[firebug]

It always pops up, and people love to weigh in on it, so I want to start a real discussion about it rather than having it derail another thread.  Now, I'm new to these forums, and relatively new to Shadowrun, but I've noticed a lot of things people bring up when they complain about the Wireless Matrix being terrible.  I'm hoping to give my two cents, and get some other people to say what they think.  Before I get started, I want to say that I really like the wireless matrix, the PAN, and the concept of a hacker having such a wide area of influence.

One thing in particular that bothered me was someone who said wireless was badly designed, because the best way to protect yourself against it was to not use it at all.  This, to me, is like saying "Combat rules were a mistake!  The best way to avoid dieing is to not fight in the first place, what's up with that?" as if that means the system isn't thought out.

People talk about hacking cyberlimbs and other 'ware quite often...  I admit, when I first read about it I was a bit freaked, so I don't blame them.  But they seem to overestimate what it means a hacker could actually do.  Yes, cybernetics that do have wireless functionality have only 3-meters of range.  Yes, you can ignore this by hacking a PAN if they are slaved to it.  However, this is where people seem to stop thinking things through.  They bring up that you control your cyberlimbs via DNI, and then jump to "and thus you can hack their PAN and control them" which...  Is wrong.

Even if you have an implanted commlink, you don't control your limbs with it.  It's a Direct Neural Interface, meaning you control it with your brain.  You can't spoof commands to say they're from someone's brain, you can't send commands to limbs from a commlink through someone's brain, and you certainly can't hack someone's brain.  You do gain access to what is wirelessly given by those limbs, yes, but as Unwired states, this is often just an RFID chip filled with statistics and data on how well its running.  Useless?  Maybe not, but it's not direct override like some people think.  Similarly, as many people stated, a physical switch that can only be used in a very deliberate manner is often installed.  Realistically, there could be accidents that result in the buttons being pushed, but in my opinion, these fall under "deus ex machina" elements, that won't come up in game play unless attention is called directly to them and the GM wants to dramatically change the encounter.  If you can control the implants without needing to have a commlink on you (clearly possible, as street samurai don't suddenly become vegetables when their 'link is turned off) then the commlink reasonably doesn't have such explicit control over them.

What you can do though, is interact (and fuck with) anything that could be interfaced with the runner's commlink.  Things like cyberears and cybereyes may not be able to be turned off via the 'link (who would ever need to do that themselves?) but you can do things like disable a smartlink, layer images over their vision (laughing man, anyone?) or even play sound clips that you took with you into their node.  Most other implants do not have any use to have their functions linked to commlink.  Your best bet would be to instead look at how many implants they have, and which ones are currently active, in the case of things like Wired Reflexes.  And as I stated before, they are controlled via DNI, with the runner's brain, not through any commlink, and thus you wouldn't be able to send commands to them.

What confuses me, though, is the example on page 102.  "The target character may be shut out of controlling his own implants by deactivating DNI or altering the account privileges (requiring a Hacking + Editing Test)."  To accomplish this, you would need to either be plugged into their implant or datajack, as I said before, what you are capable of doing via limbs wireless connectivity is very little indeed.  The situation is the same for using a cyberlimb to attack the wearer.  Either plugged directly into the implant (and thus having full access to literally any function it is capable of) or into a datajack (which explicitly gives you access to anything connected via a DNI, which is the whole point of a datajack in the first place--  It's a modular DNI.)

Next is matrix security.  All those things aside, if you still feel vulnerable, simply run an Encryption program, and maybe load an Agent who can continually run Analyze for you.  You may have to plink a bit of money into it, but it's nothing unreasonable...  The matrix, like combat and magic, is another layer of the game that everyone should be aware of and have at least basic defenses for.  Now, as the books tell you, encryption won't keep anyone out permanently.  But it -will- keep them from being able to do anything during a combat scenario.  It takes 1 combat turn per roll to Decrypt, assuming you don't sit down for 5 minutes to change that.  If you have a Rating 4 Encrypt program (very cheap, and System 4 'links aren't very costly) then they have to take at least 2 combat turns* to even interact with your node in any reasonable way.  The best they can do is gain your Access ID and attempt to start Spoofing.  All the while your Agent and Firewall is working against them.  It might not stop them over the course of a few minutes, but in combat, it means you're pretty safe.  That hacker is doing nothing else beyond trying to decrypt you, taking themselves out of the fight while you keep going.  If you decided to take the time in the car ride over to the mission point to do a Strong Encryption, then mid-combat decryption is probably impossible.  Even a 1-minute interval is still 20 rounds.  One minute of fidgeting with your commlink.
*assuming the hacker is capable enough to get 4 successes each round.

One more thing to mention is skinlinks and the good old datajack+cable combination.  They are both examples of non-wireless ways to send data.  It's worth pointing out though, that they are still vulnerable.  This is where I believe people became confused about what DNI means.  A skinlink/fiberoptic cable can't be intercepted, and you can't send wireless commands to something that operates using those alone.  However, this is where hacking someone's PAN -does- grant you access.  A skinlinked smartgun and skinlinked Cybereyes might be impossible to intercept, stopping you from directly altering what a smartlink tells them, but it doesn't prevent you from using their commlink to issue commands to the gun (which it is important to specify here, is something that can be done with a commlink, unlike controlling a cyberlimb).  They are far from ineffective, however.  If you follow my suggestions about matrix security, then you turn them from a free-floating wireless device with low Firewall and no admin accounts to having to be accessed by one stronger, more easily protected, node.

None of it is fool-proof and none of it is 100% secure.  It shouldn't be.  That would be the equivalent of an invulnerable street samurai, or a magician who never felt the effects of drain.  It needs to be possible to get through it, for both the sake of the enemies, and for the players when they go up against similarly defended opponents.  It should be a challenge, which I believe it very much can be.  From what I've seen of hackers' capabilities, their role in combat (aside from standard shoot and stay alive procedure) would be to try and spoof smartguns or disable imagelinks.  Both effective support tactics that can throw a wrench in your enemy's ranks.

Now I want to hear from you guys, the more experienced in both the game and these discussions, to tell me what you think I may be misunderstanding.  Try to keep your answers in a point-by-point structure.  It makes it easier for people to respond to your questions or points with answers and counter-points when you do so.  And remember, just because something can be worked around, doesn't mean it suddenly is useless.  The goal isn't to make something impenetrable.  If that happened, the hacker archetype would be horribly crippled.  They already have it hard as is just trying to understand the rules.  I'm certain I'm not correct about these things...  If I was, I wouldn't have posted it here for a discussion.  So please, enlighten me if you feel I'm misunderstanding some rules.

[FuelDrop]

While I agree on a lot of what you've just said, I think you've made a mistake about decryption: The hacker initiates Cryptanalalysis (a complex action), then the software does all the work and leaves the hacker free to continue functioning. Still going to take a while, but at least the hacker's not out of the fight while the decryption takes place.

Doesn't invalidate any of your other points.

[Novocrane]

Most cyberware comes with an integral direct neural interface, allowing the user to mentally access and control the implant.  is is the primary means of control for most cybernetics and requires the implant have a built-in computer.

Obviously, not all implants require such interfaces. Some, such as dermal plating and bone-lacing, are passive augmentations and don’t do much but make you tougher or stronger. Implants that don’t require any sort of mental control still come equipped with RFID sensor tags as a matter of course.

This is the first paragraph of Augmentation's say on DNI & wireless functionality.

Any non-passive / DNI-linked implant means there's a computer on the other end, listening to your brain murmurs. This computer is commonly open for wireless updating, with a range of anywhere from 3m (cyberware), 100m (headware), or 4km (cyberlimbs) - but it doesn't have to be always open. Permanent disabling is an option, (however messy) as is using your DNI to turn wireless off temporarily. The latter is the option of choice for corp security; they only turn on for updates in wifi "clean" zones, where being hacked is not expected to be an issue.

You can't spoof commands to say they're from someone's brain, you can't send commands to limbs from a commlink through someone's brain, and you certainly can't hack someone's brain.  You do gain access to what is wirelessly given by those limbs

Like other devices, cyberware can be manipulated within the limits of its programming and functionality.

If you get into the controlling computer of any given active cyberware, you can functionally take the brain out of the loop as the directing entity. Naturally, unless there is some method of spatial recognition, the limits of functionality are going to be constrained somewhat. Using a cyber arm to shoot other people when you only have a sense of touch would be a matter of luck. Shooting the arm's owner would not. If you have access to their smartlink feed, too ...

Things like cyberears and cybereyes may not be able to be turned off via the 'link (who would ever need to do that themselves?)

Clearly this level of functionality isn't for the every day user. It's for cyberdocs, maintenance technicians and the like. People who are going to do things that might cause excessive feedback, should your cyber still be turned on or at full capability.

Personally, I think node defence you couldn't refer to as "landscaping" (or maybe PANscaping?) - wireless disabling, skinlink, etc. should be something you roll into Advanced Lifestyle: Security. (Runner's Companion, p150 for a list) Essentially, that would mean everyone with a high or luxury lifestyle and alphaware (or better) cyber has access to IC and program suites at rating 4+ to detect / fry intruders, and generally ensure your DNI settings don't change unexpectedly. It won't do much against the uber stealth threading technomancer, but that's where you're either back to landscaping or suffering the consequences.

[firebug]

The hacker initiates Cryptanalalysis (a complex action), then the software does all the work and leaves the hacker free to continue functioning.

Ah, you're completely right.  I didn't realize I'd missed that part.


Novocrane, you made some really good points.  I suppose the wireless connectivity of the 'ware would need to be connected to the main computer, so the software updates could be received.

If you get into the controlling computer of any given active cyberware, you can functionally take the brain out of the loop as the directing entity.

My question is though, if you've toggled the wireless off (via your DNI, as you said corp security does), doesn't that mean there's realistically no way for someone to access the 'ware's computer beyond using cables and the like?

Finally, I'm not so certain I agree with you about cyberdocs needing to turn off your eyes wirelessly.  It's not that I don't think your point about feedback isn't valid, I just feel like it would be more likely that they would just ask the person they're operating on to do so for them, rather than asking them to essentially give them the password to their cybereyes.  Or use some physical way to turn it off. 

[RHat]

My question is though, if you've toggled the wireless off (via your DNI, as you said corp security does), doesn't that mean there's realistically no way for someone to access the 'ware's computer beyond using cables and the like?

The ware's connected to more than just its own DNI.  You'd have to kill the wireless of your entire PAN and run anything at all connected through any sequence to the ware in comeplete wireless isolation.  For example, if your commlink is connected to the cyberarm for one reason or another, your commlink is now a way for a hacker to get into the cyberarm.

[firebug]

My question is though, if you've toggled the wireless off (via your DNI, as you said corp security does), doesn't that mean there's realistically no way for someone to access the 'ware's computer beyond using cables and the like?

The ware's connected to more than just its own DNI.  You'd have to kill the wireless of your entire PAN and run anything at all connected through any sequence to the ware in comeplete wireless isolation.  For example, if your commlink is connected to the cyberarm for one reason or another, your commlink is now a way for a hacker to get into the cyberarm.

It's not connected to your commlink, though.  All it's connected to, once you deactivate its superfluous (for the sake of anything but downtime) wireless functionality, is your brain.  Your commlink doesn't send any signals to it, you're just moving it and controlling it as if it were your own arm.  Even activating things like a cyberarm gyromount are just done through your DNI connection with it.  If it has something like a scanner in it, though, then I would agree that you'd it to be part of your PAN in order to see the results of any scanning.

Other than the DNI and its own wireless function (which it is completely capable of functioning without, and doesn't even need to have it permanently disabled), what is it connected to?

[Novocrane]

Finally, I'm not so certain I agree with you about cyberdocs needing to turn off your eyes wirelessly.  It's not that I don't think your point about feedback isn't valid, I just feel like it would be more likely that they would just ask the person they're operating on to do so for them, rather than asking them to essentially give them the password to their cybereyes.  Or use some physical way to turn it off.

I think it could go either way, but I'm not exactly knowledgeable in any related field, nor have I found anything insightful within the books.
Just a hypothetical, but I'd assume there are access grades, which leave most people stuck within "safe" limits of what their cyber can do. (or does your average wageslave get the option of redlining cyberlimbs?) This could include manufacturer-default admin clearance, generally used for diagnostics at various points before sale, which also becomes a kind of security option. Similar to mobile phones and modern cars. Runners would want to change their accounts / passwords, but it's only truly secure against honest people in the 2070s.

[RHat]

My question is though, if you've toggled the wireless off (via your DNI, as you said corp security does), doesn't that mean there's realistically no way for someone to access the 'ware's computer beyond using cables and the like?

The ware's connected to more than just its own DNI.  You'd have to kill the wireless of your entire PAN and run anything at all connected through any sequence to the ware in comeplete wireless isolation.  For example, if your commlink is connected to the cyberarm for one reason or another, your commlink is now a way for a hacker to get into the cyberarm.

It's not connected to your commlink, though.  All it's connected to, once you deactivate its superfluous (for the sake of anything but downtime) wireless functionality, is your brain.  Your commlink doesn't send any signals to it, you're just moving it and controlling it as if it were your own arm.  Even activating things like a cyberarm gyromount are just done through your DNI connection with it.  If it has something like a scanner in it, though, then I would agree that you'd it to be part of your PAN in order to see the results of any scanning.

Other than the DNI and its own wireless function (which it is completely capable of functioning without, and doesn't even need to have it permanently disabled), what is it connected to?

Sure, if you don't want to be able to get status on anything in it, or feed it's data anywhere, or have any sort of functionality in relation to another device, or to have the option to wire your smartgun to the arm, and so on (see also: cyberguns and smartlinks).  There's a lot of cause to have it connected to your 'link, or a number of other devices.  That said, cyberlimbs are often the least likely candidate for a cyberhack - internal stuff is often easier to get at, oddly enough.

[Medicineman]

or to have the option to wire your smartgun to the arm, and so on (see also: cyberguns and smartlinks)
Thats what Skinlink's for
Cyberware did function for 50 Years without WiFi ! There's no Reason why it shouldn't work now properly without
Cyberdocs were able to Repair 'ware for the last 40,50 Years without resorting to WiFi !

Hogh
Medicineman

[firebug]

Sure, if you don't want to be able to get status on anything in it, or feed it's data anywhere, or have any sort of functionality in relation to another device, or to have the option to wire your smartgun to the arm, and so on (see also: cyberguns and smartlinks).  There's a lot of cause to have it connected to your 'link, or a number of other devices.  That said, cyberlimbs are often the least likely candidate for a cyberhack - internal stuff is often easier to get at, oddly enough.

You don't need status on it, or to feed its data to anywhere but your brain, and what functionality with other devices do you have a reference to?  I don't know what you mean by wiring your smartgun to your arm.  You mean plugging it in via fiberoptic cable?  That's not wireless, and it's another secure way to command the gun.  Though, there would be no reason to plug it into your arm instead of just a normal datajack...  Having a cybergun with a smartlink though, yes, that definitely would leave you vulnerable, as you'd need it to be wireless to communicate with whatever is showing you the smartgun system.

I don't mean to sound picky, but I'd really appreciate if you could give a specific example of what kind of internal cyberware you'd need to have a wireless signal with in order to use.  I can't think of one off the top of my head that would need to be connected to your commlink for any reason unless it is some kind of radar, in which case it would probably be inactive and disabled until you're using it.

or to have the option to wire your smartgun to the arm, and so on (see also: cyberguns and smartlinks)
Thats what Skinlink's for
Cyberware did function for 50 Years without WiFi ! There's no Reason why it shouldn't work now properly without
Cyberdocs were able to Repair 'ware for the last 40,50 Years without resorting to WiFi !

Hogh
Medicineman

That's also a good point.

[RHat]

I'll also point out that Unwired notes the DNI as a link between multiple devices.  Meaning that if, say, you have a DNI to your commlink too, that's quite possibly a way of getting at any exclusively-DNI ware.

As for that smartgun: Wire to datajack, with the feed being sent to the smartlink (which has nothing to do with your arm, so obviously that's an outside connection).

And to be specific, I'm talking about inter-device connections, wireless or otherwise.  If the device in question is connecting through any number of steps to a wireless device, that makes it vulnerable to wireless hacking.  In order to be considered isolated from other devices, the ware would have to lack wireless and DNI functionality.

[firebug]

I'll also point out that Unwired notes the DNI as a link between multiple devices.  Meaning that if, say, you have a DNI to your commlink too, that's quite possibly a way of getting at any exclusively-DNI ware.

And to be specific, I'm talking about inter-device connections, wireless or otherwise.  If the device in question is connecting through any number of steps to a wireless device, that makes it vulnerable to wireless hacking.

So you're saying I was wrong when I said "you can't send commands to limbs from a commlink through someone's brain"?  That is what you'd be doing if you're going commlink>DNI>cybeware.  There'd be no direct connection, so you'd have to pass the data right through the user's brain (that being the central spot where all the DNI information goes and comes from in this situation).

I think that'd be the main part where we disagree.  I don't think everything that is connected to you via DNI is connected to eachother.  I just don't think you can pass your data through someone else's brain to their cyberware.

[RHat]

You're not going through their brain - you're piggybacking on whatever establishes the DNI.  DNI isn't your brain, it's an interface between your brain and various devices.  Hence why the DNI must be established by some particular piece of hardware.

Basically, you're making a false assumption about what a DNI is.

[firebug]

You're not going through their brain - you're piggybacking on whatever establishes the DNI.  DNI isn't your brain, it's an interface between your brain and various devices.  Hence why the DNI must be established by some particular piece of hardware.

Basically, you're making a false assumption about what a DNI is.

But...  You don't have to buy a DNI as a separate piece of cyberware, it's not like its one implant that all the other things require you to first have, it comes with each piece of 'ware you buy...  So each has its own, separate DNI that connects it to your brain so you can control it like you could any other part of your body.  Each DNI equipped cyber enhancement just goes from the limb, through their build-in DNI, to your brain.

I really don't think they're connected to each-other.  I don't think the books say anything for or against either of us, though...  So I'm not sure how we'd find out if one of us is misunderstanding something or not.

[RHat]

You do, however, require an implanted commlink, datajack, implanted sim module, or trodes to establish a DNI - see the definition on page 217, SR4A.  There's also some sections of Unwired that you should take a look at, such as page 102; it establishes that the DNI is a way for a hacker to gain access to cyberware.