=Subversion= 
Once an intruder has successfully invaded a device or network, they can pursue whatever tasks they are interested in, as fitting that particular system. Depending on the type of account the intruder hacked, they may or may not have access privileges to do what they want to do. If their access rights allow it, the activity is handled like that of a legitimate user and no test is called for (unless the activity itself calls for some kind of test, such as [[Research]]). For example, a hacker who infiltrates a habitat’s security system with a security account can monitor cameras, deactivate sensors, review recorded surveillance footage, and so on, as any legitimate user with security right would be allowed to do.
Engaging in any sort of activity for which you don’t have access rights is more difficult and requires hacking the system. This typically requires an Infosec Success Test, modified by the dif culty of the action as noted on the Subversion Difficulties table. In most cases this in not an Opposed Test even if the system is actively monitored, unless specifically stated otherwise. Failing such tests, however, will result in a change of the hacker’s intruder status (see [[Intrusion#Failing%20Tests|Failing Tests]]).
Examples for different types of system subversion are given in the Subversion Examples sidebar. This is not an exhaustive list, however, and gamemasters and players are encouraged to improvise game effects in case an action has not been explicitly described.
|||| ==Subversion Examples== 
In addition to the tasks noted under the Subversion Difficulties table, these modifiers present some additional example actions. ||
|| **Modifier** || **Task** ||
|||| //Hacking Bots/Vehicles// ||
|| -0 || Give orders to drones ||
|| -10 || Alter sensor system parameters, disable sensors or weapon systems ||
|| -20 || Alter smartlink input, send false data to AI or teleoperator ||
|| -30 || Lockout AI or teleoperator, seize control via puppet sock ||
|||| //Hacking Ectos/Mesh Inserts// ||
|| -0 || Interact with entoptics, befriend everyone in range, make online purchases using user's credit, intercept communications, log activity ||
|| -10 || Alter social network profile/status, adjust AR filters, tweak sensory interface, change AR skin, change avatar, access VPN ||
|| -20 || Block or shuffle senses, inject AR illusions, spoof commands to drones/slaved devices ||
|| -30 || Boot user out of AR ||
|||| //Hacking Habitat Systems// ||
|| -0 || Open/close doors, stop/start elevators, operate intercom ||
|| -10 || Adjust temperature/lighting, disable safety warnings, replace entoptic skin, lock doors, switch traffic timers ||
|| -20 || Disable subsystems (plumbing, recycling, etc.), disable wireless links, dispatch repair crews ||
|| -30 || Override safety cutoffs ||
|||| //Hacking Security Systems// ||
|| -0 || Move/manipulate cameras/sensors, locate security systems/guards/bots ||
|| -10 || Adjust patterns of sensor sweeps, view security logs, disable weapon systems ||
|| -20 || Delete security logs, dispatch security teams ||
|| -30 || Disable alerts ||
|||| //Hacking Simulspace Systems// ||
|| -0 || View current status of simulspace, simulmorphs, and accessing egos ||
|| -10 || Change domain rules, add cheats, alter parameters of story, alter simulmorphs, change time dilation ||
|| -20 || Eject simulmorph, alter/erase character AIs ||
|| -30 || Abort simulation ||
|||| //Hacking Spimes// ||
|| -0 || Get status report, use device functions ||
|| -10 || Adjust AI/voice personality settings, adjust timed operation schedule ||
|| -20 || Disable sensors, disable device functions ||

|||| ==Subversion Difficulties== 
Difficulty modifiers for common computer tasks ||
|| **Modifier** || **Task** ||
|| -0 || Execute commands, view restricted information, run restricted software, open/close connections to other systems, read/write/copy/delete ﬁles, access sensor feeds, access slaved devices ||
|| -10 || Change system settings, alter logs/restricted ﬁles ||
|| -20 || Interfere with system operations, alter sensor/AR input ||
|| -30 || Shut system down, lockout user/muse, launch countermeasures at others ||
<span style="font-size: 17px; line-height: 25px;">**Augmented Reality Illusions**</span>
A hacker who has infiltrated an ecto, mesh inserts, or some other device with an AR interface may inject different kinds of visual, auditory, tactile, and even emotional illusions into the augmented reality of the device’s user, depending on the type of interface used. How the hacked user will respond to the illusion depends on a number of factors, such as whether they are aware of the intruder (i.e., the hacker has Spotted or Locked status), what type of interface they are using (entoptic or haptic), and how realistic the illusion is.
The best illusions are, of course, crafted in advance, using the best image and sensory manipulation tools available. Such illusions are hyper-realistic. Anyone making a [[Perception]]Test to identify them as fake suffers a –10 to –30 modifier (gamemaster’s discretion). An eclectic collection of software programs offer a diverse range of AR illusions.
Hackers may also improvise illusions on the fly, usually by patching in sensor data from others sources, though this is more difficult and more easily spotted (typically adding a +10 to +30 modifier to Perception Tests). The advantage is that the hacker can modify the illusion in reaction to the user’s actions or environmental factors on the fly. AR illusion software, however, also offers some template illusions that can be modified and controlled in real-time via a connected interface.
Whenever a user is bombarded with AR illusions, the gamemaster should make a secret Perception Test to see if they spot the deception. Even if they do, however, the character may still react to them. Almost anyone will duck when they see an object suddenly flying at their face, as their body reacts on its own before the brain comprehends that it’s an illusion and not a threat. Aside from their deceptive value, illusions can be used to distract users or otherwise impair their perceptive faculties. For example, dark illusory clouds can obscure vision, ear-wrenching high-volume noises can make people cringe, and a persistent tickling sensation might drive anyone crazy. Such effects can apply a –10 to –30 modifier to Perception Tests and other actions, but the user can also adjust their filters and/or turn their AR off if necessary.
==Backdoors== 
A backdoor is a method of bypassing a system’s normal authentication and security features. It enables a hacker to sneak into a system by exploiting a  aw (which can take the form of an installed program or modification to an existing program or hardware device) that was integrated into the system previously, either by themself or another hacker (who shared the backdoor).
To install a backdoor, the hacker must successfully infiltrate the system and succeed in both a [[Programming]] and an [[Infosec]] Test (or an Opposed Infosec Test if the system is actively monitored). The Programming Test determines how well the backdoor is crafted and hidden within system processes, while the Infosec Test represents incorporating it into the system without security noticing. Modify the Programming Test by –20 if the hacker wants to have security privileges when using the backdoor, –30 for admin.
Once installed, using a backdoor requires no test to access the system—the hacker simply logs on as if they were a legitimate user, gaining Covert status. Anyone who is aware of a backdoor’s details may use it. How long the backdoor lasts depends on many factors and is largely up to the gamemaster. Backdoors are only likely to be spotted during complete security audits, so more paranoid systems are likely to detect them earlier. Security audits may also occur when an intruder is Spotted but never Locked. Security audits are a Task Action with a timeframe of 24 hours. The character conducting the audit makes an Infosec Test to spot the back door. If the backdoor’s installer scored an Excellent Success on their Programming Test, this Infosec Test suffers a –30 modifier.
==Crashing Software== 
Intruders can attempt to crash software programs by killing the processes that run them. This requires a Complex Action and an Infosec Test. Note that some software is set to immediately respawn, but this can take from 1 Action turn to 1 minute, depending on the system. Hackers may crash AIs, AGIs, and even infomorphs this way, but the process is more difficult. In this case, an Opposed Infosec Test is made against the target, who is immediately aware they are under attack. Two consecutive tests must succeed in order to crash an AI, three in order crash an AGI or infomorph. If successful, the AI/infomorph immediately reboots, which generally takes 3 Action Turns, longer if the gamemaster chooses.
==Eliminating Intrusion Traces== 
Hackers who have avoided being Locked may attempt to clean up all traces of their intrusion before they exit a system. This involves erasing incriminating data in the access and security logs, and otherwise hiding any evidence of system tampering. This requires a Complex Action and an Infosec Test, or an Opposed Infosec Test if the system is actively monitored. If successful, the intruder has wiped anything that might be used to track them down later, such as mesh ID, etc.
==Hacking VPNs== 
Virtual private networks (VPNs) are more challenging to hack than standard devices. Because they exist as an encrypted network within the mesh, accessing channels of communication within a VPN is all but impossible without the encryption key. This means any attempt to sniff the VPN traffic is also impossible without the key.
The only way to hack a VPN is to hack into a device that is part of the VPN and running the VPN software. Once an intruder has access to such a device, they can attempt to access the VPN. The account the hacker has compromised may have VPN privileges, in which case they are in. If not, they must hack access, requiring an Infosec Test with a Minor modifier (–10).
Once access to the VPN is acquired, the hacker may treat the VPN like any other network. They may hack other devices on the VPN, sniff VPN traffic, track other users on the VPN, research data hidden away on the VPN, and so on.
==Scripting== 
A script is a simple program—a batch of instructions— that a hacker can embed in a system to be executed at a later pre-scheduled time or upon a certain trigger event, even without the hacker being present. When activated, the script will undertake a number of system operations limited by the abilities of the operating system and the access rights the hacker had when they implemented the script in the system. Scripts are a great way for a hacker to subvert a system without necessarily being in danger when they do it. Scripts can be programmed on the fly or preprogrammed. When composing the script, the character must detail what system operations the set will call for, in what order and at what times (or at what trigger steps). The script cannot contain more steps/tasks than the character’s Programming skill ÷ 10 (round down). To program a script, the character must succeed in a Programming Test with a timeframe determined by the gamemaster.
To load the script, the character must have successfully intruded in the system and must succeed in an Infosec Test (or an Opposed Infosec Test if the system is actively monitored). If successful, the script is loaded into the system and will run as programmed. Once the script is activated, it carries out the preprogrammed sequence of actions. The programmer’s Infosec skill is used for any tests those actions call for. Inactivated scripts may be detected in a security audit, just like backdoors.
__**Example**__
<span style="color: #ff0000;">Sarlo has inﬁltrated a security system and wants to arrange it so that a particular security sensor deactivates and a door unlocks at a set time, allowing his team to inﬁltrate a high-security area. He creates a script that will activate at 2200 hours with the following steps:</span>
# <span style="color: #ff0000;">At 2200 hours, disable security sensor</span>
# <span style="color: #ff0000;">Then unlock door</span>
# <span style="color: #ff0000;">At 2230 relock door</span>
# <span style="color: #ff0000;">Then re-enable security sensor</span>
# <span style="color: #ff0000;">Eliminate traces</span>
<span style="color: #ff0000;">This script has 5 steps, which Sarlo can handle with his Programming skill of 70. Sarlo succeeds in his Programming and Infosec Tests, and the script is loaded. It will then activate at the appropriate time. Since Sarlo’s account did not have access rights to perform these actions, each will require an Infosec Test using Sarlo’s skill to succeed.</span>

[ [[Home]] | [[Game Rules]] | [[The Mesh]] ]