Linux May Succeed Windows XP As OS of Choice For ATMs 367
Dega704 sends this news from ComputerWorld:
"Some financial services companies are looking to migrate their ATM fleets from Windows to Linux in a bid to have better control over hardware and software upgrade cycles. Pushing them in that direction apparently is Microsoft's decision to end support for Windows XP on April 8, said David Tente, executive director, USA, of the ATM Industry Association. 'There is some heartburn in the industry' over Microsoft's end-of-support decision, Tente said. ATM operators would like to be able to synchronize their hardware and software upgrade cycles. But that's hard to do with Microsoft dictating the software upgrade timetable. As a result, 'some are looking at the possibility of using a non-Microsoft operating system to synch up their hardware and software upgrades,' Tente said."
Re:What about OS/2? (Score:4, Interesting)
It was, before the ADA required banks to replace any ATM that could not handle audio integration. That was about 2-3 years ago. OS/2 typically could not handle the hardware upgrade necessary for the required audio. The banking industry paid millions, maybe billions, to upgrade tens of thousands of ATMs. Diebold, NCR and Hyosung made out like bandits.
Re:Here's what I don't get (Score:3, Interesting)
XP embedded was the OS of choice after OS/2. Turns out the bankers wanted to know why, if they're paying the same price, they're not getting XP Pro. It's really that simple.
It was never a question of "can we install Linux or Windows 7 or BeOS" - it's basic Intel hardware.
The reason XP is still on the ATMs and not Win7 is due to the banking industry and PCI regulations - it costs hundreds of thousands of dollars to make a simple change to the ATM and get it certified by the banking industry and prove that it's still PCI-compliant in order to work with 3rd party transaction processors who perform the actual ATM transactions. Most banks don't to that themselves.
There's one other big reason - the industry requires that each ATM have a HAL that implements a well-known, well-defined interface so the higher level software from any vendor will work on any other vendor's ATM. The HAL is big technical piece that has been in development by each vendor for years. Re-writing that from scratch to support Linux isn't trivial.
Well Duh... (Score:5, Interesting)
Why an ATM was hosted on XP in the first place is beyond me. I suppose you dance with the one who brought you and banks are solidly Windows shops, but using XP for a device where security and reliability is paramount seems like a bad choice, at least in hindsight. I suppose in the depths of the XP heyday, when the base design decisions where being made, Linux was a decidedly hit and miss affair (mostly miss). X support was spotty and other devices had limited support. I remember the heady days of installing slackware and configuring video card and monitor by editing that text file. XP must have looked pretty good.
Now, ATM venders are faced with having to port everything to newer versions of Windows, which forces them into more expensive hardware (faster CPU's, more memory, greater drive space, modern video hardware etc.). This in the face of being able to keep using the old proven hardware, put Linux on it and get another decade or two, not to mention control of your own destiny because the source code is available and free. You are going to pay to retool to Linux, but you get to step away from Microsoft license fees. It's a long term gain, short term loss.
Maybe they will make the right choice this time? Who are we kidding... You KNOW that Microsoft has pulled out all the stops on the Redmond FUD machine and would gladly cut some "deals" to keep these guys on the hook and make Linux look less desirable in terms of ROI.
Re:heartburn in the industry? (Score:5, Interesting)
They originally chose XP because it had a much lower cost of entry than anything else, and I'm not saying that as a Linux hater - yes, you do get the source to do with as you may, but that means hiring developers who know how to do something with that rather than just hiring VB developers. Low start up costs versus less control over your long term environment. But that wasn't an immediate problem when the EOL date was a decade off.
So now, a decade on, they are reaping what they sowed.
Re:possibility...some... (Score:5, Interesting)
I've seen XP on some ATMs, not XPe, although it does get annoying when an ATM is down due to an XP activation screen.
The ATM industry needs to stop being pennywise and pound foolish.
Instead, they need to design their platform once, do it right, then as time goes on, add a UI refresh every so often so the cute cartoon characters get a facelift every year or two.
Were it up to me with ATM design, I'd probably charge off a quarter profit to do the architecture right, then once done, pretty much coast from there.
First, I'd give a lot of consideration to QNX. ATMs are not really needing a RTOS, but QNX has an excellent reputation for security (with decent government certifications to back that.) From there, add a TPM chip, userland, and the application. Done right, someone plugging in an unauthorized USB flash drive won't be able to do as much, compared to XP with AutoPlay/AutoRun turned on.
Linux is also a good choice. One could go with a full userland or an Android style userland, both with SELinux to minimize damage. Linux may not have the C2 cert that QNX does, but it will hold its own in security, if done right.