i suppose what surprises me the most is that someone would use windows in an atm. i would've thought it would've been an rtos or maybe a locked down bsd or selinux.
An ATM doesn't need an RTOS. An ATM is a single user, single application system. It needs to respond to the user input more than to hardware connected to the system. What else are you doing that needs real time hardware? What's wrong with waiting for cards to be scanned, envelopes to be inserted, etc.? All that financial transaction stuff is important and time sensitive, but the ATM itself is just a relay for that. It's one step removed from a dumb terminal.
With BSD or SELinux, you've have to pay for Linux/BSD development, pay for Linux/BSD supported hardware and replacement hardware, pay for Linux/BSD support staff, etc. You're giving up commodity staff and commodity hardware. All of that is more expensive initially, and harder to maintain and replace generally, especially if 10 years from now the industry shifts to a new communication standard.
With Windows, you also know the OS itself has already been vetted by the US government (FIPS) and US banks (PCI) and almost certainly by your own government and pretty much everybody else's government. At least, if a vulnerability is found, it's going to affect everybody else, too. Your bank is unlikely to be sued for following industry common practice. So, yeah, running CentOS on Raspberry Pi on the one hand makes a lot of sense, but it's never going to fly past existing regulations. Doing something new is incredibly risky.
Remember, all those blue screens and program crashes that people complain about are almost always because the software or drivers or hardware is faulty, not Windows. The Windows kernel and Windows model might be designed in a way that you personally dislike, but it's not broken or non-functional. You'll experience the same issues on any OS.
I agree with not needing an RTOS and the undesirability of rolling it yourself.
However Red Hat Linux has passed just as many government and banking standards (FIPS, PCI, etc) as almost any other vendor (MS, legacy UNIX), combined with a 7-10 year maintenance cycle (with additional being able to be negotiated, if your the scale of a large bank / ATM vendor). SUSE, Oracle and other vendors could provide the same guarentees and other then having developers understand Linux / Unix.
Why when with Windows you can leverage all your banks existing technology and security (including update) policies? CE was(is?) on an enormous amount of systems that you might expect to be an rtos. Windows might not be my first choice now, but in the context of "industrial computer" 15 years ago I would hardly call it a poor choice. Also who is doing the long term maintenance/security auditing on a bunch of custom hardware and os in a bunch of atms all over the world.
Windows embedded/CE was (and still is to some extent) very popular for embedded systems with a GUI, such as ATMs, POS systems, PLCs, graphical medical devices, etc. Microsoft even sold an SKU called Windows Embedded POS/POSReady
For headless non-GUI systems windows is/was much less of a contender, RTOS is more likely
Good thing it's not typically a consumer version! If you watch one reboot (or other applications like store POS systems) you can see that it is Windows XP embedded, or nowadays sometimes Windows 7 embedded, which is decidedly NOT a "consumer" oriented OS
It really depends on the vendor. Big names are at least careful enough to do that. The bottom of the barrel white-label vendors often don't care. I wouldn't be the least bit surprised if some of those Windows installations are using pirated keys.
It's perpetually concerning how bad the state of systems like this is. A grocery store near me recently deployed a brand new set of self check-out counters...running Windows XP.
Amusingly the credit card/debit card reader is running Linux and shows the old-school penguin image on boot.
I enjoyed seeing Tux on the boot screen of a seat-back in-flight entertainment system recently. And was also amused to see startup sequences for things like MySQL and postfix scroll by.
I remember when ATMs ran basically plain text terminal software and you had to drive to a bank to get one. It was a real blessing when ATMs started to show up in shopping malls.
With BSD or SELinux, you've have to pay for Linux/BSD development, pay for Linux/BSD supported hardware and replacement hardware, pay for Linux/BSD support staff, etc. You're giving up commodity staff and commodity hardware. All of that is more expensive initially, and harder to maintain and replace generally, especially if 10 years from now the industry shifts to a new communication standard.
With Windows, you also know the OS itself has already been vetted by the US government (FIPS) and US banks (PCI) and almost certainly by your own government and pretty much everybody else's government. At least, if a vulnerability is found, it's going to affect everybody else, too. Your bank is unlikely to be sued for following industry common practice. So, yeah, running CentOS on Raspberry Pi on the one hand makes a lot of sense, but it's never going to fly past existing regulations. Doing something new is incredibly risky.
Remember, all those blue screens and program crashes that people complain about are almost always because the software or drivers or hardware is faulty, not Windows. The Windows kernel and Windows model might be designed in a way that you personally dislike, but it's not broken or non-functional. You'll experience the same issues on any OS.