[skalchemist]

This is in regards to the idea mentioned in several places on the forum that the intent of the rules may have been to allow a Decker to protect all of the Runner's PANs by linking them to the Decker's own PAN.  I think this seems very reasonable.

Xenon said something in another thread that got me thinking...

• Rules as the author originally intended them (RAI): You [house] rule that PANs may be daisy-chained to create one big network that normally the team's technology specialist (decker, rigger, living network technomancer) is defending. This indirectly mean that if the network is running silent and someone successfully take an opposed matrix perception test then this someone will spot the whole silent running network. It also mean that if a hostile hacker gain access then he will be considered to be on the inside and have access on the whole daisy-chained network at once.

I wonder about that last bit I have emphasized. 

For what I am about to say, reference the "User and Admin Access" section on page 178, and also an assumption that the word "system" in that section refers to devices, networks, and hosts.   That is, even my Smartgun has Outsider/User/Admin levels of Access.  I am also making the assumption that systems have access to each other.  For example, I have Admin Access to my Commlink.  If I want to use that Commlink to do things with my Smartgun wirelessly, my Commlink has to have User or Admin access to the Smartgun.  However, if I am directly connecting a wire from my Smartgun to my Goggles, they only have to have Admin Access to each other via the wire; nothing else needs any Access at all. 

Consider three participants: the Hacker (who seeks to gain access), the Decker (who seeks to defend) and the Runner (who just wants to go about their business of killing people and breaking things).

I think it is for sure the case that IF the Decker can create this PAN of PANs, then if the Hacker cracks the Decker's PAN, they gain the same level of Access to any device (including other people's PANs) that the Decker had access to. 

Xenon's scenario seems to be functionally equivalent to saying that the Decker must have Admin Access to the Runner's PAN to be able to protect it with their own PAN.  I'm not saying Xenon is wrong, because we are in the realm of RAI and house rules anyway, but this seems like only one possibility.  Why couldn't the Decker do this with only User Access, or Outsider Access for that matter?

If this is the case, then gaining Admin Access to the Decker's PAN does not automatically grant free rein to the Runner's PAN, it only gives either...

* User Access - this is still very, very bad.  It would let the Hacker use all kinds of nasty actions within the Runner's PAN (e.g. Control Device, Edit File) but not quite as bad as having Admin Access.
* Outsider Access - this is still bad.  I think this would mean that there is no way for the Runner's PAN to "run silent", it will be bare-ass naked to the Hacker.  In addition, the Hacker now only needs to beat the Commlink's pathetic D/F attributes to get Admin access to the Runner's PAN.  But the Hacker would not be able to willy-nilly do stuff with the Runner's other devices inside the Runner's own PAN (e.g. their Smartgun). 

And with Admin Access to the Decker's PAN, the Hacker can also do whatever they want there, such as Reboot the Decker's cyberdeck (forcing the Runner's PAN back out onto the Matrix without protection) or Send Messages to the Runner as if they were coming from the Decker, or Snoop on all the data going back and forth (which I think would probably let the Decker know the physical location of the Runner in most cases) or screw with the Decker's own devices (like Formatting and the Rebooting the Decker's cyberjack). 

Also, while Admin Access to the Runner's PAN might not be necessary for the Decker, I could see where it could be useful for the Runner and Decker to allow this access.  If they have decided to let that happen, then they are betting the added value they gain compensates for the danger should the Decker's PAN get cracked by the Hacker.

What do you all think?  I trying to stay as close as possible to the RAW in my thinking with the exception of the PAN of PAN's idea. 

[Banshee]

Ok, 1st thing is easy ... as Owner of the PAN you technically don't need any specific access since you are true Admin which is a step above anything an outside hacker can get. This would also be true of any devices orcsub PANs that you have been given access to by the respective Owners .. such as your teammates.

When you do this you are creating one "super" PAN which makes it effectively a single network. The advantage is the owning Decker can defend all of the devices on the network system but the disadvantage is that it opens everything up to an enemy hacker. Once they have access it counts for everything on that network.

[Xenon]

Probably better if Banshee chip in here since none of this is described in the rules, but I think the idea behind protecting multiple devices is that they ultimately need to count as if they belong to the same 'network'.

And I think the idea for attacking hackers are that they can either use outsider access actions (such as data spike or spoof command) directly towards individual devices (no matter if they are hiding behind a 'network' or not)...

...or that they can first probe+backdoor entry or brute force to gain some level of access to this 'network' if they wish to take matrix actions on any targets within the 'network' that require access.


Ninja'd by Banshee

[skalchemist]

Ok, 1st thing is easy ... as Owner of the PAN you technically don't need any specific access since you are true Admin which is a step above anything an outside hacker can get. This would also be true of any devices orcsub PANs that you have been given access to by the respective Owners .. such as your teammates.

When you do this you are creating one "super" PAN which makes it effectively a single network. The advantage is the owning Decker can defend all of the devices on the network system but the disadvantage is that it opens everything up to an enemy hacker. Once they have access it counts for everything on that network.

I'm not sure what "orcsub PANs" are, but they sound cool as all get out.   

Otherwise, I think you are essentially saying that to link PANs together under the Decker's protection, the Decker needs Admin Access to those PANs; User or Outsider Access is not sufficient.  Or am I missing some subtlety here?

[Banshee]

Ok, 1st thing is easy ... as Owner of the PAN you technically don't need any specific access since you are true Admin which is a step above anything an outside hacker can get. This would also be true of any devices orcsub PANs that you have been given access to by the respective Owners .. such as your teammates.

When you do this you are creating one "super" PAN which makes it effectively a single network. The advantage is the owning Decker can defend all of the devices on the network system but the disadvantage is that it opens everything up to an enemy hacker. Once they have access it counts for everything on that network.

I'm not sure what "orcsub PANs" are, but they sound cool as all get out.   

Otherwise, I think you are essentially saying that to link PANs together under the Decker's protection, the Decker needs Admin Access to those PANs; User or Outsider Access is not sufficient.  Or am I missing some subtlety here?

Supposed to be " or sub PANs"
And what I'm saying is that the teams decker doesn't need to "gain" any access ... the team members just give it to him. That's a step above admin ... thecsame thing a corp spider has when operating in a Host. Game rules it is essentially the same as admin for action purposes but is not an illegal access and carries no OS accumulation.

[Stainless Steel Devil Rat]

I think the point here is adding/subtracting devices from a PAN is something beyond the realm of hacking rules.  You can't hack that- it can only be done by legitimate device owners.

[skalchemist]

And what I'm saying is that the teams decker doesn't need to "gain" any access ... the team members just give it to him. That's a step above admin ... thecsame thing a corp spider has when operating in a Host. Game rules it is essentially the same as admin for action purposes but is not an illegal access and carries no OS accumulation.

I really meant "runners give access" by "gain", I wasn't trying to imply the Decker had to do something strange.  Otherwise, I get what you are saying, and will take this as "this is how it was intended to be done". 

It feels to me like you are actually describing a new level of Access, "Owner" Access, which supersedes Admin, and which is necessary for the Decker to defend the Runner's PANs.  But the last thing that is needed is more terminology, most likely. 

[Banshee]

I think the point here is adding/subtracting devices from a PAN is something beyond the realm of hacking rules.  You can't hack that- it can only be done by legitimate device owners.

Correct, you can temporarily control or tamper with devices you don't own via hacking but adding/subtracting them from your PAN requires actual ownership

[Banshee]

And what I'm saying is that the teams decker doesn't need to "gain" any access ... the team members just give it to him. That's a step above admin ... thecsame thing a corp spider has when operating in a Host. Game rules it is essentially the same as admin for action purposes but is not an illegal access and carries no OS accumulation.

I really meant "runners give access" by "gain", I wasn't trying to imply the Decker had to do something strange.  Otherwise, I get what you are saying, and will take this as "this is how it was intended to be done". 

It feels to me like you are actually describing a new level of Access, "Owner" Access, which supersedes Admin, and which is necessary for the Decker to defend the Runner's PANs.  But the last thing that is needed is more terminology, most likely.

Yes, exactly there is an Owner level of access... rules wise it is irrelevant because it can't be gained by hacking you either have it or you don't and doesn't effect actions because it is effectively the same as Admin .. but it what we are talking about when we say that hacking doesn't give you true Admin level access.

For all intents and purposes if it's better for you to keep it straight in your head ..  then yes it is simply Admin access that is given instead of hacked.

[skalchemist]

Yes, exactly there is an Owner level of access... rules wise it is irrelevant because it can't be gained by hacking you either have it or you don't and doesn't effect actions because it is effectively the same as Admin .. but it what we are talking about when we say that hacking doesn't give you true Admin level access.

I guess if the rules had defined Owner Access as you have, and then said "you need Owner Access to link things into a PAN" I wouldn't have asked the question, because it makes perfect sense to me that way.  So in that sense, I think it is rules-relevant.

Thank's for the answers!

[SDTroll]

Yes, exactly there is an Owner level of access... rules wise it is irrelevant because it can't be gained by hacking you either have it or you don't and doesn't effect actions because it is effectively the same as Admin .. but it what we are talking about when we say that hacking doesn't give you true Admin level access.

For all intents and purposes if it's better for you to keep it straight in your head ..  then yes it is simply Admin access that is given instead of hacked.

Is there any section of the rules that discusses how being the owner of the device is different than Admin access?  For example, I hope I don't have to make a control device check to order my soycaf maker to start making me a cup in the morning.  And a wage slave shouldn't have to make any checks to work the assembly line.  I don't see anything in the rules about that.  Do security spiders get any special protection from GOD?  By the rules, every time they data spike an invading decker they should get OS, or when they set those data bombs for the runners to encounter.  Or probe an invading runner to get access to their PAN.  I have to imagine the corps would yell pretty loud if their spiders kept getting bricked and dumped while trying to defend their systems.

[Banshee]

Yes, exactly there is an Owner level of access... rules wise it is irrelevant because it can't be gained by hacking you either have it or you don't and doesn't effect actions because it is effectively the same as Admin .. but it what we are talking about when we say that hacking doesn't give you true Admin level access.

For all intents and purposes if it's better for you to keep it straight in your head ..  then yes it is simply Admin access that is given instead of hacked.

Is there any section of the rules that discusses how being the owner of the device is different than Admin access?  For example, I hope I don't have to make a control device check to order my soycaf maker to start making me a cup in the morning.  And a wage slave shouldn't have to make any checks to work the assembly line.  I don't see anything in the rules about that.  Do security spiders get any special protection from GOD?  By the rules, every time they data spike an invading decker they should get OS, or when they set those data bombs for the runners to encounter.  Or probe an invading runner to get access to their PAN.  I have to imagine the corps would yell pretty loud if their spiders kept getting bricked and dumped while trying to defend their systems.

No there are no rules for it ... just fluff ... since it does not have significant impact. Remember the rules are written to represent shadowrunners not legitimate users/owners. When it comes to Owners it's all basically just a big hand wave... you can not get Owner access unless you are the real deal legit owner or given that by the owner and if you are a legit owner then yes you can do things without making rolls as long as that is what you're supposed to be  doing. There is no need to overthink and complicate it.

[SDTroll]

Yes, exactly there is an Owner level of access... rules wise it is irrelevant because it can't be gained by hacking you either have it or you don't and doesn't effect actions because it is effectively the same as Admin .. but it what we are talking about when we say that hacking doesn't give you true Admin level access.

For all intents and purposes if it's better for you to keep it straight in your head ..  then yes it is simply Admin access that is given instead of hacked.

Is there any section of the rules that discusses how being the owner of the device is different than Admin access?  For example, I hope I don't have to make a control device check to order my soycaf maker to start making me a cup in the morning.  And a wage slave shouldn't have to make any checks to work the assembly line.  I don't see anything in the rules about that.  Do security spiders get any special protection from GOD?  By the rules, every time they data spike an invading decker they should get OS, or when they set those data bombs for the runners to encounter.  Or probe an invading runner to get access to their PAN.  I have to imagine the corps would yell pretty loud if their spiders kept getting bricked and dumped while trying to defend their systems.

No there are no rules for it ... just fluff ... since it does not have significant impact. Remember the rules are written to represent shadowrunners not legitimate users/owners. When it comes to Owners it's all basically just a big hand wave... you can not get Owner access unless you are the real deal legit owner or given that by the owner and if you are a legit owner then yes you can do things without making rolls as long as that is what you're supposed to be  doing. There is no need to overthink and complicate it.

I guess I'm just thinking back to my previous runs and one major way a running team got past security was to steal the access codes of a legitimate user so they had an easy in to the system.  Is that no longer possible?  If the team did that, they should have the same access as the user?  Right?  So if a running group gets the security spider hooked on drugs, then uses his addiction to gain his access codes, (yes, one of my groups did this), or seduces the spider and uses control thoughts on him (also done, although by another group) Shouldn't they be able to do anything he can do without triggering alarms?    Which would give them owner access, if we are using that term.

[Banshee]

If your GM wants to allow it then yeah it's possible... but as I've said there no specific rules for it because there is no hacking at that point

[SDTroll]

If your GM wants to allow it then yeah it's possible... but as I've said there no specific rules for it because there is no hacking at that point

Thanks, the game has been so counter-intuitive for me I'm afraid to assume how anything works.  Every time I do the rules or the FAQ or the forums seem to contradict my instincts.