Logs for ShadowRN and Associated Mailing Lists

From:	Logan Graves <logan1@*****.INTERCOM.NET>
Subject:	Decking & Matrix Security
Date:	Tue, 30 Sep 1997 16:39:17 -0400

Message no. 1 A question about decking & personal matrix security, which came up
during a recent session. And we had no idea which way to rule on it.

When one looks out across that 'consensual hallucination, commonly known
as the Matrix' & sees those yellow/white pyramid icons representing the
(small) personal systems, which literally carpet the grid's lower
levels,

"what security mechanism is in place to keep the deckers out??!!"

As I understand it, those UMS pyramid icons appear only when a system is
jacked-in/connected-to the Martix. But what allows deckers into Fuchi
and not into Joe Citizen's computer?

(I finally bought VR2 & got a start on untangling the new rules, but I
lent it to our current decker, before I finished reading it...
yea, I know: stupid! stupid! stupid!!)

<rant>

I mean, we could waltz right into the Fuchi Star, if not for the
famed/reviled "Dragon Black Ice" (along with their lesser forms of IC)!

Is it simply the fact that there are SO MANY modems out there & so many
personal systems, that their sheer number acts as a kind of defacto
protection?

I don't buy this one bit! In an age where information = power, you
could easily raid IC-less or Green/Blue systems all day, 'till you found
some dirt that *someone* was willing to pay for.

How else could the Burkingmen exist, let alone survive?!

Sure, this may not be huge payola, but yer life expectancy would likely
be longer by a factor of 10.

And just look at today's (and the past decade's) hackers -- many of us
did stuff just for the frag of it -- just because we could or more often
to *prove* we could.

So, what really keeps the deckers out?!

</rant>

{Pfsssshtt} <==takes shot of MAO -- beter living thru chemistry!

Any ideas on this one, folks?

--Fenris
___________________________________www.intercom.net/user/logan1/bkk.htm
Big Knobi Klub, *the* spot for SR!

From:	Adam J <fro@***.AB.CA>
Subject:	Re: Decking & Matrix Security
Date:	Tue, 30 Sep 1997 15:02:07 -0600

Message no. 2 At 16:39 9/30/97 -0400, you wrote:
>A question about decking & personal matrix security, which came up
>during a recent session. And we had no idea which way to rule on it.

Woohoo! Matrix! Fuck the guns, gimme a deck! :)

>When one looks out across that 'consensual hallucination, commonly known
>as the Matrix' & sees those yellow/white pyramid icons representing the
>(small) personal systems, which literally carpet the grid's lower
>levels,
>
> "what security mechanism is in place to keep the deckers out??!!"
>
>As I understand it, those UMS pyramid icons appear only when a system is
>jacked-in/connected-to the Martix. But what allows deckers into Fuchi
>and not into Joe Citizen's computer?

I would think that you would get into Joe Citizens computer much more
easily. See below..

><rant>
>
>I mean, we could waltz right into the Fuchi Star, if not for the
>famed/reviled "Dragon Black Ice" (along with their lesser forms of IC)!
>
>Is it simply the fact that there are SO MANY modems out there & so many
>personal systems, that their sheer number acts as a kind of defacto
>protection?
>
>I don't buy this one bit! In an age where information = power, you
>could easily raid IC-less or Green/Blue systems all day, 'till you found
>some dirt that *someone* was willing to pay for.

Sure you could. Of course, it's not exactly glamourour, which some deckers
worry about. They all want to make the big hack, the kind that appears on
the 205x equivalent of www.2600.com

>And just look at today's (and the past decade's) hackers -- many of us
>did stuff just for the frag of it -- just because we could or more often
>to *prove* we could.

I think FASA sort of conciously changed the decker mentality away from the
hacker mentality of the past. It's more a game of money now, than glory
and learning. Personally, I'm not a huge fan of FASA's matrix
representation and support..

>So, what really keeps the deckers out?!

What keeps you out of my computer right now? (Oh, I'm not logged on.
Writing mail offline..:)

I would assume that a standard computer/cyberterminal only allows access on
the Matrix equivelent of a 'port'. Even if I was logged on, you could only
reach me through a few select ones. Of course, you don't want me to Know
that you're there, I mean hell, you're hacking my system.

So, you waltz your icon up to the main datastream into my computer, and
try to get in. Well, it doesn't recognize the icon, so it won't let you in
-- in a world where almost every computer would be networked, password
access would be the default, IMO. Even now, most OS's need a password to
enter the work enviroment, and more and more emphasis is being placed on
being 'networkable'

Big hint: Don't let the password be bypassed by pressing <esc>. What a
stupid load of shit.

After a deck's main entry phase, one would assume a decker/user could run
IC inside it, just like any other system on the matrix. *sound of pages
flipping*
VR2 doesn't mention this? Or I just missed the page..

However, in short, the only thing I think that's different between Joe
Citizens deck and Fuchi's system is Fuchi's is damn bigger, and a more
inviting target, with more room for backdoors and bugs, yet also more room
to let IC and frames guard it.

Clear as mud, like usual..

-
http://shadowrun.home.ml.org \ TSS Productions \ The Shadowrun Supplemental
ShadowRN Assistant Fearless Leader \ WildAngle@******** \ fro@***.ab.ca
From The Jury's Bench: http://www.interware.it/shadowrun/jurybench

From:	Brett Borger <bxb121@***.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Tue, 30 Sep 1997 17:17:39 EST

Message no. 3 > So, you waltz your icon up to the main datastream into my computer,
> and try to get in. Well, it doesn't recognize the icon, so it won't
> let you in -- in a world where almost every computer would be
> networked, password access would be the default, IMO. Even now,
> most OS's need a password to enter the work enviroment, and more and
> more emphasis is being placed on being 'networkable'

THe whole "password" thing is what Sleaze bypasses. Sorry, but I
don't by it.

I think full-blown deckers CAN EASILY get inside your computer. BUT:

1) there are a lot of weenies beaten by Green systems.

2) Motivation. Sure, I can slag through dozens of peoples files in a
day, and my deck will cut through their IC like...well...an arc
welder. But what will I find? Not much. Maybe 1 in 100 has
anything of interest. THen I have to find someone interested. Then
they pay me the few hundred nuyen it's worth to them. Get the
picture? Anyone with sensitive data will either 1)keep it offline 2)
use a company provided terminal with better security or 3) lose it
real quick, along with job and possibly life.

-=SwiftOne=-

From:	David Buehrer <dbuehrer@****.ORG>
Subject:	Re: Decking & Matrix Security
Date:	Tue, 30 Sep 1997 16:20:32 -0600

Message no. 4 Logan Graves wrote:
|
| So, what really keeps the deckers out?!

Keep in mind that most of the important information is owned by the
megacorps, and they can afford orange and red systems.

Everything else that's on a green or blue system is public domain
(surf the web on any given day to get a good idea of what it's
like). To get anything thats worth something a decker would have to
put in some serious hours. And the chance that a corp has put some
sensitive information on his private computer is pretty slim.

And for all of the lower corporations they may only have blue (blue
is harder than green right?) they can still have a couple pieces of
nasty ice guarding the sensitive stuff.

So, yes, a decker has an almost unlimited number of green systems to
crack. But that information overload (3,000,000 goddamn recipes for
tuna caserole!) won't be fun. Most deckers/hackers do it for the
fun. And the only thing that's fun is cracking those orange and red
systems :)

-David
http://www.geocities.com/TimesSquare/1068/homepage.htm
--
"Creativity is allowing yourself to make mistakes. Art is knowing
which ones to keep."

From:	"Wendy Wanders, Subject 117" <KGGEWEHR@******.ACS.MUOHIO.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Tue, 30 Sep 1997 18:22:43 -0500

Message no. 5 You wrote:
> THe whole "password" thing is what Sleaze bypasses. Sorry, but I
> don't by it.

> I think full-blown deckers CAN EASILY get inside your computer. BUT:
{snip}

Frankly, SR has never really described much about what computers *DO* besides
present targets for deckers. We have no idea how much processing power 50 MP
represents on a wrist comp, or how much headware memory is worth to the owner
aside from how many knowsofts and such he can hold... Even the 1MP ~
2 Megabytes of info that I once got informally from Tom Down doesn't tell you
much. How big is your average word processor, or spreadsheet program now?
What sort of programs are run on PCs, let alone mainframes? It's left so vague
the GM must ad-lib it completely, really... This is one of CP2020's advantages
over SR. Prices listed and memory sizes for ICE. So you can ice your deck if
you want to, or what-have-you. It does a better job of giving a feel that
computers do something other than hold info for deckers to steal, this is what
SR needs for decking, something that should have found its way into VR 2.0.

losthalo

From:	John E Pederson <lobo1@****.COM>
Subject:	Re: Decking & Matrix Security
Date:	Tue, 30 Sep 1997 17:50:51 -0500

Message no. 6 On Tue, 30 Sep 1997 16:39:17 -0400 Logan Graves
<logan1@*****.INTERCOM.NET> writes:

<<A question about decking & personal matrix security, which came up
during a recent session. And we had no idea which way to rule on it.
When one looks out across that 'consensual hallucination, commonly known
as the Matrix' & sees those yellow/white pyramid icons representing the
(small) personal systems, which literally carpet the grid's lower levels,

"what security mechanism is in place to keep the deckers out??!!"

As I understand it, those UMS pyramid icons appear only when a system is
jacked-in/connected-to the Martix. But what allows deckers into Fuchi
and not into Joe Citizen's computer?>>

Ummm...Bandwidth (or lack thereof)? Right now, it's totally possible to
have a modem that runs faster than your computer can really keep up with
(ask Shintaro;), assuming that your Matrix hook-up isn't run through an
external device, there's still the processing speed of the system itself:
trying to deck into most decks will probably crash the other cyberdeck.
(OTOH, my real-life knowledge of computers ranks only slightly above
'rank newbie', I suppose, so you may take that all with a large grain of
salt if I happen to be at all off:)

--
John Pederson "Oh my God! They killed Kenny!"
aka Canthros, shapeshifter-mage --South Park
lobo1@****.com canthros1@***.com john.e.pederson@***********.edu
http://www.geocities.com/Area51/Lair/4864 ICQ UIN 3190186

From:	Tim Cooper <z-i-m@****.COM>
Subject:	Re: Decking & Matrix Security
Date:	Wed, 1 Oct 1997 04:20:13 EDT

Message no. 7 On Tue, 30 Sep 1997 15:02:07 -0600 Adam J <fro@***.AB.CA> writes:
>At 16:39 9/30/97 -0400, you wrote:

[snip]

>>I don't buy this one bit! In an age where information = power, you
>>could easily raid IC-less or Green/Blue systems all day, 'till you
>found
>>some dirt that *someone* was willing to pay for.
>
>Sure you could. Of course, it's not exactly glamourour, which some
deckers
>worry about. They all want to make the big hack, the kind that appears
on
>the 205x equivalent of www.2600.com

Not to mention the amount of time required to FIND someone willing to pay
for the junk you nabbed from Joe Citizen's computer... it's probably a
bit easier to know where to begin looking if the data you stole happened
to be some prototype, or release schedule for some highly competative
product.

[snip]

>>So, what really keeps the deckers out?!

[snip Fro's eloquent answer]

>However, in short, the only thing I think that's different between Joe
>Citizens deck and Fuchi's system is Fuchi's is damn bigger, and a more
>inviting target, with more room for backdoors and bugs, yet also more
room
>to let IC and frames guard it.

That and Fuchi's system isn't protected by a three year old,
shareware/beta copy of Acme's Anti-Virus For DOS 0.001(with included
QBasic source code!). Taking a spin through Sprawl Sites (if you can get
your hands on a copy), you get a view of what sorts of "systems" the
average non-corp businesses maintain... which is to say, a few nodes that
hover around blue or green, occasionally orange, and even more
occasionally... a lonely piece of IC. As for a home-system, look at what
the average computer user has today: some sort of password protection
built into the OS, and some anti-virus program... that's it. The only
other protection would lie in how off the wall their filing habits were
("Well, Duh!.. the tax records are under
C:\GOLBAK\FUNNY\JFK\CONSPIRACY\BIRDCAGE, of course.").. unless they
happen to be some sort of paranoid, then they might just have some
home-brew black IC guarding their games directory.

~Tim

>
>Clear as mud, like usual..
>
>-
>http://shadowrun.home.ml.org \ TSS Productions \ The Shadowrun
>Supplemental
>ShadowRN Assistant Fearless Leader \ WildAngle@******** \
>fro@***.ab.ca
>>From The Jury's Bench: http://www.interware.it/shadowrun/jurybench
>

From:	Tim Cooper <z-i-m@****.COM>
Subject:	Re: Decking & Matrix Security
Date:	Wed, 1 Oct 1997 04:20:13 EDT

Message no. 8 On Tue, 30 Sep 1997 17:50:51 -0500 John E Pederson <lobo1@****.COM>
writes:

>On Tue, 30 Sep 1997 16:39:17 -0400 Logan Graves writes:
>As I understand it, those UMS pyramid icons appear only when a system is
>jacked-in/connected-to the Martix. But what allows deckers into Fuchi
>and not into Joe Citizen's computer?>>

>Ummm...Bandwidth (or lack thereof)? Right now, it's totally possible to
>have a modem that runs faster than your computer can really keep up
>with (ask Shintaro;), assuming that your Matrix hook-up isn't run
>through an external device, there's still the processing speed of the
>system itself: trying to deck into most decks will probably crash the
>other cyberdeck. (OTOH, my real-life knowledge of computers ranks only
>slightly above 'rank newbie', I suppose, so you may take that all with
>a large grain of salt if I happen to be at all off:)

Well, in a way, that's exactly what IC and other programs do to other
deckers... hack their deck. Black IC uploads and runs lethal
bio-feedback routines, Grey IC also uploads 'malicious code' onto a deck,
heck those Tar Pit/Baby programs even 'steal data'. While you probably
wouldn't be able to "deck into their deck", there is really nothing
stoping a decker from writing some similar procedures as those utilized
by IC to gain access to the information in an opponant's deck, or even
connected off-line storage.

~Tim

From:	Mike Elkins <MikeE@*********.COM>
Subject:	Re: Decking & Matrix Security
Date:	Wed, 1 Oct 1997 10:31:38 -0500

Message no. 9 Of COURSE a logged in deck is a valid decking
target (but unfortunately, FASA supplies no rules
for this). Why is it so rare that nobody bothers
99% of the time?

1) There is never any paydata (well, never is too
strong, but certainly picking one at random will
not get you anywhere).

2) The deck does have some protection, based
on its MPCP and BOD (make up some house
rules), although no ICE

3) The only ones that will have anything
worthwhile to a decker on them will be the ones
owned by other deckers, and nosing about
someone elses deck is a SEVERE faux pas in
decker society. If you trigger much of a
security tally at all, the decker will notice and zip
back home to find you, and boy will he/she be
pissed!

4) Most decks or home computers log in and out
of the matrix. You can't rely on them being there
when you want them, or staying there, or even
coming back to the same place. Anyone with
anything valuable to hide will be "unlisted", and
being in the right place at the right time to deck
into their deck/home computer will require some
luck, or at least sitting around in the LTG doing a
lot of NULL Ops.

Double-Domed Mike

From:	John E Pederson <lobo1@****.COM>
Subject:	Re: Decking & Matrix Security
Date:	Wed, 1 Oct 1997 09:43:55 -0500

Message no. 10 On Wed, 1 Oct 1997 04:20:13 EDT Tim Cooper <z-i-m@****.COM> writes:

>Well, in a way, that's exactly what IC and other programs do to other
>deckers... hack their deck. Black IC uploads and runs lethal
>bio-feedback routines, Grey IC also uploads 'malicious code' onto a
>deck, heck those Tar Pit/Baby programs even 'steal data'. While you
>probably wouldn't be able to "deck into their deck", there is really
>nothing stoping a decker from writing some similar procedures as those
>utilized by IC to gain access to the information in an opponant's
>deck, or even connected off-line storage.
>~Tim
>

Actually, I think they already have utilities like you describe: Browse
and Analyse, for instance.

Other possibility:
The deck is designed to run programs which create effects within
the UMS architecture of the Matrix (ignoring the effects of any reality
filters). There is a very good probability that such a computer doesn't
support those standards once you get inside the deck itself. And if
there's no Matrix, you're not really decking any more ...

--
John Pederson "Oh my God! They killed Kenny!"
aka Canthros, shapeshifter-mage --South Park
lobo1@****.com canthros1@***.com john.e.pederson@***********.edu
http://www.geocities.com/Area51/Lair/4864 ICQ UIN 3190186

From:	"Rick J. Irvine" <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Wed, 1 Oct 1997 18:15:43 -0500

Message no. 11 On Wed, 1 Oct 1997 04:20:13 EDT Tim Cooper <z-i-m@****.COM> writes:

>Well, in a way, that's exactly what IC and other programs do to other
>deckers... hack their deck. Black IC uploads and runs lethal
>bio-feedback routines, Grey IC also uploads 'malicious code' onto a
>deck, heck those Tar Pit/Baby programs even 'steal data'. While you
>probably wouldn't be able to "deck into their deck", there is really
>nothing stoping a decker from writing some similar procedures as those
>utilized by IC to gain access to the information in an opponant's
>deck, or even connected off-line storage.

Think of it this way: Some time in the future, between SR's time and our
present time, we are going to have to shift to a computer network protocol
system that distinguishes between members (servers) and browsers (decks).
The idea of having any computer hook onto a network and be an equal entity
in said network isn't feasible as the numbers get really bloody big. We
will have to shift more to the idea of servers and clients (ie, corp machines
and decks.) If people are scoffing at this idea, look at Windows NT. You
have a server (which has functions in it the workstations don't) and the
workstations (which are optimized to service the end user). I really think
this is a good reflection of just what HAS to be in the future. We simply
cannot have 400 quadbillion computers all hooked into a global network with
all having the same identity and network functionality.

Thus, you have big corp computers, which server smaller computers. The
smaller
computers (ie, decks) have the limitation of the fact that they have no
'serving' presence in the net (matrix). In this way, a decker cannot 'step
into' another decker's icon and be logged onto his system. (Just as you
cannot log into an NT workstation from another workstation.)

This make sense? :)

- Cheetah

From:	Michael Vander Donk <mdonk@******.OZ.AU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 09:21:08 +1000

Message no. 12 Logan Graves[SMTP:logan1@*****.INTERCOM.NET] wrote:
> A question about decking & personal matrix security, which came up
> during a recent session. And we had no idea which way to rule on it.
>
> When one looks out across that 'consensual hallucination, commonly known
> as the Matrix' & sees those yellow/white pyramid icons representing the
> (small) personal systems, which literally carpet the grid's lower
> levels,
>
> "what security mechanism is in place to keep the deckers out??!!"
>

I spent some time thinking about this one ...

The rules are very slim on matrix details (understandable ... and most
of the time, not needed). They make no mention of firewalls (tho if you
stretch it, each node is one. Even though, in all the stories, the
Decker needs to find a way in.... ), security logging (sure, a purely
corp thing... but even now, many people log _everything_ that comes in
and goes out), and many other things.
At no point (that I recall) do the rules state a reverse hack... Meaning
where the Corp runs against the runners and hacks their deck. Sure all
the IC run it back to the deck, but that is usually just automated code,
or in retaliation to the runners attack. Most only trace back to origin,
some run code on the runners deck...

This brings me to the decks.. also little said on the innards... There
could be 2 lines of thought...
1. the deck is like a (soon to be) net PC. I.e., there is just a
processor and memory with code pre loaded. All the saved (hard disk)
data is elsewhere (headware, attached mp chip etc) This would make the
deck near useless without a matrix connection (usually only used in
matrix anyway. The only example I can think of outside this is cracking
encryption). I also recall many stories where the data is on a chip, not
the deck....
2. Much like the machines in snow crash, or your PC now. You can use it
stand alone without any problems. You can also connect to the Matrix and
run.... The data is onboard, or on a removable chip....

Either deck you choose (I would lean to No.2 at home, but have a No.1
when running), no2 would be a problem... Simply because you have your
data on there. No1 would be a hassle (now where did I put that
floppy??). Sure, headware would help... but most people I know are
always after more hard disk space....

Most people will not have anything more in terms of security than a
password (which is useless against a Decker...). Some deckers (the
better ones) will have hardened systems (i.e. rewired / coded their deck
to block external requests etc...). The more complex a system is, the
more chance of their being holes in the security, allowing another
Decker, or a corp to get in. So, in answer to the question, not much.
Saying that the Decker is safe because they are one in a million access
nodes is not secure. Each access icon will be different, and it would be
trivial to write a bit of code to sit on a busy node (Seattle backbone)
and watch for specific signatures/destinations, or some code to examine
all access icons....

There is not excuse of lack of security. regardless if your protecting
your diary, or your government tests on aliens... (of course these will
have different levels..). The experienced Decker will know to harden his
system. The newbies, and office workers, will not. They will require
Fuchi to make their systems as robust as possible (which usually isn't
;-)

Like I said in the middle of that dribble, 98% of the time, the answer
will be off the shelf software, which is just enough to stop a six year
old....

Enjoy...
Naga.

--
What's the difference between a duck? One of it's legs are both the
same.
Truly great madness cannot be achieved without significant intelligence.

From:	Michael Vander Donk <mdonk@******.OZ.AU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 09:28:36 +1000

Message no. 13 Rick J. Irvine[SMTP:irvine@***.PURDUE.EDU] wrote:
> On Wed, 1 Oct 1997 04:20:13 EDT Tim Cooper <z-i-m@****.COM> writes:
>
> Thus, you have big corp computers, which server smaller computers. The
> smaller
> computers (ie, decks) have the limitation of the fact that they have no
> 'serving' presence in the net (matrix). In this way, a decker cannot 'step
> into' another decker's icon and be logged onto his system. (Just as you
> cannot log into an NT workstation from another workstation.)
>
> This make sense? :)
>
Yes. But then you have the smart decker, write some code that makes the
target (deck) think the access to it's CPU is needed by a server (really
a deck). Our smart decker now has access to your deck.,...
So you are correct, but that does not stop the deckers from accessing
your deck (unless you make it so they cant....)

Naga...

--
What's the difference between a duck? One of it's legs are both the
same.

From:	"Rick J. Irvine" <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Wed, 1 Oct 1997 18:44:37 -0500

Message no. 14 At 09:28 AM 10/2/97 +1000, Naga wrote:
>Rick J. Irvine[SMTP:irvine@***.PURDUE.EDU] wrote:
>> On Wed, 1 Oct 1997 04:20:13 EDT Tim Cooper <z-i-m@****.COM> writes:
>>
>> Thus, you have big corp computers, which server smaller computers. The
>> smaller
>> computers (ie, decks) have the limitation of the fact that they have no
>> 'serving' presence in the net (matrix). In this way, a decker cannot 'step
>> into' another decker's icon and be logged onto his system. (Just as you
>> cannot log into an NT workstation from another workstation.)
>>
>> This make sense? :)
>>
>Yes. But then you have the smart decker, write some code that makes the
>target (deck) think the access to it's CPU is needed by a server (really
>a deck). Our smart decker now has access to your deck.,...
>So you are correct, but that does not stop the deckers from accessing
>your deck (unless you make it so they cant....)

Not cracking on you, but I don't understand what you're trying to say
here. If a computer that attaches to a network does not have the 'server'
services built into it, when deck 2 tries to log onto deck 1, deck 2 is
just going to get 'hey, I can't connect to anything'. There isn't any
real way that deck 2 is going to foll deck 1 into letting deck 2 log on,
because deck 1 doesn't HAVE the ability to let a 'client' computer (deck 2)
log onto it.

That make sense? :)

- Cheetah

From:	"Wendy Wanders, Subject 117" <KGGEWEHR@******.ACS.MUOHIO.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Wed, 1 Oct 1997 20:19:34 -0500

Message no. 15 You wrote:
> Thus, you have big corp computers, which server smaller computers. The
> smaller
> computers (ie, decks) have the limitation of the fact that they have no
> 'serving' presence in the net (matrix). In this way, a decker cannot 'step
> into' another decker's icon and be logged onto his system. (Just as you
> cannot log into an NT workstation from another workstation.)

> This make sense? :)
Nope. Think of decks more as small, dedicated systems that do nothing except
look up addresses, form links to those addresses, and then manipulate those
systems (much like logging on to a BBS and subverting the 'legitimate'
functions. :). You aren't relying on a myriad of computers along the way
routing your signal to the target, you're dialing it directly (RTG/LTG #'s).
Thus, nothing is serving as a 'server' for your icon, you'r running it yourself
(decks don't do much else, so they have the processing power to generate the
icon, and handle the incoming data from systems you connect to via LTG's and
RTG's.

losthalo

From:	Michael Vander Donk <mdonk@******.OZ.AU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 10:29:34 +1000

Message no. 16 Rick J. Irvine[SMTP:irvine@***.PURDUE.EDU] wrote:
> At 09:28 AM 10/2/97 +1000, Naga wrote:
> >Rick J. Irvine[SMTP:irvine@***.PURDUE.EDU] wrote:
> >> On Wed, 1 Oct 1997 04:20:13 EDT Tim Cooper <z-i-m@****.COM> writes:
> >>
> >> Thus, you have big corp computers, which server smaller computers. The
> >> smaller
> >> computers (ie, decks) have the limitation of the fact that they have no
> >> 'serving' presence in the net (matrix). In this way, a decker cannot
'step
> >> into' another decker's icon and be logged onto his system. (Just as you
> >> cannot log into an NT workstation from another workstation.)
> >>
> >> This make sense? :)
> >>
> >Yes. But then you have the smart decker, write some code that makes the
> >target (deck) think the access to it's CPU is needed by a server (really
> >a deck). Our smart decker now has access to your deck.,...
> >So you are correct, but that does not stop the deckers from accessing
> >your deck (unless you make it so they cant....)
>
> Not cracking on you, but I don't understand what you're trying to say
> here. If a computer that attaches to a network does not have the 'server'
> services built into it, when deck 2 tries to log onto deck 1, deck 2 is
> just going to get 'hey, I can't connect to anything'. There isn't any
> real way that deck 2 is going to foll deck 1 into letting deck 2 log on,
> because deck 1 doesn't HAVE the ability to let a 'client' computer (deck 2)
> log onto it.
>
> That make sense? :)

Yes. On a standard system, there would be no way to do it.
The cable plugged into the deck will be the same (not literally ;-)
cable plugged into the server. So the only difference will he some
hardware (probably to increase load bearing) and software. So deck 2,
owned by our decker, tries to log into deck 1, no go. Our decker then
hacks his deck, making it look like a server. Deck 2 then, as a server,
requests to run a program on deck 1 something that will have to be done
.. let me explain.
Any deck will need to run code that is given from the server. As far as
I can tell in the matrix, it a hybrid client server system. Most of the
time deck and server will sort of follow the normal client server rules.
(Client runs a program, generates the request, then sends the request to
the server. The server then runs the request and sends result back...).
When running the distinction between client and server is blurred. (on a
hardware level, the distinction is clear, on the deckers perception
level, there is no difference). When our decker is logged onto Ares, his
perception is running on Ares hardware, as well as his own. When our
decker loads a program, (IMO) it is run on his deck, then loaded into
the Ares H/W. (or when running naked, from his headware into Ares H/W).
The reverse also need to be true (for Black IC, or even a simple tar
baby...) Code, from the server, need to run on the deck to effect the
decker. Another way to think of it, the deck is a small server that the
decker runs (as code) on...
So back to the 2 decks, a deck 2 can't connect to deck 1, unless 2 is a
server, and tricks 1 into running the code that it sends (as there would
be standard checks to only allow the attached server to do that...).....
So in effect, your not 'logging on', your connecting as a server...
Just running back to your earlier example of NT machines. An nt
workstation can be used as a server (there are a few limitations .. 10
inbound connections, only 4 modems etc etc) but you can do it.... The
kernel is the same.
So combining my example, you have to convince the NT workstation you are
an attached server and run this program....

Now do I make sense? ...
Michael.
--
What's the difference between a duck? One of it's legs are both the
same.

From:	Tim Cooper <z-i-m@****.COM>
Subject:	Re: Decking & Matrix Security
Date:	Wed, 1 Oct 1997 20:43:49 EDT

Message no. 17 On Wed, 1 Oct 1997 09:43:55 -0500 John E Pederson <lobo1@****.COM>
writes:
>On Wed, 1 Oct 1997 04:20:13 EDT Tim Cooper <z-i-m@****.COM> writes:
>
>>Well, in a way, that's exactly what IC and other programs do to other
>>deckers... hack their deck. Black IC uploads and runs lethal
>>bio-feedback routines, Grey IC also uploads 'malicious code' onto a
>>deck, heck those Tar Pit/Baby programs even 'steal data'. While you
>>probably wouldn't be able to "deck into their deck", there is really
>>nothing stoping a decker from writing some similar procedures as those
>>utilized by IC to gain access to the information in an opponant's deck,
or even connected
>>off-line storage.
>>~Tim
>>
>
>
>Actually, I think they already have utilities like you describe: Browse
>and Analyse, for instance.

Well, yes, I know. But they don't mention the use of them against
another *decker*.

>Other possibility:
> The deck is designed to run programs which create effects within
>the UMS architecture of the Matrix (ignoring the effects of any
>reality filters). There is a very good probability that such a
>computer doesn't support those standards once you get inside the deck
>itself. And if there's no Matrix, you're not really decking any more

Again, yes. That's why you'd need specialized utilities... and code's
code, if IC can run it on your deck, I don't see why a decker's utility
couldn't do the same. I also agree that you couldn't "deck" into their
deck per se (no popping into a SAN and looking around for the various
nodes that make up the deck), but you could run utilities like Browse,
Analyze, even something analogous to Tar Baby/Pit to get at
memory/storage on the opposing decker's persona construct.

~Tim

From:	"J. Keith Henry" <Ereskanti@***.COM>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 00:50:41 -0400

Message no. 18 In a message dated 97-10-01 19:39:33 EDT, irvine@***.PURDUE.EDU writes:

>
> Not cracking on you, but I don't understand what you're trying to say
> here. If a computer that attaches to a network does not have the 'server'
> services built into it, when deck 2 tries to log onto deck 1, deck 2 is
> just going to get 'hey, I can't connect to anything'. There isn't any
> real way that deck 2 is going to foll deck 1 into letting deck 2 log on,
> because deck 1 doesn't HAVE the ability to let a 'client' computer (deck
2)
> log onto it.
>
> That make sense? :)
>
Try this on for size guys...what is the target number to "Hack" another
decker's deck? Masking? Evasion? MPCP/Persona? If a deck has a
modem/thruput device, then it is accessible, ESPECIALLY if it is online.
It's a trick we've used here very frequently, and the corps are the ones
that taught the players the nightmarish truth of it (hey, the Corps are
proactive in my games, I don't know about ya'll).
-Keith

From:	Michael Vander Donk <mdonk@******.OZ.AU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 15:12:28 +1000

Message no. 19 J. Keith Henry[SMTP:Ereskanti@***.COM] wrote:
> Try this on for size guys...what is the target number to "Hack" another
> decker's deck? Masking? Evasion? MPCP/Persona? If a deck has a
> modem/thruput device, then it is accessible, ESPECIALLY if it is online.
> It's a trick we've used here very frequently, and the corps are the ones
> that taught the players the nightmarish truth of it (hey, the Corps are
> proactive in my games, I don't know about ya'll).

Hmm ... I'd probably run off the hardening of the deck (body). I might
also up the numbers if the decker made it herself, as apposed to buying
off the shelf... simply to represent the extra time and effort put in to
personalise / know their deck. (I haven't done it .. just
speculation...)
Now, an interesting thing arrises if the decker is using the deck at the
time. They might notice the CPU usage, maybe a slowdown or a trace
alarm... Then you have the decker fighting on her turf, and pulling the
jack out won't cut it (the intruder will still be connected to the deck,
you'll need to disconnect the deck as well... something I see players
forgeting to do .. :-)

Enjoy...

Naga.
--
Drive carefully. 90% of the people in the world are caused by accidents.
Never eat more than you can lift.

From:	Mike Elkins <MikeE@*********.COM>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 09:33:39 -0500

Message no. 20 I agreed with most of Michael Vander Donk's
post, but:

>Saying that the Decker is safe because they
>are one in a million access nodes is not
>secure. Each access icon will be different,
>and it would be trivial to write a bit of code to
>sit on a busy node (Seattle backbone) and
>watch for specific signatures/destinations, or
>some code to examine all access icons....

What you are forgetting is that most deckers'
decks have a Masking rating. This means that
their signature varies from moment to moment, in
whatever way benefits the decker. One minute
you look like John Q. Corp financial analyst, the
next you look like an email message from your
air conditioning vendor. Then suddenly you turn
into an "out of doritos" message coming from the
snack machine on level B7. Whatever gets you
through the next door. A true decker never logs
in as himself (except perhaps inside a hacker
haven).

Double-Domed Mike

From:	Mike Elkins <MikeE@*********.COM>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 09:47:03 -0500

Message no. 21 >Not cracking on you, but I don't understand
>what you're trying to say here. If a computer
>that attaches to a network does not have the
>'server' services built into it, when deck 2 tries
>to log onto deck 1, deck 2 is just going to get
>'hey, I can't connect to anything'.

But even the "workstation" decks you propose
are a computing system, one that takes input
from the network (from the decker's persona and
sensors) and modifies its internal state based on
that (plus input from the decker). Now lets
analyze this in terms of mathmatics: either the
"language" of the input from the matrix allows the
description of languages as complex as itself, or
it doesn't. If it doesn't, it CAN be made secure
as you've described. If it does, it CANNOT be
made absolutely secure, see the book
"Gordel-Escher-Bach" for mathmatical proof (I
don't know how to spell that first name). I
propose that 21st century computing, or at least
decking, REQUIRES this self referential
capability to do all the neat tricks it does. If this
is so, then any system complex enough to be
interesting (all hosts and decks, down to the
smartest of vending machines) can be "decked".
This matches the description of the world in
BBB and VR2.0 to a tee, and your model does
not.

Double-Domed Mike

From:	"Rick J. Irvine" <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 09:30:40 -0500

Message no. 22 At 09:47 AM 10/2/97 -0500, you wrote:
>But even the "workstation" decks you propose
>are a computing system, one that takes input
>from the network (from the decker's persona and
>sensors) and modifies its internal state based on
>that (plus input from the decker).
(Snip)

Ok, you've mathmatically proven that a computer attached to the network
(not a dial-up modem, but a true network connection) can be -hacked-,
but that doesn't necessarily mean it can be decked. (Ie, SERVED via
network services). The idea of hacking a decker's deck itself I
believe is reflected in attack type utilities used against the decker.

Using my original example, you could possibly hack my workstation, but you
cannot log on to my workstation and be considered 'in a matrix node'. If
you send the network request to my workstation to accept your legal or
illegal login, you simply won't get a response. Why? Because my workstation
isn't listening to such requests. There is NO way you can log onto a
machine that won't support logons. From what I have read of the SR Matrix
world, corp mainframes are built from the ground up with the idea of users
logging on and using services granted to them, whereas a deck (or terminal)
does not have this overhead.

And it IS overhead, no matter what model you use, no matter what year. Flat
out if your computer or deck supports logging on and giving users services,
this is overhead. As a decker, I wouldn't put such services in the cyberdeck
I use to deck into corp computers.

>... If this
>is so, then any system complex enough to be
>interesting (all hosts and decks, down to the
>smartest of vending machines) can be "decked".

I think we have different terms for decking. I see 'decking' as
logging onto the host machine and getting it to do things it
shouldn't. Ie, giving me files, letting me use slave nodes, etc.
You seem to use 'decking' as meaning 'causing problems with the
target computer'. That is a combination of 'attack the decker's
deck' utilities and decking, imho.

Here's another real world example. I have an FTP client installed
on my system. Your corp has an FTP server with files on it, and
those files are locked down so that the public cannot normally access
them. I attach to your FTP server, it asks for a username and password.
If I succeed in my Access Test, I've gotten in. Now I need to figure out
which files to get, what priviledges I need to get those files, etc. etc.

Now let's say that while I'm downloading those files, a corp decker sees me
doing this (via network line analyzers), and wants to do the same to me.
He can't, because I don't have an FTP server on my system. Sorry Charlie,
but you aren't touching my files on my computer unless I have some sort
of server program that will service your log on request.

You might be able to do things like trace my signal, corrupt the files that
I'm trying to DL, kick me off, etc. Ie, you can hit my icon, you can spooge
the stuff I'm trying to get, but you can't log onto my deck because my deck
doesn't service outside network requests.

Cheers,
Cheetah

From:	"Wendy Wanders, Subject 117" <KGGEWEHR@******.ACS.MUOHIO.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 12:46:55 -0500

Message no. 23 You wrote:
> Ok, you've mathmatically proven that a computer attached to the network
> (not a dial-up modem, but a true network connection) can be -hacked-,
> but that doesn't necessarily mean it can be decked. (Ie, SERVED via
> network services). The idea of hacking a decker's deck itself I
> believe is reflected in attack type utilities used against the decker.

> Using my original example, you could possibly hack my workstation, but you
> cannot log on to my workstation and be considered 'in a matrix node'. If
> you send the network request to my workstation to accept your legal or
> illegal login, you simply won't get a response. Why? Because my workstation
> isn't listening to such requests. There is NO way you can log onto a
> machine that won't support logons.
But what if you sent it signals and code pretending to be from the mainframe
your workstation is running on? A SR deck doesn't connect to a server and from
there to the matrix through the serves (like an ISP). It is a standalone, and
thus has to receive info from the grid. It communicates with the system it is
attempting to connect to, there is nothing to say that someone could not route
signals into your deck while it is open to communications. However, I do think
I see your point in a different light, now.

1) Your deck is connected to the grid because you're breaking into MCT's
Seattle system (hey, you're suicidal tonight...).
2) Your deck is connected to a specific LTG number, and accepting input/output
at that point int he Matrix.
3) Theoretically your deck shouldn't receive any input from any other sources
unless it is set up to receive outside calls (and almost no decker would do
that, it would be dial-out only).
4) Unfortunately your deck is connected to the matrix at point X, LTG# Y, and
can be reached there if someone can manage to sleaze it (et cetera) like they
would a mainframe which isn't expecting any calls right now. It's just that
your deck, a telecommnications device that really doesn't accept calls, just
makes them, won't listen to any incoming BS on the line, the grid will give
anyone trying to connect to your deck a 'busy signal'. Mainframes' systems are
designed for others to dial in and log on. Decks are not designed to have
anyone logging on to them, the protocols don't likely exist.

However, since it's possible for another decker to use attack programs on your
deck, there's a problem here, because that decker isn't something you're
dialing into, and his code trying to run on your deck shouldn't run for the
same reasons as someone trying to 'deck' your deck. (back in #4)

So, your deck is open to connections from other decks. Such connections can
only happen at your icon, but they can happen. This says to me that the idea
of the 'little white pyramid' marking your entrance point is BS and should have
been written out, since your deck is only connected to the matrix for signals
at the point you are logged into (MCT, in the example). Meeting another decker
in MCT, he should by all rights be able in some way to get into your deck,
steal info from it or otherwise mess with its functions, since it is obviously
open to incoming commands (else IC couldn't do anything to it).

losthalo, hoping that made some sense...

From:	"Rick J. Irvine" <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 12:09:34 -0500

Message no. 24 At 12:50 AM 10/2/97 -0400, Keith wrote:
>In a message dated 97-10-01 19:39:33 EDT, irvine@***.PURDUE.EDU writes:
>> There isn't any
>> real way that deck 2 is going to foll deck 1 into letting deck 2 log on,
>> because deck 1 doesn't HAVE the ability to let a 'client' computer (deck
>2)
>> log onto it.
>Try this on for size guys...what is the target number to "Hack" another
>decker's deck? Masking? Evasion? MPCP/Persona? If a deck has a
>modem/thruput device, then it is accessible, ESPECIALLY if it is online.
> It's a trick we've used here very frequently, and the corps are the ones
>that taught the players the nightmarish truth of it (hey, the Corps are
>proactive in my games, I don't know about ya'll).
>-Keith

You wouldn't hack the deck, you would probably hack his icon.

Think about this, the deck is only basically an I/O device sitting between
the decker's brain and the corp's machine. The programs people run merely
assist the decker in the actions he is trying to perform (that is almost
verbatim out of VR II, I just read that last night). You can't 'find' the
target decker's deck, because it is not attached to the matrix the same way
corp machines are. You have to find his icon and trace his data trail back
to the origin. And even that only gives you the ability to send 'hacked'
signals down the icon's datatrail to fark with the deck and the poor slot's
noggin.

A cyberdeck is a streamlined hacker machine, it most likely doesn't have any
hardware or software in it for creating a matrix node in itself. Think of
it this way, when a decker plugs his head into his deck, does he log on?
When a decker steals someone else's deck, and plugs his head in, does he
have to log on? No. He might have to face some kind of checking system
the decker put on his deck, so that only HIS brain could connect to it,
but that isn't the same as logging onto it.

I think some folks are trying to rewrite the idea of a decker fighting
another decker's icon in cybercombat with the idea of hacking a person's
home machine. Hrm, here's a thought. If the target decker is an
otaku, are you going to deck his brain? Look at the VR II description
of a mainframe (ie, the type of computer powerful enough to render a Matrix
node) and ask yourself if even a heightened mind could do that.

Cheers,
Cheetah

From:	"Rick J. Irvine" <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 12:25:21 -0500

Message no. 25 At 12:46 PM 10/2/97 -0500, Wendy wrote:
>Rick Irvine wrote:
>> illegal login, you simply won't get a response. Why? Because my
workstation
>> isn't listening to such requests. There is NO way you can log onto a
>> machine that won't support logons.
>But what if you sent it signals and code pretending to be from the mainframe
>your workstation is running on? A SR deck doesn't connect to a server and
from
>there to the matrix through the serves (like an ISP). It is a standalone,
and
>thus has to receive info from the grid. It communicates with the system
it is
>attempting to connect to, there is nothing to say that someone could not
route
>signals into your deck while it is open to communications.

This is arguable, but I would say that the machine trying to pull this off
would have to be a VERY powerful mainframe, not someone else's cyberdeck.
Also, there are even today layers of protocols that represent different aspets
of network communication: Some are higher up, ie, would be responsible for
transmitting the VR signals, while others are lower and are responsible for
just getting the juice from X computer, down a wire of type Y material, into
your deck. If someone tries to 'shadow' your LTG, there would be
discrepencies
that something as streamlined for cracking security would probably notice.

> However, I do think
>I see your point in a different light, now.
>
>1) Your deck is connected to the grid because you're breaking into MCT's
>Seattle system (hey, you're suicidal tonight...).
(snip)
>It's just that
>your deck, a telecommnications device that really doesn't accept calls, just
>makes them, won't listen to any incoming BS on the line, the grid will give
>anyone trying to connect to your deck a 'busy signal'. Mainframes'
systems are
>designed for others to dial in and log on. Decks are not designed to have
>anyone logging on to them, the protocols don't likely exist.

Yes, yes, yes! :) I agree with all of your statements, just cut them out for
a shorter note.

>However, since it's possible for another decker to use attack programs on
your
>deck, there's a problem here, because that decker isn't something you're
>dialing into, and his code trying to run on your deck shouldn't run for the
>same reasons as someone trying to 'deck' your deck. (back in #4)

The impression I got with cybercombat, ie, two deckers fighting, was that they
were sending bad signals down the other person's connection. Thus, you have
to FIND a decker in order to fry his deck, because you have to send the bad
mojo down his net connection.

>So, your deck is open to connections from other decks. Such connections can
>only happen at your icon, but they can happen. This says to me that the idea
>of the 'little white pyramid' marking your entrance point is BS and should
have
>been written out, since your deck is only connected to the matrix for signals
>at the point you are logged into (MCT, in the example). Meeting another
decker
>in MCT, he should by all rights be able in some way to get into your deck,
>steal info from it or otherwise mess with its functions, since it is
obviously
>open to incoming commands (else IC couldn't do anything to it).

I think the little white pyramid was left over from SR I basic rules, which
were very (nicely) abstract and didn't incorporate modern networking topology
methods. VR II is much closer to what we have today, and thus when people
start bouncing ideas off of it, they'll probably get more and more comparisons
of today's current networking theories. (Which is just like what happens
with armours and weapons.)

Cheers,
Cheetah

From:	"Wendy Wanders, Subject 117" <KGGEWEHR@******.ACS.MUOHIO.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 14:08:30 -0500

Message no. 26 You wrote:
> You wouldn't hack the deck, you would probably hack his icon.

> Think about this, the deck is only basically an I/O device sitting between
> the decker's brain and the corp's machine. The programs people run merely
> assist the decker in the actions he is trying to perform (that is almost
> verbatim out of VR II, I just read that last night).
I would still say that the programs are doing the majority of the work and the
decker is 'overseeing' them. Without those programs, the decker can't do
anything in the matrix. His mind interfaces witht he deck, and tells it to do
things via his actions in cyberspace. Those actions are translated by the MPCP
into code variations in the programs being run, or commands to run or
discontinue certain programs.

> You can't 'find' the
> target decker's deck, because it is not attached to the matrix the same way
> corp machines are. You have to find his icon and trace his data trail back
> to the origin. And even that only gives you the ability to send 'hacked'
> signals down the icon's datatrail to fark with the deck and the poor slot's
> noggin.
This makes sense to me, you have to find where the decker's icon is, and find a
way to frag with him there, as that's where his deck has an open connection to.

Though of course you could use the same procedure for tracking down an unknown
LTG number to find a decker's point of origin. Theoretically that would let
you try to break into his deck...

> A cyberdeck is a streamlined hacker machine, it most likely doesn't have any
> hardware or software in it for creating a matrix node in itself. Think of
> it this way, when a decker plugs his head into his deck, does he log on?
> When a decker steals someone else's deck, and plugs his head in, does he
> have to log on? No. He might have to face some kind of checking system
> the decker put on his deck, so that only HIS brain could connect to it,
> but that isn't the same as logging onto it.
True, but it is still a computer. It isn't a non-entity as far as cyberspace
is concerned, it has a presence there, and can be manipulated if you know how.

And what constitutes a 'node' in the matrix is a computer, any computer,
connected to it. I jack my pocket secretary into a comm line, it becomes a
node. Nodes are just ways of representing computer hardware which does certain
things. Corps don't build mainframes to have enough processing power to rate
being a node, they do it to have massive computing power at their disposal.
Your deck encounters a bit of memory and a tiny CPU, it calls them that, even
if they belong to your pocket secretary or your telecomm (for evidence of this,
look at the personal computers listed for various businesses in Sprawl Sites).

> I think some folks are trying to rewrite the idea of a decker fighting
> another decker's icon in cybercombat with the idea of hacking a person's
> home machine. Hrm, here's a thought. If the target decker is an
> otaku, are you going to deck his brain? Look at the VR II description
> of a mainframe (ie, the type of computer powerful enough to render a Matrix
> node) and ask yourself if even a heightened mind could do that.
Otaku are a really optional idea, not central to the Matrix, and a mystery in
themselves. Using them as an example or comparing them to normal matrix
contructs and sytems isn't reasonable or useful.

Again, the SR rules on matrix activities are too vague to make many inferences,
or to make sense of them outside of the activites of deckers breaking into corp
systems and doing things to them, which is a problem.

losthalo

From:	"Wendy Wanders, Subject 117" <KGGEWEHR@******.ACS.MUOHIO.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 14:22:45 -0500

Message no. 27 You wrote:
> > However, I do think
> >I see your point in a different light, now.
> >
> >1) Your deck is connected to the grid because you're breaking into MCT's
> >Seattle system (hey, you're suicidal tonight...).
> (snip)
> >It's just that
> >your deck, a telecommnications device that really doesn't accept calls, just
> >makes them, won't listen to any incoming BS on the line, the grid will give
> >anyone trying to connect to your deck a 'busy signal'. Mainframes'
> systems are
> >designed for others to dial in and log on. Decks are not designed to have
> >anyone logging on to them, the protocols don't likely exist.

> Yes, yes, yes! :) I agree with all of your statements, just cut them out for
> a shorter note.

> >However, since it's possible for another decker to use attack programs on
> your
> >deck, there's a problem here, because that decker isn't something you're
> >dialing into, and his code trying to run on your deck shouldn't run for the
> >same reasons as someone trying to 'deck' your deck. (back in #4)

> The impression I got with cybercombat, ie, two deckers fighting, was that they
> were sending bad signals down the other person's connection. Thus, you have
> to FIND a decker in order to fry his deck, because you have to send the bad
> mojo down his net connection.
Yes, since his deck is 'dialed to' the corp's mainframe, you can't dial
directly to him. But if he's occupying the same system as you, you can get his
deck to accept signals and code from there... voila! But, if his deck were not
dialed up to an LTG number somewhere, and on the matrix, you should be able to
deck into it like any other system, it is just another computer (albeit a very
specialized one).

> I think the little white pyramid was left over from SR I basic rules, which
> were very (nicely) abstract and didn't incorporate modern networking topology
> methods. VR II is much closer to what we have today, and thus when people
> start bouncing ideas off of it, they'll probably get more and more comparisons
> of today's current networking theories. (Which is just like what happens
> with armours and weapons.)
Yeah, the problem is, the way SR's matrix works now, it isn't the same as the
'internet', it's still more similar to logging on to a BBS. You go to an LTG
number, give access codes, and are either admitted or not. Once admitted you
may manipulate the system. SR nodes are not internet sites, nor even similar
in any important way. People seem to want to use that analogy, or that of
networks, when it doesn't really apply. Your access to a corp mainframe is not
via a telnet setup where your signal is bounced through a lot of different
sites, but rather more like a telephone call or modem dial-up.

losthalo

From:	"Rick J. Irvine" <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 14:44:28 -0500

Message no. 28 At 02:22 PM 10/2/97 -0500, Wendy wrote:
>Yeah, the problem is, the way SR's matrix works now, it isn't the same as the
>'internet', it's still more similar to logging on to a BBS. You go to an LTG
>number, give access codes, and are either admitted or not. Once admitted you
>may manipulate the system. SR nodes are not internet sites, nor even similar
>in any important way. People seem to want to use that analogy, or that of
>networks, when it doesn't really apply. Your access to a corp mainframe
is not
>via a telnet setup where your signal is bounced through a lot of different
>sites, but rather more like a telephone call or modem dial-up.

Well, if it is indeed 'like a modem dial-up', then the actual deck insofar
as being able to be directly seen, is only seen by the computer it is dialing.
After that point, all signals are being passed from the deck to the dial-in,
and beyond. In fact, from the outside looking in, it is often written of and
thought of (and seen in today's computers) that you cannot tell who is dialing
in from their own system and who is logging on directly from a terminal.

I'll agree the system is too vague to really argue one way or the other. The
problem is that leads to different interpretations and views of how the rules
'should' be set up. Should a decker be allowed to deck into another decker's
deck? (Can you fit the word 'deck' into that sentence any more times? *grin*)
I'd say no, but that mostly comes from my experience in dealing with unix and
NT and networking mumbo jumbo. I'm not trying to sound egotistical here
atall,
I'm just saying if the system is vague we each interpret it differently,
that's
all.

The only really solid argument I'd try to use to persuade folks to say 'no,
you can't deck another decker's deck' is the idea that it takes raw computing
power to service someone logging into your deck. If I'm a lean mean hacking
machine, I don't want to spare the cpu cycles for that, so I would most likely
have my deck set up that way.

I believe in VR II there are rules for using a mainframe. I think people who
want to use decks that can themselves get decked into should scan those and
probably come up with some home-grown stuff. There should be some advantages
to using a computer powerful enough to run both as a deck and a Matrix node
(server) to counter for the possibility of having some wanker decker come in
and blow up your 'puter.

Fair warning, Keith. *Grin* You know my stance on this subject and I'll be
damned if I EVER slot a real deck into my head (I'm about to start an Otaku
in his campaign) and have some mega bs decker come in and blow my deck to
smithereens. That's when I say 'ok, munchkin mode time'. ;P

Cheers,
Rick

From:	"Wendy Wanders, Subject 117" <KGGEWEHR@******.ACS.MUOHIO.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 17:56:23 -0500

Message no. 29 You wrote:
> The only really solid argument I'd try to use to persuade folks to say 'no,
> you can't deck another decker's deck' is the idea that it takes raw computing
> power to service someone logging into your deck. If I'm a lean mean hacking
> machine, I don't want to spare the cpu cycles for that, so I would most likely
> have my deck set up that way.
True, but that's what execution tests represented, stealing CPU time to run
your programs, convincing the system to run them for you. And my primary
argument for being able to deck a cyberdeck, as opposed to a big mainframe,
comes from the fact that they *are* computers, they are connected to the
Matrix, and all of the smaller 'personal' computers listed in Sprawl Sites,
which are not major mainframes, but PCs used for bookkeeping and ordering
goods. Those aren't big systems, don't have a lot of spare CPU power, and yet
they can be decked (invaded and manipulated) like anything else. Thus, a
cyberdeck connected to the matrix represents the same type of vulnerability, to
my mind, as these small systems. Now, I admit that most cyberdecks aren't
online 24-7 like a corp or business comp, so the window of opportunity would be
small... But it'd be there theoretically.

losthalo

From:	"Rick J. Irvine" <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 17:31:47 -0500

Message no. 30 At 05:56 PM 10/2/97 -0500, Wendy wrote:
>True, but that's what execution tests represented, stealing CPU time to run
>your programs, convincing the system to run them for you. And my primary
>argument for being able to deck a cyberdeck, as opposed to a big mainframe,
>comes from the fact that they *are* computers, they are connected to the
>Matrix, and all of the smaller 'personal' computers listed in Sprawl Sites,
>which are not major mainframes, but PCs used for bookkeeping and ordering
>goods. Those aren't big systems, don't have a lot of spare CPU power, and
yet
>they can be decked (invaded and manipulated) like anything else. Thus, a
>cyberdeck connected to the matrix represents the same type of
vulnerability, to
>my mind, as these small systems. Now, I admit that most cyberdecks aren't
>online 24-7 like a corp or business comp, so the window of opportunity
would be
>small... But it'd be there theoretically.

Ah, but are they connected to the matrix or to an LTG? Do cyberdecks
make the same raw connection to the Matrix that mainframes do? I personally
don't think so. A wire strung between two computers doesn't mean that one
computer can attack the other. You hack by spoofing the protocols that fly
over that wire.

Y'know, this is a dumb discussion, we're both agreeing with each other but
for different reasons. :) This is like: "So what if we both agree, you gotta
agree by MY reasons dammit!"

I'll call a truce, you have your reasons, I have mine. So long as my soon
to be GM Keith doesn't try to pull this on me, I'll be happy. *Smirk*

Cheers,
Rick

From:	Michael Vander Donk <mdonk@******.OZ.AU>
Subject:	Re: Decking & Matrix Security
Date:	Fri, 3 Oct 1997 08:56:02 +1000

Message no. 31 Rick J. Irvine[SMTP:irvine@***.PURDUE.EDU] wrote:
> Using my original example, you could possibly hack my workstation, but you
> cannot log on to my workstation and be considered 'in a matrix node'. If
> you send the network request to my workstation to accept your legal or
> illegal login, you simply won't get a response. Why? Because my
workstation
> isn't listening to such requests. There is NO way you can log onto a
> machine that won't support logons. From what I have read of the SR Matrix
> world, corp mainframes are built from the ground up with the idea of users
> logging on and using services granted to them, whereas a deck (or terminal)
> does not have this overhead.
>

You are correct. There is no way you can Log on ..... But there is still
access, (enabling you to log on) ... I'll give you a current example.
You dont accept telnet (logon) requests.. No problem, a newbie can't log
on. You can still get a _shell_ (the command prompt after a valid login)
prompt through a (last month) sendmail hole, ws-ftp has a similar
problem, as does X windows (patches are out, but some companies and most
users are rather lax in terms of security)... These are just a few
examples. Essentially your running one integrated system. If you find a
hole in that system, anywhere, you can get in..... This could be in a
service not handling requests properly (eg, ping-o-death), the kernel
not handling memory properly (eg buffer overflow), or any other hole.
These _will_ be found and exploited......

> And it IS overhead, no matter what model you use, no matter what year. Flat
> out if your computer or deck supports logging on and giving users services,
> this is overhead. As a decker, I wouldn't put such services in the
cyberdeck
> I use to deck into corp computers.
>

Your correct, but you would have support for these services in your deck
(otherwise you cant use them), and thus there is the possibility to
exploit (or use once accessed) these services.

[snippo]

> Here's another real world example. I have an FTP client installed
> on my system. Your corp has an FTP server with files on it, and
> those files are locked down so that the public cannot normally access
> them. I attach to your FTP server, it asks for a username and password.
> If I succeed in my Access Test, I've gotten in. Now I need to figure out
> which files to get, what priviledges I need to get those files, etc. etc.
>
> Now let's say that while I'm downloading those files, a corp decker sees me
> doing this (via network line analyzers), and wants to do the same to me.
> He can't, because I don't have an FTP server on my system. Sorry Charlie,
> but you aren't touching my files on my computer unless I have some sort
> of server program that will service your log on request.
>
> You might be able to do things like trace my signal, corrupt the files that
> I'm trying to DL, kick me off, etc. Ie, you can hit my icon, you can spooge
> the stuff I'm trying to get, but you can't log onto my deck because my deck
> doesn't service outside network requests.
>
Ok, using your example. Why doesn't the Corp decker mask as part of the
download?? This is what most deckers will use to get in, why not the
other way... There is no login, no service needed to be running (your
running the required client), Mr Corp just tags onto a packet and he is
in, no problem, no fuss.......
Your thinking in term of valid access, gained through the proper
methods, a decker almost never has this. See my example above. The only
real way you can be 100% secure is with bolt cutters..... (and even then
sometimes not... :-)

Michael.
--
What's the difference between a duck? One of it's legs are both the
same.
If opportunity knocks, go to bed with your pants on.

From:	Rick J Irvine <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 18:07:29 -0500

Message no. 32 Michael writes:
>
> Rick J. Irvine[SMTP:irvine@***.PURDUE.EDU] wrote:
> You are correct. There is no way you can Log on ..... But there is still
> access, (enabling you to log on) ... I'll give you a current example.
> You dont accept telnet (logon) requests.. No problem, a newbie can't log
> on. You can still get a _shell_ (the command prompt after a valid login)
> prompt through a (last month) sendmail hole, ws-ftp has a similar
> problem, as does X windows (patches are out, but some companies and most
> users are rather lax in terms of security)... These are just a few
> examples. Essentially your running one integrated system. If you find a
> hole in that system, anywhere, you can get in..... This could be in a
> service not handling requests properly (eg, ping-o-death), the kernel
> not handling memory properly (eg buffer overflow), or any other hole.
> These _will_ be found and exploited......

To me this sounds more like what attack programs targetted at the deck do,
they exploit known weaknesses in defenses. I believe the original idea
was to -deck- into a cyberdeck, ie, log in with full virtual world matrix
style node. Getting access (personally I think only via the icon, but others
think otherwise) can indeed be done, but attacking the target decker's
cyberdeck -as if it were a corp's computer system-, no, no way. That just
doesn't wash w/me. The cyberdeck itself doesn't run a full VR matrix node,
it is merely a device, an interpreter between the VR and the poor slot's
brain. It itself is -not- an entity on the matrix. It can be attacked,
but it cannot be 'entered'.

> > And it IS overhead, no matter what model you use, no matter what year. Flat
> > out if your computer or deck supports logging on and giving users services,
> > this is overhead. As a decker, I wouldn't put such services in the
> cyberdeck
> > I use to deck into corp computers.
> >
>
> Your correct, but you would have support for these services in your deck
> (otherwise you cant use them), and thus there is the possibility to
> exploit (or use once accessed) these services.
Why would my deck have to service anything? You mention two examples, a
mail handler and an ftp server, neither of which I would keep on a machine
tweaked out for hacking. The hacking machine would have NO net daemons/
services listening on any ports. I can shut off my own telnetd for example,
and still make telnet requests out via the client. That's just plain smart
decking. :)

> > Here's another real world example. I have an FTP client installed
> > on my system. Your corp has an FTP server with files on it, and
> > those files are locked down so that the public cannot normally access
> > them. I attach to your FTP server, it asks for a username and password.
> > If I succeed in my Access Test, I've gotten in. Now I need to figure out
> > which files to get, what priviledges I need to get those files, etc. etc.
> >
> > Now let's say that while I'm downloading those files, a corp decker sees me
> > doing this (via network line analyzers), and wants to do the same to me.
> > He can't, because I don't have an FTP server on my system. Sorry Charlie,
> > but you aren't touching my files on my computer unless I have some sort
> > of server program that will service your log on request.
> >
> > You might be able to do things like trace my signal, corrupt the files that
> > I'm trying to DL, kick me off, etc. Ie, you can hit my icon, you can spooge
> > the stuff I'm trying to get, but you can't log onto my deck because my deck
> > doesn't service outside network requests.
> >
> Ok, using your example. Why doesn't the Corp decker mask as part of the
> download?? This is what most deckers will use to get in, why not the
> other way... There is no login, no service needed to be running (your
> running the required client), Mr Corp just tags onto a packet and he is
> in, no problem, no fuss.......

Sorry, this didn't make any sense to me. :(

> Your thinking in term of valid access, gained through the proper
> methods, a decker almost never has this. See my example above. The only
> real way you can be 100% secure is with bolt cutters..... (and even then
> sometimes not... :-)

Nah, I'm thinking server/client. The cyberdeck is tweaked out as an I/O
device between the noggin and the VR, and as a client to launch local
programs to do a little computing. It's not set up imho to service a request
from another computer sitting in the matrix to 'enter' it matrix-style.

I think the whole "Little white triangle node" that was vaguely present in
SR 1 was something where if you traced a person's trail back to that, that
node in the matrix represented the base of the decker's link, and you could
attack it. I think in reality that icon would represent resources on the
LTG allocated to keeping that initial link up, since it's a physical link
with the deck. However, this is all very interpretive, as we cannot -possibly-
predict where computers will be in 5 years, let alone 50.

(Here's a little prediction: In the future, the idea of storage ram and
active ram will become one, we'll have what are being called 'hologram drives',
which will have an access time faster than our fastest ram atm. They will
be huge devices, storing the data in crystals, which the lights bounce off of
to retrieve the data. That will rewrite our most basic computer hardware
topologies. So personally, I don't think anything I've seen from VR II will
truly be present in 2050, but this is a fun representation, a sort of 'hmm,
what if?' kind of thing.) :)

Cheers,
Cheetah

From:	"Wendy Wanders, Subject 117" <KGGEWEHR@******.ACS.MUOHIO.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 19:10:49 -0500

Message no. 33 You wrote:
> To me this sounds more like what attack programs targetted at the deck do,
> they exploit known weaknesses in defenses. I believe the original idea
> was to -deck- into a cyberdeck, ie, log in with full virtual world matrix
> style node. Getting access (personally I think only via the icon, but others
> think otherwise) can indeed be done, but attacking the target decker's
> cyberdeck -as if it were a corp's computer system-, no, no way. That just
> doesn't wash w/me. The cyberdeck itself doesn't run a full VR matrix node,
> it is merely a device, an interpreter between the VR and the poor slot's
> brain. It itself is -not- an entity on the matrix. It can be attacked,
> but it cannot be 'entered'.
You seem to have the opinion that a node is always something big and important.
A node is simply a way of your deck showing you information (which system or
subsystem you are in contact with at the moment). A cyberdeck, if another deck
connected to it, would appear to be a small CPU with a datastore attached. The
various types of nodes are symbols for what the deck encounters, the MPCP
interpretes what it encounters and puts a lable on it, either UMS or whatever
sculpted icon the thing's code tells it to give you.

> Why would my deck have to service anything? You mention two examples, a
> mail handler and an ftp server, neither of which I would keep on a machine
> tweaked out for hacking. The hacking machine would have NO net daemons/
> services listening on any ports. I can shut off my own telnetd for example,
> and still make telnet requests out via the client. That's just plain smart
> decking. :)
No, a character decking into your cyberdeck wouldn't be able to do much,
download anything you had in memory and activate/deactivate deck functions...
And it wouldn't be legitimate requests he'd be giving anyway; perhaps he'd
exploit something within the system to give him permission to activate other
services he wanted to use, once he was in. But remember that when deckers
enter corp systems, it's not valid access, they're tricking the system into
allowing them access, seems the same should be possible on a cyberdeck, current
internet examples notwithstanding. Current systems are not a good model for
what you'll see in 60 years, are they?

> Nah, I'm thinking server/client. The cyberdeck is tweaked out as an I/O
> device between the noggin and the VR, and as a client to launch local
> programs to do a little computing. It's not set up imho to service a request
> from another computer sitting in the matrix to 'enter' it matrix-style.
But it is set up to receive responses and input from whatever it is in touch
with, else you would get no sensory info for your icon's activities. It is a
two-way street, which could be used as an inroad into your system. It would be
a matter of finding the loopholes in your system.

> However, this is all very interpretive, as we cannot -possibly-
> predict where computers will be in 5 years, let alone 50.
Except that's what the matrix rules do, they describe what computers are like
in 2050. Their projection may or may not be accurate, but it's irrelevant, we
have to look at what FASA says the computers 2050 are like and work from there
unless we're going ot diverge and do the house-rules thing.

losthalo, who wishes that FASA would have done a little more clear explaining,
and given a few more mundane details

From:	Michael Vander Donk <mdonk@******.OZ.AU>
Subject:	Re: Decking & Matrix Security
Date:	Fri, 3 Oct 1997 09:28:48 +1000

Message no. 34 Rick J Irvine[SMTP:irvine@***.PURDUE.EDU] wrote:
> To me this sounds more like what attack programs targetted at the deck do,
> they exploit known weaknesses in defenses. I believe the original idea
> was to -deck- into a cyberdeck, ie, log in with full virtual world matrix
> style node. Getting access (personally I think only via the icon, but
others
> think otherwise) can indeed be done, but attacking the target decker's
> cyberdeck -as if it were a corp's computer system-, no, no way. That just
> doesn't wash w/me. The cyberdeck itself doesn't run a full VR matrix node,
> it is merely a device, an interpreter between the VR and the poor slot's
> brain. It itself is -not- an entity on the matrix. It can be attacked,
> but it cannot be 'entered'.
>
In this you are correct... I was taking access as any access possible...
not 'valid' access... Like you say, there would be no valid access
possible.....

> > Ok, using your example. Why doesn't the Corp decker mask as part of the
> > download?? This is what most deckers will use to get in, why not the
> > other way... There is no login, no service needed to be running (your
> > running the required client), Mr Corp just tags onto a packet and he is
> > in, no problem, no fuss.......
>
> Sorry, this didn't make any sense to me. :(

That's my understanding of the sleaze program. Makes your icon look like
another bit of valid data....

>
> > Your thinking in term of valid access, gained through the proper
> > methods, a decker almost never has this. See my example above. The only
> > real way you can be 100% secure is with bolt cutters..... (and even then
> > sometimes not... :-)
>
> Nah, I'm thinking server/client. The cyberdeck is tweaked out as an I/O
> device between the noggin and the VR, and as a client to launch local
> programs to do a little computing. It's not set up imho to service a
request
> from another computer sitting in the matrix to 'enter' it matrix-style.
>

Again, your correct, there will be (on most deckers machines ;-) no
services running...

> (Here's a little prediction:
[snip]

Hmm ... can't comment on that... by my prediction for the next 50 years
is rather bleak concerning the human race.... I really don't see it
succeeding for much longer ..... *shrug* but that's just little old
doomsday me ... :-)

Michael

--
What's the difference between a duck? One of it's legs are both the
same.
One should not act and speak as if one were asleep.

From:	Rick J Irvine <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 18:28:26 -0500

Message no. 35 Michael wrote:
> Hmm ... can't comment on that... by my prediction for the next 50 years
> is rather bleak concerning the human race.... I really don't see it
> succeeding for much longer ..... *shrug* but that's just little old
> doomsday me ... :-)

If I ever get REALLY depressed, and start thinking about doing the ol'
'cordless' bungee jumping off a high tower, I'll be sure and get some
comforting thoughts from you first Mike. :)

"*Sob* There's nothing left in this life for me"
Mike: "Yeah, yer probably right, just go ahead and jump now."

*Grin*

Cheers,
Cheetah

From:	Rick J Irvine <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 18:39:48 -0500

Message no. 36 Wendy lobs the ball back across the net to my court...:
>
> Rick Irvine slams the ball with an overhead swing and fires it to Wendy's
Court::
> (Snip)
> You seem to have the opinion that a node is always something big and important.
> A node is simply a way of your deck showing you information (which system or
> subsystem you are in contact with at the moment). A cyberdeck, if another deck
> connected to it, would appear to be a small CPU with a datastore attached. The
> various types of nodes are symbols for what the deck encounters, the MPCP
> interpretes what it encounters and puts a lable on it, either UMS or whatever
> sculpted icon the thing's code tells it to give you.

I define a node as something able to handle something else trying to log onto
it. Your cyberdeck is not something any other computer entity logs on to.
You don't log onto your cyberdeck when you jack in, do you? (Though yes it
can be argued that you have countermeasures in place at the jack-in port so
that if some OTHER brain tries to use your deck, *ZOT*.) I DO also yes
include in this definition the need for some serious computing power. For
a server to support one login, that isn't a trivial amount of computing power.
(Case in point: We have an experimental NT Server here, and it's being bogged
down by like only 20 Workstations. It's a PPro 200 with goads of ram and disk
space, but it simply cannot handle that many logins at once without going into
Molassis Mode.)

The decker using a cyberdeck is going to be hogging EVERY last bit of cpu
time he can get out of his deck. If someone else even twiddles with it a
little, he'll -feel- it, it will feel like someone threw, well, a wall of
molassis around him. How many of you have ever played Doom or Quake and
suddenly the network farts out and the game slooooows down? You suddenly
realize how jacked up your body is. Y'know why? Because your brain is
suddenly not as jacked up as your body was. :) So, I guess my big
statements would be:

1) Cyberdecks are fine-tuned client-type machines that cannot service logon
requests (ie, decking it as If it were a corp machine). This doesn't
mean you cannot get access to it, it means you cannot DECK it like it
was a big machine. How do you get that access? Through the guy's icon
IMHO.

2) Even if you can somehow logically disprove #1, I assert that a cyberdeck
will have almost no free cpu cylces to handle incoming requests for
anything. At the very least, the decker is going to know -instantly-
that someone is farking very hard with his deck.

Truly the only game balanced and fair way in this existing game system I
see to have someone hit a decker's deck is through his icon.

> internet examples notwithstanding. Current systems are not a good model for
> what you'll see in 60 years, are they?

This argument blows away any logical arguments either of us could make. :)
We could just say that in 60 years computers are like toasters, you press
the little button and you instantly get what you want.

*Cheetah hits the button, and quietly says, "Tea. Earl Gray."*

> But it is set up to receive responses and input from whatever it is in touch
> with, else you would get no sensory info for your icon's activities. It is a
> two-way street, which could be used as an inroad into your system. It would be
> a matter of finding the loopholes in your system.

Today's computers are and are not like this. A PPP link is indeed a two
way street, a dial-up is not. If you trace a PPP link, you see a target
machine that has a presence in the net. If you trace a dial-up, you see the
machine the person dialed into, and NOT the target machine. Sorry Charlie.
This idea of more than one way to connect, and whether or not your actual
hardware has a presence in the matrix, shouldn't probably change in the next
60 years. And imho it really does start to break out of what I think was
intended in this game system.

> losthalo, who wishes that FASA would have done a little more clear explaining,
> and given a few more mundane details

I think they feared all the computer nerds (Yo, that's me!) screaming about
this and that minor detail, about how something doesn't make sense according
to standard computer/network topology theories, etc. They were probably
damned right. :)

Cheers,
Cheetah

From:	Michael Vander Donk <mdonk@******.OZ.AU>
Subject:	Re: Decking & Matrix Security
Date:	Fri, 3 Oct 1997 10:09:42 +1000

Message no. 37 Rick J Irvine[SMTP:irvine@***.PURDUE.EDU] wrote:
> I define a node as something able to handle something else trying to log
onto
> it. Your cyberdeck is not something any other computer entity logs on to.

I define a node as a piece of hardware w/ a CPU... So a drone or pocket
secretary will be a node in my system. If you can get it to run code,
then it;s a node....

> You don't log onto your cyberdeck when you jack in, do you?

I would... but then, that's little paranoid me .. :-)

> I DO also yes
> include in this definition the need for some serious computing power. For
> a server to support one login, that isn't a trivial amount of computing
power.
> (Case in point: We have an experimental NT Server here, and it's being
bogged
> down by like only 20 Workstations. It's a PPro 200 with goads of ram and
disk
> space, but it simply cannot handle that many logins at once without going
into
> Molassis Mode.)

Memory is your problem, you need more memory ... I'm wondering how many
shares M$ has in hardware....

>
> 1) Cyberdecks are fine-tuned client-type machines that cannot service logon
> requests (ie, decking it as If it were a corp machine). This doesn't
> mean you cannot get access to it, it means you cannot DECK it like it
> was a big machine. How do you get that access? Through the guy's icon
> IMHO.
>
> 2) Even if you can somehow logically disprove #1, I assert that a cyberdeck
> will have almost no free cpu cylces to handle incoming requests for
> anything. At the very least, the decker is going to know -instantly-
> that someone is farking very hard with his deck.
>
OK ... if I was decking and needed every CPU cycle, I'd be upgrading....
(if i was decking I'd upgrade when approaching 60% util ... my life
depends on it after all... ) Needless to say, you would feel the
difference regardless of how powerful the machine is.... (unless it was
more than a normal deck.. :-)

> This argument blows away any logical arguments either of us could make. :)
> We could just say that in 60 years computers are like toasters, you press
> the little button and you instantly get what you want.
>
> *Cheetah hits the button, and quietly says, "Tea. Earl Gray."*
>
Tea from a toaster... now _that's_ advanced! :-P

Michael.
--
I hate myself to sleep at night
What a useless scroll, all it says is "Hastur Hastur Hastur" over and
over again.

From:	"Rick J. Irvine" <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 19:32:23 -0500

Message no. 38 At 10:09 AM 10/3/97 +1000, Michael wrote:
>Rick J Irvine[SMTP:irvine@***.PURDUE.EDU] wrote:
>> I define a node as something able to handle something else trying to log
>onto
>> it. Your cyberdeck is not something any other computer entity logs on to.
>
>I define a node as a piece of hardware w/ a CPU... So a drone or pocket
>secretary will be a node in my system. If you can get it to run code,
>then it;s a node....

Ok, then since we have different definitions, we're not going to see eye to
eye. Our arguments are disjoint, and I'm going to throw down the white flag
and kill the debate here. :)

>> You don't log onto your cyberdeck when you jack in, do you?
>
>I would... but then, that's little paranoid me .. :-)

I can just see it now... You slip the jack into your head, blackness surrounds
you, and then you hear... "Press Ctrl+Alt+Delete to log into your cyberdeck.
Thank you for using Windows NT Cyberdeck". *Grin*

>> Molassis Mode.)
>
>Memory is your problem, you need more memory ... I'm wondering how many
>shares M$ has in hardware....

Oh man, I'm lol. I think you've inspired me to make a parody web page, what
it would be like to use a cyberdeck running MS Windows NT Cyberdeck. ;)
*Rofl*

>OK ... if I was decking and needed every CPU cycle, I'd be upgrading....

100% CPU usage doesn't mean you need to upgrade, it could mean your deck
is using those unused cycles for backing things up, scanning things for
Bad Things, etc etc. (NT does this now. I personally find it damned
annoying.)

>> *Cheetah hits the button, and quietly says, "Tea. Earl Gray."*
>>
>Tea from a toaster... now _that's_ advanced! :-P

Give Microsoft a few years, they'll get it right eventually. :)

Cheers,
Cheetah

From:	Michael Vander Donk <mdonk@******.OZ.AU>
Subject:	Re: Decking & Matrix Security
Date:	Fri, 3 Oct 1997 10:46:45 +1000

Message no. 39 Rick J. Irvine[SMTP:irvine@***.PURDUE.EDU] wrote:
> Ok, then since we have different definitions, we're not going to see eye to
> eye. Our arguments are disjoint, and I'm going to throw down the white flag
> and kill the debate here. :)
>

I pretty much already did, two posts ago ... sometimes I just can't help
myself ... :-)

> I can just see it now... You slip the jack into your head, blackness
surrounds
> you, and then you hear... "Press Ctrl+Alt+Delete to log into your cyberdeck.
> Thank you for using Windows NT Cyberdeck". *Grin*
>
"Not all services were started. Please check the Event Viewer for more
information." ....
No way. No how. No way would I have micro$oft code anywhere near my
deck....

> Oh man, I'm lol. I think you've inspired me to make a parody web page, what
> it would be like to use a cyberdeck running MS Windows NT Cyberdeck. ;)
> *Rofl*
>
Hehe ... need help? :-)

> 100% CPU usage doesn't mean you need to upgrade, it could mean your deck
> is using those unused cycles for backing things up, scanning things for
> Bad Things, etc etc. (NT does this now. I personally find it damned
> annoying.)
>
Me to ... any my life does not depend on NT... But especially if I'm
decking, come across black IC, and my deck decided it wants to do a
backup .... no thanks .. :-)

michael.

--
What's the difference between a duck? One of it's legs are both the
same.
Think of hummingbirds as the flying penises of flowers

From:	"Wendy Wanders, Subject 117" <KGGEWEHR@******.ACS.MUOHIO.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 20:42:21 -0500

Message no. 40 You wrote:
> The decker using a cyberdeck is going to be hogging EVERY last bit of cpu
> time he can get out of his deck. If someone else even twiddles with it a
> little, he'll -feel- it, it will feel like someone threw, well, a wall of
> molassis around him.
I agree that a decker tries to eek every bit of ooomph out of his processor
that he possibly can, and that an invading decker would certainly be making big
waves in a small pool by decking his way in. No argument there.

> 1) Cyberdecks are fine-tuned client-type machines that cannot service logon
> requests (ie, decking it as If it were a corp machine). This doesn't
> mean you cannot get access to it, it means you cannot DECK it like it
> was a big machine. How do you get that access? Through the guy's icon
> IMHO.
I'm not saying it would even be a normal logon request, might just be injecting
something nasty into the deck's queue and running off. I just don't like the
word 'impossible', when finding loopholes and unexpected weaknesses in systems
is what deckers *do*.

> 2) Even if you can somehow logically disprove #1, I assert that a cyberdeck
> will have almost no free cpu cylces to handle incoming requests for
> anything. At the very least, the decker is going to know -instantly-
> that someone is farking very hard with his deck.
Oh, most definitely.

> Truly the only game balanced and fair way in this existing game system I
> see to have someone hit a decker's deck is through his icon.
And it is probably the more useful and simplest way to go about it. But it
doesn't give you access to his deck's memory, you can't steal something off his
deck, for instance...

> This argument blows away any logical arguments either of us could make. :)
> We could just say that in 60 years computers are like toasters, you press
> the little button and you instantly get what you want.
I'm just saying that using contemporary systems as examples rather than
discussing what FASA has presented about computers in 2050 doesn't seem to make
sense to me. I don't see computers working in the same specifics as networks
and servers today.

> Today's computers are and are not like this. A PPP link is indeed a two
> way street, a dial-up is not. If you trace a PPP link, you see a target
> machine that has a presence in the net. If you trace a dial-up, you see the
> machine the person dialed into, and NOT the target machine. Sorry Charlie.
> This idea of more than one way to connect, and whether or not your actual
> hardware has a presence in the matrix, shouldn't probably change in the next
> 60 years. And imho it really does start to break out of what I think was
> intended in this game system.

> > losthalo, who wishes that FASA would have done a little more clear explaining,
> > and given a few more mundane details

> I think they feared all the computer nerds (Yo, that's me!) screaming about
> this and that minor detail, about how something doesn't make sense according
> to standard computer/network topology theories, etc. They were probably
> damned right. :)
To some extent. I wouldn't want them to say, for instance, that a 2050
connection is analogous to a current PPP connection. But describing, for
instance, whether decks are matrix entities in their own right and count as
systems, stating whether one's deck's 'little white pyramid' can be attacked or
not, these things would have helped. Giving a more clear idea of how computers
do their jobs would help, too, just so we know what corp systems and other
computers are doing and what they're good for when deckers aren't breaking
into them... Since it seems like the system only describes 'deckers break into
systems and either take over slave nodes or steal data.'

losthalo

From:	Tim Cooper <z-i-m@****.COM>
Subject:	Re: Decking & Matrix Security
Date:	Thu, 2 Oct 1997 22:21:54 EDT

Message no. 41 On Thu, 2 Oct 1997 10:29:34 +1000 Michael Vander Donk writes:

[topic: Servers, clients, deck1 and deck2 - 5.6 mp deleted by user]

OK... so does all that happen when deck 1 runs Attack 6 (which can target
both IC and decker's indiscriminantly) against deck 2 in the matrix?

~Tim

From:	Mike Elkins <MikeE@*********.COM>
Subject:	Re: Decking & Matrix Security
Date:	Fri, 3 Oct 1997 09:44:01 -0500

Message no. 42 Chetah was saying:
>The cyberdeck itself doesn't run a full VR matrix
>node, it is merely a device, an interpreter
>between the VR and the poor slot's brain.

What you are missing is that the VR doesn't
come from the host (excepting UV systems) it
comes from the deck. The deck interprets the
sensor data and presents it through a VR
interface. Another decker's deck may be very
limited compared to a sculpted system, but that
just means it looks like a very bare bones simple
VR world to the invading decker.

Double-Domed Mike

From:	"Rick J. Irvine" <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Fri, 3 Oct 1997 09:53:26 -0500

Message no. 43 At 09:44 AM 10/3/97 -0500, Mike wrote:
>Chetah was saying:
>>The cyberdeck itself doesn't run a full VR matrix
>>node, it is merely a device, an interpreter
>>between the VR and the poor slot's brain.
>
>What you are missing is that the VR doesn't
>come from the host (excepting UV systems) it
>comes from the deck. The deck interprets the
>sensor data and presents it through a VR
>interface. Another decker's deck may be very
>limited compared to a sculpted system, but that
>just means it looks like a very bare bones simple
>VR world to the invading decker.

Drawing a VR screen is trivial work compared to all of the computations that
the host machine will have to do. I'm not going to go into even more techno-
drek, but even if the deck does some of the load, the sheer amount of work
required for VR is why we don't all have goggles and matrix-quality VR on
our pentium pro 200's right now. Yes we have some very basic stuff, but
that stuff is slow compared to what FASA hints the matrix being like.

You are saying that my cyberdeck, the machine that I have total and complete
access to, the machine I can tweak every last chip for maximum perform, MUST
provide the service of letting a user log onto it and perform 'normal' main-
frame style accesses? Bulldrek, that still does not make logical sense. If
I am custom building a machine to hack other machines, I will have an I/O
port for talking to the host machine, and NO logon services of any kind from
the outside. Don't tell me you're coming into my deck, you CAN'T without
my deck acting as a host. And as a decker, I choose to set my cyberdeck up
as a machine that doesn't support those softwares and services.

Why can people not see this? I seriously think people are starting to confuse
the idea of abusing bugs in software a target machine runs with decking it.
My cyberdeck doesn't run services to let you log in, so how do you attack it
at all? Simple, you have to attack the services I DO run. And all of those
are tied to my icon. You have to find my icon, and send bad signals down
my icon to the deck, hence, cybercombat.

Here's another test: Try to telnet to an NT machine (ok, one that isn't
running some add-on subsystem like OpenNT). Hey, look, connection refused.
Why? Because the NT machine isn't listening for those services. No matter
how good a decker you are, you AIN'T getting a telnet connection to that host.

So how do you attack such a machine? Simple, you put logging/trapping stuff
in your public software and trick the slot to run/access it. Web servers are
a great example. But see, you have to have the target person 'there', you
have to attack the machine through the person's actions, not directly at
the machine.

Why is this so hard to understand?

- Rick

From:	"Wendy Wanders, Subject 117" <KGGEWEHR@******.ACS.MUOHIO.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Fri, 3 Oct 1997 15:58:11 -0500

Message no. 44 You wrote:
> You are saying that my cyberdeck, the machine that I have total and complete
> access to, the machine I can tweak every last chip for maximum perform, MUST
> provide the service of letting a user log onto it and perform 'normal' main-
> frame style accesses? Bulldrek, that still does not make logical sense. If
> I am custom building a machine to hack other machines, I will have an I/O
> port for talking to the host machine, and NO logon services of any kind from
> the outside.
We're not talking about 'legitimately logging into your system' as a normal
host. We're talking about ( I think, anyway ) someone managing to manipulate
your deck illicitly, in much the same way as a decker manipulates a mainframe.
Just because your deck isn't set up for logons doesn't mean that someone cannot
affect it via the data it is taking in from the matrix.

> Don't tell me you're coming into my deck, you CAN'T without
> my deck acting as a host. And as a decker, I choose to set my cyberdeck up
> as a machine that doesn't support those softwares and services.
If you have a custom-built deck, and custom-built software, I'd say sure, you
could rule out a logon and could reduce the chances of anyone affecting your
deck illicitly (note that Tar Baby can still affect copies of programs running
on your deck, showing that another computer can affect your memory in much the
same way that your programs rearrange data on a mainframe.

> Why can people not see this? I seriously think people are starting to confuse
> the idea of abusing bugs in software a target machine runs with decking it.
> My cyberdeck doesn't run services to let you log in, so how do you attack it
> at all? Simple, you have to attack the services I DO run. And all of those
> are tied to my icon. You have to find my icon, and send bad signals down
> my icon to the deck, hence, cybercombat.
Well, typically, yes. But in cybercombat, the goal is just to log the opponent
off the Matrix, possibly damage his deck in some way. The goal here would be
to take control of some portion of the opposing decker's system and make use of
that control (preventing him from logging off, connecting him to another
system, etc.). It might require a new program to do it, but it should
theoretically be possible.

> Here's another test: Try to telnet to an NT machine (ok, one that isn't
> running some add-on subsystem like OpenNT). Hey, look, connection refused.
> Why? Because the NT machine isn't listening for those services. No matter
> how good a decker you are, you AIN'T getting a telnet connection to that host.
So instead you feed something back through the connection that your NT machine
*is* using, whatever that may be, in its attempts to access other systems.

> So how do you attack such a machine? Simple, you put logging/trapping stuff
> in your public software and trick the slot to run/access it. Web servers are
> a great example. But see, you have to have the target person 'there', you
> have to attack the machine through the person's actions, not directly at
> the machine.
I agree that you might have to do this through the decker's icon rather than at
his 'point of entry' into the Matrix. I'm saying that you might be able to, by
manipulating the data that the deck is receiving, affect it and arrange some
equivalent of a 'logon'. You might be able to get it to do something the user
normally doesn't want it to do (upload a copy of something in its memory,
execute a logoff, connect it to a different LTG number, etc.).

> Why is this so hard to understand?
I think it isn't that other people don't understand what you are saying, it is
that they disagree with your impression of how things work. One could say that
corp machines are not set up to accept logons from cyberdecks, and that they
should thus not respond to a decker's attempt to logon, yet it is possible to
fool a corp machine into allowing you access. Saying that it is 'impossible'
for someone else to find a way to deck a cyberdeck is being simplistic, in my
opinion. I'm not saying it would be easy, nor that the SR system covers how it
might be done, merely that it could be possible, if you were creative enough.

losthalo

From:	"Rick J. Irvine" <irvine@***.PURDUE.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Fri, 3 Oct 1997 15:41:19 -0500

Message no. 45 At 03:58 PM 10/3/97 -0500, Wendy wrote:
>Rick Irvine wrote:
>We're not talking about 'legitimately logging into your system' as a normal
>host. We're talking about ( I think, anyway ) someone managing to manipulate
>your deck illicitly, in much the same way as a decker manipulates a
mainframe.
>Just because your deck isn't set up for logons doesn't mean that someone
cannot
>affect it via the data it is taking in from the matrix.

Yes, but this is typically been done through the icon. Ie, you find the
decker, and launch one of your programs AT him or her. This fits perfectly
in with the existing Matrix model of Things.

>If you have a custom-built deck, and custom-built software, I'd say sure, you
>could rule out a logon and could reduce the chances of anyone affecting your
>deck illicitly (note that Tar Baby can still affect copies of programs
running
>on your deck, showing that another computer can affect your memory in much
the
>same way that your programs rearrange data on a mainframe.

This is true, but again, through the icon only. This discussion originally
was about treating a decker's deck as if it were a mainframe and decking it.
I believe the person suggested things like running IC on your deck, etc. I
believe this discussion left the railroad tracks of the original question
miles back. :)

>Well, typically, yes. But in cybercombat, the goal is just to log the
opponent
>off the Matrix, possibly damage his deck in some way. The goal here would be
>to take control of some portion of the opposing decker's system and make
use of
>that control (preventing him from logging off, connecting him to another
>system, etc.). It might require a new program to do it, but it should
>theoretically be possible.

*Faints dead away* This is what I've been trying to get at for all this
time. Instead of this bogus 'hit him through his deck's presence in the
matrix', it should read: 'develop a new program, one that hits a decker
and Does Things To His Dead (tm)'.

>> Here's another test: Try to telnet to an NT machine (ok, one that isn't
>> running some add-on subsystem like OpenNT). Hey, look, connection refused.
>> Why? Because the NT machine isn't listening for those services. No matter
>> how good a decker you are, you AIN'T getting a telnet connection to that
host.
>So instead you feed something back through the connection that your NT
machine
>*is* using, whatever that may be, in its attempts to access other systems.

This is exactly what you do when you (class? Anyone?) hit them through their
icon.

>> So how do you attack such a machine? Simple, you put logging/trapping
stuff
>> in your public software and trick the slot to run/access it. Web
servers are
>> a great example. But see, you have to have the target person 'there', you
>> have to attack the machine through the person's actions, not directly at
>> the machine.
>I agree that you might have to do this through the decker's icon rather
than at
>his 'point of entry' into the Matrix.

*Gasp* Did she say, 'icon'? ;)
(Only jesting, no foul intended)

>I'm saying that you might be able to, by
>manipulating the data that the deck is receiving, affect it and arrange some
>equivalent of a 'logon'. You might be able to get it to do something the
user
>normally doesn't want it to do (upload a copy of something in its memory,
>execute a logoff, connect it to a different LTG number, etc.).

Of course. If you can have a 'hog' program that self-replicates in a target
decker's memory, you should be able to have a 'report-snooper', where it
uses the same routines Hog does to 'get in' through the icon, then spit stuff
back out through the link to the attacking decker.

>> Why is this so hard to understand?
>I think it isn't that other people don't understand what you are saying,
it is
>that they disagree with your impression of how things work.

First, you're the only one I see still 'disagreeing' in any way. *Wink*
Second, for the amount of disagreeing we are supposedly doing, isn't it
amazing how closely to 'agreeing' we are? :)

> One could say that
>corp machines are not set up to accept logons from cyberdecks, and that they
>should thus not respond to a decker's attempt to logon, yet it is possible to
>fool a corp machine into allowing you access. Saying that it is 'impossible'
>for someone else to find a way to deck a cyberdeck is being simplistic, in my
>opinion. I'm not saying it would be easy, nor that the SR system covers
how it
>might be done, merely that it could be possible, if you were creative enough.

When you have a network, any kind of computer network, what you have is a
highway into the corp's machine, where untrusted entities have access to:
1) arrive
2) validate themselves, thus becoming trusted non-networked-but-local-instead
entities
3) use the services provided by said host.

A cyberdeck, much like a dos machine, doesn't have the capabilities for 2.
You send a telnet request to a dos machine, you think you are going to
get an 'Ack' packet back? :)

The real statement here is that you can only fool a machine to do what it is
able to do. You cannot fool a corp machine to make you toast and jam, why
would you be able to fool a cyberdeck to serve as a matrix host and have its
own presence in the matrix? That really just doesn't make sense at all.

Cheers,
Cheetah

From:	Oliver McDonald <oliver@*********.COM>
Subject:	Re: Decking & Matrix Security
Date:	Fri, 3 Oct 1997 16:46:11 +0800

Message no. 46 On Fri, 3 Oct 1997 09:53:26 -0500, Rick J. Irvine wrote:

>Here's another test: Try to telnet to an NT machine (ok, one that isn't
>running some add-on subsystem like OpenNT). Hey, look, connection refused.
>Why? Because the NT machine isn't listening for those services. No matter
>how good a decker you are, you AIN'T getting a telnet connection to that host.

The list of ways to hack into an NT machine that is not running OpenNT is too long to put
up here. I aggree
with your position, but NT was a bad choice...

-----------------------------------------------------------
Oliver McDonald - oliver@*********.com
http://web2.spydernet.com

Space. The Final Frontier. Let's not close it down.

Brought to you via CyberSpace, the recursive frontier.

From:	Adam J <fro@***.AB.CA>
Subject:	Re: Decking & Matrix Security
Date:	Fri, 3 Oct 1997 19:46:34 -0600

Message no. 47 At 20:42 10/2/97 -0500, you wrote:

>> Today's computers are and are not like this. A PPP link is indeed a two
>> way street, a dial-up is not. If you trace a PPP link, you see a target
>> machine that has a presence in the net. If you trace a dial-up, you see
the
>> machine the person dialed into, and NOT the target machine. Sorry Charlie.

I'm not sure who originally said this, because it appeared to be quoted in
losthalo's post.. anyways.

What do you see as a difference between a PPP link and a dial-up? I
dial-up and establish a PPP protocol with main.lis.ab.ca. So which am I?

I log onto Undernet, and join #Shadowrun. This is what the people in
#Shadowrun see:

[06:39] AdamJ (fro@*****.lis.ab.ca) joined #Shadowrun.

What is pm1-9.lis.ab.ca? My machine. Not lis's machine.

If you ran a TraceRoute, pinged, or fingered pm1-9.lis.ab.ca, you would
encounter my machine at the end of the chain, not one of lis's.

If you couldn't trace it right to my machine, how could I FTP a file? Get
info from a web page? etc..

If I misunderstood your comment, I'm sorry.

-Aj

-
http://shadowrun.home.ml.org \ TSS Productions \ The Shadowrun Supplemental
ShadowRN Assistant Fearless Leader \ WildAngle@******** \ fro@***.ab.ca
From The Jury's Bench: http://www.interware.it/shadowrun/jurybench

From:	Tim Cooper <z-i-m@****.COM>
Subject:	Re: Decking & Matrix Security
Date:	Fri, 3 Oct 1997 22:48:33 EDT

Message no. 48 On Thu, 2 Oct 1997 09:30:40 -0500 "Rick J. Irvine"
<irvine@***.PURDUE.EDU> writes:

>Using my original example, you could possibly hack my workstation, but
you
>cannot log on to my workstation and be considered 'in a matrix node'.
If
>you send the network request to my workstation to accept your legal or
>illegal login, you simply won't get a response. Why? Because my
workstation
>isn't listening to such requests. There is NO way you can log onto a
>machine that won't support logons. From what I have read of the SR
Matrix
>world, corp mainframes are built from the ground up with the idea of
users
>logging on and using services granted to them, whereas a deck (or
terminal)
>does not have this overhead.

Um... don't be so hasty... how do you explain the fact that I can
selectively log onto any workstation in the network, then log (from the
current workstation) onto any other workstation in the network. But
anyway that has little to do with SR decking.

>And it IS overhead, no matter what model you use, no matter what year.
Flat
>out if your computer or deck supports logging on and giving users
services,
>this is overhead. As a decker, I wouldn't put such services in the
cyberdeck
>I use to deck into corp computers.
>
>>... If this is so, then any system complex enough to be
>>interesting (all hosts and decks, down to the
>>smartest of vending machines) can be "decked".

Well, according to the core rules, you CAN (theoretically) deck through
any IO port connected to the system... whatever it happens to be.

>I think we have different terms for decking. I see 'decking' as
>logging onto the host machine and getting it to do things it
>shouldn't. Ie, giving me files, letting me use slave nodes, etc.
>You seem to use 'decking' as meaning 'causing problems with the
>target computer'. That is a combination of 'attack the decker's
>deck' utilities and decking, imho.

True, you can't actually "deck" into their deck where you'd appear in
some big rectangle that simulates the various protions of their deck's
architecture. But there is more that you can do with utilities besides
just trying to crash their deck.

>Here's another real world example. I have an FTP client installed
>on my system. Your corp has an FTP server with files on it, and
>those files are locked down so that the public cannot normally access
>them. I attach to your FTP server, it asks for a username and
>password. If I succeed in my Access Test, I've gotten in. Now I need
to figure out
>which files to get, what priviledges I need to get those files, etc.
etc.

But you don't really NEED an FTP client/server set up to get access to
your files... all you really need is an active connection the FTP part is
just icing on the cake.

>Now let's say that while I'm downloading those files, a corp decker sees
me
>doing this (via network line analyzers), and wants to do the same to me.
>He can't, because I don't have an FTP server on my system. Sorry
Charlie,
>but you aren't touching my files on my computer unless I have some sort
>of server program that will service your log on request.

BUT...you fail to consider that SOMEHOW constucts outside of your deck
can get access to your files. It's in the rules. Again consider the Tar
pit/baby forms of IC... again, these can erase utilities from both your
active memory (RAM) and your storage memory (HardDrive) - which sorta
implies read/write access doesn't it? If the IC can do it, then a decker
must also be able to do it.... Unless you think that corporate IC somehow
has special access privaleges to your deck?

>You might be able to do things like trace my signal, corrupt the files
that
>I'm trying to DL, kick me off, etc. Ie, you can hit my icon, you can
spooge
>the stuff I'm trying to get, but you can't log onto my deck because my
deck
>doesn't service outside network requests.

... and erase your files. :)
~Tim

From:	"Wendy Wanders, Subject 117" <KGGEWEHR@******.ACS.MUOHIO.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Sat, 4 Oct 1997 02:35:21 -0500

Message no. 49 You wrote:
> *Gasp* Did she say, 'icon'? ;)
> (Only jesting, no foul intended)
BTW, I'm a 'he', not that it particularly matters here. I'm appearing here
thanks to the help of a friend.

losthalo

From:	"Wendy Wanders, Subject 117" <KGGEWEHR@******.ACS.MUOHIO.EDU>
Subject:	Re: Decking & Matrix Security
Date:	Sat, 4 Oct 1997 13:20:20 -0500

Message no. 50 You wrote:
> Yes, but this is typically been done through the icon. Ie, you find the
> decker, and launch one of your programs AT him or her. This fits perfectly
> in with the existing Matrix model of Things.
Yes. The icon should be the only representation of the decker's deck, and it
should be vulnerable to intrusion like any other systems. That's how I see it.
You can say that countermeasures (lack of a normal logon procedure and the
like) impede someone affecting the deck, but with the right programs someone
should be able to 'deck' your deck.

> This is true, but again, through the icon only. This discussion originally
> was about treating a decker's deck as if it were a mainframe and decking it.
> I believe the person suggested things like running IC on your deck, etc. I
> believe this discussion left the railroad tracks of the original question
> miles back. :)

Well, 'decking it' is just a matter of perception. Any method one uses to
affect code on the target is 'decking it', whether or not your MPCP translates
that to you in simsense as being 'inside' the target. You're never inside the
target mainframe, you're just sending code to it to get it to do things. The
same is true of the mainframe running its Black IC on your deck's processor to
send lethal feedback into your autonomic nervous system. It isn't 'in' your
deck, merely affecting it.

> *Faints dead away* This is what I've been trying to get at for all this
> time. Instead of this bogus 'hit him through his deck's presence in the
> matrix', it should read: 'develop a new program, one that hits a decker
> and Does Things To His Dead (tm)'.
You meant 'deck', right? I agree that specialized software might be needed.
But 'decking' the target as opposed to just affecting it with something is
perception, a matter of perspective and nothing more.

> This is exactly what you do when you (class? Anyone?) hit them through their
> icon.
Bueller? ........ Bueller? ... Bueller?

> Of course. If you can have a 'hog' program that self-replicates in a target
> decker's memory, you should be able to have a 'report-snooper', where it
> uses the same routines Hog does to 'get in' through the icon, then spit stuff
> back out through the link to the attacking decker.
*nod* And I wonder why it hasn't been written up yet, except for the 'deckers
only hit mainframes' outlook of FASA's matrix rules.

> First, you're the only one I see still 'disagreeing' in any way. *Wink*
> Second, for the amount of disagreeing we are supposedly doing, isn't it
> amazing how closely to 'agreeing' we are? :)
*nod* Which is still better than the general 'agreeing to disagree' that
usually happens. :)

> When you have a network, any kind of computer network, what you have is a
> highway into the corp's machine, where untrusted entities have access to:
> 1) arrive
> 2) validate themselves, thus becoming trusted non-networked-but-local-instead
> entities
> 3) use the services provided by said host.

> A cyberdeck, much like a dos machine, doesn't have the capabilities for 2.
> You send a telnet request to a dos machine, you think you are going to
> get an 'Ack' packet back? :)

> The real statement here is that you can only fool a machine to do what it is
> able to do. You cannot fool a corp machine to make you toast and jam, why
> would you be able to fool a cyberdeck to serve as a matrix host and have its
> own presence in the matrix? That really just doesn't make sense at all.
I'm still not saying that it would serve as a 'host' to you, merely that you
would be affecting its code, which is often just as good. If you can eat up
its memory with Hog, or trash its programs with TarBaby, or download things
with the suggested 'scan and send' program, what's the difference between that
and being logged on.

losthalo

Message no. 51 Aj wrote:
>
> At 20:42 10/2/97 -0500, Rick Irvine wrote:
(snip, talking about dial-ups vs 'true' net links)
>
(Rick says: I know this is slightly OT, but it imho is also slightly on-topic)

> What do you see as a difference between a PPP link and a dial-up? I
> dial-up and establish a PPP protocol with main.lis.ab.ca. So which am I?
>

My apologies for the unclear terms. I was referring to a dial-up as in
you dial up a host machine and log on. Thus your net presence is purely
and only from that host machine. Your machine is not pingable, because it
doesn't exist on the net.

>
> -Aj

Message no. 52 Tim wrote:
>
> On Thu, 2 Oct 1997 09:30:40 -0500 "Rick J. Irvine"
> <irvine@***.PURDUE.EDU> writes:
>
(snipped a lot, this thread is getting toooo long :)
>
> Well, according to the core rules, you CAN (theoretically) deck through
> any IO port connected to the system... whatever it happens to be.

Yes, I agree, and I think Losthalo does as well, that what all you can do
from the target decker's O/I port is fuzzy.

(More snipped, example was FTP server)
> But you don't really NEED an FTP client/server set up to get access to
> your files... all you really need is an active connection the FTP part is
> just icing on the cake.
>
If I turn off every single iota of networking software on my system, then
just bring up the bare essentials to send OUT a connection (let's use telnet
as an example), then you can't hack my files. Sure you can send a packet
down the wire that says 'this is hack, gimme yer file list', but if my OS
simply cannot react to ANY such network packets, then you can't spoof
your way in.

Now, the one and -only- opening in my cyberdeck's security is that ONE single
transmission. So if you want to hit me, you HAVE to go down that transmission.
How does that relate to the Matrix game mechanics? It means you have to find
where the other end of that transmission is (ie, my icon) and send then down
the tube, so to speak.

> >Now let's say that while I'm downloading those files, a corp decker sees
> me
> >doing this (via network line analyzers), and wants to do the same to me.
> >He can't, because I don't have an FTP server on my system. Sorry
> Charlie,
> >but you aren't touching my files on my computer unless I have some sort
> >of server program that will service your log on request.
>
> BUT...you fail to consider that SOMEHOW constucts outside of your deck
> can get access to your files. It's in the rules. Again consider the Tar
> pit/baby forms of IC... again, these can erase utilities from both your
> active memory (RAM) and your storage memory (HardDrive) - which sorta
> implies read/write access doesn't it? If the IC can do it, then a decker
> must also be able to do it.... Unless you think that corporate IC somehow
> has special access privaleges to your deck?

Yes, but all of the examples and rules I have seen always, always show such
attacks as coming through the icon. You can launch tar baby at me, poof
there goes my utility, oh darn. But what I'm hearing here is that you could,
instead of hitting me, go to my deck itself (ie, not even bothering to find
where I am) and launch tar baby at my deck itself. That's bullocks. :) (imho)

Cheers,
Rick

Message no. 53 Losthalo wrote:
>
> You wrote:
> > Yes, but this is typically been done through the icon. Ie, you find the
> > decker, and launch one of your programs AT him or her. This fits perfectly
> > in with the existing Matrix model of Things.
> Yes. The icon should be the only representation of the decker's deck, and it
> should be vulnerable to intrusion like any other systems. That's how I see it.
> You can say that countermeasures (lack of a normal logon procedure and the
> like) impede someone affecting the deck, but with the right programs someone
> should be able to 'deck' your deck.

Let's clarify something here, I think we're beating a dead horse, mostly due
to each of us having different meanings for the same terms. 'Decking a
(computer/deck/whatever)' to me means using the game system rules for 'manually'
breaking into a machine, fooling it to launch applications (ie your programs),
etc.

It appears as if you define the term as 'disrupting normal opperation of said
computer'. This is very very different in the views of game mechanics.
Using sleaze and other programs to break into a computer is not the same as
running hog, acid, etc., at an icon/deck.

Of course you can cause damage/whack a decker's deck with programs, like hog,
etc. This is as per right out of the book. What has been suggested is that
you can also use the game mechanics for breaking into corporate computers,
ie, using system tests, to break into someone else's active cyberdeck. *This*
is what I'm saying 'bah, that's bullocks!' about. A cyberdeck has never
appeared to me to be able to handle such extraneous computer functions as to
even allow something like this to be possible.

>
> > This is true, but again, through the icon only. This discussion originally
> > was about treating a decker's deck as if it were a mainframe and decking it.
> > I believe the person suggested things like running IC on your deck, etc. I
> > believe this discussion left the railroad tracks of the original question
> > miles back. :)
>
> Well, 'decking it' is just a matter of perception. Any method one uses to
> affect code on the target is 'decking it', whether or not your MPCP translates
> that to you in simsense as being 'inside' the target. You're never inside the
> target mainframe, you're just sending code to it to get it to do things. The
> same is true of the mainframe running its Black IC on your deck's processor to
> send lethal feedback into your autonomic nervous system. It isn't 'in' your
> deck, merely affecting it.

Purely from a game mechanics view, I think I disagree with this. You have to
make system tests and sleaze into a system, then make more system tests and
sleaze to get that system to run your programs, you have to deal with the
load of the current system's programs, etc.

Affecting a computer is wholey different, it is sending a program off to do
the dirty work for you. Ie, hog is a great example imho.

This is like what is the difference between sending someone a remote email
message (ie, mailto: blah@****.com) and logging onto said target computer
system and sending it locally? (ie, mailto: blah) The difference in our
case would be game mechanics. The difference in the example case here would
be that YOU are at the controls. Now, here's the closer to this example:
Some computers are set up so you can send them email over the net, ie 'mailto:
blah@****.com", but blah.com doesn't have to be set up to allow you to log
into it. So, a system can be set up to disallow you to log in and do the
deed yourself, but it still may be vulnerable to a program.

(snipped a bit, just stuff we agreed on :)
> > When you have a network, any kind of computer network, what you have is a
> > highway into the corp's machine, where untrusted entities have access to:
> > 1) arrive
> > 2) validate themselves, thus becoming trusted non-networked-but-local-instead
> > entities
> > 3) use the services provided by said host.
>
> > A cyberdeck, much like a dos machine, doesn't have the capabilities for 2.
> > You send a telnet request to a dos machine, you think you are going to
> > get an 'Ack' packet back? :)
>
> > The real statement here is that you can only fool a machine to do what it is
> > able to do. You cannot fool a corp machine to make you toast and jam, why
> > would you be able to fool a cyberdeck to serve as a matrix host and have its
> > own presence in the matrix? That really just doesn't make sense at all.
> I'm still not saying that it would serve as a 'host' to you, merely that you
> would be affecting its code, which is often just as good. If you can eat up
> its memory with Hog, or trash its programs with TarBaby, or download things
> with the suggested 'scan and send' program, what's the difference between that
> and being logged on.

The difference is in what game mechanics to use. One way you simply launch
a program (hog), the other you have to do a whole lot of system tests and
what not. There's a major and very signifigant difference imho. One way
all you can do is trash the attacking program at best (hog), the other your
butt is on the line, they can trash YOU as you try to invake said system.

Cheers,
Rick

Message no. 54 On Sat, 4 Oct 1997 13:20:46 -0500, Rick J Irvine wrote:

>> BUT...you fail to consider that SOMEHOW constucts outside of your deck
>> can get access to your files. It's in the rules. Again consider the Tar
>> pit/baby forms of IC... again, these can erase utilities from both your
>> active memory (RAM) and your storage memory (HardDrive) - which sorta
>> implies read/write access doesn't it? If the IC can do it, then a decker
>> must also be able to do it.... Unless you think that corporate IC somehow
>> has special access privaleges to your deck?
>
>Yes, but all of the examples and rules I have seen always, always show such
>attacks as coming through the icon. You can launch tar baby at me, poof
>there goes my utility, oh darn. But what I'm hearing here is that you could,
>instead of hitting me, go to my deck itself (ie, not even bothering to find
>where I am) and launch tar baby at my deck itself. That's bullocks. :) (imho)

For all intents and purposes your Icon is your deck. On the other hand, when you are
hacking (decking)
into a system, you are in fact running programs on it to subvert it's protections. ICe
will subvert your
programs, to have them send *AND* execute programs on your deck. You need to maintain an
open two
way communication with these programs so that you can modify them on the fly...

So, how to hack into a deck? Simple, trace a connection to where you are hacking a system,
hack that
system faster than you can, install some ICe that will give you a connection to their
deck.

-----------------------------------------------------------
Oliver McDonald - oliver@*********.com
http://web2.spydernet.com

Space. The Final Frontier. Let's not close it down.

Brought to you via CyberSpace, the recursive frontier.

Message no. 55 In a message dated 97-10-04 14:21:22 EDT, irvine@***.PURDUE.EDU writes:

> If I turn off every single iota of networking software on my system, then
> just bring up the bare essentials to send OUT a connection (let's use
telnet
> as an example), then you can't hack my files. Sure you can send a packet
> down the wire that says 'this is hack, gimme yer file list', but if my OS
> simply cannot react to ANY such network packets, then you can't spoof
> your way in.

One problem that I am seeing with this logic is that people are using the
non-simsensual POV for their cyberdecks. In order for Matrix interaction to
occur, the activity is not only two-way, but not less than Total VR (even a
cold or tortoise will likely receive the multi-faceted iconographics.
Simsesnsual hardware requires a bit more direct interfacing (like...duh says
the valley gal), and thus opens up the user to more actions.

> Now, the one and -only- opening in my cyberdeck's security is that ONE
> single
> transmission. So if you want to hit me, you HAVE to go down that
> transmission.
> How does that relate to the Matrix game mechanics? It means you have to
> find
> where the other end of that transmission is (ie, my icon) and send then
down
> the tube, so to speak.

The problem here, as I see it at least, is that one transmissions is still
TWO WAY. If you didn't have such, there would be no real method of
interacting. Unless you had a decker "hacking blind" (what a frightening
thought).

> > BUT...you fail to consider that SOMEHOW constucts outside of your deck
> > can get access to your files. It's in the rules. Again consider the
Tar
> > pit/baby forms of IC... again, these can erase utilities from both your
> > active memory (RAM) and your storage memory (HardDrive) - which sorta
> > implies read/write access doesn't it? If the IC can do it, then a
decker
> > must also be able to do it.... Unless you think that corporate IC
somehow
> > has special access privaleges to your deck?
>
> Yes, but all of the examples and rules I have seen always, always show
such
> attacks as coming through the icon. You can launch tar baby at me, poof
> there goes my utility, oh darn. But what I'm hearing here is that you
could,
>
> instead of hitting me, go to my deck itself (ie, not even bothering to
find
> where I am) and launch tar baby at my deck itself. That's bullocks. :) (
> imho)

As I said the other night, there are TWO points of access to a cyberdeck that
is active in the matrix. There is the Icon itself and it's relative point of
reference and there is the actual connecting jack point to the matrix
(usually representational by the goofy little pyramids).

I know the following two examples of Hacking a Deck aren't Canon, but Black
Madonna mentions such happening to Carmichael (did I goof the name?) and in
the first trilogy of books, the "something Power", where Dodger is "mind
probed" by Morgan at the end of the story and replies to his thoughts, not
his pro-verbum statements.

-K (as in Keith)

Message no. 56 In a message dated 97-10-04 16:11:50 EDT, oliver@*********.com writes:

>
> So, how to hack into a deck? Simple, trace a connection to where you are
> hacking a system, hack that
> system faster than you can, install some ICe that will give you a
connection
> to their deck.
>
Sad to say, it isn't nearly so difficult. All of the systems to date in SR
(for the purpose of easier game mechanics (is that an Oxymoron?) and
simplying things) use UMS Iconographics and Linguistic Parallels (which is a
Phonetics Term I know). So, the software that hacks a "mainframe" is also
functional on a cyberdeck or cyberterminal.

Slaves is the channel to directly override the operating functiosn of a deck
(readjusting a user's Biofeedback for instance), while Control would be
necessary to perform internal memory changes. Index is to find things (of
course), but it could also help the "internal hacker" in locating the
"OS"
parameters of the deck itself. Files would work normal, adjusting/changing
the files on a deck. Access, well that of course is needed to get past the
"door".

Access tests could be MPCP/Persona, actually any such target numbers would or
could be based upon the MPCP of the deck that is being hacked into.
Bandwidth of the deck however would be a method of detecting such intrusion,
because suddenly the decker is "carrying the load" of more than just his own
machine.

This has been done in the games here a while ago, and the players were really
thrown for some loops. Especially when the Otaku had just downloaded a file
and was "Gracefully Logging Off", when the security decker performs a Slaves
test and caused the "Persona" to perform a "Download File" and
"cough up" the
file in question. Made things really hopping, if you know what I mean.

-K (as in Keith)

Message no. 57 In a message dated 97-10-04 14:20:56 EDT, Rick wrote:

<<<[Yes, but all of the examples and rules I have seen always, always show
such
attacks as coming through the icon. You can launch tar baby at me, poof
there goes my utility, oh darn. But what I'm hearing here is that you could,
instead of hitting me, go to my deck itself (ie, not even bothering to find
where I am) and launch tar baby at my deck itself. That's bullocks. :) (>
imho)]>>>

An icon is just the representation for the current location of where the
decker currently is. Besides, there is no reason that someone can not
perform a Trace and Report for the physical location of the decker's meat bod
and then go to that location matrixly and then doing something nasty, like
turn off the comm-system at that location or something else.

Mike

Message no. 58 on 30.09.97 KGGEWEHR@******.ACS.MUOHIO.EDU wrote:

K> > I think full-blown deckers CAN EASILY get inside your computer. BUT:
K> {snip}
K>
K> Frankly, SR has never really described much about what computers *DO*
K> besides present targets for deckers. We have no idea how much processing
K> power 50 MP represents on a wrist comp, or how much headware memory is
K> worth to the owner aside from how many knowsofts and such he can hold...
K> Even the 1MP ~ 2 Megabytes of info that I once got informally from Tom Down
K> doesn't tell you much. How big is your average word processor, or
K> spreadsheet program now? What sort of programs are run on PCs, let alone
K> mainframes? It's left so vague the GM must ad-lib it completely, really...
K> This is one of CP2020's advantages over SR. Prices listed and memory
K> sizes for ICE. So you can ice your deck if you want to, or what-have-you.
K> It does a better job of giving a feel that computers do something other
K> than hold info for deckers to steal, this is what SR needs for decking,
K> something that should have found its way into VR 2.0.

ACK! Sometimes I just bite into the table when I see a SR decking run (I'm
a geek, you see). Just that old password problem. I make it three trys and
then freeze that account and the decker is never going to crack my system
with his neat sleeze-program, as it really can't be anything else then a
guesser. If he wants to crack it, he'll have to get the password from the
luser who ownes that account (which could be a pretty good run). Or the 'I
use mask and the admin's never gonna see me problem'. How do I mask the
fact, that I run programs on a system?

Oh yeah, SR should copy another thing from CP: Listing the caliber of
weapons.

Tobias Berghoff a.k.a Zixx a.k.a. Charon, your friendly werepanther physad.

-----BEGIN GEEK CODE BLOCK------------
GAT/CS/S/IT d--- s+:- !a>? C++(++++)
UL++(++++) P+ L++ E W+ N+(+++) o? K?(-)
w---() O- M-- V- PS+ PE- Y+>++ PGP-
t+(++) 5+ X++ R* tv b++ DI(+) D++ G>++
e>+++++(*) h! r-- z?
------END GEEK CODE BLOCK-------------

Message no. 59 Keith wrote:
>
> In a message dated 97-10-04 14:21:22 EDT, irvine@***.PURDUE.EDU writes:
>
> > If I turn off every single iota of networking software on my system, then
> > just bring up the bare essentials to send OUT a connection (let's use
> telnet
> > as an example), then you can't hack my files. Sure you can send a packet
> > down the wire that says 'this is hack, gimme yer file list', but if my OS
> > simply cannot react to ANY such network packets, then you can't spoof
> > your way in.
>
> One problem that I am seeing with this logic is that people are using the
> non-simsensual POV for their cyberdecks. In order for Matrix interaction to
> occur, the activity is not only two-way, but not less than Total VR (even a
> cold or tortoise will likely receive the multi-faceted iconographics.
> Simsesnsual hardware requires a bit more direct interfacing (like...duh says
> the valley gal), and thus opens up the user to more actions.

Keith, I don't want to sound like I'm bashing you here, but I don't see any
logic to your argument. :) There exist VR connections today, and they are
indeed single connections. If a piece of hardware is listening to that one
connection, there isn't anything that says that hardware has to listen to
other connections. In fact, that would be a BAD model for building hardware,
and I can't see a good decker doing that.

> > Now, the one and -only- opening in my cyberdeck's security is that ONE
> > single
> > transmission. So if you want to hit me, you HAVE to go down that
> > transmission.
> > How does that relate to the Matrix game mechanics? It means you have to
> > find
> > where the other end of that transmission is (ie, my icon) and send then
> down
> > the tube, so to speak.
>
> The problem here, as I see it at least, is that one transmissions is still
> TWO WAY. If you didn't have such, there would be no real method of
> interacting. Unless you had a decker "hacking blind" (what a frightening
> thought).

So? Two way means I sent to a specific site, and I receive from a specific
site. It truly is trivia to implement (in the hardware, even) a check to see
if any incoming transmissions are not from that one site. Most 'hacking'
(ie, abuse of bugs to 'get in') is done in the software, not the hardware.
As a general rule, there are very few abusable hardware bugs. Why? Because
if a chip has a bug in it, it'll get abused 100 times more than any software
bug will be. Why? Because it's easier to replace software. :) This is true
even in today's computers. How many folks here are aware that the first few
generations of Intel's 386 chip had a massive hole in it? If memory serves,
it only really affected Linux and other Real-mode (that's where the cpu is
multi-process, non-dos) OS's, and it allowed any process to push commands
into the cpu manually, letting non-admin processes gain admin privs. It
got fixed VERY fast...

> > > BUT...you fail to consider that SOMEHOW constucts outside of your deck
> > > can get access to your files. It's in the rules. Again consider the
> Tar
> > > pit/baby forms of IC... again, these can erase utilities from both your
> > > active memory (RAM) and your storage memory (HardDrive) - which sorta
> > > implies read/write access doesn't it? If the IC can do it, then a
> decker
> > > must also be able to do it.... Unless you think that corporate IC
> somehow
> > > has special access privaleges to your deck?
> >
> > Yes, but all of the examples and rules I have seen always, always show
> such
> > attacks as coming through the icon. You can launch tar baby at me, poof
> > there goes my utility, oh darn. But what I'm hearing here is that you
> could,
> >
> > instead of hitting me, go to my deck itself (ie, not even bothering to
> find
> > where I am) and launch tar baby at my deck itself. That's bullocks. :) (
> > imho)
>
> As I said the other night, there are TWO points of access to a cyberdeck that
> is active in the matrix. There is the Icon itself and it's relative point of
> reference and there is the actual connecting jack point to the matrix
> (usually representational by the goofy little pyramids).

Why would a cyberdeck listen to any requests coming in from that point? This
is like saying "I have a dos machine, and even though it is running a program
already, I'm going to use my Computer(8) skill to make it run four more
programs." You can't use hacking skills to make hardware do what it wasn't
designed to do, ie serve incoming network connections.

I will agree with Mike Bobroff, though, that you could indeed throw a trace
& report on a decker, figure out which LTG point he is coming in from, and
deck into the machines of the company controlling that I/O port. If you could
gain access to that computer, you could do a crash or shutdown and cut the
decker off. (I can't count the number of times my link's been cut by my
ISP's machines doing the network-technicolor yawn.)

> I know the following two examples of Hacking a Deck aren't Canon, but Black
> Madonna mentions such happening to Carmichael (did I goof the name?) and in
> the first trilogy of books, the "something Power", where Dodger is
"mind
> probed" by Morgan at the end of the story and replies to his thoughts, not
> his pro-verbum statements.

You're a very knowledgable GM in the rules, Keith. But it's been stated
before that the novels very often spoof the rules in order to get more damatic
responses from their stories. I shudder to think that someone is going to sit
down and create a whole set of complete rules for this just from seeing it in
one or two novels.

I've also read about something called the "Great Ghost Dance", yet I don't
see mages tossing it around daily... If I do, I'm going to just pull my gun,
put it to my mouth, flip off the heavens, and blow my character's brains
out. :)

Tell you what, if you guys really believe these logical stances with such
strong convictions, why not post some solid game mechanics here? This is
the flip side to my 'bitch coin'. :) Some of the logic I've seen on here
defies rational computer logic (I am NOT cracking on anyone, we each have
different sets of knowledge of different types of computers). The rest
seems to really defy the logic of the game mechanics. Let's see some solid
rule suggestions on this kind of stuff and see if we can get it balanced.
I'll be a lot less grumbling and less grumpy about this if I see a truly
-balanced- system, where the decker can take countermeasures to having every
GM-spawn decker in the world just trompse into my head (this is my otaku
char I'm thinking about) and go 'ooh, look, pretty brains *scramble*'.

Cheers,
Rick

Message no. 60 You wrote:
> ACK! Sometimes I just bite into the table when I see a SR decking run (I'm
> a geek, you see). Just that old password problem. I make it three trys and
> then freeze that account and the decker is never going to crack my system
> with his neat sleeze-program, as it really can't be anything else then a
> guesser.
Oh, please... *sure* it can. It can look at the login program that's trying to
keep it out, find chinks in the armor (loopholes), and take advantage of one of
them to either find the correct password or bypass it entirely. That's what
Sleaze does. "I'm a helpful little data packet from the Cal Free State branch,
let me in... see, I have this nice shiny password (just stole it from the
password location inna code)." Decking is a little more sophisticated than
hacking today, that's why you need programs to do a lot of the work for you.
They analyze the system and give some good guesses as to how to subvert it.
The decker advises his programs as to courses of action and targets, the
programs do most of the real work of hacking, because a human mind is too slow.

If he wants to crack it, he'll have to get the password from the
> luser who ownes that account (which could be a pretty good run). Or the 'I
> use mask and the admin's never gonna see me problem'. How do I mask the
> fact, that I run programs on a system?
Well, therein lies the beauty of Masking. It is designed to look at the system
type and modify the signals you are sending to appear like normal traffic.
Otherwise you're just some guy trying to dial up and being refused... A
decker's programs do a LOT of things that are not really described, merely
hinted at.

> Oh yeah, SR should copy another thing from CP: Listing the caliber of
> weapons.
SR doesn't need it. You could assign calibres to firearms, but to what end?
All the 'heavy pistols' in CP2020 are the same caliber, why bother stating that
it's 10mm? Does it make a difference? Not really. I've told players in the
past and even recently what the calibers are, roughly, for various weapons, but
it doesn't mean much to the game. Not listing them means that people who don't
want to worry about it don't have to deal with it (have I mentioned that SR's
abstract qualities are nice in some ways?).

losthalo

Message no. 61 In a message dated 97-10-05 16:23:32 EDT, irvine@***.PURDUE.EDU writes:

This reply situation is a bit LONG, warning all reading now ... I am also
going to probably regret leaving this conversation "public".

> > One problem that I am seeing with this logic is that people are using the
> > non-simsensual POV for their cyberdecks. In order for Matrix
interaction
> to
> > occur, the activity is not only two-way, but not less than Total VR
(even
> a
> > cold or tortoise will likely receive the multi-faceted iconographics.
> > Simsesnsual hardware requires a bit more direct interfacing (like...duh

> says
> > the valley gal), and thus opens up the user to more actions.
>
> Keith, I don't want to sound like I'm bashing you here, but I don't see
any
> logic to your argument. :) There exist VR connections today, and they are
> indeed single connections. If a piece of hardware is listening to that
one
> connection, there isn't anything that says that hardware has to listen to
> other connections. In fact, that would be a BAD model for building
hardware,

Actually Rick, they aren't. Multi-POV is the occurence of many upgrades that
are occurring today. Sure, there is just the -1- phone line/access to a
given computer, but that one access is now bleeding into numerous locales and
functions simultaneously. What I was referring to by "one-way" is that all
communication is two-way/bilateral in it's path. Input/Output. Oldest
argument. Because that creates information "choke points" on the Matrix (be
it identified as Bandwidth Overpulse, Lagtime, or Retrain Datatrail) it
becomes multiple points where the trace can be, in theory, initiated.
Anyplace a trace can be initiated is also a potential location for a deckers
datapath to be entered/hacked.

> and I can't see a good decker doing that.

Rick, go beyond the known computers and into the Gray Region. Think Neural
Matter here. The mind generates dozens, hundreds, -thousands-, of neural
transmissive's all at once. Anyone using a direct/ASSIST biofeedback system
is opening a portion of those transmissive's to manipulation from beyond the
body. Also, if you enter the concept of direct, neural-link, manipulation of
data ... you are opening up an entirely new 'file of worms.'

Subconscious Relay.

Rick (and anyone), the Matrix is a place where the informational exchange of
a highly computerized world is processed, manipulated, and expanded upon. A
Direct Neural link can go beyond anything that we possess in the current day.
Imagine if you will a Biofeedback system that is directly linked (via ASSIST
for example). The mind/body is always trying to monitor itself. Everytime
one of those little actions occurs within the mind, the translated impulse
goes to the deck/interface. Imagine a system where continual feedback is
being proto-looped through the system. If you can really, fully, grasp that
concept, then the Otaku are easily understandable and imaginable. ICe is
performably conceivable. And hacking another's user's deck is only the first
step in a series of powerful, long developments.

> So? Two way means I sent to a specific site, and I receive from a
specific
> site. It truly is trivia to implement (in the hardware, even) a check to
> see
> if any incoming transmissions are not from that one site. Most 'hacking'
> (ie, abuse of bugs to 'get in') is done in the software, not the hardware.
> As a general rule, there are very few abusable hardware bugs. Why?
Because
> if a chip has a bug in it, it'll get abused 100 times more than any
software
> bug will be. Why? Because it's easier to replace software. :) This is
> true
> even in today's computers. How many folks here are aware that the first
few
> generations of Intel's 386 chip had a massive hole in it? If memory
serves,
> it only really affected Linux and other Real-mode (that's where the cpu is
> multi-process, non-dos) OS's, and it allowed any process to push commands
> into the cpu manually, letting non-admin processes gain admin privs. It
> got fixed VERY fast...

I was aware of what you are speaking of. And those very holes you are
pointing out in one method, are the same holes that exist (at least likely
so), in the Matrix Environs of SR fiction.

> > As I said the other night, there are TWO points of access to a cyberdeck

> that
> > is active in the matrix. There is the Icon itself and it's relative
point
> of
> > reference and there is the actual connecting jack point to the matrix
> > (usually representational by the goofy little pyramids).
>
> Why would a cyberdeck listen to any requests coming in from that point?
> This
> is like saying "I have a dos machine, and even though it is running a
> program
> already, I'm going to use my Computer(8) skill to make it run four more
> programs." You can't use hacking skills to make hardware do what it
wasn't
> designed to do, ie serve incoming network connections.

Oh really? Look very carefully at the Retrain Datatrail operations test in
VR2. That is exactly what you are telling things to do. Your example is far
from comparable in the situation at hand.

> I will agree with Mike Bobroff, though, that you could indeed throw a
trace
> & report on a decker, figure out which LTG point he is coming in from, and
> deck into the machines of the company controlling that I/O port. If you
> could
> gain access to that computer, you could do a crash or shutdown and cut the
> decker off. (I can't count the number of times my link's been cut by my
> ISP's machines doing the network-technicolor yawn.)

Ya know, you have just said the very thing that makes all of this possible.
Rick, a suggestion. Try using 'real world' computer demographics to
originate the abilities of the SR2 'matrix demographics', don't use it to
base things wholy upon. You'll discover it's simply not compatible. You
made the comment the other night about AOL occasionally glimpsing into my
hard drive when I'm online. Well Merry - Bleeding - XFiles - Christmas.
That action is happening without any notification to the user at the time it
is happening. Because I don't have a program to recognize such activity.
However, if you run things like Wintune and know what you are looking for
and have LOTS of time to waste, you'll know it when you see it. Access, be
it legal or illegal, has many hiccups. If you illegally gain access to AOL
for example, and use it's machines as your system servers (chuckle there for
a moment), but you don't tell AOL that ... then the system will simply treat
you as a common user and perform all the logical, legal, activities upon your
machine (even if you are illegally accessing). All without informing you of
crap, diddly or kitty litter coupons. And btw, do NOT attempt such stunts on
AOL or Purdue (which is where you are from). Purdue has total authority
access to it's hardware. NOT a single bit of that processing power is public
access. Neither is AOL for that matter. In fact, as far as I can tell,
there are no global access systems that are 'public' owned. All of it
belongs to someone else. Sure, email is protected ... but what about what is
behind those letters???

> You're a very knowledgable GM in the rules, Keith. But it's been stated
> before that the novels very often spoof the rules in order to get more
> damatic
> responses from their stories. I shudder to think that someone is going to

> sit
> down and create a whole set of complete rules for this just from seeing it

> in
> one or two novels.

See below after you request ... then you can shudder all you want ... time to
join the big boys Cheetah (Knowing Grin- Evil is Beyond Reproach)

> I've also read about something called the "Great Ghost Dance", yet I don't
> see mages tossing it around daily... If I do, I'm going to just pull my
gun,
> put it to my mouth, flip off the heavens, and blow my character's brains
> out. :)

Give the Mana Curve time Rick. It will come...

> Tell you what, if you guys really believe these logical stances with such
> strong convictions, why not post some solid game mechanics here? This is
> the flip side to my 'bitch coin'. :) Some of the logic I've seen on here
> defies rational computer logic (I am NOT cracking on anyone, we each have
> different sets of knowledge of different types of computers). The rest
> seems to really defy the logic of the game mechanics. Let's see some
solid
> rule suggestions on this kind of stuff and see if we can get it balanced.
> I'll be a lot less grumbling and less grumpy about this if I see a truly
> -balanced- system, where the decker can take countermeasures to having
every
> GM-spawn decker in the world just trompse into my head (this is my otaku
> char I'm thinking about) and go 'ooh, look, pretty brains *scramble*'.

Rick, the rules to perform this already exist within the confines of VR2 and
the SR universe as a whole. It is merely changing the perceptual POV. Who
is the target? The company mainframe or the decker who's breaking into it?
Once you can think from another point of view, then ask yourself something.
Just what does Prophet do in his spare time? IntSec for Fuchi ... think for
a moment ... Hefner (the GM for a game here) knows, he just doesn't want to
inform the rest of his game world (aka, you guys).

-Keith (who is more than just a knowledgable GM)

Message no. 62 In a message dated 97-10-05 16:23:43 EDT, you write:

> Keith, I don't want to sound like I'm bashing you here, but I don't see any
> logic to your argument. :) There exist VR connections today, and they are
> indeed single connections. If a piece of hardware is listening to that
one
> connection, there isn't anything that says that hardware has to listen to
> other connections. In fact, that would be a BAD model for building
hardware,
> and I can't see a good decker doing that.

Rick, the one response I (Mike) would have to you then is if the connection
is truly a one way thing, then how can that deck truly interact with the
matrix then. There is also nothing that is safe even in the current world
(short of a truly off-line system, and even then it is not safe from physical
tapping - remember Mission Impossible).

Going with the example of the device you mention (having a one-way link), any
decker could perform a Spoof test to make access to the deck or whatever
possible. Another note on this topic, is that this is something some deckers
do to others so that the other decker can not just log-off at a moments
notice (this happened in one of the books and dealt with doing something to
the ASIST system of a deck - I believe).

Message no. 63 <snip yet another telnet example>
Rick J. Irvine wrote
>Why is this so hard to understand?

Its not at all hard to understand, but I think you
are missing a lot of the subtlety of decking.
Running Access or Sleaze is NOT like running
telnet. It is NOT getting a shell. It is getting
some ability to inspect or influence the target
machine. Maybe this means taking advantage of
a sendmail bug, maybe it's running a password
cracker, maybe it is overflowing a buffer until
your code bytes hit the IP, it doesn't matter, the
system is abstract.

Once you've gotten some ability influence that
machine, your deck displays your options to
you. In SR, the state of the art UI for
manipulating things quickly is VR, so that is what
deckers use. You indicate what you want to do
with this super snazzy interface, and then you
roll a system test to see if you can do it. The
host machine never "logged you in", it never
provided you with a shell (IC would be on one of
those in a second).

Read VR2.0 again. Read more modern
computer theory. Then talk to me about what I
don't understand, kid.

Double-Domed Mike

Message no. 64 On 30 Sep 97, Logan Graves disseminated foul capitalist propaganda by
writing:

> When one looks out across that 'consensual hallucination, commonly
> known as the Matrix' & sees those yellow/white pyramid icons
> representing the (small) personal systems, which literally carpet
> the grid's lower levels,
>
> "what security mechanism is in place to keep the deckers
> out??!!"

You mean there is one? Ha! And I always thought Deep Blue got me
those 'burgers At Joes for free... (Deep Blue is my buddy decker)

Well, in reality I do pay for my 'burgers, since I'm a nice guy :P,
but I always thought that deckers just don't bother. In VR2 it's said
that Blue systems - all those burger bars and stuff - are full of
cybergrafittis and other pranks by young proto-deckers, but that some
people use them for getting cyber-protection money.
"From: CyberDragon
To: Joe
Subject: Cyberbomb
If you don't transfer 100¥ to my account in 5 minutes, your system
will wipe out all of it's systems.
Accout number: 1498y12-AAf31.
PS. It'll be gone in 10 minutes, so don't bother tracking it."

Or something like this.

That's what you get for not reading your VR2 to the end.
:P

Mike (Leszek Karlik) - trrkt@*****.onet.pl; http://www.wlkp.top.pl/~bear/m=
ike
FL/GN Leszek/Raptor II/ISD Vanguard, (SS) (PC) (ISM) {IWATS-IIC} JH(Sith)=
/House Scholae Palatinae
Take my advice, I don't use it anyway.

Message no. 65 At 03:10 PM 10/3/97 -0500, you wrote:
><snip yet another telnet example>
>Rick J. Irvine wrote
>>Why is this so hard to understand?
>
>Its not at all hard to understand, but I think you
>are missing a lot of the subtlety of decking.
>Running Access or Sleaze is NOT like running
>telnet. It is NOT getting a shell. It is getting
>some ability to inspect or influence the target
>machine.

If the target machine is not able to listen to your
influences, you ain't getting drek. If I'm a decker
and I'm building my machine, I'll be damned if I'm
going to build it to actually listen anything not
coming from my own personal link. You want to hit
me, you're going to do it through my link/icon. This
is what the books have always hinted at. This is why
IC has to trace your icon before it can report where you
are. If your I/O port was so active and easily found,
why doesn't the IC just 'go find it'?

>Maybe this means taking advantage of
>a sendmail bug, maybe it's running a password
>cracker, maybe it is overflowing a buffer until
>your code bytes hit the IP, it doesn't matter, the
>system is abstract.

Sendmail: wouldn't be on my deck
Passwords: my deck wouldn't accept logins, period
Overflowing a buffer: again, that assumes that you have some
buffer allocated to listening to some network function.

My point here is, as always, that a corp machine would indeed have
all of the above services, and thus would be susceptable to these
tactics, but there is no indication anywhere (except one novel) that
a decker may 'deck' into another decker's cyberdeck.

Prove me wrong. Show me book names and page numbers (don't just
say, 'Well I read it somewhere', show me exact page numbers)

>Once you've gotten some ability influence that
>machine, your deck displays your options to
>you.

If I turn off all ports on my workstation, there is no way you can
influence my machine from the outside. This isn't opinion, this
is fact. You cannot trick my machine to give up file lists, logins,
or anything else, because my system isn't responding to those packets
at all. Sure SR machines are different, but these are basic fundamental
security paradigms that most likely aren't going to change anytime at all.

> In SR, the state of the art UI for
>manipulating things quickly is VR, so that is what
>deckers use. You indicate what you want to do
>with this super snazzy interface, and then you
>roll a system test to see if you can do it. The
>host machine never "logged you in", it never
>provided you with a shell (IC would be on one of
>those in a second).

It listened to your signals, it responded to your calls for service.

>Read VR2.0 again. Read more modern
>computer theory. Then talk to me about what I
>don't understand, kid.

I believe we can discuss this issue without resorting to name calling.
Please be a bit more mature with your comments in the future. I'll
swallow my own temptations to respond (See, Keith? *wink*) to keep
this forum open and cooperative.

As for reading more moden computer theory, I have read plenty. Either
cite specific sources supporting your arguments, or stop trying to
act like you are god and I know nothing. Put up or shut up. :)

- Rick

Message no. 66 In a message dated 97-10-06 12:39:08 EDT, you write:

> Sendmail: wouldn't be on my deck
> Passwords: my deck wouldn't accept logins, period
> Overflowing a buffer: again, that assumes that you have some
> buffer allocated to listening to some network function.
>
> My point here is, as always, that a corp machine would indeed have
> all of the above services, and thus would be susceptable to these
> tactics, but there is no indication anywhere (except one novel) that
> a decker may 'deck' into another decker's cyberdeck.

A question of you then .. is a cyberdeck a computer ?

If this cyberdeck accepts only commands from itself then does that mean that
the decker in question has to tailor-make all of the programs for that deck ?

How does the decker keep the hard components up to SOTA if the
hard-programming is etched into the chip ? Short of hacking the code all
over again and 'burning' it onto a new chip.

There is also another mentioning of someone decking into a decker via the
cyberdeck ... within Black Madonna there is a passage that states that
without having goin into Michael Sutherland and planting certain pieces of
information or suggesting certain things, their group would have never gotten
as far and as fast as they could have. I know the passage is at the end of
one of the chapters in the book. A note, this was performed by an otaku, a
living computer.

Message no. 67 At 02:27 PM 10/6/97 -0400, Mike wrote:
>In a message dated 97-10-06 12:39:08 EDT, you write:
>
>> Sendmail: wouldn't be on my deck
>> Passwords: my deck wouldn't accept logins, period
>> Overflowing a buffer: again, that assumes that you have some
>> buffer allocated to listening to some network function.
>>
>> My point here is, as always, that a corp machine would indeed have
>> all of the above services, and thus would be susceptable to these
>> tactics, but there is no indication anywhere (except one novel) that
>> a decker may 'deck' into another decker's cyberdeck.
>
>A question of you then .. is a cyberdeck a computer ?

A computer that is tailored to a specific task, whereas a corp's computer
is much much (MUCH) more generalistic, because it has to serve clients that
might be decks, turtles, other big computers, etc. That is where standard
protocols come into play, and bugs in implementations of said protocols... :)

I can give more real world examples, mostly involving NT and linux, but I'll
digress. :) We can talk about this more in tonight's session if you want,
Mike.

>If this cyberdeck accepts only commands from itself then does that mean that
>the decker in question has to tailor-make all of the programs for that deck ?

Reading instructions from a disk is different than reading them off of a
second, foreign net connection. The two require completely disjoint sets of
coding. You can indeed have one without the other, even in today's (barbaric)
computers.

>How does the decker keep the hard components up to SOTA if the
>hard-programming is etched into the chip ? Short of hacking the code all
>over again and 'burning' it onto a new chip.

That is an interesting concept, and certainly viable even in today's
standards. (Anyone here running Dos 1.0 with PFS:Write? That's
what I started with...:) But, since I'm a player and Mike is co-GM
with Keith, I'll just say 'naaaaahh...' :)

>There is also another mentioning of someone decking into a decker via the
>cyberdeck ... within Black Madonna there is a passage that states that
>without having goin into Michael Sutherland and planting certain pieces of
>information or suggesting certain things, their group would have never gotten
>as far and as fast as they could have. I know the passage is at the end of
>one of the chapters in the book. A note, this was performed by an otaku, a
>living computer.

Keith (my GM to be, as of tonight, our first session w/me there) keeps
telling me about that. I've looked for the book in several book stores, and
have one more to hit tommorrow night before I just break down and order it
(Black Madonna). However, I'll also repeat something that was said not too
long ago, by someone who's name I forget: (This is not verbatim)

Very often the authors of novels that are 'from' an RPG's storyline
environment will break the boundaries of the game mechanics in order to
flavorize the storyline a bit more. By changing via house rules the game
mechanics, you are making the author's judgement of those tweaks valid
for more situations than what the author intended when he or she wrote
said excursions from the mechanics.

Interesting that you mention the Otaku though, this character I'm starting
tonight is one... :) (Hmmm, it works both ways. If some slot can get
into my head, then I should be able to get into his deck... Hmm... *Begin
munchkin mode* *Grin*)

Cheers,
Rick

Message no. 68 At 12:13 AM 10/6/97 -0400, Keith wrote:
>In a message dated 97-10-05 16:23:32 EDT, irvine@***.PURDUE.EDU writes:
>
>This reply situation is a bit LONG, warning all reading now ... I am also
>going to probably regret leaving this conversation "public".

Muhahahah. *wink* ;)

I'm sure we'll talk about this in person more Keith. But some folks from
the net have also been a part of this talk, so that's why I don't just
print this out and wait till tonight, heh.

>> Keith, I don't want to sound like I'm bashing you here, but I don't see
>any
>> logic to your argument. :) There exist VR connections today, and they are
>> indeed single connections. If a piece of hardware is listening to that
>one
>> connection, there isn't anything that says that hardware has to listen to
>> other connections. In fact, that would be a BAD model for building
>hardware,
>
>Actually Rick, they aren't. Multi-POV is the occurence of many upgrades that
>are occurring today. Sure, there is just the -1- phone line/access to a
>given computer, but that one access is now bleeding into numerous locales and
>functions simultaneously. What I was referring to by "one-way" is that all
>communication is two-way/bilateral in it's path. Input/Output. Oldest
>argument. Because that creates information "choke points" on the Matrix (be
>it identified as Bandwidth Overpulse, Lagtime, or Retrain Datatrail) it
>becomes multiple points where the trace can be, in theory, initiated.
> Anyplace a trace can be initiated is also a potential location for a deckers
>datapath to be entered/hacked.

I agree, but I've never seen any rules in SR, VR I, or VR II, for tracing
(ie, -interacting in any way with-) another decker's deck.

>> and I can't see a good decker doing that.
>
>Rick, go beyond the known computers and into the Gray Region.

No, no, the Grey Region is bad, it's where the GM's say 'this is the way
it's gonna be' and the players either go 'yup' or they put their shoes on
and hit the door. ;) (I have no intention of doing this in Keith's game,
even if we have differences in opinions on matrix stuff.)

>Think Neural
>Matter here. The mind generates dozens, hundreds, -thousands-, of neural
>transmissive's all at once. Anyone using a direct/ASSIST biofeedback system
>is opening a portion of those transmissive's to manipulation from beyond the
>body. Also, if you enter the concept of direct, neural-link, manipulation of
>data ... you are opening up an entirely new 'file of worms.'

Eh... otay. This is behind the deck's connection to the matrix, though,
and doesn't really interact with the argument of 'can a decker enter into
another decker's deck' argument.

>Rick (and anyone), the Matrix is a place where the informational exchange of
>a highly computerized world is processed, manipulated, and expanded upon. A
>Direct Neural link can go beyond anything that we possess in the current day.

I know, I can't wait till the day we can all slam cords into our noggins
and play Quake VII. *Grin*

> Imagine if you will a Biofeedback system that is directly linked (via ASSIST
>for example). The mind/body is always trying to monitor itself. Everytime
>one of those little actions occurs within the mind, the translated impulse
>goes to the deck/interface.

Yes, but you still only have one single connection to the I/O port. Over
that connection a stream of VR data must flow, but flowing in one single
path is all it should take.

>Imagine a system where continual feedback is
>being proto-looped through the system. If you can really, fully, grasp that
>concept, then the Otaku are easily understandable and imaginable. ICe is
>performably conceivable. And hacking another's user's deck is only the first
>step in a series of powerful, long developments.

Your use of the word 'system' here is a bit vague, and which 'system' you
mean is critical to the logic I think. I'll assume you mean the cyberdeck.
However, you seem to be dodging my main point: That a cyberdeck is a fine
tuned machine that wouldn't have the ability for other machines to contact
it installed.

Here's another example: A sega game system. This IS a computer, one which
could indeed have an ethernet card put on it, so that it could talk to other
sega game systems. Now, can your cyberdeck gain access to the data on the
chip that exists on the cartridge stuck in the Sega at that time? I doubt
it. Why? Because the Sega has no way of spitting up that data and putting
it on the wire, so you can't trick it to do that.

Here's something I assert is an unrefutable fact:

You cannot trick a machine to do what it wasn't designed to do.

Now, while you can indeed upload files, and while you CAN trick the deck into
doing commands through the guy's -icon- (hog, et al), where is the evidence,
other than a single passage in a novel, that you can directly interact with
a person's deck and trick it to respond to such commands?

(snipped stuff about holes in hardware)
>I was aware of what you are speaking of. And those very holes you are
>pointing out in one method, are the same holes that exist (at least likely
>so), in the Matrix Environs of SR fiction.

That imho is what the Attack program is doing, it is looking for known holes
and abusing them. But this still happens through the icon... :)

>> Why would a cyberdeck listen to any requests coming in from that point?
>> This
>> is like saying "I have a dos machine, and even though it is running a
>> program
>> already, I'm going to use my Computer(8) skill to make it run four more
>> programs." You can't use hacking skills to make hardware do what it
>wasn't
>> designed to do, ie serve incoming network connections.
>
>Oh really? Look very carefully at the Retrain Datatrail operations test in
>VR2. That is exactly what you are telling things to do. Your example is far
>from comparable in the situation at hand.

Ah, now we've hit upon a pile of bones that directly translates to today's
computers. What is being referring to here are actually two different
things: The path your IP packets traverses to get to the target host (this
is a very low-level thing, something the software on your cyberdeck wouldn't
see at all, it just sees the connection) and the path one takes from logging
onto various LTGs and hosts to get to where-ever it is you want to get to.
In today's terms, that would mean telnetting from Host A to host B, to Host C
to host D, so that someone tracing you would have to trace each host. VR II's
retrain datatrail isn't clear about which of these it is trying to be akin to.
One is very low level and is mostly for performance, the other could also be
for performance but also for throwing off traces.

I don't have VR II here in front of me, so I can't look up the wording on
Retrain Datatrail, but that still is a command coming from the decker using
the deck, not from some distant computer talking to it over the Matrix.
I'll look up the wording and get back to everyone on this issue.

>> I will agree with Mike Bobroff, though, that you could indeed throw a
>trace
>> & report on a decker, figure out which LTG point he is coming in from, and
>> deck into the machines of the company controlling that I/O port. If you
>> could
>> gain access to that computer, you could do a crash or shutdown and cut the
>> decker off. (I can't count the number of times my link's been cut by my
>> ISP's machines doing the network-technicolor yawn.)
>
>Ya know, you have just said the very thing that makes all of this possible.

Note I said you could throw a trace on the decker, I meant his ICON, not his
I/O port.

After you trace and report, what do you have? You have a link into the
guy's computer. Trace just finds the deck, it's the report that lodges
an open connection into the deck, like hog does to do its stuff. Having
to T&R someone in order to deck into their deck is still very different from
just finding the I/O on your own, without ever having to find the decker
(which is what I hear here)

> Rick, a suggestion. Try using 'real world' computer demographics to
>originate the abilities of the SR2 'matrix demographics', don't use it to
>base things wholy upon. You'll discover it's simply not compatible.

There are paradigms and concepts that are 30+ years old that are still
very often used daily in modern computers. The concepts I've been referring
to are imho fairly static and stable network security concepts. I don't see
them changing in the future. Ie: The more network services you offer (ie,
logging on, etc), the less secure your system is. If you want your computer
(any type of computer) to be wizzer secure, you don't have those network
services in place.

>You
>made the comment the other night about AOL occasionally glimpsing into my
>hard drive when I'm online. Well Merry - Bleeding - XFiles - Christmas.

Again, they are going through your icon, because you are logged into their
system. :) Let's twist this around using your own argument. Your saying
that I, sitting at my workstation on the network, could gain access to your
hard drive, even if you are only dialed into AOL and not into a full net
connection. Bulldrek. :) In order for me to do that, I'll have to hack
AOL's host that you are dialed into (remember, I said in a previous post that
I saw it ok to dial into a decker's I/O port's host and shut it down, etc)
and take control of the program that scans HD's. Even then, you still have
to -be on AOL- yourself for me to do that.

> That action is happening without any notification to the user at the time it
>is happening. Because I don't have a program to recognize such activity.
> However, if you run things like Wintune and know what you are looking for
>and have LOTS of time to waste, you'll know it when you see it. Access, be
>it legal or illegal, has many hiccups. If you illegally gain access to AOL
>for example, and use it's machines as your system servers (chuckle there for
>a moment), but you don't tell AOL that ... then the system will simply treat
>you as a common user and perform all the logical, legal, activities upon your
>machine (even if you are illegally accessing). All without informing you of
>crap, diddly or kitty litter coupons. And btw, do NOT attempt such stunts on
>AOL or Purdue (which is where you are from). Purdue has total authority
>access to it's hardware. NOT a single bit of that processing power is public
>access. Neither is AOL for that matter. In fact, as far as I can tell,
>there are no global access systems that are 'public' owned. All of it
>belongs to someone else. Sure, email is protected ... but what about what is
>behind those letters???

*Boggle* Keith if you are even suggesting that I would do such things, then
you really DON'T know me well at all. :) Just so that everyone else on this
list doesn't get the bad idea about me, I *LOVE* working at Purdue, I would
have killed for this job. It was either this one or at a DoD corp where a
friend of mine is working. That was in Feburary, my friend is now looking
for another job due to being so unhappy with the DoD company, and I'm sitting
pretty where I am. I'd never do anything akin to decking at all, no way.
I like where I am thankyouverymuch. :)

>See below after you request ... then you can shudder all you want ... time to
>join the big boys Cheetah (Knowing Grin- Evil is Beyond Reproach)

I can't repeat what all I've heard your games called, Keith. It would be
bordering on slamming you, and I don't want to do that. ;) I'm trying to
have an open mind about them, and so far other than this matrix thingie
it doesn't appear too bad.

>> I've also read about something called the "Great Ghost Dance", yet I
don't
>> see mages tossing it around daily... If I do, I'm going to just pull my
>gun,
>> put it to my mouth, flip off the heavens, and blow my character's brains
>> out. :)
>
>Give the Mana Curve time Rick. It will come...

I've got that streetline special tucked in the small of my back with one
bullet in it, just for that day...

>> Tell you what, if you guys really believe these logical stances with such
>> strong convictions, why not post some solid game mechanics here? This is
>> the flip side to my 'bitch coin'. :) Some of the logic I've seen on here
>> defies rational computer logic (I am NOT cracking on anyone, we each have
>> different sets of knowledge of different types of computers). The rest
>> seems to really defy the logic of the game mechanics. Let's see some
>solid
>> rule suggestions on this kind of stuff and see if we can get it balanced.
>> I'll be a lot less grumbling and less grumpy about this if I see a truly
>> -balanced- system, where the decker can take countermeasures to having
>every
>> GM-spawn decker in the world just trompse into my head (this is my otaku
>> char I'm thinking about) and go 'ooh, look, pretty brains *scramble*'.
>
>Rick, the rules to perform this already exist within the confines of VR2 and
>the SR universe as a whole. It is merely changing the perceptual POV. Who
>is the target? The company mainframe or the decker who's breaking into it?
> Once you can think from another point of view, then ask yourself something.

I've tried looking through other peoples' points of view. Mike Bobroff and
I were successful in coming to an agreement, so were some of the others.

I guess my point here is, if a cyberdeck and hosts were meant to be work the
same way, wouldn't they have been given similar game mechanics? Wouldn't
a terminal have the same stats as a billion-nuyen host machine? Why don't
they? *Smile*

What is IntSec? Intelligence/Security? To me that means being jacking in,
patrolling the hosts, maintaining the IC, etc. (Woops, this is for below)

> Just what does Prophet do in his spare time? IntSec for Fuchi ... think for
>a moment ... Hefner (the GM for a game here) knows, he just doesn't want to
>inform the rest of his game world (aka, you guys).

We simply don't have enough people in that group who have sold their soul to
the corps. :) (That's like what, 4 or 5 out of 10?) One of these days I can
see Jason being the Ultimate Bastard and giving each of us conflicting orders.
Like: "Cheetah, WarTech orders you to take out this guy named Prophet."
"Prophet, Fuchi orders to hire some guns to kill this guy named Cheetah"
*Grin*

>-Keith (who is more than just a knowledgable GM)
Yup, in RL he's also the Yellow Power Ranger. ;)

Cheers,
Rick

Message no. 69 In a message dated 97-10-06 12:39:12 EDT, irvine@***.PURDUE.EDU writes:

> Sendmail: wouldn't be on my deck
> Passwords: my deck wouldn't accept logins, period
> Overflowing a buffer: again, that assumes that you have some
> buffer allocated to listening to some network function.
>
> My point here is, as always, that a corp machine would indeed have
> all of the above services, and thus would be susceptable to these
> tactics, but there is no indication anywhere (except one novel) that
> a decker may 'deck' into another decker's cyberdeck.
>
> Prove me wrong. Show me book names and page numbers (don't just
> say, 'Well I read it somewhere', show me exact page numbers)
>
>
Rick, you don't want to proved wrong, you are too busy proving yourself
right. LET GO OF THE BONE!!!!

Very well Rick, I'll prove you wrong, I'll prove you wrong tonight no less,
that is, unless you aren't interested...
-Keith

Message no. 70 In a message dated 97-10-06 15:26:43 EDT, irvine@***.PURDUE.EDU writes:

> Reading instructions from a disk is different than reading them off of a
> second, foreign net connection. The two require completely disjoint sets
of
> coding. You can indeed have one without the other, even in today's (
> barbaric)
> computers.
>
I'll will respond to this one and one thing only here. You are not correct,
you are overexemplifying. The example comes tonight, with no digression, no
pain, no manipulation (unless you use Gabriel's Definition of a
Manipulation).
-Keith

Message no. 71 In a message dated 97-10-06 17:17:33 EDT, irvine@***.PURDUE.EDU writes:

> I agree, but I've never seen any rules in SR, VR I, or VR II, for tracing
> (ie, -interacting in any way with-) another decker's deck.

Then you didn't pay very close attention to the Track Program.

> >Rick, go beyond the known computers and into the Gray Region.
> No, no, the Grey Region is bad, it's where the GM's say 'this is the way
> it's gonna be' and the players either go 'yup' or they put their shoes on
> and hit the door. ;) (I have no intention of doing this in Keith's game,
> even if we have differences in opinions on matrix stuff.)

We'll see... ;)

> Eh... otay. This is behind the deck's connection to the matrix, though,
> and doesn't really interact with the argument of 'can a decker enter into
> another decker's deck' argument.

Actually it does ... someone walks up to you, Rick Irvine, pats you on the
shoulder at work (you didn't see them coming) and says ... "hey guy, do you
know what time it is?"...even by responding to the person by merely shrugging
your shoulders and ignoring them is creating an open door for additional
response and stimuli correspondence. Cyberdecks are the same way. So much of
their information is placed into Symbolic Reference instead of Sybolic
Reference in SR terms. By allowing for response stimuli to occur, you open
the doors (that's your first key btw).

> I know, I can't wait till the day we can all slam cords into our noggins
> and play Quake VII. *Grin*

Neither can, -JUST- so I can walk up, pat you on the mental shoulder and say
"Hiya Rick, Got the time...?"

> Yes, but you still only have one single connection to the I/O port. Over
> that connection a stream of VR data must flow, but flowing in one single
> path is all it should take.

One single path, multiple wavelengths, multiple directions, even looped
within a conversant "non-directional" path.

> Your use of the word 'system' here is a bit vague, and which 'system' you
> mean is critical to the logic I think. I'll assume you mean the
cyberdeck.
> However, you seem to be dodging my main point: That a cyberdeck is a fine
> tuned machine that wouldn't have the ability for other machines to contact
> it installed.

Actually Rick, this is where you are NOT listening/reading. A cyberdeck is a
fine tuned machine that DOES and HAS to have the ability for other machines
to contact, if installed. Otherwise, it is a one-way only output (NOT input)
device. And btw, by system I refer to "Matrix" (trademark held by FASA).

> Here's another example: A sega game system. This IS a computer, one which
> could indeed have an ethernet card put on it, so that it could talk to
other
> sega game systems. Now, can your cyberdeck gain access to the data on the
> chip that exists on the cartridge stuck in the Sega at that time? I doubt
> it. Why? Because the Sega has no way of spitting up that data and
putting
> it on the wire, so you can't trick it to do that.

Actually, you can now. Better go looking through the net ads again Rick.
It's called a decompiler, I once worked for a guy here in Lafayette (loved
him to death, good guy) who made such little monsters. He did it to a game
once just so he could perform some alteratiosn to his HOME system. He used
to do for a mainstay language and sell the decompiled files to others. Rick,
you are still not going beyond your world guy.

> Here's something I assert is an unrefutable fact:
> You cannot trick a machine to do what it wasn't designed to do.

Really? Tell me then what a telephone is designed to do?

> Now, while you can indeed upload files, and while you CAN trick the deck
> into
> doing commands through the guy's -icon- (hog, et al), where is the
evidence,
> other than a single passage in a novel, that you can directly interact
with
> a person's deck and trick it to respond to such commands?

Please read "Tar Pit" on page 43 of VR2 and "Black ICe" on page 47.
Now go
look at "Black Hammer" on page 131. Rick, you wanted page numbers, time to
make connections beyond a simple paragraph and a simple page change.

> (snipped stuff about holes in hardware)
> >I was aware of what you are speaking of. And those very holes you are
> >pointing out in one method, are the same holes that exist (at least
likely
> >so), in the Matrix Environs of SR fiction.
>
> That imho is what the Attack program is doing, it is looking for known
holes
> and abusing them. But this still happens through the icon... :)

"I have a Track Program 8" says Prophet, let's go chat in -YOUR- Tea Room.

> >Oh really? Look very carefully at the Retrain Datatrail operations test
in
> >VR2. That is exactly what you are telling things to do. Your example is

> far
> >from comparable in the situation at hand.
>
> Ah, now we've hit upon a pile of bones that directly translates to today's
> computers. What is being referring to here are actually two different
> things: The path your IP packets traverses to get to the target host
(this
> is a very low-level thing, something the software on your cyberdeck
wouldn't
> see at all, it just sees the connection) and the path one takes from
logging
> onto various LTGs and hosts to get to where-ever it is you want to get to.
> In today's terms, that would mean telnetting from Host A to host B, to
Host
> C
> to host D, so that someone tracing you would have to trace each host. VR
II'
> s
> retrain datatrail isn't clear about which of these it is trying to be akin

> to.
> One is very low level and is mostly for performance, the other could also
be
> for performance but also for throwing off traces.

Actually, with a software "flagger", you can see exactly all of this with
your machine. And with a bit of patience, you can design a "cookie" to ONLY
go to certain machines along certain paths. That's how it's done ultimately.

> >Ya know, you have just said the very thing that makes all of this
possible.
>
> Note I said you could throw a trace on the decker, I meant his ICON, not
his
> I/O port.

And if you monitor communications along a transmission node you can then pull
a trace/track upon a given dataflow. Hell, you can even have the system/node
in question tell you where it's getting the information yourself.

> There are paradigms and concepts that are 30+ years old that are still
> very often used daily in modern computers. The concepts I've been
referring
> to are imho fairly static and stable network security concepts. I don't
see
> them changing in the future. Ie: The more network services you offer (ie,
> logging on, etc), the less secure your system is. If you want your
computer
> (any type of computer) to be wizzer secure, you don't have those network
> services in place.

Or you take the next step through the door.

> Again, they are going through your icon, because you are logged into their
> system. :) Let's twist this around using your own argument. Your saying
> that I, sitting at my workstation on the network, could gain access to
your
> hard drive, even if you are only dialed into AOL and not into a full net
> connection. Bulldrek. :) In order for me to do that, I'll have to hack
> AOL's host that you are dialed into (remember, I said in a previous post
> that
> I saw it ok to dial into a decker's I/O port's host and shut it down, etc)
> and take control of the program that scans HD's. Even then, you still
have
> to -be on AOL- yourself for me to do that.

Rick, I highlighted a single word from your paragraph just above this. It's
HACK...you just said what is part of the final door to step through. It's
what I meant by Computer comparisons. Rick, you aren't a hacker, nor do you
like the idea in a real world sense. A Hacker/Decker is someone who goes
beyond what is in front of him/her (hell, it might even be an IT if Dr.
Halbersteim has his way) and determinably goes and finds what is behind the
doors, even the doors that say "Employees Only".

> *Boggle* Keith if you are even suggesting that I would do such things,
then
> you really DON'T know me well at all. :) Just so that everyone else on
this
> list doesn't get the bad idea about me, I *LOVE* working at Purdue, I
would
> have killed for this job. It was either this one or at a DoD corp where a
> friend of mine is working. That was in Feburary, my friend is now looking
> for another job due to being so unhappy with the DoD company, and I'm
> sitting
> pretty where I am. I'd never do anything akin to decking at all, no way.
> I like where I am thankyouverymuch. :)

Rick, I never suggested you would do such a thing actually, I was implying
that you are being watched as well. You know that, I know that...Big Brother
is just the beginning.

> I can't repeat what all I've heard your games called, Keith. It would be
> bordering on slamming you, and I don't want to do that. ;) I'm trying to
> have an open mind about them, and so far other than this matrix thingie
> it doesn't appear too bad.

No Rick, you are now though.

> I've got that streetline special tucked in the small of my back with one
> bullet in it, just for that day...

And I've got that tube of funny glue with which it's lined. If you
(character wise) aren't going to be brave enough to see it alone, then you'll
watch it with someone else holding your hand.

> I've tried looking through other peoples' points of view. Mike Bobroff
and
> I were successful in coming to an agreement, so were some of the others.
>
> I guess my point here is, if a cyberdeck and hosts were meant to be work
the
> same way, wouldn't they have been given similar game mechanics? Wouldn't
> a terminal have the same stats as a billion-nuyen host machine? Why don't
> they? *Smile*

Because then the game designers would have to admit that a corporate machine
is basically a bread-boarded, overpowered, cyberdeck. And Rick, they do....

> What is IntSec? Intelligence/Security? To me that means being jacking in,
> patrolling the hosts, maintaining the IC, etc. (Woops, this is for below)

Then I'll wait until 'below.'

> We simply don't have enough people in that group who have sold their soul
to
> the corps. :) (That's like what, 4 or 5 out of 10?) One of these days I
can
> see Jason being the Ultimate Bastard and giving each of us conflicting
> orders.

And he will, especially when that -other- situation comes to the front. Give
it time...

> Like: "Cheetah, WarTech orders you to take out this guy named Prophet."
> "Prophet, Fuchi orders to hire some guns to kill this guy named Cheetah"
> *Grin*

But you don't have everything on Cheetah on paper do ya? I know I don't have
everything for Prophet. Like their soul....those corporate nutsos in Jason's
game don't know what it's like to be "buying souls". Do you know why?
Because the guy behind it doesn't know how to see into his own....

(btw, the immediately previous was in character mode after the word
"Prophet")

> >-Keith (who is more than just a knowledgable GM)
> Yup, in RL he's also the Yellow Power Ranger. ;)

Nope, he's the one playing Joseph, and his suit's in Technicolor......
-Keith

Message no. 72 Rick J. Irvine wrote:
|
| I agree, but I've never seen any rules in SR, VR I, or VR II, for tracing
| (ie, -interacting in any way with-) another decker's deck.

Oh man, I had managed to stay out of this until now.

If combat on the matrix between to deckers isn't interaction between their
decks, what is? I may have taken your comment out of context. If so I
apologize. If not...

| >-Keith (who is more than just a knowledgable GM)
|
| Yup, in RL he's also the Yellow Power Ranger. ;)

Now there's an image :)

-David
http://www.geocities.com/TimesSquare/1068/homepage.htm
--
"Creativity is allowing yourself to make mistakes. Art is knowing
which ones to keep."

Message no. 73 At 07:01 AM 10/7/97 -0600, you wrote:
>Rick J. Irvine wrote:
>|
>| I agree, but I've never seen any rules in SR, VR I, or VR II, for tracing
>| (ie, -interacting in any way with-) another decker's deck.
>
>Oh man, I had managed to stay out of this until now.
>
>If combat on the matrix between to deckers isn't interaction between their
>decks, what is? I may have taken your comment out of context. If so I
>apologize. If not...

My comment was poorly constructed. The argument here is that Some Folks (tm)
believe that you can hit a decker's deck NOT through his icon, but through
the physical I/O port he or she is coming into the matrix from, in essence,
treating your own cyberdeck as if it were a corp machine. Ie, someone could
Access Test/Sleaze into your deck while you were running, and perform system
tests on it, such as stealing your files, wiping programs, crashing the deck,
etc. I won't rehash each side's views on this subject, both sides have said
their peace more than a few times. :)

Cheers,
Rick

Message no. 74 I snipped this entire big honkin' letter, after I wrote up a response to
each item. Seems we're picking at points here instead of trying to come
to some semblance of a common area of acceptance. So instead of replying
to each thing, I'll list some shorter points here, and see what other
people think:

1. Because programs like Hog exist, it should be conceivable that a decker
could write a program to launch at a target decker's icon that would
do things like spit back up a list of files, upload said files, etc.
Such programs could even do things like force a cold deck hot (I
personally LOVE that idea, kudos I think to Keith who thought it up),
really mess with the ASSIST, etc. Maybe even force the other decker's
deck to perform some self-inflicting commands.
(I think we all are in agreement on this one, giving it the thumbs up)

2. Some folks state that your cyberdeck has its own presence in the matrix,
and thus could be targetted without needing to find said target decker's
icon. Thus you could launch Nasty Programs into said cyberdeck with the
poor slot being virtual miles away from his deck.
(We aren't in agreement on this one)

3. Some folks state that you should be able to deck into another person's
cyberdeck, as if it were a corp computer. Ex: using an Access System
Test+Sleaze to get in, using File system tests to grab files, or wipe
programs, etc.
(We aren't in agreement on this one, and it scares the bejesus out of
my otaku. :)

Anyone else have any thoughts on these topics? I think Keith, Mike Bobroff,
and myself would all like to see definitive unbreakable-logic arguments one
way or the other on any of these.

Cheers,
Rick

Message no. 75 >2. Some folks state that your cyberdeck has its own presence in the matrix,
> and thus could be targetted without needing to find said target decker's
> icon. Thus you could launch Nasty Programs into said cyberdeck with the
> poor slot being virtual miles away from his deck.
> (We aren't in agreement on this one)

Hmm ... I can see how this could be thought.
After all, a cyberdeck is basically an I/O port of a type.
However, I'm of the opinion that the decker's icon contains that I/O port as
sort of a mobile SAN
I think that if you do rule that the cyberdeck has a Matrix presence, you
should also allow the decker to add ice, or even Camo the SAN.
Any decker worth his salt is never gonna go on a Matrix run until his
homebase is safe.

Actually, you might even consider that the decker IS the IC on the
cyberdeck's SAN.
"Sure you can deck the deck, but first you have to get through this
reaaaaalllllllly nasty smartframe named Bull!"

>3. Some folks state that you should be able to deck into another person's
> cyberdeck, as if it were a corp computer. Ex: using an Access System
> Test+Sleaze to get in, using File system tests to grab files, or wipe
> programs, etc.
> (We aren't in agreement on this one, and it scares the bejesus out of
> my otaku. :)

I'd rule, (and have ruled) that if the decker is active on the deck, then he
can automatically defend his deck.
After all,a cyberdeck is really just one host node, and IC in a single node
can easily detect and activate.
I have no idea what kind of security tally a cyberdeck would have.
Maybe the decker's perception?

Steven A. Tinner
bluewizard@*****.com
http://www.ncweb.com/users/bluewizard
"Waxing pathetic"

Message no. 76 At 11:08 AM 10/7/97 -0400, Steve wrote:
>I have no idea what kind of security tally a cyberdeck would have.
>Maybe the decker's perception?

Mine would look like this:
0 - no alarm
1 - launch smart frame with blackhammer-8, trace-8, and acid-8 (or the one
that sucks the Bod out of the persona if that's the wrong one)
2 - launch another one
3 - launch another one...

;)

Cheers,
Rick

Message no. 77 On Tue, 7 Oct 1997, Rick J. Irvine wrote:

[snippage]

> 1. Because programs like Hog exist, it should be conceivable that a decker
> could write a program to launch at a target decker's icon that would
> do things like spit back up a list of files, upload said files, etc.
> Such programs could even do things like force a cold deck hot (I
> personally LOVE that idea, kudos I think to Keith who thought it up),
> really mess with the ASSIST, etc. Maybe even force the other decker's
> deck to perform some self-inflicting commands.
> (I think we all are in agreement on this one, giving it the thumbs up)

Yeah, that's reasonable.

> 2. Some folks state that your cyberdeck has its own presence in the matrix,
> and thus could be targetted without needing to find said target decker's
> icon. Thus you could launch Nasty Programs into said cyberdeck with the
> poor slot being virtual miles away from his deck.
> (We aren't in agreement on this one)

I think that might be possible. Using an analogy from today,
there are a few programs out there that will do nasty things to
people running Microsoft operating systems if they have not
installed the relevant patches (I'm referring to winnuke for
the enlightened).

> 3. Some folks state that you should be able to deck into another person's
> cyberdeck, as if it were a corp computer. Ex: using an Access System
> Test+Sleaze to get in, using File system tests to grab files, or wipe
> programs, etc.
> (We aren't in agreement on this one, and it scares the bejesus out of
> my otaku. :)

Not unless the decker has specifically set his system up to
allow outside connections. That would probably mean that the
decker has some service such as an email server or somesuch
running on his deck, and opposing deckers would hack their
way in through that software. Otherwise, I think the deck
is safe. Let's look at it in the context of today. If you
are running for example (god forbid, but I won't go into
that right now) Windows 95 on your machine, and you connect
to the Internet, unless you have setup a telnet server, or
some other service, people are not going to be able to just
log onto your machine. The same should apply to decks,
IM(NS)HO.

-Mark

Message no. 78 At 06:22 PM 9/30/97 -0500, losthalo wrote:
>
>Frankly, SR has never really described much about what computers *DO* besides
>present targets for deckers. We have no idea how much processing power 50 MP
>represents on a wrist comp, or how much headware memory is worth to the owner
>aside from how many knowsofts and such he can hold...

I agree - with computers and information playing such a major role in SR,
this is a major omission.
Why can't you plug a few Gp of read-only datachips containing matrix code
into your deck as on-line storage?
What about memory makes it take weeks to plug in a high-capacity active
memory chip (or even virtually impossible)?
Why can't a decker copy and re-sell these multi-thousand-nuyen utilities at
pure profit? Do they normally come with source code?
Why is the pocket secretary so much cheaper than a 100Mp pocket computer,
and lighter?
Why is computer memory so expensive? eg. basic Data Display Unit costs 20
000 nuyen.
Is the Mp figure chosen for computers the total storage amount, or just RAM
equivalent?

> Even the 1MP ~
>2 Megabytes of info that I once got informally from Tom Down doesn't tell you
>much.

Well, it tells you how far backward technology has gone in the next 60 years
:-)

Traveller suffered from the same problem.

I calculated about the same ratio from the size of 1 Gp worth of book info
in the "Hermetic Libraries" section of the BBB.

My computer in 1997 therefore has 16 Mp active memory, and 2500 Mp of
storage, and (at 1 nuyen ~= US$1) costs about 800 =Y=. I could add memory
at about
6 =Y= per Mp.

> How big is your average word processor, or spreadsheet program now?
>What sort of programs are run on PCs, let alone mainframes?

Can deckers multitask on their decks? eg. listen in on a commcall while
doing other stuff.

> It's left so vague
>the GM must ad-lib it completely, really... This is one of CP2020's
advantages
>over SR. Prices listed and memory sizes for ICE. So you can ice your
deck if
>you want to, or what-have-you. It does a better job of giving a feel that
>computers do something other than hold info for deckers to steal, this is
what
>SR needs for decking, something that should have found its way into VR 2.0.

I agree completely.

--
Little One

Message no. 79 Rick J. Irvine[SMTP:irvine@***.PURDUE.EDU] wrote:
> 1. Because programs like Hog exist, it should be conceivable that a decker
> could write a program to launch at a target decker's icon that would
> do things like spit back up a list of files, upload said files, etc.
> Such programs could even do things like force a cold deck hot (I
> personally LOVE that idea, kudos I think to Keith who thought it up),
> really mess with the ASSIST, etc. Maybe even force the other decker's
> deck to perform some self-inflicting commands.
> (I think we all are in agreement on this one, giving it the thumbs up)
>
Yup ..

> 2. Some folks state that your cyberdeck has its own presence in the matrix,
> and thus could be targetted without needing to find said target decker's
> icon. Thus you could launch Nasty Programs into said cyberdeck with the
> poor slot being virtual miles away from his deck.
> (We aren't in agreement on this one)
>
> 3. Some folks state that you should be able to deck into another person's
> cyberdeck, as if it were a corp computer. Ex: using an Access System
> Test+Sleaze to get in, using File system tests to grab files, or wipe
> programs, etc.
> (We aren't in agreement on this one, and it scares the bejesus out of
> my otaku. :)
>

Ok ... I think you can. I think we agree that it is not the same as
decking a 'mainframe'. There is more work to be done and more 'invalid'
methods of access.... I've been thinking about the processing of the
matrix. Here is a hypothesis. All decker go no further than their deck.
Their perception is held entirely within the virtual world within the
deck. When they run, it becomes plain old client server. Server sends
details of the node pic to the deck, the deck then builds the view for
the decker. The decker interacts with the node in the deck and that is
sent back to the server (this is very simplistic example... but the idea
is the same...). So at any time a decker fights another decker it is
only deck to deck. Does this sound reasonable?
Using this reasoning ... it means that attacking an icon, or the deck is
the same.... (the deck will build the attacker in to the current view
the decker has......). Yes, no, maybe?
Something to think about. What happens when miss decker unplugs from he
deck, but leaves it connected to the matrix? Will it disconnect itself
(ok, almost all deckers this will be SOP, but what about a pleb or wage
slave who doesn't care about security)

> Anyone else have any thoughts on these topics? I think Keith, Mike Bobroff,
> and myself would all like to see definitive unbreakable-logic arguments one
> way or the other on any of these.
>
No such thing.... :-P
The above seems reasonable to me (and may be stated elsewhere ...) and
workable .... suggestions?

Michael.

--
What's the difference between a duck? One of it's legs are both the
same.

Message no. 80 At 09:03 10/8/97 +1100, you wrote:

>I agree - with computers and information playing such a major role in SR,
>this is a major omission.
>Why can't a decker copy and re-sell these multi-thousand-nuyen utilities at
>pure profit?

Who says he can't? Have him run a few tests to defeat the copy protection,
and viola. However, he probably wouldn't be looked on very highly for
Selling them.

>Do they normally come with source code?

This is covered in VR2.

>Why is the pocket secretary so much cheaper than a 100Mp pocket computer,
>and lighter?

Shitty components :)

>Can deckers multitask on their decks? eg. listen in on a commcall while
>doing other stuff.

Several examples of this in SR fiction are givin, I believe. My answer:
Why the hell not?
I could talk on Iphone and run Word at the same time, one thinks someone
could do that in 205x much more easily.

I have quite a few pages of Non-Decker computer stuff written out, just not
on the computer. When I have some *cough*time*cough* I'll type it up.

-Aj

-
http://shadowrun.home.ml.org \ TSS Productions \ The Shadowrun Supplemental
ShadowRN Assistant Fearless Leader \ WildAngle@******** \ fro@***.ab.ca
From The Jury's Bench: http://www.interware.it/shadowrun/jurybench

Message no. 81 In a message dated 97-10-07 10:53:51 EDT, irvine@***.PURDUE.EDU writes:

<snipped Rick's "3 Ideas", which were nice.>

> Anyone else have any thoughts on these topics? I think Keith, Mike
Bobroff,
>
> and myself would all like to see definitive unbreakable-logic arguments
one
> way or the other on any of these.
>

Yes, I believe we would. Actually, all of us would probably like something
on this nature. We all sit at our computers goofing around on the RN and
lord only know's where else. The Decker should be resurrected still further,
IMCOMPLETELY BLATANTO.
-K

Message no. 82 In a message dated 97-10-07 12:57:17 EDT, mark@******.NET writes:

> > 3. Some folks state that you should be able to deck into another person's
> > cyberdeck, as if it were a corp computer. Ex: using an Access System
> > Test+Sleaze to get in, using File system tests to grab files, or wipe
> > programs, etc.
> > (We aren't in agreement on this one, and it scares the bejesus out of
> > my otaku. :)
>
> Not unless the decker has specifically set his system up to
> allow outside connections. That would probably mean that the
> decker has some service such as an email server or somesuch
> running on his deck, and opposing deckers would hack their
> way in through that software. Otherwise, I think the deck
> is safe. Let's look at it in the context of today. If you
> are running for example (god forbid, but I won't go into
> that right now) Windows 95 on your machine, and you connect
> to the Internet, unless you have setup a telnet server, or
> some other service, people are not going to be able to just
> log onto your machine. The same should apply to decks,
> IM(NS)HO.

Would everyone quit looking at the "current context" ideas? I am NOT talking
about turning on a machine from afar (though a camera and a magic fingers
spell do wonderful things). I am talking about Sleezing/Accessing down the
access port while a deck is still operating. It (the deck) while it is in
operation IS accepting information from "everywhere" at once. That's part of
the Sensors' program job, to determine miscellaneous stimuli from a given VR
environ.

I am also not talking about a "modern machine" as I am not certain there are
many people out there that have a "Masking Attribute" on their computer.
Once that attribute is put into the mix of things, a LOT of things become
possible.
-Keith

Message no. 83 In a message dated 97-10-07 11:11:03 EDT, irvine@***.PURDUE.EDU writes:

> >I have no idea what kind of security tally a cyberdeck would have.
> >Maybe the decker's perception?
>
> Mine would look like this:
> 0 - no alarm
> 1 - launch smart frame with blackhammer-8, trace-8, and acid-8 (or the one
> that sucks the Bod out of the persona if that's the wrong one)
> 2 - launch another one
> 3 - launch another one...
>
Okay, what an idea. Actually, run a parallel deck or a Virtual Deck, having
it do the "watch dogging" for ya. Use the "Security Sheathe" design
ideas,
with the player getting as nasty ast he GM will allow. Besides, it'll really
chew up the design and construction and cook times....

-Keith

Message no. 84 In a message dated 97-10-07 11:06:25 EDT, bluewizard@*****.COM writes:

<snipped Rick's "#2 Idea, which is attacking a deck at the IO port>

> Hmm ... I can see how this could be thought.
> After all, a cyberdeck is basically an I/O port of a type.

Getting closer....

> However, I'm of the opinion that the decker's icon contains that I/O port
as
> sort of a mobile SAN
> I think that if you do rule that the cyberdeck has a Matrix presence, you
> should also allow the decker to add ice, or even Camo the SAN.

Actually, you can. A favorite tactic of my veteran players, after they got
jumped via their I/O access, was to leave a Smart Frame, a Sprint (with the
new rules) or even a second deck (probably a lower powered one with high
sensors and Analyze running) at the sight. Something showed up, the "guard
dogs" were there and waiting.

> Any decker worth his salt is never gonna go on a Matrix run until his
> homebase is safe.

Very, Very True...but you're friends and those damn make-up kits...

> Actually, you might even consider that the decker IS the IC on the
> cyberdeck's SAN.

A nice, collected, way of looking at it, yes....

> "Sure you can deck the deck, but first you have to get through this
> reaaaaalllllllly nasty smartframe named Bull!"

Oh YEAH!!! And make it tall, and furry, and white, and dripping blood from
those "big nasty teeth" and give it a pet rabbit...
-Keith

Message no. 85 on 01.10.97 irvine@***.PURDUE.EDU wrote:

[Client != Server in the Matrix]
i> >Yes. But then you have the smart decker, write some code that makes the
i> >target (deck) think the access to it's CPU is needed by a server (really
i> >a deck). Our smart decker now has access to your deck.,...
i> >So you are correct, but that does not stop the deckers from accessing
i> >your deck (unless you make it so they cant....)
i>
i> Not cracking on you, but I don't understand what you're trying to say
i> here. If a computer that attaches to a network does not have the 'server'
i> services built into it, when deck 2 tries to log onto deck 1, deck 2 is
i> just going to get 'hey, I can't connect to anything'. There isn't any
i> real way that deck 2 is going to foll deck 1 into letting deck 2 log on,
i> because deck 1 doesn't HAVE the ability to let a 'client' computer (deck 2)
i> log onto it.
i>
i> That make sense? :)

It does, but IMO isn't correct. The server (node) alwys runs programs on
the deck. Things like the graphics it uses and your good ol' ICE. Now, one
of these programs could be a simple host-program (it wouldn't need anythig
but the basics. No 'sendmail', ro other tools. Maybe not even
multitasking) and you're in.

Tobias Berghoff a.k.a Zixx a.k.a. Charon, your friendly werepanther physad.

-----BEGIN GEEK CODE BLOCK------------
GAT/CS/S/IT d--- s+:- !a>? C++(++++)
UL++(++++) P+ L++ E W+ N+(+++) o? K?(-)
w---() O- M-- V- PS+ PE- Y+>++ PGP-
t+(++) 5+ X++ R* tv b++ DI(+) D++ G>++
e>+++++(*) h! r-- z?
------END GEEK CODE BLOCK-------------

Message no. 86 At 11:47 AM 10/8/97 GMT, Tobias wrote:
>on 01.10.97 irvine@***.PURDUE.EDU wrote:
>
>[Client != Server in the Matrix]
>i> Not cracking on you, but I don't understand what you're trying to say
>i> here. If a computer that attaches to a network does not have the 'server'
>i> services built into it, when deck 2 tries to log onto deck 1, deck 2 is
>i> just going to get 'hey, I can't connect to anything'. There isn't any
>i> real way that deck 2 is going to foll deck 1 into letting deck 2 log on,
>i> because deck 1 doesn't HAVE the ability to let a 'client' computer
(deck 2)
>i> log onto it.
>i>
>i> That make sense? :)
>
>It does, but IMO isn't correct. The server (node) alwys runs programs on
>the deck. Things like the graphics it uses and your good ol' ICE. Now, one
>of these programs could be a simple host-program (it wouldn't need anythig
>but the basics. No 'sendmail', ro other tools. Maybe not even
>multitasking) and you're in.

That still sounds like the host computer needing the icon in it in order
to trace & report, etc. That's fine and dandy, but the real thing that
made me go 'Aaaah!' was this:

Decker A plugs in, turns on his deck, and dials into an LTG. He goes off
on his merry way, maybe he's reading boards in Shadowland or something.

Decker B is a meanie, and finds Decker A's deck floating in the I/O port
he is using. Decker B logs into Decker A's deck as if it were a host,
and starts doing things like, oh, removing programs, uploading viral
programs, then when he's done, crashes the system.

That just sends shudders through the bowels... :)

- Rick

Message no. 87 on 05.10.97 KGGEWEHR@******.ACS.MUOHIO.EDU wrote:

K> You wrote:
K> > ACK! Sometimes I just bite into the table when I see a SR decking run
K> > (I'm a geek, you see). Just that old password problem. I make it three
K> > trys and then freeze that account and the decker is never going to crack
K> > my system with his neat sleeze-program, as it really can't be anything
K> > else then a guesser.

K> Oh, please... *sure* it can. It can look at the login program that's
K> trying to keep it out, find chinks in the armor (loopholes), and take
K> advantage of one of them to either find the correct password or bypass it
K> entirely.

Hmmm....If I don't have build-in holes in the program, I can make it
bulletproof without much sweat. No open services and the same password-
program on everything else. Sure, you can get into my building, find an
open workstation and steal my password-file (or maybe not, depends). Then
you can get in. Everything else? Nope.

K> That's what Sleaze does. "I'm a helpful little data packet from
K> the Cal Free State branch, let me in... see, I have this nice shiny
K> password (just stole it from the password location inna code)."

Huh? My little Sleaze gets a prompt: 'login:' and then 'password:'.
"Wow!", it thinks, "look at the response time! Must be Mitsuhama
v12.5!"
Great. Does that help me? Nope. Any code to work with? Nope.
Lose lose. :)

K> Decking is
K> a little more sophisticated than hacking today, that's why you need
K> programs to do a lot of the work for you. They analyze the system and give
K> some good guesses as to how to subvert it. The decker advises his programs
K> as to courses of action and targets, the programs do most of the real work
K> of hacking, because a human mind is too slow.

Take a look at todays hacking. Sure, I can probe a system to no-end
(Everybody who has a Unix can run SATAN and thus find out lots of neat
things about systems), but to break into it, you need either a software-
error (e.g. the RTM-worm), a stupid admin (like login: root; passwort:
root) or a cooperative user, who provides you with passwords. I guess we
can assume, that by 2050 someone managed to write a good login.

K> If he wants to crack it, he'll have to get the password from the
K> > luser who ownes that account (which could be a pretty good run). Or the
K> > 'I use mask and the admin's never gonna see me problem'. How do I mask
K> > the fact, that I run programs on a system?
K> Well, therein lies the beauty of Masking. It is designed to look at the
K> system type and modify the signals you are sending to appear like normal
K> traffic.

Even a 'normal traffic' login is a maximum-security login. There's no such
thing as hiding in the crowd in computers. Every user has to be dealt with
individually. You run a shell (or whatever) for every user.

K> Otherwise you're just some guy trying to dial up and being
K> refused...

Causing an error-massage...

K> A decker's programs do a LOT of things that are not really
K> described, merely hinted at.

Sadly.

K>
K> > Oh yeah, SR should copy another thing from CP: Listing the caliber of
K> > weapons.
K> SR doesn't need it. You could assign calibres to firearms, but to what
K> end? All the 'heavy pistols' in CP2020 are the same caliber, why bother
K> stating that it's 10mm? Does it make a difference? Not really. I've told
K> players in the past and even recently what the calibers are, roughly, for
K> various weapons, but it doesn't mean much to the game. Not listing them
K> means that people who don't want to worry about it don't have to deal with
K> it (have I mentioned that SR's abstract qualities are nice in some ways?).

Well, first, it would make adapting old weapons easier, then you would add
a nice portion of realism to the game, when the sammy buys ".45ACP JHP"
ammo for his Predator and not "regular heavy-pistol ammo" and last it
would be nice for unusual calibers, like the russians and the 4.73mm in
the HK G11/G12.

Tobias Berghoff a.k.a Zixx a.k.a. Charon, your friendly werepanther physad.

-----BEGIN GEEK CODE BLOCK------------
GAT/CS/S/IT d--- s+:- !a>? C++(++++)
UL++(++++) P+ L++ E W+ N+(+++) o? K?(-)
w---() O- M-- V- PS+ PE- Y+>++ PGP-
t+(++) 5+ X++ R* tv b++ DI(+) D++ G>++
e>+++++(*) h! r-- z?
------END GEEK CODE BLOCK-------------

Message no. 88 Here's an idea:

A decker usually connects to a host through an LTG (and multiple RTGs).

Could a security decker hack the LTG or RTG to locate datastreams flowing to
and from their systems from outside (probably with a Track program), and
examine the more suspicious ones?

They could then presumably use something like Tap Commcall to directly play
with the data.

Is it possible to download IC code from a host, and tailor your deck to be
much more resistant to it?
To counter this, I expect that corps change their IC every hour or two.

How fast can data be transferred between Off-Line Storage and Storage
during a run? Obviously faster than the I/O speed, but by how much?
Why is off-line storage so expensive?

--
Little One

Message no. 89 > They could then presumably use something like Tap Commcall to directly play
> with the data.
>
>
> Is it possible to download IC code from a host, and tailor your deck to be
> much more resistant to it?

Not unless you have some cool house rules to cover it.

> To counter this, I expect that corps change their IC every hour or two.

> How fast can data be transferred between Off-Line Storage and Storage
> during a run? Obviously faster than the I/O speed, but by how much?
> Why is off-line storage so expensive?

Off-line storage is completely unaccesable during a decking run. It can only
be accessed when the decker is not 'surfing the web'.

NightRain.

-----------------------------------------------------------------------------
| The universe is a big place, and whatever happens, you will not be missed |
-----------------------------------------------------------------------------

EMAIL: macey@***.brisnet.org.au

Message no. 90 At 09:09 AM 10/9/97 +1000, NightRain wrote:

>> How fast can data be transferred between Off-Line Storage and Storage
>> during a run? Obviously faster than the I/O speed, but by how much?
>> Why is off-line storage so expensive?
>
>Off-line storage is completely unaccesable during a decking run. It can only
>be accessed when the decker is not 'surfing the web'.

It says in VR2 that downloads and uploads can be made to and from offline
storage. It also says that the purpose of offline storage is to hold data
for uploads and downloads.

The only apparent difference between Storage and Offline Storage is that you
can't Swap Memory from/to Offline storage, and Tar IC doesn't affect it.

By the written rules, you *can* upload from Offline to host, then download
to active memory. It just doesn't give any rules for loading directly from/to
Offline storage without going the roundabout route through the host.

--
Little One

Message no. 91 On Wed, 8 Oct 1997, Tobias Berghoff wrote:

> on 05.10.97 KGGEWEHR@******.ACS.MUOHIO.EDU wrote:
>
> K> You wrote:
> K> > ACK! Sometimes I just bite into the table when I see a SR decking run
> K> > (I'm a geek, you see). Just that old password problem. I make it three
> K> > trys and then freeze that account and the decker is never going to crack
> K> > my system with his neat sleeze-program, as it really can't be anything
> K> > else then a guesser.
>
> K> Oh, please... *sure* it can. It can look at the login program that's
> K> trying to keep it out, find chinks in the armor (loopholes), and take
> K> advantage of one of them to either find the correct password or bypass it
> K> entirely.
>
> Hmmm....If I don't have build-in holes in the program, I can make it
> bulletproof without much sweat. No open services and the same password-
> program on everything else. Sure, you can get into my building, find an
> open workstation and steal my password-file (or maybe not, depends). Then
> you can get in. Everything else? Nope.
>
> K> That's what Sleaze does. "I'm a helpful little data packet from
> K> the Cal Free State branch, let me in... see, I have this nice shiny
> K> password (just stole it from the password location inna code)."
>
> Huh? My little Sleaze gets a prompt: 'login:' and then 'password:'.
> "Wow!", it thinks, "look at the response time! Must be Mitsuhama
v12.5!"
> Great. Does that help me? Nope. Any code to work with? Nope.
> Lose lose. :)

Who says that the decker has to start a whole new login process? Why not
just take the existing connection started by the 'Helpful little data
packet from the Cal Free State branch' which knows all of the paranoid
little routines for logging in. Once the legitimate user has logged in,
just take over that connection. If you think password protected logins
are so hard to break through, just use this idea. Once you've put your
own information into the stream, you're inside the system, and have many
more opportunities to breach security.

Just a suggestion... if you do know lots about computer security, why not
use what you know to point out loopholes that can be exploited and other
useful ideas for runners. Any GM can say 'Nope, it's too hard to do, you
can't.' But what fun is a roleplaying game in that case? If for some
reason you decide that computers are way too tough to crack, then what is
the point of the decker character? You've just thrown away a good portion
of the game, and set a bad precedent for dumping other whole sections
also. (Wires that can make a person move faster?!? That could never
work... dump it.)

Carlton Davis
davisc74@***.acs.uwosh.edu

Message no. 92 Little One wrote:
> It says in VR2 that downloads and uploads can be made to and from offline
> storage. It also says that the purpose of offline storage is to hold data
> for uploads and downloads.
>
> The only apparent difference between Storage and Offline Storage is that
you
> can't Swap Memory from/to Offline storage, and Tar IC doesn't affect it.
>
> By the written rules, you *can* upload from Offline to host, then download
> to active memory. It just doesn't give any rules for loading directly
from/to
> Offline storage without going the roundabout route through the host.

In VR1.0 it was stated that off-line storage could not be used during a
decking run. In VR2.0 I could find nothing other than the statement under
Tar Pit IC 'Unless the decker has a backup copy of the utility stashed in
offline memory, he's lost it for good. And even if he has a backup, he can't
get at it for the rest of the run.'
It is my assumption that off-line storage is just storage that is kept
'separate' from the deck, so that if a decker loses his stuff to a Tar-Pit or
something, he can still get a copy.

NightRain.

-----------------------------------------------------------------------------
| The universe is a big place, and whatever happens, you will not be missed |
-----------------------------------------------------------------------------

EMAIL: macey@***.brisnet.org.au

Message no. 93 At 08:33 AM 10/10/97 +1000, NightRain wrote:

>In VR1.0 it was stated that off-line storage could not be used during a
>decking run. In VR2.0 I could find nothing other than the statement under
>Tar Pit IC 'Unless the decker has a backup copy of the utility stashed in
>offline memory, he's lost it for good. And even if he has a backup, he can't
>get at it for the rest of the run.'
>It is my assumption that off-line storage is just storage that is kept
>'separate' from the deck, so that if a decker loses his stuff to a Tar-Pit or
>something, he can still get a copy.

In VR2.0 under the description for Offline storage memory, and under the
Download File and Edit File system operations, it mentions using offline
storage to upload and download data during a run.

Even if there wasn't any explicit mention of it, is there any reason why a
decker couldn't connect an external storage device to their deck while on a
decking run?
It's just another data pathway after all, like a hitcher jack or vidscreen,
except less complicated.

It would be slower than internal storage (no Swap Memory operation) but
faster than the I/O speed (which has to traverse a network).

If you wanted to be really secure, you would have two devices - a read-
only offline storage device for keeping backup utilities safe from Tar
Pit, and a write-only store for downloading stuff.

This prevents Tar IC from erasing utilities completely. The write-only
store physically prevents the host from erasing, reading or changing your
downloaded data (although it may still fill all empty space with garbage if
it can get to it).

This would be implemented by a physical switch that cannot be modified by
software during a run.

--
Little One

Message no. 94 At 11:46 PM 10/8/97 -0500, Carlton Davis wrote:

>Any GM can say 'Nope, it's too hard to do, you
>can't.' But what fun is a roleplaying game in that case? If for some
>reason you decide that computers are way too tough to crack, then what is
>the point of the decker character? You've just thrown away a good portion
>of the game, and set a bad precedent for dumping other whole sections
>also. (Wires that can make a person move faster?!? That could never
>work... dump it.)

You haven't played with my GM then :-(

Eye Laser? Nope.
Trauma Damper? Nope.
Instant-acting knockout drugs? Nope.
Grenades that only do Stun? Nope.

(I might even mention the horrible Firearms rules he inflicted on us...)

--
Little One

Message no. 95 Ray & Tamara said on 8:33/10 Oct 97...

> In VR1.0 it was stated that off-line storage could not be used during a
> decking run. In VR2.0 I could find nothing other than the statement under
> Tar Pit IC 'Unless the decker has a backup copy of the utility stashed in
> offline memory, he's lost it for good. And even if he has a backup, he can't
> get at it for the rest of the run.'
> It is my assumption that off-line storage is just storage that is kept
> 'separate' from the deck, so that if a decker loses his stuff to a Tar-Pit or
> something, he can still get a copy.

This is something that's always bugged me about off-line storage... If it
can't be used during decking, then what good is it? To store stuff you
need later on -- back-ups of utilities that may get trashed, etc. Okay.
How do you get those utilities into your deck? You load them from storage
memory when your deck isn't connected to the Matrix. So, you can load
stuff from it, and you can obviously save to it from somewhere else you
wouldn't be able to load anything from it either.

Then the question is: why can't you load from storage memory? Or better:
why doesn't VR 2.0 mention how to do it? As someone mentioned, to get
stuff from your storage memory into your deck's active memory, you need to
first upload it to the Matrix and then download it again. In effect,
you're spending twice the time it should take...

IMHO the easiest solution is to allow up- and downloads to be made
between active and storage memory, using the deck's I/O speed to decide
how long it will take; bandwidth can be assumed to be sufficient for
whatever you're doing, as this is part of your own deck, not some external
system.

--
Gurth@******.nl - http://www.xs4all.nl/~gurth/index.html
The stupid is always possible.
-> NERPS Project Leader & Unofficial Shadowrun Guru <-
-> The Plastic Warriors Page: http://www.xs4all.nl/~gurth/plastic.html <-

-----BEGIN GEEK CODE BLOCK-----
Version 3.1:
GAT/! d-(dpu) s:- !a>? C+(++)@ U P L E? W(++) N o? K- w+ O V? PS+ PE
Y PGP- t(+) 5++ X++ R+++>$ tv+(++) b++@ DI? D+ G(++) e h! !r(---) y?
------END GEEK CODE BLOCK------

Message no. 96 on 08.10.97 irvine@***.PURDUE.EDU wrote:

i> >It does, but IMO isn't correct. The server (node) alwys runs programs on
i> >the deck. Things like the graphics it uses and your good ol' ICE. Now, one
i> >of these programs could be a simple host-program (it wouldn't need anythig
i> >but the basics. No 'sendmail', ro other tools. Maybe not even
i> >multitasking) and you're in.
i>
i> That still sounds like the host computer needing the icon in it in order
i> to trace & report, etc.

You mean that the decker has to be logged into the host before the host
can track him/her? Well, of course, I'd say. If there's no login, there's
no hint of the decker, is there?

i> Decker A plugs in, turns on his deck, and dials into an LTG. He goes off
i> on his merry way, maybe he's reading boards in Shadowland or something.
i>
i> Decker B is a meanie, and finds Decker A's deck floating in the I/O port
i> he is using. Decker B logs into Decker A's deck as if it were a host,
i> and starts doing things like, oh, removing programs, uploading viral
i> programs, then when he's done, crashes the system.
i>
i> That just sends shudders through the bowels... :)

Well, life's hard. Nobody can stop a mage from casting 'control thoughts'
at you. And nobody's gonna stop a good decker from blowing the hell out of
your deck (He can even send a direct bio-feedback (read: kill you))

Makes you feel save? Thought so...

:)

Tobias Berghoff a.k.a Zixx a.k.a. Charon, your friendly werepanther physad.

-----BEGIN GEEK CODE BLOCK------------
GAT/CS/S/IT d--- s+:- !a>? C++(++++)
UL++(++++) P+ L++ E W+ N+(+++) o? K?(-)
w---() O- M-- V- PS+ PE- Y+>++ PGP-
t+(++) 5+ X++ R* tv b++ DI(+) D++ G>++
e>+++++(*) h! r-- z?
------END GEEK CODE BLOCK-------------

Message no. 97 on 08.10.97 davisc74@***.ACS.UWOSH.EDU wrote:

d> > K> That's what Sleaze does. "I'm a helpful little data packet from
d> > K> the Cal Free State branch, let me in... see, I have this nice shiny
d> > K> password (just stole it from the password location inna code)."
d> >
d> > Huh? My little Sleaze gets a prompt: 'login:' and then 'password:'.
d> > "Wow!", it thinks, "look at the response time! Must be Mitsuhama
v12.5!"
d> > Great. Does that help me? Nope. Any code to work with? Nope.
d> > Lose lose. :)
d>
d> Who says that the decker has to start a whole new login process? Why not
d> just take the existing connection started by the 'Helpful little data
d> packet from the Cal Free State branch' which knows all of the paranoid
d> little routines for logging in.

How about access restrictions? Your little packet has exactly the right to
by an e-mail. That's it nothing more. I can't access a computer as a ICMP/
ECHO (ping-packet), can I?

d> Once the legitimate user has logged in,
d> just take over that connection.

Two things:
a) Don't you think the user would realise that someone is in his
connection?
b) How about encrypted datastreams? I'm not explaining how (If you want to
know, I can tell you privately, as this would be rather long and OT), but
there are *very* secure ways to prevent this.

d> Just a suggestion... if you do know lots about computer security, why not
d> use what you know to point out loopholes that can be exploited and other
d> useful ideas for runners. Any GM can say 'Nope, it's too hard to do, you
d> can't.' But what fun is a roleplaying game in that case? If for some
d> reason you decide that computers are way too tough to crack, then what is
d> the point of the decker character? You've just thrown away a good portion
d> of the game, and set a bad precedent for dumping other whole sections
d> also. (Wires that can make a person move faster?!? That could never
d> work... dump it.)

It could. And you can crack low-sec computers without much legwork, but
everything else....And about deckers: They are still useful: Who do you
want to send in *after* you got the passwords? It's just a bit to easy, to
me. And pointing the whole stuff out, isn't such a good idea, I think. The
folks I'm playing with, don't know anything computer-wise, so it would be
a waste of time (pretty compicated matter, you know?)

Oh yeah: We don't use deckers as PCs anymore, anyway. It's just pure death
to gameplay if the decker does his 2 hours matrix-run and everyone else
goes outside to play soccer...

Tobias Berghoff a.k.a Zixx a.k.a. Charon, your friendly werepanther physad.

-----BEGIN GEEK CODE BLOCK------------
GAT/CS/S/IT d--- s+:- !a>? C++(++++)
UL++(++++) P+ L++ E W+ N+(+++) o? K?(-)
w---() O- M-- V- PS+ PE- Y+>++ PGP-
t+(++) 5+ X++ R* tv b++ DI(+) D++ G>++
e>+++++(*) h! r-- z?
------END GEEK CODE BLOCK-------------

Message no. 98 d> > Huh? My little Sleaze gets a prompt: 'login:' and then 'password:'.
d> > "Wow!", it thinks, "look at the response time! Must be Mitsuhama
v12.5!"
d> > Great. Does that help me? Nope. Any code to work with? Nope.
d> > Lose lose. :)

There's several options here. Today's hackers don't try to logon as superusers.
Even though that is the most 'powerful' tool for fucking up a computer, it's
a lot easier using, say, an old netscape with a few choice mods. Most sites
also has a guest login feature, which gives at least a shoe in the door.
All sites has a balance between useability and security. For instance, allowing
netscape to fill in forms increases useability but reduces security. A totally
secure system would be extremely boring (Noone, not even the designers, would
be able to log on). We will just have to assume that there's ways in 2050 for
deckers to masquerade as legit service programs or such rather than users,
and so bypasses the password thing entirely. It's finding and knowing what to
masquerade as which is the trick.

Message no. 99 On Fri, 10 Oct 1997, Tobias Berghoff wrote:

> on 08.10.97 davisc74@***.ACS.UWOSH.EDU wrote:
>
> d> Who says that the decker has to start a whole new login process? Why not
> d> just take the existing connection started by the 'Helpful little data
> d> packet from the Cal Free State branch' which knows all of the paranoid
> d> little routines for logging in.
>
> How about access restrictions? Your little packet has exactly the right to
> by an e-mail. That's it nothing more. I can't access a computer as a ICMP/
> ECHO (ping-packet), can I?
>
Maybe you can't, but your decker character who has devoted their life to
studying the interactions of software can find the loopholes in the
software. Maybe it's by overflowing a buffer, or using the fact that he
now knows the name of a file being processed for some other nefarious
purpose. I'm just suggesting that there are more ways to put data into a
machine than using the front door. Like I said before, maybe computers
are ultra-secure fortresses which are invulnerable to anyone's attempts to
crack them, and if that's how you want it, go for it. Just be willing to
accept that some people like the idea of buggy code and improperly applied
security measures and use those flaws to make the game more interesting to
them.
> > d> Once the legitimate user has logged in, > d> just take over that
connection.
>
> Two things:
> a) Don't you think the user would realise that someone is in his
> connection?
Maybe, maybe not... if all you're doing is editing your report on the
companies new 'Casual Friday' dress code, you might be a little pissed
when you go back later, and it wasn't saved after all.. (Simulating a word
processer shouldn't be that hard for the decker... and most users wouldn't
think losing a file means that someone just cracked their account)

> b) How about encrypted datastreams? I'm not explaining how (If you want to
> know, I can tell you privately, as this would be rather long and OT), but
> there are *very* secure ways to prevent this.
I'm reasonably familiar with this (read: I've read the PGP phone docs,
take that however you want) This argument starts taking us back into fact
from theory, so of course you're going to have more ammo (We have it now,
can't break it, does that mean we can't in 50-60 years? I don't know.) But
isn't it possible that with the decker sitting in between the two
communicators that he can break into it? Think of the old game telephone,
if the decker is sitting between the system and the user, they can pass
whatever they want either way, and as a result, discover what type of
responses are required. Also, if the connection is too secure, it becomes
a detriment to the user. What happens the first time a VP can't access
the data because the Sat-feed is less than perfect? Maybe the system
would allow access at a lower security clearance (Quicker IC response,
higher security rating) That flaw could be used to get the decker logged
in.
>
> d> Just a suggestion... if you do know lots about computer security, why not
> d> use what you know to point out loopholes that can be exploited and other
> d> useful ideas for runners. Any GM can say 'Nope, it's too hard to do, you
> d> can't.' But what fun is a roleplaying game in that case? If for some
> d> reason you decide that computers are way too tough to crack, then what is
> d> the point of the decker character? You've just thrown away a good portion
> d> of the game, and set a bad precedent for dumping other whole sections
> d> also. (Wires that can make a person move faster?!? That could never
> d> work... dump it.)
>
> It could. And you can crack low-sec computers without much legwork, but
> everything else....And about deckers: They are still useful: Who do you
> want to send in *after* you got the passwords? It's just a bit to easy, to
> me. And pointing the whole stuff out, isn't such a good idea, I think. The
> folks I'm playing with, don't know anything computer-wise, so it would be
> a waste of time (pretty compicated matter, you know?)
>
> Oh yeah: We don't use deckers as PCs anymore, anyway. It's just pure death
> to gameplay if the decker does his 2 hours matrix-run and everyone else
> goes outside to play soccer...
>
Hey, whatever works for you, we can sit here tossing arguments back and
forth all week... Hopefully this is at least interesting to a few other
people on the list (I'm trying to toss in some good decking ideas) but if
that's how you want to run your game go for it. I just wanted to make the
point that you should always be able to find some kind of roleplaying
solution. I don't like the idea of impenetrable data forts hooked up to
the Matrix, you do. It seems like it works for you, and if your players
don't wanna play deckers, it sounds like a good idea. I just wouldn't
wanna play in your world. :)

Carlton Davis
davisc74@***.acs.uwosh.edu

Message no. 100 on 12.10.97 runefo@***.UIO.NO wrote:
d>> > Huh? My little Sleaze gets a prompt: 'login:' and then 'password:'.
d>> > "Wow!", it thinks, "look at the response time! Must be
Mitsuhama v12.5!"
d>> > Great. Does that help me? Nope. Any code to work with? Nope.
d>> > Lose lose. :)

r> There's several options here. Today's hackers don't try to logon as
r> superusers.

Wouldn't be too smart. All Unices I know make 'Wrong root password' a
warning in the logs, so you will never have longer than a day to do the
hacking.

r> Even though that is the most 'powerful' tool for fucking up a
r> computer, it's a lot easier using, say, an old netscape with a few choice
r> mods.

The favorite is still checking the "usual suspects". Stuff like 'uucp',
'demo', 'install' or 'postmaster'....

r> Most sites also has a guest login feature, which gives at least a
r> shoe in the door. All sites has a balance between useability and security.
r> For instance, allowing netscape to fill in forms increases useability but
r> reduces security. A totally secure system would be extremely boring (Noone,
r> not even the designers, would be able to log on). We will just have to
r> assume that there's ways in 2050 for deckers to masquerade as legit service
r> programs or such rather than users, and so bypasses the password thing
r> entirely. It's finding and knowing what to masquerade as which is the
r> trick.

O.K., but what do I have from being a legit e-mail?

(I'm not trying to say 'Kill the deckers! They're not logical')

Tobias Berghoff a.k.a Zixx a.k.a. Charon, your friendly werepanther physad.

-----BEGIN GEEK CODE BLOCK------------
GAT/CS/S/IT d--- s+:- !a>? C++(++++)
UL++(++++) P+ L++ E W+ N+(+++) o? K?(-)
w---() O- M-- V- PS+ PE- Y+>++ PGP-
t+(++) 5+ X++ R* tv b++ DI(+) D++ G>++
e>+++++(*) h! r-- z?
------END GEEK CODE BLOCK-------------

Message no. 101 on 12.10.97 davisc74@***.ACS.UWOSH.EDU wrote:

d> > Two things:
d> > a) Don't you think the user would realise that someone is in his
d> > connection?
d> Maybe, maybe not... if all you're doing is editing your report on the
d> companies new 'Casual Friday' dress code, you might be a little pissed
d> when you go back later, and it wasn't saved after all.. (Simulating a word
d> processer shouldn't be that hard for the decker... and most users wouldn't
d> think losing a file means that someone just cracked their account)

There was this nice part in the CSH about making employees aware of
possible security problems...

d> > b) How about encrypted datastreams? I'm not explaining how (If you want
d> > to know, I can tell you privately, as this would be rather long and OT),
d> > but there are *very* secure ways to prevent this.
d> I'm reasonably familiar with this (read: I've read the PGP phone docs,
d> take that however you want)

It's a start. :)

D> This argument starts taking us back into fact
d> from theory, so of course you're going to have more ammo (We have it now,
d> can't break it, does that mean we can't in 50-60 years? I don't know.)

Well, you could break todays codes in 60 years, but the thing is that
encrypting takes far (really far) less time than breaking that encryption
(neat law. Ask barbie on how much work they've put into the R5 thing.
Encyption takes less than a second....)

d> But
d> isn't it possible that with the decker sitting in between the two
d> communicators that he can break into it?

Actually not if the decker doesn't completly take the connection over from
the host before login. There are timestamps and synchro-systems that
prevent this (reminds me of my times trying to get into Netware 4.11
logins...). He could try to convince the user that he is in fact the host,
and I would really like that as a way to crack a system. I would be
different fom the "just load this and that and you're in" approach. If the
Sammy tries to break into some building, loading programs won't do him no
good. Sometimes decking is just a bit too easy (fighting isn't
everything).

d> Also, if the connection is too secure, it becomes
d> a detriment to the user. What happens the first time a VP can't access
d> the data because the Sat-feed is less than perfect?

He'll "Is this nescessary?"
Ad the exec will say "Well, at least we haven't lost any secrets since he
installed that system."

d> Maybe the system
d> would allow access at a lower security clearance (Quicker IC response,
d> higher security rating) That flaw could be used to get the decker logged
d> in.

If the decker (player) says s/he wants to do this, fine. If s/he just says
"I load sleaze. What's the TN?" it get's boring.

d> > Oh yeah: We don't use deckers as PCs anymore, anyway. It's just pure
d> > death to gameplay if the decker does his 2 hours matrix-run and everyone
d> > else goes outside to play soccer...
d> >
d> Hey, whatever works for you, we can sit here tossing arguments back and
d> forth all week...

Yipee! :)

d> Hopefully this is at least interesting to a few other
d> people on the list (I'm trying to toss in some good decking ideas) but if
d> that's how you want to run your game go for it.

Nobody wants deckers anymore. Not my fault. (It was this way long before I
started GMing...)

d> I just wanted to make the
d> point that you should always be able to find some kind of roleplaying
d> solution. I don't like the idea of impenetrable data forts hooked up to
d> the Matrix, you do.

Not unpenetratable. Just a bit more legwork and creative work instead of
throwing programs around.
(Damn. I just want to see Fastjack doing some dump-diving at the 'raku-
Arco! :)))

Tobias Berghoff a.k.a Zixx a.k.a. Charon, your friendly werepanther physad.

-----BEGIN GEEK CODE BLOCK------------
GAT/CS/S/IT d--- s+:- !a>? C++(++++)
UL++(++++) P+ L++ E W+ N+(+++) o? K?(-)
w---() O- M-- V- PS+ PE- Y+>++ PGP-
t+(++) 5+ X++ R* tv b++ DI(+) D++ G>++
e>+++++(*) h! r-- z?
------END GEEK CODE BLOCK-------------

Message no. 102 At 19:03 10/14/97 GMT, Tobias Berghoff wrote:
>on 12.10.97 runefo@***.UIO.NO wrote:
>d>> > Huh? My little Sleaze gets a prompt: 'login:' and then 'password:'.
>d>> > "Wow!", it thinks, "look at the response time! Must be
Mitsuhama
v12.5!"
>d>> > Great. Does that help me? Nope. Any code to work with? Nope.
>d>> > Lose lose. :)

You might find my take on decking (at
http://www.amurgsval.org/shadowrun/megapulses.html) interesting.
I figure that the Shadowrun world is filled with data packets with
executable content-- a descendent of the Java world. You can make a
perfectly secure system by insisting that nothing but data ever gets
transmitted over a particular hard link, but that means that you can't
do much more than send E-mail (and even that E-mail has to be carefully
executed on isolated machines without any serious network access) and
do file transfers and so on. The price of that security is losing most
of the functionality of the Matrix.

--
%% Max Rible %% slothman@*****.com %% http://www.amurgsval.org/~slothman/ %%
%% "Ham is good... Glowing *tattooed* ham is *bad*!" - the Tick %%

Mailing List Logs for

Further Reading

Disclaimer