As I understand it, the world of Eclipse Phase does not trust AIs. It was unchecked AI development and control that almost erradicated the human race less than a decade ago. I imagine that the world of Eclipse Phase is one where AIs do many tasks but are always limited and harshly supervised by human handlers. The human element of a security system is always it's weak point. Yes, the AIs see you and flag you, but they have to report to someone. Do you know that someone? What kind of favors does that someone owe you? Think of an AI sniffer as a drug dog. The drug dog has a handler. The AI has a handler. The more powerful an AI would be the more tightly limited it would be by human supervision. The handler has a great deal of control over what the actual investigative tool does and what constitutes "an alert". Maybe in this setting it is futile to blind the security elements, but it may be possible to get them to look elsewhere at the critical moment.

The security section of the book confirms my assertion that AI survellence is not the backbone of most security. Security and survellence falls chiefly to humans, animals, and infomorphs. They are the ones watching all the feeds and reports and the ones remotely controlling most of the security. Those people can be compromised. Almost all of the security section equipment has limitations and flaws that can be exploited by covert specialists. Ultimately, most of these security measures must perform against infiltration tests. An AI security camera is just not going to see everything if the target is good enough. In my own experience, hackers absolutely own basic security measures once they gain access to the network. I have done some work in the physical security field. There is a constant balance between security, safety, and convenience. In theory, you can make security super tight, but you have to sacrifice safety or convenience in order to do it (sometimes both). A super tight security system results in constant false alarms and wasted effort. Security also costs time and resources which are never limitless. COULD a secruity system be impossible to get into? Maybe... but it almost never is. There are always flaws, backdoors, and weak points.

All I'm saying is that, if I was an indentured infolife security guy, and someone offered to buy out my slave contract and sleeve me in a free case if I looked the other way on Tuesday between 1800 and 1835, I would be sorely tempted to not be as vigilant as I normally am. The stealth technology in the book goes a long way to make it a fair fight against security measures. You can't see what is invisible. So right out of the gate, I would tell you that a guy in the EP version of the Predator Suit is going to get pretty far against most security measures. Other spectrums of detection have their weaknesses. Thermal would not effect a morph that was properly regulating temperatures as an example. I think there is an actual infiltration morph if memory serves. There is also a morph in Sunward that can change its facial appearance regularly. Security has alot going for them, but so does the spy. The nanobot tags that cling to you and transmit your location can be detected and neutralized with equipment in the book. With survellance being as heavy as it is, I'd imagine alot of the skill in not being noticed is actually more like hiding in plain sight and not sticking out. If you are just another one of the faceless masses in the crowd, I'd imagine you can get away with alot. The weapon detection equipment can be avoided through palming and misdirection using the palming and infiltration skills. According to the rules and explination, the users can overcome the scans through slight of hand and clever tricks. Another tactic would be the good old system crash. Even a mediocre hacker can get in and crash a security system. I could see crowded checkpoints resorting to pat downs and basic 21st century security checks when their equipment is on the fritz but they just can't close down while it is offline. I think alot of these things would be situation specific. Not every counter-measure would always work. I'm sure some security would be so tight that it would be stupid to try to subvert it, but there is always a way. The fact that Firewall exists at all is proof that survellience isn't foolproof.

My comments are based on the mathematical limitations of the data, and the normal limitations of the creators. The creators will not think to test things they do not think to test. The only work around is to get a different creator - but AIs are designed by people and, at best, will likely only think of the things defined by their creators. You do get the benefit of a few 'universal' codes of security checks available, but we have that right now in the form of NIST and ISO documents, and people still mess it up. Creativity is always going to be one of your most useful tools. People will not institute measures which are too expensive (due to cost-benefit analysis, or because of normal sloth) to implement. This too will not change. The technology reduces the price of some vulnerabilities, but increases the price of others. I can't think of how this rule will change. The question of data is also still one of mathematics. The amount of data we're processing has gone up geometrically. A human simply cannot read all of the data provided by his tools. It's just not cost-effective. While AIs and time-compression will increase our relative speed, up to sixty times the current rate, the nature of our tools mean that we are likely looking at up to an increase of 2^50th in quantity of data provided. Data processing and gathering is moving at an exponential rate. It has been since the first transistors, and that rate apparently does not change with EP. The only way you can reduce your data to a manageable level is by applying rules to eliminate all of the cases that you're 99% sure don't apply. That means something gets swept under the rug. Really what you're looking for though is, try as much as possible to be a fringe case. The further you are from established, traditional threats, the less likely you are to be noticed, or effectively stopped. The flip side of that is, the tried and true threat-vectors are still threats because they're effective - and using them with sufficient force and preparation is still a valid option.

Hell you don't even need that. Skin Pocket: The morph has a pocket within its skin layer, capable of holding and providing concealment (+30) for small items. [Trivial] Skinflex: This disguise implant allows the user to restructure their facial features and musculature and alter skin tone and hair color. The entire process takes a mere 20 minutes. Skin ex adds +30 to Disguise Tests. [Moderate] For the synths: Hidden Compartment: The shell has a concealed aperture for a shielded interior compartment, ideal for storing valuables or smuggling contraband. Apply a –30 modifier to detect this compartment either manually or with sensor scans. [Low] Shape Adjusting: This shell is made from smart materials that allow it to alter its shape, altering its height, width, circumference, and external features, while retaining the same mass. This modification is typically employed to reshape the morph into special configurations adapted to specific tasks (for example, lengthening to crawl through a tunnel, widening its base for stability, expanding to reach out and attach to multiple access point simultaneously, and so on). This mod also allows the morph to change its features for disguise purposes; apply a +30 modifier to Disguise Tests. [High] Some gear: Chameleon Cloak: This loose, poncho-like cloak contains a network of sensors that perceive wavelengths from microwave to ultra-violet. A similar network of miniature emitters precisely replicate the information its sensors receive, making the wearer seem transparent to those wavelengths. A chameleon cloak allows a character to effectively become invisible as long as they are stationary or not moving faster than a slow walk. When worn by someone moving faster, the cloak still provides a +30 modifier to Infiltration Tests to avoid being seen or noticed. Chameleon cloaks are not effective against radar, x-ray, or gamma-ray sensors. They do hide the character from thermal infrared, however, by absorbing the character’s body heat into its heat sink. The cloak can only absorb a character’s body heat for one hour before it must emit this heat. Heat emission also requires one hour, during which time the character is easily visible in the thermal infrared spectrum. [Low] Dazzler: The dazzler is a tiny laser system set on a rotating ball. When activated, it consistently spins and emits laser pulses in all directions. These laser pulses are not dangerous, but they detect the lenses of camera systems (including specs, viewers, and bot/ synthmorph sensors) and repeatedly zap them with laser pulses of varying strength to overload and dazzle them. For as long as a dazzler is active, any camera system (visual, infrared, and ultraviolet) within line of sight and within 200 meters is blinded. [Moderate] Invisibility Cloak: This cloak is made of metamaterials with a negative refractive index, so that light actually bends around it, making it and anything it covers invisible. This invisibility works from the microwave to ultraviolet spectrums, but not against radar or x-rays. The drawback is that anything concealed within the cloak can’t see out. This is easily overcome by using external sensor feeds (if available) and entoptics to navigate. Alternately, a small piece of anti-cloak, which cancels the cloak’s invisibility properties when touched together, can be used to create a small window to peep out of, though this increases the chance of being spotted. Noticing such a window requires a Perception Test with a –30 modifier. [High] What their up against: Security AI: Security AIs provide overwatch for electronic systems. Skills: Hardware: Electronics 30, Infosec 40, Interface 40, Professional: Security Systems 80, Programming 40, Research 20, Perception 30, plus one weapon skill at 40. [High]

Some other security/spy gear: Love doll An inflatable decoy person. The decoy is a capsule that, when triggered inflates into a fairly realistic-looking human, covered with a chameleon surface that can take on the right clothing an appearance. Simple movement programs allow it to walk, stand or move as if it was real. It will rapidly heat up to body temperature. Up close nobody will be fooled (or in t-rays, ultrasound or radar), but at a distance or in bad viewing conditions the decoy can be useful. Can be used to distract, leave a warm body in a bed, appear to have extra soldiers or send ahead into traps. [Low] Kidnap patch A skin patch that blocks electronic transmissions like a jammer bullet, injects a strong sedative (or Oxytocin-A) and nanomachines that tries to disable Muse control over all implants (Each turn they attempt a resisted Infosec 60 attack against the muse, and if they win they disable muse control). Kidnap "deluxe" also contains nanomachines that builds a crude puppet sock interface to the brain (takes about 30 minutes to form), allowing the kidnapper to take control over the morph. Safe blueprints Agents often need to get equipment in the field inside controlled environments like the Planetary Consortium, where all matter fabrication is heavily controlled. Government agents may have access to blueprints for restricted products, but they can usually only be used on special fabricators. "Safe blueprints" are apparently innocuous designs that get around limitations on building restricted items in public fabbers. Some merely have fake authentication, making the fabricator ignore that it is actually building a restricted object. Others are "art" that hides components that can be assembled into restricted structures. [Cost: one level higher than normal blueprints] Exploit rug A complex wall rug/artwork with endless detail, looking like a textile 3D Mandelbrot set - visually fascinating or annoying, but very hard to focus on or study due to its enormous amount of detail. It actually hides a network of nanocomputers, sensors and phased array antennas that allow it to act as a powerful security/espionage server. It is capable of scanning the environment for transmissions and activity (including heartbet and personal electromagnetic fields), sniffing, jamming both radio, t-rays, sound and vision (in the last form it acts as a dazzler) and in some versions psi. The antenna array also allows it to focus ultrasound, radio or microwaves within the vicinity with high precision, acting as a microwave agonizer, bug zapper and point-to-point communication system. Usually it houses a well-equipped hacker infomorph with at least a Khaos AI or Security AI as help. Exploit rugs are both a way of smuggling in equipment (since it is hard to detect the full capabilities of the "artwork") and a discreet safety measure for offices or meeting rooms. [Expensive] (Borrowed from Scott Westerfeldt's "Evolution's Darling")

OneTrikPony wrote:

However, in support of Arenamontanus' idea I think there is a code used to unlock any Fabber, two actually. OZMA has one and Oversight has one. All fabbers manufactured by PC corps are automatically programed to unlock for any blueprint that carries the Oversight code. (Kinda like how AT&T and Yahoo will open their whore legs for NSA when ever it gets a hardon.)

A concern regarding such a measure would be that Autonomist hackers reverse engineering the firmware of fabbers would discover those authorization codes and disseminate them, thus causing restrictions on the technology to backfire as word got out. A method that would be less likely to get out would be OZMA or Oversight partnering with a small number of firms that manufacture fabbers to make them put complexes of bugdoors (deliberately implanted vulnerabilities) into the firmware. A deliberate pattern of exploitation of the right vulnerabilities would result in unlocking the fabber for a certain period of time. While vulnerabilities are routinely found and exploited, it is less likely that someone would detect an implicit process involving multiple bugs. To put it another way, consider all of the tiny mistakes and misalignments that arise during the design and construction of a keylock that, when taken into account and applied in a particular sequence allows someone with a filed down bit of spring steel to pick a lock.