NEWS

[SR6] Hacking devices within PANs / Hosts -> one or two hacks?

  • 65 Replies
  • 7159 Views

Banshee

  • *
  • Catalyst Demo Team
  • Ace Runner
  • ***
  • Posts: 1055
« Reply #45 on: <04-07-20/1717:01> »
Little side question about Spoof Command:

I was always under the impression that to successfully spoof a command from a credible source, the hacker also has to know that source. Is this correct?

For context: In 5th Edition, the hacker even needed to hack that "credible source" for a Mark - thankfully, that extra delay is now gone. But it would still make sense if the hacker first have to find (or at least successfully guess) a user with the right credentials. Of course, in most cases, that user should be obvious enough for the hacker to not need waste extra actions - f.i., if is a Smartgun, the bloke holding it very likely to be its accepted user. However, zhat may be not so clear if the "credible source" is hiding in the Matrix or if there is no obvious source around the device in question.

(For additional clarity: Iīm assuming that a"credible source" does not automatically have to be part of the PAN as well, and sometimes not even a persona. F.i., a Trideo Projector in a corporate conference room - which might be slaved to the local WAN - could also accept orders from a remote control/"presenter")

Any "required credentials" can be assumed included as part of the action. The primary change and subsequent use of spoof command is that is only a single command for one single action anything more complex requires control device.
Robert "Banshee" Volbrecht
Freelancer & FAQ Committee member
Former RPG Lead Agent
Catalyst Demo Team

Xenon

  • *
  • Prime Runner
  • *****
  • Posts: 6364
« Reply #46 on: <04-07-20/1802:09> »
hacked access is NEVER owner access so if you had to hack it to use it then Control Device is what you should be using.
If there is no test associated with the device you wish to use (for example opening a maglock or controlling an elevator) then you resolve it with Electronics + Logic vs. Firewall + Willpower. This part is clear.

But if there is a test associated with the device you wish to use (for example firing mounted weapons of a drone) then how would I resolve that (as it sound as if your intention is not that you simply take an Engineering + Logic vs Reaction + Intuition test after you already gained sufficient access level over the drone / the network the drone is part of).


Spoof is (DP or Pilot)+Firewall ... Firewall is always a factor
Spoof Command is using the notation "Data Processing or Pilot + Firewall" rather than "Data Processing + Firewall or Pilot + Firewall" (which is the notation that all other matrix actions are using!).

For example:

Erase Matrix Signature: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Format Device: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Jack out: "Charisma + Data Processing or Attack + Data Processing" (not "Charisma or Attack + Data Processing")
Jump into rigged device: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Probe: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Snoop: "Logic + Firewall or Data Processing + Firewall" (not "Logic or Data Processing + Firewall")
Edit File: "Intuition + Firewall or Firewall + Sleaze" (not "Intuition or Sleaze + Firewall")
Trace Icon: "Willpower + Sleaze or Firewall + Sleaze" (not "Willpower or Sleaze + Firewall")

Subject for errata...?

Banshee

  • *
  • Catalyst Demo Team
  • Ace Runner
  • ***
  • Posts: 1055
« Reply #47 on: <04-07-20/1812:44> »
hacked access is NEVER owner access so if you had to hack it to use it then Control Device is what you should be using.
If there is no test associated with the device you wish to use (for example opening a maglock or controlling an elevator) then you resolve it with Electronics + Logic vs. Firewall + Willpower. This part is clear.

But if there is a test associated with the device you wish to use (for example firing mounted weapons of a drone) then how would I resolve that (as it sound as if your intention is not that you simply take an Engineering + Logic vs Reaction + Intuition test after you already gained sufficient access level over the drone / the network the drone is part of).


Spoof is (DP or Pilot)+Firewall ... Firewall is always a factor
Spoof Command is using the notation "Data Processing or Pilot + Firewall" rather than "Data Processing + Firewall or Pilot + Firewall" (which is the notation that all other matrix actions are using!).

For example:

Erase Matrix Signature: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Format Device: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Jack out: "Charisma + Data Processing or Attack + Data Processing" (not "Charisma or Attack + Data Processing")
Jump into rigged device: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Probe: "Willpower + Firewall or Firewall x 2" (not "Willpower or Firewall + Firewall")
Snoop: "Logic + Firewall or Data Processing + Firewall" (not "Logic or Data Processing + Firewall")
Edit File: "Intuition + Firewall or Firewall + Sleaze" (not "Intuition or Sleaze + Firewall")
Trace Icon: "Willpower + Sleaze or Firewall + Sleaze" (not "Willpower or Sleaze + Firewall")

Subject for errata...?

Control Devuce is essentially a sustained ability, first gain access to the network, then use control device to gain control of the device, then use it with appropriate skill. Should be language in the first part of the action description that says as much.

Spoof command should technically have 3 dice pool options following that format. I put pilot in there for drones because they don't have Data Processing
Robert "Banshee" Volbrecht
Freelancer & FAQ Committee member
Former RPG Lead Agent
Catalyst Demo Team

Xenon

  • *
  • Prime Runner
  • *****
  • Posts: 6364
« Reply #48 on: <04-07-20/1830:56> »
first gain access to the network, then use control device to gain control of the device, then use it with appropriate skill.
Thanks!


Spoof command should technically have 3 dice pool options following that format.
  • Data Processing + Firewall
  • Pilot + Firewall
  • ?

Banshee

  • *
  • Catalyst Demo Team
  • Ace Runner
  • ***
  • Posts: 1055
« Reply #49 on: <04-07-20/1838:47> »
first gain access to the network, then use control device to gain control of the device, then use it with appropriate skill.
Thanks!


Spoof command should technically have 3 dice pool options following that format.
  • Data Processing + Firewall
  • Pilot + Firewall
  • ?

Spoof ... your right nevermind. I had to go back and check my notes and compare to what got printed.
So yeah .. that one slipped through format editing
Robert "Banshee" Volbrecht
Freelancer & FAQ Committee member
Former RPG Lead Agent
Catalyst Demo Team

jtkirk22

  • *
  • Newb
  • *
  • Posts: 33
« Reply #50 on: <04-08-20/0233:15> »
IF you wanted to house rule something that worked as I originally designed the new matrix system. Then add device rating to all commlink firewalls, ignore device limits, and allow all devices to have firewalls equal to their rating.
Would you also allow all devices to have not only firewalls, but also data processing equal to their device rating? (like suggested in the German Core Rules, p. 245)? Or only Firewall?

For some opposed checks that would mean a huge increase of dices for the defending device.
« Last Edit: <04-08-20/0236:15> by jtkirk22 »

Xenon

  • *
  • Prime Runner
  • *****
  • Posts: 6364
« Reply #51 on: <04-08-20/0333:20> »
Spoof ... your right nevermind... that one slipped through format editing
Thanks for revisiting this one.


I will be submitting this to be made official, but have decided to post it here to get feedback and have at least be a house rule option in case it gets shot down.

Slaved devices = limit is the controlling device's Data Processing, these devices are part of your network but can also be controlled remotely. Primary use would drones, vehicles, and firing platforms, but I'm sure you could get creative with other devices.

Networked devices = limit is infinite as long as your able to be connected. Noise or other signal blocking would be a factor. A networked device is part of your network (PAN) and therefore gains all of the strengths and weaknesses of your security. (Willpower and Firewall)

Unattached/unattended devices = these devices have no network connection of any kind what so ever, and only have their own built in security (often a barely existent firewall if anything) but also can not be used to gain access to a network.
So basically, the data processing limit only applies to drones and vehicles.
(I personally like this very much since it still mean RCCs are still important when it comes to slaving drones and it also does not seem to cause any unwanted ripple effects. Win - Win).


(this was also one of the suggestions to the OP earlier in the thread):
...the limited amount of slaves for kommlinks
If you find this to be an issue then either just house rule that:
  • You can slave an unlimited amount of devices to your PAN
  • Or that the limit only applies specifically to drones and vehicles
(emphasis mine)


Would you also allow all devices to have not only firewalls, but also data processing equal to their device rating?
jtkirk22, I think the idea here is that rather than giving matrix attributes to all devices (like the German translation did it) the suggestion from Banshee (see above) is that an unlimited amount of your devices may be 'inked' or 'networked' to your PAN (see above) and that the data processing rating (the 'slave' limit) only applies to devices you can 'remote control' (like Drones, Vehicles, Smartfiring platforms etc).

If you still rather want to pursuit the route of adding some sort of firewall (and/or data processing) rating to all devices then you probably also need to adjust commlink ratings. Then you probably also need to adjust RCC and cyberjack ratings. Then hacking get a lot more difficult and you probably need to adjust hacking rules in some way as well (if you wish to keep status quo that is). This is not a very clean solution.  I would advice against such a house rule. Having said that, it is your table. Your rules.
« Last Edit: <04-08-20/0352:50> by Xenon »

Michael Chandra

  • *
  • Catalyst Demo Team
  • Prime Runner
  • ***
  • Posts: 9855
  • Question-slicing ninja
« Reply #52 on: <04-08-20/0344:55> »
IF you wanted to house rule something that worked as I originally designed the new matrix system. Then add device rating to all commlink firewalls, ignore device limits, and allow all devices to have firewalls equal to their rating.
Would you also allow all devices to have not only firewalls, but also data processing equal to their device rating? (like suggested in the German Core Rules, p. 245)? Or only Firewall?

For some opposed checks that would mean a huge increase of dices for the defending device.
Honestly, I worry about said increases. It means that Datajacks become less valuable, since you could just get a cheap Datajack, then use a DR6 commlink for better attributes. And it means a Rating 6 Commlink has a better Firewall than a Rating 6 Rigger Command Console. Plus hacking becomes far tougher when high-rating security equipment has a better Firewall than their Host can offer them. We get back to SR5's 'burst quickly', which makes the whole layered Host structure a nightmare.

A blanket 'no listed rating means DR/2' and 'commlinks are fine as they are, to encourage the more-expensive high-Firewall stuff' I'd find more fair, since it's more balanced, as long as people can easily supervise their gear, and means Hackers actually have a fair shot against the weaker stuff. If we're letting you daisy-chain PANs so that the Mage's commlink protects everyone else's and through those their gear, FW isn't a problem since you only need 1 3-FW commlink.

As for Data Processing, I'd be careful there: DP is slave limit (for example how many Drones you can protect with RCC firewall and share autosofts with), and used for Matrix Initiative. Boosting it has a big impact there.
How am I not part of the forum?? O_O I am both active and angry!

jtkirk22

  • *
  • Newb
  • *
  • Posts: 33
« Reply #53 on: <04-08-20/0355:22> »

If you still rather want to pursuit the route of adding some sort of firewall (and/or data processing) rating to all devices then you probably also need to adjust commlink ratings. Then you probably also need to adjust RCC and cyberjack ratings. Then hacking get a lot more difficult and you probably need to adjust hacking rules in some way as well (if you wish to keep status quo that is). This is not a very clean solution.  I would advice against such a house rule. Having said that, it is your table. Your rules.

Thanks for your answer. Banshee spoke in this post of "add[ing] device rating to all commlink firewalls". So, I wanted to make sure that this won't break the game.

Adding Firewall to commlinks makes hacking a bit harder - but it seems okay, as commlinks are hacked easily anyway.

He also said: "allow all devices to have firewalls equal to their rating."

I am a absolute new player. Can anybody tell me, if that rule is okay or will it break the game in some point? Are there further adjustments needed (e.g. for cyberjacks/cyberdecks), if I would use that house rule? That's how Xenon's sounded for me. Just want to be sure...

Xenon

  • *
  • Prime Runner
  • *****
  • Posts: 6364
« Reply #54 on: <04-08-20/0507:40> »
I wanted to make sure that this won't break the game.
It does. Further adjustments are needed.
  • Unless you also increase ratings of commlinks you risk running into a situation where high rated devices will get less protection if included into a PAN
  • As commlink ratings are increased you need to adjust cyberjacks to keep them competitive
  • As firewall and data processing ratings are interchangeable you also need to adjust RCC ratings to keep them competitive
  • As PAN ratings overall get increased across the board you also need to compensate hackers in some way to keep status quo here as well
  • The list goes on.....

Which is why we (Banshee included) are instead suggesting that any number of devices can be networked (or linked or included) into your PAN, but that you can still only slave a number of drones and vehicles equal to your device rating. No further adjustments needed. This is clean. And it also seem to be aligned with the original intention of the Author.
« Last Edit: <04-08-20/0510:29> by Xenon »

Michael Chandra

  • *
  • Catalyst Demo Team
  • Prime Runner
  • ***
  • Posts: 9855
  • Question-slicing ninja
« Reply #55 on: <04-08-20/0515:44> »
As for Data Processing, I'd be careful there: DP is slave limit (for example how many Drones you can protect with RCC firewall and share autosofts with), and used for Matrix Initiative. Boosting it has a big impact there.
Minor correction to myself: DP is only how many autosofts it can share, slaves depends on device rating for RCCs (DRx3).
How am I not part of the forum?? O_O I am both active and angry!

jtkirk22

  • *
  • Newb
  • *
  • Posts: 33
« Reply #56 on: <04-08-20/0619:18> »
I wanted to make sure that this won't break the game.
It does. Further adjustments are needed.
  • Unless you also increase ratings of commlinks you risk running into a situation where high rated devices will get less protection if included into a PAN
  • As commlink ratings are increased you need to adjust cyberjacks to keep them competitive
  • As firewall and data processing ratings are interchangeable you also need to adjust RCC ratings to keep them competitive
  • As PAN ratings overall get increased across the board you also need to compensate hackers in some way to keep status quo here as well
  • The list goes on.....

Which is why we (Banshee included) are instead suggesting that any number of devices can be networked (or linked or included) into your PAN, but that you can still only slave a number of drones and vehicles equal to your device rating. No further adjustments needed. This is clean. And it also seem to be aligned with the original intention of the Author.

Sounds good. Thanks for carification! :)

But does this also concern the statement to "allow all devices to have firewalls equal to their rating"?
« Last Edit: <04-08-20/0628:54> by jtkirk22 »

Finstersang

  • *
  • Omae
  • ***
  • Posts: 747
« Reply #57 on: <04-08-20/0627:21> »
Little side question about Spoof Command:

I was always under the impression that to successfully spoof a command from a credible source, the hacker also has to know that source. Is this correct?

For context: In 5th Edition, the hacker even needed to hack that "credible source" for a Mark - thankfully, that extra delay is now gone. But it would still make sense if the hacker first have to find (or at least successfully guess) a user with the right credentials. Of course, in most cases, that user should be obvious enough for the hacker to not need waste extra actions - f.i., if is a Smartgun, the bloke holding it very likely to be its accepted user. However, zhat may be not so clear if the "credible source" is hiding in the Matrix or if there is no obvious source around the device in question.

(For additional clarity: Iīm assuming that a"credible source" does not automatically have to be part of the PAN as well, and sometimes not even a persona. F.i., a Trideo Projector in a corporate conference room - which might be slaved to the local WAN - could also accept orders from a remote control/"presenter")

Any "required credentials" can be assumed included as part of the action. The primary change and subsequent use of spoof command is that is only a single command for one single action anything more complex requires control device.

Ah, thanks. Guess thatīs best way to go for simplicity sake.

From a GMīs perspective: Iīd probably still reserve me the liberty to ask for an identified "credible source" every once in a while, to create a little bit of narrative tension in a pinch: "I need to get past this door fast! Quick, find me an Exec so I can spoof the credentials!"

On the flip side, Spoof Command also offers an opportunity to reward clever thinking on the playerīs side. F.i., if the hacker has deliberatedly watched and waited for a certified user to legally use the very same command he wants spoof (like these newer kind of car thieves that intercept the signal of electronic car keys), thatīs something that I would award an Edge for. 
« Last Edit: <04-09-20/1308:05> by Finstersang »

Banshee

  • *
  • Catalyst Demo Team
  • Ace Runner
  • ***
  • Posts: 1055
« Reply #58 on: <04-08-20/0709:47> »
IF you wanted to house rule something that worked as I originally designed the new matrix system. Then add device rating to all commlink firewalls, ignore device limits, and allow all devices to have firewalls equal to their rating.
Would you also allow all devices to have not only firewalls, but also data processing equal to their device rating? (like suggested in the German Core Rules, p. 245)? Or only Firewall?

For some opposed checks that would mean a huge increase of dices for the defending device.

Basically what Xenon said too ...

EDIT: Nevermind ..  removed after reading more of Xenon comments
« Last Edit: <04-08-20/0715:02> by Banshee »
Robert "Banshee" Volbrecht
Freelancer & FAQ Committee member
Former RPG Lead Agent
Catalyst Demo Team

Finstersang

  • *
  • Omae
  • ***
  • Posts: 747
« Reply #59 on: <04-08-20/1046:47> »
I will be submitting this to be made official, but have decided to post it here to get feedback and have at least be a house rule option in case it gets shot down.

Slaved devices = limit is the controlling device's Data Processing, these devices are part of your network but can also be controlled remotely. Primary use would drones, vehicles, and firing platforms, but I'm sure you could get creative with other devices.

Networked devices = limit is infinite as long as your able to be connected. Noise or other signal blocking would be a factor. A networked device is part of your network (PAN) and therefore gains all of the strengths and weaknesses of your security. (Willpower and Firewall)

Unattached/unattended devices = these devices have no network connection of any kind what so ever, and only have their own built in security (often a barely existent firewall if anything) but also can not be used to gain access to a network.

Godspeed to you ;)

I believe that the main reason why the slave limit was added in the first place was to give Data Processing a better purpose. Precisely, a better purpose in comparison with the Firewall Attribute. Before that, there was next to no reason not to take a setup with a higher Firewall (right now, only VR Initiative comes to mind). And then, someone tried die "fix" this problem with the slave limit, but instead created a much bigger problem due to the overall low stats of commlinks.

So, hereīs another alternative that just came to my mind: Data Processing Actions.
Just like the way Attack and Sleaze actions work, some (mostly, legal) Actions may profit from higher Data Processing and thus be hampered by a higher Firewall setup, imposing a negative Dice Pool modifier if the Firewall Attribute is higher. That may seem a bit weird at first, but just think about your everyday computer experiences: The more "secure" systems with proper firewalls, virus scanners, blockers, etc. are often a bit of a nuisance to work with, because you will be constantly pestered with warnings, constant updates, affirmation prompts, checks, small delays.... To me, that seems like a good enough explanation for some Matrix Actions being penalized if the setup of the PAN is more about security and less about doing stuff:

  • Matrix Perception: An overzealous Firewall might block out more "potentially harmfull signals", making it also harder to find hidden stuff or have a closer look at Matrix entities.
  • Matrix Search: The Firewall interferes with your searches and tries to hinder you from straying into unsafe territories - which is often were you find the more valuable informations.
  • Edit File: "Are you sure you want to run this file?" "For your security, you can only view this file in safe mode, some functions have been disabled" "Due to security risks, this file format is not supported anymore..." You know what I mean. While there are no rules for file-embedded Viruses and such (yet?), that doesnīt mean that this isnīt a phenomenon a that your overzealous firewall wants to protect you from.

Other possible Data Processing Actions may include Format Device, Jack Out*, Reboot Device and Trace Icon. However, I wouldnīt overdue it here. Also, while it might be fitting for Encrypt File and Disarm Databomb, I also wouldnīt dub any of the actions as "Firewall Actions" (yet), since pretty much every defense test against attackers is already profitting from a higher firewall.

*"Please make sure to alway log of from the Matrix in a secure fashion", sayeth the firewall, while the hacker gets fragged by the black IC... ::)
« Last Edit: <04-08-20/1059:48> by Finstersang »