Hacking is a dangerous activity. Due to the inevitable fact that the human brain has to be linked to the machine the flesh is in danger as well. Headaches that make one crawl up walls are a usual work risk; especially for the new kind.

Yet... The whole process is running on pure adrenaline. There is no time for thinking when doing a run. Not much at least. Movements are purely instinctive. Maybe that is also a big part of the show. Some cowboys are even dependant to experience the thrill at least once a day. Fortunately not all are on it like a drug. Those know how to judge odds instead of ruining themselves.

First step is to examine the system to intrude. For most places it is quite easy to get basic characteristics like their system states. As long as one targets a low security area that might actually be enough. However there are also high risk places; crowded by human and automatic defences. No defence is ever perfect however. If the timing is right one might be able to avoid some of the pests.

Next the hacker has to decide what library he uses based on the system he wants to penetrate. More sophisticated approaches also factor in the libraries of the opponents. Preparing his procedures one is ready for the big one.

Beginning

The start of a fight is usually fairly unspectacular. But it is the first time that both sides know what opposition they will face. Now is the time that all library's and bots are uploaded. It is also the time the intruder will see how good he did plan his run.

Winning

Winning is very 'simple'. Just have all opposing forces disconnect; so simple and so hard to achieve.
There are several ways how to disconnect one of course.

• Most likely scenario is that the enemy knows when he got enough and retreats.
• Second likely possibility is that the intrusion is successful and so the intruding library instantly wins.
• A third way of winning is by getting a deck to auto-disconnect by reducing a libraries sockets to below 0.
• Finally one can also damage a deck so much it also auto-disconnects.

Processor Cycles

Struggles happen so fast it is impossible to co-ordinate each and every move of a library. Instead this communication happens in bursts. Also called turns. All participants have to send a list of commands that gets executed. Then they wait for the commands to happen while preparing their next strikes. That way one gets the chance to actually see what is going on and react to it instead of only following feelings. The shortest practical useful time between bursts is 100 processor cycles. So a turn is formed of 100 individual sub steps.

The Procedures

There are two general classes of procedures available. Procedures can either affect a library - yours or another - or they can affect the system, which in turn affects most procedures.

Procedures of the first kind are very varied. There are procedures that attack enemy libraries or even damage them outright, procedures that protect or reconnect your own and many more.

The second kind raises or lowers the speed of a certain system component in the current environment. Like you could make it darker by lowering the amount of Light around. If you know that procedure, that is. Using these procedures to your advantage can bring you victory where it did not seem possible anymore - that crook drowning you in a specific procedure? Well, just lower the speed of the corresponding component to none and that's it with them.

Run Order

Procedures are run one after the other in a fight, with the more powerful procedures taking longer to run than the simpler ones. In other words, procedures are executed in exactly the order you send them to the library, and the less they cost, the quicker they are done. Yes, this does make it possible for one participant to run several low-power procedures before his opponent finishes that one megabomb. It does, in a way, give the low folks a fighting chance, especially if several of them gang up on one big guy. To be more on the numeric side, a procedure needs as many processor cycles to be executed as it costs.

Information Level

Almost as important as the processing power a library can retrieve from the system kernel there is a second value - the information level of the human behind it. In the idle state a library is transmitting small packets to update the information level. If in use however these updates do not happen anymore. Even worse most procedures lessen the information percentage as they cause chaos. A hacker always has to have a close look at this information ratio or bad things might happen. Despite the problem of a crash attack there are also other possible traps. The higher the misinformation, the higher the chance that a procedure misaims. For highly guarded Kernels that usually results in a lost procedure. However on badly designed, fast systems, a procedure might still work; just that it will target something. Maybe even yourself!

Intruding

Just as your process power and your information level the intrusion indicator should always be looked upon. Especially beginners tend to forget this attribute. That can be a big mistake. Always remember that once the intrusion level reaches 100% the match is instantly over. No matter what the other factors had been. Also there is no way to push back an intrusion, only delay it for a short time. So every step made here is a permanent one!

The System

In a fight all components, even the Kernel, show some interesting behaviour:

Error Correction

All system elements try to get back into the state they had before the fight started. Depending on the environment the battle takes place, some components might more often revert then others.

Instability

Permanent attacking does not go by the components. You would not throw around 20 procedures on the file system and still think that it will remain the same, would you? This is just the way it is. The more procedures of one component are run the more unstable that component will become. This even holds true for the system's Kernel. Now there are 2 possibilities. Either, if left alone, the chaotic tendencies will vanish again, or they will result in a shift (up or down) of the respective component's security.

Intrusion Detection

Systems are built to detect unnatural activity inside their memory. However detecting such activity is hard and quite slow. Especially as there are too many programs as to know them all. So an adaptive mechanism is used. It monitors how often a program is run. When the ID notices a potential dangerous procedure more then once it tries to quarantine it. So the chance of hitting is significantly lower if one uses the same procedure twice. Also note that the same values are mixed together / add up with artificial induced Intrusion Patterns (generated by Firewall procedures). These Firewall generated patterns decay just as fast as the built in detection tables.

Error Correction of a Library

For most practical means a library is its own operating system. So it is not too surprising that these sophisticated lines of code are also able to do error correction. In fact in most cases they are by far more effective in it then a general OS. No matter what type of modification does take place - may it be shielding, unprotecting or a guard procedure. The effect will degrade over time fairly fast. After 30 cycles it might only be half as strong and only very few procedures can keep their effect up for more then 100 cycles. However not all can be repaired. That includes socket loss or recovery of sockets as well as damages to the deck (PL loss).

Armageddon-Clock

No hack lasts forever. Systems are designed to push out everything that hinders their normal work. May that be an intruder or even a defender that needs too many resources. So the place of a fight rapidly becomes more unhealthy to everyone within. Libraries are designed to adapt, but the end result is unavoidable. It can only be delayed some.

The End

A fight ends when only one team's libraries are still "alive". There is a rare case that all participants are annihilated at the same time, leaving no victor. Usually neither a successful defender, nor a successful intruder is very eager to spread the word of what happened. The first because he might need some time to close the backdoors the attacker used. The latter because he might not want to be brought into connection with the run. Either way there is nothing that stays secret in this world for long; after at most about a week most hacks come to 'public' notice anyhow.