I'm pretty sure I know exactly where that ATM must be, since I spent way too much time in Baker hall when at CMU.
ATM Crashes to Windows Desktop
Yesterday, an ATM in Baker Hall at Carnegie Mellon University crashed, or had some kind of software error, and ended up displaying the Windows XP desktop. Some students started Windows Media Player on it, playing a song that comes preinstalled on Windows XP machines. Students took photos and movies of this.There's no way to tell whether the students, starting with the Windows desktop, would have been able to eject the ATM's stock of cash. As my colleague Andrew Appel observes, it's possible to design an ATM in a way that prevents it from dispensing cash without the knowledge and participation of a computer back at the bank. For example, the cash dispensing hardware could require some cryptographic message from the bank's computer before doing anything. Then again, it's possible to design a Windows-based ATM that never (or almost never) displays the Windows desktop, failing instead into a "technical difficulties -- please call customer service" screen, and the designers apparently didn't adopt that precaution.
A single, isolated failure like this isn't, in itself, a big deal. Every ATM transaction is recorded and audited. Banks have the power to adopt loss-prevention technology; they have good historical data on error rates and losses; and they absorb the cost of both losses and loss-prevention technology. So it seems safe to assume that they are managing these kinds of risks rationally.... [Freedom to Tinker]
I'm not sure I want ATMs running any commercial OS. I want them to run something custom made to only be an ATM, not something that also doubles as a desktop.
