Diebold ATMs hit by Nachi Worm

red floyd writes "The Register is reporting confirmation that Diebold ATMs were hit by the Nachi worm back in August. Apparently some Diebold ATMs run XP Embedded, and got hit with a variant of the RPC DCOM worm. Seems that they hadn't yet applied the available patch."

Re:Security through obscurity after all?

[Acidic_Diarrhea]

you don't need source code to find holes in software. that's the point of running an open source project - holes are found much more quickly because more eyes are on it. the holes are going to be found eventually, regardless of whether or not you release the source. if you do release the source, the chances are better that someone without malicious intent will bring the holes to your attention.

as attractive as security through obscurity can be (given its ease of implementation), it still does not work - just as it never has.

B-U-S-H for P-R-E-S-I-D-E-N-T

[rbird76]

particularly wrt the unfortunate comments of the Diebold president...

considering the (what should be) massive security on bank machines, does this give any further pause to the added "safety" of "trusted computing"? Given that you can't secure critical applications to users, what makes me think that TCP will be able to secure my computer from anything but me?