Nodejacker’s Netbook

 

Out now! The Nodejacker’s Netbook for SG:U is a supplement which revisits the rules for hacking computer systems, building on and improving the one-roll essence of the original/Carbon Edition rules.

Includes

d66 System Responses for when runs go bad

d66 Exploits for when luck is on your side

Revised and improved cyberspace consoles

Improved software and new options

AI classifications 

Anti-AI paradoxware and how to deploy it

Random data finds

New hacker hardware for nodejackers

Available on ITCH and DTRPG

//run.net_ghost_hack.exe

Over on the Views From The Edge forum (which has just had a shiny new facelift) there's an exceptionally fun set of add-on netrunning rules, called run.net, which are intended to replace those found in the Cyberpunk 2020 rulebook. I've been using these rules for a number of years now, with no complaints.

As I gear up for the final stages of our grand home campaign, I realised I needed to look into the possibility of mind or 'ghost' hacking, the type of brain intrusion seen in various iterations of Ghost In The Shell. So I've cobbled together the following options to add to the run.net sub-system. This could probably be tweaked easily for the new Cyberpunk RED system too.

Full transparency: This won't make much sense unless you are familiar with run.net.


Mind Hacking With run.net

aka Ghost Hacks

A connection may be made through a target's neural processor via a normal hack, directly by connecting through a target's interface plugs or other cybernetic input devices, or by injecting a biomodem interface directly into the brainstem. Biomodems are prohibited tech in most jurisdictions. A standard cybermodem is insufficient for mind hacking attempts (the tech is all wrong) - you'd need a slaved biomodem in tandem with a normal deck, unless you're going in direct (ie: your target is present and hopefully sedated. Bring a medtech.) 

For a netrunner to learn this new set of Commands/Targets, they must be trained (either by a tutor or a VR) and begin with their Interface score halved for the purpose of Command and Target point distribution eg: Interface 8 becomes Interface 4, x10 as per rules, for 40 points, providing 20 points for Commands and 20 points for Targets (5 maximum on any Command or Target, as per run.net).

Commands/Targets

1. Find/Scan (Locate)        1. Ghostline (the entire ‘system’)

2. Interrogate (Query)        2. Memory

3. Mask (Conceal)              3. Senses (sensory inputs, bio-feedback)

4. Manipulate (Alter)          4. CNS (Central Nervous System - the main controls)

5. Dominate (Control)        5. ES (Endocrine System - hormones, biochemistry)

6. Penetrate (Infiltrate)       6. Neurochemistry (emotions, feelings, sleep, intelligence)

7. Lock (Secure)                7. Psyche (personality, empathy, cool)

8. Suppress (Limit)            8. Synapses (reflexes, processing speed)

9. Stimulate (Boost)           9. Morphology (physicality, the body, organics)

10. Overwrite (Edit)           10. Bio-interface (bioware, cybernetic processing)

Software has no effect on minds. This isn't about getting apps to do the heavy lifting for you, this is about subtle manipulation. This is meant to be bleeding-edge tech, so if you don't trust your players enough, don't let them have it. Just use it against them instead. 

But why would you want to do any of this? Essentially what ghost hacking does is it turns the enemy's mind and body into a datafortress that can be raided. If you can have control over a body long enough you can literally have them commit crimes for you and keep your distance. Paralyse a foe, put someone to sleep, blank their memories for a few moments. Combined with braindance tech, you can literally erase and rewrite minds.

Full 'borgs really hate this shit.

And finally, to all the 2020 purists, I'm sorry/not sorry.

TRU.U

In my newly revisited Cape Point campaign, the players have been tasked with investigating a freelance media called Jacinda Walker. And what's the best way to find out a lot of meaningless detail about someone? Stalk them on social media.

As I didn't want to deal with multiple social sites, I envisaged a point in time where a major international data player, like Infocomp, would monopolise and monetise the social media game for their own ends. I took contemporary sites, such as Facebook, Youtube, Twitter and Instagram, and imagined a digital Frankenstein's monster of online echo chambers, vulnerable personal information, exposed net connections and virulent net advertising. I called this hideous chimera TRU.U.

TRU.U users create 'bubbles' for connections, work, hobbies, videos, and anything else they're in to. This gives lazy netrunners lots of dull, but possibly useful, information on a target. Pet names, favourite bands, family, friends, the kids, are all exposed and conveniently packaged for easy access. Probably the best way to ascertain someone's password EVAH.

Infocomp being the corporation it is, didn't go through multiple hostile takeovers and buyouts for nothing. The company uses TRU.U to monitor people; for personal data scrapes; to wage memetic warfare; to control PR; to engage in social engineering. Staging a coup and destabilising a central African nation? Contract Infocomp's analytics experts to disseminate your political message and publicly humiliate your opponents via TRU.U. Want to ensure a rapid take-up of the latest software update for this summer's Kiroshis? Talk to Infocomp's media marketing team and inundate users with targeted advertising. Control your brand message with bubbles. 

While many people acknowledge Infocomp's ownership of the TRU.U platform, the vast majority of users don't know or don't care. To keep them happy, anything goes on TRU.U; there are very few rules and only token moderation, and criminal activity is rife. Hire solos to knee-cap your boss, order a couple of grams of dorph, stalk your ex and her new partner, and swap aggressive memes about the latest season of My Two Clones, all from the comfort of your broken ass La-Z-Boy.

So, what will my players learn about Jacinda?

• Australian national

• 27 years old (born February 25th, 2003)

• Lots of self-recorded videos - mainly unimportant rants, gigs and social stuff (likes a drink) - last post was 2 days ago, missing Ellie

• Xhosa Trance fan, with a little Chip Hop and some old-school Angel Vision

• Big on social justice, has infosocialist leanings, anti-corruption, supporter of bioroid rights

• Vegetarian, anti-GMO

• Wheat intolerant

• Big fan of the Simsense & Sensibility reactive vidshow

• 83 friends, colleagues (assorted freelancers, correspondents and activists) and family members added to her bubble

• In a relationship with Eliza Myburgh, an admin/clerical worker at Biotechnica, for nearly two years

• In the care of a Trinity orphanage from 2013-2019, in Melbourne - was originally raised by parents on the family’s sheep farm

Will any of that be useful to them? Who knows? Maybe they should do some better research.

Anyone else have any thoughts on social media in Cyberpunk? Anything I've missed?

Leave me a comment below and I'll add you to my bubble.

Paydata PLUS [D10]

Inside Job by Clark Huggins

Following on from my previous Paydata post, and to help you avoid simply recycling those results after a while, here's another take on a D10 list of saleable or useful files, links and vulnerabilities your sneaky netrunner might discover in the corporate grid she's infiltrating.

Roll a D10:

1. The Science Division techs working the labs have biomonitors contractually implanted, as standard, synced with the network for 'safety' (plus, it allows the company to keep tabs on them). And their unique identifiers are left exposed after an incomplete system update. How long have you got to manipulate, tag or trace them?
2. One of the Rapid Response Team managers has left their memory chip connected to their terminal, after a particularly hectic nightshift, followed by a brutal debrief. The chip contains the designated wireless frequencies for the team's smart weapons, apparently good for the next 36 hours.
3. Looks like a company commtech forgot to turn off the 'share' settings for the video-phones on the 14th and 15th floors, after a routine installation. The v-phone cameras and contact lists for Marketing, Analytics & Modelling and Public Relations are all currently accessible. With the right software, you just might be able to worm your way through the rest of the comms network.
4. This part of the system is haunted by fragments of a partially de-rezzed AI 'ghost', who is clearly quite insane, but courteous and happy to chat. If you ask the right questions, who knows what secrets it's deteriorating mind will reveal? Can it's unstable psyche be trusted?
5. An innocuous branch of the network leads to an unsecured terminal currently running the route-planning software for the company ad blimps. Also, the GPS system for each dirigible can be accessed by the reasonably intuitive guidance application, each blimp's current location mapped in real-time.
6. A hot-desking account manager has accessed the network using a private cloud account, which is still connected. Wading through the spreadsheets, DRM-hacked music and porn, the netrunner may realise that the cloud is quietly auto-syncing with any and all enabled devices in the vicinity. Smartphones, tablets, cheap neural processors, robovacs, autonomous trashcans and the office smart-fridge, all pop up and drop out of the wireless network, periodically. Perhaps the same cloud can lead the hacker to the employee's home system.
7. The system exposes the central hub for an intelligent washroom on one of the executive floors. A versatile software suite manages a plethora of voice-activated assets - cubicle doors, an air freshening system, soap dispensers, taps and the all-important power flush. And that means there are mics in there…
8. A glitch reveals the LAN of office environmental sensors across three floors - the locations and operating systems of the smoke alarms, air conditioning, atmospheric regulation, fire suppression and acoustic weapon sensors are all disclosed to the netrunner. There's only D6 minutes until the glitch is corrected, and any tampering will be detected.
9. A link to the company spam filter is being used by an operator. Normally handled by an expert system, an employee has logged in to double-check that it's performing correctly. The netrunner can see the database being altered in front of them, v-mails slowly being white-listed and others moving to trash. The netrunner, of course, moves at the speed of thought, so has a narrow window of opportunity before any useful v-mails are reclassified by the wage-slave in meatspace.
10. A very recent update to the OS creates an as-of-yet unknown vulnerability in the building's air traffic control system, giving the netrunner access to the company IFF database. Only identifiable aeros are permitted to land on the rooftop pads, but some subtle changes to that stored data could change everything. 

Paydata [D10]

Puppet Master by Dmitry Kalinichenko

Yesterday, I spotted this request in the comments of a previous post:

Kash Register12 September 2018 at 20:23I know that you are very good at producing "lists" of things in cyberpunk. So my request is a list of possible types of paydata a netrunner can find in a corporate system while they are there doing whatever it is they do. Paydata being info they could sell that is not specifically part of the mission at hand, but valuable none the less. Thanks in advance!

So, here's my take on a list of 10 potentially valuable files your netrunner may stumble across while illicitly datascraping a company network.

Roll a D10:

1. A zero-day vulnerability in the software of a concealed long distance link, which exposes a direct line into a secure Korean server farm generating cryptocoin for a jopok black bank. There's only D6 hours until the vulnerability is patched and becomes worthless. Tick tock.
2. Some admin noob has created a text file that includes the teleoperators' passwords for the company's onsite security drones or patrol bots. How long until the passwords are changed?
3. Somehow, a copy of the chemical composition of the company's performance enhancing drug of choice has been saved in the wrong folder. The file contains enough information for a competent street-chemist to synthesise the compound, and also includes the latest molecular tweaks that may alter it's current classification status to legal.
4. A system user has, for whatever reason, secreted a video file in an innocuous looking folder. It's three day old footage of one of the company execs, who can be seen in a number of compromising positions with escorts of varying genders and questionable ages.
5. Filed amongst a number of marketing PDFs, the netrunner discovers a spreadsheet containing the names, addresses, contact details and 'financial contributions' to a number of prominent politicians on the take from the company.
6. Unsecured compressed folder, containing the IT department passwords used for software updates to the company's fleet of autonomous and teleoperated delivery vehicles, docked at the nearest company distribution centre.
7. Someone has left their remote access setup active, allowing the netrunner to utilise the live editing software on an ad-heavy, company sponsored simsense serial, which is extremely popular. Programme in a back door, and you'll be able to come back and spread whatever message you want, live and direct.
8. A botched satnav update has dumped the favourites list of a company limo GPS into the  main system. Each of the locations appear to be visited routinely and regularly, and many seem… unorthodox.
9. Numerous internal reports which prove beyond doubt that several popular company products are toxic/carcinogenic/hazardous/dangerous, each report being signed off by the same Quality Control exec.
10. The netrunner notices that the network hosts a poorly secured peripheral device (meant to be offline when not in use), which holds a number of cipher keys used by the company medical division, to access several high-profile executives' neural processors for injecting software updates.

I hope you find 'em useful Kash!