× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. October 2014

Re: Retail Terminal with NO Windows

On 10/13/2014 01:02 PM, Nathan Andelin wrote:
So my question is could you, would you, create a retail terminal that does
NOT use Windows? Could you do it with IBM i? Or have you already done so!?

Yes. We wrote, offer, and support a POS application for school-lunch
cashiers. The magnetic stripe reader is just an alternative to keyboard
input. The POS terminal is just a web browser, which runs on i/OS, Android,
Mac, Linux, in addition to Windows.

The back-end is written in ILE RPG.

At first, I wondered if you were asking about attaching a magnetic stripe
reader to say a USB port on a Power System, running IBM i. I couldn't see
the point of that.

Nathan.
Off topic but this is a pet peeve for me... Hopefully it's okay because it's relevant.

The problem with the various Windows POS hacks going on is not windows (not that windows isn't a huge problem). Any OS has vulnerabilities. I can all but guarantee IBM i enjoys rich security through obscurity. Nobody is trying desperately to find holes. The various POS systems out there are not thoroughly cut down and properly secured devices. This is the fault of both the merchant and the integrator. Heck they should be on a separate VLAN with no outbound internet access to begin with so that even if malware got placed it couldn't phone home. They should have their OS loaded to read only media that reloads from scratch on reboot. They could use a hypervisor and reload the OS from a VM snapshot so that no changes can ever be written. There are various other things that could happen but simply don't happen.

There is a fundamental laziness when it comes to security primarily because the merchants aren't really held accountable for the losses they cause. I hear far more concern about PCI compliance than actual security.

The magstripe reader being a keyboard is a big problem. If they didn't behave that way and were API driven, the malware authors would have to support every kind of magstripe reader.

I can understand such occurrences with mom and pops and I have worked with secret service and helped some of them get back running. But target, home depot, and other large nationwide chains? Completely and totally unacceptable. Do these companies not hire one single competent CISO? How come people can't infect slot machines with malware? Maybe because the casinos at least attempt to do network security right.

Mark


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.