NEWS

[SR5] Rolling for legal matrix actions

  • 20 Replies
  • 8422 Views

Fatespinner

  • *
  • Newb
  • *
  • Posts: 54
« on: <07-27-20/1353:57> »
Hi,

I was wondering if you need to roll for legal matrix actions like edit file. Do I as the owner of a file need to roll to read and edit it? If I give someone a mark on that file, do they have to roll? If not why do hackers with a mark on the file need to roll?

Are there rules to place a mark on a file? I see only rules for getting marks on a host or device.

What about other legal actions where somebody has the number of required marks?

How is it handled for normal workers on a host? How do they edit files they don't own? How can they get files out of an archive?

Michael Chandra

  • *
  • Catalyst Demo Team
  • Prime Runner
  • ***
  • Posts: 9920
  • Question-slicing ninja
« Reply #1 on: <07-27-20/1409:16> »
Even with a hacked Mark, there's still something illegal about what you're doing. That unnatural thing is what causes the resisted roll. Legals got no problem whatsoever.

Owners can give others real Marks, and when a worker logs in, the Host gives them their default Marks.
How am I not part of the forum?? O_O I am both active and angry!

Fatespinner

  • *
  • Newb
  • *
  • Posts: 54
« Reply #2 on: <07-27-20/1419:35> »
So there is a difference between marks gained from hacking and marks gained from the owner? What if a Technomancer used puppeteer to force a device to give them a mark. Would that count as a legal mark?

Banshee

  • *
  • Catalyst Demo Team
  • Ace Runner
  • ***
  • Posts: 1095
« Reply #3 on: <07-27-20/1435:56> »
Well most people rule that Puppeteer can't be used that way, the intent of that form is to mirror control device which lets you command a device to perform an action it is able to take on it's own, giving a mark is not performed by the device .. but by the owner.

If ... you're playing in a game that goes against that ruling then at the very least it would still be an illegal mark since it is not gained through "proper" channels
Robert "Banshee" Volbrecht
Freelancer & FAQ Committee member
Former RPG Lead Agent
Catalyst Demo Team

Stainless Steel Devil Rat

  • *
  • Errata Coordinator
  • Prime Runner
  • *****
  • Posts: 4572
« Reply #4 on: <07-27-20/1444:55> »
I like to think of the matrix rules as applying solely to illegal hacking.  In my view, legit use (like, for example, making a comcall) are no-roll actions.
RPG mechanics exist to give structure and consistency to the game world, true, but at the end of the day, you’re fighting dragons with algebra and random number generators.

Fatespinner

  • *
  • Newb
  • *
  • Posts: 54
« Reply #5 on: <07-28-20/0015:17> »
I see. Then I misunderstood the meaning of the marks you get from hacking. In my understanding they were the same as legal marks that authorize you for certain actions

Michael Chandra

  • *
  • Catalyst Demo Team
  • Prime Runner
  • ***
  • Posts: 9920
  • Question-slicing ninja
« Reply #6 on: <07-28-20/0302:05> »
They resemble them, but they're not the same for rolls. But yeah it's tricky.
How am I not part of the forum?? O_O I am both active and angry!

penllawen

  • *
  • Omae
  • ***
  • Posts: 804
  • Let's go. In and out. Twenty minute milk run.
« Reply #7 on: <07-28-20/0828:26> »
As a (related) houserule, I’m about to try experimenting with making most legal actions have no dice roll as long as you have the right access, then rebalance OS accumulation to run a little faster on hacking rolls. I don’t see any reason it won’t work and it should speed play up a little. I’ll still call for occasional rolls eg if the character wants to do something really funky with an Edit File.

Beta

  • *
  • Ace Runner
  • ****
  • Posts: 1946
  • SR1 player, SR5 GM@FtF & player@PbP
« Reply #8 on: <07-28-20/1143:55> »
The question of 'how do legit users use the matrix' is very much a "don't pay attention to the man behind the curtain" aspect of 5th edition rules.  Because realistically:

GM: This host is very high security, hacking it will be difficult
Party: so, how does Jane Wageslave edit her files?
GM: Oh, legitimate users are different.
Face: OK, let's become a legitimate user, that sounds easier.
GM: Uh, you can't.
Face: We'll steal Jane's commlink and have her traquilized so she can't report it missing.
GM: Uh, it also uses biometrics ...
Face: No problem, I have the 'ware to copy her prints, eyes, and voice
GM: and, uh, she has to be at her desk to start the log-in
Mage: I can make the face look exactly like Jane
GM: well, there are also passwords
Party: (laughing) Oh, we can make her give us those, and have ways to make sure they are right.
GM: Ummm, ummmmm, uhhhh, that isn't how hacking works in Shadowrun though!

Seriously, as with our own times, social engineering probably should be the more powerful route to break into a system, with hacking being for when there just isn't time for that.  But that would make decker and technos even more niche, so we sort of wave our hands and say that doesn't work, without ever explaining why it doesn't work.

Michael Chandra

  • *
  • Catalyst Demo Team
  • Prime Runner
  • ***
  • Posts: 9920
  • Question-slicing ninja
« Reply #9 on: <07-28-20/1210:21> »
Incidentally, social engineering is a smart move in SR6: Find the Spiders and disable them, so they can't buff the Host.
How am I not part of the forum?? O_O I am both active and angry!

Banshee

  • *
  • Catalyst Demo Team
  • Ace Runner
  • ***
  • Posts: 1095
« Reply #10 on: <07-28-20/1244:18> »
Well there is nothing in the rules that prevents social engineering a way around gaining Host access. You just have to have a GM that is good enough to roll with it, make it possible, and still be a challenge ... otherwise it becomes an easy "win button".

Personally I've always allowed it, but there is still limits. Jane Wageslave only has so much access so using her identity and passcodes only gets you so far then you have to deal with regular hacking to get ti what you need. Which by the a HUGE factor in why I brought nested Hosts back in 6E. Those wageslaves might have access to Host A but the pay data your after is on Host C and the security controls are on Host B because the corp doesn't want Jane even having a chance to get at that stuff.
Robert "Banshee" Volbrecht
Freelancer & FAQ Committee member
Former RPG Lead Agent
Catalyst Demo Team

penllawen

  • *
  • Omae
  • ***
  • Posts: 804
  • Let's go. In and out. Twenty minute milk run.
« Reply #11 on: <07-28-20/1434:04> »
Seriously, as with our own times, social engineering probably should be the more powerful route to break into a system, with hacking being for when there just isn't time for that.  But that would make decker and technos even more niche, so we sort of wave our hands and say that doesn't work, without ever explaining why it doesn't work.
I kinda have an answer for this.

I've recently been writing (a lot) of Shadowrun Matrix fluff, trying to fill in little gaps that annoy me. It's more detail than you need to play the game, and mostly an intellectual exercise just to see if I can do it, but I'm enjoying the process anyway. I'm trying to explain stuff like "can you see through walls via AR" and "why can't I steal someone's persona" and "why can't deckers sit in a safe basement somewhere miles away" while staying within the spirit of RAW.

Here's what I have for why you can't steal someone's access:

Quote
Personas: your commlink as the keys to your life

When you boot up your commlink, the first thing you do is sign into it, via some combination of biometrics. This creates your persona, your digital mirror-image in the Matrix. The persona runs for as long as your commlink keeps it alive.

However, like any newborn, your persona comes into the world naked and powerless. So the next thing that happens is your commlink reaches out through the local mesh and up to various cloud hosts that live on the backbone.

Each of these hosts in turn establishes that the person using your persona matches their fingerprint. For users with direct neural connections, this is carried out as a brainwave challenge/response. The host reaches down through your interface and… pokes… your brain a little, inducing certain patterns. It measures how your brain responds to the poking, and compares it to patterns stored in very secure cloud hosts that were recorded as part of a cryptokey exchange when you created the account. If they match, the host is satisfied you are who you claim to be.

This process is completely safe, or so the corps insist. Any resemblance between the transient brainwave states triggered and those recorded in epileptics is purely coincidental.

This process is extremely difficult to fool, particularly for lots of hosts at once; although there are urban legends of particularly wily deckers pulling off successful man-in-the-middle attacks against people using trodes rather than datajacks.

Unfortunately, users without DNI suffer much lower security. They have to rely on crude biometrics such as fingerprints and retina scans, all of which are much more vulnerable to fakery, even if they use very expensive and high-end scanners.

Once a given host is happy the persona is under your control, it issues your persona with access permissions over whatever it controls. (Deckers call these Access Control Lists, or ACLs - pronounced “ackles”.) One host might belong to Ford, and grant your persona access to drive your Americar. A Horizon host would give you access to your P2.1 social media account. An Ares host, after particularly thorough examination, would enable you to fire your Predator. And so on and so forth - even a low-key user will have hundreds of these permissions.

This all happens in a few seconds.

Personas are ephemeral things. They only last as long as the commlink is running and you are attached to it. (This is particularly irritating for trode users; if the trodes get jostled too much, they can disconnect entirely, and you have to sign in all over again.) Furthermore, to guard against… shenanigans…, the more secure hosts will re-run spot checks of brainwave patterns periodically.

Note also you can never have two personas. The cloud hosts will immediately detect if you attempt to sign in with a second device while the first is still running, and — depending on its paranoia level — either insist one persona is shut down first or completely lock the account down until you contact customer services to get it unlocked.

Fatespinner

  • *
  • Newb
  • *
  • Posts: 54
« Reply #12 on: <07-28-20/1500:50> »
Well so a mage with mind control could force the legitimate user to access files and copy them into a data chip or online storage. Then the most difficult part of hacking would be to find a person with the correct access rights and get access to them. Or just force the person to give a legitimate mark to the Hacker.

Well hacking could still be useful, but less.

I was thinking about the fileaccess. You could argue that having a mark on the host (which equals guest or user access) doesn't give you a mark on all files. Then you would have to use hacking to get a mark on the fly. That might allow you to access the file without havizto roll for editing, but that would be a house rule.

Stainless Steel Devil Rat

  • *
  • Errata Coordinator
  • Prime Runner
  • *****
  • Posts: 4572
« Reply #13 on: <07-28-20/1542:03> »
I was thinking about the fileaccess. You could argue that having a mark on the host (which equals guest or user access) doesn't give you a mark on all files. Then you would have to use hacking to get a mark on the fly. That might allow you to access the file without havizto roll for editing, but that would be a house rule.

That's not just a "you could argue...".  That's exactly how it works.  Got a mark on the host? great.  You can get in.  You still don't have any marks on any icons (to include files) INSIDE the host.  Marks only flow upstream, they don't flow downstream.
RPG mechanics exist to give structure and consistency to the game world, true, but at the end of the day, you’re fighting dragons with algebra and random number generators.

penllawen

  • *
  • Omae
  • ***
  • Posts: 804
  • Let's go. In and out. Twenty minute milk run.
« Reply #14 on: <07-28-20/1546:33> »
Well so a mage with mind control could force the legitimate user to access files and copy them into a data chip or online storage.
You could (although I put control thoughts in the same box as blood and toxic magic in my campaign, outside of PC's hands; I find it psychologically disturbing and mechanically game-damaging.) But (at least in my fluff) you need to be on-premises to access secure files, and if the files are secure enough to be interesting to shadowrunners, the staff are probably being glanced over in the astral on the way in or out. That's going to detect a sustained control thoughts spell immediately.[/quote]

Got a mark on the host? great.  You can get in.  You still don't have any marks on any icons INSIDE the host.  Marks only flow upstream, they don't flow downstream.
Changing this in 6e so they do flow "downstream" is (IMO) one of the key decisions that makes 6e's Matrix better, and well worth considering as a 5e houserule.

In any event, note the second part of Fatespinner's post "That might allow you to access the file without having to roll for editing" which (unless I have grossly misunderstood) is not how it works. Editing a file needs at least three rolls: mark the host, mark the file, edit the file. (Too many, IMO.)
« Last Edit: <07-28-20/1548:17> by penllawen »