

Banks running outdated ATMs to pay Microsoft to support old versions of Windows - miralabs
http://www.chicagotribune.com/business/sns-rt-us-banks-atms-20140314,0,7225078.story

======
codegeek
Not surprised. You can pretty much say this as a generic statement.

"<BigCorp> running outdated <some_software> to pay <BigVendor> to support old
versions..." And this will apply to a _lot_ of the Big Cos. Lot.

It is painful, bureaucratic and an absolute nightmare to change things at this
level. But to be fair to big companies, change is not always easy and the cost
of making an "incorrect" change can be very expensive and further more
expensive to rollback.

I work for a very big I-bank and most of the projects I am involved with are
multi-year. They take 1+ year to implement and pretty much most of the times,
we hardly have solid rollback plan. Yes, I said it. It is more like "we have
to put this in production after this many years and this much dollars spent.
Let's roll this shit out and we will have a SWAT team ready to handle any
fallouts"

------
DrJokepu
I mean I don't know much about ATM operations but why would you ever base an
ATM on Windows? I mean Windows has it's strengths but surely it's quite
possibly the most inappropriate operating system to run an ATM.

~~~
bsder
Probably because Microsoft paid to run Windows through all the necessary
certifications to be classified as "safe for monetary transactions" and nobody
else did.

So, I suspect that the system designer had a choice of "Windows, and bank the
money in 12-18 months" or "Anything else, and spend 12 months and a lot of
money _possibly_ getting certified _and_ spend 12-18 months developing".

We call that decision a no-brainer, my friend.

~~~
sentenza
I think this is one of the major weaknesses of our economies. Should there
ever come to be a "hot cyberwar" with one nation-state firing off all they've
got against the infrastructure of another, then a lot of the security-by-
certification stuff out there will fly in our faces.

You can never be sure you're secure, no matter what a company that you pay a
lot of money tells you. Even moreso, considering that in case your certified
system blows up, you will probably not get any money in damages, because the
certifying company could well go heads up if the attack is wide-spread enough.

------
mclarke
"Windows XP currently supports around 95 percent of the world's ATMs."

Sweet fancy moses. Shameless plug: if you want to do something about the state
of tech in the financial industry, join us -
[https://jobs.lever.co/standardtreasury](https://jobs.lever.co/standardtreasury).

------
protomyth
This shouldn't surprise anyone in the industry. It is more the norm that
certain segments of software need to last a long time. This is one of the
arguments that we need to switch to a 64-bit time in embedded systems now
since the embedded systems being deployed today will probably be still in use
in 2038.

------
TazeTSchnitzel
Why would you run a desktop OS on an ATM?! Heck, if you must use XP, why not
XP Embedded? I don't get it.

~~~
MetaCosm
I suspect the article is just clueless, it was my understanding (might be
incorrect) that it was almost all XP Embedded, which has support through 2016.

------
mathattack
My bank made the switch. The new OS is notably slower.

