At risk of putting words in Banshee's mouth... I'd theorize that such an access point he's describing is more of a system than merely some hardware. Gaining access to that hardware isn't also putting a hacker on a whitelist of SINs authorized to use that hardware, nor is it necessarily true that the hardware even *works* when stolen and employed outside a registered control room, and etc.
Yeah, there would be a lot of dominoes that would have to fall in place ... it's a combination of hardware, credentials, security protocols, and location.
Not something that players should ever be able to attain under normal circumstances but hey it's your campaign... GM's can "Do what we want!"
As an IT professional, I look at it like this. I have all of the sys admin accounts with all of the privileges. I can go into any of my company's servers on our network/s (our "host") and shut things down, change things, whatever. Basically, I'm the spider for my company. I can do all this with ease and can safely ignore all of the banner messages that pop up when I connect to a system that state something to the effect of "This is a private network, unless you are authorized to be on this network any activity performed is a federal crime, blah blah..." I also have special accounts and programs that allow me to access all of this remotely, so I don't even have to be physically located at my office to do my job.
Now if someone wanted to hack my company's systems, they won't have such an easy time accessing them. They can try getting in through our website from anywhere in the world, but most companies put their public facing web sites in what's called a demilitarized zone (DMZ), which is a segregated part of the network on the external side of the firewall. In game, this would be like walking into the "lobby" of the host as a user and buying things. However, to do any useful hacking you'll need to get past the DMZ and through the firewall. This would be kind of like getting admin access. The "noise" level here would represent, to me, the difficulty of getting past a firewall from a remote location without proper authorization, plus any extra baggage you may be employing to cover your tracks. This type of intrusion would likely give you direct access to a data center's core networking equipment. It would be like trying to drop in from the ceiling on wires to avoid the laser "trip wires" to steal the thing.
Now if you were to physically drive to our facility and try to hack directly into our wifi network, you'd likely have a much easier time because once you've broken that network key, you're in. Although in reality, those networks are often segregated themselves into different VLANs (which I would represent as different "rooms" in the host) from the really important stuff... but eh, still easier than hacking through a firewall from a DMZ.
All of that to say, even with today's technology (and my company is at least a decade behind the curve), I have all of the tools I need to perform my job remotely with zero "noise" as long as I'm on a decent internet connection. A SR security spider would have all of this and more, whereas a decker may have the tools, but their routes of ingress largely won't change in 60 years. I have ways of explaining this with my limited knowledge of SR5 and SR6, but that would be for another post.
That all makes sense to me, but most of what you are describing is you interacting with the host, not the intruder. In SR terms you are calling up IC and taking active defense actions to increase your system’s firewall. The original question was, if the intruder was far enough away to degrade their signal due to distance, would it also be more difficult for you to directly attack their computer, say by downloading a virus onto their computer. Please note, I’m fine with the answer I got, once it was pounded into my thick head. It didn’t come up in the game last night and we won’t be playing 6th ed any more, so it isn’t a big deal, now I’m just asking for clarity
Yeah I see what you're saying and I understand the original question. I was more responding to the conversation as it evolved.
At any rate, as a GM I would rule no, the spider wouldn't be able to directly affect the decker's physical device or person. The rules lay it out that way and it's only fair to the player and their expectations that I adjudicate the action in that way.
Now to make things more interesting, because I don't like allowing players to exploit loopholes and make the game less interesting for everyone, I would throw in either a one-time GM ruling or make a more formal house-rule that the spider can still target the persona and attempt to do things like dump or link lock the decker, but the decker may only take half or no
physical/stun damage due to the distance and the spider not having the equipment to overcome the noise, and their deck wouldn't take any actual damage (no fear of being bricked) but we'd still track matrix damage to portray the spider kicking them out of the network.
