https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm

--

Chris Elvidge, England
I WILL NOT FAKE RABIES

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

Am 05.09.2023 um 15:19:14 Uhr schrieb Chris Elvidge:

https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm

And that is called security?
For me it looks like bank's security isn't real security if that can be disabled with a product that can be bought by everyone.

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On Tue, 5 Sep 2023 17:01:42 +0200
Marco Moock <mo01@posteo.de> wrote:

Am 05.09.2023 um 15:19:14 Uhr schrieb Chris Elvidge:

https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm

And that is called security?
For me it looks like bank's security isn't real security if that can be disabled with a product that can be bought by everyone.

Many things can be broken with the aid of a battery powered drill
or angle grinder that anyone can buy.

The article talks about interception or tapping so it sounds like
they managed to tap the link between the ATM and the bank and figure out
how to fake a bank's OK response to the request from the ATM using a Pi to
do the work.

Chances are the bank was depending on the line being secure rather
than using good encryption to provide secure communications over an insecure line.

--
Steve O'Hara-Smith
Odds and Ends at http://www.sohara.org/
Host: Beautiful Theory meet Inconvenient Fact
Obit: Beautiful Theory died today of factual inconsistency

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

Ahem A Rivet's Shot <steveo@eircom.net> writes:

Chances are the bank was depending on the line being secure rather
than using good encryption to provide secure communications over an
insecure line.

Banks have been aware of the need to encrypt communications for many
decades.

In this case:

| According to court records, the three used a device called a
| “raspberry pi” that is plugged into ATMs and deactivates its security
| systems so they could remove the cash drawer.

My guess is they compromised some kind of software-controlled electronic
lock.

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On 05/09/2023 15:19, Chris Elvidge wrote:

https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm

Don't wander around at night carrying a Raspberry Pi or you might be
arrested for "going equipped"!

---druck

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On 05/09/2023 20:52, Richard Kettlewell wrote:

Ahem A Rivet's Shot <steveo@eircom.net> writes:

Chances are the bank was depending on the line being secure rather
than using good encryption to provide secure communications over an
insecure line.

Banks have been aware of the need to encrypt communications for many
decades.

In this case:

| According to court records, the three used a device called a
| “raspberry pi” that is plugged into ATMs and deactivates its security
| systems so they could remove the cash drawer.

My guess is they compromised some kind of software-controlled electronic lock.

My guess is that the ATMs were the on-third-party premises kind. They
are available second-hand in an uncontrolled market, and various online
videos have surfaced showing teardowns - for which some study has
revealed software exploits.




On the subject of ATMs

Funny true story
"The ATM Glitch That Made a Millionaire" https://www.youtube.com/watch?v=m4Fi_a9QATM

--
Adrian C

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

Am 05.09.2023 um 20:52:58 Uhr schrieb Richard Kettlewell:

| According to court records, the three used a device called a
| “raspberry pi” that is plugged into ATMs and deactivates its
security | systems so they could remove the cash drawer.

Why is it possible to plug something in without having to crack a door
open or similar?
Why isn't the software access directly at the hardware secured by a
password?

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

Marco Moock <mo01@posteo.de> writes:

schrieb Richard Kettlewell:

| According to court records, the three used a device called a
| “raspberry pi” that is plugged into ATMs and deactivates its security >> | systems so they could remove the cash drawer.

Why is it possible to plug something in without having to crack a door
open or similar?

Maybe they did crack a door open. The information presented is very
thin.

Why isn't the software access directly at the hardware secured by a
password?

Maybe it is, and the Pi was somehow involved in bypassing that.

Another possibility would be authentication based on some physical token
(e.g. a smartcard) with the Pi emulating it and attacking the control
software via that channel.

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On Wed, 6 Sep 2023 12:50:20 +0200, Marco Moock wrote:

Am 05.09.2023 um 20:52:58 Uhr schrieb Richard Kettlewell:

| According to court records, the three used a device called a |
“raspberry pi” that is plugged into ATMs and deactivates its security | >> systems so they could remove the cash drawer.

Why is it possible to plug something in without having to crack a door
open or similar?

Because the ATM is designed to be installed in a secured room? The only
think anybody needs to enter it for is the stuff more cash into its cash
drawer (or in India, where ATMs typically can accept as well as pay out
cash), to remove incoming cash from its deposit drawer.

Why isn't the software access directly at the hardware secured by a
password?

No need. You typically need a physical key to access the cont of the ATM's
cash drawer(s). Each ATM is run by its own copy of a fairly dumb finite
state machine (FSM), which knows just enough to run its display, handle
the smartcard reader and interpret the punter's key presses. The ATM's controlling FSM is in turn overseen by an ATM network management process running on a bigger box back at head office.


--

Martin | martin at
Gregorie | gregorie dot org

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On Wed, 6 Sep 2023 12:13:50 -0000 (UTC), Martin Gregorie wrote:

On Wed, 6 Sep 2023 12:50:20 +0200, Marco Moock wrote:

Am 05.09.2023 um 20:52:58 Uhr schrieb Richard Kettlewell:

| According to court records, the three used a device called a |
“raspberry pi” that is plugged into ATMs and deactivates its security >>> |
systems so they could remove the cash drawer.

Why is it possible to plug something in without having to crack a door
open or similar?

Because the ATM is designed to be installed in a secured room? The only
think anybody needs to enter it for is the stuff more cash into its cash drawer (or in India, where ATMs typically can accept as well as pay out cash), to remove incoming cash from its deposit drawer.

Why isn't the software access directly at the hardware secured by a
password?

No need. You typically need a physical key to access the cont of the
ATM's cash drawer(s). Each ATM is run by its own copy of a fairly dumb
finite state machine (FSM), which knows just enough to run its display, handle the smartcard reader and interpret the punter's key presses. The
ATM's controlling FSM is in turn overseen by an ATM network management process running on a bigger box back at head office.

I should have added that, at least back in the 90s when I was dealing with
ATM networks and the software that interfaces that network to the
financial system the ATM network is front-ending, the network was
typically using X.25 or SDLC (if connected to an IBM box).

I'd imagine the RPi was being used to emulate an idle ATM while the actual ATM's cash drawers were being emptied: because it would be normal for an
ATM to report access to its cash drawer(s) to the network manager both as
a security check as well as to report events such as the machine running
out of cash to the network operators. The short disconnections while the
RPi was plugged in and removed would typically be reported as network
blips but otherwise ignored because the ATM network protocols are
typically fairly fault tolerant.


--

Martin | martin at
Gregorie | gregorie dot org

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

Marco,

Why is it possible to plug something in without having to crack a door
open or similar?
Why isn't the software access directly at the hardware secured by a
password?

How come you think that neither (door, password) was present ? What's your underbuilding for it ?

Also, what makes you think they "plugged something in" to begin with ? The security-system "hacking" intruders on TV always seem to be using "alligator clip" wires connected to some gizmo they bring with them.

In this case the Pi /could/ have been connected to a dummy bank card (with a thin flat cable) and used to emulate a special kind of smart-card. Who
knows ...

IOW, when thinking about *possibilities*, be carefull not to put them
forward as if they are facts (and /especially not/ post complaints based on such "facts").

Regards,
Rudy Wieser

P.s.
You might like the below link :
https://krebsonsecurity.com/all-about-skimmers/

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

Am 06.09.2023 um 12:49:18 Uhr schrieb Richard Kettlewell:

Another possibility would be authentication based on some physical
token (e.g. a smartcard) with the Pi emulating it and attacking the
control software via that channel.

A good concept of that is that such a card carries information like a certificate or a password, so simply emulating such a card cannot go
around the normal authentication.

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On 05/09/2023 15:19, Chris Elvidge wrote:

https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm

<pedant>

Robbery is stealing something from someone by using force or threatening
to use force.

So it should be "raspberry-pi-used-to-steal-from-atm"

</pedant>

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

"R.Wieser" <address@is.invalid> writes:

Also, what makes you think they "plugged something in" to begin with ?

That’s what the reporting says. Whether it’s accurate or not I can’t
say, but that’s what we’ve got to work with.

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

Richard,

Also, what makes you think they "plugged something in" to begin with ?

That's what the reporting says. Whether it's accurate or not I can't
say, but that's what we've got to work with.

I've read the linked article, and all it says is "nor was it confirmed how
the Pis were used beyond as tools to bypass security somehow". IOW, no "plugged in" of any kind mentioned. For all I know they used it as a wedge
to keep the cash drawer open. :-)

Yes, I did read that article. Though alas, the "EverythingLubbock" link
just shows an "not available in your region" page to me.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On 06/09/2023 18:24, mm0fmf wrote:

On 05/09/2023 15:19, Chris Elvidge wrote:

https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm

OK, all done.

Remember SMS spotting has a per spot cost to SOTA and so it should be
used only when your mobile internet connection is not available at the summit.

73
Andy

How did that get there and not in an email. :-(

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On 05/09/2023 15:19, Chris Elvidge wrote:

https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm

OK, all done.

Remember SMS spotting has a per spot cost to SOTA and so it should be
used only when your mobile internet connection is not available at the
summit.


73
Andy

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On Wed, 6 Sep 2023 12:13:50 -0000 (UTC), in
<ud9qdu$2dslj$1@dont-email.me>, Martin Gregorie
<martin@mydomain.invalid> wrote:

[ snip ]

Each ATM is run by its own copy of a fairly dumb finite
state machine (FSM), which knows just enough to run its display, handle
the smartcard reader and interpret the punter's key presses. The ATM's >controlling FSM is in turn overseen by an ATM network management process >running on a bigger box back at head office.

Really? I had a drive thru ATM reboot on me once, The boot screen said
it was running Windows. Any chance it was a case of a bigger box way
back at the head office rebooting and displaying a reboot screen on
that ATM. Not a chance! The bank was Synovis.
--
Jim H

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On 06/09/2023 13:13, Martin Gregorie wrote:

Each ATM is run by its own copy of a fairly dumb finite
state machine (FSM), which knows just enough to run its display, handle
the smartcard reader and interpret the punter's key presses. The ATM's controlling FSM is in turn overseen by an ATM network management process running on a bigger box back at head office.

That's how they were originally, but these days some run Windows (often
out o support versions) and serve advertising while you try to get your
cash out. They offer the a huge range of world class vulnerabilities
that only Microsoft can provide.

---druck

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On Wed, 06 Sep 2023 18:45:43 +0000
Jim H <invalid@invalid.invalid> wrote:

Really? I had a drive thru ATM reboot on me once, The boot screen said
it was running Windows.

A good many of them were running Windows NT when Microsoft ended support - ISTR hearing the banks negotiated a support extension.

That being said this doesn't invalidate the claim that they run a fairly dumb FSM (flying spaghetti monster) under Windows NT.

--
Steve O'Hara-Smith
Odds and Ends at http://www.sohara.org/
Host: Beautiful Theory meet Inconvenient Fact
Obit: Beautiful Theory died today of factual inconsistency

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On 06/09/2023 13:24, R.Wieser wrote:

In this case the Pi /could/ have been connected to a dummy bank card (with a thin flat cable) and used to emulate a special kind of smart-card. Who
knows ...

When I was working with Richard K we had some pen testers give a talk on
how they discovered how to program a smart card to compromise a mobile
payment terminal. They demonstrated this by making the payment terminal
play space invaders when the card was inserted.

So it's not beyond imagination that a doctored smart card connected to a Raspberry Pi could exploit a vulnerability in an ATM. It them may have
been possible to dispense cash without debiting their own accounts.

----druck

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On Wed, 06 Sep 2023 18:45:43 +0000, Jim H wrote:

On Wed, 6 Sep 2023 12:13:50 -0000 (UTC), in
<ud9qdu$2dslj$1@dont-email.me>, Martin Gregorie
<martin@mydomain.invalid> wrote:

[ snip ]

Each ATM is run by its own copy of a fairly dumb finite state machine >>(FSM), which knows just enough to run its display, handle the smartcard >>reader and interpret the punter's key presses. The ATM's controlling FSM
is in turn overseen by an ATM network management process running on a >>bigger box back at head office.

Really? I had a drive thru ATM reboot on me once, The boot screen said
it was running Windows.

There are several ATM manufacturers, and anyway the models I worked on in
the late '80s and '90s are quite unlikely to be around now. I forget who
made the ATM varieties I was familiar with or what, if any OS, their FSMs
or equivalent ran on: its quite likely that some ATM makes and models ran
under Windows.

Similarly, the ATM network management server which interfaced the
financial system to the ATM network and managed ATM states did the same:
this was the software I mostly worked on in the '90s. It ran on NCR's
Intel 386 boxes under their proprietary UNIX flavour.

Most of the ATM management and interfacing software was C code though some chunks of that was written in MicroFocus COBOL. These ATM networks were
often quite small, with the financial software written in RPG3 (UGH!!) and running on IBM AS/400 midrange kit: I liked the AS/400s despite the RPG3.
They were dead reliable and OS/400 had a really nice scripting language,
they though the standard text editor was surprisingly agricultural: the
current Linux editors (I mainly use gedit and sometimes vi) are far more polished editing tools.








--

Martin | martin at
Gregorie | gregorie dot org

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On Wed, 6 Sep 2023 21:40:10 +0100, druck wrote:

On 06/09/2023 13:13, Martin Gregorie wrote:

Each ATM is run by its own copy of a fairly dumb finite state machine
(FSM), which knows just enough to run its display, handle the smartcard
reader and interpret the punter's key presses. The ATM's controlling
FSM is in turn overseen by an ATM network management process running on
a bigger box back at head office.

That's how they were originally, but these days some run Windows (often
out o support versions) and serve advertising while you try to get your
cash out. They offer the a huge range of world class vulnerabilities
that only Microsoft can provide.

Sure. I haven't touched any of that stuff since 2000, and as I said, even
then I was more concerned with the software managing the ATM network and interfacing it to the financial system it was front ending. Thats where virtually all the client-specific custom code was situated.


--

Martin | martin at
Gregorie | gregorie dot org

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On Wed, 6 Sep 2023 21:48:00 +0100
druck <news@druck.org.uk> wrote:

When I was working with Richard K we had some pen testers give a talk on
how they discovered how to program a smart card to compromise a mobile payment terminal. They demonstrated this by making the payment terminal
play space invaders when the card was inserted.

I like these pen testers, the ones I've known are much less fun
they'd have just had it display "Penetrated" or some such boring result.

--
Steve O'Hara-Smith
Odds and Ends at http://www.sohara.org/
Host: Beautiful Theory meet Inconvenient Fact
Obit: Beautiful Theory died today of factual inconsistency

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

Don't wander around at night carrying a Raspberry Pi or you might be arrested for "going equipped"!

Why on earth would you be going out just carrying a rPi?

---------------
user <candycane> is generated from /dev/urandom

... Send replies to /dev/null.
___ MultiMail/Linux v0.52

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On 06/09/2023 17:59, mm0fmf wrote:

On 05/09/2023 15:19, Chris Elvidge wrote:

https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm

<pedant>

Robbery is stealing something from someone by using force or threatening
to use force.

So it should be "raspberry-pi-used-to-steal-from-atm"

</pedant>

Its more legal than that. Some years ago I was burgled, and they caught
the guys.
For my burglary, it was 'breaking and entering' and 'theft' but when
they did the same to a young woman with a child on the premises that
they didn't know about, the policewoman in charge of my part of the case
wet her pants 'that's robbery with violence - 8 year stretch!'

--
Climate is what you expect but weather is what you get.
Mark Twain

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On Wed, 06 Sep 2023 19:53:56 +1300, candycane@f172.n1.z21.fsxnet
(candycane) wrote:

Your
References:
heasder is missing.
--
HTH

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On Thu, 07 Sep 2023 08:10:45 +1300, candycane@f172.n1.z21.fsxnet
(candycane) wrote:

Your
References:
heasder is missing.
--
HTH

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

druck <news@druck.org.uk> writes:

On 06/09/2023 13:13, Martin Gregorie wrote:

Each ATM is run by its own copy of a fairly dumb finite state machine
(FSM), which knows just enough to run its display, handle the
smartcard reader and interpret the punter's key presses. The ATM's
controlling FSM is in turn overseen by an ATM network management
process running on a bigger box back at head office.

That's how they were originally, but these days some run Windows
(often out o support versions) and serve advertising while you try to
get your cash out. They offer the a huge range of world class
vulnerabilities that only Microsoft can provide.

They’ve been using general-purpose operating systems for a very long
time; I remember one displaying an OS/2 error screen in the mid 1990s.

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

Martin Gregorie <martin@mydomain.invalid> wrote:

On Wed, 6 Sep 2023 21:40:10 +0100, druck wrote:

On 06/09/2023 13:13, Martin Gregorie wrote:

Each ATM is run by its own copy of a fairly dumb finite state machine
(FSM), which knows just enough to run its display, handle the smartcard
reader and interpret the punter's key presses. The ATM's controlling
FSM is in turn overseen by an ATM network management process running on
a bigger box back at head office.

That's how they were originally, but these days some run Windows (often
out o support versions) and serve advertising while you try to get your cash out. They offer the a huge range of world class vulnerabilities
that only Microsoft can provide.

Sure. I haven't touched any of that stuff since 2000, and as I said, even then I was more concerned with the software managing the ATM network and interfacing it to the financial system it was front ending. Thats where virtually all the client-specific custom code was situated.

I think you might be describing the 80s kind which had a 2 line text display (VFD?), whereas everything since has had a CRT or LCD and needed a
'computer' to drive it, and that computer ran some kind of OS (from DOS upwards).

The old type being this kind of thing:
https://en.wikipedia.org/wiki/IBM_3624

Theo

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On 08 Sep 2023 10:01:51 +0100 (BST), Theo wrote:

Martin Gregorie <martin@mydomain.invalid> wrote:

On Wed, 6 Sep 2023 21:40:10 +0100, druck wrote:

On 06/09/2023 13:13, Martin Gregorie wrote:

Each ATM is run by its own copy of a fairly dumb finite state
machine (FSM), which knows just enough to run its display, handle
the smartcard reader and interpret the punter's key presses. The
ATM's controlling FSM is in turn overseen by an ATM network
management process running on a bigger box back at head office.

That's how they were originally, but these days some run Windows
(often out o support versions) and serve advertising while you try to
get your cash out. They offer the a huge range of world class
vulnerabilities that only Microsoft can provide.

Sure. I haven't touched any of that stuff since 2000, and as I said,
even then I was more concerned with the software managing the ATM
network and interfacing it to the financial system it was front ending.
Thats where virtually all the client-specific custom code was situated.

I think you might be describing the 80s kind which had a 2 line text
display (VFD?), whereas everything since has had a CRT or LCD and needed
a 'computer' to drive it, and that computer ran some kind of OS (from
DOS upwards).

The old type being this kind of thing:
https://en.wikipedia.org/wiki/IBM_3624

I don't recall supporting any ATM that primitive or any with IBM stamped
on them. AFAICR they looked remarkably like the ones you currently find at
the front of Sainsbury's and other UK supermarkets, but with rectangular monochrome screens. I can't remember who made them or who supplied the ATM network management software we were customising except that it came from
Texas and most of the ATM networks used X.25 protocols.


--

Martin | martin at
Gregorie | gregorie dot org

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On 08/09/2023 10:42, Martin Gregorie wrote:

On 08 Sep 2023 10:01:51 +0100 (BST), Theo wrote:

Martin Gregorie <martin@mydomain.invalid> wrote:

On Wed, 6 Sep 2023 21:40:10 +0100, druck wrote:

On 06/09/2023 13:13, Martin Gregorie wrote:

Each ATM is run by its own copy of a fairly dumb finite state
machine (FSM), which knows just enough to run its display, handle
the smartcard reader and interpret the punter's key presses. The
ATM's controlling FSM is in turn overseen by an ATM network
management process running on a bigger box back at head office.

That's how they were originally, but these days some run Windows
(often out o support versions) and serve advertising while you try to
get your cash out. They offer the a huge range of world class
vulnerabilities that only Microsoft can provide.

Sure. I haven't touched any of that stuff since 2000, and as I said,
even then I was more concerned with the software managing the ATM
network and interfacing it to the financial system it was front ending.
Thats where virtually all the client-specific custom code was situated.

I think you might be describing the 80s kind which had a 2 line text
display (VFD?), whereas everything since has had a CRT or LCD and needed
a 'computer' to drive it, and that computer ran some kind of OS (from
DOS upwards).

The old type being this kind of thing:
https://en.wikipedia.org/wiki/IBM_3624

I don't recall supporting any ATM that primitive or any with IBM stamped
on them. AFAICR they looked remarkably like the ones you currently find at the front of Sainsbury's and other UK supermarkets, but with rectangular monochrome screens. I can't remember who made them or who supplied the ATM network management software we were customising except that it came from Texas and most of the ATM networks used X.25 protocols.

NCR

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

On Wed, 6 Sep 2023 20:49:30 -0000 (UTC), in
<udaokq$2dslj$3@dont-email.me>, Martin Gregorie
<martin@mydomain.invalid> wrote:

On Wed, 06 Sep 2023 18:45:43 +0000, Jim H wrote:

Really? I had a drive thru ATM reboot on me once, The boot screen said
it was running Windows.

There are several ATM manufacturers, and anyway the models I worked on in
the late '80s and '90s are quite unlikely to be around now. I forget who
made the ATM varieties I was familiar with or what, if any OS, their FSMs
or equivalent ran on: its quite likely that some ATM makes and models ran >under Windows.

The one that rebooted on me and displayed a Windows screen did so
maybe a year ago. If it mentioned what version of Windows, I don't
recall.
--
Jim H

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)