Can Your ATM Play Beethoven? 657
bpiltz writes "A funk band in Harrisonburg, VA, called Midnight Spaghetti, has posted a story with photos about a newly installed Diebold Opteva 520 ATM at Carnegie Mellon University that crashed, then rebooted. The Windows XP operating system initialized without the actual ATM software. The result was a public desktop computer, with only a touch screen interface, left wide open for the amusement of the students at the most wired university in the U.S. Interestingly, Diebold is one of the leading manufacturers of e-voting machines."
Not just a desktop computer (Score:2, Interesting)
ATM OS diversity (Score:5, Interesting)
I got a chance to talk to one of my bank's IT people about this a few months ago, and basically, they don't know what's causing the crashes because analyzing the log files would just be too much trouble. So their SOP is to have some guy with a key come out, literally pull the plug on the machine and wait till it reboots.
He also told me that they were slowly migrating over to a "custom XP version", whatever that's supposed to mean. I probably should have told him that Windows machines can be prone to virus infections [windowsfordevices.com] (cough cought [securityfocus.com]).
Re:And this surprises you (Score:1, Interesting)
Yes, I work for one of the biggest ATM processors in the world (until I get laid off next year) and I've talked to more than a few of these guys. They pretty much all have one thing in common. Calling us for tech support on setting up the ATM. Go figure.....
Buffer overflow code on swipe card .. (Score:4, Interesting)
a swipe card so that the software reading the card
suffered some kind of buffer overrun ? (Depending
of course on how carefuly the software checked for
them).
Re:"Progress"? (Score:2, Interesting)
Win XP ? (Score:3, Interesting)
Aren't there any regulations about cash machine security ?
Not that unusual (Score:5, Interesting)
They should have used the "On-Screen Keyboard" under Accessibility. It is a little scary that this was connected to cash.
If you want a good read for the database schemas an ATM uses, read "Principles of Transaction Processing." One interesting bit of knowledge is that the entire table of valid account names and their card hashes is replicated to each ATM! (Obviously for your bank only.) It sends out a ping that records "Joe took $50" to the main bank but it's only sort of a summary, the "full details" is kept at the ATM and sync'd at night.
One crazy thing that happened to me was I tried to withdraw $1100 from Bank A at Bank B's ATM. I got into a "Distributed Transaction Rollback" -- it got all the way through, printed out out my receipt that said I got the money, and -- never gave me my money. When I checked at a Bank A ATM, it showed the "hit" on my account. In about 15 minutes the Transaction Processor rolled back the transaction.
Insecurity and Paranoia (Score:4, Interesting)
ATMs not connected to the Internet and without keyboard are pretty much unhackable unless you can pry open the case and attach a keyboard and/or wireless connection. And if you could do that, I suspect pretty much any ATM would be hackable. There is a reason why ATMs are built from heavy steel and anchored in concrete.
Diebold systems raise paranoiac hackles for another reason: control and oversight. You don't need to invoke security flaws and Windows XP to realize that ballot boxes represent power and money. Whoever controls the counting process controls billions, trillions of $, and this is a temptation that few, if any, people can resist.
The argument against paperless touch-screen voting systems comes from the fact that such systems open the way to serious internal fraud, rather than hacking through any hardware or software weakness. Election fraud is done by incumbent politicians, not by hackers exploiting BSoDs.
The nightmare scenario for future US elections is where after a largely electronic and unverifiable poll, the governing party gets 55% of the vote despite exit polls showing that it got 45%. What would happen after such an event is anyone's guess, but it would not be pleasant.
Re:"Progress"? (Score:5, Interesting)
Better solution? (Score:3, Interesting)
BTW, I'm not totally averse to Arc's etc, I have a 4000 series here somewhere that I hacked a NIC into and managed to get on the internet (how proud of myself was I?)
Re:"Progress"? (Score:5, Interesting)
After a brief five-year stint in North-Dakota, where time stood still in happy-land, I ended up in Dublin. I read an article about how Windows had made its way into the ATM-business, thinking "uh-oh-mf-cs-sob"...given my past experiences with this OS-king-of-userfriendliness.
Yesterday, I put my Norwegian super-VISA-bank-card into an Ulster Bank ATM and it stole it! It just swallowed the card, proceeding to say something like: "System down, please use another cashpoint."
So, I call Norway, to ensure there isn't a problem with the actual card. It takes me quite a bit of time before I actually managed to call Ulster bank's customer service line. When I get through, I explain the situation (I had to rephrase 'the ATM stole my card' into 'swallowed it' before I could be assisted).
So the customer service rep states that he can't help me. I ask if there's anyone with any authority that can help me get the card back (it takes me a while to get a new one from Norway). He says: "Sorry, Sir. The ATM in question not being directly attached physically to a bank, a contractor does that job for us. Your card will be destroyed when the ATM is serviced."
I state something to the extent of Ulster bank being poorly organized. The little turd on the other end of the line proceeds to tell me: "I'm sorry, but we took the network down for a few minutes. You must have inserted the card just at that moment."
If I find out this particular ATM is Windows-operated, I will hunt down Mr. Gates, roll him in tar and feathers and chase him out of town with a stick. In the meantime I will file a complaint with Ulster Bank for taking away my sole source of cash until next pay-day.
Boy, times sure change (Score:3, Interesting)
>Finally, an annoyed faculty member in an adjacent office unplugged the machine and dispersed the crowd.
I remember back in the day, when faculty in a technical university would stop two wars before breakfast, and still have time to help with a hack before the toast popped.
Kind of sad to see the spirit of exploration being so ruthlessly crushed. Attention US Educators: creativity and free thinking is our only advantage over India and China. Ponder on who's going to be paying for your Medicare before you decide to quell your inquisitive students.
Re:"Progress"? (Score:2, Interesting)
At least you didn't get huge amounts of burn-in with this method like you did with the 'shades of green' displays. I swear there were so many times I had to get my cash by remembering the keypresses.
Pictures of something similar (Score:5, Interesting)
Take a look here [unworkable.org]
Re:WRONG! (Score:3, Interesting)
You would need a lot better control than that to hack a machine in realtime. And if it's not in realtime, then the machine must have a network connection, or be able to save state in some way. ATMs seem designed without either of these, and so I'd regard them as "pretty unhackable" in the traditional sense. Attaching fake front-ends and spycams is much more feasible but this hardly depends on the OS used.
Re:"Progress"? (Score:5, Interesting)
``Alright, lets go to the bar.''
``Sure, but first I need to go to the bank on high street.''
``Why? That one is two block in the opposite direction, there's a bank the way we are going that's on the same system so it won't charge you any fees.''
``I know, but that one has one of those old black-and-green displays. You can't trust something like that. The other bank has an ATM with color and animation.''
It really upsets me to know that things like that actually matter to people.
-Colin [colingregorypalmer.net]
Change you cannot avoid (Score:3, Interesting)
But you are on to something. Can we invent something that is the opposite of Moore's law? Something like: "Software will become nn% harder to write every two years due to steadily increasing complexity in hardware and operating systems."
What really scares me! (Score:4, Interesting)
Ahem, is the money dispenser connected via serial? (Score:3, Interesting)
Re:"Progress"? (Score:5, Interesting)
The hardest thing in the world is returning an ATM / Credit card. I found one next to a machine from an Alaskian credit union, and I being in washington. I thought to my self, "Hey, I will do the honest thing and try to get this card back to the owner".
Well, the 800 number on the back was unwilling to co-operate... they told me to cut up the card. This was on a saturday and may have not been offical bank help. So I tracked down the bank in Alaska, or near as I could find too it, and tried to talk to them about the issue basicly, "I have this card, i'd like to return it to the owner".
They refused to do the following
1. Provide me with any contact information as to where to send the card too (totally understand)
2. Take down my contact information so in the event the owner called to get a new one, they could say just use the old one, this guy will give it to you.
3. To actually take back the fucking card so they could return it to the owner in a timely fasion.
In the end, after getting frustrated trying to do the right thing, I used it to apply puddy to my automobile, and it probally is still encased in a lump of pudddy.
The point is, banks will assume the worst when it comes to you no longer physicaly having your card. They are not equiped to handle an honest person who actually didn't charge up anything on the card dispite the fact they could verify this fact who's trying to return the card. They will try to convience you they are doing you a favor when in reality they would rather let someone else do the paperwork, which always falls on the person giving you a new damn card.
Re:"Progress"? (Score:3, Interesting)
Re:WRONG! (Score:3, Interesting)
Re:Imagine a Beo... (Score:3, Interesting)
Re:"Progress"? (Score:5, Interesting)
Re:"Progress"? (Score:5, Interesting)
The only place Windows is allowed is on the desktop, and that is still NT4 hidden behind a Solaris based proxy and firewalled to the hilt. You cannot even go OUT on a port other than 80 or 443, nevermind the other way.
I work as a contractor and run my own company, so am not affiliated with RBS in any way...
Re:"Progress"? (Score:5, Interesting)
I just received my new card and had memorised the PIN number, and went to withdraw money. Three times I tried to enter my PIN and the amount of money I want to withdraw. Each time the machine refused to accept the transaction. After the third time, the machine swallowed my card, telling me to contact the bank. So I call them up, and am told "our machine automatically shreds any card after three unsuccessful attempts and sends an electronic notification to your bank", we can't do anything. So I call up my bank, and they tell me I can't get a new card until they written notification from the machine owners. Neither would talk to the other. In the end, I had to pretend that I had lost my card in order to get a replacement.
It seems to me to be more of dodgy protocol implementations rather than anything else.
Re:"Progress"? (Score:3, Interesting)
Re: Mr. Naive (Score:2, Interesting)
I suppose they could make a little bank form that says, "Card missing from Date: XXX to Date: XXX", but I'm sure people would abuse the hell out of that...
What's that? You want movies? (Score:5, Interesting)
Anyway, some people on misc.market also posted some movies [cmu.edu] that you might find interesting.
I go to CMU... (Score:5, Interesting)
The one on this article was funny and everything until that night when I remembered that I have my life savings in National City.
I stopped at some competing banks in the area on Thursday to get some pamphlets and I will be switching banks on Monday.
Re:"Progress"? (Score:4, Interesting)
F*cking railway ticket printers are one of my "buttons". You turn up with 20 minutes to spare for your train, join a huge queue, vying for the attention of 2 ticket clerks working in a mostly empty 12 booth office (at the busiest time of the morning, you'd think they'd have the most staff on, but nope). You reach the desk with 2 minutes to spare and ask for your return tickets for the week (to save having to queue the other 4 days). The clerk then has to enter the exact same information 5 times?! I have asked about this before and apparently "that's how it works". After this typing marathon, the ticket printer grinds into life, spitting out a ticket every 5 seconds or so with a "kerchunk" noise, by which time your train has left, then... I think I'll just leave this subject now; I'm getting angry just thinking about it...
As an aside, I've been cleaning up some of the cruft old shell scripts and stuff on our commercial systems where I work. We've always had a problem with the slow printing on label printers in our warehouse loading bays (every box loaded onto a truck has a sticker attached). A lot of the time, several hundred (or thousands) of these stickers could be identical. Looking at the script used to format the data and send it to a printer, I noticed that for each label to be printed (a single file would hold thousands of lines of data - one per label), the script would query the Oracle database for additional data, parse the response through AWK, and send the result to the printer. The printer would print this, then the whole process would start again for line 2, and so on until the input file had no more lines.
The upshot of this was a very obvious increase in load on our Oracle server, which is already busy, when the loading bays were working (remember there's one printer per bay, and they are all doing this). The labels (even if all were identical) would come out at a rate of one every 3-4 seconds on a good day, which was clearly unacceptable.
I altered the script to group identical lines and send an additional parameter to the printer to repeat the last job x times. Funnily enough, a run of 1000 identical labels now takes around 10 seconds with next to no server load
probably a dumb question about atm and cents (Score:5, Interesting)
1-5-0-0
to let the machine know I want 15 dollars instead of 15 cents. No atm that I've seen (granted, limited experience) will dispense change. I don't think I've seen any that even dispense dollar bills, so getting $17 is impossible. So why the decimals?
Re:ATM OS diversity (Score:5, Interesting)
The Diebold tech came out, I let him into the ATM room, gave him the IP, gateway, and the host IP and port... and he had the system converted in no time flat. Unfortunately, the problem was NOT with Diebold.
Once he had the system up and online, we had to get the software with the screens the public sees downloaded to the ATM. We spent about 5 hours on the phone off and on with a programmer from our processor and with a programmer from Diebold. They argued back and forth about whose fault it was, and finally the guy from Diebold convined them to email him the load they were sending us and the load from a working bank so he could compare. The next day I come in to work, the Diebold tech shows up about 20 minutes later (10 minutes earlier than he had told me he would)... and he immediately starts telling me what's going on. Apparently our processor is sending us an imcomplete load for some reason, less than half the size it should be. All that arguing yesterday, and they never actually took the time to check that they were sending us the right thing.
So we have to sit and wait for them to get into THEIR offices and send the correct and working load to our ATM. When they finally do, the Diebold guy finishes up the install by loading the admin card onto the HD, showing the CSR that will handle it how to balance both from the front of the ATM and from the rear screen, and he was done.
I lay absolutely NONE of the blame on Diebold for the incident. He even said that he wouldn't bill us for the hours that he sat around waiting on someone at the processor to fix the problem. Other than a few frame relay outages (not Diebold's fault) and this little conversion incident (again not Diebold's fault)... this ATM has been rock solid. Unfortunately, we can't get one like that anymore, so the ATM going into our new branch is going to be an Opteva running Windows TCS+.
Long story short, Diebold is a large company that sells everything; the cabinets, the actual vault and vault door, our security system and cameras, the ATM, and even the modular frame for the teller line. To dismiss the whole company because of issues that they have with e-voting is unfair and unfortunate. Yeah, I'm the IT guy.... but I've also helped oversee every aspect of both of our new branches, and have yet to find a complaint about Diebold.
Re:Insecurity and Paranoia (Score:4, Interesting)
Can we please start saying "not having an audit trail" rather than a paper trail? While paper is nice and comfortable, it's not exactly reliable, and definitely not easy to back up. While many people say "oh, no, you don't want copies of the election results", in my opinion, considering most counties' election rules don't even allow for revoting, I think the foundation of our kind of government being taken out by a fire at one location, or a flood, is really quite silly. One can definitely imagine some sort of write once, read many medium which is used to store the results. Have the format be open, and the circuitry for the reader be available, and you're fine. You could even make the results available after the election to the public quite easily.
(Note that the argument "need to have something that even Aunt Martha can understand" doesn't hold water with me. Not everyone knows how to read. No matter what, you will cut out a significant fraction of the population by imposing any skill - the problem is not to have everyone be able to see the results, just to have a large enough fraction of the populace able to see the results. How many people could identify a forged paper trail anyway?)
Not having a cryptograpphicly/tamper resistand sound way of ensuring the right software is running
Yah, of course, the correct answer is to not have software running in the first place. Just do it on bare metal, and then no one would worry, because there would be no people like us saying "this isn't safe". Sigh. Why they're using Windows XP Embedded terminals for something that can be done with maybe 4 quad flip flops, I will never understand.
Ditto with the ATMs, as well. Do it on bare metal. Then when you want to improve it, improve the base design, don't reimplement it again. Full-blown computers are for the sloppy.
XP?! (Score:2, Interesting)
The old green screens were the ultimate thin clients. The only code physically at the client end was in the monitor's electronics. It never went wrong because, erm, there wasn't anything to go wrong with. New applications were simply installed centrally et voila. Again, not the sexiest, but super-reliable.
So, to an ex-mainframer like me, the idea of having an ENTIRE XP image at the client end for what is basically a EPOS terminal sounds totally OTT, not to mention hard work - thats a LOT of deployed systems to look after. It wouldnt be so bad if the XP image was stripped down to reduce entropy, or if Microsoft didn't get to dictate it's update/patch/retirement schedule.
Re your OS/2 observation, big blue's desktop disappointment was able to routinely run as a CICS client hence leverage the same fast network and TP applications. The XP ATM is probably using TCPIP via application servers before your data gets to the big iron. Add in the modern prevalence of online banking transactions and you start to see why latency might start to increase.
Also, I imagine modern back-end systems are doing more that just checking/amending your balance these days. Anyone who has had a credit card stopped because they had the temerity to use it on a foreign holiday without informing the credit card company first will know all about that.
Not only that, but (Score:2, Interesting)
That idea... (Score:3, Interesting)
Seriously, though, that wouldn't be cost-efficient. What's the point of including enough storage on every card to hold a kernel when you can still only use that card at an ATM? IMO, a credit card is more like a USB key than anything else: It's just a means of authentication used in accessing the ATM system.
ACTUALLY THIS HAPPENED!!!! see democracy now (Score:3, Interesting)
ALL Diebold machines in florida booted BY DEFAULT to the windows screen not to the voting system software. You have to hold F10 to force them to boot in kiosk mode. Thus You could get back to the windows screen simply by forcing a reboot, no special passwords needed.
To top it off the central database that is used is not protected by an obligatory password. That is the data base has no pasword but the access software has a password. If you use your own non-customized version of Micro soft access you can access it directly. This too happens and is documented. See blackboxvoting.org. search for the King County and GEMS. King count found the diebold software cluymsy so they bypassed in in a real election leaving no password controls and no entry logs and open to all employees with physical or network access
Finally, as was reproted on slashdot a while back, two banking institutions had their XP based diebold machines get the blaster worm. Which is theoretically impossible since they technically are on isolated netowrk not connected to the general network. And yet...
Re:"Progress"? (Score:3, Interesting)
Re:"Progress"? (Score:3, Interesting)
Re:"Progress"? (Score:4, Interesting)
Re:"Progress"? (Score:3, Interesting)
Given what I know about embedded systems, I want an ATM to do as little as possible. What's my logic? First, many embedded systems have no memory protection, or even if they do often the entire functionality of the device is implemented in a single binary, in which case one function can step on another function's memory if a programmer made a mistake somewhere (and we all know that never happens, right?) Second, even if they do have memory protection, you and I both (all) know that it's not infallible. I've had linux panic because of such an error a few times, and windows many. Third, that system is probably newer hardware, which means it's more likely to be cheap crap (ADM3As full of cat hair, and post- many beverage spills are still providing console access to crappy old Unix systems all over the world) and it's running hotter (requires active cooling) and so on. Or put concisely, the hardware is more complex as well as the software. I just had a user with a fairly new celeron-based system lose their power supply fan which cools the whole system. (A gateway E2000 or something like that.) The system doesn't have any thermal protection besides avoiding burning up the CPU, so it just goes ahead and locks up. It would suck if the ad player went into a loop, consumed all the memory on the system, and crashed while your card was in its guts.
Now, I just go ahead and use whatever ATM, but I think that there are several perfectly good reasons to avoid the animated ATMs. The problem is, it's going to be impossible to do so soon enough. Even the mall kiosk ATMs will eventually end up being full color, animated, and so on, because it will actually be cheaper to do so.
Re:"Progress"? (Score:3, Interesting)
>but i am interested in hearing other similar
>stories from folks around the world.
>what countries have you had problems in?
One day I was buying a new motorcycle, and I needed to pull $500 from my account. I visited the Bank of America ATM acorss the street from my office. It chugged and chugged, but only spit out a hundred dollars or so. I freaked. I hauled ass to the nearest bank branch, with only a few minutes to spare before they closed. I had the teller check out my account, and it turned out that the ATM only deducted the amount it had spit out.
I was relieved. And shocked. Just goes to show how much I trust ATMs, that I expected it to withdraw an amount other than what it had spit out.
-Chris
Nothing to see here (Score:1, Interesting)
Re:Not that unusual (Score:2, Interesting)
Bank Error In Your Favor (Score:4, Interesting)
It boggles the mind how bankers could be so indifferent to their money going missing like that. As a programmer, I know that ANY (memory / money) leak of whatever size is trouble on the wing and must be tracked to its source, and it ought to be a matter of course for bankers to think likewise. Competent, honest ones, anyway...
Re:"Progress"? (Score:2, Interesting)
Re:As they should! (Score:4, Interesting)
I treated the guy and his family to a steak dinner at a local steakhouse to show my gratitude. I've rambled on forever, but the moral of the story is that honesty should be encouraged and rewarded.
Re:"Progress"? (Score:1, Interesting)
Re:"Progress"? (Score:5, Interesting)
Re:"Progress"? (Score:5, Interesting)
You sure you didn't get your money back automatically after like 3-5 days? Because these things happen every now and then, ie the ATM fails because some local problem (software or mechanical), you don't get the money, and later you see that the amout has disappeared from your account.
But in (almost) every case, the money is not actually withdrawn, only "reserved" (that's what the banks call it) for a number of days, after which they are "unreserved" and show up on your account again.
I had a similar experience with an ATM in Romania once, the ATM software completed the transaction and then crashed before it handed out the money. Later that evening I connected to my bank account from an internet cafe, and of course - that money had disappeared from the account. I called my bank in sweden to report it, but they just told me that the money was not withdrawn, only reserved, and that it would be back on my account in a few days - which it was, to my relief.
Generally, banking systems (including ATMs and card payment terminals) have good failsafe machanisms that aborts the transaction if it encounters a problem in any little detail along the way.
Re:"Progress"? slightly OT (Score:2, Interesting)
Re:One more, still running Windows NT (Score:2, Interesting)
I only found that out when i went to get money out to pay for petrol, and the armaguards were rebooting it, saw the spashscreen and was most amused.
Apparently it's a common platform for ATM's too.
must more stable than the NT ones (only ever seen one OS/2 crash, seen a good dozen or so NT ones die)
Re:I just don't know whether to laugh or cry! (Score:3, Interesting)
Re:"Progress"? slightly OT (Score:2, Interesting)
It was well known amongst the students that one particular vending machine was slightly mis-adjusted: if you were careful, you could pull a bottle through that area without triggering the coin drop, hence letting you get two or more bottles for the price of one.
My father's record was around 20 or 30 bottles on one payment.
The more things change...
Re:"Progress"? (Score:3, Interesting)
Re:According to a friend... (Score:3, Interesting)
Re:Don't blame Windows! (Score:1, Interesting)
Re:"Progress"? (Score:4, Interesting)
Why did they switch from their cheap, stable, predecessors? Targeted, full-featured advertisements. M$ gave them a deal on the embedded version of their crap OS so the (up-front) cost of the OS wasnt that big of a deal. The project cost as a whole, however, was considerable. At some point someone is going to have to do an ROI analyses to see if it was worth it. As users get charged to go to other ATMs and charged to go to the human teller they are "incented" to use the ATMs no matter how bad they suck or how long they have to wait for them to be repaired. I personally dont bank with who I work for and am happy to pay the fees to any bank that has ATMs that are quick and easy to use, but I am a minority use-case.