Note to any computing device manufacturer still not paying attention:
Sooner or later someone will mess with your machine. When that happens what do you want your product to do?
a. Fail gracefully
b. Blow up a la mission impossible
c. Let college students play music
Apparently it's not bad enough that Diebold's voting machines have been dragged through the press lately. Next stop Diebold ATM machines. Should a purpose build machine really be running an general purpose operating system??
This email from Carnegie Mellon via Dave Farber's IP list:
>From: Carla Geisser <@andrew.cmu.edu>
>Subject: For your amusement: Broken ATM
>
>A Diebold ATM in Baker hall just crashed, and dropped to a Windows XP
>desktop.
>
>Several intrepid students started Windows Media player, and it was playing
>a variety of music with a nice visualizer.
>
>So much for security...
>
>Photos:
>http://www.coed.org/photodb/folder.tcl?folder_id=3334
>
>Movies (with audio):
>http://yogi.pdl.cmu.edu/~cgeisser/photos/
>
Avi Ruben, of Diebold voting machine penetration testing fame writes about his experience as an election judge. Election officals and voters love a new technology that was not designed with a decent threat model.
In other news voting machines in several towns didn't boot up this morning.