[lawl]

They should probably hire some people from microsoft's xbox department, or sony's playstation department.

A lot of money has gone into locking this hardware down, and I think for the xbox 360, which was released in 2005(!) there is still only one hack they couldn't solve with a software update, and that's soldering to the CPU and glitching it on a specific compare instruction.

I would bet, this "sophisticated malware" is a lot more trivial than glitching the CPU on one specific intruction and having to take a soldering iron to the ATM, then fiddling trying to get the timing exactly right.

Building a chain of trust and authenticate commands to the cash dispenser really shouldn't be an issue.

Really, just put a fucking xbox in these ATMs. Lots of people attacking those while being able to do whatever they want to the hardware with limited to no success. (I don't think anyone has managed to open up the xbox one?)

[ilikeATMs]

The problem with hardware lockdown is that at the end of the day x-boxes and PlayStations are only interacting with a screen to display media.

ATMs on the other hand are designed to interact with physical hardware that sucks money up and spits it out. Locking down the operating system is easy, but if the hardware is controlled by serial interfaces then you've got a weak point there unless the serial interfaces are encrypted (spoiler, they are not!). To encrypt them you'd need to put something at the OS side and something at the hardware (pneumatics/motors) side and ensure they aren't accessible (ie, located inside the safe part of the ATM). Its not impossible to do, but I somehow doubt they'll do it anyway.

[lawl]

> Locking down the operating system is easy

No, it's not. Look at pretty much every console ever made except for the xbox 360/one.

> unless the serial interfaces are encrypted (spoiler, they are not!)

Yeah and that's obviously a problem. Nitpick though, the interface doesn't need to be encrypted, messages just need to be authenticated. Confidentiality of these messages isn't really important since you'll see the cash comming out, and you actually probably need some kind of challenge/response protocol to avoid replay attacks.

But you want them authenticated by a key that is very difficult to get out of the thing controlling the cash dispenser/serial/whatever. Which is why I said put a gaming console inthere, millions of dollars have already been spent, and are still being spent making sure nobody is getting secret keys out of them, even with full access to the hardware.

> To encrypt them you'd need to put something at the OS side and something at the hardware (pneumatics/motors) side and ensure they aren't accessible (ie, located inside the safe part of the ATM). Its not impossible to do, but I somehow doubt they'll do it anyway.

Well no, that's the point. You only need to make sure the pneumatics/motors only take authenticated commands, and that nobody can mess with those. For the OS side you piggy back off console security.

[Cyph0n]

Another field where security is taken very seriously is cable TV boxes. You'd be surprised how much work goes into securing them.

[kabdib]

Microsoft and Apple have put a lot of thought into the security architectures of their consumer hardware. I've made this exact argument before -- just put the ATM app into a console title. It's the most secure hunk of readily available computing hardware, right off the shelf at Target.

But breaches happen, and lead to lawsuits, and I can just imagine trying to impress a jury about the security of your ATM while the other side cracks jokes about gold coins in Super Mario and speculates about your low Halo ranking.