Re: Windows-based cash machines 'easily hacked'

["Dennis Henderson" <hendomatic () gmail com>]

All of your slightly informed ranting on ATMs is very amusing.

Once you realize an ATM is not a corporate desktop, is not connected
to the Internet, performs a very specific function, and lives on an
isolated network, is very closely monitored and has law enforcement
response in minutes, the concern over what OS is running should no
longer keep you up at night.

In the real world, security nirvana is not possible. ATMs, believe it
or not are not profit making devices. They exist for the convenience
of the customer, so the budget avaliable to bulletproof them is not
infinite. The regulators have also examined the security risk and are
not in a big hurry to force banks to make them more secure.

So before you condemn ATM technology, get more information on the
system from end to end and you might be surprised at what controls
mitigate what risks.




On 3/18/08, Valdis.Kletnieks () vt edu <Valdis.Kletnieks () vt edu> wrote:
> On Tue, 18 Mar 2008 00:02:57 EDT, der Mouse said:
>
> > Only to the extent that they choose to stick themselves with them.  If
> > banks were to grow balls enough to start issuing RFPs specifying no
> > Microsoft operating systems, I'm sure there would be suppliers happy to
> > cooperate.
>
> Anybody care to send the CIO of said banks a sample of Scott's Cojones-Grow?
>
> Or maybe people *are* sending them, but the bank's e-mail filter is blocking
> e-mail about ball fertilizers as "male enhancement" spam...
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.