comStar Firewall alert - PhaseThrough

Recommendations

Info

Matrix topoloGy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 pilots Pilots are a special type of OS with more autonomous decision-making ability, used in agents and drones. Unlike operating systems or most other programs, Pilots are capable of operating independently and maneuvering through the Matrix on their own; see Autonomous Programs, p. 110. Like an OS, Pilots may also be programmed with sets of commands; see Agent Scripts, p. 100. Drone Pilots are also customized for the specific device they are made for (see Pilot Capabilities, p. 103, Arsenal). prograMS Programs are the tools of the Matrix. Every time something is done, a program is involved. Sometimes only a very small program is needed, and those instances are not covered by the rules—but it’s still a program doing the work. Programs are always run by nodes. The maximum number of programs a node can handle is called its processor limit, while the number it is actually running is the processor load. If the processor load exceeds the processor limit, the node is subject to Response degradation (see Matrix Attributes, p. 212, SR4). Programs do not have to be run by the persona’s node to be used by a persona. It is possible to use programs run on the remote node a persona is accessing. The remotely used program then counts towards the processor load of the remote node instead of the node running the persona. Public nexi like libraries, archives, and data havens often provide remote browse programs. protocoLS Every time a node interacts with another node, predefined Matrix protocols are invoked. The receiving node looks at account data, access rights, and status of the connection and then decides whether a request will be accepted or not. By using hacking tools, hackers try to circumvent or exploit these protocols to again access rights, crash other icons, or do things not allowed by their current account privileges. accoUntS Access rights on nodes are governed by accounts. Every subscription and data request (see Data Requests, p. 54) is assigned certain privileges, depending on the account information that was sent with the request, or with the initial login in the case of subscriptions (see Subscriptions, p. 55). There are various flavors of accounts, depending on the status of the connection and what kind of information was sent. Standard accounts In the case of a standard account, the login data consists of a username and a password of arbitrary size. This information is always encrypted by the operating system, with a Rating of 6, upon sending. The password can be an alphanumeric string, a biometric pattern, or a signature produced by a passkey (see Passkeys, p. 64). The password is then compared to either the node’s internal user database or other sources (see Web of Trust, p. 64) and either confirmed or rejected. Most users store their passwords or signatures in encrypted files on their commlink, as they are normally too long and complex to remember. Biometric signatures can be read directly from the user with the help of various types of scanners. node accounts Node accounts grant access rights on nodes depending on the privileges a user has on another node it is linked to at that moment. User access on a security node, for example, might include a user account, and thus user rights, on the various cameras and sensors the security node is connected to. A spider working in the security node is then able to access all the sensors without having to provide the entire username and password data for the various sensor devices. The security node sends this information for him, and the spider can simply access the devices and control them. Or he could just read out their sensor feed as long as he is logged into the security node with the appropriate access rights. access id accounts Access rights can also be granted by access ID. This means that every time a node or construct with a certain access ID is accessing a node, it is automatically granted the access rights related to the ID. Just like standard accounts, the node compares the access ID with its internal user database and grants the appropriate rights upon initial login. A hacker can abuse this by spoofing his access ID (see The Datatrail, p. 216, SR4) and thus forcing the node to automatically assign the related rights to the hacker. accoUnt priviLegeS Access rights tell the node what the user of an account can or cannot do. In principle the administrator of a node sets the privileges related to certain accounts. Most nodes, however, tend to have the same categories of access rights. There are four levels of access rights: User, Security, Admin (see Account Privileges, p. 216, SR4), and Public. public access rights If a connection is established without sending any information except the access ID, the connection is automatically granted public access rights. This is the type of access a user receives when she is entering the public part of a node. The public account allows access to public data like website information, blogs, databases, personal profiles, and so on. Depending on the accessed data, different access rights might come with the public account, for example the ability to write without a username in public forums. User access rights The vast majority of accounts on a standard Matrix node are user accounts. The most important privilege normally granted via user access is one slot on the subscription list. This allows the user, or any of his agents, to enter the node in VR or AR mode. Most other rights vary from node to node and from account to account. Depending on the purpose of the account, User accounts grant access to file indexes, files, the ability to edit files, command devices controlled by a node, upload data, common-use programs, and so on. Security access rights Security access rights are mostly given to those who need more control over parts of a system without managing the entire system. This level is often granted to spiders, privileged users, and IC. They are allowed to view log files and node statistics and can alter general Unwired Simon Wentworth (order #1132857) 9
node attributes like a metaphor or special sculpting. Most of the time a user with security access is able to create or delete standard user accounts, edit other users’ data, initiate (and deactivate) an active <strong>alert</strong>, and read the access log (see Access Log, p. 65). Security privileges also grant the ability to control and command all the agents or IC deployed by the node and run hacking programs. admin access rights The admin level is reserved for an owner or someone responsible for an entire node. Admin access grants the right to do everything the user wants to on a node. Admin privileges empower individuals to reboot the node, alter the node’s sculpting, create and delete any possible account, assign access levels to accounts, and assign privileges to account levels. Furthermore, admins can view and edit all the log files and statistics available on the node, including the access log (see Access Log, p. 65). An admin cannot, however, affect programs and files he does not know about. He has to first defeat the Stealth program of an intruding agent that is running on the node before he can unload the unwelcome guest. coMMcodeS Matrix service providers (MSPs) issue commcodes (see p. 214, SR4), which are not to be confused with access IDs. Whereas your access ID is a sort of serial number that you use for all of your interactions online, and which is recorded in access logs (like an IP address in real life), your commcode is more akin to a phone number or email address. In principle it would suffice to call somebody by sending a phone request to the access ID of his commlink. The commlink would receive the request and the phone call could take place. On occasion, however, people buy new commlinks, leave their commlinks at home, in another room, or simply want to take their phone call, or any other kind of interaction, elsewhere. That is why people register their devices at a Matrix service provider that issues commcodes. Matrix devices can be set to register with the Matrix service provider as soon as they go online. Every time somebody dials the commcode, the communication request is automatically routed through the database of the MSP that knows which devices are available to receive the call. Modern commlinks, house telecoms, and cars offer additional convenience by providing the MSP with the information on whether the user related to the commcode is present or not, so the incoming call can be relayed to the appropriate device. data excHange In every data exchange, access IDs are used to guide the data from the sender to the receiver. The receiver then automatically knows where to send the answer. Thus both nodes, the sender and the receiver, have to be aware of the other’s access ID for a successful data exchange. Every node in between tries to forward the traffic a little further to the receiver. In the wired part of the Matrix, the nodes performing these relay tasks are the routers of the Matrix’s backbone. The wireless part of the Matrix is a decentralized mesh network. This means that every node will work as a router for all the other nodes around it. If a node wants to go online, it just connects to the next available node around it, which in Unwired BeHind tHe SceneS So what happens when you get online? When you jack into or otherwise connect to your commlink (or any other device), what exactly happens under the hood? Before anything, you must log on to the device. This presumes that you have an account on the device and a passcode (p. 215, SR4) for accessing it. Some devices may have a public interface, meaning anyone that picks it up can use it. When you enter the passcode, the <strong>Firewall</strong> authenticates you and the operating system fires up a persona interface for you. When you engage the persona, several things happen. First, you are immediately assigned an access ID (p. 216, SR4) which stays with you for the duration of your session. This access ID may be spoofed (see p. 224, SR4), but this must be done before you open connections to other nodes; otherwise, the switch in access ID will immediately sever all of your connections. Second, you gain access to all of the privileges your account offers (p. 216, SR4). Third, you gain access to all of the programs and data stored in the device that the account has access privileges too. You may run these programs, loading them into active memory, at which point they count against the node’s processor limit (p. 48). Fourth, you are assigned an icon that represents you in AR or VR interactions, which you may modify as you see fit. Fifth, your persona informs your Matrix Service Provider that you are online and that your commcode should be routed towards that particular node and access ID, so that you receive all of your messages and calls. Other users may use the same node as you, of course, interfacing through their own, separate personas. Programs that they run also count against the node’s processor limit, of course, which is why nexi are better equipped for multiple users than standard nodes. (Note that even peripheral nodes have persona interfaces, though these are obviously more limited.) Other personas from the same node will not have the same access ID as you, though all such access IDs will leave a datatrail that leaves back to the same node (and, in particular, a specific account on that node). From your persona interface, you may access other nodes. If you are simply making a comcall or data request, accessing a public site or profile, or otherwise connecting to a public account, no subscription or login is required—your access ID suffices. If you are logging in to a user/security/admin account, communicating with encryption, controlling an agent/drone, or making some other bandwidthintensive connection, a subscription is required, and counts against your subscription limit (p. 51). Your activity is logged, of course, creating a datatrail that may be used to track you (p. 55). Simon Wentworth (order #1132857) 9 53 Matrix topoloGy . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Page 1 and 2:
TM Simon Wentworth (order #1132857
Page 3 and 4: Simon Wentworth (order #1132857) 9
Page 5 and 6: Malware 86 Agents 87 Botnets 88 the
Page 7 and 8: JackPoint StatS___ 57 users current
Page 11 and 12: AR transmissions are so easy to eav
Page 13 and 14: And I’m even happier when I can i
Page 15 and 16: tHe aUgMented worLd The augmented w
Page 17 and 18: people started cobbling together re
Page 19 and 20: While the cheaper commlinks are onl
Page 21 and 22: Matrix criMeS > I’ve downloaded a
Page 23 and 24: “protection rackets” against vi
Page 25 and 26: a general agreement that in order t
Page 27 and 28: Now, to operate in the sprawl, you
Page 29 and 30: capabilities and resources to do it
Page 31 and 32: popULar SoUSveiLLance videoS knight
Page 33 and 34: drug treatments during incarceratio
Page 37 and 38: of more than one sprite at a time.
Page 39 and 40: intuitive Hacking Cost: 5 BP A char
Page 41 and 42: tweaking tHe rULeS Gamemasters and
Page 45 and 46: ‘link will s-l-o-w d-o-w-n, big t
Page 47 and 48: gram and a massive amount of time (
Page 49 and 50: . . . Matrix topoloGy . . . Hex was
Page 53: track programs are not able to dete
Page 57 and 58: datatrail Every interaction on the
Page 59 and 60: a castle could represent a control
Page 61 and 62: Simsense can also be used for exper
Page 65 and 66: with their image links is an expens
Page 67 and 68: To avoid detection, the hacker can
Page 69 and 70: aLertS Another important line of de
Page 71 and 72: B A R S C I L W ESS 3 2 3 2 3 4 4 3
Page 73 and 74: encryption on the access log of the
Page 75 and 76: filled with a high-rating Data Bomb
Page 77 and 78: You also need to choose the Matrix
Page 79 and 80: Sculpting: The node looks a lot lik
Page 81 and 82: Hardware: Saeder-Krupp Schwermetall
Page 85 and 86: Don’t call me a script kid Don’
Page 87 and 88: ight commands to bring those things
Page 89 and 90: drivers on my commlink before I tur
Page 91 and 92: what it sounds like: two or more ha
Page 93 and 94: Yep. You can also stick malware int
Page 95 and 96: gaMe inforMation The Hacker’s Han
Page 97 and 98: paYdata General rules for fencing p
Page 99 and 100: Pistons is researching the NeoNET A
Page 101 and 102: Spoofing commands from a user with
Page 103 and 104: to Mook or not to Mook? For some ch
Page 105 and 106:
Issuing commands to a smartgun thro
Page 107 and 108:
igger trickS Like hackers, riggers
Page 109 and 110:
Simon Wentworth (order #1132857) 9
Page 111 and 112:
Server-Side prograMS Server-side pr
Page 113 and 114:
cess (even if the agent tries to ha
Page 115 and 116:
worms). To match the opposition, ho
Page 117 and 118:
Mute Program Types: Common, Hacking
Page 119 and 120:
temporary degradation can be restor
Page 121 and 122:
advanced prograMMing taBLe Software
Page 123 and 124:
prone to degradation. This is in pa
Page 125 and 126:
dataworms Dataworms are a stealth t
Page 127 and 128:
military and police units, professi
Page 129 and 130:
them and plot them on a three-dimen
Page 131 and 132:
. . . technoMancers . . . The secur
Page 133 and 134:
Page 135 and 136:
attuning to a particular part of th
Page 137 and 138:
advanced tecHnoMancer rULeS The rec
Page 139 and 140:
Streams are still evolving and are
Page 141 and 142:
info Savants Fading: Intuition + Re
Page 143 and 144:
experience, induced by unfiltered e
Page 145 and 146:
don’t have to be strictly technom
Page 147 and 148:
new ecHoeS The following section ex
Page 149 and 150:
Sift Technomancers who possess this
Page 151 and 152:
Neuroleptic: This widget creates a
Page 153 and 154:
make are geared towards someone wit
Page 155 and 156:
Page 157 and 158:
Pilot Response Firewall Matrix INIT
Page 159 and 160:
traceroUte taBLe Subject Interacts
Page 161 and 162:
• It may raise one complex form i
Page 163 and 164:
. . . Matrix phenoMena . . . It’s
Page 165 and 166:
Page 167 and 168:
gaMe inforMation This section provi
Page 169 and 170:
(plus an additional box if the AI h
Page 171 and 172:
known aiS These are but a few examp
Page 173 and 174:
Uv nodeS—at tHe edge of reaLitY I
Page 175 and 176:
is something larger beyond the curt
Page 177 and 178:
the realm where the source code was
Page 179 and 180:
infektors The Infektors’ ultimate
Page 181 and 182:
corrupting it into a temporary diss
Page 183 and 184:
Pilot Response Firewall Matrix INIT
Page 185 and 186:
Page 187 and 188:
former prematurely and leave them o
Page 189 and 190:
playback gear On the most basic lev
Page 191 and 192:
y default can be used repeatedly an
Page 193 and 194:
to explain the missing time. Also,
Page 195 and 196:
compartmentalized pieces of informa
Page 197 and 198:
. . . Matrix Gear . . . Glitch was
Page 199 and 200:
Page 201 and 202:
eLectronicS Electronics follow all
Page 203 and 204:
Hacker ServiceS See Buying a Better
Page 205 and 206:
Software Suites Availability Cost H
Page 207 and 208:
SaMpLe nodeS (cont.) . . . . . . .
Page 209 and 210:
SaMpLe SpiderS (cont.) Security tec
show all

comStar Firewall alert - PhaseThrough

Create successful ePaper yourself

Delete template?

Save as template?