Crime went unrecorded,
So we could get a job that would give him access to guns and explosives!
You have to love that laid back aussie attitude!
An Australian pizza store worker turned hacker has avoided prison after he was convicted of stealing A$30,000 ($28,000) from ATMs using computer hacking. Brian Sommer, 23, reportedly used information from repair manuals downloaded over the internet to hack into the hard discs of ATMs and change the amount that could be …
Why the hell is the software accessible from the external controls of the ATM anyway?
No keypresses on the front panel should be allowed to alter any setting on the machine, and the internal controls should be locked seperately to the cash reservoir. That's how they are in most UK ATMs anyway; One key opens the cash, one key opens the console, Bank has the former, Engineer has the latter, and never the two shall meet.
"Brian Sommer, 23, reportedly used information from repair manuals downloaded over the internet to hack into the hard discs of ATMs and change the amount that could be withdrawn"
It's hardly a hack when you have physical access to the ATM machines and no prizes for guessing which OS they ran on ...
This sounds highly unlikely, I'd like to know what the details that have been withheald are and if the ATMs are bank owned or those crappy ones with dialup in pubs and clubs (which are known to be vulnerable to idiots not changing the default settings). I'd be very supprised if a bank owned ATM could be compromised so apparantly easily without mention of an insider assisting. Having said this, if the guy had physical access why not just stick 20s in the 10s drawer?
I'd be interested to see how this pans out.
So, these ATMs had the default passwords set? Yeah, he should get off on the charges. He didn't hack anything, he just entered the default password and presto! ...
He must have forgot that last part ;-)
It's fairly common amongst those little standalone ATMs that charge you to withdraw, usually found in newsagents and nightclubs. Quite often they have the default passwords, and what they do is change the settings to swap the £20 and £10 trays over, so when you withdraw £100 you get £200.
I'm glad they get conned as most of them charge at least £2.50. But there isn't much chance of getting away with it as they are always covered by CCTV, the login process can be quite long/noisey/obvious, and you have to use a card to get the money out so if you don't want to be traced you need to steal that too.
I doubt you could "hack" a bank owned ATM, the only way to get into those from the outside is with a JCB!
I'm with you here. A previous job of mine was servicing ATM machines, and they all required physical access to the internals of the machine and the setting of a physical lockout switch inside before you could make any changes to the system. You can't even access the test menu from the public facing screen, there is a separate panel inside the machine for all those functions.
Getting inside involved a key to open it held by the security service we had contracted with to provide protection, the engineers didn't carry them.
Either something was decidedly dodgy or we're not talking banking atms...
As far as "accessed the hard drive" goes, the atms have a standard pc inside, ours were prone to faulty caps on the motherboard so yanking them was surprisingly common. You can't get to the OS from the ATM, there is a separate keyboard in the machine for that, assuming the machine is big enough for a screen inside. Well, you can remotely power cycle it, but thats about it.
What you say should be qualified, for an (in)appropriate value of 'all'.
I remember once (in the USA) walking up to an ATM and seeing the Windows NT blue screen of death, followed by a re-boot into ... something like a CMD prompt. The sixteen or so buttons available to me allowed me to enter 0 to 9, full-stop, and a few other characters. Enter wasn't one of them, and in any case I didn't want to play for long in case it got me arrested, but clearly someone had not thought hard enough about the design of this ATM!
Another time I found one with "Maint: " on the screen, but the keyboard appeared to be locked out so maybe that was safe enough. (Or maybe it wasn't echoing, and if I'd known the right buttons to press? )
"However, Sommer's age, character references and academic record counted in his favour and helped him to avoid jail."
Huh? So if I am either old, stupid or could not get somebody stupid enough to vouch for me I would go to jail?
Where is the justice in that? The guy is a thief, he knew what he did was illegal (or otherwise he woudl be stupid) , send him to jail - end of story. This PC crap gotta stop ...
Standing up for the old, stupid people without friends.
Biting the hand that feeds IT © 1998–2021