Information Warfare Mechanics
Moderator: Moderators
Those things are all also dedicated to fooling lazy or overgeneralized implementations. Not they don't work, but they don't automagically fool everything.
Vebyast wrote:Here's a fun target for Major Creation: hydrazine. One casting every six seconds at CL9 gives you a bit more than 40 liters per second, which is comparable to the flow rates of some small, but serious, rocket engines. Six items running at full blast through a well-engineered engine will put you, and something like 50 tons of cargo, into space. Alternatively, if you thrust sideways, you will briefly be a fireball screaming across the sky at mach 14 before you melt from atmospheric friction.
-
- King
- Posts: 5271
- Joined: Thu Apr 14, 2011 5:32 am
- GnomeWorks
- Master
- Posts: 281
- Joined: Mon Apr 21, 2014 12:19 am
I don't see why anyone would argue with this. It might not be entirely "realistic," but I'd almost argue that a hacker who lives in a cyberpunk future specifically has things to hack overwatch equipment (cameras, etc) near them as quickly as possible, possibly even as a persistent background process that can be switched on and off. In the kinds of situations people find themselves in cyberpunk, fucking around with hacking hundreds of cameras each individually seems like a massive waste of time. You'd automate the process, run a script from your phone or whatever, to just do it, and because it's a goddamn computer, it does a thousand devices in the time it'd take a person to do one.FrankTrollman wrote:That's why this sort of thing has to be all about the guy doing it. The hacker's range and the hacker's hack strength, with everything in range being subverted if it is below the security threshold of the hack. You can't do an action resolution per device because there are several orders of magnitude too many devices. Subversion has to function like jamming, because there are so many fucking devices in the future that no other system is possible.
That also means you might miss some devices, like things that run on architectures you're not familiar with (and thus haven't coded for), but if you miss one-tenth of all devices... you've still got enough to get the job done. And that weird architecture thing can be represented in "hack defense," or whatever the hell you'd call a device's resistance to being hacked.
So doing the "one number to hack them all" approach works. It's mechanically elegant, doesn't run into the MC trying to figure out the precise number of devices present, can be quickly resolved, and at least has a mildly plausible realistic explanation.
- Stahlseele
- King
- Posts: 5988
- Joined: Wed Apr 14, 2010 4:51 pm
- Location: Hamburg, Germany
It's basically how Watchdogs works if i understood this correctly.
You basically can see all phones and some other things in your close proximity(basically just LOS) and don't need to do anything to go in and do stuff to that. And then it gets complicated by allowing hacked cameras and the such to extend the LOS for this purpose.
You basically can see all phones and some other things in your close proximity(basically just LOS) and don't need to do anything to go in and do stuff to that. And then it gets complicated by allowing hacked cameras and the such to extend the LOS for this purpose.
Welcome, to IronHell.
Shrapnel wrote:TFwiki wrote:Soon is the name of the region in the time-domain (familiar to all marketing departments, and to the moderators and staff of Fun Publications) which sees release of all BotCon news, club exclusives, and other fan desirables. Soon is when then will become now.
Peculiar properties of spacetime ensure that the perception of the magnitude of Soon is fluid and dependent, not on an individual's time-reference, but on spatial and cultural location. A marketer generally perceives Soon as a finite, known, yet unspeakable time-interval; to a fan, the interval appears greater, and may in fact approach the infinite, becoming Never. Once the interval has passed, however, a certain time-lensing effect seems to occur, and the time-interval becomes vanishingly small. We therefore see the strange result that the same fragment of spacetime may be observed, in quick succession, as Soon, Never, and All Too Quickly.
-
- Prince
- Posts: 2606
- Joined: Fri Apr 30, 2010 11:43 pm
The problem is that you get someone who knows, or thinks they know (thanks to hollywood), about IT and hacking and network shit. So they start to try to game the system with shit like "but if I drill through the firewall fast enough that should allow me to make an unopposed roll and just get access to everything."GnomeWorks wrote:I don't see why anyone would argue with this. It might not be entirely "realistic," but I'd almost argue that a hacker who lives in a cyberpunk future specifically has things to hack overwatch equipment (cameras, etc) near them as quickly as possible, possibly even as a persistent background process that can be switched on and off. In the kinds of situations people find themselves in cyberpunk, fucking around with hacking hundreds of cameras each individually seems like a massive waste of time. You'd automate the process, run a script from your phone or whatever, to just do it, and because it's a goddamn computer, it does a thousand devices in the time it'd take a person to do one.FrankTrollman wrote:That's why this sort of thing has to be all about the guy doing it. The hacker's range and the hacker's hack strength, with everything in range being subverted if it is below the security threshold of the hack. You can't do an action resolution per device because there are several orders of magnitude too many devices. Subversion has to function like jamming, because there are so many fucking devices in the future that no other system is possible.
That also means you might miss some devices, like things that run on architectures you're not familiar with (and thus haven't coded for), but if you miss one-tenth of all devices... you've still got enough to get the job done. And that weird architecture thing can be represented in "hack defense," or whatever the hell you'd call a device's resistance to being hacked.
So doing the "one number to hack them all" approach works. It's mechanically elegant, doesn't run into the MC trying to figure out the precise number of devices present, can be quickly resolved, and at least has a mildly plausible realistic explanation.
The MC's brain explodes and then you try to explain to the player that this is part of the abstracted system and then you get into an argument over granularity.
I agree though completely, abstraction is the way to go. I just know from experience that you get assholes who will argue granular benefits in an abstracted system. In my last game of Shadowrun someone actually tried to talk to me about how *his* deck modified the waveform of the wireless signal so he should get a substantial advantage or some other bullshit like that. So it happens.
- Stahlseele
- King
- Posts: 5988
- Joined: Wed Apr 14, 2010 4:51 pm
- Location: Hamburg, Germany
@TheFlatline
He's trying to mount the horse from the wrong end.
He's trying to get stuff by describing what he wants.
Instead he gets stuff and can explain why/how.
I hope you told him that?
He's trying to mount the horse from the wrong end.
He's trying to get stuff by describing what he wants.
Instead he gets stuff and can explain why/how.
I hope you told him that?
Welcome, to IronHell.
Shrapnel wrote:TFwiki wrote:Soon is the name of the region in the time-domain (familiar to all marketing departments, and to the moderators and staff of Fun Publications) which sees release of all BotCon news, club exclusives, and other fan desirables. Soon is when then will become now.
Peculiar properties of spacetime ensure that the perception of the magnitude of Soon is fluid and dependent, not on an individual's time-reference, but on spatial and cultural location. A marketer generally perceives Soon as a finite, known, yet unspeakable time-interval; to a fan, the interval appears greater, and may in fact approach the infinite, becoming Never. Once the interval has passed, however, a certain time-lensing effect seems to occur, and the time-interval becomes vanishingly small. We therefore see the strange result that the same fragment of spacetime may be observed, in quick succession, as Soon, Never, and All Too Quickly.
-
- Prince
- Posts: 2606
- Joined: Fri Apr 30, 2010 11:43 pm
Yeah that's basically what I ended up boiling down to. "Well you have an uber deck that gives you all these bonuses, so yeah, we can say that part of that bonus comes from there".Stahlseele wrote:@TheFlatline
He's trying to mount the horse from the wrong end.
He's trying to get stuff by describing what he wants.
Instead he gets stuff and can explain why/how.
I hope you told him that?
It's a munchkin problem. It'll be prevalent in any player looking for an unfair advantage mechanically, but I've found it doesn't seem as big of an issue in a highly granular system because you can usually find something close enough to base your game altering effects on. In an abstract system there's no comparison of power levels (intentionally) to compare.
- Foxwarrior
- Duke
- Posts: 1654
- Joined: Thu Nov 11, 2010 8:54 am
- Location: RPG City, USA
Well, there are multiple statements in there, and I wouldn't argue with all of them.GnomeWorks wrote:I don't see why anyone would argue with this.FrankTrollman wrote:That's why this sort of thing has to be all about the guy doing it. The hacker's range and the hacker's hack strength, with everything in range being subverted if it is below the security threshold of the hack. You can't do an action resolution per device because there are several orders of magnitude too many devices. Subversion has to function like jamming, because there are so many fucking devices in the future that no other system is possible.
Like, "You can't do an action resolution per device because there are several orders of magnitude too many devices" is not a thing I would argue with, unless we were talking about a computer game. When I said five cameras, that's the number I meant (because I was thinking about spying, not erasing data), and that's not several orders of magnitude in any integer base.
I'm tempted to argue with "in range" and "Subversion has to function" because they feel like major setting design decisions with useful consequences on both sides. Like, "in range" is hard to work with unless you use butterfly programming technology (which is really weird with AoEs, isn't it?) and "Subversion has to function" significantly detracts from the constant surveillance themes.
-
- Prince
- Posts: 3710
- Joined: Sat Sep 26, 2009 3:55 pm
I'll have you know 5 is 11111 in Base 1.Foxwarrior wrote:Well, there are multiple statements in there, and I wouldn't argue with all of them.GnomeWorks wrote:I don't see why anyone would argue with this.FrankTrollman wrote:That's why this sort of thing has to be all about the guy doing it. The hacker's range and the hacker's hack strength, with everything in range being subverted if it is below the security threshold of the hack. You can't do an action resolution per device because there are several orders of magnitude too many devices. Subversion has to function like jamming, because there are so many fucking devices in the future that no other system is possible.
Like, "You can't do an action resolution per device because there are several orders of magnitude too many devices" is not a thing I would argue with, unless we were talking about a computer game. When I said five cameras, that's the number I meant (because I was thinking about spying, not erasing data), and that's not several orders of magnitude in any integer base.
Kaelik wrote:Because powerful men get away with terrible shit, and even the public domain ones get ignored, and then, when the floodgates open, it turns out there was a goddam flood behind it.
Zak S, Zak Smith, Dndwithpornstars, Zak Sabbath, Justin Bieber, shitmuffin
- Foxwarrior
- Duke
- Posts: 1654
- Joined: Thu Nov 11, 2010 8:54 am
- Location: RPG City, USA
I see what you mean.TheFlatline wrote: I agree though completely, abstraction is the way to go. I just know from experience that you get assholes who will argue granular benefits in an abstracted system. In my last game of Shadowrun someone actually tried to talk to me about how *his* deck modified the waveform of the wireless signal so he should get a substantial advantage or some other bullshit like that. So it happens.
It's also very common with encryption. You've got players explaining how they've designed a very clever encryption scheme (most of the time it's something far less secure than regular DES or just a variation of OTP) and how nobody can eavesdrop on their conversation thanks to this.
It will be the same if you consider that a hacker can see everything in an area thanks to the cameras. There will always be players to tell you that they make sure that this part is not visible to any camera.
For encryption, it's easy to tell a player "that's covered by the rule: your clever algorithm is a high rating encrypt program. Believe me: there are still ways to crack it, otherwise everybody would be using it".
For the cameras, it's a bit more difficult. Your system should allow for some modifiers to handle that kind of behavior ("target is actively trying to hide something: -4", preferably with "actively trying to hide something" an action that gives negative modifiers to other actions so that PC can't do it constantly without any drawback.).
-
- Serious Badass
- Posts: 29894
- Joined: Fri Mar 07, 2008 7:54 pm
I think there is real value in having tiers of encryption. Especially in having it extend to one time pads. OTP is real, and it's really unbreakable. Not 'unbreakable' with little finger quotes, but actually unbreakable. It has numerous disadvantages that make it impractical for regular use and not always desirable even for short ninja missions. It's important enough that it should just be an option in the rules - it's not the kind of thing you want MCs to have to make up rules for on the spot the first time a player reads a book about cryptography.
-Username17
-Username17
I think OTP's would only ever be used as DM penises and would probably be bad for the game. On the player side they are useless because they are tautologies. If you could get a secret message to someone THEN you can get a secret message to someone. I think using abstract game mechanics OTP's wouldn't need to have any special property at all over a cipher that was just very hard to intercept or decode. The investigation of the OTP message would just be concerned with discovering or locating the original code rather than trying to break the security programs on the code you have.
DSMatticus wrote:Fuck you, fuck you, fuck you, fuck you. I am filled with an unfathomable hatred.
-
- Serious Badass
- Posts: 29894
- Joined: Fri Mar 07, 2008 7:54 pm
You are totally completely fucking wrong in every way it is possible to be wrong. A OTP allows you to port the secrecy of your transmission into the future. So, to pick a potentially relevant example out of my ass: you could securely transmit the pad to your spy drone while you were safely in your home base and none of the corps knew you from Adam, and then activate the pad to get literally unbreakable encryption on the transmissions between you and the spy drone for a few hours. During a mission, perhaps.Dean wrote:I think OTP's would only ever be used as DM penises and would probably be bad for the game. On the player side they are useless because they are tautologies. If you could get a secret message to someone THEN you can get a secret message to someone. I think using abstract game mechanics OTP's wouldn't need to have any special property at all over a cipher that was just very hard to intercept or decode. The investigation of the OTP message would just be concerned with discovering or locating the original code rather than trying to break the security programs on the code you have.
OTPs are useful to raiders - people whose communications are only going to be interesting to hostiles at a specific and predictable time. You know, the player fucking characters.
That's why it's so important for the game to be up front with what the limitations are in the game. Because players are obviously extremely interested and they will want to use them. If you don't have rules for it, you're just forcing the MC to make some untested ones up on the fly. And since we're talking about a code that is literally unbreakable, random asspulled rules are pretty likely to break the game.
-Username17
OTPs have also been used in sci fi books that aren't about hacking, crypto, running, or anything else like that. Not heavily, but the author mentions them and such, you know. They're not entirely obscure, so a game that's putting in a minigame about crypto should include them even just for that reason.
- GnomeWorks
- Master
- Posts: 281
- Joined: Mon Apr 21, 2014 12:19 am
I think the issue is that a lot of people would have problems with players (or the MC) breaking out an "I win" button like OTP. Because it really is; even if you had the computing power to "break" the cipher in a reasonable amount of time such that it would still be useful, you'd wind up with a number of variations on the message as a function of the character length.FrankTrollman wrote:That's why it's so important for the game to be up front with what the limitations are in the game. Because players are obviously extremely interested and they will want to use them. If you don't have rules for it, you're just forcing the MC to make some untested ones up on the fly. And since we're talking about a code that is literally unbreakable, random asspulled rules are pretty likely to break the game.
I mean you might be able to throw some natural language processing and Bayesian calculations into it, to try to toss out messages that don't make sense in context, but even so, you're probably looking at - at best - a 50% success rate in figuring out the actual message. And significantly worse, if the people using the OTP are super-paranoid and use words with lengths such that their antonyms are the same length, or randomly insert some portmanteaus, which... yeah, even if you can break the cipher, you're not going to find the actual message: it's a needle in a haystack in a field of haystacks.
Anyway, in the scenario of sending the OTP to a drone prior to doing a run or whatever, the correct answer on the part of your opposition is to get physical access to the drone itself without you knowing (so you can't tell it to drop the pad, or self-destruct, or whatever). But I think if a player ran into an MC using OTP, there's a good chance for a shit-load of whining about "but my hacking skills are awesome, I should be able to crack it." On the converse, an MC running into a player using OTP is going to be constantly frustrated by it unless they understand that it's a brick wall that has to be worked around, so without clear rules as to how they work, the MC is likely to make a stupid ruling that doesn't actually make any goddamn sense.
-
- Serious Badass
- Posts: 29894
- Joined: Fri Mar 07, 2008 7:54 pm
You seem to be a bit unclear on how good OTPs are. You don't get to know how long the words are. You only get to know how long the message is, and you don't get to know if they padded their message with a bunch of gibberish or even just a line of qs. Every bit of the entire message is randomly but specifically either flipped or not. Without the key, there is no possible way to get any information from the message save for meta-information like the time and location the message was sent from.
However, while it is the ultimate 'I win' button in cryptography, its use is very limited. In order to use it, you have to first securely transmit it unencrypted to the eventual target. And you have to keep both ends from being compromised before, during, and after the transfer. And it isn't reusable. So it's really ideal for a 'teleport ambush' scenario - for a limited time, your transmissions cannot be intercepted. But it's kind of crap in almost all other situations.
-Username17
However, while it is the ultimate 'I win' button in cryptography, its use is very limited. In order to use it, you have to first securely transmit it unencrypted to the eventual target. And you have to keep both ends from being compromised before, during, and after the transfer. And it isn't reusable. So it's really ideal for a 'teleport ambush' scenario - for a limited time, your transmissions cannot be intercepted. But it's kind of crap in almost all other situations.
-Username17
- GnomeWorks
- Master
- Posts: 281
- Joined: Mon Apr 21, 2014 12:19 am
What part of my analogy of the actual message being a needle in a haystack in a field of haystacks indicates that I do not understand how good they are?FrankTrollman wrote:You seem to be a bit unclear on how good OTPs are.
There is, beneath the encryption, an actual message. I understand that - at the moment, with our level of tech - breaking an OTP is effectively impossible. But with sufficient computing power and sufficiently "intelligent" code-breaking algorithms, as well as taking context into account, you could probably arrive at some possibly-reasonable fraction of the total length of the string in number of possible decryptions of the string. Narrowing it down much further than that might approach impossible, but having a set of possibilities is a whole different beast from having no clue whatsoever.
Padding the message is possible, I suppose, which is something I hadn't considered, but essentially works along the same vein as using portmanteaus or words whose antonyms are the same length. The same thing could be accomplished by going all Navajo on it as well, or even just playing clever grammatical games with your messages. Basically if you employ OTP and some other encryption method encapsulated in it, then I think it approaches actually impossible (as in, no decryption results in a message that could even be close to the original message) instead of just currently impossible (in that it might eventually be possible to break it and arrive at a number of possible choices, given a level of tech we currently don't have but is certainly within the realm of future possibility).
-
- Knight-Baron
- Posts: 826
- Joined: Tue Feb 14, 2012 12:49 am
- RadiantPhoenix
- Prince
- Posts: 2668
- Joined: Sun Apr 11, 2010 10:33 pm
- Location: Trudging up the Hill
@GnomeWorks: Let me explain why One Time Pads are fucking magic:
Here's how a One Time Pad works:
Ouija?
Here's how a One Time Pad works:
- Send your message securely
- Decide what your message was
- Send the decryption key
Ouija?
Last edited by RadiantPhoenix on Sun Sep 21, 2014 3:18 am, edited 1 time in total.
- GnomeWorks
- Master
- Posts: 281
- Joined: Mon Apr 21, 2014 12:19 am
- momothefiddler
- Knight-Baron
- Posts: 883
- Joined: Sat Feb 22, 2014 10:55 am
- Location: United States
GnomeWorks, as I understand it, you're arguing that the transmission can be decoded into the set of possible plaintext messages, and then other heuristics (grammar, language, context, etc.) can be used to narrow down those messages, and sufficiently advanced technology could narrow them down to a workable number and gain information.
And that's true.
Except that you're still only working with metadata. The thing is, "the set of possible plaintext messages" from QNFURLLEMSITPANZUTKWODNYSLEYAJ, is exactly "the set of possible plaintext messages" that are 30 characters long. That's all you get. The decoding you do with potential pads is literally replacing each character with every possible character in your message. And while sufficiently advanced technology probably could deduce valuable information from "there was a transmission 30 bytes long from zone D-14 at 13:56:02", that's still all you have to go on.
And that's true.
Except that you're still only working with metadata. The thing is, "the set of possible plaintext messages" from QNFURLLEMSITPANZUTKWODNYSLEYAJ, is exactly "the set of possible plaintext messages" that are 30 characters long. That's all you get. The decoding you do with potential pads is literally replacing each character with every possible character in your message. And while sufficiently advanced technology probably could deduce valuable information from "there was a transmission 30 bytes long from zone D-14 at 13:56:02", that's still all you have to go on.
One-Time Pads are actually unbreakable, and no amount of processing power can ever change that. Every single character of the message is shifted (unless the shift for a character happens to be zero, but you don't know that) and there is no pattern to the shifts. You don't know how long words within the message are because the spaces have also been shifted by a random amount. The message could correspond to any cleartext of equal length.
DSMatticus wrote:It's not just that everything you say is stupid, but that they are Gordian knots of stupid that leave me completely bewildered as to where to even begin. After hearing you speak Alexander the Great would stab you and triumphantly declare the puzzle solved.
- GnomeWorks
- Master
- Posts: 281
- Joined: Mon Apr 21, 2014 12:19 am
Yes. Exactly.momothefiddler wrote:bunch of words
I'm aware that the fact that you have an n-byte long message is all you have to go on. However, for the specific instances in which OTPs are useful - as outlined by Frank, above - there would also possibly be contextual information that could be combined with the information that there was a transmission of n-length at x time to assist in decrypting it to, again, a reasonable number of possible decryptions.
I'm not arguing that it would ever be possible to go from an OTP-encrypted message directly to the actual message at its core. I don't think that's possible. But it should be possible, with sufficiently advanced technology, to go from an OTP-encrypted message to some reasonable (probably computer-reasonable, not people-reasonable) number of different decrypted messages.
Which is why I mentioned the encapsulation of additional encryption within the OTP, because that would probably put it firmly back within the realm of impossible; whether that is just padding words and such or going all Navajo on it, any additional encryption on top of OTP makes it impossible in the context of a world with sufficiently advanced tech to make it possible to potentially get the correct message (albeit jumbled in with a bunch of incorrect decryptions).
- momothefiddler
- Knight-Baron
- Posts: 883
- Joined: Sat Feb 22, 2014 10:55 am
- Location: United States
I dunno. As messages get longer (or you include the fact that you could easily have pre-prepared shorthand in addition to the OTP, which I guess would fall under your classification of other encryption), the amount of info you can get from the length of the message is vanishingly small compared to the info from the time of the message, the strength at which it was sent, the direction (if a directional transmission) of the beam, and (extremely importantly) the origin point of the signal - and of any response.
I mean, once you have the contextual heuristics, the difference between "a 50-character english message" and "a 50-or-fewer-character english or russian message" is minimal. And if you're up into the hundreds or thousands of characters, the length really doesn't provide any insight into the possible messages beyond very vague things (it's probably not a schematic for the prototype engine they're trying to steal).
I mean, once you have the contextual heuristics, the difference between "a 50-character english message" and "a 50-or-fewer-character english or russian message" is minimal. And if you're up into the hundreds or thousands of characters, the length really doesn't provide any insight into the possible messages beyond very vague things (it's probably not a schematic for the prototype engine they're trying to steal).