this post was submitted on 20 Nov 2024
27 points (96.6% liked)

rpg

3216 readers
37 users here now

This community is for meaningful discussions of tabletop/pen & paper RPGs

Rules (wip):

founded 2 years ago
MODERATORS
 

In High technology setting, the hacking skill is incredibly powerful, and a shortcut in many investigation scenarios. By hacking the CCTV camera, I could see that Joe did it, by checkin [insert social media] I know were the evil gad guys live.

Either you go old shadowrun-style with a whole mini game where decker can be killed by AI but it's pretty heavy and weird, or you end-up with 3 success on my roll and give a lot of info for just one roll.

What are your trick/house-rules to prevent that ? And how would you actually protect from panopticon. Especially looking how stupid people are in today's real world

you are viewing a single comment's thread
view the rest of the comments
[–] andrewrgross@slrpnk.net 6 points 1 month ago* (last edited 1 month ago)

I would second this. I've definitely spent a lot of time with this question.

For my setting, I try to lean into realism. So the first thing we have to ask is what "hacking" means in these situations. Hacking shouldn't be magic.

First, hacking typically looks like using a system in the way it was intended by someone who wasn't intended to use it or in some other modified way. So to break into a CCTV system, ask how proper users would use it, and then how to bypass that.

Second, the more advanced technology gets, the more advanced security gets. Think about what it would take to hack into a CCTV system today. You'd likely need to steal a password to use the actual software or snoop the raw data signal of a camera and then decode it. In the future, this isn't going to be less secure.

So if you wanted to hack into CCTV camera, players should not be able to roll and then see anything anywhere. They should need to find some physical connection and/or find some way to obtain credentials to a remote access system. This could be by forging biometrics of someone with access, tricking someone with access to logging in for them, or finding leaked access credentials online. And all of these should have limitations: how long they can be logged in; what they can do without triggering detection; how long it takes to call files; etc.

These same principles apply to a social media search. It wouldn't really make sense for everyone's data to be readily available to anyone with basic hacking proficiency in some kind of easy database. Assume online privacy moves forward at the same pace or greater than privacy invasion. You can't just type "HACK!" and see someone's real-world location. You could probably find a publicly listed address or maybe find a license plate reading with a time and place. But you're going to have to still do a lot of the conventional investigation work to find someone: figure out where they work, hang out, shop, etc. and look for a point where they slipped up, either in biospace or online.