It always pops up, and people love to weigh in on it, so I want to start a real discussion about it rather than having it derail another thread. Now, I'm new to these forums, and relatively new to Shadowrun, but I've noticed a lot of things people bring up when they complain about the Wireless Matrix being terrible. I'm hoping to give my two cents, and get some other people to say what they think. Before I get started, I want to say that I really like the wireless matrix, the PAN, and the concept of a hacker having such a wide area of influence.
One thing in particular that bothered me was someone who said wireless was badly designed, because the best way to protect yourself against it was to not use it at all. This, to me, is like saying "Combat rules were a mistake! The best way to avoid dieing is to not fight in the first place, what's up with that?" as if that means the system isn't thought out.
People talk about hacking cyberlimbs and other 'ware quite often... I admit, when I first read about it I was a bit freaked, so I don't blame them. But they seem to overestimate what it means a hacker could actually do. Yes, cybernetics that do have wireless functionality have only 3-meters of range. Yes, you can ignore this by hacking a PAN if they are slaved to it. However, this is where people seem to stop thinking things through. They bring up that you control your cyberlimbs via DNI, and then jump to "and thus you can hack their PAN and control them" which... Is wrong.
Even if you have an implanted commlink, you don't control your limbs with it. It's a Direct Neural Interface, meaning you control it with your brain. You can't spoof commands to say they're from someone's brain, you can't send commands to limbs from a commlink through someone's brain, and you certainly can't hack someone's brain. You do gain access to what is wirelessly given by those limbs, yes, but as Unwired states, this is often just an RFID chip filled with statistics and data on how well its running. Useless? Maybe not, but it's not direct override like some people think. Similarly, as many people stated, a physical switch that can only be used in a very deliberate manner is often installed. Realistically, there could be accidents that result in the buttons being pushed, but in my opinion, these fall under "deus ex machina" elements, that won't come up in game play unless attention is called directly to them and the GM wants to dramatically change the encounter. If you can control the implants without needing to have a commlink on you (clearly possible, as street samurai don't suddenly become vegetables when their 'link is turned off) then the commlink reasonably doesn't have such explicit control over them.
What you can do though, is interact (and fuck with) anything that could be interfaced with the runner's commlink. Things like cyberears and cybereyes may not be able to be turned off via the 'link (who would ever need to do that themselves?) but you can do things like disable a smartlink, layer images over their vision (laughing man, anyone?) or even play sound clips that you took with you into their node. Most other implants do not have any use to have their functions linked to commlink. Your best bet would be to instead look at how many implants they have, and which ones are currently active, in the case of things like Wired Reflexes. And as I stated before, they are controlled via DNI, with the runner's brain, not through any commlink, and thus you wouldn't be able to send commands to them.
What confuses me, though, is the example on page 102. "The target character may be shut out of controlling his own implants by deactivating DNI or altering the account privileges (requiring a Hacking + Editing Test)." To accomplish this, you would need to either be plugged into their implant or datajack, as I said before, what you are capable of doing via limbs wireless connectivity is very little indeed. The situation is the same for using a cyberlimb to attack the wearer. Either plugged directly into the implant (and thus having full access to literally any function it is capable of) or into a datajack (which explicitly gives you access to anything connected via a DNI, which is the whole point of a datajack in the first place-- It's a modular DNI.)
Next is matrix security. All those things aside, if you still feel vulnerable, simply run an Encryption program, and maybe load an Agent who can continually run Analyze for you. You may have to plink a bit of money into it, but it's nothing unreasonable... The matrix, like combat and magic, is another layer of the game that everyone should be aware of and have at least basic defenses for. Now, as the books tell you, encryption won't keep anyone out permanently. But it -will- keep them from being able to do anything during a combat scenario. It takes 1 combat turn per roll to Decrypt, assuming you don't sit down for 5 minutes to change that. If you have a Rating 4 Encrypt program (very cheap, and System 4 'links aren't very costly) then they have to take at least 2 combat turns* to even interact with your node in any reasonable way. The best they can do is gain your Access ID and attempt to start Spoofing. All the while your Agent and Firewall is working against them. It might not stop them over the course of a few minutes, but in combat, it means you're pretty safe. That hacker is doing nothing else beyond trying to decrypt you, taking themselves out of the fight while you keep going. If you decided to take the time in the car ride over to the mission point to do a Strong Encryption, then mid-combat decryption is probably impossible. Even a 1-minute interval is still 20 rounds. One minute of fidgeting with your commlink.
*assuming the hacker is capable enough to get 4 successes each round.
One more thing to mention is skinlinks and the good old datajack+cable combination. They are both examples of non-wireless ways to send data. It's worth pointing out though, that they are still vulnerable. This is where I believe people became confused about what DNI means. A skinlink/fiberoptic cable can't be intercepted, and you can't send wireless commands to something that operates using those alone. However, this is where hacking someone's PAN -does- grant you access. A skinlinked smartgun and skinlinked Cybereyes might be impossible to intercept, stopping you from directly altering what a smartlink tells them, but it doesn't prevent you from using their commlink to issue commands to the gun (which it is important to specify here, is something that can be done with a commlink, unlike controlling a cyberlimb). They are far from ineffective, however. If you follow my suggestions about matrix security, then you turn them from a free-floating wireless device with low Firewall and no admin accounts to having to be accessed by one stronger, more easily protected, node.
None of it is fool-proof and none of it is 100% secure. It shouldn't be. That would be the equivalent of an invulnerable street samurai, or a magician who never felt the effects of drain. It needs to be possible to get through it, for both the sake of the enemies, and for the players when they go up against similarly defended opponents. It should be a challenge, which I believe it very much can be. From what I've seen of hackers' capabilities, their role in combat (aside from standard shoot and stay alive procedure) would be to try and spoof smartguns or disable imagelinks. Both effective support tactics that can throw a wrench in your enemy's ranks.
Now I want to hear from you guys, the more experienced in both the game and these discussions, to tell me what you think I may be misunderstanding. Try to keep your answers in a point-by-point structure. It makes it easier for people to respond to your questions or points with answers and counter-points when you do so. And remember, just because something can be worked around, doesn't mean it suddenly is useless. The goal isn't to make something impenetrable. If that happened, the hacker archetype would be horribly crippled. They already have it hard as is just trying to understand the rules. I'm certain I'm not correct about these things... If I was, I wouldn't have posted it here for a discussion. So please, enlighten me if you feel I'm misunderstanding some rules.