We need ideas for adventures.

[chadsansing]

Have ideas for adventures related to privacy, security, and digital inclusion? Not sure if you have the time or capacity to work on a complete adventure during the sprint? Share your inspiring scenarios here.

Describe and/or link to your work by commenting below.

[BakuDreamer]

I'm not sure what to do with this situation. Basically, in the aftermath of a magical mishap, the PCs wind up with no soul-keys. The shard-net thinks they're dead now. But they now have - two - authentic true-names each.

I don't know where to go with it after that. I was thinking that the weird uniqueness of it could give them an outside-the-system advantage that could be exploited, but, I don't know enough about network shenanigans to see what kind of mischief you could pull with a set up like that.

There's the advantage of having ' faked your own death ' perfectly. ( No more calls from troll collection agencies ) The second, totally authentic, true name is like having a second totally authentic birth certificate along with all other documentation ( passport, citizen card, etc )

[ 4 - 28 addition ] - Also there's the ' repudiation ' thing with a TN. ' ... someone cannot deny their true name if caught responding to a message encrypted with it ' Unless they have two maybe ? I-Know-Your-True-Name spells would be nerfed by 50%, not work, or stop working with a resistance check maybe. ( I'm thinking of how Killgrave's Domination power over Jessica Jones wears off on her in the end )

On Tue, Apr 25, 2017 at 9:56 AM, Chad Sansing notifications@github.com wrote:

Have ideas for adventures related to privacy, security, and digital inclusion? Not sure if you have the time or capacity to work on a complete adventure during the sprint? Share your inspiring scenarios here.

Describe and/or link to your work by commenting below.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/MozillaFoundation/mpa-cryptomancer-challenge/issues/9, or mute the thread https://github.com/notifications/unsubscribe-auth/AakbRUrwtBOMtorX9XwFL8z1FQnea4bbks5rziWjgaJpZM4NHxQy .

[chadsansing]

Wild, @BakuDreamer. Let's enlist the help of some of our crypto-savy community members as we approach the sprint. How do you think this idea might develop further, @tromand & @cryptomancer-actual?

[cryptomancer-actual]

So, this is serious rabbit hole material, but I'll give it a shot.

In the game, encrypting with a public-key (true name) that has no corresponding private-key (soul key), is a good way to encrypt something so that no one, not even the owner of the true name, can decrypt. It's a way to brick systems/data, and in the game's system/cannon, only the encryptor's death can decrypt it.

Let's consider the trouble this person could make:

-Encrypt a portal (door, window, cave entrance) that no one can see or pass through, ever. -Encrypt a face (someone else's, your own) that no one will ever recognized, ever. -Encrypt a voice (someone else's) that no one will ever be able to understand, ever. -Encrypt a scroll that no one can read, ever.

*unless the encryptor dies, in which case, a true name becomes a word that becomes a normal word that can be used in a keyphrase in symmetric encryption (and decrypted accordingly).

Example: Bob's true name is Robert. Someone encrypts a thing with "Robert." Only Robert, who possesses the corresponding soul key, can decrypt it. However, when/if Robert dies, anyone who knows "Robert" (the public key) can now decrypt that thing.

But it gets worse.... anyone who knows this persons true name can encrypt with it, which means the poor owner of the true name might not even be the problem. Man, that's cruel.

Anyways, I think there might be an adventure here, but instead of the players losing their soul key, it's actually some crypto-misfit who is just causing all kinds of chaos. Players would have to use shardnet geolocation techniques and some of the "investigation" spells to find this person/creature and get rid of it.

Now, let's walk through the other way of reading this one.

The way I'm reading the description of the scenario, the players now know two unique words that can somehow be used in symmetric encryption, but are perfectly resilient against dictionary attacks (because normally, folks can't use Pronouns in symmetric keyphrases). Someone can do symmetric encryption with these true names (e.g. "Robert"), but anyone who knows "Robert" can also decrypt these messages. But in the game's cannon, this is sort of just like using a dead person's True Name in symmetric encryption.

@chadsansing ... In "Code & Dagger: Volume I", two similar concepts are discussed... one about abusing the True Names of dead people, and the other is about vampires who steal your True Name and commit identity fraud. Should Code & Dagger be included in the free materials for volunteers?

[cryptomancer-actual]

I'd love to help someone design a prison/dungeon that heavily utilizes crypto-gears... basically, SCADA meets IoT. For example, a prison that uses crypto-gears to open/close prison cells, uses hard to reach shards for scrying (like surveillance cameras), etc. And all connected to a golem. Defeating the prison's controls would require players to enumerate shardnets, bridge those shardnets to CodeBreakers to crack weak keyphrases, and abuse the prison's controls accordingly.

Players would have to either escape the thing from inside a cell, or plan a prison break.

[chadsansing]

@cryptomancer-actual, I appreciate the generosity! If you're willing to share, let's look into providing Code & Dagger, as well.

Can you define SCADA for us newbies?

[cryptomancer-actual]

@chadsansing Re: Code & Dagger, it's is a free product, so distribute at all.

Re: SCADA. Sure. Supervisory control and data acquisition (SCADA) systems are the computers and network appliances that support really, really big machines or physical systems. Common examples include power plants and manufacturing facilities, but they also support really big, distributed systems like electrical grids and the stoplight system for city's streets. These systems are very often air-gapped from the Internet to avoid most attacks, but they also tend to be extraordinarily weak against attackers who gain physical access to their systems.

[cryptomancer-actual]

Another adventure idea: some type of masquerade ball where all the participants have their faces encrypted with the Dissemble spell. The players attend for the purposes of finding a fugitive or someone they need to save. They must play a social mini-game (haven't quite figured this out yet) or impress people to learn the keyphrase to decrypt their face, or eavesdrop on similar conversations had between otherwise, to steal these keyphrases, etc. The players can also swap keyphrases (I'll tell you that person's keyphrase if you tell me this person's keyphrase). Or use other techniques available.

[cryptomancer-actual]

Another adventure idea: a potential ally or a supervillain challenges the players to find him/her in a big city. They don't know the mark's true name, race (elf/dwarf/human/other), gender, or age. But the person gives a couple of vague clues, like "I like to garden" and "I own a cat"

At that point, the party has to scour the Shardscape, going with whatever clues they have, querying these terms (and perhaps subgroups devoted to these topics) to try to find this person, and create cognitive links. For example, maybe they'll see in a Gardening forum someone say what their favorite mead/ale is. Then in the cat subforum, they'll see a brief discussion on local taverns, etc. You can see where I'm going with this.

The goal of the adventure is to have players think like either adversarial agents (or typical digital marketers) personally identifying/finding people, even though that person never gave out what we might consider "personally identifiable information"

[cryptomancer-actual]

Another adventure idea: the players have been contracted to design the security/privacy architecture for a resistance community. The players don't need to worry about resources, their client will cover costs of shardnets, golems, cryptovaults, etc. But here are the requirements:

-The resistance community has three cells, each geographically distant from one another. -They must be able to maintain nearly constant communication when needed, because sometimes they coordinate their political actions. -The design should incorporate compartmentalism, meaning that one cell generally doesn't know what the other cells are doing, unless there is a business reason to share. -The design should be resilient, meaning that there are measures to "recover" back to normal operations and reestablish security if one of the cells is captured/compromised.

[zee-moz]

Hi, I’m Zannah, and I’d like to contribute to this project. I’m a big sci-fi fan and I love to write. I’d like to help with creating adventures. I’ll post some ideas here soon.

[BakuDreamer]

One question that'll come up eventually is that they have explosives in Cryptomancer - but not guns. < ? >

[BakuDreamer]

One ' adventure ' as such might involve moving a city-state off of coins ( metallist, commodity currency ) to a paper one ( chartalist, fiat currency ) and using a Truename / Soulkey system to make the new currency unforgeable

[BakuDreamer]

How small can a shard be ? Can be made so small that they're implantable. ( If crypto-gear prosthetics work, why not ? ) Will someone come up with a plan like The Phone Company's in the movie ' The President's Analyst ' ?

" TPC has developed a "modern electronic miracle", the Cerebrum Communicator (CC), a microelectronic device that can communicate wirelessly with any other CC in the world. Once implanted in the brain, the user need only think of the number of the person they wish to reach, and are instantly connected, thus eliminating the need for The Phone Company's massive and expensive-to-maintain wired infrastructure. For this to work, every human being will be assigned a number instead of a name " ( Already have that with the Truenames system )

[cryptomancer-actual]

@BakuDreamer

RE: guns, in the context of a teaching/learning adventure. Schematics for firearms, in a medieval fantasy world, would be a great example of very important information... the type that players would be tasked with either defending or compromising in their adventures. That could be the important piece of information that a courier is trying to deliver from point A to point B. Alternatively, perhaps there is a community of dwarven engineers that want to leak the schematics on the Shardscape and make it open source (so that no one kingdom can use this tech), and want protection first (turning the player's adventure into designing the security/privacy scheme for this band of leakers/misfits).

RE: currency. Brilliant idea. IRL, a treasurer's (printed) signature is often on paper currency, a gesture that is (sort of) supposed to grant legitimacy to the authenticity of that currency. In Cryptomancer, you could have a treasurer or groups of treasurer's signing printed currency with their soul keys. Their true names are public, so anyone is able to assert that the currency was signed by a legitimate treasurer. This brings up excited adventure ideas. What if a treasurer that signed hundreds of thousands of paper bills during his/her career sudden fell ill. If they die, their signature is no longer valid for the purposes of cryptosignatures. Now the treasury has to figure out how to deal with the aftermath... either anticipating massive fraud/counterfeiting, or scheming a plan to recall all of those bills (perhaps a buy-back plan?). Either way, it parallels the IRL problems of having to publicly revoke a certificate because it was compromised.

[BakuDreamer]

I had it that you'd - want - the the money with the signatures to go out of service when the Treasury Secretary, or alternatively the sovereign ( it's his or her royal seal on the money ) dies. It's a currency with built in demurrage. ( You'd have no inflation, and it's you'd super-charge your economy to high-velocity ) Problems might arise if your sovereign, instead of being a succession of old guys, like popes, you unexpectedly get a 11 year old girl as Empress. The economy would slow down, interested parties might think about assassinating her.

On Tue, May 9, 2017 at 6:38 AM, cryptomancer-actual < notifications@github.com> wrote:

@BakuDreamer https://github.com/BakuDreamer

RE: guns, in the context of a teaching/learning adventure. Schematics for firearms, in a medieval fantasy world, would be a great example of very important information... the type that players would be tasked with either defending or compromising in their adventures. That could be the important piece of information that a courier is trying to deliver from point A to point B. Alternatively, perhaps there is a community of dwarven engineers that want to leak the schematics on the Shardscape and make it open source (so that no one kingdom can use this tech), and want protection first (turning the player's adventure into designing the security/privacy scheme for this band of leakers/misfits).

RE: currency. Brilliant idea. IRL, a treasurer's (printed) signature is often on paper currency, a gesture that is (sort of) supposed to grant legitimacy to the authenticity of that currency. In Cryptomancer, you could have a treasurer or groups of treasurer's signing printed currency with their soul keys. Their true names are public, so anyone is able to assert that the currency was signed by a legitimate treasurer. This brings up excited adventure ideas. What if a treasurer that signed hundreds of thousands of paper bills during his/her career sudden fell ill. If they die, their signature is no longer valid for the purposes of cryptosignatures. Now the treasury has to figure out how to deal with the aftermath... either anticipating massive fraud/counterfeiting, or scheming a plan to recall all of those bills (perhaps a buy-back plan?). Either way, it parallels the IRL problems of having to publicly revoke a certificate because it was compromised.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/MozillaFoundation/mpa-cryptomancer-challenge/issues/9#issuecomment-300166693, or mute the thread https://github.com/notifications/unsubscribe-auth/AakbRUoNjsH6f-LplExLfnGPo6i669Yeks5r4GxTgaJpZM4NHxQy .

[cryptomancer-actual]

@BakuDreamer Hmmm, I guess I don't quite follow the nuances of succession planning / currency, but regardless, I think it's important to steer adventure ideas for the Sprint specifically towards security/privacy teaching moments. I think it's safe to say the genre already has a ton of intrigue, but not a lot of infosec teaching. : P

[BakuDreamer]

So what's the Shard-net version of CALEA ? Or ' shard escrow ' ?

[cryptomancer-actual]

@BakuDreamer Escrow, or key escrow, is another fun concept very relevant to Internet privacy and ripe for game adventures. In the Cryptomancer context, local laws would mandate that when you create a keyphrase to use for encryption (whether you are encrypting a scroll, or a doorway, or your face, or your voice), you have to share this key with the local authorities. If they spot an instance of encryption they cannot decrypt, they consider it a crime (because someone didn't share their keys with the authorities). Their reasons for this would be "so we can protect you from criminals and terrorists." However, we all know that regardless of how noble this type of collection is, it is prone to abuses.

[BakuDreamer]

Could there be goblin ' skippers ' ? Since to be legal, every shard-network has to be available to LE monitoring, but they don't have a shard for every network, do they ? Maybe they require that now, but, they want to be nice about it so it's offset by a Skipper

The skippers are goblins who have a chip of any given shard-network. They have the goblins in a big building where they play all day and they wear little sailor hats ( hence ' skippers ' )

All newly imported shardsets are required to have these goblin skipper chips. There's a black market for sets that don't and a grey market for pre-law sets.

The goblin skipper is listening to all the traffic on that shard-net, and it can decrypt it, if it's asked to that is, but does't unless someone LE is there and asks, and supposedly has a warrant. The goblin just has all the network traffic running through its head, which it doesn't understand and doesn't remember, but then they can plug into it and decrypt traffic through the goblin skipper if they want to.

On Tue, May 9, 2017 at 6:05 PM, cryptomancer-actual < notifications@github.com> wrote:

@BakuDreamer https://github.com/BakuDreamer Escrow, or key escrow, is another fun concept very relevant to Internet privacy and ripe for game adventures. In the Cryptomancer context, local laws would mandate that when you create a keyphrase to use for encryption (whether you are encrypting a scroll, or a doorway, or your face, or your voice), you have to share this key with the local authorities. If they spot an instance of encryption they cannot decrypt, they consider it a crime (because someone didn't share their keys with the authorities). Their reasons for this would be "so we can protect you from criminals and terrorists." However, we all know that regardless of how noble this type of collection is, it is prone to abuses.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/MozillaFoundation/mpa-cryptomancer-challenge/issues/9#issuecomment-300344672, or mute the thread https://github.com/notifications/unsubscribe-auth/AakbRcogXm8HMM7Xcs7GazFeT87IPH_5ks5r4Q1qgaJpZM4NHxQy .

[cryptomancer-actual]

Don't know where to put this, so I'll put it here for now.

Just thought of a another covert communication channel for the game. So Cryptomancer has a spell called "Psychometry" which lets you touch an object and harvest memories/impressions of it. For example, if you touch a door, you can potentially remember the last person who touched it, etc.

Thus, you can have a resistance community exchange meaningless tokens (e.g. a piece of fruit, a coin, etc.) as a way to send messages. Here's how it works. You hold the token, and say something to it, like "Hello, here is my secret message!" You hand off your token to a recipient who you know has the Psychometry spell. That recipient takes the token to a safe place, casts Psychometry, and gets your message "Hello, here is my secret message!"

So, an Agent needs to get secret instructions from his Handler. The Handler runs a fruit stand in the market. Every day, the Agent comes by and buys an apple. Of course, the Handler chooses the apple he embedded with the memory. Agent walks away, casts Pyschometry, gets the message, then eats the evidence!

[BakuDreamer]

It's ' The Dead Zone ' , I love it

​

On Thu, Jun 1, 2017 at 1:53 PM, cryptomancer-actual < notifications@github.com> wrote:

Don't know where to put this, so I'll put it here for now.

Just thought of a another covert communication channel for the game. So Cryptomancer has a spell called "Psychometry" which lets you touch an object and harvest memories/impressions of it. For example, if you touch a door, you can potentially remember the last person who touched it, etc.

Thus, you can have a resistance community exchange meaningless tokens (e.g. a piece of fruit, a coin, etc.) as a way to send messages. Here's how it works. You hold the token, and say something to it, like "Hello, here is my secret message!" You hand off your token to a recipient who you know has the Psychometry spell. That recipient takes the token to a safe place, casts Psychometry, and gets your message "Hello, here is my secret message!"

So, an Agent needs to get secret instructions from his Handler. The Handler runs a fruit stand in the market. Every day, the Agent comes by and buys an apple. Of course, the Handler chooses the apple he embedded with the memory. Agent walks away, casts Pyschometry, gets the message, then eats the evidence!

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/MozillaFoundation/mpa-cryptomancer-challenge/issues/9#issuecomment-305617277, or mute the thread https://github.com/notifications/unsubscribe-auth/AakbRfLOlxq7vgRWz44GWkxn-tPZdkMEks5r_yTggaJpZM4NHxQy .

[cryptomancer-actual]

While I'm on a covert/side channel kick, here's a couple more.

"Astral Eyes" covert channel: Inspired by the movie Seven, sort of. Agent A goes to a library and uses his fingerprints to impress a secret message on the pages of a book. Next day, Agent B goes to a library, looks at the book using the spell "Astral Eyes" (which is normally used to find forensic evidence, like fingerprints and blood splatters) to view the message. Anyone else looking at the book doesn't see anything unusual. Could also be done with a hymnal book in a temple, or anywhere where some type of flat object is handled back and forth... heck, even a dinner plate.

[chadsansing]

I love the physical, forensic ideas here especially. I think a lot about how to teach offline privacy & security habits, and this thread resonates with that thinking.

[Plotanical]

Well, it's a little late, but I wrote a short story that could inspire an adventure. Here's a google doc.

It was mostly an exploration of Cryptomancer's mechanics since it's all new to to me, but there are some real world lessons about who you trust with your system and trying to minimize single points of failure that might cause cascading problems if they get taken off-line.

[chadsansing]

Thank you, @Plotanical - the repo will be here for contributions and discussion!

[BakuDreamer]

Does ' kill bolt ' have a physical effect ? ( scorches the wall ) Or is it all magical ( a versus Resolve contest ) ?

On Tue, Jun 6, 2017 at 1:32 PM, Chad Sansing notifications@github.com wrote:

Thank you, @Plotanical https://github.com/plotanical - the repo will be here for contributions and discussion!

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/MozillaFoundation/mpa-cryptomancer-challenge/issues/9#issuecomment-306608194, or mute the thread https://github.com/notifications/unsubscribe-auth/AakbRf0_ma_sDlUll6R_CPU4ClvaZjyeks5sBbdPgaJpZM4NHxQy .