95% of ATMs Worldwide Are Still Using Windows XP

BUL2294 writes "95% of the world's ATM machines are still running Windows XP and banks are already purchasing extended support agreements from Microsoft. (some of the affected ATMs are running XP Embedded, which has a support lifecycle until January, 2016). 'Microsoft is selling custom tech support agreements that extend the life of Windows XP, although the cost can soar quickly—multiplying by a factor of five in the second year, says Korala. JPMorgan is buying a one-year extension and will start converting its machines to Windows 7 in July; about 3,000 of its 19,000 ATMs need enhancements before the process can begin...'"

Relevant XKCD

[iYk6]

https://xkcd.com/801/ [xkcd.com]

Re:Relevant XKCD

[Art Challenor]

I was thinking this one: http://xkcd.com/463/ [xkcd.com]

Re:

[ILongForDarkness]

Except that the hardware drivers were probably written for windows by developers with windows desktops. That is often the case. So "porting the JVM" probably never came into it. Put a full PC in the box and your drivers don't need to be rewritten (or you have to hire developers that know something different) is probably more like it.

Re:

[ackthpt]

Ah, a good old Nelsoning is hard to top.

Price?

[mriswith]

The cost of the support agreements, would still be less than the replacement of several thousand ATMs and internal systems. There is a reason why people do this, and it's not just lazyniess..

Re:Price?

[icebike]

There is a reason why people do this, and it's not just lazyniess..

Still, you would have thought they would have learned a few lessons by now.

JPMorgan is buying a one-year extension and will start converting its machines to Windows 7 in July;

Anything that can run Windows 7 could run linux.
Anything that can run embedded Windows 7 would have no problem running linux.
Or OpenBSD.
You can replace the entire motherboard and processor with something 10 times as expensive as a Raspberry Pi for $350, and still save money over paying Microsoft extensions for every terminal.

There will be several companies dragged before congress [nbcnews.com]. There have been multi-billion dollar losses. How many times do you have to let hackers make you their bitches before you cry uncle and at least look at a Linux solution?

Re:Price?

[anubi]

This whole affair of what platforms to use puzzles me greatly. I am of the opinion that the selection process has everything to do with politics and little to do with substance.

I feel a lot of it has to do with a corporate mentality of holding everything blameless with contracts which have to be signed off on before the business will do anything. "Hold Harmless" seems the byword of the day.

I have tried to use Micrium's uC/OS [micrium.com] products, based mostly on their certifications for mission critical affairs such as aircraft and life support [micrium.com]. For me, this thing is like a "Super Arduino" for embedded applications.

Business will pay for people to play down everything the "leadership" type does not understand, and personal experience tells me that if I do not recommend Microsoft, I will not get the job. Regardless of my belief and experiences to the contrary. Its been my observation that once one gets high enough in corporate hierarchy, one is forced to play CYA, and the only way to play is find someone else to pin the blame on if things go sour - better yet be able to blame someone big - so the guy who hired them does not take the fall for it.

There seems to be a trivial amount of effort expended to mitigate the probability of a breach in the first place.

I am not trying to shill for Micrium - I just like their product and their philosophies of supporting an OS. It is all quite well documented [amazon.com] ( link to the book I use all the time ).

NetBurners run this code. This had been the most robust system I have ever studied, yet I find few people who are willing to let me implement it - and for now it runs on a machine I have for my own edification.

My own feeling if anyone wants to hack a bank ATM, go for it. No one's responsible, its just another ledger entry to the bank. If the thing gets too out of hand, the government will make it up to them.

Re:

[icebike]

Why not?
Nobody has successfully proven a patent infringements in Linux.
Even Microsoft has given up, and is now a major Linux contributor.

Re: Price?

[icebike]

Your spewing FUD.

Google, Amazon, IBM, and even Microsoft themselves are all HUGE Linux users.
Big business isn't afraid of Linux.

Re:

[jedidiah]

> And I guarantee you that each and everyone of the firms you have listed has paid some patent holder licensing fees

No you can't.

Even if you could. That only supports the use of Linux by such companies. It means THAT IT'S ALREADY PAID FOR.

In your rush to make up stupid shit, you failed to think things through.

Re: Price?

[icebike]

Nice try:

ORDER granting 829 Stipulation of Dismissal filed by Bedrock Computer Technologies, LLC, Google Inc. The verdict rendered in this matter is VACATED and all claims for relief asserted by Bedrock against Google are DISMISSED with prejudice.

http://docs.justia.com/cases/federal/district-courts/texas/txedce/6:2009cv00269/116887/830/ [justia.com]

Bedrock also lost to Yahoo and Amazon, over the same patent and they have thrown in the towel.

Re:

[icebike]

Exactly. They waived any right to appeal, because their patent is going to be invalidated.

Re: Price?

[MightyMartian]

What a load of shit. Some of the biggest corporations in the world use Linux.

IBM demonstrated quite nicely what happens when some patent troll tries to shut down Linux.

Re:

[fredprado]

Because the multibillion dollar organization, averse as it may be to risk, is very hard to bully especially when you are trying to patent troll them.

Re:

[dbIII]

Face it kid, linux is so mainstream these days that even Haliburton not only use it but sell software to run on it.
If you are object to being called "kid" then I suggest not acting like one.

Re:

[Immerman]

You are suggesting that Microsoft will indemnify you against patent infringements? Really? Since when?

I must have missed that announcement.

Re:

[jbolden]

. I'm a little out of date about commercial Linux vendors but as of a few years ago, no commercial Linux distributor offered indemnity because they couldn't.

Novell (Suse) offers this since 2004
Oracle since 2006
Redhat since late 2006

That being said I don't see the problem with Linux.

Re:

[mcgrew]

Ever heard of a supercomputer? You know, those computers that cost millions of dollars and are the fastest computers in the world? Well, the fastest ten all run Linux. Guess who can afford a computer like that?

Guess what OS routers are running. Yep, Linux. Guess what Pixar and the other CGI houses use? Linux. Do you think the automakers are using Windows to run simulations??

The only Windows computers are the little ones sitting on office drones' desks. The big iron mostly runs Linux these days, where it use

Re:

[dbIII]

Come on now. I don't need to read any Alex Gabbard derived propaganda (Oak Ridge administrator who wrote the "terrorists can build nukes out of fly ash" bullshit that kicked it all off) and neither do you. You can look at a reliable source of where coal came from to see how stupid the suggestion is. You can then look up the composition of the most radioactive coal on the planet and calculate how many hundreds of thousands of tonnes you would need to extract enough material to get the famous "banana dose"

Re:

[icebike]

Why would the network side have to be replaced?
Data is data.

Re:

[afidel]

Plus the XP part of the ATM has nothing to do with the network, that's all handled by IBM black box crypto modules (or at least it was when I worked as a field tech for Global Services, we could do maintenance work on the PC running the GUI but there was a special group for handling the crypto boxes).

Re:

[viperidaenz]

Because data may be data but proprietary protocols are proprietary protocols. If you replace one side with new software, who's going to support the other side?

Even if there is supposed to be some kind of standard... Like IBM saying the Banking Transformation Toolkit is only supported on an IBM JVM, even though its plain old Java and will run on an Sun/Oracle JVM, they will refuse to support it.

Re:

[icebike]

Because data may be data but proprietary protocols are proprietary protocols. If you replace one side with new software, who's going to support the other side?

Who ever is supporting it now.
The existing protocols can remain in place. The existing backends can remain in place. Data is Data whether sent by Windows or Linux.

Were you somehow under the impression that the entire internet was rebuilt specially for you
each time you got a new computer or switched from Windows to Linux, to Mac?

Re:Price?

[icebike]

Banco do Brasil [atmmarketplace.com] moved to linux ATMs in 2008. IBM backends, Linux ATMs. As has Banrisul, largest southern region bank in Brazil.

Third biggest ATM country in the world, and you haven't heard of it?

Re: Price?

[Culture20]

no one bothers hacking 1000 machines

They do if
# eject /dev/cash
spits out ten $20 bills at a time.

Re:

[alex67500]

I'm not sure what is funniest. The comment itself, or the fact that it's modded insightful... :-D

Re:Price?

[turbidostato]

"The cost of the support agreements, would still be less than the replacement of several thousand ATMs and internal systems."

It won't. Is this extended support going to avoid XP from being replaced? I bet not. Therefore paying for the extended support *plus* replacing is certainly going to cost more than just replacing.

"There is a reason why people do this, and it's not just lazyniess.."

It *is* lazyness.

The very day they started deploying XP they knew that would come to an end for the very reason they were using a closed-source license-based operating system.

Paying through the nose now for something they knew it was coming but didn't nothing in time is the very definition of lazyness.

Re:

[viperidaenz]

'license-based' has nothing to do with it.
They don't have to stop using the software, they just won't get free security updates.

closed-source also has nothing to do with it.
It it were open source, they'd need to hire staff to do the maintenance.

Re:

[tftp]

Is this extended support going to avoid XP from being replaced? I bet not. Therefore paying for the extended support *plus* replacing is certainly going to cost more than just replacing.

That's not the case. XP-based ATMs probably run on a horribly slow SBC that has 512 MB of RAM (why to pay for more if the application does not need it?) The goal of this extension is simply to wait until existing machines reach their scheduled replacement dates. Then they will be scrapped. The new machines will be based

Re:Price?

[AmiMoJo]

Stop and think what using Linux would mean for them for a moment. They would have to pay hardware manufacturers to provide Linux drivers, or write their own. Those ATM NICs are proprietary and use certified encryption, so it's not even just a case of hacking some code together, it needs expensive certification as well.

They would also have to employ some experts to do OS level support for them. They are not paying Microsoft for security patches, this is an embedded system. They are paying for technical support when they have issues. That cost would probably be close to what they would have to pay some Linux experts, and they wouldn't have any other company to blame when things went wrong.

I'm not saying Windows is definitely a better solution, but Linux isn't as wonderful as you think either. No matter which one they picked they would have issues, but it an ancient Linux kernel that needs support or an ancient Windows kernel that needs support.

The Market?

[Anonymous Coward]

If there is that big of a market why is nobody selling/buying a replacement OS already? Particularly one cheaper than windows.

Re:The Market?

[icebike]

Because Microsoft can be sued if they need to?

Ah, no. Not going to happen.
Your hardware, you installed the software,
You managed it for the last 10 years,
You probably didn't apply patches...

No way that ever gets a dime out of Microsoft in court.

Re:The Market?

[camperdave]

Banks wouldn't sue in a case like this. Banks would go to the government for a bailout.

Re:

[jones_supa]

Actually all those things have seen massive improvements in Windows 6.x.

should have gone with a browser...

[johnjones]

I never understand why ATM's dont use HTML/SVG and then the OS is replaceable as a browser is the interface and a HTTP server security is well understood and network security would be part of a core competency

thoughts ?

john jones

Re:

[Dan East]

Maybe they do now, but the ATMs in question are so old they are running a 12 year old OS. Do you happen to remember the state of HTML and web browsers 12 years ago? I'll give you a hint. They certainly didn't support SVG then.

Re:

[DaHat]

HTML/SVG tend to be sandboxed to some extent... ditto for JavaScript... how do you propose your HTML based ATM interact with the card reader, cash dispenser, receipt printer or deposit slot?

ATMs are more than just a touch screen with a UI.

Re:

[dantotheman]

Maybe they do now, but the ATMs in question are so old they are running a 12 year old OS. Do you happen to remember the state of HTML and web browsers 12 years ago? I'll give you a hint. They certainly didn't support SVG then.

HTML/SVG tend to be sandboxed to some extent... ditto for JavaScript... how do you propose your HTML based ATM interact with the card reader, cash dispenser, receipt printer or deposit slot?

ATMs are more than just a touch screen with a UI.

ActiveX controls running in IE 7

shiver...

Re:

[icebike]

I'd wager there is nothing in the typical ATM that a Rasbperry Pi couldn't handle.

Re:

[deKernel]

Then I would say you have wagered wrong. As I stated above responding some another persons uninformed opinion, the volume of crazy unique hardware in an ATM that you have to support might surprise you.

Re:

[sjames]

I'll bet the Windows7 install disk doesn't come with drivers for that crazy hardware either. If you're going to have to write the drivers anyway, the crazy hardware doesn't affect your OS choice.

Re:

[sjames]

ATMs are a bit of a rarefied field. There's not a lot of vendors and there' not a lot of customers, but the customers that are there are large volume. If JPMorgan et. al. say Linux drivers or else, they get Linux drivers.

Re:

[johnjones]

HTTP server is local... browser is local !

Re:

[ndykman]

My eye is twitching from some strange reason.

Re:

[ixidor]

right but thats the point, if the core app is html based any os should work. stick some linux or bsd on there to talk to the network card.

Re:

[deKernel]

Make a suggestion, get to know all of the crazy pieces of unique hardware that an ATM MUST support. Here I will give you a hint on just one: you know that clunky old 16 key keypad you see...well that does FAR more that just send key presses.

Re:should have gone with a browser...

[Artifakt]

On some designs, a 16 key pad has extra pinouts which were originally intended to drive the circuits for Dual Tone Multi Frequency signalling built in (think of AT&T). These don't drive tone generators in ATMS, but they may reliably put out a square wave 1/2 second long pulse while the main pinouts are outputting a pulse of the length the finger stays on the key.
        On other designs, it has sensors to disable signaling when temperatures get above a certain value (think of the anti-fire security common on elevator keypads - this gets used on some 16 key designs because they also get used in door security systems, rather than them commonly being used in elevators, or people really worrying that an ATM on fire may start spewing money).
        Some designs used to incorporate the very same additional chipset used in soda machines so the owner could put those into maintenance modes (see "hacking coke machines"), and they let the ATM service tech run diagnostics by entering a reserved pin number or longer sequence, but I'm not sure if any of those last are still in use.
        There are rumors of radio frequency signalling built in, and sometimes actually used to get the pad signal to the servos it controls when the physical mounting for the ATM is in a sufficiently awkward location. I don't think those rumors are likely, but I wouldn't just assume they are completely bogus either. Alternately, I suspect the parent poster may be referring to various claims that the pads can be used to scan fingerprints and even to tell a live finger from a severed one, but these last are certainly urban legends.

Obvious choice I think

[Mateo_LeFou]

Windows XP is the only operating system stable & secure enough to handle sensitive transactions such as cash dispensing.

Re:

[abirdman]

Brilliant!

Re:

[wvmarle]

Well, in a way you may be right. WinXP is so old and so well understood now, that pretty much all possible attack vectors are known and can be defended against. Knowing your enemy is important.

Can't say that much of other OSes, like Linux or Win7. They are not as well known by ATM builders. And that's just the OS, not the software running on it and doing the actual work (interfacing with the user, with the bank, dispensing the money, etc), which would have to be rewritten from scratch (all of it, including

Windows..

[nurb432]

Is a bad choice anyway. Not just a Microsoft bash, but aside from all the security issues, windows is XP is a desktop platform, not a OS to be putting on dedicated devices ( even the so-called embedded version really isn't any more appropriate for this, don't let the marketing folks fool you )

An ATM should be running off a custom embedded OS targeted for this purpose, not a commodity OS.

Re:Windows..

[Em Adespoton]

An ATM should be running off a custom embedded OS targeted for this purpose, not a commodity OS.

It is... it's called XP Embedded, as outlined in the summary. And yes, bank machines were a major target during XP Embedded's design phase.

Of course, it would make MORE sense to use an embedded OS where the banks/ATM manufacturers have full access to the source.

Re:

[alen]

from what i read bank machines are a major target for a lot of software products being used today

Re:

[Kjella]

Of course, it would make MORE sense to use an embedded OS where the banks/ATM manufacturers have full access to the source.

OS/2 had its heyday in the early 90s, ATMs used it way into the 2000s.
XPe had its heyday in the early 00s, ATMs are using it way into the 2010s.
Embedded Linux has its heyday now in the early 10s, draw your own conclusions.

ATM vendors are extremely conservative, they tend to use platforms others already think are obsolete. They'll come along eventually, it's not like the cell phone market where you can flip the market upside down in 2-3 years.

Bit of a stretch to call it an embedded OS

[dbIII]

Even WinCE is a slow as a wet dog thing that drives up the cost of hardware required if you need any sort of performance. These things are big and slow on limited hardware.
Short term convenience and a perceived possibility of a reduced time to market won over utility with these things.

Re:

[afidel]

What makes you think the banks don't have full access to the source of XPe? Major companies, governments, and many academic institutions have access to the Windows source code. Trust me, anyone forking over the millions for an extended support agreement with MS can get access to the source if they need to.

Re:Windows..

[erice]

Is a bad choice anyway. Not just a Microsoft bash, but aside from all the security issues, windows is XP is a desktop platform, not a OS to be putting on dedicated devices ( even the so-called embedded version really isn't any more appropriate for this, don't let the marketing folks fool you )

An ATM should be running off a custom embedded OS targeted for this purpose, not a commodity OS.

Who is going to write, maintain, and keep secure this custom OS?

The trouble with custom embedded OS's is that, in spite of the best intentions to limit their scope, they almost always need more features than can be written from scratch by a small team and be obviously secure. So they port code from more commodity OS's. Due to limited resources, the code in the embedded OS tends to fall behind. The porting effort can introduce bugs too that are non-obvious to the guy doing the port because he doesn't fully understand what he is porting.

Not just ATMs....

[ub3r n3u7r4l1st]

Went to a hospital a week ago that was newly opened late last year. All workstations are the Lenovo all-in-ones with the Windows 8 sticker on it. Guess what operating system they are running on now .... Windows XP Professional (at least that's what the screen saver said.)

I saw an IV infusion pump being rebooted by a nurse. I hear the famous chine of Windows XP shutting down.

yes, but...

[Anonymous Coward]

"95% of the world's ATM machines are still running Windows XP

Yes, but what about the *automatic* ATM machines? Those are the ones I most am concerned about.

Re:

[CannonballHead]

I'm actually more concerned with the those ATM teller machines outside of my bank.

Re:

[CBravo]

Those with LCD displays or with those old CRT tubes?

Go to 8

[cosm]

To hell with 7. Please put Windows 8 on the ATMs instead! I already love how ATMs do a wonderful job of selecting the wrong option for me after finally getting the card to take, only to then take me into the Spanish menu, spitting out a receipt, and then not accepting my card again while the line forms behind me! Metro can only enhance this lovely experience! Hell, add a kinect to it so when I flip it a golden salute it recognizes my input and doubles the ATM fee! Gotta keep up with the bank's great customer service these days!

Re:Go to 8

[CannonballHead]

Actually, how would Metro be a bad thing? This is pretty much exactly what Metro is meant for - one application, completely full screen, used with a touch screen ...

Comment removed

[account_deleted]

Comment removed based on user account deletion

Let's go one better...

[djbckr]

Is the dispensing software is written in Java? Half kidding, and wondering at the same time.

Re:Let's go one better...

[Anonymous Coward]

I worked for an ATM software development shop called Phoenix Interactive. The software we wrote was mostly C++, with some C mixed in to deal with updating the main software. The main ATM manufacturers (Diebold, Wincor, NCR) all only create Windows drivers (or did, 10 years ago when I worked there). The OS is locked down hard, while you may see the occasional blue screen, even if you had a keyboard plugged in you would not be able to stop the software from running or move it to the background without triggering a restart and a tamper alert back to the bank. Windows can be locked down just as well as Linux, it's just a royal pain in the ass to do so.

I throw this out there often

[TheRealMindChild]

As someone who has worked with Diebold, they have never have more than 3 programmers and they only use and have ever used Visual Basic. This is why their ATMs (and voting machines) are required to run Windows.

Re:

[unitron]

What did they do before Microsoft came along?

ATMs were around in the early '70s when Gates was running something called Traf-o-data, what did they run on then?

OS/2 Warp

[transporter_ii]

[O]verall, OS/2 failed to catch on in the mass market and is little used outside certain niches where IBM traditionally had a stronghold. For example, many bank installations, especially Automated Teller Machines, run OS/2 with a customized user interface.

http://en.wikipedia.org/wiki/OS/2 [wikipedia.org]

Re:

[exomondo]

OS/2 Warp was around in the 70s?

Re: I throw this out there often

[ColdWetDog]

Midgets. Lots of midgets.

Done timely/properly/affordably

[FuzzNugget]

They chose the wrong two.

Why XP?

[ukoda]

Yes, I am a Windows hating Linux user but the question is serious, not flame bait, why would they chose XP in the first place and why have they not moved to something else in the last decade?

With real cash at stake I would have probably started with a minimal BSD OS and just added the minimal graphics, comms and I/O libraries needed to support the main application. I'm sure others here have their own ideas of the best OS, most excluding Windows?

Re:

[Billly Gates]

Easy.

Visual Basic 6 support for those all so awesome apps that can down an economy hired by Indians from Craigslist

Re:Why XP?

[tftp]

why would they chose XP in the first place

XP was a very good choice compared to Linux as it was 12 years old. Cost of Windows ($50 per copy?) was entirely immaterial. The important things were maturity, support, features, and toolchain. Linux in the year 2000 was light on those. Where in Linux's Event Viewer is the Security Log? How many objects can be audited in Linux? In NT - a lot, and it all was available immediately. In the toolchain department even today autotools give you a horrifying experience compared to MSVC.

Developers of ATM took the most complete foundation for their work (the OS) and then added what was custom. If they started with Linux, or BSD, or DOS, they'd have to add far more - and the more you write yourself the more you have to maintain. If they started with Linux that would be kernel 2.0.x - and today we are on 3.x, with gigabytes of patches applied to libc and other essential components of the system. It would be extremely difficult to upgrade and maintain.

and why have they not moved to something else in the last decade?

Who is going to pay money for fixing what isn't broken? It's not broken even today, that's why they want to keep the machines running. It's pretty expensive to send engineers to tens of thousands of ATMs to upgrade them, since doing it remotely might be too scary. The hardware also probably went through ten revisions, so each ATM runs its own set of drivers that were customized to the hardware that is installed. Your upgrade task would require you to support all that old hardware - and that is a dead end job. Better to just keep the thing running until it falls apart, and then replace it.

JP Morgan

[Nethead]

About two years ago I was a field tech and would get service calls to JPMS. Most of the time it was just to move fax machines around or to make a jack live. Sometimes it was to try to get a PC to boot. There is SO much legacy cruft in the boot image of a JPMS desktop that it can take three boots just to get the damn thing stable. Some of the boot code even flashes by "DOS TCP/IP 1.0" as it goes by. They have decades of cruft to dig through to get those things anywhere modern. I have pity for the admins trying to roll this out, I really do.

On the other hand that damn image is used by hotshot investment brokers to transact multi-million dollar trades everyday. That image is a lot of their "secret sauce" that they use to make a shit load of cash. It's a tool that has made them trillions. I can see why they don't want to fuck with it. They would gladly have me hang around for a day at a few hundred dollars an hour (not that I was seeing 20% of that) just to make sure the hotshot could do his job. The hotshot's downtime cost them thousands of dollars an hour. Imagine having to roll out an image to 1000 hotshot desktops and have it fail for even a day.

That's a lot of incentive to keep the boat from rocking, whatever the cost.

Remember that a lot of that legacy code is interfacing with mainframes that are running code before the advent of PCs.

Re:

[KingOfBLASH]

Not as if badly designed software which is just "secret sauce" couldn't ever result in a massive, multi-million dollar trading error

http://en.wikipedia.org/wiki/Knight_Capital_Group [wikipedia.org]

And in 3 years time to start over!!

[Billly Gates]

Windows 7 EOL will start LOL.

That's what you get for waiting until the last minute. Many corps won't see it as a 8 year old OS but a 3 year and will throw hissy fits like the XP ones are now

Re:

[afidel]

Windows 7 embedded is supported through July 27, 2025, that's one reason these kind of applications have flocked to MS, they offer longer support than even IBM for a given OS release.

MSMQ

[aviators99]

I believe MSMQ is used in banking a lot, and I wouldn't be surprised if it is used in ATMs, due to its robustness. AFAIK, there is no *NIX port for it.

Well son I remember when they were all OS/2

[ToasterTester]

Blame IBM for killing off OS/2. I worked for one of the major banks and years after OS/2 died they were still running it because the main teller software ran on OS/2 and the company that created it rufused to port it to anything else.

The govenment monitors the banking banks and if someone came up with Linix ATM software that could pass govenment regulations and a ease migration path you'd probably see a mass move from XP to Linux. Because the banks what one does most the other do.

Living under a rock JP Morgan?

[fahrbot-bot]

JPMorgan is buying a one-year extension and will start converting its machines to Windows 7 in July; about 3,000 of its 19,000 ATMs need enhancements before the process can begin...

Um... Start converting 4 months after XP goes EOL? Did they *just* find out about the deadline? And why can't they start upgrading the other 16,000 systems? I'm pretty sure XP and 7 systems can be operated together...got one of each in my office - for testing.

Re:

[suso]

It seems every article that mentions OS/2 makes mention of how entrenched it is in ATMs...

There is also a restaurant up the street from me that has the best burgers in town.

Re:What about OS/2?

[Anonymous Coward]

OS/2 was entrenched. The ADA a couple of years ago declared that all ATMs must have blind support. That meant adding sound. The OS/2 machines could in the main not support that service and as such were retired. It was a field day for NCR, Hyosung and Diebold with hundreds of thousands of new ATMs being purchased. These new ADA compliant ATMs were replaced mostly by Windows XP driven ATMs, with the promise that the ATMs could be upgraded to Windows 7 when it became necessary.

I have only been working with Diebold, but they are refusing to hire sufficient (or maybe any idk) additional hands to deal with the necessary surge in maintenance to upgrade to Windows 7.

All that being said, the XP ATMs are perfectly safe. They are behind some rather crazy firewalls. It would be rather difficult to get into them to take advantage of any potential problem. (The issue for the bank / ATM driver / card processor not being the loss of the cash, but rather the loss of the customer information.)

Hmmm. Better post this anonymously.

Let me laugh even harder...

[Anonymous Coward]

All that being said, the XP ATMs are perfectly safe. They are behind some rather crazy firewalls.

Nope.

http://www.extremetech.com/extreme/173701-atms-running-windows-xp-robbed-with-infected-usb-sticks-yes-most-atms-still-run-windows [extremetech.com]

And another successful attack vector using Plotus http://www.atmmarketplace.com/article/221087/Mexican-ATMs-fall-prey-to-new-cyberattack [atmmarketplace.com]

Successful malware attacks (both gaining access to the local cash and screen scraping and keystroke recording of customer information) through ATMs have been going on since 2008 and Diebold would most certainly be well aware of this, even if they are choosing not to bring it to your attention.

Re:

[KingOfBLASH]

Mod parent up!

Re:

[paugq]

No, sound support is not reason enough. OS/2 ATMs in Spain have blind support, including sound.

Re:

[egcagrac0]

I see more ATMs running Windows 2000 than Windows 95.

I think Windows 98 and OS/2 still have a comparable market share, however.

JPMorgan = helpdesk in Philippines & IT subcon

[Joe_Dragon]

JPMorgan = helpdesk in Philippines & parts of IT subcontract out (at least the field part is) and likely parts office IT as well.

Re:JPMorgan == To Big to Fail

[plopez]

Meaning they do not have to be smart, efficient, or customer oriented. No matter how badly they screw up Congress will be there to rescue them.

Re:

[roc97007]

Yeah, there must be, oh, thousands of ATMs out there.

Re:

[camperdave]

Wouldn't surprise me if there were more ATMS than Windows mobiles.

Re:

[roc97007]

I'm a little surprised they're not trying to push one code base on PCs, tablets, phones, ATMs and Warships.

2.2 million.

[westlake]

Yeah, there must be, oh, thousands of ATMs out there.

2.2 million.

Average amount of time a new ATM machine is installed --- 5 minutes ATM Machine Statistics [statisticbrain.com] [2012]

Automated teller machines (ATMs) (per 100,000 adults) [worldbank.org] [2009]

US 173
Canada 205

Re: Wow.

[VTBlue]

Most people who comment on Microsoft stories here are clueless about the company's product portfolio, customer base, policies, and competitive status. Not saying that you're one of them though >:)>

Re:Global Financial Collapse

[roc97007]

Actually, that doesn't worry me nearly as much as Windows for Warships.

Re:

[Anonymous Coward]

Actually, that doesn't worry me nearly as much as Windows for Warships.

You jest but the US Navy was (is?) using Windows as the OS for drive-by-wire hovercrafts. One bluescreened and ran out of control in San Franscisco.

~Demonoid Penguin (moderating)

Re:

[YrWrstNtmr]

Ahhh....that meme is so tired. You do realize that wasn't a 'Windows' issue, but rather a crappily created application issue. IIRC, an input that allowed a zero (or null) value when it shouldn't have.
Or are you trying to assert that crappy applications can only be written for the Windows platform?

Re:

[0123456]

Or are you trying to assert that crappy applications can only be written for the Windows platform?

The kind of people who pick a crappy operating system to run their applications also tend to write crappy applications.

Re:

[westlake]

Actually, that doesn't worry me nearly as much as Windows for Warships.

The USS Yorktown (CG-48) was decommissioned in 2004.

Life goes on.