… It was the Windows XP startup tone. Ugh. At a well known pharmacy store.
… After the sickness left I started thinking. My credit/debit card is being processed on this machine. No matter how encrypted it is. Can I still do business at this store?
I will start using my Credit Card from now on.
I think merchants and store software developers need to be held accountable for relying on such old software.
38 Spice ups
ross
(Ross42.)
2
We just literally tossed all of our XP machines. I told the CEO to tell people on a webinar (and he did) to literally take it out back and shoot it.
1 Spice up
Not all credit card terminals send information to the POS. We use Clovers which are completely standalone and don’t interface with our PCs at all.
Granted, we’re also not running windows XP…
3 Spice ups
They could have been running Embedded Standard 2009 or Embedded POSReady 2009. Those are still under support.
9 Spice ups
The only XP machines we still use are for printing mailing addresses on envelopes. Apparently the software only works on XP and they won’t let me look into alternatives.
zuphzuph
(zuphzuph)
6
Man don’t make me anymore paranoid than I already am… Making me question everywhere now.
nerdydad
(NerdyDad)
7
I’m not regulated by it, but does PCI regulations not stipulate on OS versioning and whether it is supported or not? I figure that would have to be a security determinant of some sort.
dalario
(Zaphod Beeblebrox)
8
Lots of ATM’s still run XP.
6 Spice ups
ranhalt
(ranhalt)
10
I’m 30 and I remember POS and ATMs running OS/2 up until maybe 15 years ago. I’m sure they’re still out there.
2 Spice ups
fredzanto
(Frodrick)
11
Speaking from my experience working at a Cstore chain, the credit card info wasn’t processed through the POS system. There was a separate network that handled card transactions and the POS only communicated to the CC terminal to get a “Yay they were successful” or “Sorry guy, it didn’t go through”. Numbers (apart from the last 4 for the receipt) were not passed through it.
My guess it is a separate encrypted network that processes the payment and handles the sensitive data.
And apparently a lot of the government as well and even older.
Government using old tech
1 Spice up
You can’t use compatibility mode or Win7 w/ XP mode? I know I’ve ran into a couple legacy apps, big PITA. Usually though with XP mode you can run it inside Win 7 seamlessly. User don’t even realize it’s XP running the application. This way you can just set the XP machine statically and not use a default gateway. You would still be able to print and the XP machine wouldn’t be as much of a risk. Of course that is dependent to how your network is configured or if the printers are even networked.
1 Spice up
The machines that run the software require a firewire connection so we need a purchase a firewire card or a USB to firewire. They just won’t fund it. It’s like 2-15 bucks.
1 Spice up
bbigford
(bbigford)
15
If they are using XP still, you can probably bet there is little to no security, let alone any kind of encryption. 
1 Spice up
lbair2
(IceBair Does IT)
16
for about a year while i was working at big lots they were running windows 98
Sorry to hear it and been there so I feel your pain. Cheap skates are usually some of the hardest people to work for.
2 Spice ups
fleetwood
(Fleetwood)
18
I’m 30 and I remember POS and ATMs running OS/2 up until maybe 15 years ago. I’m sure they’re still out there.
It was a regulatory change that forced institutions switch from OS/2 to Windows, and a lot of us weren’t happy with it. At the time we were forced to go from a stable/reliable/(fairly) secure platform to Windows NT. Now that made me cringe!
The first time I saw a BSOD on an ATM, I just pointed at it and yelled, “See!”.
3 Spice ups
dalario
(Zaphod Beeblebrox)
19
There’s plenty of payment systems that run on XP that utilize up-to-date encryption protocols. That says nothing for the security of the OS, but it’s not like your payment info is gonna get snarfed in transmission.
