NEWS

[SR5] is hacking a host extremely difficult?

  • 12 Replies
  • 345 Views

Fatespinner

  • *
  • Newb
  • *
  • Posts: 41
« on: <07-27-20/1417:49> »
Hi all,

I was doing my first real hack of a host and noticed how difficult it is. I have int 6 and hacking 6, the other cracking and electronic skills at 4.

Now when I go against a medium corporate host, I faced a level 8 host. Not to unreasonable. I barely managed to get a mark with edge (12 base dice + 2 for vr. +2 for a level 4 agent against 19 dice).

So my problem was, now that I was on the host, I had problems to succeed at any other matrix action. I had to use nearly all the time edge and left to host with no edge remaining and not helping my group much.

Was I doing something wrong? Is it supposed to be that difficult? Even if I had specialized in hacking host and hack on the fly (gaining a +4 from skill and advantage), it would only help me with the first roll.

Do I have to get so many skills at such a high level? I am honestly shocked.

Stainless Steel Devil Rat

  • *
  • Errata Team
  • Prime Runner
  • ***
  • Posts: 3778
« Reply #1 on: <07-27-20/1443:02> »
Rating 8 is supposed to be a fairly high end host.  That's not the hacking equivalent of fighting a mob of gangers or mafia goons.
RPG mechanics exist to give structure and consistency to the game world, true, but at the end of the day, you’re fighting dragons with algebra and random number generators.

Banshee

  • *
  • Catalyst Demo Team
  • Omae
  • ***
  • Posts: 918
« Reply #2 on: <07-27-20/1455:14> »
Yeah ... a "medium" host would only be a 5 or 6 at most.
Robert "Banshee" Volbrecht
Freelancer & FAQ Committee member
Former RPG Lead Agent
Catalyst Demo Team

Michael Chandra

  • *
  • Catalyst Demo Team
  • Prime Runner
  • ***
  • Posts: 9553
  • Question-slicing ninja
« Reply #3 on: <07-27-20/1509:20> »
And even then getting in should be something done through Direct Connections, and you target Cameras through the Direct Connection you now have with all slaved devices, meaning the Host can't protect them, if I recall the rules correctly. It's only the Files and such that are tricky once you're in.
How am I not part of the forum?? O_O I am both active and angry!

Beta

  • *
  • Ace Runner
  • ****
  • Posts: 1787
  • SR1 player, SR5 GM@FtF & player@PbP
« Reply #4 on: <07-27-20/2011:56> »
Hacking is hard for two reasons:
- the suggested host ratings generate quite large dice pools, an
- a single fail on a hacking action tends to mean you have about a turn to wrap things up before the IC gets out of hand.

But as said above, if you get your initial mark by doing direct connect to a device (remember marks flow upstream from device to host), then you can lower that initial pool.  After which some of the actions you need to take are legal ones, so that as long as you have the time you will succeed eventually in your matrix perception to find your target. And with a mark on the host you count as having a direct connection to all slaved devices, so you are not facing the hosts dice if you are hacking cameras and locks.  Editing files can be oddly difficult,  however.
Tipperman  --
speechthoughtmatrix

Fatespinner

  • *
  • Newb
  • *
  • Posts: 41
« Reply #5 on: <07-28-20/0012:55> »
Ok, I see. So the suggested host ratings are a bit to high? 5-6 would be local police or small universities. Local corporate hosts or minor government host are around 7-8.

We were playing the Denver adventure, were you have to get into the Paladin hospital and steal some data. And the host setting there was different from what I was expecting.

Beta

  • *
  • Ace Runner
  • ****
  • Posts: 1787
  • SR1 player, SR5 GM@FtF & player@PbP
« Reply #6 on: <07-28-20/1134:54> »
Yah, in my game the host strength in the clinic there was tough!  And the decker had 8 logic (2 points from 'ware), and a specialization in hack on the fly, so could roll 16 dice on hack-on-the-fly, 14 on other Hack and Computer actions (but only 11 for matrix perception at the time).  Even so I think every hack ended up using one or two points of edge, to make sure not to set off security.

By the end of that adventure the hacker was getting commlinks off disabled staff and hacking those to send messages to call people to the party, to avoid having to hack the clinic security host.

Two thoughts:
- Hosts have rating R, and for ASDF have R, R+1, R+2, R+3.  I suspect that most hosts, most of the time, will have that R+3 in Data Processing, because that is their speed for supporting users.  Only when they sustpect an issue are they apt to put that top value in Firewall. (granted that Firewall is probably usually getting R+2, so it isn't a big difference)
- I feel that Serrated Edge was originally written for 4th edition and then updated for 5th before publication.  Normally in 5th they do not talk about having so many different hosts for different areas of one company (but in 6th that comes back again, with nested hosts).  When there are multiple, I'd give opportunities pretty freely for direct connect to things like maintenance hosts.  Clever hackers can do a lot with that , even without being in security (sending a cleaning drone to pass through a locked door, for example, and letting invisible characters slip through with it).  Obviously direct connect to the security host would be a bit trickier to arrange, but with a bit of creativity they should be able to manage it.
Tipperman  --
speechthoughtmatrix

Fatespinner

  • *
  • Newb
  • *
  • Posts: 41
« Reply #7 on: <07-28-20/1459:31> »
Yes the host architecture looks much more like 4th. Maybe that explains some issues. My Technomancer used multiple infiltration Sprites and edge to finally hack the medical data host and get the needed files. Using a service from each registered sprite to call them into the host (not sure if that is possible if only the hacker has a mark).
« Last Edit: <07-28-20/1504:21> by Fatespinner »

Xenon

  • *
  • Prime Runner
  • *****
  • Posts: 5768
« Reply #8 on: <07-29-20/0318:10> »
Was I doing something wrong?
If your team help you get physical access to one of the devices slaved to the host then you can establish a Direct Connection (in this case by connecting a wire between your cyberdeck and the device). This let you hack the device while it only defend with its own ratings (which is typically 4 dice).

This should make it trivial to place your make on the device. Because of the tight relationship between the slaved device and the host when you place your mark on the device you also, automatically, get to place your mark on the Host as well. Still without fighting host ratings.

With a Mark on the device you can Enter the Host. Now you will be considered Directly Connected to all slaved devices out on the Grid that are also slaved to the Host (part of the WAN). This let you hack them one by one without fighting Host ratings as well.



The only thing that will be tricky is if you are there to grab pay-data from the Host (or if you get exposed by IC of course). This is typically how a pay-data-run is resolved (using pure game mechanics, there are typically some RP involved as well ;-))

  • Once you Enter the Host you typically want to take the Change Icon action to make you look like regular Persona Icons in the Host. This normally don't require a test at all
  • Now that it look like you belong you take a Matrix Search test with a base time of 60 seconds. This test is not opposed by Host ratings. This is a legal action which mean you can often do it without running silent
  • After you find the File Icon you often want to take a Matrix Perception test to find out if it have a Data Bomb or if it is Protected. This test is typically not opposed by Host ratings as well. This is a legal action which mean you can often do it without running silent
  • If it have a Data Bomb you want to disarm it (otherwise you skip this step). It will oppose the test with Data Bomb Rating x 2, which is typically lower than Host ratings. This is also a legal action which mean you can often do it without running silent
  • Then you need to place a Mark on the File Icon. Even though you are inside the Host you will not gain a Direct Connection to the File Icon. This is a test that will be opposed by Host ratings! This is a test where you typically need to be prepared to use Edge! This is the first illegal action you take. If you do Hack on the Fly then there is still no real reason to run silent (if you fail the Host will mark you anyway).
  • If the file is Protected you need to Crack the Protection (otherwise you skip this step). It will oppose the test with Protection Rating x 2, which is typically lower than Host ratings. But this is an Attack action! This means that you should almost always try to run silent before you take this action. Host will not be alerted while you fail this action but the second you crack the protection the Host will be on high alert. Patrol IC will start looking for you. Host will launch more deadly IC. You are now up against the clock!
  • It is now time to copy the file and get the hell out of Dodge City before the Shit hits the Fan. Copy the File is resolved with the Edit File action. Even though you are inside the Host you will still not gain a Direct Connection to File Icons. This is a test that will be opposed by Host ratings! If the file was Protected the Host will also be aware of your presence so you don't have many attempts. Be prepared to spend Edge on this test!
  • Once you have the file you Exit the Host, Switch interface Mode to AR and Reboot (unless the Host have you Link-Locked, in which case instead directly go for the Jack Out action - or kill the Icon that have you linked locked)

Good luck :-)

Fatespinner

  • *
  • Newb
  • *
  • Posts: 41
« Reply #9 on: <07-29-20/0327:52> »
Thanks a lot. That was very helpful. So manipulating files is the most difficult thing. That includes editing video feeds and stealing data. However disabling devices and controlling them is easier.

I was not aware of the fact that if you are on a host, that you have a direct connection to all linked devices

Xenon

  • *
  • Prime Runner
  • *****
  • Posts: 5768
« Reply #10 on: <07-29-20/0419:21> »
While book does not really explain this in a good way, the intent (as explained by the author at the time, Aaron) is that all Device Icons are out on the Grid, never inside a Host. No matter if they are slaved to a Host or not. Just that if you happen to be inside a Host that the device is slaved to you will be considered Directly Connected (zero meters, no noise, no master ratings) to the device out on the grid (this is an exception to the rule that you normally can't interact with icons out on the grid).



So manipulating files is the most difficult thing.
Manipulating or Stealing files that are located inside a Host.
Yes.

But you also have to fight host ratings if you hack slaved devices out on the grid remotely over the matrix without using a direct connection...



That includes editing video feeds and stealing data.
Stealing data for sure. And editing video files saved inside a host as well.

But when it comes to editing live camera feeds......

Depending on your reading you can edit a live video feed in real time as your team walk pass the camera by taken the Continuous Edit File action on the Camera out on the Grid (rather than on a File Icon inside the Host).

SR5 p. 239 Edit File
If you want to perform a continuous edit, such as removing your teammates from a video feed, you need to perform this action once per Combat Turn for as long as you want to keep the edit going.


I was not aware of the fact that if you are on a host, that you have a direct connection to all linked devices

SR5 p. PANs and WANs
If you are in a host that has a WAN, you are considered directly connected to all devices in the WAN.



When it comes to devices in 5th edition you basically have 3 options.

  • Attack the device remotely over the matrix directly on the Grid. If device is slaved then it get to defend using Master ratings. Noise might be an issue (both due to distance and also wireless inhabiting paint etc). Typically don't have to worry about physical patrols and drones since you are doing it from a distance. Typically don't have to worry about spiders and IC since they will be inside the Host and not out on the Grids. This normally require a dedicated decker with huge dice pools
  • Attack the device via physical Direct Connection. This require physical proximity to the device which mean you have to watch out for physical patrols and drones. Master ratings are not an issue with this approach. Noise is not an issue. IC and spiders are normally not issues either. Instead of a dedicated decker this typically require a decker that is at least not untrained in stealth (and firearms and athletics and)
  • Attack the device from within the host it is slaved to, This require a mark on the Host and that you are actually inside the Host which mean you have to watch out for IC and spiders. Host rating might be an issue to gain entrance to the Host but after that you don't have to worry about master ratings. Noise is not an issue (you can even be on the other side of the world, you will still count as zero meters away from all slaved devices). Physical patrols and drones are often also not an issue

But as I explained above you can also try to sneak in to grab a mark on that exposed slaved devices (sometimes you can even make this into a small mini-run that involve the entire team). Once you have the mark on the Host you can then walk out to the rigger van, go into raggdoll mode, entering the host and do the rest of the hacking from the direct connection you get by being inside the host (combining both method 2 and method 3 to avoid host ratings altogether).
« Last Edit: <07-29-20/0421:32> by Xenon »

Fatespinner

  • *
  • Newb
  • *
  • Posts: 41
« Reply #11 on: <07-30-20/0339:54> »
That helped me a lot to understand how the hacking works. In option 1 you roll against the host+firewall in most cases and in the other two options against the device rating *2?

Xenon

  • *
  • Prime Runner
  • *****
  • Posts: 5768
« Reply #12 on: <07-30-20/0752:52> »
Yes.

Unless the device is not slaved that is (which is quite common). In which case it will typically defend with device rating x 2 as well, even if you attack it wireless over the Grids without using a direct connection.

Due to the backdoor exploit most publicly available devices (like the camera and coffee machine in the public lobby and the exterior maglocks of the building etc) will probably not be slaved to a host to begin with.

Devices will typically only be slaved to the host once you reach more private areas (the camera behind the door clearly marked with "Private, employees only!").

SR5 p. 233 PANs and WANs
A host can have a practically unlimited number of devices slaved to it, but because of the direct connection hack you rarely see more devices than can be protected physically.


And of course you have devices that are part of a PAN. They will typically defend with the firewall of the master (rather than their own device rating) and mental attributes of their owner (rather than their own device rating).

...unless you can establish a direct connection to them (but that typically only happens if you can physically steal or borrow the device).