Computers
Using a computer
Hacking a computer
Computer Intrusion
Encryption
Artificial Intelligence
Mind Interfaces
Cyberware
Version: 1.5
Date: 2007/06/02
Samuel Penn
Copyright (c) 2007, Samuel Penn.
This document can be redistributed and/or modified under the terms of the GNU Public License as published by the Free Software Foundation version 2.
Computers, in the form of machines that could think and store information, first became possible at TL6, but in the real world they didn't start to actually be produced until early TL7. Early computers were mostly mechanical, and it wasn't until the advent of good electronics that they really started to develop.
Computer technology is currently improving at a rate which makes it difficult to predict where things will end up.
The author subscribes to Strong AI - the belief that there is nothing magical about the human mind, and that reproducing how it works in a machine is merely a hard problem we haven't yet solved. These rules assume that true AI is possible, and any difficulties with uploading a human mind into a computer are merely engineering issues.
Computers in Yags may provide bonuses to attempts to solve problems and search for data. Computer systems between tech levels are difficult to compare, so they aren't. It is assumed that as computers get more powerful, the sort of problems they are expected to deal with get more complex as well.
| Type of computer | Complexity |
|---|---|
| Micro PDA | -10 |
| PDA | -5 |
| Desktop (TL8) | 0 |
| Large server | +5 |
| Mini-cluster | +10 |
| Mainframe | +20 |
| Data cluster | +30 |
| NSA Super cluster | +50 |
The Computer operation skill covers basic use of a computer. This covers everything that is needed to be known at the current tech level in order to interface with such a machine. At TL6, it will be little more than how to load punch cards and how to interpret basic mechanical errors. Through TL7, information becomes more readily available until actual interactive use of the computer is possible, in the form of running queries and using word processors and simple programs.
By TL8, most people can be trained to use a word processor, spread sheet or to perform simple queries. By the middle of this period, computer operation covers advanced usage of software - such as writing macros, finding information on the internet, installing software and a little knowledge of networks and viruses.
Beyond TL8, most computer interfaces will probably be of the form of voice or mind control, making it far easier for unskilled people to control them. With the advent of true AIs, the skill may become completely redundant.
Computer hacking is the skill of doing stuff with computers - from programming to advanced networking, system design and of course breaking its security. Whilst Computer operation covers using programs, hacking covers actually understanding how they work.
As used here, the term hacking refers to the term as it is used by old school hackers, originally those at MIT during the 1960s. Recently, it has come to mean 'breaking illegally into a computer system' for many people. A hacker is someone who plays with computers because they are fun, and because they want to understand how they work. Since the best way to understand a security system is to break it, hackers would often go places they shouldn't. However, once a system is cracked, most would make sure they didn't cause any damage, or let the owners know what the flaws were. Most, but not all. Many people who call themselves hackers however simply enjoy pushing computers to their limits, and would never break into a computer system they didn't have permission to access.
Further, not all people who break into computer systems are Hackers. There are some - generally known as Script Kiddies - who simply want to cause damage. They have little or no knowledge of how things work, but simply run scripts written by those who do.
Hacking includes programming, networking, installing and configuring. Many of these tasks are techniques which must be purchased as specialisations. For the most part, the differences between different operating systems is ignored, since this starts to get complex. If this level of detail is required, then assume that there is a Computer hacking skill for every type of computer system (UNIX/Linux, VMS, OS360, Microsoft etc). The same can be done with Computer operation.
An alternative approach is to assume a default system when the skill is first learnt, and other systems are represented by a familiarity technique, at level 2. If you aren't familiar with the system, then your roll is halved.
Breaking into a computer system can be very easy, or very hard. Generally, getting access to a computer is very easy if you have physical access to the machine. At the very least, you can take it apart, pull out the hard drive (or holographic memory crystal) and make a copy to peruse at your leisure. If you don't care if the owners knew you were there, then you don't even need to make a copy.
To get access to a machine without pulling it apart, use the following table. The Computer hacking skill is used. If you know the Computer Intrusion technique, then you can halve these difficulties.
| Task | Target |
|---|---|
| Home system. Most home users know little about security, and tend to run all sorts of software which provide any number of possible security holes. | 20 |
| Small business. Small businesses may not have much more knowledge than a home user, but run fewer apps and have probably paid to keep their anti-virus uptodate. | 40 |
| Corporate system. Typically a large business will have a dedicated staff of IT people (or outsource such a role) who know what they are doing. Systems will be locked down, with firewalls and restricted access. | 60 |
| Secure system. A high tech firm or important government system, where the focus is on security rather than usability. Users may be heavily restricted in what they can do, since security is seen as higher priority than productivity. | 80 |
| Military. Any system which is locked down tight, with security being the one focus of the design. Such systems are often even harder to penetrate than the difficulty would suggest, since they may not actually have access from the outside world - or at least it is restricted via dedicated lines to a few secure locations. Finding those locations will be required before any attempts are made. | 100 |
| Uptodate security Latest patches are installed. | +10 |
| Out of date The system is badly out of date, and hasn't had any patches installed. | -10 |
| Compromised If the system is already compromised (by trojans, viruses and the like), then it is generally easier to access. | -10 |
As standard, a failure to gain access will be logged, though whether anybody looks at the logs will depend on the site being attacked. A successful intrusion will also be logged, though a good success can ensure that the logs are removed.
On your first attempt to hack a system, you may if you wish make a check at twice the normal difficulty after one hour. If that fails, then a second check may be made after a day. This assumes 24 hours elapsed time, with about half that time requiring effort on the part of the intruder (the rest is running scripts, or waiting for replies on hacker's mailing lists).
The above table mostly abstracts the frequency of patches and updates to a system, the sort of software being run and how standard the installation is. Breaking into a home system is often easy because there are plenty of scripts available that can be used to automate the intrusion. More secure systems will have the exploits that the scripts make use of patched.
Computer systems of an earlier technology may be much easier, or much harder, to crack. If you are not prepared for the lower tech, then there is no change in difficulty, since trying to understand the long since deprecated protocols balances out any advantages gained from having better tools. If you have time to prepare however, and have access to the correct documentation and earlier toolsets, then all difficulties are halved for each drop in TL. Breaking a computer system above the TL you are used to is impossible.
If an earlier TL crosses a paradigm shift (from electronics to vacuum tubes, or AI run systems to standard programmed systems) then you also need a different skill in order to do anything with such a museum piece.
Secure computer systems will ensure that data is stored in an encrypted form. Generally, anyone with access to tools and knowledge of a later TL, is able to crack the encryption of an earlier TL without much effort. Divide the difficulty by 5 for each difference in TL.
The exception will be data properly encrypted with a one time pad - such data is generally perfectly safe unless access to the pad is possible, or a mistake has been made. One time pads are difficult to manufacture for large amounts of data however, so such encryption is rare.
An attempt to break modern encryption can be made using Computer hacking. Most such attempts involve brute force techniques, using software to do most of the work. If you have the Encryption technique, you can halve the difficulties.
| Task | Target |
|---|---|
| Very basic encryption. A custom encryption system for a proprietry system, written by someone with no cryptographic background. Many programs may store passwords or license keys in this form. | 20 |
| Standard encryption. The sort used by common off the shelf encryption software, assuming that no major effort has been made to keep it secure. | 100 |
| Secure encryption. The best commonly available encryption. This is often used for financial data or security tools. | 150 |
| Military encryption. The very best levels of encryption, where cost (in time, effort and computing power) is no limit when securing data. The military will rarely use this level of encryption, especially for real time communications, since it is too expensive unless there is a dedicated mainframe at each end. | 200 |
The standard time to break the encryption on a document is 100 days for a desktop of the equivalent TL. If a more powerful, or less powerful, computer system is available then add the computer system's rating to the attempt. Each level of success above the required difficult reduces the time required by 90% (e.g., 10 days for a good success, 1 day for excellent etc).
If a more random approach is desired, then assume that the base time is d20 x 10 days. This makes it harder for a player to know how long it's going to take. As with intrusion, it is assumed that about half the time is waiting for scripts to complete, and half the time requires the cryptographer to be working on the problem.
Breaking encryption can be hard, and often it can only be done by either brute force, or finding a mistake in the process. Here, it is assumed that most of the work is in trying to exploit flaws in the implementations rather than trying to break the mathematics behind the algorithm.
Generally, any real encryption system is designed so that brute force methods take longer than any reasonable time to work.
If you have Cryptography, then you can attempt to find a shortcut to reduce the amount of computer time required. How difficult this is depends on the amount of data available, whether there are known flaws in the encryption system used, or if common mistakes have been made. Each type of shortcut can be attempted, and each level of success means that the decryption difficulty is reduced by 10 (minimum 10).
| Task | Target |
|---|---|
| Known flaws. If the encryption system has some known flaws, then it may be possible to exploit these. Will tend to apply to older software. | 20 |
| Type of data is known. If the type of data being encrypted is known, then this information can be used to decrypt it. For example, if the data is a document in a common word processor format, which always has the same header information, then this can be used to help crack the protection. The cracking of the German Enigma system in WWII was helped by German weather reports always starting with the same text. | 30 |
| Large amount of data. If there is a large amount of similar data, then this can help find patterns, and lead to a shortcut. | 30 |
All attempts stack, so if there is a large amount of data and known plain text, then it can be very easy to decrypt documents. Note that the above attempts can only be made if they are applicable.
AIs are self-aware intelligences implemented as software. There are a number of different types of AIs, and they range considerably in their capabilities.
A Turing Personality is simply a software program that is able to convince people that it is human. It does not have full consciousness however, and is only capable of operating in a narrow field. They are often used on support desks or in service roles such as shop assistants or performing basic servant duties. Outside of their realm of expertise, then rapidly lose competence, and have only limited learning capability.
TPs become available around Tech Level 9, and by TL 10 may be commonly available as the interface to PDAs or specialist software programs.
Full virtual personalities are available from TL10 (or higher, depending on the background). These are fully conscious and self-aware entities, who have all the capabilities of a human mind. At the TL that they are introduced, they are about as capable as a human, but with better recall and data retrieval. Working out answers to 'tricky' problems takes about as much time as a human does. They are assumed to run on a mainframe class of machine.
Each extra TL beyond introduction, assume that they can run on a machine of one lower class with about the same level of ability, or they can run about 10 times as quickly on the same level of hardware.
Basic mind-machine interfaces become available at TL8, though it isn't until TL9 that they really start to become useful. Basic PDA functionality can be accessed (map, contact or appointment information overlayed onto the optic nerve), and it becomes possible for a mind interface to be used to operate a computer (in much the same way a keyboard or mouse is at TL8).
At late TL9, early TL10, it is possible to record everything that a person sees.
At TL10, it becomes possible to access enough information to allow full body immersion into virtual realities, with sound and images from surface thoughts being accessable to the machine.
At TL11, it is possible to read some memories out of a mind, and writing is possible but flaky. The main issue is accessing the memories, since they need to be brought to the fore and read. Every mind is different, so a large amount of time must be spent adapting to an individual before there is any hope of searching memories. Trawling memories is slow, and is effectively limited to real time. Even then, false memory syndrome is a very real possibility.
By TL12 a lot of the adaption problems have been sorted, but downloading a person's mind is slow and difficult. Brain taping is possible, but it is traumatic, and can result in lost or damaged memories. It can take about a month to fully brain tape someone.
Most cyberware is limited to providing physical enhancements to a person - making them faster and stronger for example. Enhancements to senses tend also to be limited to doing what they say on the box and no more. As soon as cyberware is available it is possible to network such addons to each other and to external interfaces, but doing so is a security risk which most people aren't willing to take. The possible law suits that could result if someone is damage due to a cyberlimb contracting a virus means most companies are unwilling to sell them with any form of connectivity.
As TL9 progresses, sensory devices begin to be able to store and forward data, increasing the advantages of linking them up with external interfaces. Some will require a wired interface, and tend to be secure. Those that have wireless interfaces are less secure and can be hacked as if they were a Secure system.