PDA

View Full Version : GURPS Hacking



Gahrer
2010-07-01, 04:04 PM
I'm soon starting a short campaign in GURPS with a friend to try out the system. I have read through the core books (edition 4) and I'm really impressed.

Anyway. I wonder if there's any rules or at least hints on how to handle computer hacking in a near-future setting. There is the Computer Operation skill and so on, but I'm still at a loss on how to do it in practice.
I have heard that it is a GURPS 4e book on this but can't seem to find it. Anyone know what it's called?

Knaight
2010-07-01, 04:14 PM
There should be materials in a few places, but if you really can't find it, PM Satyr. He knows GURPS absurdly well.

Yuki Akuma
2010-07-01, 04:15 PM
It would really depend how they're going about it. I could see Computer Programing playing a part, too.

Gengulphus
2010-07-01, 04:24 PM
Actually registered for these forums just to post this. Heh, I'm a big GURPS fan.

There is a Computer Hacking/TL skill on pp. 184 of the 4th edition book. The description notes that it is a cinematic skill and lists skills that a more realistic hacker would want to take. If this is your first time running the system, I'd advise you to just use Computer Hacking at TL 9 for the near-future setting.

The Cat Goddess
2010-07-01, 04:28 PM
The Third Edition Cyberpunk book has a lot of info...

Not 4e, but still a great book.

Connington
2010-07-01, 04:57 PM
The simplest way is to make a Computer Hacking roll. This is a cinematic skill, but it's easy to work with. You can add on difficulty modifiers to taste.

For example. You player, convinced that he's in a Michael Bay movie, decides to hack the Pentagon. You assign the -10 to skill you get for impossible tasks, but go easy on him and say that he can do it without actually being in the building. If he goes in, the penalties are chopped to -6. If he gets his hands on a legitimate account, it's just a minus -3 penalty. That's all insanely generous of course, but you get the idea.

The more realistic way is to use a variety of skills, as the GURPS book itself suggests. Doing it that way, Computer Operations is your basic skill for exploiting simple security holes and operating programs, while Computer Programming lets you, er, program computers. Research lets you find out known security problems, and other skills like Cryptograhy and so on And then there are skills you wouldn't expect, like Fast-Talk and Scrounging, for social engineering and so forth.

Gahrer
2010-07-02, 04:47 AM
Thanks!
I'll look into the cyberpunk book. How different is 3e from 4e in GURPS?

Aroka
2010-07-02, 05:05 AM
Thanks!
I'll look into the cyberpunk book. How different is 3e from 4e in GURPS?

Hardly at all.

Note that the mechanics in GURPS Cyberpunk are geared towards Gibsonesque virtual reality "netrunning" rather than realistic hacking (although you're given plenty of options, including more realistic versions of the net). The wealth of actual information about actual hacking and human engineering is perhaps more useful.

Generally, though, complex hacking/netrunning rules just make the game slow and less fun for everyone not using them. You have to think - what do you want the rules to do? Do you want entire sessions to take place online? Do you just want a system where an action and a roll get you a result? You have to design based on that.

Generally, hacking in a game should consider:

Connection. The physical stuff. How do you connect to the target system so you can transfer data? This is an area that usually gets hit with a huge dose of suspension of disbelief in cyberpunk. Realistically, security systems would not be accessible without actually plugging yourself into some part of them, or getting on a computer linked to it. A giant corporation would certainly maintain multiple separate networks on any site to keep secrets secret, and security systems secure. As in real corporate information theft, physical access is instrumental.
Getting in. This tends to get abstracted to the point of nonsense in games - you "break the firewall" and walk into a system. Actually, you'd try to crack a user account (either with brute force - sheer computational power - or through ingenuity and human engineering - ferreting out the info). Once you're in on an account, you may have an easier time upgrading your access.
Security measures. Cyberpunk games tend to have elaborate security measures where flocks of fractal birds swoop in to peck out your virtual eyeballs and leave your real meatpuppet blind and catatonic. If that's the jazz you want, you'll need complex rules. Otherwise, it's mostly going to be prevention, detection, tracking, and expulsion.
Doing stuff. What can you do on the network? How is it accomplished? Do you need a pile of separate programs - one to run a printer, one to open doors, one to copy files, etc.? Do you want to keep track of programs at all?
Hardware. Do you want to bother modelling differences between hardware? Is it useful? What should the differences affect?


You need to consider which steps you want to keep, and how complex they need to be.

In a simple system, maybe you make a roll against Computer Hacking skill to get in (once you've got access, either over the net or by actually being at a terminal), at a penalty dependent on the security of the system. Failing by more than a few points causes an alert.

Maybe your success on the first roll determines your access level - that can either work as a simple bonus to future rolls, or as a hard limit on what you can and can't do. After that, doing anything on the network or in the systems requires a skill roll. Changing things or breaking into things would be Computer Hacking, and finding information would be Computer Operation or whatever. Apply penalties for difficulty.

If someone else tries to stop you from doing things, you use opposed Computer Hacking tests.

This way, most intrusions will only take 2-3 rolls, unless you're doing something complex, like breaking into a facility's security network in order to facilitate a physical intrusion, or whatever.

It doesn't need to be more complicated than that. Once you start introducing direct neural links and "offensive programs" and "defensive programs", you're going to be taking up a lot of time for even the simplest operations. In GURPS Cyberpunk, the online actions happen in combat time (IIRC), which means getting results will take a long while.

a_humble_lich
2010-07-02, 12:20 PM
First, there is little difference between 3e and 4e: some point values are changed, some rules modified, but it is like the difference between D&D 3.0 and 3.5. It should be easy to use 3e GURPS stuff.

As for GURPS Cyberpunk, there were two different rules for hacking. There was a Gibsonesque system with neural interfaces and icons in cybercombat. But there was also a realistic system that I recall being pretty good. (Steve Jackson Games thought this was that part that got them in trouble with the Secret Service.) Unfortunately the book was written around 1991, so while the hacking system may be realistic, things have changed somewhat.

With that said, I agree with everything else Aroka said. Simple hacking rules are really good. Most of the party will not be hackers, so if it takes 2 hours for your hacker to break in to a computer and fight off all the IC, what will the rest of the players be doing during the time.

Gahrer
2010-07-02, 03:57 PM
I checked out the 3e Cyberpunk book and you guys were right about everything. :smalltongue:

Since the game won't be strictly cyberpunk I'll skip those rules (no matter how much I like Neuromancers description of hacking). They would certainly take up a LOT of time.
The other descriptions of hacking were dated to say the least, but I'll manage with Arokas tips. Thanks!