Am I the only one who thought this article reads like an ad for the spyware software?
It name drops them, advertises them (see quotes below) and even includes screenshots of their website (with the product for sale) in the article...
>> pcTattletale develops spyware apps for Android and Windows and both apps require physical access to a target’s device to install. pcTattletale provides its Windows spyware app as a one-click download that can be installed in a few seconds, according to TechCrunch’s own tests and analysis of the spyware.
>> pcTattletale also offers a service called “We Do It For You,” which the company says will help install the spyware on the target’s computer on the customer’s behalf.
But it also mentions a seemingly basic security flaw that allows anyone on the internet to view the screenshots it takes, so it's not a glowing review.
I supported Aloha about 20 years ago, which back then was probably the most popular/common POS system used at every bar/restaurant/store. If you saw a bubble moving around as a screensaver on a POS it was probably Aloha.
They had the cashier systems which were all Windows (NT, 95, XP, 2000) then a back of house "server" which was the same. The front end systems were in kiosk mode so unless you knew how to minimize/exit Aloha you couldn't access it and trash the system.
But the BOH systems.. Man oh man. The amount of trash, spyware, viruses, etc that the Managers would wind up getting on those systems was wild. Sometimes I'd remote in and there'd be porn. Just complete computer luddites doing whatever they want in the managers office on these things. It always frustrated me that these weren't Linux/bsd systems .. but we wouldn't make money fixing them if they were I suppose. IIRC Hardees was ancient Windows NT and it used IPX networking. I hadn't used IPX networking since I was maybe 8 years old trying to play Warcraft on a LAN, this was around 2003.
I don't remember any places having networked connections to a corps other stores so we'd just wipe those systems, charge them a fortune, pay me a penance and move on and probably have to come back 6 months later to do the same thing. There MAY have been a few corps that had VPNs to "hq" to send reports to but I barely remember and if there was it wasn't many.
Anyway, no idea what system Wyndham is using but this article comes off as some super secret conspiracy to get this app installed. I guess there's the potential for that but.. It could also have been some tech ignorant BOH staff diddle daddling while "doing numbers." I really doubt it's that deep.
Maybe it was specifically targeted at Wyndham, I don't think Hooters Corporate or Outback Systems International (back then) were ever targeted vs just someone doing stupid things. Those were my biggest clients by far.
We did not have "Security" people. We were pretty much a call center of people who somewhat knew sysadmin work (nowhere near a real sysadmin) so things were definitely not locked down as they would be in a production server environment. Hell, I was 18 and it was my first "tech" job.
This was back when credit cards didn't have chips, if you scanned a credit card in an EDC swiper all it did was literally dump the CC number, date, CVV as a keyboard output. If you opened notepad.exe and swiped a card it filled in the card details in notepad. The POS just filled it in in its CC form. You could easily grab card numbers if you knew what to do. I don't think any of this was encrypted and the purchases were all stored in a batch txt file until the managers pushed their batches through at night to actually charge the cards. I had some clubs in Miami that would have $100k+ in batches to run every night. One of the most common problems I Had to fix was a log of CC entries with corrupt text causing the EDC push to fail. So we'd open the log and delete that purchase.
I have no idea how people are skimming cards nowadays with chips.
>> pcTattletale develops spyware apps for Android and Windows and both apps require physical access to a target’s device to install. pcTattletale provides its Windows spyware app as a one-click download that can be installed in a few seconds, according to TechCrunch’s own tests and analysis of the spyware.
>> pcTattletale also offers a service called “We Do It For You,” which the company says will help install the spyware on the target’s computer on the customer’s behalf.