On Sun, 2014-10-12 at 19:54 -0400, DrFranken wrote:
So my question is could you, would you, create a retail terminal that
does NOT use Windows? Could you do it with IBM i? Or have you already
done so!?
Conceivably you could have the retail application reside on a Linux, or
Mac, box "terminal", but that would be time consuming for any vendor to
rewrite their application or GUI front end depending on how separated
the UI was from the "back end &/or front end validation" and what it was
originally written in, most likely MFC and C++.
Also lets not forget that "terminal" is such a miss-used name, in
reality they are most likely full blown computers pretending to be dumb
cash registers, with the added problem that the chip and pin systems are
also much more than the tiny reader/keypad most people see... then add
in the fact that a lot of cashpoints are nothing more than a windows PC
in a hardened shell doing all the work over the internet, although my
local "corner shop" works using dial up (and I assume, a direct call to
the processor, not via the internet) and things become even more scary.
On the above, seeing an old cashpoint running doom also sugests that its
not impossible to get hold of cashpoints, so with time and effort I'm
sure it would be possible to work out some crack where a cashpoint could
be exploited with a malformed card or possibly be tricked into
maintenance/service mode.
I would also say, its doesn't really matter what the OS is as when/if
Linux or Mac gains more traction on the desk top, especially the home
user market (1), it will also attract more attention from virus writers
and crackers and the SSL and Bash bugs have shown its not as immune from
problems as we, linux, "users" thought.
(1) The new Steam OS might possibly be the kicker here, if/when it takes
off Linux will be able to play games and depending on how many new or
high market share games it supports its likely that more people will
take up Linux, expecially "the kids" (and I use that term very loosely)
as if the must have game also runs on a steam box, it won't take them
long before they realise that it will run even better on their pc if
only they put "Steam Linux" on it and bring the PC's higher powered
hardware into the mix.
Also just how secure/un-hackable is the i? We have long known about its
memory protections and how programs can't access the memory space of
other jobs, or how LPAR's (of which I know very little) can isolate
whole systems from each other... but IBM can ignore such concepts and
ideas in its "OS" programs, so just how hard would it be to use MI
and/or C to pretend to be an IBM supplied program, running in IBM
"space," with all the power over the whole system that would mean also
what about the more common problems of buffer overruns or pointer
errors, we already know of a "Bug" where long parameters supplied with
short parameters in the caller, or via a command such as SMBJOB, means
data gets muddled/is in an inconsistent state.
--
- Larry "DrFranken" Bolhuis
www.frankeni.com
www.iDevCloud.com
www.iInTheCloud.com
Jon
As an Amazon Associate we earn from qualifying purchases.