
End of Windows XP support puts 95% of world's ATMs at risk - antonius
http://www.ft.com/cms/s/0/300c8788-abcd-11e3-90af-00144feab7de.html#axzz2wVvCiyI2
======
eli
The entire premise of this article is simply wrong.

ATMs run Windows XP _Embedded_ , which will continue to be supported at least
through 2016 (if it isn't extended again.)

~~~
vertex-four
Some do, some don't. I've definitely seen ATMs which run standard XP (and more
that run OS/2...).

~~~
eli
I'm sure that's true (and Linux and Windows NT etc), but the headline and lede
of this article strongly suggest that 95% of ATMs run a Windows OS that will
be lose support next month. That's just not true.

(And frankly, I'd be a little suspect of any numbers sourced from a company in
the business of upgrading old ATMs.)

~~~
leoc
This article [http://www.theinquirer.net/inquirer/news/2334577/banks-
negot...](http://www.theinquirer.net/inquirer/news/2334577/banks-negotiate-
extended-windows-xp-support-for-atm-systems) suggests that the problem lies
(at least partly) with other bank computer systems which are running vanilla
XP rather than the ATMs themselves which may be on XP Embedded, and that it is
a substantial problem, with big UK banks apparently cutting special deals for
extended support. EOLing WinXP seems to have turned out to be a nice little
source of revenue for Microsoft...

------
badman_ting
Story: "End of Windows XP support puts 95% of world's ATMs at risk"

Not a story: "Tons of crazy people who have the means to do otherwise are
deploying machines that handle money with a 10 year old operating system"

~~~
Retric
New in no way means secure. I would find it far more shocking if people used
windows 8.1 for ATMs.

PS: Also, Windows XP embedded is still supported till 2016 if not longer so
while companies need to have a plan in place for upgrading it's not necessary
right now.

~~~
013
But, there's a small gap in-between bleeding edge and end of life.

~~~
omh
In all seriousness - with modern software, there can be all too small a gap
between bleeding edge and end of life.

A piece of software might be supported for 5 years. But perhaps it's 4 years
into that period before the new version is available and considered stable
enough to use. That gives you less than a year during which you _have_ to
upgrade - including any other changes, integration testing etc.

------
mschuster91
If you're doing stuff The Right Way, you don't wire them up to the public
internet, but instead put a VPN router/gateway between ATM and internet uplink
to keep out fucktards messing with the internet uplink.

This way, you could run Win98 SE on the ATMs and need not worry about hackers
(if your networks are properly firewalled, at least!).

~~~
midas007
I resigned in protest an FTE job at Stanford because this was the exact
scenario that was proposed (s/ATM/cash registers, swipe terminals/g). From VPN
on a private network to a proposal to internet IPs. No f-ing way.

~~~
scuba7183
Wait, they were going to give POS terminals public IPs?

------
chrisBob
Do ATMs get the updates anyway? If I had a computer that does one job, and
connects to one network with one modem, I don't think I would put it on the
internet just to get windows updates.

Does anyone know how this works, or if they actually get the security updates
now?

~~~
jzwinck
Right, you would mostly just want to deliver via your private network those
updates related to user input. Vulnerabilities in file sharing, TLS, WEP, none
of that will matter to an ATM. Oh, and perhaps an update to handle the year
2038 if you have a Unix backend. :)

------
izzydata
If win8 can run programs in compatibility mode for winXP what is possibly
being run on these ATMs that can't be run on an updated OS? Also I don't think
the fact that winXP has "support" makes the ATMs more or less likely to be at
risk.

Also can people stop posting links to articles that immediately have popups
that try and sell you some stuff and doesn't even let you view the article
without signing up for some nonsense?

~~~
mschuster91
If you're unlucky, the computer handles interfacing to the ATM equipment (cash
transfer motors, bill detection, servos, fill-level detection, etc pp) with a
custom PCIe card... which you need a driver for.

And we all know how compatible ancient drivers are with newer Windozes.

------
wil421
I have problems with the 95% figure. Currently I work for the biggest player
in the ATM game and every ATM I have seen in our lab has been running windows
7. I am not saying we arent running a crap ton of legacy ATMs but I would say
many of our ATMs are running Windows 7 especially if they are for a new
customer.

We have ~25% of the ATM market so I think 95% is very skewed, the other
players should at least have some ATMs off XP.

------
bcsmith
Those ATM's will be no more at risk in a few months than they are today, or
have been in the past...

Just because the updates stop, doesn't mean the OS is going to start
crumbling.

------
midas007
EMC SANs used to run XP Embedded.

Maybe a microserf would know better, but doesnt XP Embedded have Win CE and XP
lineages?

------
finalight
even with supported XP, the ATM will still have problem

for example, my ATM machine downstairs can crash twice a day, and each crash
can take hours to resolve; usually the technician never come on time or he/she
never even bother to come

------
nodata
No, bad planning puts them at risk.

