Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows ATMs by 2005

Posted by michael on from the blue-screen-of-no-money dept.

An anonymous reader writes "O'Reilly Developer News is running a brief on how the banking industry will be running a stripped down version of windows on 65% of its ATM machines by 2005. On a morning when I'm receiving the latest windows virus in my inbox every five minutes I feel very comfortable with this."

3 of 802 comments (clear)

  1. Re:Three Major Vulnerabilities by b-baggins · · Score: 1, Flamebait

    And in other news, Microsoft announced today a security vulnerability in their Embedded XP used in ATM machines. Apparently, a certain sequence of information on the magnetic stripe used on ATM cards can cause a buffer overflow and allow the user to fool the machine into thinking their bank account has an unlimited balance. Additionally, it also disables the $200 per day withdrawl limit.

    Microsoft representatives rated this as a serious security risk, and said that ATM machines using their embedded XP operating system would be upgraded over the next several months as ATM technicians became available to open each affected ATM and swap out the hard drive.

    --
    You can tell a great deal about the character of a man by observing those who hate him.
  2. Windows is a poor choice... by dtjohnson · · Score: 0, Flamebait

    There can't be a worse choice than Windows to run something like an ATM. Current versions of Windows are designed to run a wide variety of applications containing lots of active content sending information here, there, and everywhere, which is hardly desirable in an ATM. Windows is designed to be updated via a network connection which is exactly the opposite of what an ATM owner would want. 'Windows' is a very complex and relatively unstable pile of bytes that is extremely vulnerable to hardware failure, power surges, memory corruption, other applications, operator error, and just about every calamity that one can imagine. It is likely that some of those existing Windows ATMs have crashed just because the user pressed the "5" key too quickly too many times or something. The entire design of Windows is aimed at displaying a complex bitmapped windowing interface as rapidly as possible which is something that is not even required or desirable in an ATM. If someone actually did a design evaluation between current OSs, including various embedded OSs, Windows, even stripped down, would come in last by a long ways. What could possibly cause some otherwise wise engineer to select "Windows" as the operating system to run a device like an ATM machine? Temporary insanity perhaps? I predict that the reliability of the machines will turn sharply downwards as more Windows machines make their way into the mix and losses will sharply escalate. A lot of those ATMs communicate with their host over a simple dial-up connection that thieves will quickly find ways to penetrate when it is under the control of anything 'Windows'. The rest of the ATMs are connected with networks that are likely to be vulnerable to the 'virus du jour.' It's only a matter of time until someone undertakes some attack that will have the ATMs kicking out annonymous serious cash to anyone who keys in the PIN code '1234a' or something like that. Of course, the bankers will keep it quiet when it happens (for obvious reasons) so we'll never hear about it, unfortunately.

  3. Re:Mo Money! Mo Money! Mo Money! by TheNetAvenger · · Score: 0, Flamebait

    The stability of the OS has finally gotten to an acceptable level, however the security has not. Have you been asleep for the last few weeks with the string of SEVERE holes in MS software for win2k, XP and 2003?

    And yet is still is 4 to 5 times more secure than Linux. Check the security briefs and patches from the independent security sites, or even the Linux distribution company's sites themselves. Also, did you miss the Linux exploits that have been noted on Slashdot in the last couple of weeks that are JUST as dangerous as any of the NT patched exploits from the last couple of months?

    You obviously did not read the article. It stated they will be using a stripped down version of Windows NT.

    And what do you thing WindowsXP Embedded is? Right here you lost everyone's respect of having any knowledge on this subject.

    Windows needs tons of patches and reboots, where as Linux does not. You just download a patch, apply it and your done.

    Funny in our labs, we download more Linux patches than we do Windows patches, and many of the Linux patches require reboots. Do you have a magical version of Linux you are not sharing with us?

    Oh, and MS has NEVER made anything 100% secure. There has never been a 100% secure system from anyone.

    This is true, there is NO such thing as a fully secure OS, ANYWHERE.

    In regard to the article, running an updated embedded version of NT(XP) is far more secure and advanced than the mass amounts of OS/2 based ATMs sitting around the world.

    You also seem to disregard that ATMs are deployed in a closed network system, and are not transmitting validations over the Internet, hence all the exploits you mention about Windows insecurities in the past month are moot - they would have no way into the system.

    Senior Programmer Analyst
    I feel sorry for the company that is employing you. Ignorance with arrogance is a dangerous thing for a person in a decision making position.

    I suggest you go troll somewhere else unless you really need the accolades of the script kiddies... The true Open Source Linux,*nix, and NT professionals here really get tired of uninformed rhetoric from self proclaimed bloviating experts.