Domain: atmmarketplace.com
Stories and comments across the archive that link to atmmarketplace.com.
Comments · 17
-
Re:Price?
Banco do Brasil moved to linux ATMs in 2008. IBM backends, Linux ATMs. As has Banrisul, largest southern region bank in Brazil.
Third biggest ATM country in the world, and you haven't heard of it?
-
Let me laugh even harder...
All that being said, the XP ATMs are perfectly safe. They are behind some rather crazy firewalls.
Nope.
And another successful attack vector using Plotus http://www.atmmarketplace.com/article/221087/Mexican-ATMs-fall-prey-to-new-cyberattack
Successful malware attacks (both gaining access to the local cash and screen scraping and keystroke recording of customer information) through ATMs have been going on since 2008 and Diebold would most certainly be well aware of this, even if they are choosing not to bring it to your attention.
-
Re:It's actually quite safe.....as long as you don
Just to clarify your point, 2015 is for New Zealand and Australia, for the US/Asia it's 2013:
(Not sure where you're based)
http://www.atmmarketplace.com/blog/6355/EMV-deadline-for-U-S-ATMs-the-race-is-on
However, considering the short time frame of this, I can't see how it's going to go smoothly. As you say, the merchants are all going to be very upset at this but tough to them - Europe has had EMV for years now, it's about time everyone upgrades.
-
Re:Job-killing automation
There was no hint in the announcement made by Jack Lew, director of the Office of Management and Budget, that Kundra's exit was prompted by a shift in the White House's view on IT.
You mean how greedy businesses have caused job-killing structural changes in the economy by implementing efficiencies like ATM machines and airport kiosks that hurt workers?
Nowhere in the article you provided did I see that tone. Instead, the tone was simply stating that certain types of jobs are now obsolete (or their demand has dramatically reduced) due to technology. Similar to the decline of buggy and whip makers.
Obama:
"There are some structural issues with our economy where a lot of businesses have learned to become much more efficient with a lot fewer workers. You see it when you go to a bank and you use an ATM, you don't go to a bank teller, or you go to the airport and you're using a kiosk instead of checking in at the gate. All these things have created changes in the economy, and what we have to do
... is identifying where the jobs for the future are going to be." -
Job-killing automation
There was no hint in the announcement made by Jack Lew, director of the Office of Management and Budget, that Kundra's exit was prompted by a shift in the White House's view on IT.
You mean how greedy businesses have caused job-killing structural changes in the economy by implementing efficiencies like ATM machines and airport kiosks that hurt workers?
-
Another victim of Windows !!!I am surprised it took this long to happen, but it was inevitable since the industry switched their ATM's over to Windows:
When will people learn
... windows is bad for you ! -
Re:trouble ahead?, trouble behind.
There are a sizable number of ATMs that run Windows now. Two ATM specialists claim that "most manufacturers stopped shipping new ATMs with OS/2 in early 2005." With both NCR and Diebold committing to Windows for ATMs, it won't be long before they become even more prevalent. Some banks are migrating completely to Windows-based ATMs simply for the advantage of having a flashy screen with movies and full color next to the old, boring (unreliable?) ATM owned by the competition.
OS/2 once was the undisputed king of ATMs, and regardless of my views on the subject, that's rapidly changing. I've used Windows ATMs about as often as OS/2 ATMs recently. -
Re:ATM Passwords
Since I work for an ATM manufacturer (and own and operate several machines of my own.. ) I'll comment on this one.
Yes the Distributor, Operators and Merchants responsible for those machines are the ones to blame. my understanding is that the service manuals posted on the Internet were posted by Distributors and NOT the manufacturers.. Anyone that doesn't change the Vault combination or maintenance passwords is a fool imho. We all know that "A fool and his money are soon parted" how very true in this instance..
Our ATM's have several levels of passwords.
- CASH LOADER a password for the person that loads cash into the machine. this level will not allow you do do anything other than change the amount of cash in the vault.. you could zero it or set it to 100,000.00 but it's not going to help you at all.. you can print a journal or event log report.. nope that won't help you either..
- MASTER allows the owner to load cash, pull reports, print journals, test the equipment etc.. a bit more can be done in here, but still no major programming functions. you must first enter the management mode before you can access the programming level.
- PROGRAMMING PASSWORD 1 / PROGRAMMING PASSWORD 2 - yes our machines require you to enter TWO passwords in order to access the programming are where you could change bill size and other important information. Not only are two passwords required to access this section, but the first time you enter programming mode you are immediately prompted to change these passwords from default.
It is possible that a distributor could leave everything at default and when prompted to change the passwords they could program them to the default settings, but that is hardly the fault of the manufacturer.
Googling for a manual and default password hardly qualifies as "hacking" in my book, as some articles have stated. ALL ATM's have default passwords, Diebold, Fujitsu, etc.. etc.. equally easy to find.
There will be additional follow ups on this on some of the industry sites such as http://www.atmmarketplace.com/ This site is dedicated to all news-worthy items related to the ATM industry.
Since I am NOT an official spokesman for our company I'll refrain from posting the company name or URL. -
Re:could be worryingThe PINs are encoded on the cards. How else do you think the ATM is able to allow you to withdraw a minimal amount of cash even when it's off-line or the system is down
...And then there's all the 9/11 ATM frauds - people scamming a bunch of ATMs that were screwed up, getting $500 out of each, and then trying to claim it wasn't them? One woman did this 54 times
Up to 4,000 people overdrew their bank accounts by at least $1,000, Morgenthau said, more than 540 of them exceededing their balances by at least $5,000.
According to authorities, a 54-year-old nurse made 54 cash withdrawals from Sept. 18 to the end of October, leaving her with a negative balance of $18,111. A Housing Authority employee reportedly made dozens of withdrawals, using his credit-union card to make purchases at a restaurant, a liquor store and a motel. -
Re:Dame you Diebold! Dame you all to hell!ATMs contain secure cryptoprocessors, generally within an IBM PC compatible host computer in a secure enclosure. The security of the machine relies mostly on the integrity of the secure cryptoprocessor: the host software often runs on a commodity operating system. Automatic Teller Machine
I found this Urban Legends page instructive: Crime: Candid ATM Camera The obvious question to ask is why a pro would go do such lengths if a software attack was easy. But a Google search is more likely to return results like this: McDonalds Restaurant manager accused of $200,000 ATM theft If you hold the keys to the machine and are responsible for keeping it stocked, you don't need the skills of a hacker.
-
Re:I don't understandHere are some facts about ATMs:
About 20% of ATMs world-wide run Windows. Banks are slow to migrate because of the cost. But the OS/2 systems out there are getting really, really old. Regulators want better encryption, audio support. IT wants TCP/IP. Marketing wants check recognition, targeted adds. You get the idea.
70% of ATMS purchased by banks in 2004 will run Windows, up from 10% in 2001. Minimum specs for a new ATM, a P III or faster processor, with 256 MB RAM and an NIC. Investing in the ATM channel
-
This is nothing new...
AFAIK 2 large banks at the least, Wells Fargo, and Bank of America have a number of NT based ATM's totalling more than 540 and 2,500 relatively yet with all these I've never heard of one getting a virus.. Although the likelyhood of a big bank alerting people to the fact their ATM's are insecure may not be the best idea.. http://www.atmmarketplace.com/research_story.htm?
a rticle_id=13527&pavilion=18
The numbers are near the bottom of the article which is mostly focused on the move to personalize advertising to the user and how NT based systems have helped make this transition easier to implement.
The difference between your average PC on the net, and these ATM's however is how secure their network and physical environments are. Most ATM's I've seen are made by diebold and fujitsu but there are many many more, and last I checked (I'm sure you'll correct me if I'm wrong) they all used proprietary hardware crypto and private frame-relay links, or private ATM networks not connected to the internet thus limiting their availability to those who have, or could procure access to these networks.
In addition the likelyhood of commonly exploited services running on an NT box for an ATM is relatively low.. I can't imagine, or maybe just don't want to think the engineers for hundred-billion dollar a year banks are dumb enough not lock down an NT box.. Not to mention having no access to keyboard or terminal access other than a number pad the options get more and more limited. These companies have spent billions to make these boxes the most secure on the planet and they've gotten good at it.. While the software may lag behind, it's not *that* far behind..
I think the likelyhood of NT taking a sh*t, BSOD'ing, and stealing your ATM card is probably the worst an NT based ATM could deliver in terms of negative user impact.
- my .02 -
Re:Amazing
According to this article, IBM is ditching OS/2 so NCR, Diebold, and the rest are only offering Windows XP based ATMs now. I think they are all foolish bastards
:P -
Patents
Well, he did get the patent. After all, his machine came out in 1969, and the 1967 London Barclays one (possibly the one that is often shown on UK television in nostalgia programs) didn't return the card.
-
Patents
Well, he did get the patent. After all, his machine came out in 1969, and the 1967 London Barclays one (possibly the one that is often shown on UK television in nostalgia programs) didn't return the card.
-
Re:site still up
There is really no reason for the article to be 3 pages long.
http://www.atmmarketplace.com/futurearticles.htm?a rticle_id=16524&pavilion=112
Much more concise. -
Article Text with LinksStarting about a month ago, Balkanalysis.com has learned, residents of Macedonia have been unable to access an ever-increasing number of American websites. Certain commercially compiled reports commonly purchased by American ISPs and hosting companies are warning that the country is a hotbed of internet fraud- and so, these companies are starting to block access to their sites for anyone with a Macedonian IP address. These cowardly and ignorant companies- who can't tell Macedonia from Massachusetts, by the way- are bringing on an internet Ice Age that could make life in Macedonia virtually extinct in the near future.
According to Macedonia resident Sam Vaknin, economist, author and internet expert, "...commercially compiled lists of 'dangerous countries' for internet scams, viruses, lotteries, etc. are being sold to ISPs and hosting companies... every day, I find another website has disappeared... last week it was an investment company related to Fidelity, yesterday a mental health website, today a radio program from the US."
While this appears to have been an entirely corporate initiative, political lobbying behind the scenes may also play a role.
"The fact that Russia and Israel- 2 epicenters of internet fraud and hacking on a global scale- 500 zillion trillion times bigger offenders than little Macedonia- are off the list is incredible," charges Vaknin. Yet these countries also have a much stronger political lobby within the United States than does the beleaguered Balkan state.
American ignorance of Macedonia (and the outside world in general) is revealed by this idiotic warning from the so-called "Bureau of Export Administration":
"...pay close attention to shipping or contact addresses located in countries with a high reported incidence of online fraud and many e-commerce web sites have found a high incidents of on-line fraud as well, such as Africa, Nigeria, Macedonia, Colombia, etc.."
Not only does this sentence violate grammar, it also transgresses geographical good sense (since when was 'Africa' a country?) and unfairly lumps Macedonia in with other, utterly different nations, quoting no specific sources to justify its inclusion in the list. And, despite its deceptive title and American-eagle background logo, the website (named "Exportbureau.com") is not governmental. Rather, this self-proclaimed "manufacturing and export information association" claims to be
"...a non profit organization [that] has been providing a completely free unbiased worldwide export manufacturing company directory to the worldwide public for the past 5 years since late 1998."
Or not...
On 19 March 2004, computer fraud was added to the Macedonian criminal code for the first time, in reaction to an initial (and relatively minor) upsurge of email lottery fraud and (non-internet) identity theft.
The first known case of identity theft in Macedonia occurred last year when a couple of young men, in affiliation with a foreign partner supplying plastic cards with magnetic strips, were able to knock off a few ATMs. However, the police soon put an end to this amateurish scheme, which succeeded in taking only 12,000 euros-peanuts in comparison to the $1.5 million snatched from New York ATMs by the Russian mafia in one case last year, or the Israeli mafia's multi-national ATM-milking efforts in 2002.
Moreover, Macedonia has a very low rate of general internet use. Leading Macedonian information technology site Metamorphosis rec