NEWS

Talk to me about IC

  • 29 Replies
  • 9429 Views

firebug

  • *
  • Errata Coordinator
  • Prime Runner
  • *****
  • Posts: 2993
  • Scraping the bottom of the Resonance Barrel
« Reply #15 on: <04-18-18/0849:33> »
It's a shame I don't remember it, then...  I do think that's how I've been doing things, but now I'm not sure that's actually explained anywhere in the books.
I'm Madpath Moth on reddit (and other sites).  Feel free to PM me errata questions!
Jeeze.  It would almost sound stupid until you realize we're talking about an immortal elf clown sword fighting a dragon ghost in a mall.

Xenon

  • *
  • Prime Runner
  • *****
  • Posts: 6467
« Reply #16 on: <04-22-18/0428:07> »
https://forums.shadowruntabletop.com/index.php?topic=11514.msg243927#msg243927



Also this:

p. 233 GRIDS. Grids on a Run
All the devices and people in a Shiawase facility will be using the Shiawase global grid
(All devices will be on the Grid. No devices will be inside the Shiawase facility host. Some devices will be slaved to the Shiawase facility host for better protection but they will still be out on the grid - in this case the Shiawase global grid. if you enter the Shiawase facility host you will have a direct connection to all devices out on the Shiawase grid that are slaved to the Shiawase facility host).
« Last Edit: <04-22-18/0505:24> by Xenon »

Marcus

  • *
  • Prime Runner
  • *****
  • Posts: 2802
  • Success always demands a greater effort.
« Reply #17 on: <05-31-18/1802:18> »
Are you implying that a PAN constitutes a host for the purposes of attack devices slaved to said PAN?
*Play-by-Post color guide*
Thinking
com
speaking

Xenon

  • *
  • Prime Runner
  • *****
  • Posts: 6467
« Reply #18 on: <05-31-18/1929:58> »
Not sure I understand your question.


A wireless enabled physical device will have a corresponding matrix icon. An icon that you can see and interact with out on the grid.

The owner of a wireless enabled device can choose to slave it to his commlink, cyberdeck or RCC (be part of a personal area network, or PAN for short). The device will still have an icon of its own out on the grid. You don't need to first hack or "enter" the master device before you can hack the device. In this edition the master device does not act like a router or server for the slaved device. You still interact with the device icon directly. However, the slaved device now does get to use the firewall rating of the master device when defending itself against matrix attacks (if the firewall of the master is higher than its original firewall rating) and if an attacker get a mark on the slaved device he will also get a mark on the master device. A decker that directly connect to the device (for example via cable between the device and his cyberdeck) can hack the device out on the grid without fighting the firewall of the master device (and without worrying about noise or grid penalties). You do not get a direct connection to devices in a PAN by having marks on the master device in the PAN.

The owner of a wireless enabled device can instead choose to slave it to a host he own (be part of a wide area network, or WAN for short). The device will still have an icon of its own out on the grid, a device icon can not be be inside a host (only icons in a host will be personas -such as deckers, spiders, agents and IC- and files). You don't need to first hack or "enter" the host before you can hack the device. In this edition the host does not act like a router or server for the slaved device. You still interact with the device icon directly. The slaved device now get to use the firewall rating of the host when defending against matrix attacks out on the grid and if an attacker get a mark on the slaved device he will also get a mark on the host.

While inside a host you can normally not interact with icons (such as devices or files or personas) out on the grid, but while you are inside the host you will actually be considered directly connected to any device out on the grid that is slaved to the host. This mean that a hacker inside a host can hack devices out on the grid that are slaved to the host, and without fighting the firewall of the host (and without worrying about noise or grid penalties).


It might be easier to think of SR5 devices as real life blue tooth devices, but instead of just 10m range... the blue tooth of SR5 will have unlimited range. To gain access to a jambox paired to an iphone you don't have to first hack the iphone. You can hack the jambox directly. In SR5 it is harder to hack a jambox that is already paired with an iphone, but if you manage to hack the jambox then you get to exploit the pairing to get a backdoor access into the iphone that the jambox is already paired with.

Also, if you directly connect your hacking device to the jambox with a cable then it will be easier to hack it since it can't borrow processing power from the firewall of the iphone, but you can still exploit the backdoor into the iphone the jambox is paired to.

In earlier editions the matrix acted more like a real life home network where you first had to hack and enter a top node router or server before you could gain access to the devices on the network. Doesn't work that way in SR5. You interact with devices directly.
« Last Edit: <05-31-18/1942:01> by Xenon »

Marcus

  • *
  • Prime Runner
  • *****
  • Posts: 2802
  • Success always demands a greater effort.
« Reply #19 on: <05-31-18/2018:09> »
Yes I follow and understand all that, but going into PAN and having IC attack an icon/device inside said PAN didn't make sense to me.
*Play-by-Post color guide*
Thinking
com
speaking

PingGuy

  • *
  • Newb
  • *
  • Posts: 99
« Reply #20 on: <08-27-18/1317:22> »
p. 233 GRIDS. Grids on a Run
All the devices and people in a Shiawase facility will be using the Shiawase global grid
(All devices will be on the Grid. No devices will be inside the Shiawase facility host. Some devices will be slaved to the Shiawase facility host for better protection but they will still be out on the grid - in this case the Shiawase global grid. if you enter the Shiawase facility host you will have a direct connection to all devices out on the Shiawase grid that are slaved to the Shiawase facility host).

I won't argue with RAW of course, but I do see an issue with how this tightly written explanation affects other situations.  Say I have a host, with a device hard-wired to it, and that device does not have wireless.  Where does that icon appear?  By RAW it would still appear outside of the host, but it seems like the host would be the one putting it there as the Matrix has no way to know where this device is, other than what the host tells it.

And of course these situations would be rare, as wired-security is supposed to be, but they should still be expected, and the Matrix should handle them in a way that makes sense.  If directly wiring something doesn't actually provide any benefit then nobody would do it, and the book does at least say that people do it.

Is there anything in any of the books that says device icons can't (as opposed to don't) show up inside a host?  I'm guessing it isn't covered because of the wireless assumption, but without that it's suddenly a question without an answer.

IMO, among the mega's this would never be an issue.  But for a low end host, with an owner who is tight on nuyen, using obfuscation and layering security would make sense.  Sure, the new Matrix could have been designed not to care about that, and the mega's won't care if it affects those with less nuyen, but it seems like people would find a way to make it work.

Finstersang

  • *
  • Omae
  • ***
  • Posts: 751
« Reply #21 on: <08-28-18/0855:49> »
Slightly OT, but I think itīs pity that that there is no "Passive IC" - which was a thing in 3rd Edition - in 5th Edition. All current IC, even Patrol, has its own Initiative track and basically behaves like an NPC. In play, this means more rolls, more bookkeeping, lenghty Matrix Combat session that usually annoy both the Decker and the non-Matrix players and, as you pointed out, a lot of judgement calls by the GM on how the IC recognizes and prioritizes threats. Most of the time, Decker at my tables just logged out and said "fuck it" once IC was alerted - and not just because of the danger to get fried, but because they didnīt want to draw the scene out.

Now imagine if we (and our fictional security Spiders) had a different type of IC in our toolbox, that has the same limitations as the existing "active" IC, but instead of acting like a NPC, it doesnīt have an Iniative track and imposes some kind of passive, (or conditional/periodic) effects to deter hackers instead - basically, the Matrix equivalent of auxilary Security Systems instead of armed Guards. Some Effects my include:

  • Additional Punishment triggered by failed illegal Actions: Matrix Damage, Biofeedback, Marks, OS, Link-Locks, Traces...
  • A "Recorder" IC, which works as a passive Version of Patrol and simply logs activity in the Host in a protected File.
  • Faster OS Accumulation
  • Flat out negative Modifiers (a bit lame, but hey...)
  • Raising Glitch chances
  • Slowing down Search time for unauthorized topics
  • Psychotropic Background Signals that cause discomfort and anxiety...
  • ... or pleasure, euphoria and addiction, making the intruder more prone to return to the crime scene!  ;D
  • Forcing users to use a certain interface mode (or nudging by emposing modifiers).
  • A "Purge protocoll" that deals Matrix damage to all but a few safe targets at the end of every Combat turn. Obviously, this is usually activated by the Spider as a last ressort option.

Additionally, a blacklist and/or whitelist inside of the Host may be used to control which user is subjected to which effects. This might also be used to determine target priorization for active IC, to get finally get back on topic again. ;)
« Last Edit: <08-28-18/0858:49> by Finstersang »

Iron Serpent Prince

  • *
  • Omae
  • ***
  • Posts: 384
« Reply #22 on: <08-28-18/1317:58> »
Finstersang, I'm going to hazard a guess that you never really play Deckers.  Either that, or you only did so under GMs that take it easy on Deckers.  Unless Kill Code has some tasty tidbits that fix the issues, how many other Archetypes can proclaim proudly they have to potential to end their entire careers - if not lives - not to mention risk the safety of their entire team with one failed roll?  ;)

I won't go into my entire rant about Deckers, but the tip of the iceberg is:
  • They require four attributes (in no particular order:  Intuition, Logic, Willpower, Edge - remember that one failed roll? :) )
  • They need two others:  Body and Reflexes
  • They could use an seventh, if they can't / don't spend money on it:  Agility
  • They require five skills across two groups:  Hacking Group; Cybercombat, Electronic Warfare, Hacking -- Electronics Group; Computer, Software
  • They can use a sixth skill that is fortunately under Electronics:  Hardware
  • And then there is the combat skill(s)...

Let me just say that IC is the one of the least of the Deckers worries.
« Last Edit: <08-28-18/1328:49> by Iron Serpent Prince »

Finstersang

  • *
  • Omae
  • ***
  • Posts: 751
« Reply #23 on: <08-28-18/1736:52> »
Iīm usually the GM, and thatīs also the main perspective Iīm posting from. Iīm quite aware of the fact that the Matrix rules (not counting in Kill Code and some upcoming errata pieces) are in a bad place right now, as well as 5th Editions balancing between Man, Magic and Machine/Matrix in general. As you might also tell from my current signature  ;D There are countless threads where people vent over these issues, and rightfully so. Iīm often one of them, salty little me. But I donīt want every thread about Matrix issues to turn into the same circlejerk about how bad Deckers and TMs are and how bad the odds are stacked against them while the Summoner can basically solo the whole mission with a Level 12 Cheese Spirit right out of chargen. Itīs true. I know. Luckily, I have control over my own houserules  8)

As a GM, I can always adjust the difficulty for Hackers once Iīm aware of the balancing problems. Ditching the ridiculous suggestions for Host Ratings in the Core Rulebook is a good start. But with all the nested dice rolls, the bonus ruleset and the fact that teams rarely have more than one Matrix specialist, I have also to deal with a pacing problem - I have to do my best to avoid a situation where the run is interrupted too much by a solo hacker minigame. And one problem here - not the biggest, but a problem nonetheless - is the fact that host security is done by active entities with their own initiative tracks (and IC are actually the least complicated of them!). Thus, I advocate for the return of "Passive IC" because I think GMs need less intrusive challenges for Matrix runs.

Pacing is also the reason why Iīm advocating for:
  • Usable and permissive Teamwork rules (boost for the hackers while also keeping the rest of the team in play!)
  • Perks and rewards that allow the hacker to ditch dice-rolls and/or enhance action economy.
  • Quick-Hack rules, for when you just donīt have the time to play out all the steps in detail.
« Last Edit: <08-28-18/1757:05> by Finstersang »

Beta

  • *
  • Ace Runner
  • ****
  • Posts: 1946
  • SR1 player, SR5 GM@FtF & player@PbP
« Reply #24 on: <08-30-18/1144:26> »
Reading and re-reading this thread, something finally hammered its way through my thick skull (firewall I may have; data processing apparently not so much).  At least, based on what I'm reading, it seems to me that:

When you are hacking a camera or a lock slaved to a host, you don't have to worry about ICE

  • The device is on the grid, so you don't have to go into the host
  • IC only runs inside a host

There may be times when you want to go into the host (such as when it's firewall is high enough that you want to edge one roll to get a mark on it, go into the host, then use the direct connect to only go versus the device rating of each slaved device that you want to hack).

Am I correct in this?  And if I am, what can be done about it, from the host/security point of view?  Send a spider out onto the grid to .... do what I'm not too sure.  But otherwise I don't see an option for _actively_ defending devices.
« Last Edit: <08-30-18/1146:11> by Beta »

Stainless Steel Devil Rat

  • *
  • Errata Coordinator
  • Prime Runner
  • *****
  • Posts: 4572
« Reply #25 on: <08-30-18/1159:13> »
Reading and re-reading this thread, something finally hammered its way through my thick skull (firewall I may have; data processing apparently not so much).  At least, based on what I'm reading, it seems to me that:

When you are hacking a camera or a lock slaved to a host, you don't have to worry about ICE

  • The device is on the grid, so you don't have to go into the host
  • IC only runs inside a host

There may be times when you want to go into the host (such as when it's firewall is high enough that you want to edge one roll to get a mark on it, go into the host, then use the direct connect to only go versus the device rating of each slaved device that you want to hack).

Am I correct in this?  And if I am, what can be done about it, from the host/security point of view?  Send a spider out onto the grid to .... do what I'm not too sure.  But otherwise I don't see an option for _actively_ defending devices.

The way I understand it a device slaved to a host won't simultaneously be out on the grid.  Because it's "in" the host, even if it's significantly geographically removed from wherever the physical computer serving as the host is located.
RPG mechanics exist to give structure and consistency to the game world, true, but at the end of the day, you’re fighting dragons with algebra and random number generators.

PingGuy

  • *
  • Newb
  • *
  • Posts: 99
« Reply #26 on: <08-30-18/1217:13> »
The way I understand it a device slaved to a host won't simultaneously be out on the grid.  Because it's "in" the host, even if it's significantly geographically removed from wherever the physical computer serving as the host is located.

That seems to conflict with this:

p. 233 GRIDS. Grids on a Run
All the devices and people in a Shiawase facility will be using the Shiawase global grid
(All devices will be on the Grid. No devices will be inside the Shiawase facility host. Some devices will be slaved to the Shiawase facility host for better protection but they will still be out on the grid - in this case the Shiawase global grid. if you enter the Shiawase facility host you will have a direct connection to all devices out on the Shiawase grid that are slaved to the Shiawase facility host).

Which is what I posted about further up the thread.  It's very clearly stated, but I don't think it makes logical sense.

For my campaign, which starts tomorrow, I'm going to go by the RAW for the most part.  Anything that is slaved to a host via wireless will follow this convention.  But for anything using wired security, with wireless disabled, I will show the device inside the host.  That won't happen often, but I feel like it needs to be an option.

Finstersang

  • *
  • Omae
  • ***
  • Posts: 751
« Reply #27 on: <08-30-18/1353:24> »
Ah, this one is confusing many players:

A device can not not inside a Host, but it may be slaved to it. A slaved Device (letīs say, a camera) can then use the High Matrix Attributes of the host to defend against hacking. The Icon of the device is outside of the Host, out on the Grid. You can hack it without having to go inside the host. In many situations, this might be the smarter choice: You donīt need a Mark on the Host and you donīt need to worry about IC.

However, when you go inside the Host, you can still affect the devices that are slaved to it, because everyone inside the Host is treated as having a direct connection to it. Sadly, still no explanation on how this looks like in the Matrix iconography. Are there some kind of "windows" in the host ??? However, a direct connection means that the device is acessible from inside the host as well. This also means that the Device doesnīt benefit from being slaved to the Host and will defend only with its own attributes against your attacks.

This means there are multiple ways to proceed here:

  • Hacking the Device from outside the host: The quick solution. If you donīt expect to hack into any other slave of the Host and if you donīt need to retrieve any Data from the Host, do this. Since you also get a Mark on the Host when you get a Mark on the Device, this is usually a good way to start things. You may still proceed with #2 when necissary.
  • Hacking the Device from inside the host: You need at least one Mark on the host, which means that you need to make at least one roll against the usually higher firewall of the host anyway. Also, you might get busy with the IC. However, if you want to hack multiple devices, track multiple camera feeds or have other business in the Host (like finding Paydata), this is the better way: The fact that you are treated as having a direct connection to the slaves of the host means that itīs a lot easier to hack them.
  • Hacking the device with a real Direct Connection (Cable or Skinlink): The only way to absolutely avoid having to roll against Host Ratings. Since you also get a Mark on the Host when marking a slave, you can also (ab)use the device as a backdoor to enter the host more easily.

For my campaign, which starts tomorrow, I'm going to go by the RAW for the most part.  Anything that is slaved to a host via wireless will follow this convention.  But for anything using wired security, with wireless disabled, I will show the device inside the host.  That won't happen often, but I feel like it needs to be an option.

In short: Wireless Devices (i.e. their icons) can be accessed both from inside and outside the host they are slaved to. The concept of "wired" hosts hasnīt really been explained very well in the rules until Kill Code , which dropped this very day. Iīm currently sifting through it. From what I understand, itīs now officially possible to have:

  • Hosts that are completely offline and can only be accessed by physical access
[li]"Local Hosts", which may or may not be accessed from the Matrix and have some kind of physical backbone that you can attach wireless-disabled devices to. In this case you would be forced to enter the host to hack the slaved devices. Iīm not entirely sure on that one, but it would make sense.
[/li][/list]

Not that many tables already assumed these kind of security architectures exist  ;D
However, according to Kill Code, these are rare, because the suits prefer universal accessability and put too much trust into GOD, most likely while the IT guys are grinding their teeth in frustration. Just like in real life  ::)
« Last Edit: <08-30-18/1602:40> by Finstersang »

Finstersang

  • *
  • Omae
  • ***
  • Posts: 751
« Reply #28 on: <08-30-18/1623:09> »
  • "Local Hosts", which may or may not be accessed from the Matrix and have some kind of physical backbone that you can attach wireless-disabled devices to. In this case you would be forced to enter the host to hack the slaved devices. Iīm not entirely sure on that one, but it would make sense.

Nevermind, I misread something *Sigh*.

Instead, we now have so called Industry Hosts (Kill Code, p. 44). They work differently: As it seems, the devices slaved to these hosts are still out on the grid, but are not treated as if they are directly connected to anyone inside the host (Yet, they are also somehow "within" the host?). Anyway, they still profit from the Master-Slave protection against attacks from inside the host. Which would mean that thereīs no point to enter it except data extraction ???

Not sure if Iīm missing something here. Maybe this type of host is supposed to actually have slaved devices "inside" of it instead of having them out on the grid. However itīs not explicitly stated that Industry Hosts, in contrast to other hosts, are able to do so. Itīs implied at best, because everything else would be a massive design fail  ::)

(The other new host types are actually well thought out and properly described, though)   
« Last Edit: <08-30-18/1625:58> by Finstersang »

PingGuy

  • *
  • Newb
  • *
  • Posts: 99
« Reply #29 on: <09-04-18/1511:31> »
p. 233 GRIDS. Grids on a Run
All the devices and people in a Shiawase facility will be using the Shiawase global grid
(All devices will be on the Grid. No devices will be inside the Shiawase facility host. Some devices will be slaved to the Shiawase facility host for better protection but they will still be out on the grid - in this case the Shiawase global grid. if you enter the Shiawase facility host you will have a direct connection to all devices out on the Shiawase grid that are slaved to the Shiawase facility host).

I won't argue with RAW of course, but I do see an issue with how this tightly written explanation affects other situations.  Say I have a host, with a device hard-wired to it, and that device does not have wireless.  Where does that icon appear?  By RAW it would still appear outside of the host, but it seems like the host would be the one putting it there as the Matrix has no way to know where this device is, other than what the host tells it.

And of course these situations would be rare, as wired-security is supposed to be, but they should still be expected, and the Matrix should handle them in a way that makes sense.  If directly wiring something doesn't actually provide any benefit then nobody would do it, and the book does at least say that people do it.

Is there anything in any of the books that says device icons can't (as opposed to don't) show up inside a host?  I'm guessing it isn't covered because of the wireless assumption, but without that it's suddenly a question without an answer.

IMO, among the mega's this would never be an issue.  But for a low end host, with an owner who is tight on nuyen, using obfuscation and layering security would make sense.  Sure, the new Matrix could have been designed not to care about that, and the mega's won't care if it affects those with less nuyen, but it seems like people would find a way to make it work.

I'm going to counter-point my own post.  I still believe it should be possible to have devices show up inside a host.  But after running a session where I did just that, I now understand why that shouldn't be the norm.  Quite simply, the attention you get for touching a device inside a host is much greater than what you get for touching one outside of a host.

For example, I had a few devices inside a host to catch the attention of the TM that was there performing a data steal.  They were mainly there for him to screw with if he had some time to kill after getting the data.  Due to the risk of being found by patrol IC and getting attacked, he didn't stick around long.  He did view the camera device just to see what it was looking at, but that was about the extent of it.

Now, if I would have put these devices outside the host as they would normally be, he could mess with them until his overwatch score gave him a problem.  So if he needed to do longer term monitoring of the cameras he could hack a mark, control device and sit on it until convergence was closing in.  The IC wouldn't be an issue, but maybe the spider would.

Now in this case, none of these devices would be in use if they showed up outside the host, the whole point was to hide their existence.  So it was the right call at the time, but I would have designed this run a little differently if I had realized the nuances of the placement I was arguing for.  Lesson learned.