Re: indeed WTF
My understanding is that the USB port is used by a technician to do maintenance/diagnostics on the ATM. Disabling the port may turn all ATM repairs into "swap unit and return to base for repair".
That actually may not be such a silly idea for stand-alone units. Wheel a new machine in, swap the cash drawer over, wheel the old machine out. The downside to this is it'll add to the cost of maintenance.
It's still a problem for in-wall mounted units however. Really these are machines that should not have wide-open USB ports: at the very least they should only be enabled when in maintenance mode, and even then, restricted in what kinds of device can be connected.
The fact that they are so wide open, and the fact they often run ancient consumer OSes (once upon a time, OS/2, today Windows NT 5.0/5.1) tells me they're not serious about tackling the security problem.
Thankfully, my bank account is old enough to have a reasonably secure and old-fashioned alternative: a passbook. I'll just use that until such time as circumstance forces me to change.
Biting the hand that feeds IT
