|
No, this homework assignment:
Marc Clifton wrote: that magically empties out all the cash
|
|
|
|
|
Marc Clifton wrote: And, as bonus question, would you recommend to your manager that you have an independent review of the code to make sure some back-door didn't creep in that magically empties out all the cash???
That depends if you're absolutely sure you never want to use that door or not.
Some men are born mediocre, some men achieve mediocrity, and some men have mediocrity thrust upon them.
|
|
|
|
|
Quote: How far would you trust open source
I think you always have to keep in mind where the source came from (legitimate sources like RedHat or Canonical) but it's also really important for your developers to understand the code, not just copy it and call it a day. Probably the biggest mistake I've seen people make over the span of my career (as to security) is copy and paste without understanding what that code does.
Quote: The operating system (would you use Linux?)
Of course... Linux is already one of the most widely used operating systems for embedded systems. The government uses it quite extensively as well.
|
|
|
|
|
I NEVER use any open source unless I can review the code myself.
If it's not broken, fix it until it is
|
|
|
|
|
The line would be drawn at any non-validated code, and it would take quite some time to validate a small linux distro.
..but without it, one could hardly give any guarantees on what the software actually does.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
If you didn't write it yourself you would need to test the heck out of it to;
1) Make sure it does what's needed
2) Security, Security, Security...
3) Is it stable
And working up the list...yes I would definitely use Unix, Linux or a derivative!
New version: WinHeist Version 2.2.2 Beta tomorrow (noun): a mystical land where 99% of all human productivity, motivation and achievement is stored.
|
|
|
|
|
I would trust these standard software components, if there have a sound source and are professionally maintained. I would consider making some maintainance support with the originators.
An indepedent code review is absolut necessary for all code above these standard components.
I separate between the foundation software (OS, database, tools) and the specialized software (which runs the transactions and encryption). The software which has confidential data is at risk. Take care about the encryption ie the keys.
Press F1 for help or google it.
Greetings from Germany
|
|
|
|
|
Is this the machine or processing server? Most ATM's are/were running on Windows and only have point-to-point connection with the server and it is the server, that communicates with the other banks, that can be a possible vulnerability. From memory the PIG defines the parameters within which the ATM should be working. All nodes on the network have an encryption key and unless the server can recognise that device there is little room to fake your way in. I haven't worked on retail for a few years but if you've got any questions ping me and I'll do what I can to clarify.
veni bibi saltavi
|
|
|
|
|
One of my most traumatic memories was created when I walked up to an indoor ATM for my bank, and it was in a continuous reboot cycle. I recognized what was going on; the ATM software ran under OS/2. Whoever wrote the application filled OS/2's CONFIG.SYS file with entries for every possible device driver, most of which failed. One of the failures was causing a hardware reset, which triggered the continual reboot.
Awe-inspiring, to say the least.
Software Zen: delete this;
|
|
|
|
|
Stockport Council, apparently[^]!
I am not a number. I am a ... no, wait!
|
|
|
|
|
Terry Pratchett, apparently[^]!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
The correct spelling is Pterry, or Sir Terry Pratchett BM*
* Blackboard Monitor
veni bibi saltavi
|
|
|
|
|
What are you doing being able to type at this time on a Friday night?
Gordon's delivery tanker broke down?
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
Mrs Wife is out and I'm working a wee bit late...
veni bibi saltavi
|
|
|
|
|
Try this: "Quis custodiet ipsos custodies?", Decimus Iunius Iuvenalis, Satire VI
"I had the right to remain silent, but I didn't have the ability!"
Ron White, Comedian
|
|
|
|
|
|
Vunic wrote: I never understood what makes them scream for these creatures which is apparently not going to kill them
Well that is the definition of a phobia, it is irrational, a response out of proportion to the danger.
Although people screaming at small insects and such like almost always isn't phobia at all, just an aversion.
Some men are born mediocre, some men achieve mediocrity, and some men have mediocrity thrust upon them.
|
|
|
|
|
Yeah but I could never understand that until I bumped on this trypo one. damn !
Starting to think people post kid pics in their profiles because that was the last time they were cute - Jeremy.
|
|
|
|
|
I've never understood people who say they can't understand this or that mental disorder. You're not supposed to understand, if you did then you would have it.
Now you have it, you understand.
Some men are born mediocre, some men achieve mediocrity, and some men have mediocrity thrust upon them.
|
|
|
|
|
I never understood people who says they've never understood people who say they can't understand this or that mental disorder.
Now you heard me, now you understand.
Starting to think people post kid pics in their profiles because that was the last time they were cute - Jeremy.
|
|
|
|
|
Nope, still don't get it.
A mate of mine always posts on Facebook after some hideous crime against children "I can't understand how anyone could do this". Of course not you fool, if you could understand how to murder small children then would be the time to worry, not now when you cannot.
Some men are born mediocre, some men achieve mediocrity, and some men have mediocrity thrust upon them.
|
|
|
|
|
It's just an expression. You shouldn't take it literally.
Starting to think people post kid pics in their profiles because that was the last time they were cute - Jeremy.
|
|
|
|
|
Herself does that as well: asks me "how can he do something like that?" and I'm all "how the elephant should I know? Am I a serial child murderer and don't know about it?"
I can understand that it upsets her - she likes Other People's Children a lot more than I do even if she's never been within a hundred miles of anyone they knew - but am I supposed to understand the demented?
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
OriginalGriff wrote: am I supposed to understand the demented? Well, you're a developer, right? Dealing with clients, right?
Anything that is unrelated to elephants is irrelephant Anonymous
- The problem with quotes on the internet is that you can never tell if they're genuine Winston Churchill, 1944
- I'd just like a chance to prove that money can't make me happy. Me, all the time
modified 19-Feb-16 8:06am.
|
|
|
|
|