Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux May Succeed Windows XP As OS of Choice For ATMs

Posted by Soulskill on from the cash-from-a-penguin dept.

Dega704 sends this news from ComputerWorld: "Some financial services companies are looking to migrate their ATM fleets from Windows to Linux in a bid to have better control over hardware and software upgrade cycles. Pushing them in that direction apparently is Microsoft's decision to end support for Windows XP on April 8, said David Tente, executive director, USA, of the ATM Industry Association. 'There is some heartburn in the industry' over Microsoft's end-of-support decision, Tente said. ATM operators would like to be able to synchronize their hardware and software upgrade cycles. But that's hard to do with Microsoft dictating the software upgrade timetable. As a result, 'some are looking at the possibility of using a non-Microsoft operating system to synch up their hardware and software upgrades,' Tente said."

23 of 367 comments (clear)

  1. heartburn in the industry? by Anonymous Coward · · Score: 5, Insightful

    Oh if only Microsoft had given them more than like 10 years notice of end-of-support, they might have had time to prepare....

    1. Re:heartburn in the industry? by jedidiah · · Score: 4, Insightful

      > Oh if only Microsoft had given them more than like 10 years notice of end-of-support, they might have had time to prepare....

      I've been in shops where the key mission critical app was 30 years old. All of the shiny new MBAs would come in and try and replace that thing with newer tech but would ultimately fail. The 30 year old product did the job and the shiny new things couldn't.

      ATMs are such a key part of their business that it really makes no sense for them to not be in total control.

      Linux allows that.

      Although they should have used a more industrial product to begin with. The choice really shouldn't be between Linux and Microsoft. There should be better targeted options and the market should have allowed those to thrive.

      --
      A Pirate and a Puritan look the same on a balance sheet.
    2. Re:heartburn in the industry? by MightyYar · · Score: 4, Informative

      Although they should have used a more industrial product to begin with.

      This can be hard in practice. Vendors of niche products often only support Windows. Even if they support other OSes, you end up being the beta tester since the code is not as widely used. We ended up using XP embedded years ago because, of all things, USB memory stick compatibility. We tried to use Wind River's drivers, Linux drivers (years ago), and even Windows CE - but XP was the only solution that worked with almost every stick out there. When we used Wind River's solution, we had to maintain a compatibility list. But this effort was impossible once they started to explode in popularity. We of course sold compatible sticks to use with our equipment, but this was not popular with our customers and our competitors used Windows, so we were at a disadvantage.

      --
      W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
    3. Re:heartburn in the industry? by Richard_at_work · · Score: 4, Interesting

      They originally chose XP because it had a much lower cost of entry than anything else, and I'm not saying that as a Linux hater - yes, you do get the source to do with as you may, but that means hiring developers who know how to do something with that rather than just hiring VB developers. Low start up costs versus less control over your long term environment. But that wasn't an immediate problem when the EOL date was a decade off.

      So now, a decade on, they are reaping what they sowed.

    4. Re:heartburn in the industry? by Immerman · · Score: 4, Informative

      I suspect ATMs straddle the line between being too sophisticated and varied to lend themselves to a simplistic embedded system, and too niche a product to be cost effective to develop a specialized OS from the ground up. Windows gave them something that got the job done more cheaply than a custom-built OS. Now that Linux has gone mainstream it does open the door to a specialized OS since it need not be built from the ground up - adding and removing modules typically involves *far* less effort, especially when there are numerous variations of stripped-down specialty distros to start from.

      --
      --- Most topics have many sides worth arguing, allow me to take one opposite you.
    5. Re:heartburn in the industry? by OhSoLaMeow · · Score: 4, Funny

      Someone bring me my flux capacitor!

      The questions is not "where is my flux capacitor" but "when is my flux capacitor". You're just not thinking fourth-dimensionally.

      --
      They can take my LifeAlert pendant when they pry it from my cold dead fingers.
    6. Re:heartburn in the industry? by whitroth · · Score: 3, Informative

      Sorry. RHEL (and thus CentOS, and I presume Scientific Linux) have 10 year support.

                        mark

  2. Embedded by Moblaster · · Score: 5, Funny

    So does this mean we can expect our special hardened ATM Linux OS to have names like Filching Finch, Moneybiting Mongoose, Overcharging Oranguatan?

    1. Re:Embedded by oodaloop · · Score: 4, Funny

      More importantly, will 2014 finally be the year of Linux on the ATM?!?!

      --
      Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
  3. Here's what I don't get by dingen · · Score: 5, Insightful

    What's a desktop operating system doing on an ATM anyway?

    --
    Pretty good is actually pretty bad.
    1. Re:Here's what I don't get by Anonymous Coward · · Score: 3, Interesting

      XP embedded was the OS of choice after OS/2. Turns out the bankers wanted to know why, if they're paying the same price, they're not getting XP Pro. It's really that simple.

      It was never a question of "can we install Linux or Windows 7 or BeOS" - it's basic Intel hardware.

      The reason XP is still on the ATMs and not Win7 is due to the banking industry and PCI regulations - it costs hundreds of thousands of dollars to make a simple change to the ATM and get it certified by the banking industry and prove that it's still PCI-compliant in order to work with 3rd party transaction processors who perform the actual ATM transactions. Most banks don't to that themselves.

      There's one other big reason - the industry requires that each ATM have a HAL that implements a well-known, well-defined interface so the higher level software from any vendor will work on any other vendor's ATM. The HAL is big technical piece that has been in development by each vendor for years. Re-writing that from scratch to support Linux isn't trivial.

    2. Re:Here's what I don't get by tlhIngan · · Score: 3, Informative

      I don't even get why they'd switch to Linux. Something like QNX or VXWorks (I'm sure people will chime in with other/better examples) would make much more sense for something as simple as a bank machine. A bank machine has to do very little. Why would something as complex as Windows or Linux be used.

      Because of developer tools. The software on ATMs isn't static - it changes often enough to be annoying as new banking requirements come up - new language support, accessibility, currency handling, etc.

      The ATM hardware basically is static, but the software it runs on is customized for the bank and for the purpose the bank is using it for.

      Embedded OS tools generally are quite awful and hard to set up. But desktop tools are easier to use - just point a developer at Visual Studio, the source repo and they can get building that afternoon. And with a few peripherals, they can even emulate the ATM hardware right on their desktop without having to have the ATM beside them, transfer the code and assets over, etc.

      Anyhow, it's not like banks didn't have a lot of notice - way back in the Windows 7 days Microsoft had already announced end of support (this was over 5 years ago). They reiterated it several times since then. The fact that support was ending next month has been known for years.

      Problem is, most companies see it as "far off" and too far away to bother, ignoring the fact that migrating can take years. Just because you were told in 2009 that XP was going away in April 2014, means most companies will ignore it until the last minute. It's so bad that Microsoft is getting requests to extend XP support another year. (And most of those are from people who did NOT need more than 5 years to migrate - they just ignored it until they had the "oh shit it's only 6 months away!" moment).

      It's been going on for years now - the banks have had more than ample opportunity to prepare.

  4. Re:What about OS/2? by Stargoat · · Score: 3, Interesting

    It was, before the ADA required banks to replace any ATM that could not handle audio integration. That was about 2-3 years ago. OS/2 typically could not handle the hardware upgrade necessary for the required audio. The banking industry paid millions, maybe billions, to upgrade tens of thousands of ATMs. Diebold, NCR and Hyosung made out like bandits.

    --
    Hoist Number One and Number Six.
  5. Finally! by StripedCow · · Score: 4, Funny

    Finally, the year of Linux on the... oh wait... ATM.

    --
    If Pandora's box is destined to be opened, *I* want to be the one to open it.
  6. Re:What about OS/2? by flinxmeister · · Score: 3, Funny

    ADA was only one reason. The main reason was OS/2 was EOL and they couldn't really do anything with it. You haven't truly loathed an OS until you waited an hour for an ATM to boot, only to find out the next config change would require another reboot. ...and you had 5 more config changes to make.

  7. Re:Yes and no by jedidiah · · Score: 4, Insightful

    This is the perfect example of why gratis doesn't mean so much. The really important thing here is that the user or even the "integrator" can have complete control of the system. They don't have to worry about ANYONE else interfering with the degree of control they want and the features that they want to be active.

    The people building the ATM are in total control. For a device like an ATM, that's really how it should be.

    --
    A Pirate and a Puritan look the same on a balance sheet.
  8. Well Duh... by bobbied · · Score: 4, Interesting

    Why an ATM was hosted on XP in the first place is beyond me. I suppose you dance with the one who brought you and banks are solidly Windows shops, but using XP for a device where security and reliability is paramount seems like a bad choice, at least in hindsight. I suppose in the depths of the XP heyday, when the base design decisions where being made, Linux was a decidedly hit and miss affair (mostly miss). X support was spotty and other devices had limited support. I remember the heady days of installing slackware and configuring video card and monitor by editing that text file. XP must have looked pretty good.

    Now, ATM venders are faced with having to port everything to newer versions of Windows, which forces them into more expensive hardware (faster CPU's, more memory, greater drive space, modern video hardware etc.). This in the face of being able to keep using the old proven hardware, put Linux on it and get another decade or two, not to mention control of your own destiny because the source code is available and free. You are going to pay to retool to Linux, but you get to step away from Microsoft license fees. It's a long term gain, short term loss.

    Maybe they will make the right choice this time? Who are we kidding... You KNOW that Microsoft has pulled out all the stops on the Redmond FUD machine and would gladly cut some "deals" to keep these guys on the hook and make Linux look less desirable in terms of ROI.

    --
    "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
  9. Re:Ok seriously though ... by Grishnakh · · Score: 4, Insightful

    You are missing the difference. Linux is open-source, and not under the control of any one vendor. Distros go EOL, kernels basically do not; you can always upgrade to a newer kernel, and you're not going to break anything in the process. So if you're an ATM maker and you roll your own Linux distro, it's pretty trivial for you to just keep upgrading to the latest (stable, not bleeding-edge) kernel. Or, if you prefer to have a vendor do your OS work for you, your vendor (like Wind River, Timesys, etc.) can do that too. So basically "yes" to your second paragraph, first sentence. If they're not qualified, they can outsource it to one of the many commercial Linux companies. And if they get sick of their chosen vendor, they can easily switch to a different vendor, or move it in-house; these are options that aren't present with MS.

  10. So how is support... by Plumpaquatsch · · Score: 3, Insightful

    So how is support for RHEL 2.1 (a year younger than XP) these days?

    --
    Of course news about a fake are Fake News.
    1. Re:So how is support... by Todd+Knarr · · Score: 3, Insightful

      That's the thing, though: for the most part the basic programming APIs haven't changed much since then. There's some new ones, but mostly code written for RHEL 2.1 will compile and run on Debian 7.4. The kernel will have been upgraded, the libraries and packages will have been upgraded, but the source code and makefiles and scripts will need minimal changes to make the jump. You won't be able to take advantage of the new features, but you won't be looking at nearly the work to migrate. Even widget sets are mostly backwards-compatible, and for an application like an ATM you can omit the desktop environment stuff that's undergone major changes over the years (why would an ATM need a desktop environment anyway, it's not like customers will be interacting with the ATM's desktop). Combine that with the ability to just not run services like Samba (Windows networking) and the like and you make it a lot easier to do support in-house as well, reducing the need to migrate in the first place.

  11. Re:ATMs? by BitZtream · · Score: 3, Insightful

    You can't 'tell them what you want' ... they'll hand you back a slip and tell you to fill it out and sign it ... which is what you do when you poke the buttons and enter your pin number at an ATM.

    You're naive at best.

    Banks are some of the most ruthlessly efficient organizations on the planet, by their very nature.

    First off, those bored people behind the counters 'watching you fill out those ridiculous slips' aren't bored, I promise you they've been working ALL day, doing something the bank hasn't yet automated. Just because the counter is high and you can't see they've been counting night deposits doesn't mean they were just sitting back their rubbing one off.

    Second, the slips are not so you can 'tell them', its so the bank has a record of what YOU told them you were asking for or giving them, and BEFORE The transactions complete, they can reject it. If they accept it, they have, IN WRITING, what YOU requested from them, and how they filled it. They are protected against YOUR mistakes in transactions. The ATM does the EXACT same thing, but you just don't realize its doing it. This is a matter OF LAW, not practice or fun. This kind of stuff goes right along with the regulations that let them put that nice little Insured by the FDIC sticker on the window.

    Third, Awesome, you think because the bank has off loaded doing their job onto YOU and a machine, that people who use the old method, where the bank actually provides services ... are the ones with a problem. And notice ... those people have ... money.

    Irony: You think you're smarter because the bank is much more efficient at ripping you off than those stupid old people. Congratulations, there is an old dude sitting in an office, laughing his ass off about how you and the kind of ignorance you carry with you, filthy fucking rich.

    ATMs are banks giving you less service and charging you for the privilege. You're an idiot. You kinds of guys are mind blowing to me. So excited about the new hotness not being 'old and busted' to notice that 'new hotness' is in fact, busted from the start and 'old and busted' got the job done better and cheaper.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  12. Re:possibility...some... by mlts · · Score: 5, Interesting

    I've seen XP on some ATMs, not XPe, although it does get annoying when an ATM is down due to an XP activation screen.

    The ATM industry needs to stop being pennywise and pound foolish.

    Instead, they need to design their platform once, do it right, then as time goes on, add a UI refresh every so often so the cute cartoon characters get a facelift every year or two.

    Were it up to me with ATM design, I'd probably charge off a quarter profit to do the architecture right, then once done, pretty much coast from there.

    First, I'd give a lot of consideration to QNX. ATMs are not really needing a RTOS, but QNX has an excellent reputation for security (with decent government certifications to back that.) From there, add a TPM chip, userland, and the application. Done right, someone plugging in an unauthorized USB flash drive won't be able to do as much, compared to XP with AutoPlay/AutoRun turned on.

    Linux is also a good choice. One could go with a full userland or an Android style userland, both with SELinux to minimize damage. Linux may not have the C2 cert that QNX does, but it will hold its own in security, if done right.

  13. Re:Ok seriously though ... by TheRealMindChild · · Score: 5, Informative

    you can always upgrade to a newer kernel, and you're not going to break anything in the process.

    This is just wrong. Threading and libc compatibility isn't transferable between 2.4 and 2.6. There are innumerable 2.4 applications which will flat out not run on a 2.6 system. The same goes between 2.2 and 2.4. And 2.0 and 2.2.

    --

    "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson