[shaudes29]

Q1
How do you use the disarm action/program on a firewall, if you can not target a node,deaker,IC, ext. I think thay mean you can not disarm the entier icon of a node, deacker, IC, ext...

Q2
Can you disarm a nodes firewall before you try to hack an account?

Q3
Can you disarm the analyze on a node before you have hacked into the node?

Q4
How is a disarm attempt detected? Once a program is disarmed how is the disarming of the program found out?


Ex.

If i successfully disarm, the analyze program on a node, and firewall on a node without setting off any alerts or glitches, Would I be free to do what I want without detection?

When the detection test is made to detect the tampering attempt on a disarming of a program, is it a convective test or a one time go VS your stealth program.

[ScytheKnight]

Ummm.. that post was really confusing... but I'm guessing you're talking about Disarming a Data Bomb... well it's really simple, using a Matrix Perception test you check if something you want to access has a Data Bomb, if it does you attempt to use Disarm to get rid of it.

[Herr Brackhaus]

From the language used, I'd say these are 4th edition questions.

[Shaidar]

As my colleagues have pointed out, if SR5 rules:

DISARM DATA BOMB (COMPLEX ACTION)
Marks Required: none
Test: Software + Intuition [Firewall] v. Data Bomb Rating x 2
You attempt to disarm a Data Bomb that you have detected (usually as the result of a Matrix Perception action). If you score any net hits, the Data Bomb is removed and deleted. If not, the Data Bomb activates, causing its damage and possibly destroying any file to which it was attached (assuming it was set to destroy the file).

Also, on further research it is also true for SR4a as well:

Disarm Data Bomb (Disarm)
You attempt to disarm a data bomb that you have detected (usually with a Matrix Perception Test). Make an Opposed Test between your Hacking + Disarm and the Data Bomb Rating x 2. If you score any net hits, the data bomb is removed and deleted. If not, the data bomb activates, causing its damage and possibly destroying any file to which it was attached.

[faket15]

The OP isn't talking about the "disarm data bomb" action. He is talking about the "disarm program" action, from Unwired.

[ScytheKnight]

Would explain why I'm sooo confused about the OP... alrighty then.

[Shaidar]

Disarm (Hacking)
Disarm is used to undermine programs without crashing them. It is used to corrupt targeted software so that the disarmed program cannot act against the hacker (and only the hacker), effectively neutralizing its use. Operating systems, personas, IC, agents, sprites, and malware may not be disarmed, but this utility is effective against most Common Use programs, Hacking programs, and autosofts.
...
Disarm Program
To disarm a program, the hacker must make a Hacking + Disarm (Firewall + System, 1 Initiative Pass) Extended Test. When the threshold is reached, the targeted software can no longer be used against the hacker (i.e., Analyze will not detect the hacker, Attack will not target the hacker, and so on).  The disarmed software still functions normally against others. Likewise, the hacker is still vulnerable to similar software wielded by others. Disarmed software will remain neutralized until it has been reloaded or until the hacker logs off the node.
Firewalls may also be disarmed, but they feature coded countermeasures that make such attempts likely to trigger an alert.  The node makes an Analyze + Firewall (Stealth) Extended Test each time a Disarm Test is made. If it meets its threshold before the Disarm Extended Test succeeds, an alert is triggered, and the Firewall immediately reconfigures itself so that the Disarm attempt must be restarted.
Note that Disarm may not be used against Data Bombs—Defuse is required for that.

Q1
How do you use the disarm action/program on a firewall, if you can not target a node, decker ,IC, etc. I think thay mean you can not disarm the entier icon of a node, decker, IC, ext...

So your Hacker rolls Hacking + Disarm (Firewall + System, 1 Initiative Pass) Extended Test.
Then after each roll of the Extended test the Firewall rolls Analyze + Firewall (Stealth) Extended Test.
If the hacker reaches their threshold first the slide through the firewall, if the firewall reaches its threshold first it reconfigures and goes on Active Alert forcing the hacker to start over.

Q2
Can you disarm a nodes firewall before you try to hack an account?

I might be wrong but, I think you Disarm instead of Hacking an account, since Disarm is a Hacking type of action.

Q3
Can you disarm the analyze on a node before you have hacked into the node?

No, because the Firewall prevents you from accessing the software resident on the node it protects.

Q4
How is a disarm attempt detected? Once a program is disarmed how is the disarming of the program found out?

Analyze + Firewall (Stealth) Extended Test each time a Disarm Test is made. If it meets its threshold before the Disarm Extended Test succeeds, an alert is triggered, and the Firewall immediately reconfigures itself so that the Disarm attempt must be restarted.

Ex.

If i successfully disarm, the analyze program on a node, and firewall on a node without setting off any alerts or glitches, Would I be free to do what I want without detection?

When the detection test is made to detect the tampering attempt on a disarming of a program, is it a convective test or a one time go VS your stealth program.

It appears that the sequence of events is as follows:
Disarm Firewall, while the Firewall attempts to detect.
Disarm Analyze program on a node, Programs can't detect disarm attempts.
Hacker plays merry hob within the system. Tra-la-la.

[shaudes29]

This is a SR4 question. Thanks for the replies, It confirms what I was thinking.

[Shaidar]

You will still have to deal with any IC which is always deployed, such as Access or Barrier but with the Node's Analyze Program disabled in regards to yourself you will be more difficult to detect. Data Bombs are still going to be a hazard however.