Improving Wetware

Because technology is never the issue

An interesting design failure

Posted by Pete McBreen Mon, 09 Oct 2006 19:48:56 GMT

Bruce Schneier poinmted to an interesting failure mode for ATMs. Given that the ATM is a case study in the Use Case Course this is one failure mode we did not consider.

  • The man then punched a series of numbers on the machine’s keypad, breaking the security code. The ATM was programmed to disburse $20 bills. The man reprogrammed the machine so it recorded each $20 bill as a $5 debit to his account.

It seems thatthere is a default password to allow the installers to program the machines.

I thought by now we would have learned NOT to have default passwords on systems.