponding resource owner.
Xenon:
Overwatch score could be seen as the abstraction of the act of keeping track of suspect activity tied to that specific "token" or the current "signature" that was generated for the persona last time it accessed the matrix. Once OS reach 40 GOD have gathered enough suspicious activity revolving this specific "signature" that it converge on it. From this point this "signature" is "burned" and "monitored" and you can never execute matrix actions using this token. But if the client (the persona, the internet account - the equivalent of the combination of username and password) go offline or reboots before this then the link to this specific "signature" is broken. If the persona access the matrix again then it will do so with a new fresh "signature" that is not linked to any suspect stuff. The resource owner (the host or PAN) is never really directly aware of which specific internet user (username, password, email, phone number, etc) that was performing the hack. Only the specific temporary 3rd party generated signature it had while it was still online.
Yes of course I understand that the analogy is not perfect (and also there is no talk about tokens at all in Shadowrun, nobody will use web tokens 50 years from now), but I still think it should be good enough for you to get an an idea of how it is perhaps not impossible how a persona could be considered white as snow after each reboot as the mechanics seem to dictate.
If you have a better analogy then feel free to use (and perhaps share?) that instead.
Stainless Steel Devil Rat:
--- Quote from: Odsh on ---A SIN in itself is just 12 alpha-numeric characters that hold information like name, birthdate, birthplace, gender and metatype. Sharing a SIN doesn't share biometric data, in fact nearly everyone does so through the Global SIN Registry.
--- End quote ---
I'm not going to argue about whether that was NEVER accurate, but it was not accurate as of 5e at least. Legit SINs (and good/high ranking Fake SINs) in 5e and 6e absolutely include biometric data.
--- Quote ---
I'll try my best to amp up my suspension of disbelief to max.
In summary:
* An individual's persona is unique
* You can't change your persona
* Nobody fully controls or understand the matrix. Suffice to say that it allows certain interactions and will fight any non-conformant activity like an immune system reacting to an interloper.
* The matrix is able to link non-conformant matrix activities with your persona. But only so until you reboot.
* Your persona has certain access rights in the matrix (ownership, whatever). They are either granted to you in a way that the matrix likes and will remember in between reboots. Or they are forged in a way that the matrix doesn't like and will forget after a reboot.
* Apart from the cases mentioned above, nobody and nothing is able to persist any data related to a persona that would allow them to identify that persona in the future
Do I miss something?
--- End quote ---
Yes, that's at least 95% what I believe is accurate. The quibbles are:
on point 2, you can change the outward appearances of your persona, but it can only possibly trick people who aren't bothering to do any sort of verification. If I, persona SSDR were to impersonate persona Odsh for the purposes of making persona Xenon think you said whatever I tell them, the way that'd be handled via the rules is by hacking the target I mean to deceive, not the target I mean to impersonate. So I'd hack Xenon to think Xenon is talking to Odsh, rather than hacking Odsh to steal whatever technobabble makes Odsh Odsh.
Exactly the same concept for "using" an employee's work credentials to trick the work host into thinking the employee is entering the host. If I change my persona to 0dsh it might trick Xenon into thinking I'm Odsh if he's not paying close attention, but that sort of fuckery won't work on automated systems like a host. The host has to be hacked, not a persona.
on point 6, that's completely inaccurate due to how it was semantically presented. What would be accurate is to say that "Apart from the cases mentioned above, nobody and nothing is able to persist any data related to a persona that would allow them to correlate that persona with its real world user." Even then, what is truly *possible* isn't necessarily known. Maybe someone can, but if so they're not talking. But what's important is Big Brother can put together a dossier on personas SSDR and Odsh, and where the authorities are willing to share data perhaps even put case files together tracking our various matrix hacks, even when we change up the outward presentations of our personas (see point 2), but unless we literally leave our real world deets behind somehow, these dossiers on persona activity won't tie back to a real life user. Maybe a spider or tracker IC learn we often hack from a given real world address. Maybe that means we live there, but it could also mean we simply habitually go there to hack... contextually it could link to a real life identity but not directly. Likewise providing a SIN during an online purchase is certainly a juicy hint, should Big Brother find that, but technically it doesn't mean that's the persona's SIN. maybe they're buying for someone else... but certainly it's a hint you could be, or at least know, that real life person. Using fake SINs for online purchases may well be nearly as common as using VPNs in the real world, simply for the actual anonymity it affords, even to legal citizens.
Odsh:
--- Quote from: Stainless Steel Devil Rat on ---but unless we literally leave our real world deets behind somehow, these dossiers on persona activity won't tie back to a real life user
--- End quote ---
I really don't mean to come out as being stubborn.
If I was a corp, the first thing I'd do is to force anyone to leave real these world deeds behind.
"You want a SIN? Sure, please log into the matrix through that terminal while we collect some biometric data."
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version