[Namikaze]

10. You normally get a -2 penalty for trying to target something on another grid.

If you're trying to brute force or hack on the fly to grid hop, does that -2 penalty still apply? Since your target IS another grid?

Yup, and that stacks with other penalties, like working from a public grid.

11. If you're inside a building that 'is" a host, but you're just a random guest walking through, is your commlink distinguishable from the host? i.e. Can you be targeted separately?

Yes.  Your commlink is out there floating in the ether of the Matrix, tethered by whatever grid you happen to be subscribed to.  However, if your persona is "in" a host (I really don't know of a better descriptor for this behavior) then it's no longer on the grid and therefore cannot be targeted or identified except from something/someone also "in" the host.

12. What counts as an "Attack" or "Sleaze" matrix action? Any action that has either one as a limit?

Yup.  A Matrix Action that uses the Attack rating as a limit is an "Attack" action.  Same for Sleaze.

13. Convergence reboots your persona. Technomancers cannot be rebooted except by themselves. Does this means convergence dumps them into AR mode but doesn't reboot them (i.e. they retain GOD score and marks)?

Well, the 12 points of damage will usually ensure they are unconscious at the least.  But honestly I don't have a rulebook answer here.  My gut tells me to go with the idea that they are knocked unconscious for a few minutes to "reboot."

14. Let's say I want to hack into someone's commlink and find and copy a file onto my deck. What actions do I need to do?

Start with Hack on the Fly to mark the commlink. Now I want to find the file (one of the many on his device). What action is that? Then after I find the file, I need to... put a mark on the file and use Edit File to "copy" it?

Finding the file is a Matrix Search action.  Getting a MARK on the file is either Brute Force or Hack on the Fly.  Then Edit File to copy the file.

15. Technomancer question. If you have threaded a sustained complex form (e.g. diffusion of an attribute) and want to do it again, do you have to rethread?

If you are trying to use a different Complex Form, yes.  If you're using the same Complex Form and trying to get different hits, yes.  If you're using the same Complex Form and don't care about increasing hits, there's no reason to let go of a perfectly good sustained Complex Form.

16. If you are sustaining a Diffusion of Firewall on a target for -1, then do the Diffusion again for -2, do they override each other? Or stack? Do you have to maintain focus (-2 per sustained form) for both?

You can do Diffusion of Firewall for -1, then decide you want to do better.  You drop the Complex Form and try again.  This time, you get lucky and get -2.  You cannot just keep stacking Diffusion of X to cripple an opponent.

17. For noise penalties that are situational (spam and static zones), does this apply to you, the target, or both being that zone? For example, if I was in a neutral zone (no special modifiers) but my target was 99m away in the city downtown (-1 noise), do I suffer a -1 penalty when interacting with them? How about vice versa?

You calculate Noise for yourself only.  But your opponent will also have Noise penalties (unless they've reduced the penalty somehow) if they choose to retaliate or otherwise act.

18. Since the primary use of "level" in Complex Forms affects the limit and the fade damage, can you conceivably "bypass" this by threading a form at Level 1 and using Edge to "Push the Limit" and remove the limit? This would lead to a full power form with no limit and only one potential damage. Of course this is limited by your Edge, but I wanted to confirm this is not exploitative or an undesired combo by the designers.

This is totally legal.  Many of us have come together and were trying to work out a system of "reagents" for technomancers to use in a fashion similar to how mages can use reagents.  Setting the limit on Threading and Compiling being the primary applications.  None of that is canon though, and it's completely in house rule territory.  If you want to check out the technomancer rules that I adapted from 4th edition, look in the GM's Toolbox forum.

[Darzil]

17. For noise penalties that are situational (spam and static zones), does this apply to you, the target, or both being that zone? For example, if I was in a neutral zone (no special modifiers) but my target was 99m away in the city downtown (-1 noise), do I suffer a -1 penalty when interacting with them? How about vice versa?

It isn't entirely clear from the rules. If I was GM'ing I'd take noise from spam/static zones as equal to the highest value of noise of source and target.

That's based on my interpretation of the matrix as a sort of wireless Metropolitan Area Network / Peer-to-peer Mesh network. As a result your communication bandwidth is a balance between the number of other local wireless devices and how active they are. If there is more traffic than the devices can handle you have noise. In a static zone this is because there are few devices in the mesh network. In a spam zone it's because whilst there are many devices, the traffic is higher. As traffic for most matrix actions would be two way, I think the available bandwidth will be restricted to the highest of the values, as it's a mesh network, there are many paths between them so no need to worry about noise elsewhere.

(Not relevant for this question, but I see grids as being tagged traffic, like trunks in a VLAN, but across the matrix. Getting between them means going via a 'router', or making a device act as one, hence the cross grid penalty. Public grid is flagged as low priority for it's handling at all nodes, hence the standard penalty. I see the actual matrix devices as a distributed peer-to-peer parallel processing architecture. You have small relatively low power (for the time) devices, but as few are in high use, they can be called upon to provide calculation power for other devices. As such you have a lot of power for the weight/size/heat, but are more vulnerable from hacking (as you don't have 100% control over your own device, or that being used for calculation), and won't function well in a high noise area. As the actions are taken by a local cloud of devices, rather than your device alone, that is why it takes GOD time to track you down through overwatch. It also explains why there are bonuses for being on the matrix, as only then are you using the power of other devices to perform calculations.)

[Herr Brackhaus]

11. If you're inside a building that 'is" a host, but you're just a random guest walking through, is your commlink distinguishable from the host? i.e. Can you be targeted separately?

Yes.  Your commlink is out there floating in the ether of the Matrix, tethered by whatever grid you happen to be subscribed to.  However, if your persona is "in" a host (I really don't know of a better descriptor for this behavior) then it's no longer on the grid and therefore cannot be targeted or identified except from something/someone also "in" the host.

Adder, keep in mind that hosts technically do not have a physical location. So while a particular building may have a host with all (or some) of it's devices slaved to it, a character being inside said building does not influence his electronics in any particular way. Hosts are entirely constructs of the matrix.

13. Convergence reboots your persona. Technomancers cannot be rebooted except by themselves. Does this means convergence dumps them into AR mode but doesn't reboot them (i.e. they retain GOD score and marks)?

Well, the 12 points of damage will usually ensure they are unconscious at the least.  But honestly I don't have a rulebook answer here.  My gut tells me to go with the idea that they are knocked unconscious for a few minutes to "reboot."

I see no reason why convergence won't affect Technomancers according to the given rule, as no exceptions are listed in the convergence or Technomancer sections. Remember that GOD employs Technomancers, and that the description from the Grid Overwatch Score section on page 232 does not specifically list that GOD uses the Reboot Device action, stating instead:
"First, they hit you for 12 DV Matrix damage, which you resist normally. Then they force your persona to reboot, erasing all of your marks and dumping you from the Matrix (causing dumpshock if you were in VR at the time). As if that wasn’t enough, they also report your physical location to the owner of the grid you were just using and the host you were in (if you were in a host), so you might have to deal with some real-life security forces coming to track your ass down."

The bolded section is important since Reboot Device would not work on a decker's persona (a deck used to access the Matrix ceases to be a device and becomes a persona instead; page 234-235) or a technomancer's living persona. It is fair to assume that GOD has access to protocols as yet unavailable to "normal" deckers and technomancers, given that they essentially have the power to inflict 12DV of Matrix Damage (resisted normally, but without a defense roll) by cutting you off from the Matrix, rebooting and potentially dumpshocking you in the process.

14. Let's say I want to hack into someone's commlink and find and copy a file onto my deck. What actions do I need to do?

Start with Hack on the Fly to mark the commlink. Now I want to find the file (one of the many on his device). What action is that? Then after I find the file, I need to... put a mark on the file and use Edit File to "copy" it?

Finding the file is a Matrix Search action.  Getting a MARK on the file is either Brute Force or Hack on the Fly.  Then Edit File to copy the file.

Technically, finding the file (or indeed any Matrix Icon) is a Matrix Perception test; the Matrix Search action is only used to search for information about a topic, and never for individual icons. Using Matrix Search to find icons, be they hosts, files, or persona, while perhaps appropriate, is strictly houserule territory.

SR5 page 218:
"Every icon in the Matrix is one of six things: a persona, a device, a PAN, a file, a host, or a mark."

SR5 page 241, Matrix Perception:
"This versatile and important action is used both for finding icons in the Matrix and for analyzing Matrix objects."

SR5 page 241, Matrix Search:
"You search the Matrix for information about a topic."

[Namikaze]

Technically, finding the file (or indeed any Matrix Icon) is a Matrix Perception test;

Damn it!  That's the second time I've gotten those two backwards.  >.<

[Adder]

Sorry, another question about Matrix architecture.

Let's go back to the train example. Let's say the train has a rig-in point in the lead engine car. It also has doors on the end of each car, and there are multiple cars.

Would it be reasonable to consider the lead engine car and every other door as "devices"?

If you could remotely open and close all the doors from the lead engine car, would it be reasonable to slave those doors to the lead car?

Now, what would prevent someone sitting in their apartment 10km away from hacking into that lead engine car and then accelerating the train to its doom? The noise penalty is only 3 (which is easily avoidable, the common program Signal Scrub reduces by -2 already) and I don't see even a below-average decker from being able to establish three marks and using Control Device to accelerate the train before GOD shows up. And that is the worst case scenario where accelerating the train is considered a Complex Action (a Simple Action would only require 2).

edit: Related question: I've been considering making the train part of a host specific to just that train, and all devices on that train. If that host had a WAN that all the devices belonged to, could you still hack a device on that WAN without being "in" the host?

[Kincaid]

A rigger jacking into the train would make it impossible to remotely hack (see Control Override, p 265).  Now, not every single train is going to have a rigger on board--that would be pretty cost prohibitive--but every train is certainly going to have the 2075 version of positive train control, and that system is likely going to be entirely offline, for obvious reasons.  The runners would have to physically disable to PTC mechanisms on the train before a decker could send it off the tracks.

I'm on the fence as to whether or not I'd have the doors of a train be wireless.  They aren't today and automation works fine the vast majority of the time.  If I decided to go with wireless, I'd slave the doors to the train itself.

[Namikaze]

Kincaid is right.  Once you have a rigger in there, the device being rigged is indeed unhackable.  The hacker would have to first  deal enough damage to the rigger's persona to eject them from the device.

As far as the setup for this train goes, I would just make all the doors have maglocks that respond to specific MARKs or RFID tags.  The rigger can then focus on driving the train, and not have to open every door in the passenger cars.  A high-security door might be under the rigger's control though.  I would probably provide a lockdown mode for the train that locks all the doors at once, and can be activated via the rigger or a physical panic button.

As far as what stops a hacker from causing this kind of havoc?  Firewalls and GOD.  Put the train on one of the Big 10 grids, which most hackers won't be on without having already built overwatch score.  This will give the hacker at least -2 dice to all actions.  The hacker then has to spend time finding his target device and then hacking it.  All of which accumulate overwatch score.  The hacker has to play for time, because GOD is watching.  Additionally, the train is moving very fast, so the hacker might develop substantial Noise from one turn to the next.  Consider increasing the Noise rating by 1 every turn, to make it obvious that this is a losing proposition.

The best way to hack the train is to get on board the train.  And that's the whole point of the new Matrix changes - to get hackers more involved physically.

[Frostbite]

Hi all!  First time poster, relative newbie at SR5e.  I'm really learning a lot from this thread.  Thanks to Adder for starting and everyone for offering very useful commentary. 

I play a Technomancer in my current game and I've had some difficulty understanding exactly what's required to do various things.  It seems as though SR5e isn't' built to accommodate much "hand waving"; meaning if I wanted to do something like the example in the book of stealing songs off someone's iPod, it's not as simple as "make a dice roll...okay, you get it."  There's multiple steps involved, with lots of modifiers, etc. that make even simple things complicated.  Obviously, the GM can do the hand-wave thing, but it still seems complicated.  I'm hoping I'm making it more complicated than it is.

That said, I'd like to pose a scenario and ask someone to explain the steps involved with making it happen.

The team was taking part in the Steppin' Up adventure.  We decided that the easiest way to get onto the movie set was to pose as extras hired by the production company.  To that end, we decided to hack a local talent agency who worked with the producers and put ourselves on the list of actors for the shoot.  Here's what I did as the "hacker":

1 - Hung out at the local SoyBucks waiting for the agency to close.  Before leaving the shop, I wanted to hack my coffee + danish onto someone else's bill and erase my bill from the system.  This assumed that I didn't pay up front for the vittles.
2 - Tap the surveillance camera outside the back door of the agency and set it on a 10 minute timed loop so we could slip in undetected.
3 - Once inside, jack into the agency's mainframe and...
3a - Find the file(s) related to our desired movie and add our names/IDs/whatever to the list of extras.
3b - Produce ID cards with our assumed identities and pictures to show to security on-site.
3c - Add ourselves to the payroll for our roles in the movie.  Our payments would be wired to previously created fake (temporary) accounts.  The idea here is that we'd have a backtrace for the production company should they pay us.
4 - Erase all signs of our having been there.

Task #1 went as follows:
- Use Hack on the Fly to jump to the Seattle grid.  Took penalties for noise for being in a spam zone (downtown).
- Gain access to the SoyBucks host.  Since it's a SoyBucks, it was free (limited) access.
- Use Hack on the Fly to hack into the POS and gain a MARK on it.
- Use Matrix Perception to find the list of active tabs waiting for settling.
- Use Hack on the Fly to gain a MARK on the tab's file.
- Use Edit File to adjust the bill.
- Use Matrix Perception to find my tab.
- Use Hack on the Fly to MARK my tab.
- Use Edit File to delete my tab.

That's a whole lot of stuff for such a simple process.  Did we go about it correctly?  What (general) steps would we have taken to achieve the other tasks?

Thanks for any assistance that can be offered regarding this.

[DeathStrobe]

You only need to make Matrix Perception tests if the icon you are looking for is hidden. Assumably your bill wouldn't be hidden, so you just see it with no test. It also might not be required that you mark the POS, since files/icons associated with that device are icons that are just kind of tacked on to the device. You do however need to mark the file. But the file might not even be in the POS, but in the host, but GM discretion here.

Though, thinking it over, you could mark the POS and then spoof a command to the file, showing that the POS deleted the file. But that'd only work in the file was not on the POS, since I don't think you can spoof a device into doing an action on itself. Though, that is what command device is for. So maybe you could command device the POS to delete the file, if the file is on the POS.

But edit action on the file is the far more logical way. So I think you handled it correctly. Though, if the file was protected, then you'd have some trouble since you'd need to break the protection which is an attack action, which would alter the owner. But seeing how that file was probably actively being used, I don't think it make sense that it'd have been protected, or have a data bomb on it, or extra security measures.

2 - Tap the surveillance camera outside the back door of the agency and set it on a 10 minute timed loop so we could slip in undetected.

This is easy, and maybe a bit harder than you think. You need 1 mark on the camera. And then to do an successful edit action every combat turn. I'd just let your agent handle this, so you don't need to waste too much time doing it.

3 - Once inside, jack into the agency's mainframe and...
3a - Find the file(s) related to our desired movie and add our names/IDs/whatever to the list of extras.
3b - Produce ID cards with our assumed identities and pictures to show to security on-site.
3c - Add ourselves to the payroll for our roles in the movie.  Our payments would be wired to previously created fake (temporary) accounts.  The idea here is that we'd have a backtrace for the production company should they pay us.

I'd put that on the company host. Find a terminal, hardline into use the direct connect exploit to get access to the host. I'd say they should be one file with all that stuff on it, not that it logically makes sense to have all that stuff on one file, but I just don't want the run to take longer than it needs to.

Hacker runs silent so that patrol IC doesn't seem him doing illegal actions. How difficult it is to find the file will be up to GM discretion. Spot with no test, a simple action Matrix perception test, or an extended Matrix Search test. All depends on how challenging the GM wants to make this. I might not entirely recommend an Matrix Search test, since it kind of slows the game down, but sometimes it makes epic hacks more epic.

Odds are the file is protected. So you'll need to break the protection, which will alert the IC to actively look for you and launch more IC and alert a corp spider.

After that, do your edit action. It sounds like you want to do quite a bit of editing, so maybe 3 tests. Which will take about 1 turn while in hot sim.

After that, maybe some misdirection and find some random movie script or pre-special effect movie cut, or whatever really, break the protection on that, and steal the data. That'll probably be another 2 IP. Then after that jack out before you need to worry about the IC and spider, then run like the dickens before anyone realizes what's going on.

[Adder]

Time to revive this fun little thread:

How exactly are Patrol IC supposed to work?

Patrol IC acts more like an agent than other intrusion
countermeasures. Its job is to patrol a host, scanning
people’s marks and looking for illegal activity using the
Matrix Perception action on all targets in the host. While
the act of placing a mark is an illegal activity, the act of
simply having a mark is not. Once you have the mark,
you are considered a legitimate user. Patrol IC has no
attack, but it shares its information with its parent host.
Since the Patrol IC doesn’t use Attack actions, it doesn’t
take Matrix damage when it fails. Most hosts have Patrol
IC and keep it running all the time.

Whenever you do an illegal action, do you do an opposed Matrix Perception test against them (rules for silent running)? When exactly does the Patrol IC do anything?

Let's say you are facing a host that you don't have access to. You use Hack on the Fly to get a mark. You enter the host and are not running silent. If the Patrol IC sees you, does it do anything? Since you already have a legitimate mark?

Also, is the Edit File matrix action an illegal action? Because it doesn't use Attack or Sleaze, but it seems weird that you can just spam Edit File attempts (e.g. looping a camera) and not accrue overwatch score or anything.

[Herr Brackhaus]

No idea on Patrol IC, to be honest, I've wondered that myself and it seems very much like it's up to the GM with little hard and fast to go on.

Any action that does not use Attack or Sleaze is indeed a legal action as far as the matrix in general and GOD, demi-GOD, hosts, and  IC in particular are concerned.

Keep in mind that sensitive files are likely protected, and breaking protection is very much overt since its an attack action.

[DeathStrobe]

This is how I play Patrol IC. They see everything running in the host that is not silent. Unless they have a reason to suspect someone is silent, they won't bother looking for silent running icons.

Because they see everything not running silent, they can see if an icon is interacted with. So if something weird happens, like say a camera feed is edited, but no one is around. It'll make a Matrix perception test to see who just made the edit, which is now an opposed test if the hacker is running silent, otherwise the IC spots them. If the IC spots them and it sets off alarms and launches more IC. Otherwise the IC just assumes its a glitch in the system and ignores it.

If you make an attack or fail a sleaze action then the Patrol IC knows something is up and will actively look for silent running icons to spot the hacker. In the case of a failed sleaze, he just spots the hacker instantly.

I like it this way, because it means the Patrol IC isn't all omnipresent and the hacker can possibly make it in and out without setting off any alarms. However, there are still problems with things like editing registries to add your team's face to a VIP list and remain unnoticed as an example, because as soon as you crack the file protection the Patrol IC will see it.

Maybe the Patrol IC can't notice something as specific as that when attacked. Maybe they just register an attack just happened in the host and have no idea which file was attacked. And if a file is edited, it doesn't know which file was edited...I don't know. Matrix is weird still.

[Namikaze]

Well, one cannot identify something running silently if they don't know something about it in the first place.  So the Patrol IC cannot search for silently-running icons.  However, I still think that Patrol IC should be able to look for MARKs on the host.  If nothing else, this encourages hackers to take that risk of getting multiple MARKs in one action.  Hopefully you finish your job before the Patrol IC finds your MARK(s) on the host.

[Darzil]

Edit file isn't an illegal action, but to edit it you need a mark on the file, and putting that there will be an illegal action unless you had legal marks already. You can't put illegal marks there without being in the host. But getting in will have been an illegal action, assuming your marks weren't invited, so you'll already have started overwatch and you score will be increasing from time.

However, Patrol IC doesn't HAVE to use that logic, on pg 247 Security Response, "When a host spots you doing something unauthorized, llegal, or just something it doesn’t like, it informs its owner (or its owner’s designee, like an employed security spider) and launches whatever IC programs it has to fight off the intruder." So you could have in a high security host something like a whitelist separate from marks. In such a case the players might want to try something like finding and editing this file on one occasion, and then coming back and hacking on another. Then maybe that file is manually checked every day, or every few days, or whatever. Depends how difficult you want things.

I think the key thing though, is to check your defence logic against everyday activity. If you set of an alarm by editing a file connected to a camera feed, then if your camera is switched on, it's generating an alarm, so probably not good logic for your IC to use. I think as a GM if I did want to set up a particularly tricky logic train, I'd also want to give the players access to information about it, like the indentify of the security spider. Maybe they can get them drunk enough to talk about it!

[Herr Brackhaus]

Well, one cannot identify something running silently if they don't know something about it in the first place.  So the Patrol IC cannot search for silently-running icons.  However, I still think that Patrol IC should be able to look for MARKs on the host.  If nothing else, this encourages hackers to take that risk of getting multiple MARKs in one action.  Hopefully you finish your job before the Patrol IC finds your MARK(s) on the host.

Interesting, I never really noticed the caveat that one has to know at least one feature about an icon to be able to spot it running silently, and you also have to be aware that there are even any icons running silently nearby.

This brings up a some other potential issues, of course. Let's take an example just for the heck of it and look at how the book explains this.

Scenario 1:
I am a police officer on watch outside the entrance of a courthouse, and my specialty is matrix support. Every now and again I check for hidden icons with a Matrix Perception Test (asking whether there is an icon running silent within 100 meters as per page 235) because I am concerned about hackers and unlicensed concealed weapons. The result of my Matrix Perception Test is "Yes" because a hacker just walked into my sphere of influence with his deck running silently.

Resolution:
According to the book on page 235 and 236 this is actually fairly straight forward; because I know there is an icon running silent out there, I now simply have to find it by rolling Computer + Intuition [Data Processing] v. Logic + Sleaze. Assuming I win the test, I spot the icon.

But, this doesn't seem to follow with the "If you know at least one feature of an icon running silent, you can spot the icon (Running Silent, below)." Surely knowing that there is an icon running silent is not knowing "at least one feature of an icon running silent", right? So when does this ever become applicable? I think this section is both in agreement and disagreement with you here, Namikaze, because it both suggests that you need to know at least one feature of an icon running silently to be able to spot it, and also that you ask whether any icons are running silently nearby with a single hit on a Matrix Perception Test.

If the book does allow a character to spot an icon running silently with a single hit from a Matrix Perception Test followed by an opposed test, the same scenario as above could be applied to Patrol IC as I see it. When a hacker first enters a host the Patrol IC gets to roll a Matrix Perception test, and if successful roll to see if it notices the icon running silently. This, to my mind, would be the 4th Edition equivalent to an analyze program scanning icons entering a node, and this is a very reasonable first line of defense in my opinion.


Moving on to marks; while Patrol IC certainly seem to be able to look for marks, is that actually useful information? As per Matrix Perception on page 235, one question you can ask is for "the marks on an icon, but not their owners". Is knowing the mark an icon uses enough to identify the icon itself? Doesn't that seem to break with the "but not their owners" part of that very statement?

So, say the Patrol IC tries to spot a new (and potentially unrecognized or unauthorized) mark on the host it's guarding; would the mark itself be running silent if the hacker that placed it was? If the Patrol IC spotted the mark, what could it do with that information, assuming the hacker is running silent and hasn't attracted any obvious attention?