Originally posted by Chad Osborne:
I'm curious as to how starship security would work in the minds of other players/gms. Let's say the PCs want to hack into another starship's computer. Can that be done from a distance, using some kind of wireless connection? Or would it require them to physically tap in to a direct line?
In our T20/Tne campaign my co_Gm Mr Adkins & I, as well as several prominent players worked out that the Task of Hacking was controlled by the three feats:
* Hacker--or the one engaged in “Hacking” as we have seen in countless movies, allows the user of such (or level of expertise), to “bypass, circumvent, or defeat computer or communication security systems”, and access data information they are seeking to gain, view, or retrieve from another restricted computer, communication, or data system. “As a feat this adds +2 to all T/Computer and T/Communications skill checks.”
* Gearhead--(As a feat), is a person who is quite skilled at tinkering and working with mechanical and electronic equipment and systems such that they gain a “+2 to all T/Mechanical and T/Electronics skill checks when attempting to repair, construct or sabotage a piece of equipment." This would appropriately apply to attempts to hardwire non-standard connections to a system or communications link.
* EW Specialist--(As a feat), is a person who has an amazing level of electronic warfare expertise such that they gain a “+2 to all T/Communications and T/Sensors skill checks when attempting to detect, defeat, or establish a communications, or sensor lock; or when trying to descramble a garbled or encrypted encoded comm. signal.”
Skills in Review:
* T/Computer, is used when hacking over from computer-to-computer data systems.
* T/Communications, is used when hacking via wireless comms or personal communicator device into a data system.
* T/Electronics, is used when hacking via a hardwire connection, i.e. “splicing” into the data system itself from outside directly into it.
Hacking thus is boiled down to a 3-step process:
1. Connection
The Connection phase refers to the process of establishing a link to another system by which data, commands or information will be exchanged. Whether sitting down to a directly wired terminal, using a modem or other device to carry data over common communication systems or plugging the cable from your personal computer into a data jack; or at the other end of the spectrum, it might also includes the extremes of scraping away the covering from a cable and clipping in your own bootleg connection, or removing panel covers from a computer and plugging in your own wires directly into the heart of the system itself.
It is the act of making contact, what happens to allow that exchange of information to happen, and under normal circumstances, those who live and work with computers perform this action daily. Most computer systems are actually designed to make access easier, and will often apply the DM as a bonus toward making this step easier for the potential user. For those attempting to connect to a system in ways not originally intended, or for which the system is attempting to guard against, the DM will almost always be applied as a penalty to the attempt.
For Example: A TL-9 (+5) public access information terminal in an arcology is intended to assist the residents and visitors in obtaining information, it's modifier is (thankfully) set to help those attempting to connect to it, in this case with a basic voice help system. John Random, from the planet Dustball in the Backwater System who wishes to access the terminal steps up and listens to the instructions, which provides use instructions on how to use it's touch-screen maps. John then attempts to access the device (Easy task, T/Comp DC-10) and receives a +5DM, giving him a high probability of success. Not satisfied with this, several local shopkeepers pool their funds and pay for the installation of a model, which has voice recognition, and can respond to questions from passers by, as well as provide touch-screen maps of the local shops and restaurants. TL-12 (+10)
Applicable Skills :
The skill used to handle this is dependent on the situation and method of connection. A player sitting down directly at a terminal or connecting across a data link or computer network would likely use T/Computer. Establishing a connection by way of a modem, radio or other Communications link (Perscomm, Meson Communicator, what have you,) would likely be making use of the T/Communications skill. A player attempting to wire in their own connection (including almost anything involving 'splicing in', or accessing a computer's internal parts would likely be using T/Electronics.
Success or Failure :
Success at this task results in an established, stable link to the target system, and permits the exchange of data. Failure to connect by conventional means typically means an error or shortcoming in the connection method. Failure to connect to a hostile system may result in the target's connection device or channel being blocked, fire walled or taken offline.
System TL Mod
TL5 - TL6 0
TL7 - TL8 +2
TL9 - TL10 +5
TL11 - TL12 +10
TL13 - TL14 +15
TL15 - TL16 +20
TL17+ +25
2. Access
The Access phase is where authentication takes place, such as entering usernames and passwords or electronic systems exchanging cryptographic keys or data to verify the identity of the system on the other end. If the Access phase is walking into the lobby of the bank, this is the point where you enter the combination to the Vault (or crack the combination!).
Many systems permit unrestricted access and thereby may not require authentication (as in our example above) or may apply up to their TL-based DM as a bonus to a legitimate attempt, using such technology as voice recognition, face recognition, thumbprint readers, DNA scanners, et-al to make skill checks unnecessary when accessing the system by way of it's intended means. These degrees of sophistication also make it more difficult for those who would attempt to bypass or fool those authentication methods or devices, causing those DMs to be applied as penalties in those cases.
Example: Our intrepid J. Random has decided to attempt to access the office computer inside of the local Rent-A-Raft office. He has been watching the office for two days, and has identified that the Assistant Manager of the office, Delores Cluck, always eats lunch at the Food Extruders kiosk across the street, and always sits at the same table. He positions himself ahead of time, and when she sits down, he swipes the ID badge from the pocket of her coat and takes a quick walk around the block before going to be back door of the office. There, he Connects to the security system (in this case by walking up to it Simple Task DC-0), and holds out the card. Accessing the system (Very Easy Task DC-5) assisted by the TL-11 card reader (DM +10) means that the door simply unlatches and allows him into the back office. Inside the office, our man is presented with a TL-8 desktop computer, a keyboard, and a prompt that says Login:
Presented with this, the cycle begins again, sitting down at the keyboard and screen (Simple Task DC-0, TL-8 DM+2) a skill check is unnecessary to connect to this system. Accessing the system is a different matter, and our would-be Hacker (T/Computer 6, Hacker feat for +2) tries a series of usernames and passwords based on permutations of Delores' names and other obvious data from her ID badge, such as her age, date of birth, employee number, etc). NOT knowing the correct data to access the system, the TL modifier is applied as a penalty. This is a Break System Security task rated by the GM as (Average DC15) and requiring 5 minutes. A D20 roll of 3, +6 (T/Comp) +2 (Hacker) -2 (TL DM) results in 9, 6 shy of success. 5 minutes are spent attempting to access the system, resulting in a failed access attempt and a terminal now in security lockout from too many failed log-on attempts.
Applicable Skills :
The skill used to handle this is T/Computer. If our man had spent some more time prior to the attempt using skills like Gather Information he might have had a better chance of guessing the password, or perhaps a call to the office phone and the judicious use of Bluff might have convinced an unwitting employee to provide their user ID and password over the phone.
Success or Failure :
Success at this task results some degree of Access to the system (or perhaps just part of it), it's functions and it's data. Failure typically results (sooner or later) in that connection being locked out or taken offline, and the system's firewall or administrator being notified of the attempt. Failure to connect to a hostile system may result in the target's connection device or channel being blocked, firewalled or taken offline.
System TL Mod
TL5 - TL6 0
TL7 - TL8 +2
TL9 - TL10 +5
TL11 - TL12 +10
TL13 - TL14 +15
TL15 - TL16 +20
TL17+ +25
Margin of Success / Access Result / Effect / Detection
Failure by 6 or more / Access Denied / Access Locked Out / Alarm Activated
Failure by 1-5 / Access Denied / Disconnected / Access Logged
Success DC to DC+9 / Basic Access / Basic Privileges / Access Logged
Great Success DC +10 / Full Access / Unrestricted Privileges / Access Logged
Extraordinary success DC+20 / Full access / Unrestricted Privileges / Access Undetected
A result of 'Alarm Activated' results in immediate notification of the system operators, activation of additional security measures (if any available) and usually investigation (or retaliation/flight/disconnection/escape in the case of Sophont/AI/Viral targets).
A result of 'Access Logged' results in the access attempt (or success) being noted in the system's on-line access records. The time until that access is discovered may vary with the circumstances. Such records might be erased or altered as a separate task once access is established.
3. Execution
The Execution phase. Now that you've gotten access, what do you do with it? This is the point at which most actual tasks are performed. Indeed in most cases of normal everyday access, this is the only phase which most characters even make use of, as under ordinary circumstances, the prior two phases are no-check/Simple tasks where the technology level of the system actually assists the user.
Again, as in the previous phases, most computer systems are actually designed to make the execution phase easier, and will often apply the DM as a bonus for the user. For those attempting to operate the system in ways not originally intended, or for which the system is attempting to guard against, the DM will almost always be applied as a penalty to the attempt.
For Example:
Applicable Skills :
The skill used to handle this is T/Computer, possibly modified by the EW Specialist (encryption) or Hacker feats, depending on the task.
Success or Failure :
Success results in achieving the desired result. Great Success (DC+10) or Extraordinary Success (DC+20) may result in results of higher quality/effect, or in reduced time, at the GM's Discretion.
(Very) General Guidelines for
Typical allowed Tasks -
Privilege Levels: Guest / Basic / Unrestricted
Interact with the system: some / most / any
Unencoded Data: view / edit or save / any
Encoded data: none / view own / any
System Data (Log Files): none / some / any
Create Files: no / yes / any
Edit Files: no / some / any
Delete Files: no / own / any
Operate Devices Attached to System: no / most / any
Connect to other Systems: some / yes / any
Write or Install Programs: no / some / any
Run programs: some / most / any
Change System Security & Settings: no / settings / any
Encrypt Files: no / own / any
Decrypt Files: no / own / any
New Hacking Specific Tasks / DC / Time / Privilege
Escalate Privileges: * / 10 minutes / Any
Erase Evidence & Clean Logs: 15 / 1 hour / Unrestricted
Install Trojan Programs: 10 / 30 minutes / Unrestricted
"Escalate Privileges" increases the privilege level by 1 step (typically guest to Basic, or Basic to Unrestricted. Success or failure is treated as another Access phase performed from within the system, and has the appropriate success or failure results as outlined in the Access section above.
"Erase Evidence / Clean Logs" is a task to scrub the system to remove evidence of the Hacker's presence. Failure of the skill check for this task does *not* provide the character with knowledge of the failure, or what that failure is, GMs may want to make this roll in secret.
"Install Trojan Programs" is the task of installing programs that look like one thing, but do another. Examples include programs to covertly capture passwords and send them elsewhere, to monitor data being sent to/from the system, programs intended to lie in wait and then execute at a later time, etc. This task may be reversed, becoming "Remove Trojan Programs", permitting the safe removal of such software, identification of it's intended function, and possibly identification of the destination of any information sent elsewhere by the Trojan. This also permits the removal of Spyware and Windows Viruses... (Okay, just kidding!)
Chad Osborne:
Now assuming they actually bypass security (extremely difficult, but an expert might be able to do it given enough time), what can they then do? Can they lock or unlock hatches? Can they open/close airlocks? Can they vent the entire ship? If so, what safety measures would be in place? Can they activate other systems (weapons, drives, etc.)?
In our T20TneTU rules expansion above, a successful penetration must be presumed, and step three "Execution" has begun. As one can surmise from our version of this tasking set, the "Unrestricted privilege" would be the preferrable target zone of access, and in your example, at least "Basic Privilege" level of access for airlocks etc. that any crewman would have.
Specific areas of the ship like Life support (your venting query) may require the higher access of the Captain & Chief Engineer (again, Unrestricted access level of privileges).
Of course, due to the era of AI-Virus in which we play, such things as the Ship's gravitics, Lifesupport, are generally mechanical 'dead-man' switched to prevent the worst of what a hostile AI-Cym can do upon infecting a Ship's computer.
In pre-Virus era Traveller play, they could gain access to the ship via the airlocks, and even via the connection method applied at the airlock or cargo hatch, attempt to penetrate the Ship's computer itself.
Chad Osborne:
And finally, how would you envision detection working? Would someone on the bridge almost automatically notice as soon as things started acting strange? Or if the hacker was able to bypass security, does that mean they are pretty much un-noticed until they set off something obvious?
Physical detection & electronic detection is covered under our 'margin of success' table in step #2 "Access". Of course, having a crewman, or even a Ship's robot (pre-Virus Traveller eras) on the bridge watch to alert the crew can't be a bad thing.
I'm getting mixed signals from different rulesets and eras, and I'm trying to put together a logical system. Any advice would be greatly appreciated.
Chad