This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Old rules and docs

These are houserules and setting writeups I no longer use at my table, but are preserved here for others who may be interested.

1 - Using the SR 6e Matrix rules in SR 5e

Being a Matrix backport attempt, presented for your delight (doubtful) and utility (maybe)

The SR6e ruleset contains a gently streamlined version of the Matrix rules from Shadowrun 5e; these have several useful changes that reduce book-keeping and give deckers a simpler and more agile action economy. In this section, I lay out a backport of these rules to work within the Shadowrun 5e ruleset.

1.1 - Introduction

What I’m trying to do

The SR6e ruleset contains a gently streamlined version of the Matrix rules from Shadowrun 5e; these have several useful changes that reduce book-keeping and give deckers a simpler and more agile action economy.

Some of the changes to the Matrix rules are not compatible with the rest of SR5e: for example, the use of attack and defence ratings to distribute Edge during Matrix actions. Fortunately, it is easy to ignore those, and still use other parts of the SR6e Matrix system within SR5e. These houserules aim to do just that.

  • Goals of doc:
    • To present a set of house rules for deckers in Shadowrun 5e, based on the Matrix rules in Shadowrun 6e.
    • Where possible, existing 5e rules from the wider system (stuff like limits, the action economy, etc) will be kept, in order to maintain compatibility with other 5e houserules, splatbooks, etc.
  • Non-goals:
    • To explicitly cover any content from splatbooks for SR5e; only CRB content is included here.
    • To exactly reproduce 6e rules inside 5e; where I feel it necessary, I will houserule to bridge the gaps. I’ll try and call this out, though, so you know I’ve done it.
      • There are some subtle changes in 6e to things like which stat to roll for some actions that might just be annoying for tables that are already familiar with the 5e Matrix rules or use existing 5e Matrix rules reference material. I have mostly left these out of the first part of the document, although they are listed one-by-one in the second part.
    • To be a 100% complete ruleset. I am not a professional RPG writer, so I’m not aiming to produce content that anyone would/should pay for. I’m going to attempt to cover 80% of the stuff and hope GMs can fill in the remaining 20% at their table. That said, if you notice any glaring holes, please tell me!
  • Todo: technomancers. There are none at our table, and never have been, so I haven’t looked at their rules yet. If you’d like to help out, please get in touch.

Overview of the changes

I will ignore here the wider changes to SR6e that the decker rules fall into line with, eg. attack-rating-vs-defence-rating, Edge, and so forth. I’m concentrating on Matrix rules.

  • Decker action economy is simplified: mostly by making deckers able to do more with a single action and single test then they could in SR5e, where they’d often have to roll to get marks then roll again to achieve goals. This could be particularly difficult during combat, where the decker might target one opponent to get marks against, only for that opponent to be killed by other team-mates before the decker could exploit the marks.
    • Hack on the Fly: this is the stealth-orientated method for deckers to get access to things they shouldn’t. In 6e, it is replaced by two separate actions: Probe1, which is slow but establishes backdoors, and can be done hours ahead of time. And then Backdoor Entry2, which exploits weaknesses found earlier by Probe to give the decker access as they need it during the run. See more here.
    • In SR6e, Spoof Command can be used by a decker to send a single command to a device without first getting any marks/access levels on anything. In SR5e, the decker would first need a mark on a device that can control the target device to do this. Again, this gives deckers more ability to be useful in the field and react to dynamic situations. See more here.
  • Marks have been replaced by Access Levels, which helps reduce book-keeping slightly. There are fewer access levels than there were mark levels, and they’re easier to remember. See more here.
  • Overwatch Score (OS) accumulation is different. Instead of getting 2d6 every 15 minutes, as happens in 5e, in 6e the decker accumulates OS as they remain connected to compromised systems or See more here.
  • Matrix damage gives penalties to dice pools just like physical and stun damage; ie -1 per 3 boxes. This makes Data Spike deckers more dangerous, as even if they don’t do enough damage to take a device offline, they can still damage it. See more here.
  • Grids: in SR6e, grids no longer have any mechanical effect. They are kept only as cosmetic fluff. Every host/device is equally accessible on every grid. Players never need to hop grids to get to targets3.

A note about the document structure

This section is very long, but you don’t need to read most of it.

The second and larger section - Comparing SR5e and SR6e - goes through the two systems item-by-item, and is the section I wrote first, to convince myself I understood both rulesets. This is the bulk of the section.

However this section is not needed if you just want to read the houserules. For those, you only need to read the Rule Changes section (which is a good deal shorter, at ~8 pages.)

  1. Snigger. ↩︎

  2. Snigger. Again. ↩︎

  3. This showed up in 5e as an optional rule in Kill Code. ↩︎

1.2 - The houserules

How to use (most of) the 6e Matrix rules in 5e

These rules are canon for my current campaign. However, I am working on superseding them with a set of rules that is further streamlined.

Marks: change to access levels

Remove the concept of marks entirely. Replace with three levels of access:

  • Outsider access is what you have when you first log into a system, and it doesn’t grant you anything other than the ability to look around and interact with others in the location. Equivalent to 0 marks. A host might or might not allow Outsiders to enter it, depending on its purpose and configuration.
  • User access allows you to scan information — read files, perform basic functions, that sort of thing. Equivalent to 1 mark.
  • Admin access allows you to change configuration, turn devices on or off, etc. Equivalent to 3 marks.

(Note there is no equivalent to 2 marks, a small efficiency gain. GMs don’t need to track it and deckers don’t need to pass through it on the way to Admin access.)

All iconography around marks is also removed. No more visible marks or designing a mark that matches your persona.

In addition, most of the time, a character’s hack targets will be an entire PAN or WAN, not not an individual device (see below). Accordingly, access levels are tracked against the entire PAN or WAN. This also reduces book-keeping.

Programs and effects that depend on marks

There are a variety of things in 5e’s version of the Matrix rules that derive an effect from the number of marks you possess, eg. the Brute Force action does extra Matrix damage, so does the Mugger program, and so on. I am preserving these by ruling that User access is equivalent to 1 mark, and Admin access is equivalent to 3 marks.


For the purposes of this doc, a WAN is a PAN that is run off a host rather than a commlink/cyberdeck/RCC. Same game mechanics, though, just with more dice.

  • The concept of “master” and “slave” devices doesn’t really exist any more as an explicit thing. Devices can be naked on the Matrix or merged into a PAN/WAN. A PAN/WAN is always centered around a commlink, cyberdeck, RCC, or host.
  • If a device is in a PAN/WAN, you cannot hack into it directly via the Matrix. You have to hack the PAN instead. (But see below about direct connections.)
  • Access levels gained against a PAN - User or Admin - apply to every device on the PAN.
  • PAN sizes are essentially unlimited1. I’m just not interested in tracking them, honestly. I will revisit this if it turns out to break anything important.
  • If you can get a direct cable connection to the device, you can hack just the device. It no longer benefits from the stat boosts from being in the PAN/WAN, so now rolls (likely) a pitiful dice pool2. But access levels gained against it still count for the entire PAN/WAN and everything in it.
    • Yes, physically compromising devices is very powerful.

Matrix skills; Matrix attributes (ASDF); deck stats & configuration

No changes to make here.

Matrix damage & repair; dumpshock

Any device that uses the Matrix to function - including any gear like guns and cyberware that have wireless bonuses - incurs dice pool penalties when they take Matrix damage: -1 per three full boxes. This makes Data Spike wielding deckers more dangerous.

No changes to dumpshock or link-locking.

Your failed Attack actions no longer give you Matrix damage, and your failed Sleaze actions no longer give the target marks against you.

Matrix modes (AR/VR); initiative

No changes.

Connections; Noise

No changes.

Overwatch, GOD, convergence

As in 5e, all hits rolled against the decker in opposed tests on illegal actions add to the Overwatch Score. These are any actions that use the [Attack] or [Sleaze] stats of your deck to determine their limit.

However, remove the secret +2d6 that is added to OS every 15 minutes. Instead, deckers accumulate OS in three new ways:

  • +1 to OS every time they do an action that is affected by any Hacking program (see the list on SR5e CRB page 245)
  • +1 to OS every combat turn that the decker maintains User access to a host or device that was gained via Brute Force
  • +3 to OS every combat turn that the decker maintains Admin access to a host or device that was gained via Brute Force

As before, Overwatch Score is reset when the decker logs out or reboots their deck. And Convergence happens when the Overwatch Score reaches 40, and has the same effects.


Grids add little to the rules beyond book-keeping, and make some stuff confusing. Keep them for fluff and flavour (the Ares grid has Ares propaganda, the Seattle grid has Emerald City spam) but remove all mechanical effects. All hosts and devices are accessible from all grids without penalties.3

Keep only the -2 dice pool penalty to all actions while using the public grid - it still hurts to be poor, and the free public access grid still sucks.

Matrix perception & running silent

Three important changes:

  • Drop the -2 dice pool penalty for running silent.
  • Running silent is done at the entire PAN level; it is no longer a per-device setting. This also applies to an entire Shadowrunner team with all their devices being covered by the team decker; either all their stuff is running silent, or none of it. This is a lot easier to track.
  • When attempting to spot icons that are running silent, you no longer need to randomly pick which ones you investigate with Matrix Perception. Instead, you make a single Matrix Perception test (Computer+Intuition [Data Processing]), and each icon running silent makes the opposing dice roll (Logic + Sleaze.) Every icon that fails this test is immediately revealed to you, all in one go.4

Stealth tags are always running silent and resist Matrix perception actions with 10 dice.

Matrix actions

Sleaze attacks: Probe / Backdoor Entry

Remove the Hack on the Fly action. Replace it with two new linked actions:

It isn’t completely clear if a decker’s Probe results persist if they log out of the Matrix then log in again later. For these houserules, I am ruling that they do.

Once a decker has successfully run Probe against a target, they can move onto the second new action:

Brute Force

By default, a successful Brute Force check grants User access. If the decker wants to go from Outsider to Admin access in one go, they may attempt to do so, at a -6 dice pool penalty (reduced to -4 with the Go Big Or Go Home quality).5

Note that access gained via Brute Force will accrue Overwatch Score as long as the decker maintains the forced access; at a rate of +1 per Combat Turn for User access, or +3 per Combat Turn if the decker has Admin access. So once you use this, the clock is ticking!

Also: Brute Force no longer does optional Matrix damage, in the name of up speeding play and simplifying things. One action = one result.

Spoof Command

In these houserules, as in SR6e, Spoof Command no longer needs any marks on anything to work. (In SR5e, it requires a mark on an icon that can legitimately command the target device.)

New action: Tarpit

A sort of stun-damage analog to the physical-damage attack of Data Spike:

New action: Encrypt File

A very minor detail, but this is the counterpart to Crack File. This functionality is in 5e but buried in a weird little alternate mode in a footnote to the Edit File action.

Smaller action changes

There are a large number of small changes to various dice rolls and mechanics for actions throughout 6e. In the main, I am choosing not to include these in my houserules. I don’t think any of them have a drastic effect on gameplay, and they will invalidate the 5e quick reference material I use, which is painful. All these changes are documented in the Matrix Actions Comparison section, if you want to see them.

Here are some smaller changes I do think it’s worth making:

  • Format device: treat the repair test for restoring a device as the same as repairing a device bricked through accumulated matrix damage.
  • …maybe more to come here after playtesting…

Removed actions

  • Invite Mark - Hosts can now allow access to people with Outsider access level instead, so they no longer need to invite would-be visitors to get one mark first.
  • Erase Mark - the only way to erase marks now is to reboot the device. It is unclear how this works in the context of hosts, though.
  • Hop Grid - grids are gone, so this is gone.


Almost all programs can be left as-is. 6e removes a number of programs that are in 5e (see the comparison for details), but they are harmless to leave in place, I think. 6e also changes how a few programs work in order to use the new Edge mechanic; again, this can be ignored.

The only exception is the Guard program, which should be removed, as it only works in the context of marks gained against the decker.

Hosts & IC

Keep host and IC initiative, stats, and attack rolls the same. See below for a detailed comparison, but in general, make the following changes to IC effects:

  • Hosts no longer get marks on deckers: this is one less thing to keep track of. IC actions no longer grant marks or require marks. Remove the damage boost related to marks from Black IC, Blaster, etc.
  • Scramble forces a reboot at the end of the next Combat Turn6. Otherwise it becomes a bit of a powerful one-blow-knockout against the decker, as it no longer requires any marks against them as a prerequisite.
  • Acid / Binder / Jammer / Marker: these are the IC that attack your deck’s Firewall / Data Processing / Attack / Sleaze stats. Change them so that:
    • They degrade your deck stats by the net hits on their attack roll, not just 1 point.
    • They do not do Matrix damage.
    • Stat degradation recovers at the rate of 1 point per minute once the decker has left the host that did the damage.

Other removed rules

No -2 dice pool penalty to Matrix actions for running silent - this is another fiddly detail to remember and easy to forget about. Furthermore, with the move to make running silent a setting that applies to an entire PAN rather than an individual device, it becomes quite painful for players to make decisions about. So it is removed in these houserules, in line with SR6e.

Rules non-changes

To make it explicit, I don’t suggest changing anything on this list. They should still work fine with the former changes in this section.

  • Cyberdecks: Leaving aside the splitting of 5e’s cyberdecks into 6e’s cyberdecks and cyberjacks, the stats are broadly equivalent in both editions. No particular adjustments are needed to 5e’s deck’s stats to fit into the backported rules.

    However, I’d recommend GMs consider reducing the cost of cyberdecks significantly, at least by 50%, perhaps even more… or be prepared to make upgraded cyberdecks an occasional run reward from Mr Johnson, and give all PC’s decks plot armour, as losing one will be financially ruinous.

  • Use of ASDF stats to determine test limits; also how cyberdeck stats are assigned and moved around between the ASDF slots.

  • All mechanics for what happens when Convergence occurs.

  • Noise is unchanged in this ruleset, both in terms of how it is calculated and its mechanical effects.

  • Matrix Search in 6e appears to have been the victim of mangled editing resulting in dubious maths7. A strict reading of RAW suggests a decker can make an extended test, so rolling 50-100 dice in aggregate, against a results table where 10 hits reveals “deep secrets others are trying to actively hide” - a trivial accomplishment on so many dice. It is best left as-is in 5e, I think.

  1. “PAN’s were not originally meant to be as restrictive on number of devices as they ended up (if errata does not get approved to change it a good house rule would be to make it Device Rating x3 for max number of devices)” source ↩︎

  2. This is a houserule; in 6e RAW, direct connection doesn’t grant the firewall bypass. ↩︎

  3. I have little love for the extended test mechanic in general. It’s good in theory, but it simply takes too long to roll 50-100 dice and count the hits. ↩︎

  4. This is the rule in 5e, also, as of Kill Code (see page 32.) ↩︎

  5. Confirmed by Banshee (Matrix rules author) as his intention here. ↩︎

  6. RAW is one minute; Banshee originally intended it to be an hour. I prefer his version. ↩︎

  7. Note I have removed the word “extended” here – see the note below. ↩︎

1.3 - Key differences between Matrix rules in SR5e to SR6e

Line-by-line comparison of the Matrix rulesets

What follows in this section is a line-by-line comparison of the 5e and 6e Matrix rules. I wrote this section first, to make sure I understood the changes across the two systems. I’ve kept it here in case you are interested but you shouldn’t need to read this to use the houserules presented above.

The formatting of this section has suffered a bit when I transferred it from Google Docs to this website. It might be clearer to read the original doc.

Matrix fundamentals

5e 6e
Matrix attributes There are four attributes (ASDF.) These are intrinsic to the deck the decker is using. They act as limits on most skill checks. The same four attributes are intrinsic to the deck and cyberjack the decker is using. They are used to calculate Attack and Defence Ratings, which in turn grant Edge on Matrix actions.
Matrix condition monitor 8 + (Device Rating / 2) boxes. No penalties to actions from accumulated damage Same. -1 to all tests per three boxes of damage
Data Spike damage Persona’s Attack rating (Persona’s Attack rating) / 2
Matrix damage resistance Device Rating + Firewall Firewall
Dumpshock 6S if in cold-sim, 6P if in hot-sim. Resisted with Willpower + Firewall (if deck just got bricked, Firewall is 0). -2 dicepool on everything for (10-Willpower) minutes 3S if in cold-sim, 3P if in hot-sim. Resisted with Willpower only. Cannot gain or use Edge on any actions for (10-Willpower) minutes
Link-locking Cannot use Switch Interface Mode, Enter/Exit Host, or Reboot on the device your persona is using. Defeated with a successful opposed Jack Out action. (But will give dump shock.) Same.
Repairing Matrix damage Straight test:

Hardware + Logic [Mental]. Takes 1 hour. Each hit = 1 box repaired or cut time in half

Extended test: Engineering + Logic (num_box_damage / 1 hour)
Overwatch score (OS)
  • +1 OS per hit on opposing roll for any Attack or Sleaze action
  • +2d6 (rolled in secret) every 15 minutes after OS first starts accumulating
  • +1 OS per hit on opposing roll for any illegal action
  • +1 for each Matrix action modified by a hacking program
  • +1/+3 per round for each host to which you are maintaining illegal User/Admin level access
Convergence When OS reaches 40

Not in a host:

Device takes 12 DV Matrix damage

User dumped (w/dumpshock)

Physical location reported

In a host:

Host gets three marks on deck

IC is deployed

When OS reaches 40

Bricks device

User dumped (w/ dumpshock)

Physical location reported

No special rules for convergence in a host.

Matrix initiative AR: physical init

VR cold sim:
Data Processing + Int + 3d6

VR hot sim:
Data Processing + Int + 4d6 +2 dice pool to all actions

AR: physical init

VR cold sim:
Data Processing + Int + 2d6

VR hot sim:
Data Processing + Int + 3d6


There is no major difference in skills between 5e and 6e, other than the fact that the 5e Skill Groups become Skills in 6e. The way the skills are used are the same however.

5e skill 5e skill group / 6e skill
Cybercombat Cracking (illegal)
Electronic Warfare
Computer Electronics (legal)
Compiling Tasking (Resonance - Technomancers only)

Any action using any skill in the Cracking group - so any action that uses the Cybercombat, Electronic Warfare, or Hacking skills - is considered to be illegal by the Grid Overwatch Division. These actions will increase a decker’s overwatch score when used.

Security & bypassing it

5e 6e
Getting into a Host
  • Legit: Invite Mark
  • Forceful: Brute Force
  • Sneaky: Hack on the Fly
  • Just go in without any access level (if the host allows it)
  • Brute force
  • Probe -> backdoor
Getting more than one level at once On Brute Force or Hack on the Fly:

By default, they only grant one mark. Decker can shoot for two marks at a -4 dice penalty, or three marks at a -10 penalty.

Backdoor: always grants Admin access.

Brute Force: normally grants User access. Decker can opt to attempt for Admin access, but target gets +2 dice pool and +4 Defence Rating in their test.

Legitimate access to public Hosts The host sends Invite Mark to let users get one mark. The user does that, then uses Enter Host. The host can be configured to allow access to users with Outsider access level.


Getting in / Mark manipulation

Where I list the 6e mechanics as “same” below, what I mean is:

  • The 6e skill is the same as the 5e skill’s corresponding skill group; so, for example, if the 5e skill is Software and the 6e skill is Electronics, then these are the same.
  • A 5e Simple action is the same as a 6e Minor action, and likewise for Complex / Major.
  • I will highlight key differences in the actions, to make them easier to spot.
5e 6e
Brute Force (illegal) roll: Cybercombat + Logic [Attack] resist: Willpower + Firewall action: Complex

requires: no marks

Gain one mark on target per net hit.

Every two net hits optionally also does 1 DV or Matrix damage, resisted with Device Rating + Firewall.

Can attempt to get two marks in one go at -4 dice pool, or three marks in one go at -10.

Can also use this action to hop grids.

roll: same resist: same action: same requires: same

Gain User or Admin access on the target if the test succeeds.

No mechanic for doing Matrix damage.

Can attempt to get Admin access from Outsider, at a cost of +2 dice on the resistance test and +4 bonus to target’s Defence Rating.

No mechanics for grid hopping.

Hack on the Fly (5e)

Probe / Backdoor Entry (6e)


Hack on the Fly:

roll: Hacking + Logic [Sleaze] resist: Intuition + Firewall action: Complex

requires: no marks

Gain one mark on target per net hit.

Every two net hits also counts as a one hit on a Matrix Perception test, so you get some information too.

Can attempt to get two marks in one go at -4 dice pool, or three marks in one go at -10.

Can also use this action to hop grids.


roll: same resist: Willpower + Firewall or Firewall x2 action: Extended, 1 minute[^12] requires: no access

Backdoor Entry:

roll: same resist: Willpower + Firewall action: Major Action requires: no access

No mechanics for grids.

Erase Matrix Signature


roll: Computer + Resonance [Attack]

resist: Signature Rating x 2

action: Complex Action

requires: No marks

If the test is successful, the signature dissipates.

Character must have a Resonance rating to attempt this action. This is a real Matrix Action, and illegal, so risks Matrix damage and Overwatch Score when done.

roll: Electronics + Logic

resist: Willpower + Firewall or Firewall x2

action: same

requires: User/Admin



Invite Mark


No test N/A
Erase Mark


roll: Computer + Logic [Attack]

resist: Willpower + Firewall

action: Complex

requires: 3 marks


Device Manipulation

5e 6e
Control Device


roll: varies or

Electronic Warfare + Intuition [Sleaze]

resist: Intuition + Firewall

action: varies

requires: varies

Perform an action through a device you control.

Test is usually determined by the device you are controlling eg. a turret would be Gunnery+Agility.

All tests are limited by [Data Processing] if that is lower than the limit you’d normally have.

If there is no test associated with an action, use the test above.

Can use this against multiple targets. If you are the Owner of them all and it’s the same command, no penalty. Otherwise, have to split your dice pool.

Free/Simple/Complex is determined by the command given, as is the access level required (1/2/3 marks.)

This is a Sleaze action, so OS accumulates.

roll: varies or

change stat to Logic

resist: Willpower + Firewall

action: Major

requires: User/Admin





Not mentioned.

Always a Major action. Requirement for User or Admin access determined by GM fiat.

This is a legal action.

If in AR, use normal physical stats. If in VR, use mental stats (Body->Willpower, Agility->Logic, Reaction->Intuition,. Strength->Charisma.)

Format Device (illegal in 5e)

(legal in 6e)

roll: Computer + Logic [Sleaze]

resist: Willpower + Firewall

action: Complex

requires: 3 marks

Next time device reboots, it fails to restart until repaired.

Repair is an extended Software+Logic [Mental] (12, 1 hour) test.

roll: same resist: Willpower + Firewall or Firewall x2 action: same requires: same (Admin)


Repair is the same as a bricked device, requiring number of hits equal to the devices Device Rating.

Reboot Device


roll: Computer + Logic [Data Processing]

resist: Willpower + Firewall

action: Complex

requires: 3 marks

Can’t be linked-locked, suffer dumpshock, reset OS. Comes back online at end of next Combat Turn.

roll: same resist: Willpower + Firewall or Firewall x2 action: same requires: same (Admin)


Spoof Command


roll: Hacking + Intuition [Sleaze]

resist: Logic + Firewall

action: Complex

requires: 1 mark, on some other device

Give device or agent command.

Need mark on owner you are imitating.

“You spoof a device’s owner’s identity, making the device think that your command is a legitimate one from its owner. You need one mark on the icon you are imitating; you do not need a mark on the target. The opposing dice roll is still based on the target, though. This trick only works on devices and agents, not IC, sprites, hosts, personas, or any other icons.“

roll: Cracking + Logic resist: Firewall + (Data Processing or Pilot) action: same requires: none


No access needed on anything.

“You send a signal to a device with a command the target perceives as coming from its owner. The device then automatically attempts to perform the action as its next available major action.”

File Manipulation

5e 6e
Crack File


roll: Hacking + Logic [Attack]

resist: Protection Rating x2

action: Complex

requires: 1 mark

Remove encryption on a file.

roll: same resist: same action: same requires: same


Disarm Data Bomb


roll: Software + Intuition [Firewall]

resist: Data Bomb Rating x2

action: Complex

requires: no marks

Attempt to disarm a data bomb. Bomb deleted if you get any net hits. If not, data bomb activates, damaging file it was attached to.

roll: Cracking + Logic resist: same action: same requires: User or Admin


Edit File


roll: Computer + Logic [Data Processing]

resist: Intuition + Firewall

action: Complex

requires: 1 mark

Create, change, copy, delete file.

Defender is either the host holding the file or the owner of the file if it’s not on a host.

roll: same resist: same or Intuition + Sleaze[^14] action: same requires: same



Set Data Bomb


roll: Software + Logic [Sleaze]

resist: Device Rating x2

action: Complex

requires: no marks

Player chooses:

  • Rating of data bomb (up to net hits on test)
  • Effect (delete file or not?)
  • Passcode to access file

    A file can only have one data bomb on it at any one time.

    Bomb triggers when anyone tries to read, edit, copy, protect, delete, or put another bomb on the file without using the passcode.

    It does (Rating)D6 Matrix damage to the icon that tripped it.

    Bomb can be detected with Matrix Perception and then removed with Disarm Data Bomb action.

roll: same resist: same action: same requires: same




Does (Rating x 4) Matrix damage.


Encrypt File


N/A roll: Electronics + Logic action: Major requires: User/Admin

Number of hits is the Encryption Rating on the file.

Information Gathering

5e 6e
Check Overwatch Score


roll: Electronic Warfare + Logic [Sleaze]

resist: 6 dice

action: Simple

requires: no marks

Find out your own Overwatch Score.

The 6 dice rolled against this increases your score, and the player finds the score before they are (secretly) added, not afterward.

roll: Same

resist: threshold 4

resist: 10 dice (if target is a stealth tag)

action: Major

requires: Admin[^15]


Doesn’t seem to increase your OS…?

Matrix Perception


roll: Computer + Intuition [Data Processing]

resist: (if opposed) Logic + Sleaze

action: Complex

requires: no marks

Simple test when used to analyze a Matrix object or scan for silent running icons. For each net hit, get an answer to one question on the table below.

If trying to spot icons further than 100 m away, take a simple test: first hit spots target, then additional hits reveal things as above.

To spot an icon running silent, make an opposed test as above. First hit spots it, other hits can be used for more information.

roll: same

resist: same

action: Major; Minor if user has ‘deck or Resonance

requires: no access

“A successful test gives you information about the target[^16]. With a tie, you can perceive the item’s icon. A single net hit will give you basic information, such as device rating, or whatever name the device or icon

calls itself. Two net hits will give you more specific information, including individual attribute ratings, and what programs it is currently running. Additional hits will give you more information based on what

the gamemaster wishes to reveal.

This test can also be used to attempt to spot any icons in the vicinity that are running silent.”

Matrix Search


roll: Computer + Intuition [Data Processing]

resist: threshold; see below

action: special

requires: no marks

Search the Matrix for information about a subject.

Threshold determined by table below.

Hit beyond the threshold can be used to reduce the time taken (divide the time by the number of net hits.) If you fail the test, still spend the entire base time looking.

Can also use Matrix Search while inside a host. Always has a base time of 1 minute. Only works if the information is online within the host; some is in cold (offline) storage.

roll: same

resist: none

action: “extended, 10 minutes”

requires: same


Threshold determined by Legwork Table (see below.)


Replaced by the Hash Search action (see below.)



roll: Electronic Warfare + Intuition [Sleaze]

resist: Logic + Firewall

action: Complex

requires: 1 mark

Intercept traffic sent to and from target. Listen to, view, or read data live, or save it to storage.

roll: stat changes to Logic resist: same or Data Processing + Firewall[^17] action: same requires: Admin access


Trace Icon

(illegal but I think should be legal)

roll: Computer + Intuition [Data Processing]

resist: Willpower + Sleaze

action: Complex

requires: 2 marks

Find the physical location of a device or persona.

After succeeding with this action, you know the target;’s location as long as you have at least one mark.

Doens’t work on hosts (as they have no physical location), or IC programs (as they live inside hosts.)

roll: same resist: same or Firewall + Sleaze[^18] action: same requires: Admin access


You know the location “as long as you can detect the target.”

Same, but it does work on offline hosts with physical hardware. (But you likely know where the are already.)

Hash Check[^19]


N/A roll: Electronics + Logic (1 or 4) resist: threshold 1 or 4 action:Major requires: User access

Search for a file on a host or device based on known metadata. Threshold is 1 if the hash data was known (eg. given to them by Mr Johnson), 4 otherwise.

Passing the test narrows the number of possible files down to 32. For every net hit, that number is divided in half. So 5 net hits in total will narrow it down to a single file.

If the number of matches is too large after the first test, can repeat, with the usual -2 dice pool penalty. Again, each net hit reduces the number of possible files by 2.

Matrix Combat

5e 6e
Crash Program (illegal) roll: Cybercombat + Logic [Attack]

resist: Intuition + Firewall

action: Complex

requires: 1 mark

Overload a chosen program on a chosen target, crashing it. Can use Matrix Perception first to figure out what programs are running, or can observe its effects. Device has to reboot to use the program again.

roll: same resist: Data Processing + Device Rating action: same requires: Admin access


Data Spike (illegal) roll: Cybercombat + Logic [Attack]

resist: Intuition + Firewall

damage resist: Device Rating + Firewall

action: Complex

requires: no marks

Does Matrix damage.

DV = persona’s Attack rating one box of damage per net hit two additional boxes of damage for each mark you have on the target

roll: same resist: Data Processing + Firewall

damage resist: Firewall action: same requires: same


DV = persona’s Attack rating / 2 (round up)

...same additional damage from access levels

Full Matrix Defence (legal) action: Interrupt (-10 init)

requires: 4 marks (owner)[^20]

Adds Willpower to defence pool against all Matrix Attack actions for the rest of the Combat Turn.

action: Major requires: any access level

Add Firewall to the “next time you are attacked in the Matrix.”[^21]

Tarpit N/A

Tarpit is a sort of stun-damage analog to the Matrix damage attack of Data Spike.


5e 6e
Change Icon


action: Simple

requires: 4 marks

Change target’s icon to one you have a copy of or have designed yourself. This doesn’t change the results of a Matrix Perception action, but might fool a cursory inspection. You can target your own icon.

action: same

requires: User/Admin


Enter/Exit Host


action: Simple

requires: 1 mark on host

action: same

requires: depends on host

Grid hop


action: Complex

requires: no marks

Can only do this if you have access to the target grid. If you don’t have legal access, can use Brute Force or Hack on the Fly.

Can’t hop grids inside a host.

N/A (removed)


roll: Electronic Warfare + Intuition [Sleaze]

resist: Intuition + Data Processing

action: Complex

requires: no marks

If test succeeds, target has to do a new Matrix Perception test to find you again.

Cannot hide from a target that has a mark on you.

roll: same resist: same or Data Processing + Sleaze action: same requires: same



Jack Out


roll: Hardware + Willpower [Firewall]

resist: Logic + Attack (only if link-locked)

action: Simple

requires: 4 marks

Jacks out, reboots device being used.

Suffer dumpshock if in VR.

Defence pool only applies if persona is link-locked and comes from the persona that link-locked you; if multiple you have to roll against them all.

Can only Jack Out to yourself.

roll: same resist: Charisma[^22] + Data Processing or

Attack + Data Processing action: Major requires: any





Jam Signals


roll: Electronic Warfare + Logic [Attack]

action: Complex

requires: 4 marks

Turns device into jammer.

Range: 100m

Jam rating: hits on test

Cannot use it for anything else while it is being a jammer.

roll: same action: same requires: Admin[^23]



Jump In


roll: Electronic Warfare + Logic [Data Proc]

resist: Willpower + Firewall

action: Complex

requires: 3 marks

Jump into vehicle, drone, or other device.


  1. Have 3+ marks
  2. Be in VR
  3. Device has to have rigger adaptation
  4. Have to have a control rig

    If you are device owner or you have permission from device owner, no test is necessary.

    Cannot jump in if someone else is already jumped in to it.

roll: Electronics + Logic resist: same or Firewall x2 action: same requires: User/Admin





When jumped in, the device’s icon becomes part of your persona.

Send Message


action: Simple

requires: no marks

Send a message to a commcode: a short sentence, or an image, or a single file. If you’re using the Matrix through DNI (even if via AR), can send a longer message (about a paragraph.) Can also use this to open a live feed (audio/video/whatever) to one or more recipients.

action: same requires: same


Switch Interface Mode


action: Simple

requires: no marks

Switch from AR to VR, or vice versa. Cannot do this if you are link-locked. Can’t do it to other people.

action: same requires: same


Can also turn silent running on or off.


5e 6e
Firewall & hacking in All devices inside the PAN can use the commlink, deck, or host’s Firewall stat to make Matrix defence tests, unless it is being hacked via a direct cable connection.

If you get a mark on any slave, you also get a mark on the master.

All devices inside the PAN can use the master commlink or deck’s Firewall stat and the master device’s owner’s Willpower attribute to make Matrix defence tests.

Deckers attempting to gain access levels to a device inside the PAN must first compromise the PAN. They cannot Hack on the Fly or Probe devices within a PAN directly. Once they get a level of access against the PAN (User or Admin), they have that level of access for every device on the PAN.

However, Data Spike, Tarpit, and Spoof Command can be used against any device a decker can see on the Matrix, regardless of its PAN status, and without hacking the PAN first.1

Direct connections If you are directly connected to a device inside a PAN or WAN, you bypass the cyberdeck or host’s Firewall stat.

Remember that if you get a mark on a slave, you also get a mark on the host.

No specific rules. Getting a direct connection to a device still rolls the PAN/WAN’s full Firewall stat.
Maximum size & nesting PANs A commlink or deck can slave up to (Device Rating x3) devices. PANs cannot be nested. RAW: A commlink or deck can slave up to (Device Rating) devices.[^25]
Iconography “The PAN is the primary means of displaying the persona, or the icon of the user. Programs and devices attached to the PAN appear as smaller representations of their normal icons, carried by the persona.”
WANs Same as a PAN, but slaved to a host instead of a commlink or cyberdeck

If you are inside a host with a WAN, you are considered to be directly connected to all devices in the WAN

Not explicitly mentioned.


Nose is the same in 5e and 6e: the same numeric values, under the same conditions, and with the same mechanical effect.

Running silent & Matrix Perception

5e 6e
Basics Switching to silent running is a Simple Action.

Running silent imposes a –2 dice pool modifier to all of your Matrix actions due to “the processing power needed to cover your tracks.”

Silent running is switched on/off on a per-device basis.

Switching to silent running is the “Change Device Mode” Minor Action.

No dice pool penalty.

Silent running is applied to an entire PAN at once (say, a user’s commlink and all their devices.)

Matrix Perception


roll: Computer + Intuition [Data Processing]

resist: (if opposed) Logic + Sleaze

action: Complex

requires: no marks

Simple test when used to analyze a Matrix object or scan for silent running icons. For each net hit, get an answer to one question on the table below.

If trying to spot icons further than 100 m away, take a simple test: first hit spots target, then additional hits reveal things as above.

To spot an icon running silent, make an opposed test as above. First hit spots it, other hits can be used for more information.

roll: same

resist: same

action: Major; Minor if user has ‘deck or Resonance

requires: no access

“A successful test gives you information about the target[^26]. With a tie, you can perceive the item’s icon. A single net hit will give you basic information, such as device rating, or whatever name the device or icon

calls itself. Two net hits will give you more specific information, including individual attribute ratings, and what programs it is currently running. Additional hits will give you more information based on what

the gamemaster wishes to reveal.

This test can also be used to attempt to spot any icons in the vicinity that are running silent.”

Silent running vs Matrix Perception If there are multiple icons running silent, user has to pick icons (at random) to be revealed. User can reveal all icons that fail the Matrix perception resistance test in one go.
Range for automatically spotting icons Everything not running silent within 100 m of your deck or commlink is always considered spotted. No defined concept of “spotting.”

Hosts & intrusion countermeasures

5e 6e
Host stats Host Rating, HR+1, HR+2, HR+3

Distributed across ASDF similarly to how cyberdecks work



Launching IC Launch 1 IC per Combat Turn (at the beginning of the turn). Can run up to (Host Rating) IC simultaneously. Can only run 1 copy of any given IC at once. Can restart “bricked” IC next turn Same.
IC stats (Host Rating x 2) for IC Attack Rating (limited by hosts’s [Attack]).

Initiative: Host Rating + Data Processing + 4D6.

Condition monitor: 8+(Host Rating /2)[^27]

Defensive rolls and effects vary by IC type.

(Host Rating x 2) for Attack Rating, Condition Monitor, and most rolls.

Initiative: (Data Processing x 2) + 3D6.

Condition monitor: (Host Rating x2)



5e 6e
All IC rolls the same attack roll:

roll: (Host Rating x 2) [Attack]

action: Complex

All IC rolls the same attack roll:

roll: (Host Rating x 2)

attack rating: Host Attack Rating

action: Complex

Acid resist: Willpower + Firewall

If it gets 1 or more net hits, reduces target’s Firewall by 1.

If Firewall is 0, causes 1 DV Matrix damage per net hit.

Firewall stat cannot be restored until you reboot.

resist: same

Firewall attribute reduced by number of net hits.

Does not cause Matrix damage.

Firewall stat restores itself after you leave the host, at the rate of 1 point per minute.

Binder resist: Willpower + Data Processing

Same as Acid, above, but affecting Data Processing.

resist: same


If Data Processing is reduced to 0, no Matrix actions can be taken at all.

Black IC resist: Intuition + Firewall

If get 1+ hits, target is link-locked.

(Attack) DV Matrix damage

...+1 DV per net hit

…+2 DV per mark on target

Plus the same amount of biofeedback damage

resist: same

Doesn’t mention link-locking.[^28]

Deals (host rating + net hits) in Matrix damage and biofeedback damage.

Blaster resist: Logic + Firewall

As Black IC but only causes Stun biofeedback damage.

resist: same

(Host rating[^29]) Matrix damage and link-locks target.

Crash resist: Intuition + Firewall

If Crash IC (or its host) has a mark on you, a random one of your programs crashes. It cannot be run again without a deck reboot.

resist: same

Same. Doesn’t need a mark on you, though.

Jammer resist: Intuition + Firewall

Same as Acid, above, but affecting Firewall.

resist: Willpower + Attack

Same as Acid, above, but affecting Firewall.

No Attack actions can be used if your attack rating is 0.

Killer resist: Intuition + Firewall

(Attack) DV Matrix damage

…+1 DV per net hit

…+2 DV per mark on target

resist: same

Deals (host rating + net hits) in Matrix damage.

Marker resist: Willpower + Sleaze

Same as Acid, above, but affecting the Sleaze attribute.

resist: same


Patrol Patrols a host, regularly using Matrix Perception actions on all icons within it. Rolls Matrix Perception once per minute.
Scramble resist: Willpower + Firewall

If the host has three marks on you and you are hit by this, it immediately reboots your deck, hitting you with dumpshock.

resist: same

If it hits, it forces you to reboot on your next turn, unless you are link-locked. (No marks required.)

Sparky resist: Intuition + Firewall

(Attack) DV Matrix damage

…+1 DV per net hit

…+2 DV per mark on target

Plus the same amount of biofeedback damage.

resist: same

Deals (host rating + net hits) in biofeedback damage.

Tar baby resist: Logic + Firewall

If it hits, you are link-locked.

If you’re already link-locked, it puts a mark on you.

resist: same


Does not change access levels.

Track resist: Willpower + Firewall

If this IC hits and the host has 2+ marks on you, the host (and its owners) discover your real-world location.

resist: Willpower + Firewall

Same, but does not require any access levels / marks on the target. The location is revealed if it hits, regardless.


Common programs

5e 6e
Baby Monitor N/A; Baby Monitor is a “hacking program” in 5e Make user aware of their Overwatch Score at all times.[^30]
Browse Cuts time for Matrix Search actions in half. Grants 1 Edge to be used on the Matrix Search roll.
Configurator Store a deck config (ASDF allocation & program load.) Swap the entire config for a Free action, rather than a single pair of stats. Same.
Edit +2 to [Data Processing] limit for Edit tests. 1 Edge on Edit File actions.
Encryption +1 to Firewall. +2 dice pool when using Encrypt File actions.
Signal Scrub Rating 2 noise reduction. Same.
Toolbox +1 to Data Processing. Same.
Virtual Machine +2 program slots, but whenever your persona takes Matrix damage, it incurs an additional box that cannot be resisted. Same.

Hacking programs

5e 6e
Armor +2 dice to resist Matrix damage. +2 to matrix Defense Rating.
Baby Monitor Always know your current Overwatch Score. N/A; Baby Monitor is a “common program” in 6e
Biofeedback When you attack a persona that’s backed by a biological entity (eg. a decker), the character takes Stun or Physical damage equal to the Matrix damage you do (depending on if they are in cold sim or hot sim.)

Damage is resisted with Willpower + Firewall, as usual.


Damage is resisted with Willpower alone, as usual.

Biofeedback filter +2 dice pool to resist biofeedback damage. Allow Device Rating or Body to soak Matrix damage.
Blackout As Biofeedback, but only ever causes Stun damage. Same.
Decryption +1 to Attack. +2 dice on Crack File action.
Defuse +4 dice pool modifier to resist damage from Data Bombs. Allow Device Rating or Body to soak damage from Data Bomb.
Demolition +1 rating to any Data Bombs you create. N/A
Exploit +2 to Sleaze attribute when attempting Hack on the Fly. Reduce defense rating of hacking targets by 2.
Fork Can perform a single Matrix action against two targets without splitting your dice pool - make one test, and each target defends separately against the test result. Same.
Guard Reduces the extra damage you take from marks against you by 1 DV per mark. N/A
Hammer +2DV to all Matrix damage dealt. N/A
Lockdown When you cause Matrix damage, link-locks your target until you stop running Lockdown or they Jack Out. Same.
Mugger Bonus Matrix damage from having a mark on your target is increased by 1 DV per mark. N/A
Overclock N/A Add two dice to a Matrix action; one must be the wild die.
Shell +1 dice pool to resist Matrix damage and biofeedback damage. Stacks with similar modifiers from other programs. N/A
Sneak +2 dice pool to resist Trace User.

If you are Converged on, GOD don’t get your physical location.

Stealth +1 to Sleaze. Gain 1 Edge when doing the Hide action.
Track/Trace +2 to Data processing when doing Trace User tests, or negate the +2 bonus from Sneak if your target is using that. Gain 1 Edge when doing the Trace Icon action.
Wrapper Change icon of something to look like a different sort of icon entirely. Can be penetrated by Matrix Perception. N/A

  1. Bit weird, that one. It’s not like you can do Full Matrix defence to anyone else. ↩︎

1.4 - Appendices & notes

Appendix: citations and posts of interest

“If all devices are linked to his Commlink PAN then all the cop would see is the PAN as a casual observer, but if the cop then makes a matrix perception check then he will see all active wireless devices unless the guy is actively hiding them and then it becomes an opposed test.”

“[Technomancers] kind of got hosed and can’t join a PAN until they get Living Nerwork .. which I tried to make a Complex Form so it wasn’t locked behind submersion. Skinlink would also allow them to form a direct PAN for their own gear but not join a party network.” source

Re: hash check

LVN’s Matrix Lite for 5e

2 - The Matrix re-fluff

An incomplete attempt to re-write the in-game Matrix to make more sense

2.1 - Introduction

Why I wrote this & what I hoped to achieve

The Shadowrun Matrix rules have undergone years of patching and re-patching, more so than any other aspect of the system. There are many decisions that are made for good game mechanic reasons but have inadequate explanations within the in-game universe. This makes them confusing and counter-intuitive, as the mechanics and the narrative sometimes don’t quite align.

While the rulebooks do a decent job of defining the pieces of the Matrix they don’t go into enough detail about how the pieces fit together inside the game universe. Instead, the books mostly go from piecemeal definitions directly into the rules. Players and GMs are left to infer the workings of the game universe from how the rules function, but this isn’t always clear or consistent.

I wanted to have a go at cleaning this up for my own game. Although unfinished, this document is the result. It attempts to describe the in-universe view of the Matrix and how it works.

Goals of doc:

  • To support the classic cyberpunk tropes, such as criminals slicing through seemingly-overwhelming security by finding and exploiting weak points, and of seemingly-impenetrable megacorps undone by their arrogance and laziness.
  • To keep as close as reasonably possible to Shadowrun 5/6e rules-as-written. I do have my own Matrix houserules, but they mostly streamline existing mechanics without changing how things function.


  • To consider rule changes as a consequence of this doc (that is a separate project.)
  • To obey established canon (I will deviate or expand wherever I feel absolutely necessary, although I will try to minimise this.)
  • To use real life terminology with complete accuracy (I will use computing terms in order to evoke a high-tech future, but not necessarily in perfect accordance with their real definitions.)
  • To adhere to a strictly retro-futurism interpretation of cyberpunk; this document will not be designed to support wired networks and neon wireframes virtual realities.

NB: Although the below is written predominantly for my own Shadowrun campaign, and mostly uses Shadowrun jargon, I hope it might also be of use for other Cyberpunk RPGs that eschew cassette futurism and instead have wireless networks and augmented reality interfaces.

Major topics discussed so far

  • Why deckers have to be within hacking range of targets
  • What personas are, and why you can only have one at once
  • Why you can’t steal (most people’s) personas to get all their stuff
  • How shadowrunners and other organised criminals can get by in modern society
  • Why you can’t trivially destroy people’s houses by hacking all their stuff when they’re at work
  • Why cyberware and weapons have wireless connections and hence are hackable

2.2 - Matrix fundamentals

The devices that make up the Matrix’s infrastructure

Matrix infrastructure

The Matrix is so far ahead of our current understanding of computing as to border on magical. Nevertheless, there are some ways in which it resembles the networks we are familiar with today.

  • Mesh routing: the Matrix predominantly uses high-bandwidth, high-frequency wireless signals to carry vast amounts of data around. Unfortunately, these are also very short range and are easily blocked by solid matter. To get around this, the Matrix relies on a peer-to-peer mesh network for the “last mile” of connectivity. Matrix devices connect directly to each other, dynamically cooperating to pass data from one to another until it gets to where it needs to be.
  • The global grid aka the Backbone: your connection only uses the local mesh until it can reach an uplink node and be routed onto the global grid, sometimes called the “backbone” or the upper grid by deckers. Once your traffic is on the backbone, it moves to a vast planet-spanning array of fibre optic cables and satellite links; bandwidth and speed are approximately infinite, and distance is no object.
  • Cellular networking: when the local mesh fails you, uplinks can still fall back to early-21st-century style long-range digital radio signals. The bandwidth is feeble and the latencies are terrible; it’s only enough for text/voice/video comms, or for letting your car check with the cloud that you’re allowed to drive it. But at least it works almost everywhere. Cellular networking is strictly a fallback. If a device has any sort of connection via the local mesh, it won’t power up its cellular radio. (It’s a battery hog.)
  • Fog computing: most Matrix devices have the ability to borrow computing power from other nearby devices. This is baked into the Matrix’s protocols. It allows devices to be relatively small and power-efficient, but still cope with occasional spikes in demand for computation. Taking smaller devices off the Matrix vastly decreases their computing power, however.
  • Wireless power delivery: the Matrix is capable of trickle charging devices attached to it, via near-ubiquitous power points. Most small electronic gadgets (commlinks, sensors, headphones, cyberware) have effectively infinite battery life as long as they remain connected to the Matrix. Devices usually include only small backup batteries to get them through any power outages. Some illegal devices, designed to run disconnected from the Matrix for prolonged periods in order to hide from detection, feature larger batteries to compensate.

The local mesh

This is the part of the Matrix that relies on device-to-device connections and is called the local mesh or sometimes the lower grid. The extreme density of devices in a 2080 city, combined with the ability to seamlessly pass traffic from device to device, can get your signal where it needs to go.

The local mesh has a strictly limited range: too many hops, too much distance, or too much interference and the signal degrades to become useless. Fortunately, for a legitimate user, their network traffic only needs to reach an uplink node, so this is rarely an issue.

Any two or more Matrix devices within range of each other will always form a local mesh, even if they cannot route a signal out to the wider Matrix. They will still be able to communicate within themselves as normal.

When you want to communicate with a device that’s outside local mesh range, first you need an uplink node. These are scattered around major metropolitan areas, typically serving an area of a square kilometer or so. Your device sends traffic along the local mesh until it reaches the nearest or most convenient uplink node. Uplinks serve as the onramps to the rest of the Matrix; they bridge your traffic over to the backbone.

Uplink nodes are sometimes called beanstalks by deckers, because they lead to the clouds.1

The backbone

The backbone, or the upper grid, is the planet-sized interconnected network of fibre cables, satellites, microwave and visible-laser point-to-point communications, and other bleeding-edge-tech ways of getting 1s and 0s from A to B. Once your traffic is on the backbone, distance is no object and bandwidth is functionally infinite.

Security on uplink nodes is fierce, and traffic on the backbone is routinely subjected to deep packet inspection by GOD. Only the most legendary of novahot deckers have ever managed to smuggle illegal traffic over the backbone, let alone compromise an uplink node entirely.

Dark fibre

The backbone infrastructure is administered and patrolled by GOD, and is theoretically neutral between the megacorps. But the corps didn’t get rich by trusting each other. Where security demands it, it’s not unusual for corporations to run their own private communication lines - for example between a secure, hidden facility and a more public one. This lets the secure facility access the Matrix discreetly without making its location or purpose obvious.

On the local mesh, dark fibre functions like a wormhole. If you can hack the controlling host on one end, you can coerce it to carry your traffic to the other, and suddenly you can “see” devices that could be hundreds of kilometers away. Occasionally, wily shadowrunners use this as part of a smash-and-grab, using a forgotten dark fibre link to hack into a distant host that is too physically well-protected to get near in the physical world.

Everyday Matrix devices


Hosts are the servers of the Matrix; they’re the guardians of data, the places you go to get stuff done, and the engines that keep the wheels turning. They come in a few types:

  • Local hosts - quite common, these are small, physical servers that are (literally, physically) local to whatever they control. Low to medium rated security systems, building control, stock-keeping, industrial control systems in factories, etc etc. They are only connected to (and can only be reached via) the local mesh, and hence are only usable at relatively short ranges.

    When viewing the Matrix in VR, local hosts appear down at ground level, at a distinct physical location (unless they are hidden.) Well-funded deckers and other criminals might acquire low-end local hosts for nefarious purposes.

  • Cloud hosts - the grown up version of local hosts, used to run services that have to be accessible by people all over the planet. Distributed across lots and lots of physical servers, roughly analogous to a modern day planet-scale website, and directly connected to (and usually only reachable from) the backbone. As such, you can almost always get a good connection to a cloud host, unless your local mesh is being disrupted or you are far from civilisation.

    When viewing the Matrix in VR, cloud hosts float up in the sky.
    Cloud hosts are enormously expensive to run, both for the hardware required and for the licencing and necessary security to connect to the backbone.

  • Offline hosts - local hosts with no connection to a local mesh. Can be used for cold storage of very valuable files, or wires-only ultramax security systems, or old systems still running in abandoned and forgotten buildings, or things deckers have cobbled together. Typically low rating, as the amount of processing power and hardware becomes very serious for higher ratings; but could in theory be anything. Offline hosts might be connected to online ones via dark fibre (see below.)

Not every host advertises its existence. So-called dark hosts are ones that are running silent on the Matrix. Local dark hosts can be detected by getting close to them and looking for hidden Matrix icons in the usual way. Cloud dark hosts are trickier, however, and can normally only be visited if you have the secret co-ordinates to find it.

Commlinks are the most visible part of the Matrix - the device most commonly associated with it in people’s minds. They are analogous to modern-day smartphones, and often take the form of a pocket-sized slab covered in a touchscreen (although they can be much smaller if the user forgoes the screen. They can even be wholly implanted, in case you wanted to become an even bigger hacking target than you already are.)

Most people using a commlink do so via a direct neural interface and augmented reality.

  • DNI gives the user a limited amount of mental control directly over the device, without needing to look at the device or push any buttons.
    • DNI is not telepathy. The user can issue simple on/off, less/more, scroll up/down type commands, but not much that is more complicated than that.They can also dictate text, but only at a speed that is a few times faster than talking.
    • DNI is tiring to use for long periods, as it requires close concentration of a particular kind for the machine to detect the commands. It’s like maintaining a fully spoken inner monologue. Few people can keep that up all day long.
  • Augmented reality means the commlink’s output - mostly visual and audio, some tactile - is projected directly into the user’s consciousness. They see pop-up windows floating in their vision, hear sounds overlaid with the real world, feel the weight and texture of virtual “objects” they touch.
    • Each distinct element of an augmented reality user interface is called an augmented reality object (ARO), often pronounced “arrow”. AROs can come from your commlink itself, like a messaging window or a control palette. They can be broadcast from nearby devices, like a restaurant displaying a holographic menu outside its door, or a friend showing you a selfie they took. Or they can be sent to you from items you are carrying, such as a smartgun displaying remaining ammunition count in a discreet window in the corner of your eye.
    • Because pure DNI control requires mental effort, less hardcore users sometimes fall back to either physical controls or (more often) AROs displaying control surfaces. These are less tiring and can be more precise when very delicate control is needed, eg. for piloting a vehicle. User interface AROs accessed via DNI have a tactile component, so the user feels like they are interacting with real physical objects that have weight, texture, and temperature.

Civilians typically get DNI in one of two different ways: either via a datajack, or trodes. Both offer a wireless connection to the commlink, with a wired option as a backup. Trodes are a terrible experience though, with a noticeably poorer AR quality, and a connection that often glitches out unless the user stays quite still (as the trode net can shift around on the head). You can glue it down, but now you have glue in your hair and it’s gonna sting when you take it off. On top of that, they require significantly more concentration to generate DNI signals to interact with the device - they’re just not as sensitive at reading your brainwaves - which gives most people a headache after a few hours. This is why datajacks are heavily preferred and, consequently, extremely common - despite their invasive nature.

(People with more extensive cyberware can get direct neural interfaces through other options - for example, a rigger’s vehicle control rig cyberware includes all the same functionality as a datajack as part of the package. And some people have commlinks or cyberdecks enitrely implanted, which also give them DNI on demand, without any further hardware.)1

Users who won’t or can’t get DNI can still get a crude form of AR via various pieces of hardware: headphones for audio, plus contacts/glasses/goggles for visual AROs. They can even just about use user interface AROs, although the tactility component is vastly inferior, even if they wear special feedback gloves. It’s a crappy, godawful experience though, and only a Luddite would do this if they had any choice.

Finally, if all else fails, you can always fall back to actually touching the screen on the commlink itself. This still has some usefulness, although in the age of AR it is not most people’s preferred experience. There’s a few reasons people still buy commlinks with screens, though:

  • People with no form of AR at all can do basic tasks this way - send messages, get directions, order lunch.
  • People might fall back to this at the end of a long day, when they have the stabbing-pain-behind-from-the-eyes feeling from too much DNI. Or their AR interfaces might be glitching out; like all complicated things, they don’t always work like they’re supposed to.
  • If you’re in a heavy spam zone, with swarms of AROs overwhelming your commlink’s filters and filling your vision with distracting or disgusting images, you might have to disable AR entirely until you can get clear (and probably then shop for upgraded spam filtering software.)
  • You also still need the commlink hardware for things like taking pictures or recording video, because even 2080 technology can’t get around the fact you need to point the lens at whatever you want to capture. (Although high-end commlinks sometimes come with an embedded camera-equipped microdrone that can launch right from the commlink and do that for you…)

Commlinks are the only type of general-purpose computer most people own. With fairly serious onboard compute power, plus the ability to borrow more via fog computing, they can do everything most people need. And through augmented reality, they can expand or contract their interface to fit in the palm of your hand or fill your vision and walls.


Commlinks may be - for most people - the most visible and obvious type of Matrix device, but tags are by far the most common.

“Tag” is a catch-all term for any small, single-purpose device that connects directly to the Matrix. They are often associated with and attached to a single object in the real world, giving that object a presence on the Matrix and a tiny degree of computing smarts.

The most basic kind of tag is a combination of informational and locational, and these are built into almost all durable consumer goods, from socks to jewelry to coffee mugs.

  • Tags typically broadcast one or more AROs eg. Domestic appliances can broadcast their instruction manual plus the option to purchase consumables (at a premium price, omae.)
  • Owners can use them to find where they are if they ever lose them, via a standard Matrix operation called “trace icon.” (More on this below.)
  • The object can self-report its instructions in a machine-readable form - for example, you can throw a ball of clothes in the washing machine, the clothes can all broadcast their care instructions to the machine, and the machine can select the best program automatically.
  • When shopping, you can pick up whatever you want and just walk out the store - the tags you are carrying will be recorded and your persona will be billed automatically.

Tags have a dark side: for an unmodified tag, there is no guarantee that the data it is logging is staying private. A law-abiding wageslave is typically being tracked by dozens of tags on their body at all times, all of which are uploading location data and contact tracing data to an endless array of overlapping ad tracking networks. The only kind of privacy they can hope to enjoy is through obscurity; by not being interesting enough to ever be noticed in the sea of data, and by relying on the fact that the data is gathered by competing corps so no-one ever puts the full picture together.


Cyberdecks are some of the most complex consumer electronics ever made by mankind. They use dozens of different types of parallel processors, incorporate huge libraries of known vulnerabilities and malware attacks, hundreds of expert systems so advanced as to be bordering on semi-sapient AI, and have nitrogen-cooled quantum computing cores that can break some of the toughest encryption known to metahuman kind in minutes. They have about the same resemblance to commlinks as a variable-geometry VTOL fighter jet does to the Wright Brother’s first plywood-and-canvas airframe.

In other words, they’re kind of a big deal.

  1. credit to u/Finstersang ↩︎

2.3 - Interface modes

Augmented reality and virtual reality

Virtual reality versus augmented reality

Although the Matrix started as a VR-only technology, once ubiquitous AR came along it rapidly fell out of favour. Most people just don’t feel comfortable completely disconnected from their surroundings, particularly if they’re in any sort of public space. Plus, while you can move really fast in VR - with the Matrix flowing as fast as your thoughts - it turns out that’s exhausting if you do it for more than a few hours. VR is now sufficiently uncommon that for most commlinks a SimSense module is an add-on and not a standard feature.

So for most ordinary folk, work time and leisure time that involves computers is mostly done through AR, not VR. They dip into VR now and again – mostly either for virtual meetings in work with people in different offices or when safe at home – but that’s all. Extensive time in VR is the domain of serious gamers, the most dedicated sports fans watching live broadcasts, and deckers/spiders/other socially isolated buttonheads.

Virtual reality

Consider the basic, unsculpted Matrix in full VR: how it looks if you disable all visual re-skins normally added by your service provider, your commlink manufacturer, your settings, and so on. Like you’re some sort of 2052-era cave-dwelling metahuman back in the primordial grid. What do you see?

Geography & the grid (VR edition)

Imagine an infinite plane of black, overlaid with a fine silver grid, stretching to the horizon. This is the lower grid. It’s populated with icons for all the devices within local mesh range of your commlink - maybe a few hundred meters, depending on network conditions. Personas are represented by a special icon that is configured according to the user’s wishes. Devices in PANs are hidden, by default, to make the display less cluttered; although you can turn that off if you want to see everything. Devices outside of PANs are represented by icons, typically utilitarian factory-default ones like cartoonishly coloured caricatures of what they are, tiny corporate logos of whoever made it, or eerily photorealistic modelled and rendered versions of whatever the icon represents.

In theory, the lower grid spans the planet - you can zoom your viewpoint up into the “sky” and see a map of the world, with data-sparse areas like the deep sea represented by areas where the silver grid fades out to blank nothingness. But you can’t see icons outside your local mesh, so it’s not that interesting to do so. Most of it would look empty from the perspective of your commlink.

This limited view of the local mesh can be very intense, though, with many hundreds or low thousands of icons - and even more fine filigree lines pulsing between them, representing the data flow from device to device. Even the most hardcore decker can’t do anything with that much information. Normal people run extensive filtering options that remove the clutter and only show the stuff they care about: typically, one icon for each device they are carrying, plus one icon for each PAN they can see.

There may also be local hosts visible in the lower grid. For example, a wageslave arriving at the office would see icons for one or more local hosts associated with the workplace - perhaps the main shared host for files and work, and a few more for security and building control. These are hosts that don’t have a dedicated connection to the backbone and work mostly through the local mesh. They would log on to the shared host at the beginning of their workday, and it wouldn grant them access to the stuff they need to do their job.

Stretching above them is the sky, by default rendered as a very dark blue-grey. Floating within it are icons for all the publicly visible hosts on the Matrix - many hundreds of thousands of them. Again, this is hopelessly cluttered, so people filter their view. You might see the main P2.1 public host, for example, where you can go to read or post social media updates. Your employer’s public host, where you can read PR updates like a good little wageslave. Your commlink fades all the other hosts in the world out, reducing their icons to barely more than a point, and fading all the colour out. The end result is to see perhaps a few dozen icons floating up there, the hosts you care about and use regularly, plus a sprawling constellation of stars representing the rest of the Matrix.

Finally, some cloud hosts like to be associated with particular geographic points. For example, Dante’s Inferno - the famous/infamous Seattle nightspot - has a host that links to the precise location of the club in the real world. Its host icon floats in the sky, as dictated by the rules; it’s a cloud host, not a local host, so it’s in the upper grid. But a thin line of neon pink and blue stretches down from the host to the precise location in the lower grid that corresponds to the club’s address. For hosts like Dante’s Inferno’s one, this is a key part of their branding, and it means when you are close to the club in real life you get a prominent link to the cloud host on the Matrix.


Neon-coloured wireframes and faceless chrome figures may have been cool last century, but in 2080, people demand a more a la mode view. Sculpting is the process of making things look different. It’s a combination of artwork, animation, and physics modelling; it’s very skilled work; and it’s a lucrative market for those who are good at it.

At the big end of the scale, hosts in VR are sculpted to look like… well, anything the owner desires, right down to changing the laws of physics inside the host. Want it to look like infinitely high sky scrapers with the users navigating sections of the host by jumping between them in zero gee? Sure, you can do that. You probably shouldn’t, unless you want to clean a lot of puke off the floors, but you can.

At the small end, people spend incredible amounts of time and nuyen sculpting their persona’s icon. Cosmetic options and add-ons and accessories can be bought from just about any corp on planet Earth, perfect to show your devotion to this or that brand. People often broadcast their persona icon in an ARO, so there’s a lot of pressure to get the look just right.

Augmented Reality

VR is yesterday’s tech. It’s where you go to use the computer, but who wants to go somewhere to use a computer? You want the computer to come to where you are. You want the computer to bleed into your everyday reality. Chummer: you want your reality augmented.

Welcome to AR.

Your world, augmented

Positioning in AR vs the real world

2.4 - Icons, spotting, and positioning

How your commlink decides what to show you and where to put it


Everything on the Matrix is represented by an icon. Each device – your commlink, your car, your toaster - has a corresponding icon, and each icon has a corresponding device. Mostly, these icons are set by the manufacturer and look like the device in question, although the art style can vary from photo-realistic to cartoonish to stylised. People can change them, but generally don’t for boring stuff like their toaster. Personas, however, have special icons that the owners can change to look however they want, within some limits. People spend many hours and many nuyen playing virtual dress-up with the personas.

So: suppose Wally Wageslave is using his commlink to view the Matrix. Spotting is the process by which his commlink discovers there’s an icon to show him. Spotting is tied to the local mesh, the part of the Matrix that runs on device-to-device connections. You can consider spotting range as a sort of short-range horizon, it’s the distance around you that you device is actively keeping track of so it can keep your connection going.

Wally’s commlink doesn’t concern itself too much with devices that aren’t really nearby, as it’s really only trying to keep its connection alive. By default, the spotting horizon extends to about a hundred metres or so (the exact amount can vary with network conditions.) If he wants - although he probably doesn’t - Wally can tell his commlink to look further than that, and show him all the devices it can find at a larger range, up to the limits of the local mesh.

Invisible icons

There are some circumstances in which Wally might not see an icon for a nearby Matrix device.

  1. If the icon is part of a PAN, it won’t show up, at least by default. He’ll just see the icon of the device running the PAN instead (ie. the owner’s persona). This is because the PAN’s controlling device is running all the Matrix traffic, so the child devices in the PAN aren’t participating in the mesh network, so Wally’s commlink isn’t interested in them.
  2. Persona icons subsume devices they are controlling. Your commlink doesn’t have its own icon distinct from your persona. If a rigger jumps into a drone, the drone’s icon is replaced by the rigger’s persona.
  3. Devices can deliberately hide themselves from the public Matrix, which is commonly called running silent. This involves carefully minimising the flow of traffic back and forth and refusing all incoming network requests. Careful analysis can still reveal them though by the footprint of data connections they still have.

How mesh routing works & what it means

The Matrix, or at least the local grid part of it, is a decentralised peer-to-peer mesh network. Previous Matrix crashes have taught the corps the value of robustness and the dangers of single points of failure, so there is no reliance on a controlling host to make the wheels turn. Toss a handful of Matrix 2.0 devices inside a Faraday cage and they’ll form a network automatically, without needing anything external to direct them.

Down at the device level, this is quite a complicated process. Each device has to be aware of the position and movements of all the other devices nearby, so it can make smart decisions about where to send its traffic. If Wally wants to send a message to his colleague Wanda, but she’s too far away to send it to directly, it doesn’t make any sense to send it via a nearby commlink belonging to someone in a car that’s about to move out of range. Better to pick a different intermediate that’s somewhere inbetween Wally and Wanda and isn’t moving.

The mesh network itself resolves this problem without any user intervention. In a fiercely complicated bit of co-ordination, each device uses signal strength measurements and triangulation to estimate the positions of every other device within spotting range. So for every device within spotting range, Wally’s commlink has an approximate location - usually plus or minus a few meters, maybe quite a bit more than that if the network is very quiet (not enough devices around to do triangulation) or very noisy (too much to keep track of.)


Devices do not usually broadcast their precise location publicly. Even the most naive Sixth World resident knows it is not a good idea to constantly tell every potential mugger within a few blocks exactly where you are. So the mesh network’s approximate position is all Wally’s commlink has to go on when trying to line up the icons it sees on the Matrix with the matching devices in the real world.

Positioning is the process by which Wally’s commlink decides where to put a device’s icon when Wally looks around in AR or VR.

Icon positioning in VR

In many ways the problem is easier in VR, because the commlink doesn’t need to line anything up with the real world. It can place icons for devices in places corresponding to its best guess, and if there’s a dense collection of overlapping icons in one place it can artificially spread them out so Wally can see them all individually. After all, if he’s in VR, Wally probably isn’t overly concerned with exactly where these devices are, he just wants to be able to see them all and interact with them all as easily as possible.


In AR, commlinks struggle. By default, they rarely show more than a fraction of nearby device icons anyway, lest they become distracting to the point of uselessness. But if Wally tells it to do so, it’ll dutifully have its best guess and place icons around him at some location that might or might not align with reality. This can make some funny things happen, like if Wally is talking to one other person somewhere and that person’s icon is shown as being ten metres off to one side.

This has consequences for, eg., beat cops on patrol. They might pass a crowd of 20 people, where one of the crowd is a SINless criminal scum. But unless they are very sharp-eyed and quick-witted, they are unlikely to notice that the crowd of 20 people only has 19 device icons floating around them. And even if they do, they can’t tell who is the odd one out.

AROs and icons that have positioning information

Public augmented reality displays wouldn’t make a lot of sense if different people saw them in different places, so the Matrix protocols also have the ability for any ARO or icon to anchor its precise location and orientation. This anchoring be part of the public broadcast – in which case everyone will see the ARO at the exact same point. Examples include ARO adverts, signage, restaurant menus, art installations, and so forth. Or, it can be private – Wally can share his commlink’s location with his family so they can find him at the mall. Everyone else at the mall can see his commlink icon but not the location information.

SIN broadcasts & nameplates

Commlink icons have a special sidechannel that usually broadcast the owner’s SIN at all times. This isn’t quite mandatory, but will certainly prompt investigation from the cops if it’s turned off in most parts of town.

Nameplates are a sort of beefed-up public version of this. They are an ARO display that people can enable on their commlinks that shows their name, gender pronouns, P2.1 profile link, and other biographic information. People turn these on in situations where they’ll be useful, eg when they meeting new people. Some people spend quite a lot of time customising their nameplate AROs to reflect their personalty. These are also the kind of people that will have an obnoxiously over-the-top persona icon.

The etiquette around when it is and isn’t polite to show a nameplate is complicated and – frankly – still being worked out by society at large. Most people don’t walk around in public with one on, although some extroverts might. Most people would turn them on for a business meeting, to facilitate introductions. But turning it on at a private dinner party with people who know you can be considered rude because it implies you think other people there might have forgotten who you are.

2.5 - SINs and SINners

The ins and outs of proving you are a member of society

What a SIN is

In a society defined by the haves and the have-nots, the sharpest line between them is the possession of a System Identification Number. A combination of citizenship, a passport, voting rights, and taxation obligations, it guarantees you at least some protection under the law and the chance to work gruelling hundred-hour weeks until you die. What an honour.

SINs are issued by a wide variety of governmental and extra-territorial corporate entities. They can be granted by birth or by a similar process to obtaining citizenship. Sometimes, corps grant them to particularly desirable hires. Often, corps use the threat of revoking someone’s SIN to keep their workers in line.

Physically, a SIN is merely a string of alphanumeric characters. The only human-readable part of it is a prefix code indicating the issuing entity - country or corp - who owns and controls the SIN. What counts isn’t so much the SIN itself as the data associated with it in various online hosts and datafiles.

SINs have become the de facto unique identifier in the Sixth World. They are tracked everywhere, both in person and in the Matrix. Every interaction and transaction you have can be tied to your SIN and tracked in some database - and almost all of them will be. Hence every SIN has, trailing behind it, vast wakes of data, scattered across innumerable databases.

Those who don’t have a SIN - the SINless - are condemned to a life of misery. They are locked out of legal employment, of all banking, of reasonable healthcare. They cannot vote and they have no social safety net; even their basic civil rights are reduced almost to nothing. They face a lifetime of grinding for low cash-only wages and paying shady landlords high rent for shitty apartments, and praying that when they get sick there’s room at the charity hospital for them.

This naturally creates a market for fake SINs, anything that might give the hopeless some hope. And, in turn, that creates a market for checking SINs are real.

Persona SIN broadcasts

The Matrix protocols have baked-in support for all personas to broadcast a SIN in a special sidechannel. This enables pervasive tracking; every interaction you have on the Matrix and in real life can be cross-referenced against your SIN. Everywhere you go, everything you do, there is a data trail left in your wake, extending out behind you. And that trail is scanned and recorded by thousands of corps.

In most parts of the world, SIN broadcasts are not quite a legal requirement, but they are certainly strongly enforced. Not broadcasting any SIN in a lower-middle-class-or-better part of town will attract unwelcome attention from the authorities. In high-class areas, you can also expect that SIN to be routinely getting checked for validity against the GSINR (see below). Some public areas will actively alert authorities if you enter without a SIN broadcast, and most legal businesses, from shops to public transport, will refuse to do business with you.

The converse is also true; broadcasting a SIN out in the Barrens can mark you out as a rube and a target.


If the SIN is just a short string, and everyone is broadcasting theirs to the world at all times, why not just take someone else’s? Why bother with complicated fake SINs at all?

The first answer is that legal devices can’t do this at all. They don’t let you set your SIN yourself, nor do they store it anywhere. Instead, when you boot your persona, they query a host belonging to your SIN issuer, which does a DNI-auth check of your brainwave patterns before giving your device the SIN it should broadcast.

Even if you hack your device to broadcast an arbitrary SIN, though, this still doesn’t work. The same trackers and profiles that are listening for your SIN will almost immediately notice (a) if two different personas are broadcasting the same SIN at the same time and (b) if a SIN has moved from one persona to another. Either condition will result in them broadcasting an alert that will lock the persona completely out of the Matrix until they reboot their device and sign back in to their account.

This can be used as an attack vector, called “SIN-bombing”: deliberately copying someone else’s SIN just to get them temporarily booted offline. It’s typically little more than a minor inconvenience, though, so of little practical value.

Why SIN broadcasts are not used for security

If you are a corpsec architect, SIN broadcasts appear to be a very useful tool. It is supremly difficult to spoof or steal either personas or SINs, which means in theory they can provide very strong guarantees that someone trying to get through a security gate is who they say they are. Particularly when the corp in question is also the issuer of the SIN, as is typically the case for its employees, which means they have unfettered access to the SIN biographic and biometric data.

Unfortunately for the corps, it doesn’t work that way in practice. Several high-profile data thefts took place in the early 2070s where Shadowrunner teams used a SIN-bombing attack combined with a powerful local jammer to clog up Matrix traffic. The duplicate SIN was noticed and shut down a few seconds later, delayed by the jammers… but during that narrow window, the attackers were able to open doors, shut down security systems, and disable countermeasures. The third or fourth time this happened to any given corp, they quickly switched gears, and pulled SIN scanners out of critical security systems. Today, the state-of-the-art in local security systems consists of biometric scanners coupled with a database of allowed users held locally on a well-secured host.

Verifying SINs

It is crucial that the haves protect their stuff from the have-nots. Hence, it is important to be able to verify a given SIN is real and not an imposter. Fortunately for plucky criminals trying to live outside the law, a combination of inter-corp paranoia and mistrust makes checking if a SIN is fake a much more difficult problem than it could be1.

There are, broadly, three methods used to verify that someone presenting a SIN is doing so honestly.

The global SIN registry

The global SIN registry (GSINR) is a fairly simple database of every SIN, world-wide. Each SIN in the database is stored with several additional pieces of data:

  1. basic biographical information (eg. name, gender, metahuman race, date of birth)
  2. biometrics (eg. retina scan, fingerprints, a DNA profile)
  3. special red-flag fields; for example if the SIN was previously discovered to be a fake, if it has a serious criminal record, or if it is currently wanted as part of a criminal investigation (and if so, in which jurisdictions)

It takes less than a second to look up a given SIN on the registry. The registry is administered by the Corporate Court and access to it is provided fairly cheaply to any interested corp or nation state, although there are additional fees for more detailed information.

For a check against the SIN registry, the querier provides a SIN and, optionally, some biometric data eg. a fingerprint. There are several possible outcomes of a check against the GSINR:

  1. the provided SIN does not exist.
  2. the provided SIN exists, and here are the values of its red-flag fields.
  3. the provided SIN exists, here are its red-flag fields, and here is the associated biographic data (name, date of birth, etc).
  4. the provided SIN exists, here are its red-flag fields and biographic data, and it does / does not match the biometric sample provided.

Returning the biographic data or confirming the biometric data (ie (3) and (4) above) incur extra fees for the querier, which quickly add up if scanning SINs routinely, so they tend to be reserved for more detailed checks.

The global registry does not permit “reverse searching” ie. you cannot take a fingerprint and ask the database what the corresponding SIN is, nor can you simply download all the biometric data and scan it yourself. The only type of query is “here is a SIN and some biometrics” with the response of “this does / does not match.” Every few years some do-gooder tries to get this changed on the grounds it would help fight crime; the megas that control the Corporate Court always shoot it down. They know that it would make their own staff too easily identified by and spied upon by their competitors.

Unfortunately, the global SIN registry is only as trustworthy as the least secure entity that can access it 2, and (by definition) data can be added to it by every entity that can issue SINs. It’s a relatively trivial process for the purveyors of fake identities to get enough of a hack against some smaller nation-state to insert fake SINs into the global registry. With a bit more effort, they can even get the biometrics to match whoever the user of the fake SIN will be. So, searches against the global SIN registry are a pretty low-grade check, and easy to fool. Still, it provides enough of a verification to keep out the real low-lifes, and is quick and cheap.

In game terms, a check against the global SIN registry is a rating 1-2 check. All purchased fake SINs have at least an entry on the global registry, and all except the very worst of them also have correct biometrics.

Be the SIN issuer

If you are the entity that issued the SIN, you have a lot more information about it at your fingertips to perform verifications with. And you can work in the knowledge that your SIN database is held much more securely than the global registry, and so much less likely to be polluted with fakes planted by hackers.

For a start, if a given SIN that claims you issued it is in the global registry but not in your own databases (quite common for low-grade fake SINs), then you’ve definitely caught a faker. You can flag the fake to the registry and deal with whoever is using it as you wish. Probably painfully.

Fortunately for the kinds of high-end criminals who rely on fake SINs to move through society, if you aren’t the SIN issuer of a SIN you want to check, you simply can’t do any of this. The SIN issuers are either secretive megacorps who compete with each other, or paranoid nation-states that are barely on speaking terms. They don’t share their SIN details except under the most exceptional circumstances. So criminals only face these kinds of near-impossible-to-fool checks if they’re foolish enough to roll up on (say) an Ares facility toting false Ares SINs. 3

Note that SIN issuers can also “reverse search” their own databases, ie take a DNA sample or fingerprint and scan for SINs that match it. The capability to do so is carefully controlled, however, and only accessible to people in positions of authority.

In game terms, a check against the issuer’s SIN registry is a rating 6+ check. These checks can take time, particularly if the biometric data being checked requires elaborate procedures (eg. DNA samples.) They might also incur a cost, depending on how byzantine the corp is organised. It is not uncommon for BigCorp Identity Services to only make the SIN database available to BigCorp R&D Subsidiary on a for-profit basis. 4

Online profiling

If you want more security than a global registry check but you need to check SINs you don’t own, then your only option is a verification check with a data profile broker.

Data profiling exists in the Sixth World as it does today. Companies that resemble a high speed collision between Experian and Facebook ingest the data trails people leave behind them - all conveniently tagged and cross-referenced with their SINs - and use pseudo-AIs to build predictive models of each person’s interests, desires, and behaviour.

These profilers' primary market is advertising, but they long ago realised that a side effect of their work is spotting fake SINs. Their data analysis is so thorough that any inconsistencies in the data trail attached to a fake SIN stand out like a glowing beacon. A complex marketplace of realtime SIN checks quickly emerged.

Someone wishing to verify a SIN is real can send it to one or more of these brokers. They will look at the data trail associated with the SIN and scan it for gaps and conflicts. If they find any red flags, they will report back to the querier that the SIN looks suspicious, and they can take whatever further actions are appropriate.

In game terms, a check against profile brokers is a rating 3-6 check, depending on the number and quality of brokers involved. These checks become quite expensive to carry out for the querier, particularly at the higher end, so they are not done routinely. These types of test also have a false positive rate; they sometimes flag real SINs as fake, which can irritate VIPs being inconvenienced and get lowly security guards fired.

Fake SINs

Fake SINs consist of several parts, of escalating levels of quality:

  1. A listing on the Global SIN Registry (GSINR), plus plausible biographic information and biometrics. On the crudest fakes, the biographic information might not match the user of the fake SIN at all; these are often recycled SINs for deceased users that were prevented from being marked as inactive. At the higher levels, the fakes will have biometrics that match the bearer of the SIN.
  2. As above, plus a realistic “legend”, meaning a faked life logged onto tracking services. This is where the SIN creator’s skills as a forger are really tested, crafting a historical data trail for the SIN that will fool trackers and profilers. This is where the SIN fakers earn their nuyen.
  3. As above, plus entry of the fake SIN into the issuing entity’s master SIN database, with matching biometrics. This level of compromise over the SIN registries - whether via bribery or security breach - is extremely difficult (and hence expensive) to pull off.

Lower rating fake SINs are created through a combination of outright hacks against smaller corps or nation-states that have access to the GSINR, coupled with bribery of corrupt insiders, but have no matching entries in the issuing entity’s private SIN database.

Appendix: references

This section was written based on, in part, the discussion in this thread.

  1. Shadowrun is a hyper-capitalist corporate dystopia, not a panopticon surveillance dystopia. ↩︎

  2. This is a change from RAW, where the global SIN registry is very secure. ↩︎

  3. I don’t intend to track/enforce this in practice, unless I want to build a specific plot point around it. I will assume all my PCs' false SINs come from smaller/obscure corps or nation-states. ↩︎

  4. If you think this sounds unlikely, I have alarming stories about real-world corporations to tell you. ↩︎

2.6 - Personal Area Networks (PANs)

How normal people protect their Matrix stuff

One reason commlinks are quite powerful is to protect you against hacking. They dedicate a fair bit of their time to monitoring threats around you, scanning for incoming attacks, and so on. That’s definitely important! But what about the rest of your stuff? Every other Matrix-linked thing you own, from your toaster to your gun to your smartglasses, is vulnerable too - and they don’t have enough CPU to protect themselves. They can borrow some processing on demand, via fog computing, to put up some (feeble) defence. But that won’t protect you from serious hackers.

What you need is a personal area network. A PAN connects and merges all your devices into a private little cloud on the local mesh. Your commlink takes charge, and all traffic to and from the mesh goes through it, instead of directly between the device and the mesh. That means it can watch over all traffic, scanning it for attacks, and intervening to defend your devices. Imagine Matrix traffic as acid rain, your commlink as an umbrella, and your devices sheltering safely beneath it.

PANs can be extended and merged, with the most powerful device becoming the one that protects the whole network. When William Wageslave travels to work, he has a PAN, centered on his commlink, protecting his devices. That provides moderate protection against hackers, but not enough for his corp employers to feel good about. So when he arrives at work, the first thing he does is tell his commlink to join the office’s local host. Once the host verifies his persona through DNI-auth it merges his PAN with the office’s Wide Area Network (WAN) and now all his stuff is even more protected, because all his traffic is going through the company host. At the same time, it grants his persona various permissions to access the company resources William will be using to do his job. These will be revoked automatically when he leaves at the end of the day and disconnects from the WAN.

Note that you can only form PANs or WANs on the local grid. You can’t create a WAN based on a cloud host because the latency is too great.

Megacorps are far too paranoid to allow their employees to connect to their servers full of secrets with an unprotected commlink. It would be much too easy for criminals to hack the commlink and use it to get in. So most wageslaves, when working, have to have their commlink connected to a WAN that simultaneously controls their access to work networks and protects them against hacking. This means “working from home” is not a thing that happens in the Sixth World. The user has to be using a device that is part of the company WAN, and that means they have to be within local mesh range of the company host in their office.

Perhaps the corps could solve this, if they cared to. But they’re micromanaging controlling assholes who like being able to watch their wageslaves, so they’re not trying very hard. Very important execs might have corporate local hosts installed in their houses so they can work remotely. Everyone else has to suffer a grinding commute and the watchful eye of their bosses.

Securing your devices outside the local mesh

What about poor William’s car, out in the parking lot? Or his toaster at home? He’s too far away from them to shelter them in his commlink’s PAN. But a passing hacker could really spoil his day by destroying these devices as they sit naked on the Matrix.

To solve this, at home, people typically use network defenders1: sort of like cut-down mini-commlinks (or, if you prefer, really really tiny local hosts) whose only job is to maintain a basic protection zone around their stuff. They’re usually a step or two less powerful than a commlink, so they’re far from bulletproof, but they’re better than nothing and will at least keep war-driving script kiddies from destroying your house while you’re at work by reprogramming your soy dispenser to “unending firehose” mode. Hopefully.

Vehicles get a special firewall package as part of their GridLink subscription. Whenever the vehicle leaves the user’s PAN, it connects itself to a cloud host that defends it against hack attacks. The effectiveness of this defence varies with the user’s GridLink subscription tier.

  1. Per RAW, an unattended device typically rolls either 2 or 4 dice to resist hack attacks, which is almost the same as being entirely unprotected. The world can’t function like this, it would be full-on chaos. I’ve introduced network defenders as a slightly easier option to rewriting the entire Device Ratings table to give undefended devices more defence out of the box, although that is a viable alternative choice. ↩︎

2.7 - Personas

Your commlink as the keys to your life

When you boot up your commlink, the first thing you do is sign into it, via some combination of biometrics. This creates your persona, your digital mirror-image in the Matrix. The persona runs for as long as your commlink does.

Only certain devices can form your persona, and thus let you use the Matrix. These include commlinks, cyberdecks, and RCCs. These may be external devices or implanted ones.


Like any newborn, your persona comes into the world naked and powerless. So the next thing that happens is your commlink reaches out through the local mesh and up to various cloud hosts that live on the Matrix backbone.

Each of these hosts in turn establishes that the person using your persona matches their fingerprint. For users with direct neural interfaces, this is carried out as a brainwave challenge/response in a process called DNI-auth. The host reaches down through your interface and… pokes… your brain a little, inducing certain patterns. It measures how your brain responds to the poking, and compares it to patterns stored in very secure cloud hosts that were recorded as part of a cryptokey exchange when you created the account. If they match, the host is satisfied you are who you claim to be.

Think of it as being like tossing a rock into a lake, and carefully examining the patterns in the ripples.

The corps are very insistent that this process is completely safe. Any resemblance between the transient brainwave states triggered and those recorded in epileptics is purely coincidental. Apparently.

This process is extremely difficult to fool, particularly for lots of hosts at once; although there are urban legends of particularly wily deckers pulling off successful man-in-the-middle attacks against people using trodes rather than datajacks.

Unfortunately, users without DNI-auth suffer much lower security. They have to rely on crude biometrics such as fingerprints and retina scans, all of which are much more vulnerable to fakery, even if they use very expensive and high-end scanners.

Once a given host is happy the persona is under your control, it issues your persona with access permissions over whatever it is in charge of. (Deckers call these Access Control Lists, or ACLs - pronounced “ackles”.) One host might belong to Ford, and grant your persona access to drive your Americar. A Horizon host would give you access to your P2.1 social media account. An Ares host, after particularly thorough examination, would enable you to fire your Predator. And so on and so forth - even a low-key user will have hundreds of these permissions.

This all happens in a few seconds.

Personas are ephemeral things. They only last as long as the commlink is running and you are attached to it. (This is particularly irritating for trode users; if the trodes get jostled too much, they can disconnect entirely, and you have to sign in all over again.) Furthermore, to guard against shenanigans, the more secure hosts will re-run DNI-auth spot checks periodically.

Note also you can never have two personas. The cloud hosts will immediately detect if you attempt to sign in with a second device while the first is still running, and – depending on its paranoia level – either insist one persona is shut down first or completely lock the account down until you contact customer services to get it unlocked. This also works to prevent anyone stealing your persona.

Going off the grid

Only being able to unlock and start your car via a cloud host is fine for a boxed-in ground-down wageslave driving to another 14 hour shift, but it’s not going to work so well for a Knight Errant HTR squad heading into a Barrens deadzone or a long-distance trucking convoy delivering supplies through wildlands. People like these need a fallback for when the signal fails.

Matrix protocols include the ability to offload cryptographic keys directly to your commlink for just such an emergency. For most people, this is nothing but an accident waiting to happen - anyone who hacks their commlink can now steal their stuff with impunity. But if you need to be able to work outside of reliable wireless Matrix access, it’s just what you need. Remember to buy a good commlink and all the security upgrades… and remember to back those keys up to a second device too, just in case.

Organised criminals like shadowrunners make use of these protocols so they leave less of a datatrail behind them in the Matrix, and so they can still start their cars regardless of which fake SIN they happen to be using right now. Yes, this means a wageslave’s car is a lot harder to steal than a shadowrunner’s, at least based on just the cryptographic security… ain’t irony grand? (Of course, many shadowrunners compensate for this with interesting booby traps, so don’t consider this a declaration of open season on their stuff.)

Persona AROs

Most people are broadcasting a few AROs from their commlink at all times. A basic informational ARO contains their SIN and some basic biographic information: their name, gender representation and pronouns, age, and so on. Anything you’d find on a driving licence. Some people might redact all or part of this, for whatever reason; but not broadcasting at least a SIN will attract attention from the authorities in the better parts of town.

Some people also broadcast their persona’s icon at all times, typically scaled to a few inches high and floating over their head or sitting on their shoulder. Customising and sculpting the persona’s icon is a big business, with every kind of lifestyle brand imaginable making virtual accessories for you to play dress-up with on your digital twin, and that’s before you get to the expert artists and modellers who make all sorts of more outre icons than the basic metahuman figures your commlink came with.

2.8 - Searching the Matrix

Finding stuff out

There is no Matrix equivalent of Bing or Google Search. Like the political map, the informational one has Balkanised: split up, divided, and almost hopelessly fragmented. To search the Matrix, then, is not to enter some text into a box and get your ranked results in milliseconds. No, it’s a good deal more complicated than that. It often takes between several minutes and double-digit hours. What’s going on during that time?

The Matrix is divided into hosts. In some ways, a host is a little like a modern-day website; you can visit it, and then interact with the content it presents to you. You can go to a screamsheet’s host, for example, and read the current headlines, and search back issues. But unlike a modern-day website, you can’t deep link into a specific file in a host; you can’t build indices that span lots of hosts, and a file on one host can’t directly reference a different file on another host. The divisions between hosts are rigid. Hence: no Google Search.

So the simplest and crudest Matrix search, then, consists of going to a specific, trusted host and searching just that host’s contents using whatever search engine it might present to you. For example, you might go to the public library, and use it to search through reference books. Or to a particular news org’s host and search their historical archives.

Of course, this only gets you one take on the information - and in the Sixth World, most media is dangerously biased. So this isn’t a very good technique. Instead, xxx

The next stage of a Matrix search is sifting the results.

2.9 - Code breakers and thief takers

How the Matrix works for criminals and those who hunt them

“We must be as stealthy as rats in the wainscoting of their society. It was easier in the old days, of course, and society had more rats when the rules were looser, just as old wooden buildings have more rats than concrete buildings. But there are rats in the building now as well. Now that society is all ferrocrete and stainless steel there are fewer gaps in the joints. It takes a very smart rat indeed to find these openings. Only a stainless steel rat can be at home in this environment…” — Harry Harrison

All the pervasive Matrix stuff makes the world seem intractable for professional criminals. Surely the second you come out of the Barrens, you’d be revealed six ways to Sunday, right? Fortunately it’s not that bad. Smart bad guys - by which I mean “anyone who’s not a gutter-punk scum” - have some tricks up their sleeves.

Hiding on the Matrix

Alice is a shadowrunner, walking through a high-end commercial part of town, surrounded by throngs of wageslaves looking to buy lunch or scurrying to meetings. She passes Bob, a Knight Errant beat cop. Alice is up to no good, and therefore carrying a wide range of interesting and potentially illegal items, many of which have Matrix functionality. How does she slip past Bob undetected?

What’s the most fail-safe way to hide? By not having anything to hide in the first place.

If Alice is only lightly armed and has a good fake SIN, she could simply have a legal licence for all her armaments. Her commlink, in addition to her usual SIN and persona icon, will broadcast that she is armed and that she has appropriate licenses. This will probably attract a little attention from Bob; enough to warrant a SIN check, say. But licences to carry firearms are not uncommon so if she’s not doing anything else suspicious and her SIN stands up to scrutiny, Bob will let her pass.

Dropouts: going offline

What constitutes a gun that Bob will ignore and a gun that will attract his attention is very situational, however. Perhaps Alice is carrying more serious firepower than a light pistol: say, a hunting rifle, concealed under a long coat. She might have a licence for it, and it might be perfectly reasonable to be carrying out in the wilds of Snohomish, but that doesn’t mean she can broadcast that she has it now. If he sees that, Bob’s definitely going to know that something is up. Wageslaves don’t take long guns to lunch.

Alice’s next option is to completely disable the wireless features on all the things she wants to hide, while still leaving it enabled on innocuous devices like her commlink (which is still broadcasting her fake SIN, of course.) This means her illegal things can’t be spotted on the Matrix at all. However, it has a few disadvantages:

  1. If she needs the gun in a hurry, she may not have time to turn the wireless back on. (For bits of gear, this involves pushing a physical button; for cyberware, giving a mental command. It has to be done one-by-one.) If she gets jumped, she’ll have to do without her smartgun, boosted reflexes, and other toys until she can do that.
  2. If Bob spots the shape of the gun under her coat while she’s not broadcasting an ARO saying she’s armed, he’s going to get really, really interested in Alice. Only criminals would hide that they’re armed. So if you’re going to turn the wireless off on something, you’d better make sure it can’t be spotted.

Obviously, if Alice was trying to sneak into a building in the dead of night, she’d also need to take her commlink offline. It’s pretty hard to sneak into anywhere when you’re broadcasting your Matrix presence to everyone within half a kilometre.

Running silent and the art of traffic obfuscation

If she is trying to sneak into somewhere, though, Alice’s third option is to set her entire PAN to run silent. This means all the devices in it minimise their traffic to and from the Matrix, the commlink stops advertising itself as a Matrix node, and she generally disappears from the local grid.

Two downsides here:

  1. Walking around downtown, it’s pretty suspicious to not be online. It’d fly in the Barrens, but if Bob notices that Alice doesn’t have any sort of commlink or SIN broadcast, he’s going to assume the worst. (He might not notice, though, as it’s very crowded.)
  2. On the Matrix, spotting a commlink that is running silent is pretty easy for any decker or spider. There’s still some data moving back and forth, and if they know to look for it, they’ll probably find it right away. It gets a lot harder if Alice has a friendly decker who can add Alice’s gear to their PAN and guard her Matrix presence with their cyberdeck, though.

Most of the time, Alice is only going to use running silent if she’s trying to sneak into somewhere. Taking selected devices offline is probably the better option in public spaces.

Having your cake and eating it: internal routers

Tag randomisers and scramblers

All those tags in your clothes and equipment, reporting their existence to anyone nearby and their location to servers at all times, would make sneaking around pretty tough. Shadowrunners and other dubious types get around this by scrambling them to destroy their code entirely, or randomising their IDs on a regular basis so no-one can discern any pattern from them.

Normal tags are very easy to mess with and have no countermeasures against this.

Local keys

All the clever cloud security stuff described above doesn’t work for squat if you have a low-grade fake SIN or no SIN at all. Fortunately, there’s a fallback mechanism built into the protocols designed to work when the user is off-grid, for example, if there’s another Matrix crash or if you’re way out in the wilds. You can download backup copies of your digital keys and store them on your commlink, then use them to start your car or open your apartment without any hosts being involved. Bonus: it’s another way of tracking you that no longer works. Only downside is, if your keys get stolen by a script kiddie, so does your stuff - and if your commlink gets trashed, you’d better have backed them up somewhere… Better upgrade from that base model Meta Link, omae.

Mass media would like you to believe there’s a world of difference between the tools of the Matrix security specialist and those of the decker. After all, the good guys and the bad guys can’t use the same stuff, right? Otherwise you might question which was which. Well, actually, their ‘decks and their actions are more alike than they are different. Both groups of people need the ability to reach out and hack targets across the local mesh, whether to attack or counter-attack. So both groups need quantum decryption cores to crack encryption and armies of vuln scanners to find exploits on their targets.

What does differ, though, is the degree of monitoring by GOD. Legal cyberdecks are infested at every possible level with stealthmode code and hidden firmware designed to report back to the Grid Overwatch Division at every turn. This code is created by pseudo-AIs, different on each deck manufactured, in an attempt by the corps to stay one step ahead of the streets.

The high price of illegal cyberdecks doesn’t reflect the off-the-shelf hardware so much as the modifications necessary to turn it into a black market cyberdeck. Skilled technicians must labour for many hours to unpick the backdoors and boobytraps built into legal cyberdecks by the manufacturers before they can be used for illicit goals. Processors and memory cores sometimes have to be replaced with custom-manufactured replacements, assembled on nanoforges in anonymous back-alley workshops. An entire cottage industry exists, hidden from view, and the best of their work is always in high demand.

Kitbashed decks

Somewhere in between cyberdecks and commlinks is a broad grey area of kitbashed decks. Usually not much more than a souped-up commlink running some custom software cobbled together by some backroom illicit tech, they are far less capable than even the weakest purpose-built ‘deck. However, they’re also a lot cheaper, and much easier to find on the streets. Many a novahot decker started out with nothing more than a kitbash ‘deck and a datachip full of dreams.

How to hack

For legal Matrix users, the local mesh - the wireless peer-to-peer network that gets their data onto the backbone - is just an implementation detail. They rarely even think about it. But for deckers, it’s home.

The corps control and patrol the backbone, and going anywhere near it with an illegal device is begging for trouble. But the local mesh - that’s different. It’s a dizzying mishmash of devices, built up of protocols laid on top of protocols laid on top of protocols, each layer with its own cocktail of security holes. There’s no central control and no central oversight, it’s impossible to secure, and it’s where deckers earn their keep.

Step one: find your target

Step two: reach your target

Step three: hack your target

A decker begins by running routines to poison the local mesh routing protocols. Normally, the grid just passes traffic along to the nearest uplink node. But under the decker’s control, this is corrupted, causing it to pass traffic through the local mesh directly to the target of their hack. Like all local mesh connections, this has a limited range though, so deckers need to be brave enough to get out into the field and within range of the devices they wish to pwn.

2.10 - The Matrix & cyberware

How the Matrix interacts with cyberware and other gear

Why cyberware has wireless components

Implanted cyberware always comes with the necessary neural interfaces so the user can make it work without requiring anything else. Nevertheless, legally manufactured cyberware makes heavy use of wireless Matrix networking, for a number of reasons:

  • wireless charging of some components that use too much juice to charge solely via bio-electricity harvested from the host
  • the ability to borrow computing power on demand from nearby devices
  • downloading firmware updates and suchlike
  • broadcasting diagnostics and system status

The most important, however, is for communication between and coordination across different cyberware subsystems. It is quite difficult to run enough cables through squishy flesh to hook up everything to everything else. Plus, different pieces of cyberware from different manufacturers run on a mishmash of semi-incompatible low-level protocols, and that stuff is hard to change when it requires surgery to get at the controls. Instead, commercially available cyberware usually just uses the wireless Matrix as a sort of universal communication bus.

Consider a high-threat response soldier fitted with a smartgun system, cybereyes, and a cyberarm with recoil-compensating gyroscopes. When they fire their weapon, all these systems need to work together in harmony to compute trajectories, display the results of this computation to the user via an ARO, key up the gyros to make just the right motions to counteract the gun’s recoil as they fire, and so on.

To do all this without the wireless Matrix requires a lot of wires criss-crossing the user’s body plus a coordinating processor to mediate the different protocols used internally on each piece of cyberware. These devices exist - they are called internal routers - but they are invasive and expensive and offer limited benefits to legal users. Most people just rely on their devices’ ability to use the standardised protocols of the wireless Matrix to talk to each other.

Besides, the corps like it that way. Most corp security guards are under-trained, under-paid, over-worked, and over-dosed on (at least) stimulants and (quite possibly, at the first sign of trouble) combat drugs. The corps know they can’t be trusted not to wipe each other out in a hail of blue-on-blue gunfire. But proper training costs money, money that goes down the drain when the next shadowrunner team deletes Jimmy; and if there’s one thing the corps hate to do, it’s spend money.

The answer is ubiquitous wireless. Logging of patrol routes so you can be sure they’re not shirking. Inventory tracking of each and every valuable and dangerous item via RFID tags - right down to the bullets in Jimmy’s gun. Remote biometric monitoring, so you know if Jimmy gets jumped, knocked out, or flatlined by intruders. Smartgun fire systems with biometric triggers and linked to friend-or-foe tracking, so the bad guy’s can’t take Jimmy’s gun from him, and so Jimmy can’t get trigger happy and accidentally splatter your star researcher’s expensive brains everywhere.

This isn’t always the case, of course. Elite troopers, from HTR squads on up, are fully trained and perfectly capable of working as a team without the crutch of a wireless network (if they are willing to forgo the benefits of realtime heads-up tactical displays). But Jimmy? Honestly, if you took his wireless away, he’d be a straight-up liability to himself and others. With all this wireless gunk, you barely need the human being to think at all, and that’s the way the corps prefer it.

Protecting cyberware against hacking

Riggers, drones, PANs, and the Matrix

The Rigger Control Console

2.11 - Appendices

Bits and pieces

Appendix: Reddit posts about this document

I’m back with another few excerpts from my Big Ol’ Matrix Re-fluff doc. This time I’m talking about xxx and xxx.

A reminder: my goal here is to re-write the existing fluff to support (my interpretation of) the rules as written. I’m of the opinion that a lot of existing SR material introduces tons of concepts then launches into the rules for how these concepts interact mechanically without first exploring how they interact narratively. So you have to try and reverse-engineer the narrative from the rules, but the rules are complex and sometimes ambiguous, so that’s difficult. I’m trying to bridge over that gap.

Previous posts in this series:

  1. Local mesh & backbone; personas
  2. Hosts & commlinks

Appendix: sources of inspiration

I am not the first to attempt something along these lines. Some other sources I have drawn on:

Appendix: A typical street scene

Consider a busy street. It’s lunchtime in a commercial district in a decent part of town. The sidewalks are thronged with corp workers looking for lunch, walking past various eateries and cafés. Above them tower offices, scores of stories of chrome and steel. Amongst them pass some less savoury characters: some street rat gangers looking for a score, some shadowrunners up to no good, some Knight Errant beat cops trying to keep the peace.

What does this scene look like, in augmented reality (AR), for each of the types of people in the scene? What Augmented Reality Objects (AROs) show up, and under what circumstances?


Let’s start with the corp wageslaves.

Each of them have a commlink. A bit over half of them have a datajack and are hooked into their ‘link wirelessly; most of the rest are using an image link built into cybereyes, glasses, or contacts. All bar a few of them have an active AR layer. The ones who don’t are usually obvious – they have to look at the screen of their commlinks to get around, clearly marking them as being too poor to afford even basic amenities. How primitive.

Each of them has their commlink set to broadcast their System Identification Number (SIN) like all good law-abiding citizens. This takes the form of a small augmented reality object (ARO) that is fixed in position somewhere over their head, moving with them. However, this produces a lot of distracting clutter, so most of the civilians will set their commlinks to filter out these types of objects. They’re there, if they want to look for them: but mostly they’re invisible.

Similarly, each person is carrying around their personal area network (PAN), consisting of their commlink and all their various items of gear that are slaved behind it (cyberwear, maybe a light pistol, perhaps glasses (or contacts) and earbuds if they don’t have cyberwear, etc etc.) In the Matrix, this appears as an icon for the commlink itself, plus a forest of smaller icons for the devices connected to it. But that’s an awful lot to look at in AR while walking down the street, so most people set their own commlinks to either hide it entirely, or at most show each PAN as a single icon and hide all the connected devices.

The businesses along the street are also broadcasting AROs: menus, flyers, advertising, logos. These vary in size and offensiveness of design. Huge flashing billboards outside a Stuffer Shack proclaim 2-for-1 on Nuke-’Emz Frozen Burritos. Wally and Wendy Wageslave pause to think if they want to partake in them.

Director Dan tuts as he nearly walks into Wally and Wendy. He doesn’t even see the Stuffer Shack promo; although it’s set up to broadcast to everyone, Dan’s high-end commlink treats it as spam and hides it from him. Dan’s eyes are focussed on a discreet, unmarked door up ahead. Unmarked in physical space, anyway. But in AR, Dan can see the logo of the members-only club he’s going to go to for lunch. This ARO is visible only to a select group of people, identified by their broadcast SIN, and Dan’s on the list.

That’s not the only difference between what Dan sees and what Wally and Wendy see. All up and down the street, advertising AROs are customised to various tracking profiles built from everything they do online and stored against their SIN. When they look at a particular blank piece of wall, Dan sees ads for the newest Ares special edition executive light pistol, with a real mother-of-pearl inlay on the handle. Wally sees a reminder that he won’t want to miss the big Urban Brawl match tonight for his favoured team, the Seattle Screamers. Wendy sees an advert for a new album from Null Shiva, a Doom Arcanometal band she’s been listening to a lot lately. This invasive and systemic tracking is just how the world is run, chummer. Dan’s profiles scream he has money to spend, and the ads adjust accordingly; the stuff is pricier and the ads are classier. Wally and Wendy aren’t so lucky in life, so they see cheaper stuff in garish colours. So it goes.

Overhead, some ARO graffiti (sometimes called “graffitaro” by dorks) lurks; an animation of a swooping dragon in neon colours. It’s being broadcast from a well-hidden data tag stuck behind the facade of the Stuffer Shack. Occasionally, people with cheaper commlinks flinch as the dragon appears to swoop towards them. Those with more expensive commlinks don’t see it, as the ‘link correctly deduces this is graffiti and should not be displayed. The pranking deckers who place these tags are in a constant, unending war with the spam filtering heuristics deployed by commlink manufacturers.

Other appendices

Moved to this doc (private.)