| From: | Wafflemeisters <evamarie@**********.NET> |
|---|---|
| Subject: | Re: Weird Campaigns |
| Date: | Thu, 21 May 1998 16:05:42 -0500 |
(DisnyShamn , Wed 19:14)
> I seem to recall a reference in VR2 to systems remaining "alert" for awhile
> after a decker has logged off. This would necessitate some sort of globalness
> of security tally. I'd suggest a compromise;
>
Yes, the "passive" and "active" allerts, whichraise sunbsystem
ratings
and such, DO affect all users / intruders.That will tend to raise thier
tally, as theywon't be acomplishing thierjob so easily.
The "Host reset" example also gives an example ofonedecker jacking up a
tallly, and logging of, then another logging in, and the IC still being
active, but as that was theonly exampleof one deckers tally dirrectly
affecting anothers, I assumed it was an editing brain fart.
> Let's look at what happens when a security tally is raised; the system becomes
> increasingly "aware" of an intruder; alarms are going off. Now, this
SHOULD,
> if the system had an at-all-logical designer, kick in some general diagnostics
> and whatnot.
Hence the "Passive" and "active" alerts.
>But the more you do, the easier it will be to locate you, in
> particular. I can think of a few ways to do this; one requires some
> bookkeeping, another monkeys with the rules in VR2 a bit and makes any long
> duration very nasty, and the last makes team-decking a bt too safe.
>
Long duration decking is already VERY nasty. In case youhad not
noticed,there is NO way to reduce your security tally, short of logging
off for a while. Since the tally is just of ANY succeses VS your
deception, having a lot of skill doesn't prevent it, it just lets you
get the job done beforemondo IC apears. Once theIC does apear, you'll
be wasting more time on evasion, driving up the tally by killing it,
orreducing your deception by supressing it. All of those will hamper
your work.
> 1. Security tally IS global, but a given user/decker is tracked ONLY from the
> point at which he entered the system. That is, if Decker Bob had a tally of 12
> when Decker Cindy-Lu-Hoo comes in, the can both raise the tally, but for her
> it starts at 0.
> Example: if he raises it another 2 and she blunders it up by 3, it's raised a
> total of 5 for both, raising him to 17, but her to only 5.
>
That would make SOME sense. It at least removes the posibility that
you log in and get nuked. "GM; Oh, well some other deckerwas in
system."
> 2. The Sec Tally somehow LOWERS the decker's Detection rating. Every 3 points
> or something? Thus, the longer a decker is in the system, the more obviously
> he/she is the target, but it'd still be a danger to say security deckers doing
> illegal stuff (it might notice them, it's just mroe likely to notice the
> other).
>
Bad idea- see above comments- decking is hard enough already. The
Passive and active allerts already have a similar effect, as does the
very frequently used Probe IC.
> 3. Tally is figured individually, only until two people even out; then it's
> cumulative.
> Example: Decker Bob is at 12 again when Decker Cindy arrives. She accumulates
> a tally normally, but doesn't trigger anything until she hits 12 (unless Bob
> gains some; anyway, until she's even with Bob); he has "blazed a datatrail"
> fro her, and she can avoid sprung IC. Once they're even, they add to one
> another's tally.
>
That will make Cindy's job pretty easy, if Bob can avoid getting
hammered while pulling null ops or something. If Bob had killed the
IC, sure, I could see it won't bother her.
> 4. (Probably simplest) Sec tallies are partially global; that is, most of it
> is individual, each decker gaining a seperate tally as "normal", but some
> pervcentage (say, every 5th level) adds to a "general tally", increasing
> EVERYONE'S tally (though this will only trigger IC on the person(s) actually
> performing the action).
>
Again, the various alert levels have a similar effect.
I can see various "tally sharing" schemes being valid (adressinganybody
not displaying all passcodes), but A) Decking teams areuncommon, so rare
as to notbe considered a security threat & B) Things are already quite
hard for the lone decker (if thier deception factor is less than 10 or
so & C) if you are so sure somebody is using the wrong passcodes, just
DUMP them- why mess around even tracking a tally if somebody can be
distinguished as "bad" so easily (which tracking cumulative tally for
all "intruders", but not applying it to users, implies).
-Mongoose X
