[Xenon]

In this edition Host networks seem to have multiple 'access points' and 'distance' to a Host seem to be measured between the device you currently use to 'access the Matrix' (commlink, cyberdeck, RCC or living persona) and the closest 'matrix facing' 'access point' of the host network.

It is still a bit unclear what an 'access point' is, but for example a 'matrix facing' device slaved to the Host seem to count as an 'access point'. If a Host is designed to protect a facility then there will probably be several 'access points' scattered all over the facility. If you are inside the facility the distance will probably in effect be zero (or at least less than 100 meters) while if you are 3km from the facility then the distance to the closest 'access point' will probably be 3km. It also seem plasuible that a Global Host network can have 'access points' in several different countries.

The following diagram is trying to visualize Host A with two different access points.

Code: [Select]

Matrix o--------\
                 \
Matrix o----------O Host A
Many Hosts only require Outsider access and does not require to be hacked before you take the Enter Host action, but once inside the Host you might still need User or Admin access depending on what you want to do (editing a File require that you first have User access, even if the public Host allow people with just Outsider access to Enter).

Other Hosts require that you already have User or Admin access on the Host network before you even take the 'Enter Host' action. You can either Brute Force access to the Host network (it only take one major action to execute and can be used for gaining either User or Admin access, but this action is linked to Attack and will always be immediately obvious and will also always increase your OS each round you maintain access on the Host) or Probe+Backdoor Entry (this will always be subtle, even on a failed attempt, it will not increase your OS every round and it always give you Admin access, but each Probe attempt take 1 minute and the Backdoor Entry attempt take 1 Major action to execute and on a failed backdoor entry attempt the backdoor is deleted). Hacked access will be deleted after 10 - Host Rating hours.

Once you gained access on a Host network and used the 'Enter Host' action the distance to any device in the Host network also seem to become equal to the shortest distance between the device you used to 'access the Matrix' and the closest 'access point' of the network (once you are 'inside' Host' action you seem to be considered 'directly connected' to all devices in the Host network, physical distance to devices within a Host seem to be zero no matter where in the world the are actually located). Since the distance is zero you need to have Admin access and successfully take the Trace Icon action if you wish to find the actual physical location of a device (or persona) inside the Host.


This edition also introduced 'layered' Hosts (Hosts within Hosts). To reach Host B you would first normally need to have enough access on Host A, take the Enter Host action on Host A and then use Outsider actions (such as Brute Force or Probe + Backdoor Entry) to gain access on Host B before you can take the Enter Host action on Host B.

Code: [Select]

Matrix o--------\
                 \ Host A   Host B
Matrix o----------O-----------O
It seem as if a device is 'matrix facing' then you are allowed to take Outsider actions against it (Data Spike, Tarpit, Spoof Command) without having access on the Host network to take the 'Enter Host' action.

But it also seem as if devices that are part of a Host network does not have to be 'matrix facing'. It seem as if they can also only exist on the 'inside' of a Host. This seem to make the specific device immune to Outsider actions (Data Spike, Tarpit and Spoof Command) unless you are already inside the Host (used the Enter Host action) or if you establish a 'direct connection' to the device.

Unclear if security devices (drones, cameras, sensors, alarms etc) will ever be 'matrix facing' or if they by default will always be 'inside' the Host, but at lest there seem to be value in having other devices (such as lights, maglocks, elevators) be 'matrix facing' in order to let people interact with them without first actually having to enter a Host. Clarification on this seem to be needed since it have huge impact on what you can and cannot do with the Spoof Command action if the Host require that you already have User or Admin access before you take the 'Enter Host' action.

To establish a 'direct connection' to a device it seem as if you connect a physical wire between your cyberdeck and the target device (or physically touch it if your Living Persona have the Skinlink Echo). It has also been suggested that you will automatically establish a 'direct connection' to wireless enabled device by just being in close proximity of it (seeing it / being within 10 meters of it). This seem to suggest that there is a 'mutual handshake range' similar to what we had back in 4th edition (but that this range does not seem to be based upon the noise distance table and the device rating cutoff range of both devices involved).

Code: [Select]

Matrix o--------\
                 \
Matrix o----------O Host A
                 /         
Direct x--------/
Connection
A layered host does not seem to have 'matrix facing' 'access points' (if it did, then you would not have to go through the outer Host to reach the inner Host). It may still have slaved devices, but that they are always on the 'inside' (but that you can still use a 'direct connection' to gain access to the layered host without first accessing the outer Host(s).

Code: [Select]

Matrix o--------\
                 \ Host A   Host B
Matrix o----------O-----------O
                 /           /       
Direct x--------/           /
Connection                 /
                          /         
Direct x-----------------/
Connection

In addition to matrix connected Hosts that you may access wireless there also seem to be offline hosts running on physical hardware.

They seem to work in the same way as regular hosts, except that they by default don't seem to have any 'matrix facing' 'access points' at all.

To hack them (via Brute Force or Probe+Backdoor Entry and then take the 'Enter Host' action as you would with a normal Host) you first need to establish a 'direct connection' (see above) or possibly by attaching a wireless enabled Data Tap directly to the Host network (the server itself or to any device or any hard-wire used by the network) as this seem create a 'matrix facing' 'access point'. Distance in this case will be measured between the device you use to 'access the Matrix' and the physical location of the wireless enabled Data Tap. Once you are inside the Host you will be considered 'directly connected' to all devices that are part of the network, no matter if they are wireless enabled or connected via physical wires.

Please feel free to correct or clarify bits and pieces that I got wrong so far.

[Banshee]

Looks good to me

[Finstersang]

Nice overview! I think you got it right. At least, it´s pretty much the same as I cobbled it together

Apparently, Banshee kept a few thing a bit vague (or rather: malleable) on purpose here. But since hosts are deep in GM territory anyways, I don´t mind that a bit. According to the CRB, there are probably a lot more little tweeks and quirks possible, like timed access opportunities and such. Stuff like that can be pretty usefull for storytelling purposes.
 

In this edition Host networks seem to have multiple 'access points' and 'distance' to a Host seem to be measured between the device you currently use to 'access the Matrix' (commlink, cyberdeck, RCC or living persona) and the closest 'matrix facing' 'access point' of the host network.

It is still a bit unclear what an 'access point' is, but for example a 'matrix facing' device slaved to the Host seem to count as an 'access point'. If a Host is designed to protect a facility then there will probably be several 'access points' scattered all over the facility. If you are inside the facility the distance will probably in effect be zero (or at least less than 100 meters) while if you are 3km from the facility then the distance to the closest 'access point' will probably be 3km. It also seem plasuible that a Global Host network can have 'access points' in several different countries.

Makes much more sense than the 5th Edition version, where hosts were almost magical universally accessable internet clouds 100% noise cancelation power!

It does not seem as if devices that are part of a Host network have to be 'matrix facing'. It seem as if they can also only exist on the 'inside' of a Host. This seem to make the specific device immune to Outsider actions (Data Spike, Tarpit and Spoof Command) unless you are already inside the Host (used the Enter Host action) or if you establish a 'direct connection' to the device.

It also seem as if a device is 'matrix facing' then you are allowed to take Outsider actions against it (Data Spike, Tarpit, Spoof Command) without having access on the Host network to take the 'Enter Host' action.

Unclear if security devices (drones, cameras, sensors, alarms etc) will ever be 'matrix facing' or if they by default will always be 'inside' the Host, but at lest there seem to be value in having other devices (such as lights, maglocks, elevators) be 'matrix facing' in order to let people interact with them without first actually having to enter a Host. Clarification on this seem to be needed since it have huge impact what you can and cannot do with the Spoof Command action.

This appears to be the intended reading.

However, there´s some justified contention if a wireless active(!) device

• Can be 100% "inside" a host in the first place (note that the device could also be hardwired the host if it has some kind of physical "backbone" - which is probably a pretty common security setup anyways).
• Can still somehow be found in the Matrix without entering the host.

(I´m sure that you are aware of this discussion, Xenon. That´s just a heads-up for the people just tuning in  )

My personal, 100% GM fiat/houserule preference: A wireless active device inside a host can still be found in the Matrix due to its ongoing signal presence, but it´s masked by the host. Treat it as if it´s running silently, using the hosts sleaze rating to evade detection. Finding the device will lead the you the host. You still have to hack and enter the host to interact with the device in any further way. However, if you hack a device that´s set up in this way with a direct connection, you will also get access to the host if you´re successfull, which can be exploited to get a quicker access into a layered host structure.

This adds another reason for the existence of Matrix-facing devices as a part of the host´s WAN, as well as another incentive for hackers to look for direct connections. Also, rule of cool when describing the Matrix iconography: Imagine a hacker´s Avatar crawling through the screen on the other end of a security camera 

To establish a 'direct connection' to a device you connect a physical wire between your cyberdeck and the target device (or physically touch it if your Living Persona have the Skinlink Echo). It has also been suggested that you will automatically establish a 'direct connection' to wireless enabled device by just being in close proximity of it (seeing it / being within 10 meters of it). This seem to suggest that there is a 'mutual handshake range' similar to what we had back in 4th edition (but that this range does not seem to be based upon the noise distance table and the device rating cutoff range of both devices involved).

Huge fan of this, I hope that Banshee gets it through. Apart from hosts, it would also offer a nice way to solve the problem of low slave limits in "Consumer" PANs: A PAN could support and protect an unlimited direct connections (both shortrange wireless and wired), and the limit is just for "real" slaves that are remotely controlled over larger distances.

Those "real slaves" could also be enabled to further enhance your shortrange wireless capabilities, which allows for greater synergies between Hackers and other infiltration-oriented Team members.

A layered host does not seem to have 'matrix facing' 'access points' (if it did, then you would not have to go through the outer Host to reach the inner Host). It may still have slaved devices, but that they are always on the 'inside' (but that you can still use a 'direct connection' to gain access to the layered host without first accessing the outer Host(s).

Ah, there it is as well. Could have spared me the talk if I read it all the way through

Never say never, since there are other ways to protect these outside facing devices (faraday cages f.i.). Also, the Spider or (more often) the spider´s corporate supervisor could be an idiot. Never underestimate human error 

One question remains though: Maybe there´s a 3rd option? Imagine Host A (The "Lobby"), Host B (Security) inside of it, and a camera.
The Camera could be linked to the well-protected Host B, but on the "outside firewall" of it. That would mean that they are accessible from host A and B, but not from the broader Matrix. Also, while it uses the defense pools from Host B, (ab)using it an access point with a direct connection would still only get the hacker into Host A. While this is less secure for the camera, the spider could chose this setup to better protect his "castle" (Host B). This works better if you conceptualize Hosts as a bunch of layered (Fire)walls.

In addition to matrix connected Hosts that you may access wireless there also seem to be offline hosts running on physical hardware.

They seem to work in the same way as regular hosts, except that they by default don't seem to have any 'matrix facing' 'access points'.

To hack them (via Brute Force or Probe+Backdoor Entry and then take the 'Enter Host' action as you would with a normal Host) you first need to establish a 'direct connection' (see above) or possibly by attaching a wireless enabled Data Tap directly to the Host network (the server itself or to any device or any hard-wire used by the network) as this seem to suggest creating a 'matrix facing' 'access point'. Distance in this case will be measured between the device you use to 'access the Matrix' and the physical location of the wireless enabled Data Tap. Once you are inside the Host you will be considered 'directly connected' to all devices that are part of the network, no matter if they are wireless enabled or connected via physical wires.

That´s how I´d handle these as well. Note that this could also potentially be used with all kinds of "closed systems" that are not explicitly labelled as "hosts", like Berlin´s Ominous Cable Matrix.

One last point would be the role of spiders, since they (thankfully) now have much more prominent role. I´ll post my thoughts on this later.

[Xenon]

Looks good to me

Sweet! :-)


I understand if you wish to keep things vague but.... there must be something you can clarify or correct... ;-)


Could you give a few examples of what you imagine an 'matrix facing access point' could be / what type of devices would typically be 'matrix facing' and which would typically be considered 'inside' the host...


Would you say it is normal that a Host let you enter with Outsider access
...or do Hosts typically require at least User access before you may Enter.


Is it possible to 'hide' inside a Host...??

- Do you (your matrix persona) 'vanish' from the Matrix when you take the Enter Host action / can you (your matrix persona) still be targeted from the matrix (from 'outside' a Host) if you take the Enter Host action?

(and if so, what about the device icon of the device you used to 'access the Matrix with, wireless enabled devices part of your PAN or other wireless devices you own that are not even part of your PAN....)

Nice overview!

Thanks! :-)

Maybe there´s a 3rd option? Imagine Host A (The "Lobby"), Host B (Security) inside of it, and a camera.
The Camera could be linked to the well-protected Host B, but on the "outside firewall" of it.

if Host network B is defending the device then I am pretty sure it will also be Host network B you gain access to if you brute force the device via a direct connection. No matter if the device is 'Matrix facing', 'Host A facing' (if this is even a 'thing') or if it is 100% 'inside' Host B.

[Banshee]

Two quick responses to Fin ...

Malleable... I like that term for it,  and yes the whole point was provide a backbone that works for mechanics but still let a GM do it however they want.

Quick clarification on devices "inside" a host ... it's probably just my own prejudice in knowing the intention but I don't see how people are reading that being inside a host makes devices immune. It is only supposed to make it harder. Just as you say hidden by the Host Sleaze for detection and using the Host attributes (or spider when applicable) for actions.

A nested or closed host is a bit different since that requires getting through a "gate" of some sort before being able to interact.

[Banshee]

Xenon ... alright let me get off my phone and onto a computer where I can do a proper quote and follow up then.

[Banshee]

In this edition Host networks seem to have multiple 'access points' and 'distance' to a Host seem to be measured between the device you currently use to 'access the Matrix' (commlink, cyberdeck, RCC or living persona) and the closest 'matrix facing' 'access point' of the host network.

correct

It is still a bit unclear what an 'access point' is, but for example a 'matrix facing' device slaved to the Host seem to count as an 'access point'. If a Host is designed to protect a facility then there will probably be several 'access points' scattered all over the facility. If you are inside the facility the distance will probably in effect be zero (or at least less than 100 meters) while if you are 3km from the facility then the distance to the closest 'access point' will probably be 3km. It also seem plausible that a Global Host network can have 'access points' in several different countries.

yes, an access point can be any matrix facing device and location in regards to the Host is a nonfactor. I have been very public in the fact that I do not believe in or support the whole concept of the 100 and how the matrix somehow runs on the souls of dead technomancers, so while I didn't write anything that directly changes that I also did write anything that supports it either. So maybe some of this would be easier if you imagine all Host as some form of super server so that a global host has direct connections to various locations that allow it to function.

A matrix facing device is anything that is linked to the host but also must be able to freely communicate with anything outside the host ... this could be third party security functions, public personnel directories, vending machines, etc.

The following diagram is trying to visualize Host A with two different access points.

Code: [Select]

Matrix o--------\
                 \
Matrix o----------O Host A
Many Hosts only require Outsider access and does not require to be hacked before you take the Enter Host action, but once inside the Host you might still need User or Admin access depending on what you want to do (editing a File require that you first have User access, even if the public Host allow people with just Outsider access to Enter).

correct, even the most private of the megacorps want people using their product so they have portals setup so that consumers can interact with their hosts. For a IRL comparison image this as a public website  ... Outsider access is where at most you log in and create your own username and password by simply filling out a form. User access would be the type where the IT manager has to set up your account and give you your username and password, while Admin is the IT manager themselves.

Other Hosts require that you already have User or Admin access on the Host network before you even take the 'Enter Host' action. You can either Brute Force access to the Host network (it only take one major action to execute and can be used for gaining either User or Admin access, but this action is linked to Attack and will always be immediately obvious and will also always increase your OS each round you maintain access on the Host) or Probe+Backdoor Entry (this will always be subtle, even on a failed attempt, it will not increase your OS every round and it always give you Admin access, but each Probe attempt take 1 minute and the Backdoor Entry attempt take 1 Major action to execute and on a failed backdoor entry attempt the backdoor is deleted). Hacked access will be deleted after 10 - Host Rating hours.

Once you gained access on a Host network and used the 'Enter Host' action the distance to any device in the Host network also seem to become equal to the shortest distance between the device you used to 'access the Matrix' and the closest 'access point' of the network (once you are 'inside' Host' action you seem to be considered 'directly connected' to all devices in the Host network, physical distance to devices within a Host seem to be zero no matter where in the world the are actually located). Since the distance is zero you need to have Admin access and successfully take the Trace Icon action if you wish to find the actual physical location of a device (or persona) inside the Host.

correct

This edition also introduced 'layered' Hosts (Hosts within Hosts). To reach Host B you would first normally need to have enough access on Host A, take the Enter Host action on Host A and then use Outsider actions (such as Brute Force or Probe + Backdoor Entry) to gain access on Host B before you can take the Enter Host action on Host B.

Code: [Select]

Matrix o--------\
                 \ Host A   Host B
Matrix o----------O-----------O
It seem as if a device is 'matrix facing' then you are allowed to take Outsider actions against it (Data Spike, Tarpit, Spoof Command) without having access on the Host network to take the 'Enter Host' action.

correct

But it also seem as if devices that are part of a Host network does not have to be 'matrix facing'. It seem as if they can also only exist on the 'inside' of a Host. This seem to make the specific device immune to Outsider actions (Data Spike, Tarpit and Spoof Command) unless you are already inside the Host (used the Enter Host action) or if you establish a 'direct connection' to the device.

not quite ... being "inside" the host doesn't make a device immune to anything ... just hidden and considered to be running silent using the Host attributes. This only for the surface host however, if the device is inside of a nested Host then yes you are completely unable to interact with that device until you get "close" enough. This could mean getting access on Host A when said device is linked to Host B or by direct connection. More on direct connection later.

Unclear if security devices (drones, cameras, sensors, alarms etc) will ever be 'matrix facing' or if they by default will always be 'inside' the Host, but at lest there seem to be value in having other devices (such as lights, maglocks, elevators) be 'matrix facing' in order to let people interact with them without first actually having to enter a Host. Clarification on this seem to be needed since it have huge impact on what you can and cannot do with the Spoof Command action if the Host require that you already have User or Admin access before you take the 'Enter Host' action.

Well that depends on who owns and setup the host. For example if it's a site that relies on a third party security company then that company would require a matrix facing connection point of some type to monitor the security, while a megacorp who has everything locked down and only using in house security would keep everything inside and restricted access locations like R&D would even have nested security functions. This is exactly one of the things I left malleable because it can be used to adjust the difficulty of the objective you as the GM will want to establish.

To establish a 'direct connection' to a device it seem as if you connect a physical wire between your cyberdeck and the target device (or physically touch it if your Living Persona have the Skinlink Echo).

correct

It has also been suggested that you will automatically establish a 'direct connection' to wireless enabled device by just being in close proximity of it (seeing it / being within 10 meters of it). This seem to suggest that there is a 'mutual handshake range' similar to what we had back in 4th edition (but that this range does not seem to be based upon the noise distance table and the device rating cutoff range of both devices involved).

This is purely a house rule at this point, but yes I suggest this very much and will hopefully get it added into a future supplement book and still need to work out the details.

Code: [Select]

Matrix o--------\
                 \
Matrix o----------O Host A
                 /         
Direct x--------/
Connection
A layered host does not seem to have 'matrix facing' 'access points' (if it did, then you would not have to go through the outer Host to reach the inner Host). It may still have slaved devices, but that they are always on the 'inside' (but that you can still use a 'direct connection' to gain access to the layered host without first accessing the outer Host(s).

Code: [Select]

Matrix o--------\
                 \ Host A   Host B
Matrix o----------O-----------O
                 /           /       
Direct x--------/           /
Connection                 /
                          /         
Direct x-----------------/
Connection

correct

In addition to matrix connected Hosts that you may access wireless there also seem to be offline hosts running on physical hardware.

They seem to work in the same way as regular hosts, except that they by default don't seem to have any 'matrix facing' 'access points' at all.

To hack them (via Brute Force or Probe+Backdoor Entry and then take the 'Enter Host' action as you would with a normal Host) you first need to establish a 'direct connection' (see above) or possibly by attaching a wireless enabled Data Tap directly to the Host network (the server itself or to any device or any hard-wire used by the network) as this seem create a 'matrix facing' 'access point'. Distance in this case will be measured between the device you use to 'access the Matrix' and the physical location of the wireless enabled Data Tap. Once you are inside the Host you will be considered 'directly connected' to all devices that are part of the network, no matter if they are wireless enabled or connected via physical wires.

correct

Please feel free to correct or clarify bits and pieces that I got wrong so far.

As usual Xenon you have done a good job of rewording what was written ... and is probably closer to what the final product would have been a little more page count and review time. thanks.

[Hobbes]

I would hope the Direct Access gets fleshed out in a Matrix supplement along the way.  Mostly for Missions games, home games can (and will) do what works for them.

As far as Icons in a Host go, I'm of the opinion that they can be interacted with by folks outside the Host.  Think Vending Machines or any consumer facing AR menu.  It's certainly slaved to a Host for security, but you don't want you customers to have to log in to your host to buy a can of Fizzygoo. 

And, as Fin stated, there is a meat space wireless signal for most Devices.  Its the fictional basis for the Noise mechanic.  It can be found.  If security doesn't want it to be found, we have rules that cover that with Running Silent. 

If you can't interact with Icons in a Host, Editor and Puppeteer Complex Forms are mostly worthless.  They just become standard Matrix Actions that cause Fade, the advantage they grant of not needing User or Admin Access becomes moot if you've got to Hack Access to a Host anyway.  For Device Icons anyway.  I can see file Icons not being visible from the Grid unless you've got access already. 

Plus if Icons are invisible every Runner is just going to get a Library card and log into the Public Library in London or some such half way around the world.  Or just simply rent a VR Conference room.  Hackers not a problem.  Stray Smartgun or Grenade Icons?  Nope, all good. 

Device Icons need to be visible on the Grid for both fictional and balance reasons.  IMO of course. 

Edit: took too long, Ninja'd by Banshee a bit.

[Finstersang]

Maybe there´s a 3rd option? Imagine Host A (The "Lobby"), Host B (Security) inside of it, and a camera.
The Camera could be linked to the well-protected Host B, but on the "outside firewall" of it.

if Host network B is defending the device then I am pretty sure it will also be Host network B you gain access to if you brute force the device via a direct connection. No matter if the device is 'Matrix facing', 'Host A facing' (if this is even a 'thing') or if it is 100% 'inside' Host B.

Should have mentioned that this is partly based on my semi-houseruled assumption that devices that are protected by BUT not inside a certain host don´t offer the same kind of backdoor opportunities for direct connection hackers. However, this assumption/houserule is far from necessary to make the whole thing work. But this 3rd option probably makes things just more complicated anyways.

Anyways:

Quick clarification on devices "inside" a host ... it's probably just my own prejudice in knowing the intention but I don't see how people are reading that being inside a host makes devices immune. It is only supposed to make it harder. Just as you say hidden by the Host Sleaze for detection and using the Host attributes (or spider when applicable) for actions.

A nested or closed host is a bit different since that requires getting through a "gate" of some sort before being able to interact.

Good explanation that allows for "realistic" security setups as well as clever direct connection trickery for hackers. It´s not quite the same as my assumption, though.

Here´s a little setup for demonstration (hope it gets displayed properly):

Code: [Select]

                     Host A ("lobby")        Host B ("security")
Matrix o ----------------------O------------------------O
                              / | \                   / | \ 
                            /   |   \               /   |   \
                          /     |     \           /     |     \
                        1      2      [3]         4      5    [6]

Note that the system a not closed off, both hosts would have a wireless presence. However, there are servers and cables that allow for throwback devices in the network.

Now lets assume a bunch of different cameras connected to this setup.

• Camera 1 is slaved to Host A. It´s wireless active and it´s on the outside of the Host.
• Camera 2 is slaved to Host A. It´s wireless active and it´s inside the host.
• Camera 3 is slaved to Host A. It´s not wireless active, but connected to the system via Cable.
• Camera 4 is slaved to Host B. It´s wireless active and it´s on the outside of the Host.
• Camera 5 is slaved to Host B. It´s wireless active and it´s inside the host.
• Camera 6 is slaved to Host B. It´s not wireless active, but connected to the system via Cable.

From my initial assumption, the different cameras would behave like this:

• All of them defend with the Attributes of the host they are slaved to (possibly also including Spider support.)
• Camera 1 can be found and hacked without entering the host. Getting a direct connections doesn´t help much here besides noise cancellation (unless the rule from 5th Edition comes back were direct connections circumvent PAN/WAN protection. I think that this would not be the best idea with the new Matrix rules and Attribute balancing, though)
• Camera 2 can be found (or rather: detected) without entering the host due to its signal presence, but to hack it, you must enter the host first or get a direct connection.
• Camera 3 can neither be found nor accessed without entering host A (or finding the camera in the meatspace and connecting directly!)
• Camera 4 can be detected from the outside due to it´s signal presence. However, it can only be accessed from inside either Host A or Host B or with a direct connection. A direct connection can also serve as an access point to directly enter Host B. (Alternatively, this Camera might form an access point to Host B from the general Matrix, thus compromising the whole setup. In that case, someone in the security department might be up for a good spanking  )
• Camera 5: Same as Camera 4, but only accessible from inside Host B.
• Camera 6: Same as Camera 3, but with Host B. With a direct connection, the Camera also serves as an access point to directly enter Host B.

But: if I get Banshee right, things might be a lot simpler:

• That whole inside/outside discussion for slaved devices is rather baseless: There IS no difference between Camera 1&2 and 4&5.
• Camera 1/2 Can be found and manipulated from the outside Matrix (outsider access only?  ) or from Host A. They defend with Host A`s Attributes + possible Spider support. If they run silently, this includes the host´s Sleaze Attribute - That´s as far as they can be "hidden inside" the host. Getting a direct connections doesn´t help much here besides noise cancellation
• Camera 3/4 Can only be found and hacked from inside Host A (outsider access only?  ) or Host B. (Well, maybe their signal presence can be picked up from outside as well, leading the Hacker to the whole structure. But nothing more than that). Either way, they defend with Host B`s Attributes + possible Spider support. The catch: Getting a direct connection to them lets you enter Host B without going through Host A first.
• Camera 5 and 6 Still work as above.

This seems less complex on a first glance, because there´s no reason to enter host B (Unless you still need to enter the host if you need more than outsider access?  ) Anyways, if I as a GM want to force the Hacker to get inside Host B to access the cameras, I could always just add a third host inside host B and slave the cameras to that one.

Code: [Select]

                     Host A ("lobby")    Host B ("security")                 Host C ("root")
Matrix o ---------------O-----------------O ------------------------------------------- O
                                                                                        |
                                                                                        |
                                                                                        |
                                                                                   Camera

And why enter that one? Well, maybe that´s were the super-secure bonus paydata is hidden. Or it´s the "hideout" of the spider. Or it´s just a honeypot were you get linklogged and killed by black IC   

This reading would work just as well: It adds a reasonable amount of complexity, still allows for tricky security designs that forces hackers to actually enter a host and offers good rewards for on-site infiltration and getting direct connections.

Am I getting this right?

[Banshee]

Here´s a little setup for demonstration (hope it gets displayed properly):

Code: [Select]

                     Host A ("lobby")        Host B ("security")
Matrix o ----------------------O------------------------O
                              / | \                   / | \ 
                            /   |   \               /   |   \
                          /     |     \           /     |     \
                        1      2      [3]         4      5    [6]

Note that the system a not closed off, both hosts would have a wireless presence. However, there are servers and cables that allow for throwback devices in the network.

Now lets assume a bunch of different cameras connected to this setup.

• Camera 1 is slaved to Host A. It´s wireless active and it´s on the outside of the Host.
• Camera 2 is slaved to Host A. It´s wireless active and it´s inside the host.
• Camera 3 is slaved to Host A. It´s not wireless active, but connected to the system via Cable.
• Camera 4 is slaved to Host B. It´s wireless active and it´s on the outside of the Host.
• Camera 5 is slaved to Host B. It´s wireless active and it´s inside the host.
• Camera 6 is slaved to Host B. It´s not wireless active, but connected to the system via Cable.

 Technically somewhere in between ... In all cases these devices get to use the attributes of the Host they are linked to as applicable including spider support if available . so spot on there!

• Camera 1 is slaved to Host A. It´s wireless active and it´s on the outside of the Host.

- is outside of the host and therefore visible and easily detectable unless the ENTIRE Host is running silent

• Camera 2 is slaved to Host A. It´s wireless active and it´s inside the host.

- always hidden (same as running silent unless you have access) ... standard hacking rules apply if detected

• Camera 3 is slaved to Host A. It´s not wireless active, but connected to the system via Cable.

- completely undetectable unless you have Host access, and can only be hacked via Host access or direct connection

• Camera 4 is slaved to Host B. It´s wireless active and it´s on the outside of the Host.

- only detectable if you have access to Host A, but otherwise the same as camera 1

• Camera 5 is slaved to Host B. It´s wireless active and it´s inside the host.

- only detectable if you have access to Host A, but otherwise the same as camera 2

• Camera 6 is slaved to Host B. It´s not wireless active, but connected to the system via Cable.

- same as camera 3


regarding direct connection ... as far as I am concerned this will never allow you to bypass network defense, it is there to allow you to bypass layers of defense (ie nested Hosts) or connecting to offline devices purely.

[Finstersang]

 Technically somewhere in between ... In all cases these devices get to use the attributes of the Host they are linked to as applicable including spider support if available . so spot on there!

• Camera 1 is slaved to Host A. It´s wireless active and it´s on the outside of the Host.

- is outside of the host and therefore visible and easily detectable unless the ENTIRE Host is running silent

• Camera 2 is slaved to Host A. It´s wireless active and it´s inside the host.

- always hidden (same as running silent unless you have access) ... standard hacking rules apply if detected

• Camera 3 is slaved to Host A. It´s not wireless active, but connected to the system via Cable.

- completely undetectable unless you have Host access, and can only be hacked via Host access or direct connection

• Camera 4 is slaved to Host B. It´s wireless active and it´s on the outside of the Host.

- only detectable if you have access to Host A, but otherwise the same as camera 1

• Camera 5 is slaved to Host B. It´s wireless active and it´s inside the host.

- only detectable if you have access to Host A, but otherwise the same as camera 2

• Camera 6 is slaved to Host B. It´s not wireless active, but connected to the system via Cable.

- same as camera 3

Thanks, that makes sense to me

I think the only part were I would partly stray from that is making 4 and 5 absolutely undetectable: A wireless Signal is a wireless Signal, and I´d also want my players to have a good clue on what to do next in this case.

Doing so is more of an Electronic Warfare though, though. Probably a good reason to pick up a radio signal scanner? 

regarding direct connection ... as far as I am concerned this will never allow you to bypass network defense, it is there to allow you to bypass layers of defense (ie nested Hosts) or connecting to offline devices purely.

Yeah, with the lowered/nonexistent defence pools for "orphaned" devices, that would have been too much.

One tiny, but important question: It´s now clear that I don´t need to Enter the host to perform Outsider Access Actions (Spoofing, Data Spikes...) against its slaves. It´s also clear that I still need to get the proper access levels for the host if I want to do more (Control device, Formatting ...).

Now: Do i have to enter the host to "exert" these rights or can I do that from outside as well as well?

[Banshee]

 Technically somewhere in between ... In all cases these devices get to use the attributes of the Host they are linked to as applicable including spider support if available . so spot on there!

• Camera 1 is slaved to Host A. It´s wireless active and it´s on the outside of the Host.

- is outside of the host and therefore visible and easily detectable unless the ENTIRE Host is running silent

• Camera 2 is slaved to Host A. It´s wireless active and it´s inside the host.

- always hidden (same as running silent unless you have access) ... standard hacking rules apply if detected

• Camera 3 is slaved to Host A. It´s not wireless active, but connected to the system via Cable.

- completely undetectable unless you have Host access, and can only be hacked via Host access or direct connection

• Camera 4 is slaved to Host B. It´s wireless active and it´s on the outside of the Host.

- only detectable if you have access to Host A, but otherwise the same as camera 1

• Camera 5 is slaved to Host B. It´s wireless active and it´s inside the host.

- only detectable if you have access to Host A, but otherwise the same as camera 2

• Camera 6 is slaved to Host B. It´s not wireless active, but connected to the system via Cable.

- same as camera 3

Thanks, that makes sense to me

I think the only part were I would partly stray from that is making 4 and 5 absolutely undetectable: A wireless Signal is a wireless Signal, and I´d also want my players to have a good clue on what to do next in this case.

Doing so is more of an Electronic Warfare though, though. Probably a good reason to pick up a radio signal scanner? 

well that's a big part of what I want to build on in the future with the whole idea of a "wireless direct connection" and what that means ... I see it as a very limited range type thing in the neighborhood of 10 meters or so. it is a local broadcast and not boosting through the matrix so there no wireless signal to detect unless you are within range ... it's a fuzzy territory that is still percolating in head.

regarding direct connection ... as far as I am concerned this will never allow you to bypass network defense, it is there to allow you to bypass layers of defense (ie nested Hosts) or connecting to offline devices purely.

Yeah, with the lowered/nonexistent defence pools for "orphaned" devices, that would have been too much.

One tiny, but important question: It´s now clear that I don´t need to Enter the host to perform Outsider Access Actions (Spoofing, Data Spikes...) against its slaves. It´s also clear that I still need to get the proper access levels for the host if I want to do more (Control device, Formatting ...).

Now: Do i have to enter the host to "exert" these rights or can I do that from outside as well as well?

well if you have hacked access then by default you are "inside" already and don't need to "enter", but yes you would still need to take the "enter host" action to move further in to get access to the next tier of hosts of applicable... at least that's how I visualize it.

[Hobbes]

Just realized that Nested Hosts work differently than nested PANs.  You don't have to hack through layers of PANs to get to the thing, but you do have to hack through layers of Hosts to get to the thing.

Well, I knew how each one worked, it just now hit me that they're different mechanically.  PANs and WANs usually have parity in how they work.

It might be worth it to include such a note in some kind of future Matrix FAQ.  Which I suspect is really just a thousand Hyperlinks to all of Banshee's posts.   

Anyway.....your "Direct Wireless Connection" could be a Data Tap 2.0 with a 10m range "wireless bonus", possibly some kind of sensor as well to find these Devices.  At least mechanically it could be added to the game as easily all that in whatever Matrixy splat book that comes along.  Or even just in a generic gear book.