Windows ATMs by 2005 802
An anonymous reader writes "O'Reilly Developer News is running a brief on how the banking industry will be running a stripped down version of windows on 65% of its ATM machines by 2005. On a morning when I'm receiving the latest windows virus in my inbox every five minutes I feel very comfortable with this."
Mo Money! Mo Money! Mo Money! (Score:5, Funny)
Just stand in front of ATM the next time a worm rocks through and watch it start spitting out bills.
ROFL!!!!!!!!!!!!!!!!!
Re:Mo Money! Mo Money! Mo Money! (Score:5, Interesting)
If you completely disregard that most ATMs don't have built-in TCP/IP stacks-- even the ones that communicate via CDPD, or cellular to internet use a transmitter that works through a serial port and sends an encrypted stream of data to the processor-- Most ATMs are designed to go balls-up at the first sign of trouble and shut themselves down after sending detailed error messages to their owners via leased lines. Out of paper? Error message, shut down. Out of money? Error message, shut down. OS Crash? Error message, shut down. Damage to the ATM Case? Error message, shut down.
Re:Mo Money! Mo Money! Mo Money! (Score:3, Insightful)
Most ATMs are designed to go balls-up at the first sign of trouble and shut themselves down after sending detailed error messages to their owners via leased lines. Out of paper? Error message, shut down. Out of money? Error message, shut down. OS Crash? Error message, shut down. Damage to the ATM Case? Error message, shut down.
So you're saying they should be easy to shut down? Good enough for me.
Re:Mo Money! Mo Money! Mo Money! (Score:5, Insightful)
If Vendor A makes an ATM that uses propriatary closed architecture and its units cost $125,000, while Vendor B uses Windows but its units cost $110,000, guess who is going to win the bids? So Vendor A goes to Windows + TCP/IP and gets down to $100,000/unit. Vendor B then responds with Windows + TCP/IP + "Internet connection to eliminate costly leased line charges". Guess who will win that bid? And there we are - the security of a closed system gone in three rounds of bidding.
Now perhaps that example is bad, because there might be regulations in the financial industry to prevent it. And such regulations might even be enforced. But then again, if Enron or Dick Cheney had bought a large ATM network...
sPh
Re:Mo Money! Mo Money! Mo Money! (Score:5, Insightful)
Re:Mo Money! Mo Money! Mo Money! (Score:5, Informative)
I have seen the pressure to go COTS first-hand myself in an application where it really wasn't a good engineering decision. But the price and functionality of the COTS system exerted tremendous pressure on the selection process.
And again, Enron was a financial services company, as were the New York investement houses that served it, but that didn't make them immune from doing stupid things.
sPh
Re:Mo Money! Mo Money! Mo Money! (Score:3, Interesting)
Re:Mo Money! Mo Money! Mo Money! (Score:5, Informative)
I worked in the EFT industry for about 5 years as an engineer and I can say that you are so wrong it's not even funny. The people that make decisions are worried most about how much it's going to cost. If it wasn't for cost, every bank would be processing transactions in real time rather than relying on batch processing on IBM's that are as old as I am.
When a "new" technology comes along in the industry, it's usually applied to the old technology model. For example, when the processor I worked for started using TCP/IP as a transport between datacenters, they didn't encrypt the data end to end. Instead they just replaced some older dedicated link and relied on the same weak ass pin block encryption they always did, paying no mind to the fact that someone with a notebook and a network card could easily yeild 40-50 complete cards per second.
And if you think because it's financial that everything has to be balanced to the penny, you're so wrong. To start with the legacy systems that some networks have to deal with ensure that reconcilliation will NEVER be 100%. Then add to it that if the money is right, a processor will further bastardize their code to accomodate someone else's improper implementation. You end up with a legacy system that often produces unexpected results when something out of the ordinary occurs (I remember one morning when people were being credited several billion dollars to their account after returning something to a store).
As far as auditors or regulators plugging the holes, fat chance. Regulators are more concerned about transaction fees being present on the front of ATMs and the taxability of the transactions that occur. The auditors only know what the engineers tell them since they are usually not engineers or marginal ones at best. The auditors are primarily interested in the paperwork trail left behind from production code installs. If the paperwork looks good they're happy. Mind you that as far as the auditors are concerned, good looking paper work means that it exists. They do not look for proof of testing other than a signature, in other words no supporting documentation showing the before and after effects of the change are required to be documented. Furthermore no regression test is required to show that nobody piggybacked malicious code on the issue. In otherwords the auditors just smile nicely if you hand them a big stack of papers.
Ultimately, the EFT idustry is filled with dinosaurs, people that talk about how funny it was when they used punch cards or learned some obscure language in college that hasn't been used in decades. When I left the industry 4-5 years ago, there were people that still used their PCs as dumb terminals because they didn't understand the whole personal computer thing (I'm REALLY not joking).
So as far as Windows being used on ATMs, they are going to do as they've done in the past. They will build the machine but instead of putting OS/2 on it, they'll install windows on it. They will rely on the same security they always have, and why shouldn't they? It's served them well for 30 years.
Exactly: Cost is key (Score:5, Insightful)
The people that make decisions are worried most about how much it's going to cost.
And you don't think it's conceivable that someone will decide that the cost of losing billions upon billions of dollars when the Windows+TCP/IP+internet connection machines are hacked isn't worth it?
They may not be very security-savvy, but they won't do a massive rollout that will leave them with a nationwide network of completely broken ATMs that divulge money at the drop of a hat. Insider addition of malicious code, while a pain, doesn't even begin to compare cost-wise with complete public access to machines with internet-enabled, free-for-download, no-knowledge-required exploits.
You can catch and arrest a malicious insider if the losses start adding up. You can't just arrest the entire US.
Re:Mo Money! Mo Money! Mo Money! (Score:3, Insightful)
However, the banks are simply super conservative. I wrote a system to transmit credit card logs to an acquirer over FTP. which to the bank was cutting-edge technology. The *only* reason it was implemented was that the old transmission system was not y2k compliant.
that does suggest a bit better security - how many hackers can hack Cobol code, or an obtuse
Re:Mo Money! Mo Money! Mo Money! (Score:5, Interesting)
The banking industry is one where cutting corners simply isn't allowed.
You'ld be surprized at just how cheap banks and money institutions can be. Although it wasn't a bank, I once worked for the largest government bonds firm as a sysadmin. Their clients were banks themselves. Bonds were traded in lots of 10 million and in one day you'ld get serveral thousands of transactions. I was amazed at just how much money use to flow through the systems I was running. As a brokerage firm, they made their commision with a few pennies on every transaction. They were making tons of cash daily. Money was everywhere, but what amazed me most was the equiptment. Many of the hub servers were old SPARC 5's and if it was a bigger client, they got a spanky Ultra 5. Not even servers! For such a critical app, I suggested they buy into Netra's or something teco grade that could withstand a beating. The response I got was it was too much money. I couldn't believe it. Here's they'd pull in 20 million in one day from a single client, and they couldn't spend $1000 to upgrade the server. Then it was explained to me by another admin who's worked that arena a while. He said the cheapest companies you'll ever work for (from a sysadmin perspective) will be banking institutions and financal firms. They're filthy rich, but you can't squeeze a penny from them.
That's been my only experience with being a sysadmin at a money institution, but from that experience, it wouldn't surprize me at all to hear how banks would opt for the lowest bidder for any project. Hell, these guys were so cheap, they'd try to avoid buying directly from Sun and go with some third party refurbish vendor. Just unbelievible how cheap they'd be....but they all wore very nice suites. And just so you know....yes....they're still in buisness and they're still the largest bonds brokerage firm in the world. Pretty scary from a tech perspective.
Re:Mo Money! Mo Money! Mo Money! (Score:3, Interesting)
The best example of this I can give was a EFT processor that spent time and money creating and implementing a n
Re:Mo Money! Mo Money! Mo Money! (Score:5, Informative)
Re:Mo Money! Mo Money! Mo Money! (Score:3, Interesting)
I saw an out-of-order ATM a while back displaying a black screen with a C:\ prompt! Now maybe we can get the BSOD instead.
Re:Mo Money! Mo Money! Mo Money! (Score:5, Informative)
Reylas
Re:ATM TCP/IP Stack (Score:5, Funny)
Built in failsafes? (Score:5, Funny)
Re:Mo Money! Mo Money! Mo Money! (Score:5, Insightful)
OS Crash? Error message, shut down.
There's a level problem there. The problem with OS crashes is the application doesn't get a chance to decide what to do, and even if it did generally wouldn't have the wherewithall to do anything useful. Even impending power failure is easier to catch.
-- MarkusQ
Re:Mo Money! Mo Money! Mo Money! (Score:4, Interesting)
All you need is an extra microprocessor in there with a simple firmware designed to keep asking the OS "are you OK?" and killing it if it doesn't respond. For all the cost of securing an ATM that can't be all that expensive.
I believe Linux possesses features like this - at least that is the impression I get when disabling all those kernel features related to watchdog interrupts...
Re:Mo Money! Mo Money! Mo Money! (Score:3, Insightful)
Yeah, most noticably they don't have email users on the ATMs...
From the submitter's ingress, it looks like he fears that the ATM boxes will fetch email and open attachments automatically. I somehow do not believe that's the deployment process for updates going to ATM boxes...
Regards,
--
*Art
V-Com (Score:5, Informative)
The tech doing updates opens the bay, plugs in a regular keyboard, logs on to an e-mail account, and runs the patches distributed that way.
Not something I really would trust with my money!
Re:Buffer Overflow? (Score:5, Interesting)
I think you were being funny but I actually develop ATM software and some of the code I have inherited from the previous idiots would have been succeptible to exactly that. It wouldn't get you any money unless you knew the internal protocols for dealing with the cash dispenser in addition to knowing how to exploit a buffer overflow (in which case you would likely know 10 other/better/easier ways to rip it off) but that is almost certainly a hole in more than a few machines out there.
Re:Mo Money! Mo Money! Mo Money! (Score:4, Insightful)
Re:Mo Money! Mo Money! Mo Money! (Score:3, Interesting)
But the generic Windows XP Embedded is already perfect for any situation, and would require no customization. Ok.
Windows ATM on the other hand needs no kernal patches ever time a problem is found you can just download a hotfix from their site, this requires no experts and lowers the TCO.
M
Three Major Vulnerabilities (Score:4, Insightful)
But one of Anderson's colleagues, Bruce Schneier, chief technology officer at security monitoring and consulting company Counterpane Internet Security, dismissed this [money-dispensing virus] scenario. He pointed out that the machines would not operate online and therefore would not become vulnerable to a malicious Internet attack or to some virus passed around in an e-mail attachment. Because the machines have no peripherals like floppy disks, it would be difficult for a cracker to install code or steal information.
Of course, everyone knows that ATMs have no communications links of any kind. It's just a box full of money with a power plug, right?
Duh! The ATM communicates with the bank, with the ATM user, *and* with the maintenance staff.
* The bank connection is some sort of comm line. Put encryption on it and maybe it's safe. But what happens when it turns out they've used some Win-standard encryption
* The customer sticks a card in and punches buttons. This is reasonably safe now, when you have little more than a numeric keypad with "Cancel" and "Enter" buttons. But the more Windoze crap they add -- they're talking about "lottery tickets and soft drinks" -- the more robust the UI will have to be. Are you sure you checked that buffer overflow?
* Finally, the maintenance staff has "root-like" physical access to the system. Sure, you have to get past some heavy-duty locks to get to the control panel inside the machine. Big deal, lots of crooks know how to pick locks... how many, though, know OS/2? But what happens when trojan-friendly Windows is the OS? Pick the lock, load the software (because there *will* be a floppy, CD-ROM, or USB port for upgrades), and dispense free, untracable cash whenever someone inserts an ATM card with magic cardno "1111-2222-3333-4444".
Perhaps using OS/2 was a way of de facto "security by obscurity". Installing Windows is more like "security by crossing-your-fingers".
Re:Three Major Vulnerabilities (Score:5, Interesting)
year or two ago some estonian wiseguys pulled a nice gig here in finland(iirc they did it in sweden too, but i'm not too sure anymore). what they did was install a fake panel on top of the original atm machines panel, so that when you put in a card it recorded it(iirc it even replaced the pad and stored those numbers too). the guys who make up the ideas like this and make up the devices are no idiots, so security by obscurity would be a dead end street.
though, when reading email from public terminals is risky, i'd think a few times before doing my banking from them if i could avoid it.
i trust atm's enough to use them though, would probably even if it had a bit more complicated software in it, provided that it wasn't written by an idiot.
ATM scams (Score:3, Informative)
Most recently I was at an ATM that had a FWD: FWD: FWD: -type email taped to it warning of a new scam; thieves that put a plastic sleeve into the card slot that somehow allows yo
Re:ATM scams (Score:5, Informative)
The latter scheme seemed dubious; the chain-letter like WARNING on the machine, and the insertion sensors on card slots I can't see allowing something jammed that far into them. Plus this was at a gas station deep in suburbia where hanging around the ATM would be suspicious, and where the ATM was in a corner making its use a complete screen of the keyboard.
This scam is called the lebanese loop, and involves installing a thin bit of wire into the card slot, which jams the card in there. This of course stops the ATM from actually doing anything, but a kind gentleman behind you suggests that maybe you should input your PIN a second time. While he is shoulder surfing. This of course doesnt work, and the ATM refuses to give your card back, mainly because it actually cant :)
Then you give up, wander into the bank to complain, and he has extracted your card (easy if you know how with these things) and run off to another ATM in the locality to quickly drain your account of everything he can get.
This scam has been ran a number of times in my town, and people keep getting caught out, even tho there are now massive warnings on the ATMs.
FACTS ABOUT ATM SCAM IN FINLAND COUPLE YEARS AGO. (Score:4, Informative)
These are facts:
Device had card reader. It was placed on front of real card slot so when you inserted card magnetic stripe was read.
People who's cards got copied said it was difficult to get card out from ATM machine. This was because after transaction ejected card was partially blocked by extra reader device those guys installed.
Keypad had kinda sticks on bottom so when you pushed number on spying keyboard it pushed real button under it at the same time. Electronics connected to fake keyboard recorded your PIN and saved it to NVRAM among content of magnetic stripe it just read as well.
Card reader was connected to keypad module that had most of electronics using cable. Cable was covered with square plastic housing to keep it less obvious what was going on.
Since you got your money from ATM no-one suspected anything fishy until day or two later when your bank account was empty.
Crooks were waiting on nearby car. After some
time they went to ATM and removed their device.
Ok, those were facts. There were some claims that device had also WLAN or some other wireless connectivity so card numbers and PIN codes would have been transferred to crooks realtime. However I think that's just rumour.
Device had factory made looking PCB inside. Probably some SBC development thingy.
If there's someone with Helsingin Sanomat archive access you could probably find more details from there. HS is Finnish newspaper so that part was for finnish readers.
Re:Three Major Vulnerabilities (Score:3, Insightful)
Thats just not true, the Windows 2000/XP kernel is secure, just because other programs that run in kernel mode or have rights to the system aren't doesnt't mean that Windows is insecure as a cut down OS. How complicated can a cash dispensing program be?? You can bet your ass that they've tested this stuff to death. Its going to be secure, its not going to be running Outlook or other Windows hacking prone applications.
Please Please Plea
Re:Three Major Vulnerabilities (Score:3, Interesting)
Oh, wait - the machine it connects up to would be a large mainframe that runs 1/2 the speed of the slowest PC, and written entirely in COBOL - I forget these thing
Re:Three Major Vulnerabilities (Score:5, Insightful)
People forget that mainframes have a completely different design object in mind; these systems CANNOT tolerate ANY downtime, not even for half a second. Also, you CANNOT tolerate losing even one transaction, as it may be a billion dollar transfer between accounts. These things are over-designed to the nth degree, with very good reason. Part of that over-design means they can't use the fastest technology around.
As for using COBOL, this will be code that is known to be accurate and error-free; again, you don't want to trust billions of dollars to something untested.
Now, as for why they're thinking of switching to Windows for ATMs, I really can't fathom; is there some problem with their current systems? The articles seem to imply it's because Windows is "open"; why not use linux (or OpenBSD) instead? Then they can tinker with everything to their heart's content and customize all they want.
Re:Three Major Vulnerabilities (Score:5, Insightful)
* The bank connection includes federally mandated encryption. The FFIEC (Federal Financial Institutions Examination Council) specifies the exact standard of encryption used. by the way, have you notice that there are no "Windows standard" encryption schemes anyway? They are all industry standards.
* Buffer overrun exploits also rely on unchecked input - if input is screened to a limited variety of characters few if any buffer overrun exploits would be possible.
* Finally, the maintenance staff has *gasp* physical access to the cartridges of cash loaded into the machine. Why the hell would they bother with a virus when they can just take the money and wander off? The basic premise of any bank is that you can trust the employees not to take the money. As someone who has worked for financial institutions for most of his career, I can tell you without a doubt that anyone who violates this trust is detected and dealt with in a quick and harsh fashion.
Re:Three Major Vulnerabilities (Score:5, Informative)
Maintenance staff does not have 'root' access to the system. They have the ability to open the safe to place more money in, as well as to restock the paper feed for receipts. Thats it. If they're going to take money they're going to do it from the safe, then they'll get caught by doing so. We have one ATM technician and even he doesn't have 'root' access to the boxes.
Please do a little research before opening your mouth.
Pavlov's geeks... (Score:5, Insightful)
Point 1 - Comm line: But what happens when it turns out they've used some Win-standard encryption
Ah yes, God knows non-Windows communications software never has exploits [slashdot.org] (it's a link to the SSH exploit story).
Point 2 - UI: The more Windoze crap they add -- they're talking about "lottery tickets and soft drinks" -- the more robust the UI will have to be. Are you sure you checked that buffer overflow?
Uh, this is specific to Windows how? Microsoft isn't going to be writing the interface, the ATM companies are. And they'd be writing the EXACT same interface on whatver platform you want them to use.
Point 3 - Physical Access: But what happens when trojan-friendly Windows is the OS? Pick the lock, load the software (because there *will* be a floppy, CD-ROM, or USB port for upgrades)
Guess what - the best hackers out there are more familiar with non-Windows OSes than they are with Windows. TiVo runs Linux and it's had the shit hacked out of it. ReplayTV, while still hackable, hasn't had nearly the level of "unofficial" customization. It's a lot easier to muck around with software if you have the source to it.
Now, I'm not saying that Windows is more secure than other OSes. That thought is absurd. My point is that in a very tightly controlled environment, it can be just as secure as the next OS. My other point is that you guys are fucking insane with anti-MS zealotry. Why don't you try looking at the world without that chip on your shoulder.
Re:Three Major Vulnerabilities (Score:3, Informative)
Re:Three Major Vulnerabilities (Score:4, Insightful)
I know the article says the machines "have no peripherals". But that's 100% bogus.
What, they're going to swap out the hard drive each time they want to add a new flavor of soda pop to the menu? Remember, they're pushing ease of upgrades -- that means that there's going to be some user-friendly way to update the ATM with the latest doodads.
That's why I say it'll have a USB port, or a floppy, or perhaps a CD-ROM behind the maintenance door. The alternative is to allow the ATM to be programmed remotely via the comm line... and tell me how that is any different from being "connected to the internet" when the PC on the other end is part of the corporate intranet.
Yes, it will be possible to make these systems hack-proof (or at least hack-resistant). But hack-proofing decreases user-friendliness, and some bank somewhere will choose the wrong priority when designing their Windows-based ATM system.
Re:Three Major Vulnerabilities (Score:3, Interesting)
The usual method is to steal a JCB or Bulldozer and rip the whole machine out of the wall. Shove it in the back of a stolen van, shoot off at high speed to an abandoned warehouse, and take your time getting it open.
This happened quite a few times here in the UK about 10 years ago. Don't know why people stopped doing it; maybe they use those dye bombs now?
Re:What a stupid prediction! (Score:3, Insightful)
OTOH, the >100% number isn't outside possibility:
In other words we will have 53% more Windows installation on banking machines then total number of banking machines on the planet.
If the number of banking machines itself doubles by 2006, then it will be no problem to install Windows on 1.53 times as many machines as are in place now. That's not to say they accounted for that in the sta
Windows ATMs (Score:5, Informative)
Re:Windows ATMs (Score:2)
Re:Windows ATMs (Score:2, Interesting)
Re:Windows ATMs (Score:2)
Re:Windows ATMs (Score:5, Informative)
Re:Windows ATMs (Score:5, Interesting)
(Still worked though, but it put other people off using it, meaning I didn't have to queue to use it).
Lots of them are color and have shockwave flash type intro's.
The underground here in London (well, really DLR, the Docklands Light Railway) has ticket machines that run OS/2, apparently in French or German though (definately not English!). They often die at early hours of the morning (~6) until rebooted remotely.
Re:Windows ATMs (Score:5, Interesting)
Re:Windows ATMs (Score:4, Funny)
Re:Windows ATMs (Score:3, Funny)
--------
The fake Gzip Christ isn't not user number ~0xA6CA7
Re:Windows ATMs (Score:5, Interesting)
You have requested 100 dollars (Score:5, Funny)
I can't wait for ATM clippy (Score:2, Funny)
posted anonymously to not lose kharma for funny.
Already there (Score:5, Informative)
Re:Already there (Score:5, Informative)
Honestly, having ATMs on NT isn't so worrisome to me, since I know the back room sorters, remmitance machines, data entry stations, and imaging apps have all been using Windows for at least a few years. Those are much more dangerous in terms of having direct access to your personal banking databases. A lot of banks don't connect them to any internal networks at all, but a lot do because remote management is a big deal amongst companies reselling the machines to banks.
At least ATMs have security cameras and all that stuff. These machines and software in the back room is rarely half as secure as a given ATM.
Fatal Exception (Score:4, Funny)
A FATAL EXCEPTION 0$ HAS OCCURRED.
Please contact your financial administrator
Re:Fatal Exception (Score:5, Insightful)
As a long time Windows developer, I would have to say that, for a great many painfully obvious reasons, Linux would be a better choice for this. It's cheaper, more reliable in that a developer can see the source code, and see what it's trying to accomplish, has nice GUI's, and many development platforms to choose from.
Even though the article says they would run on a stipped down version of Windows, Linux takes up a much smaller footprint and runs faster, so older/cheaper hardware could be used without any concern.
With large banks trying to cut costs/increase earnings (anyone tried to cash a payroll check at a large bank recently? "that'll cost you $5, sir") I find it hard to believe that they would choose the more expensive OS to run their software.
Boy, some days... (Score:2)
wonderful (Score:3, Funny)
xao
Blue Screen of ... (Score:5, Funny)
Eh? (Score:2, Informative)
So its not that new an idea.
I have seen an ATM... (Score:2, Informative)
I actually saw a BSOD displayed on the ATM and it was frustratingly annoying...
Why can't the banks simply use the not-broken current embedded, probably written in assembly system that they use for ATMs now?
Why MUST it be changed? Are they going to add every service in the world to an ATM?
Great! Just what we need, long lines at the ATM, just like at the bank, where one person chews up the teller's time performing six months of banking at one time...
ATM Windows error picture (Score:5, Funny)
getting errors [getfunnypictures.com].
as much as i hate defending MS.... (Score:5, Insightful)
Great (Score:2, Insightful)
uh.. (Score:5, Funny)
"They have tried to cut out the unnecessary rubbish that clutters up the typical PC."
but.. but.. the article says they're running Windows.. now I'm confused.
How can I stay compatible? (Score:5, Funny)
Biggest pet peeve (Score:5, Insightful)
I Hate That!!!!
Re:Biggest pet peeve (Score:3, Funny)
Wireless Security & updates (Score:5, Insightful)
With the amount of local banks in my local area that are using unsecured (non-WEP) protected wireless access points on their local LAN, I wonder how long it will take for a RDC that tells the ATM to spit out money?
There are security updates that take months for companies to patch on their local servers & workstations... how will a known security vunerability be fixed on a "stripped" version of 2K or NT in an ATM, and how long do you think it will take them to impliment these updates, if they can update them at all?
IBM and Diebold (Score:5, Funny)
If this is true, I would expect IBM to be pushing a linux-based solution.
But then again, who knows what the banks want to buy? I just got a letter last week from my bank informing me that "for my security" they will be requiring online banking customers to use 128 bit encryption. Ack! 1998 called, they want their security back!
Usability (Score:5, Interesting)
From my own experience, and knowing what I'm doing, the OS runs a good bit slower than the tried and true green on black systems. Top that off with the annoying pointy finger and IE "click" noises, and you have an example of change for change's sake.
Of course, the only reason at all they seem to be using this new system is so they can bombard you with advertising while you're using the machine.
All and all, a bad change all around.
Pics of a Win NT ATM shutting down. (Score:3, Informative)
This is a bit worrying.
No more banks (Score:5, Funny)
Oh, and out of spite, i'll figure out a way to make my bed run FreeBSD* or something.
[*]"BSD" always makes me think of something like Bondage/Sado-Domination or something.
How about we already have ATMs running windows (Score:5, Insightful)
Here's some more info... (Score:4, Funny)
From Microsoft [microsoft.com] on how ATM works...
...
...
ohhhhh... you mean... gotcha... nevermind.
Is security really an issue here? (Score:5, Insightful)
Security concerns spreading (Score:5, Insightful)
Back when more of these systems used Unix, VMS, etc, it was not a big concern. The environment was so heterogeneous that you didn't need to worry. Now that everyone is running Windows, it becomes a huge problem.
I've been helping several of my customers lock things down and better isolate their control systems. There are plenty of ways to do this effectively but it only takes one careless tech to screw the whole thing up. While I'm confident that I can develop the infrastructure and procedures to protect the systems, I'm not confident that the procedures will be adhered to.
This has become such a large concern that many of them are reevaluating their purchasing decisions and considering turning away from Windows. The problem is that nearly all of the vendors are now producing Windows only solutions.
I would like to say that there would likely be similar problems if everyone was running Linux. While you can lock things down when you start to put the systems into the hands of less sophisticated users you will have the same problems. I see this as more of a user problem than a technology problem. The reason that these worms and viruses spread so fast is that users are not taking the procautions that they should.
Anecdotal support for this argument can be found at any large LAN party. There are always a number of bozos running Red Hat infected with all kinds of crap because they have no idea what they are doing.
You can give two guys the best woodworking equipment in the world and the best wood. One will produce an heirloom and the other will be in the emergency room getting his fingers sewn back on. There are more of the latter than the former in this world.
Not as big a security risk as you guys think (Score:5, Insightful)
The fact that they run Windows doesn't honestly mean much to me, because if the security experts in those banks are stupid enough to connect an ATM (or any number of other important machines internally) to any sort of public network... they're gonna get fucked at one point or another.
How often do you think a UNIX ATM's kernel/packages gets patched to fix that latest overflow discovered? Probably never.
windowsupdate? (Score:4, Funny)
what about 60% of the ATMs in the US hitting it?
Damn, we'll have to rename the slashdot effect into ATMeffect
Very questionable logic... (Score:4, Insightful)
Now this just doesn't make sense. Sure, I'd agree with a need to upgrade from OS/2 - even finding a way to put new software on OS/2 is going to get hard as time goes on. But why the decision to go to Windows rather than a sensible decision like embedded Linux, QNX, heck ANYTHING but Windows...
Windows does not provide the needed security, stability, or reliability needed for these applications. It does not provide real-time features that could allow certain security guarantees. The quoted reason, compatibility with "internal corporate networks" doesn't even make sense. Writing an interface for the functionality that ATMs provide might be an interesting project for an undergraduate intro-to-programming class. It's not like ATMs need to interoperate with the company Outlook Exchange server...
This sounds like a bunch of ignorant suits were herded into a room by MS salespeople and told the "benefits" of XP Embedded. I seriously doubt that anyone experienced who put any technical thought into the matter would decide to use Windows for ATMs.
Re:Very questionable logic... (Score:5, Insightful)
It comes down to (1) liability, (2) how well it works, and distantly (3) price. In that order. Most large resellers who would be installing these systems don't use Linux, so they would never pitch it to the banks. Why? Because in the corporate world, everyone knows Windows works and everyone is happy with it. It's a no-brainer to use. What's linux? Who cares? They use Windows every day. When it breaks, they call someone who fixes it. They would view it as "taking a chance" on Linux, and they're not paid to take chances. Upgrading ATMs is probably a deal that takes 3-5 years from the initial start, and that's too much to risk on an OS that they've never heard of.
As someone who has done troubleshooting for these type of systems, I'll tell you flat out, they don't care about security the same way you or I do. What they care about is whether they have someone to blame when it breaks. Sad but true.
MetroCard Vending Machines in NY... (Score:3, Interesting)
Best Ironic Quote of the Year (Score:4, Funny)
"With open technologies it is easier to run different types of hardware on the same software."
and that's right, he's referring to Windows as 'open' technology.
Banks are merging and acquiring different machines, and tired of writing changes a half dozen times or more. yet they're going with the high cost option, instead of the obvious one.
a -security- company -CTO- exec gets a runner up prize for 'Dumbest Thing a Security Consultant Could Possibly Say' by suggesting that the ATMs wouldn't be vulnerable to the myriad MS worms and viruses because they dont work online.
this not even a year after Slammer -did- manage to shut down many ATMs which -also- were not online.
This Wired article reads like an Onion article.
MS-DOS! (Score:4, Funny)
Images here [195.38.3.142]
The server is a powerful Pentium 120 with a whopping 40 MB of RAM, so if it's slow, just keep banging on it..
ATM security is not really at risk... (Score:4, Interesting)
Normally, the PIN you type is directly transfered (encrypted) to the secure device and does not go through the PC memory. So your PIN is pretty safe from any virus or trojan horse.
These requirements are imposed by VISA/Mastercard, because they take PIN security very seriously.
The remaining risk comes from an insider who would put a trojan horse in the ATM such that it would dispense cash automatically for example if you type a certain key combination
This does not endager your PIN though or any transaction. It's basically a problem for the bank
This is a rather complex attack, even if you have Windows, OS/2 or linux on the ATM (Windows might just make it easier). The hard part is getting into the system (these machines don't run any standard services and there are access control policies). There are easier and less dangerous ways to get money from the credit/debit card systems than hacking into an ATM in a protected environement.
One of the reasons they use windows is because it's the cheapest alternative (YES! Shock!
No, No, That's... (Score:3, Funny)
Speaking of... (Score:3, Interesting)
everything I submit gets rejected.
And because this is directly related to Windows security, well here ya go.
Also the BIG reason I submit this is the mention of the flaw. A SECURITY HOLE THAT HAS BEEN KNOWN FOR TWO YEARS and remains unrepaired..
Anyone that thinks Windows is or can be a secure enviroment lives on another planet..
http://www.cnn.com/2003/TECH/internet/09/19/worm.
New worm targets Internet Explorer
SAN FRANCISCO, California (Reuters) --Anti-virus companies warned on Thursday of a new computer worm circulating through e-mail that purports to be security software from Microsoft Corp. but actually tries to disable security programs that are already running.
The worm, dubbed "Swen" or "Gibe," takes advantage of a two-year-old hole in Internet Explorer and affects systems that have not installed a patch for that security hole, according to Internet security company Network Associates Inc..
The malicious program arrives as an attachment to an e-mail pretending to contain a patch for holes in Internet Explorer, Outlook and Outlook Express and then mails itself off to addresses located on the victim's computer.
Relay chat also vulnerable
The worm also can spread over Internet relay chat and the Kazaa peer-to-peer network, as well as copy itself over shared networks, Network Associates said.
When it infects a computer it alerts a Web site that appears to be counting the infections, according to Symantec Corp., another Internet security outfit. The number of the counter was near 760,000 by Thursday afternoon.
Network Associates rated the worm a low risk for corporate users and a medium risk for home users. The company and rival Symantec, among others, were offering anti-virus updates that detects and removes the worm.
Microsoft has cautioned customers in the past against e-mail software updates, saying it does not distribute patches that way but rather directs them to its Web site.
How ATMs really work (Score:4, Informative)
Believe it or not, there are people who get paid very well to administrate Windows computers and they like Windows very much.
I'm not sure how hackable these machines will be either. ATMs use either dialup or ISDN connections to communicate centrally with banks, so they're not going to be on any public network (check out http://answers.google.com/answers/threadview?id=2
Additionally, there isn't much room for hacking an ATM... I mean, without taking the thing apart, you have 21 keys maximum (4 - 8 keys to choose options on the screen, 10 keys for numbers, an OK key, cancel transaction key and backspace key) on most machines. Without opening the thing up, you're not going to get very far.
While Windows may not be secure over a public network with all sorts of services running, on a private direct connection with solid software, there's really no vulnerability here. You should learn a little more about how these machines work... they're not on some wide-open network hole waiting to be exploited.
ATM transactions are also encrypted, and I think we all agree that Microsoft is definitely pro-encryption.
So, before we go bitching about MS getting their stuff put on ATMs, I think we should look at the online interfaces to our accounts which are much more insecure than any ATM that will have Windows (and all the posts here seem to just be whining about how insecure it will be). I guarantee that you losing your ATM card is the most insecure thing that can happen in this regard without taking the ATM apart. A UNIX-based machine would be potentially just as vulnerable if you consider this possibility.
On the other hand, I think poorly written online banking software accessible through web-browsers on any platform is more of a security threat to your banking.
On a final note, in the Netherlands, anyway, banks give you this little device that you put your card in and it generates a hash that you have to type in every transaction. Is anybody aware of what is actually being hashed? I wouldn't think it's any private data on the card, because several banks don't require you to insert the card into the device. The best I can tell it's simply a couple of hashing algorithms hashing the current time (with about a 30 second period -- i.e. two hashes within n seconds generate the same hash) and... ? The PIN? Not sure.
Anyway, food for thought for you overly-hyped cynical freaks.
I can see it now... (Score:3, Funny)
You'd think they'd learn their lesson (Score:3, Interesting)
After worms killed Bank of America's Windows-based ATMs [cnn.com] and caused the greatest power outage in history you would think people would quit trying to use windows for secure environments. Windows is a desktop single user os for office workers. It is no good for any othe rpurpose (in fact being inferior even to Linux for even that purpose). For ATMs the banks should be using a secure RTOS of some sort, not a desktop OS.
Someone is going to have to put a stop to this nonsense. Our country's financial structure and infrastructure are threatened by Microsoft's predatory marketing practices and refusal to build stable secure software. The only answer is to ban their products in certain usage.
The real joke was when the Banks said that they wanted to use a more open operating sstem which is why they chose Microsoft. Yes, if you want a standard, open operating system rather than proprietary garbage use Windows. Hmm. Something wrong there. But then the Banks are using Windows for everythings else. So they find it easier to interface with Windows than anything else because that is what the MCSEs they hired know how to connect with.
Get the picture? Microsoft has made sure that their OS is a pain in the ass to connect to anything and that the more you knwo about their OS the less you know about computing in general or any other OS. Therefore the path of least resistance is to just install Windows for everything. Of course if it were me the path of least rsistance would be to tell the MS salesguy to get the fuck out of my office and tell the MS software to get the fuck off my machines. Then I would install something stable, secure, usable, and open source.
If everyone did that we would have less computing problems all around. Too bad we have idiots who still insist on using piece of shit software.
Crashing ATMs (Score:5, Funny)
I've had a picture of this ATM [ivo.nu] for the past 5 years on my website :)
Proof Windows Can Be "Lite" (Score:4, Interesting)
Of course, this comes after the fact. So maybe you could argue Windows has been re-architectured since the legal trouble, but I doubt anyone with a knowledge of complicated software engineering and familiarity with Microsoft's code bases could say that under oath.
I sense a need for a return to the gold standard.. (Score:3, Funny)
For the tin-hat wearers out there (and you know who you are):
Does anyone find it interesting that the leading ATM company, Diebold, is going into online voting, while Microsoft, a company known for its dirty dealings, is going into ATMs?
Microsoft recommends Windows XP Pro for ATMs (Score:3, Interesting)
And Diebold bought it. [diebold.com] Diebold is going Windows.
This is scary. It's going to be so tempting to hang the ATMs on the bank's internal Internet and save money. And you know Microsoft will screw up and leave a port open, or leave something in the OS that calls home. The DES protection may protect the ATM transaction messages, but what about Windows Update. And yes, Microsoft does suggest installing remote "upgrades" and "hotfixes".
This just makes no sense... (Score:4, Insightful)
No-one in charge ever seems to take a second look and ask "do we really need a multi-GHz processor and OS just to decode a PIN and dispense cash?". I know Windows is ubiquitous, and seems like the safe option. But it's overkill, and any time you install way more computing power than you need, you're being wasteful, as well as taking a risk. Of course it has been amply demonstrated that Windows is NOT SECURE no matter how much the Microsoft salespeople claim otherwise. Note, I'm not saying Linux is necessarily better. I'm questioning the need for a full-blown OS at all, in these applications. Hell, I could build a simple ATM using hardwired logic gates. Installing a known-insecure consumer OS in a mission-critical application is fscking stupid, and it will cause problems. The people that make these decisions are simply hoping that they'll be promoted far enough up the ladder before it happens that someone else takes the blame.
I know the reason this happens is that by using a standard system it's much cheaper; you just have to find some VisualBasic code-monkey and whip up an application. Fundamentally, the problem is that the cost of this kind of insecurity is a) not immediately apparent and b) not born by the company. The costs associated with a cracked ATM will just be passed on to the consumer. The cost of the blackout will similarly not hurt the stockholders of FirstEnergy.
The simple truth is that sometimes you need regulation and enforcement; if there wasn't an FAA you can bet your life that 777's would run on Windows XP by now, with a literal BSOD on a weekly basis. OK, that's a bit extreme. But let's look at that situation as an example... I know reliable flight-control software is expensive, so let's assume that if allowed, some company would be tempted to use cheap off-the shelf equipment and software, thus making a cheaper plane. Pretty soon they would outcompete other builders (the margins are pretty thin on those things). Remember, if the only planes available were ones that ran XP, you as a consumer would have no choice as to what you flew. If every airline had a crash that often, there would be no competive pressure to improve (that's "just a cost of doing business"). The point I'm trying to make is that sometimes competive price pressure results in a "race to the bottom" in terms of safety, quality, or reliability. I suspect that's what we're seeing here.
My experience with a microsoft ATM (Score:5, Interesting)
Then all of a sudden, the screen went blue. I stared in disbelief for a moment, then a boot sequence began to display on the screen. And what did I see on the bottom of the screen, but the Microsoft trademark. I couldn't believe it. I had been bluescreened at the bank. I had to get the bank to credit the money back to my account and to get my card back (which I couldn't get back for a couple of days). So I guess you could say that I am less than thrilled about Windows running ATM's.
Windows 98 + Java (Score:3, Interesting)
I had the opportunity of watching one of the local banks put in an ATM at the mall. The machine had a full PC in it, along with a modem of some sort (DSL? ...I wasn't asking questions).
They installed and set up Windows 98 and then put a Java virtual machine on it...version 1.3.1 for that machine. The ATM software was built in Java.
So...what is the point of that? Why pay for a Windows license and deal with their BS? If you are just going to run a Java application, why not pick a free OS and use Java on that? What was the "value added" by Windows?
Re:Public BSOD (Score:3, Interesting)
Re:Public BSOD (Score:5, Informative)
http://zem.squidly.org/bsod/ [squidly.org]
http://www.piemaster.co.uk/gallery/BSOD [piemaster.co.uk]
Re:Viruses? (Score:3, Insightful)
Re:Ummm... spot the problem... (Score:3, Informative)