These rules are canon for my current campaign. However, I am working on superseding them with a set of rules that is further streamlined.
Remove the concept of marks entirely. Replace with three levels of access:
(Note there is no equivalent to 2 marks, a small efficiency gain. GMs don’t need to track it and deckers don’t need to pass through it on the way to Admin access.)
All iconography around marks is also removed. No more visible marks or designing a mark that matches your persona.
In addition, most of the time, a character’s hack targets will be an entire PAN or WAN, not not an individual device (see below). Accordingly, access levels are tracked against the entire PAN or WAN. This also reduces book-keeping.
There are a variety of things in 5e’s version of the Matrix rules that derive an effect from the number of marks you possess, eg. the Brute Force action does extra Matrix damage, so does the Mugger program, and so on. I am preserving these by ruling that User access is equivalent to 1 mark, and Admin access is equivalent to 3 marks.
For the purposes of this doc, a WAN is a PAN that is run off a host rather than a commlink/cyberdeck/RCC. Same game mechanics, though, just with more dice.
No changes to make here.
Any device that uses the Matrix to function - including any gear like guns and cyberware that have wireless bonuses - incurs dice pool penalties when they take Matrix damage: -1 per three full boxes. This makes Data Spike wielding deckers more dangerous.
No changes to dumpshock or link-locking.
Your failed Attack actions no longer give you Matrix damage, and your failed Sleaze actions no longer give the target marks against you.
Rejected rules: 6e also reduces matrix damage and changes the damage resistance test, in line with how normal damage works throughout 6e, but I’d rather keep these rules consistent with 5e’s damage model. 6e has a slightly different Matrix repair test using the extended test mechanics, but it’s slower to resolve, so I have left it out. 6e changes the damage codes for dumpshock, again to be inline with the reduced damage codes used throughout the edition. This is better left alone in 5e.
However, I’ve kept the changes to failed actions in, because getting hurt just because you failed to hit someone seems un-fun and (more importantly) not at all how any other Shadowrun combat type works. I prefer mechanical consistency across systems, where possible.
As in 5e, all hits rolled against the decker in opposed tests on illegal actions add to the Overwatch Score. These are any actions that use the [Attack] or [Sleaze] stats of your deck to determine their limit.
However, remove the secret +2d6 that is added to OS every 15 minutes. Instead, deckers accumulate OS in three new ways:
As before, Overwatch Score is reset when the decker logs out or reboots their deck. And Convergence happens when the Overwatch Score reaches 40, and has the same effects.
SR6e does not have the special rules for convergence when inside hosts (instead of decker getting dumped, the host starts launching IC.) I’m keeping those rules as I think it adds more variety.
In addition: in 5e, the deck takes 12 boxes of resisted Matrix damage when Convergence happens. In 6e, it is automatically bricked. The latter can be very dangerous for deckers, as it’ll always strip Firewall away from their biofeedback damage resistance test. I prefer the former approach for this reason.
Grids add little to the rules beyond book-keeping, and make some stuff confusing. Keep them for fluff and flavour (the Ares grid has Ares propaganda, the Seattle grid has Emerald City spam) but remove all mechanical effects. All hosts and devices are accessible from all grids without penalties.3
Keep only the -2 dice pool penalty to all actions while using the public grid - it still hurts to be poor, and the free public access grid still sucks.
Three important changes:
Stealth tags are always running silent and resist Matrix perception actions with 10 dice.
Remove the Hack on the Fly action. Replace it with two new linked actions:
You probe a host, PAN, or device for weaknesses, looking to gain access and create a lasting backdoor to the system. You take your time not to alert any security to your presence, and you can create an exploit that may last until you are ready to use it. While not as fast as using Brute Force, Probing a device does not raise an alarm automatically. Even if your attempt initially fails, it will not trigger an alarm unless you glitch. Systems and devices will not detect your presence until you have gained access to them.
Once you create the exploit, you may then use the Backdoor Entry action at a later time. Net hits on this test count as a dice pool bonus on your future Backdoor Entry test. The duration of these backdoors depends on the device or host—generally speaking, the backdoor lasts for [10 – Host/Device Rating] hours. Most systems create a changelog and will automatically correct and report differences to their configurations caused by the presence of these exploits.
According to Banshee (the Matrix rules author) the intention was that Probe can be repeated, albeit at a cost, using a variation on Shadowrun’s usual extended test mechanism. The decker can keep attempting further rolls (at -1 dice pool each time, as usual for extended tests) against a threshold determined by the targeted system’s defence roll, all while the Overwatch Score ratchets upward. It’s a push-your-luck mechanism.
However the German CRB simply makes Probe a normal opposed test that happens to take one minute of game time to resolve. This is the rule I am applying in my game, principally because I prefer standardised game mechanics to one-off bespoke rules. But also because the former approach can result in a decker putting 50+ dice down on the table across multiple rolls, slowing down gameplay.
It isn’t completely clear if a decker’s Probe results persist if they log out of the Matrix then log in again later. For these houserules, I am ruling that they do.
Once a decker has successfully run Probe against a target, they can move onto the second new action:
You attempt to use a backdoor you have put in place to gain illicit entry into a host, device, or other Matrix area. This action can only be used if you have previously used Probe on the target successfully; net hits from that successful Probe count as a dice-pool bonus on this test. If the test is successful, you gain Admin access to the target, and it does not count as illegal Admin access (though taking illegal Matrix Actions will still increase your Overwatch Score).
If this test fails, the backdoor you have made was detected and removed, and you cannot attempt Backdoor Entry again with the same host until a new backdoor is made through the Probe Action. Failing this test does not immediately set off alarms, but the character’s OS increases as normal.
By default, a successful Brute Force check grants User access. If the decker wants to go from Outsider to Admin access in one go, they may attempt to do so, at a -6 dice pool penalty (reduced to -4 with the Go Big Or Go Home quality).5
Note that access gained via Brute Force will accrue Overwatch Score as long as the decker maintains the forced access; at a rate of +1 per Combat Turn for User access, or +3 per Combat Turn if the decker has Admin access. So once you use this, the clock is ticking!
Also: Brute Force no longer does optional Matrix damage, in the name of up speeding play and simplifying things. One action = one result.
In these houserules, as in SR6e, Spoof Command no longer needs any marks on anything to work. (In SR5e, it requires a mark on an icon that can legitimately command the target device.)
The scope of Spoof Command has always been fairly unclear. Can you use it to eject a clip from a smartgun? Can you use it to loop a camera feed? These seem reasonable. Can you use it to shut down an opponent’s wired reflexes or cyberarm? That seems overly powerful, as well as making Spoof Command overlap with other, more explicit methods to achieve that goal (eg Data Spike, Format Device / Reboot device.) Force a hostile drone to fire on its allies? That one seems ok…?
“You spoof a device’s owner’s identity, making the device think that your command is a legitimate one from its owner. … This trick only works on devices and agents, not IC, sprites, hosts, personas, or any other icons."
This needs consideration and playtesting; I don’t have the answers yet.
A sort of stun-damage analog to the physical-damage attack of Data Spike:
Sometimes you want to deliver as much hurt as possible; sometimes you want to deliver a little pain and a little slowness, in order to make the rest of your blows land easier. If you succeed in making this attack, do (1 + net hits) damage to the icon you attacked while also reducing their Data Processing rating by the same amount. If a device’s Data Processing rating is reduced to 0, the user cannot perform a Matrix action until it is 1 or more. The Data Processing rating recovers at a rate of 1 point per combat round.
A very minor detail, but this is the counterpart to Crack File. This functionality is in 5e but buried in a weird little alternate mode in a footnote to the Edit File action.
The hits on the Encrypt File test establish an Encryption Rating that’s used to oppose future Crack File attempts.
There are a large number of small changes to various dice rolls and mechanics for actions throughout 6e. In the main, I am choosing not to include these in my houserules. I don’t think any of them have a drastic effect on gameplay, and they will invalidate the 5e quick reference material I use, which is painful. All these changes are documented in the Matrix Actions Comparison section, if you want to see them.
Here are some smaller changes I do think it’s worth making:
Almost all programs can be left as-is. 6e removes a number of programs that are in 5e (see the comparison for details), but they are harmless to leave in place, I think. 6e also changes how a few programs work in order to use the new Edge mechanic; again, this can be ignored.
The only exception is the Guard program, which should be removed, as it only works in the context of marks gained against the decker.
6e’s cyberdecks have double the number of program slots that 5e’s do. I am not adopting this rule in my game, as I think it encourages analysis paralysis from players as they try to juggle 8+ programs. It also results in modifier explosion as each program’s effects is added together. YMMV.
Additional houserule for my table: Remove the Wrapper program. If it exists, it leads to requirement for endless Matrix Perception tests, slowing down gameplay.
Keep host and IC initiative, stats, and attack rolls the same. See below for a detailed comparison, but in general, make the following changes to IC effects:
No -2 dice pool penalty to Matrix actions for running silent - this is another fiddly detail to remember and easy to forget about. Furthermore, with the move to make running silent a setting that applies to an entire PAN rather than an individual device, it becomes quite painful for players to make decisions about. So it is removed in these houserules, in line with SR6e.
To make it explicit, I don’t suggest changing anything on this list. They should still work fine with the former changes in this section.
Cyberdecks: Leaving aside the splitting of 5e’s cyberdecks into 6e’s cyberdecks and cyberjacks, the stats are broadly equivalent in both editions. No particular adjustments are needed to 5e’s deck’s stats to fit into the backported rules.
However, I’d recommend GMs consider reducing the cost of cyberdecks significantly, at least by 50%, perhaps even more… or be prepared to make upgraded cyberdecks an occasional run reward from Mr Johnson, and give all PC’s decks plot armour, as losing one will be financially ruinous.
Use of ASDF stats to determine test limits; also how cyberdeck stats are assigned and moved around between the ASDF slots.
All mechanics for what happens when Convergence occurs.
Noise is unchanged in this ruleset, both in terms of how it is calculated and its mechanical effects.
Matrix Search in 6e appears to have been the victim of mangled editing resulting in dubious maths7. A strict reading of RAW suggests a decker can make an extended test, so rolling 50-100 dice in aggregate, against a results table where 10 hits reveals “deep secrets others are trying to actively hide” - a trivial accomplishment on so many dice. It is best left as-is in 5e, I think.
“PAN’s were not originally meant to be as restrictive on number of devices as they ended up (if errata does not get approved to change it a good house rule would be to make it Device Rating x3 for max number of devices)” source ↩︎
This is a houserule; in 6e RAW, direct connection doesn’t grant the firewall bypass. ↩︎
I have little love for the extended test mechanic in general. It’s good in theory, but it simply takes too long to roll 50-100 dice and count the hits. ↩︎
This is the rule in 5e, also, as of Kill Code (see page 32.) ↩︎
Note I have removed the word “extended” here – see the note below. ↩︎