|
95 percent of ATMs run on Windows XP and XP loses Microsoft support in April
|
|
The following comments relate to this news article:
article published on 20 January, 2014
On April 8th, Microsoft will end their support of the ancient Windows XP operating system, and with that deadline comes an interesting time for the world's banks and the estimated 3 million ATMs around the globe.
95 percent of current ATMs run on Windows XP and when support ends, that means security patches will no longer be executed for the machines, putting them out of compliance with ... [ read the full article ]
Please read the original article before posting your comments.
|
Senior Member
|
20. January 2014 @ 12:05 |
Link to this message
|
|
It's not like they did not get plenty of warning. If they have not made plans to upgrade their ATMs by now then they are not a bank I want to work with.
|
|
Advertisement
|
|
|
|
|
ddp
Moderator
|
20. January 2014 @ 12:12 |
Link to this message
|
|
or bank with.
|
Senior Member
|
20. January 2014 @ 12:26 |
Link to this message
|
Originally posted by ddp:
or bank with.
That is what I meant.. :)
|
Member
|
20. January 2014 @ 13:47 |
Link to this message
|
This is a prime example of how everyone is over reacting about this.EVery ATM should be connected to a closed network, why they think suddenly malware makers could jump to offline systems is baffling me. There are POS systems still running 95, without updates, without upgrades, using the same GUI made in the last century. And not being net connected how are they any less secure come April than they were 15 years ago?
To truly change all the "obsolete" systems would take training whole workforces over and untold hardware upgrades that by experience will be buggier and less secure than the 20 year old systems in place.
I for one don't understand why banks or any retail with need for secure unhackable systems still use off the rack retail OS's even if they are "enterprise or corporate" editions. They are still using an OS based off a basic home use appliance, not a secure industrial tailored package.
|
|
SomeBozo
Member
2 product reviews
|
20. January 2014 @ 14:17 |
Link to this message
|
Originally posted by Qliphah:
This is a prime example of how everyone is over reacting about this.EVery ATM should be connected to a closed network, why they think suddenly malware makers could jump to offline systems is baffling me. There are POS systems still running 95, without updates, without upgrades, using the same GUI made in the last century. And not being net connected how are they any less secure come April than they were 15 years ago?
To truly change all the "obsolete" systems would take training whole workforces over and untold hardware upgrades that by experience will be buggier and less secure than the 20 year old systems in place.
I for one don't understand why banks or any retail with need for secure unhackable systems still use off the rack retail OS's even if they are "enterprise or corporate" editions. They are still using an OS based off a basic home use appliance, not a secure industrial tailored package.
I agree completely with you, i was about to type up something similar. It reminds me of the super-hype that came with the Y2K issue, that was such a dud and nothing really happened. All the banks i worked for they were so anal about security and stability, i'm certain they have been running mirrored systems with the date past 2015 or later for a year or more.
Additionally when was the last update to WinXP? SP3 came out 21 Apr, 2008, and those machines are still going strong for 5 years so far, why would they tip over now?
|
Staff Member
|
20. January 2014 @ 14:18 |
Link to this message
|
|
I don't think this will be a problem. ATMs would generally run a very feature-specific embedded version of Windows XP, so the potential attack vectors for it will be a lot less than of a consumer operating system that is at its end of life.
|
|
megadunderhead
Senior Member
|
20. January 2014 @ 22:47 |
Link to this message
|
|
interresting considering the smarter banks are using atm's powered with unix theres two becu machines where i am at that use mac os x
|
|
Mysttic
Senior Member
|
21. January 2014 @ 07:20 |
Link to this message
|
Quote:
interresting considering the smarter banks are using atm's powered with unix theres two becu machines where i am at that use mac os x
Thank you: I was just going to say why can't they use Unix or variant of Linux. Once the program is up and running it's not like they need to worry about maintaining it much. Heck can't they even use Wine to keep POS running through Win-XP? Mind you that may bring an entirely new area of issues. Still using Windows just still shocking given the thousands of dollars / ATM.
|
|
hearme0
Senior Member
|
21. January 2014 @ 12:25 |
Link to this message
|
|
I feel no pity what-so-ever!
XP is outdated, garbage compared to what is available now and those clinging on deserve EVERY single ill-fated action taken against XP when support ends. I will laugh my ass off when everyone calls me for tech support because they slacked on maintaining SOME SEMBLANCE of technological edgyness.
|
|
SProdigy
Senior Member
5 product reviews
|
21. January 2014 @ 12:51 |
Link to this message
|
|
Typically these machines would run a very locked down and specific build of XP. If they were that concerned in upgrading they've had 3 iterations of Windows to do so now (Vista, 7, 8) so it must not be a major issue.
|
|
hearme0
Senior Member
|
22. January 2014 @ 12:15 |
Link to this message
|
Originally posted by SProdigy:
Typically these machines would run a very locked down and specific build of XP. If they were that concerned in upgrading they've had 3 iterations of Windows to do so now (Vista, 7, 8) so it must not be a major issue.
huh......I did not know that (about the locked down specific build of XP). Always thought those things were linux/unix based anyway.
Thanks for clarification.
|
|
SProdigy
Senior Member
5 product reviews
|
22. January 2014 @ 12:25 |
Link to this message
|
Originally posted by hearme0:
Thanks for clarification.
To clarify more, it would be that network's admin(s) that would restrict group policy and intentionally create a build image of XP that would be functionally useless except for a specific software platform. We would do that all of the time at my former job, you can go as far as to restrict internet access and access to any menus.
Actually becomes a headache to support, because you have to physically reboot the machines and stand by so they don't auto login to the restricted environment (then you could access admin functions, but even then, when you remove some components of XP, we would have to have an installation disc or executables and the proper privileges to install as well.)
|
|
dbminter
Member
|
24. January 2014 @ 15:07 |
Link to this message
|
Originally posted by SomeBozo:
It reminds me of the super-hype that came with the Y2K issue, that was such a dud and nothing really happened.
Funny thing about what happened with Y2K. The only real victims? Some ATM's in smaller parts of the world. When the calendar rolled over, they had issues. That was the only major headache.
Y2K was a bust because people took steps to rectify it years in advance. Where I worked at the time, 1999 was spent updating the applications to be compliant. The whole year was spent in updating and testing. I worked the 3rd shift so I was exposed to a lot of this work because that was the best time to test without interfering with daily operations.
People have had years in advance to rectify this ATM issue, too. They just haven't.
|
|
SProdigy
Senior Member
5 product reviews
|
24. January 2014 @ 15:11 |
Link to this message
|
|
Daylight Savings changes here in the United States were more of a PITA on computer systems than Y2K ever was.
|
|
pmshah
Member
|
28. January 2014 @ 23:49 |
Link to this message
|
|
For every netbanking transaction or on-line credit card purchase my bank sends me an OTP - one time password - to confirm and verify the transaction. So, unless some one has cloned my phone, why should it be insecure?
BTW I have all my phone data backed up on my PC and memory card. I would simply remove my sim card and the memory card before turning it in for any kind of service.
|
|
Advertisement
|
|
|
AfterDawn Addict
|
1. February 2014 @ 22:02 |
Link to this message
|
Originally posted by hearme0:
I feel no pity what-so-ever!
XP is outdated, garbage compared to what is available now and those clinging on deserve EVERY single ill-fated action taken against XP when support ends. I will laugh my ass off when everyone calls me for tech support because they slacked on maintaining SOME SEMBLANCE of technological edgyness.
And here, I thought that my slide rule was still the cat's meow. I guess that I had better get some of this new fangled sh*t.
Thanks for posting. I didn't know how far behind I was on all this technological stuff.
Life is good!
GrandpaBruce - Vietnam Vet - 1970 - 1971
Computer: Intel Core i7-920 Nehalim;Asus P6T Deluxe V2
|
