Thanks Mark for sharing your experience :) On 3/3/07, mark navarro <[EMAIL PROTECTED]> wrote:
all the machines under our care are either running msdos (old text only display machines) and mswindow (newer graphics based machines).
DOS-based ATMs (not necessarily MS-DOS) are pretty much reliable. Why? Because you are only dealing with the DOS kernel and low-level DOS drivers. That's it. You can very much compare DOS with the Linux kernel and DOS is almost there. DOS did not have a distro that comes complete with drivers and such so you have to fend on your own. But I built a DOS-based network as an experiment way back in 2002 using DM9PCi (CNET LAN) and connected to a Windows 2000/XP network. But I had to install and autorun a DOS-based TCP/IP stack and DOS implementation of the NET tools (not the dot NET). Then surfed the internet using Arachne graphical DOS-based browser. It was running perfectly. No Win32 viruses :)). I even made that DOS box into a DOS-based webserver and ran it for 1 week with 0 downtime. Botp encountered an embedded DOS-based elevator in Manila once. He knows the story :) Regardless, I cannot say the same for Windows-based ATMs. I was already able to mention once XP-based ATM machine at a local bank in Velez that performed and illegal op.
and i dont think it can be hacked from using the keypad alone. think of the keypad as the num pad in our ordinary keyboard. they only took away the rest of the keys but the encoder chip remains the same. you can only input the numbers when asked. no equivalent keys for cntrl, alt, shift, tab, etc. just a few function keys for the user to choose an option. what can you do with numbers keys w/o those special keys?
Recent ATMs _are_ hackable. Provided you have the first hand information on the "backdoor" for the embedded system for when you need to access the system without opening the rear or side panels of the ATM. DOS-based ATMs on the other hand are different. You really need to "patch in" since the DOS systems is very fixed. Win-based ATMs have "shortcut keys" all over the place. :) I think I've said enough about it. Don't want to increase the number of ATM crackers out there do we? :D well, maybe im wrong. i saw a movie once upon a time...d.a.r.y.l...
implanted w a micro chip in his brain, he thinks like a computer and can even command a computer to do his bidding like an atm dispensing everything with only a few keystrokes. but contrary to this, atm nowadays can only dispense so much in a day. it has a guaranteed (and almost) fail proof bill dispensing counters and mechanism. it cannot dispense more than the preset amount w/o triggering a failure alarm after w/c the machine freezes and inform the bank officer in charge of its status. response time is almost immediate depending on the error given (atm's have very high priority level) even during night time except when no money is left where it will only be replenished during banking hours for security reasons.
I agree on this Mark :). However we also have to put into consideration that not all ATM manufacturers put security triggers on their machines :).
this is what i know from years back. maybe somebody can pull it off nowadays. you can try but chances are you'll fry pag nasakpan ka. try and try until you die? hehehe
Ditto. Again, possessing the knowledge doesn't give one the right to execute or perform the act nless it is in a controlled environment (plus legal permissions). Regarding non-MS powered ATMs, it has changed considerably. Linux-based ATMS are already in use. http://www.linuxtampa.com/results.php?lang=en - made one of the first ATM machines in 1999 http://www.linux.org/info/linux_industry.html - a list of linux users in the industry. Note: Barisul is using Linux-based ATM http://www.novell.com/success/america_first.html - Novell conducted an experiment with America First for its Linux-based ATMs with authentication to eDirectory, Identity Manager, and ZENworks. http://www.linuxjournal.com/node/4303/print - LinuxWorld's list of companies on Embedded Linux http://www.freepatentsonline.com/20030046231.html - free patent stating the use of Linux on ATMs Feast on it! -- "A dog that has no bite, barks loudest." Registered Linux User #400165 Subscribed to: LARTC, Open-ITLUG, PRUG, KLUG, sybase.public.ase.linux
_________________________________________________ Kagay-Anon Linux Users' Group (KLUG) Mailing List [email protected] (http://cdo.linux.org.ph) Searchable Archives: http://archives.free.net.ph
