funsec mailing list archives

Re: Operating System in US ATMs

From: "Alex Eckelberry" <AlexE () sunbelt-software com>
Date: Tue, 3 Jun 2008 17:59:26 -0400

Have been for quite some time:
 
http://www.infoworld.com/article/03/12/02/HNwinatm_1.html
 
 
 

________________________________

From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
On Behalf Of Kyle C. Quest
Sent: Tuesday, June 03, 2008 1:36 PM
To: funsec () linuxbox org
Subject: Re: [funsec] Operating System in US ATMs


There's a good chance that it's Windows XP Embedded. It's meant to be
used in ATMs, industrial equipment, or other embedded devices. There's a
big difference between a standard XP and XP Embedded because with
Embedded you actually get to choose the components that get installed. 

Kyle


On Tue, Jun 3, 2008 at 12:49 PM, Bruce Ediger <eballen1 () qwest net>
wrote:


        I stopped by a branch of my bank (Compass Bank) in Denver today
to
        withdraw some cash from the ATM.  An unmarked mini-van blocked
access, and
        some character in "business casual" garb had the front of the
ATM pillar
        tipped up.  I took a glance inside to see what the innards of an
ATM look
        like.  It had what looked like a standard PC case inside.
        
        I asked the guy repairing it what operating system it ran.  He
said,
        "Windows.  Windows XP based, actually."
        
        Is my bank asking for a repeat of Ross Anderson'a "Phantom
Withdrawals"?
        http://www.phantomwithdrawals.com/
        
        Along those lines, how often do bank IT departments go as far
south
        as Ross Anderson has documented?
        
        
--NSA--CIA--FBI--NRO--TSA--JENKEM--DHS--BUTTHASH--TIARA--GHCQ--ECHELON--
                  As for you government types intercepting this,
                  thanks for keeping us safe from our freedoms.
              Warrantless wiretapping is un-American and unpatriotic.
        _______________________________________________
        Fun and Misc security discussion for OT posts.
        https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
        Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Operating System in US ATMs Bruce Ediger (Jun 03)
- Re: Operating System in US ATMs Kyle C. Quest (Jun 03)
  - Re: Operating System in US ATMs Alex Eckelberry (Jun 03)
    - Re: Operating System in US ATMs Vitaly McLain (Jun 04)
  - Re: Operating System in US ATMs Predrag Ivanovic (Jun 04)
- <Possible follow-ups>
- Re: Operating System in US ATMs Juha-Matti Laurio (Jun 05)
  - Message not available
    - Re: Operating System in US ATMs Kevin McAleavey (Jun 05)
  - Re: Operating System in US ATMs Gary Warner (Jun 06)