<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article09_06_04_1424210</id>
	<title>Cybercriminals Refine ATM Data-Sniffing Software</title>
	<author>CmdrTaco</author>
	<datestamp>1244127600000</datestamp>
	<htmltext>BobB-nw writes <i>"Cybercriminals are improving a malicious software program that can be <a href="http://www.networkworld.com/news/2009/060409-cybercriminals-refine-data-sniffing-software-for.html">installed on ATMs running Microsoft's Windows XP</a> operating system that records sensitive card details, according to security vendor Trustwave. The malware has been found so far on ATMs in Eastern European countries, according to a Trustwave report. The malware records the magnetic stripe information on the back of a card as well as the PIN, which would potentially allow criminals to clone the card in order to withdraw cash. The collected card data, which is encrypted using the DES algorithm, can be printed out by the ATM's receipt printer, Trustwave wrote."</i></htmltext>
<tokenext>BobB-nw writes " Cybercriminals are improving a malicious software program that can be installed on ATMs running Microsoft 's Windows XP operating system that records sensitive card details , according to security vendor Trustwave .
The malware has been found so far on ATMs in Eastern European countries , according to a Trustwave report .
The malware records the magnetic stripe information on the back of a card as well as the PIN , which would potentially allow criminals to clone the card in order to withdraw cash .
The collected card data , which is encrypted using the DES algorithm , can be printed out by the ATM 's receipt printer , Trustwave wrote .
"</tokentext>
<sentencetext>BobB-nw writes "Cybercriminals are improving a malicious software program that can be installed on ATMs running Microsoft's Windows XP operating system that records sensitive card details, according to security vendor Trustwave.
The malware has been found so far on ATMs in Eastern European countries, according to a Trustwave report.
The malware records the magnetic stripe information on the back of a card as well as the PIN, which would potentially allow criminals to clone the card in order to withdraw cash.
The collected card data, which is encrypted using the DES algorithm, can be printed out by the ATM's receipt printer, Trustwave wrote.
"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210157</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244132580000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>Ultimately it comes down to "why not?"  ATMs need an OS.  The cost of a Windows XP licence is trivial compared with that of the hardware and custom software development.  Might as well go for one that has lots of development tools for which the software can be run on a normal desktop computer.  It's easier to develop for windows that to develop for a custom devkit.</htmltext>
<tokenext>Ultimately it comes down to " why not ?
" ATMs need an OS .
The cost of a Windows XP licence is trivial compared with that of the hardware and custom software development .
Might as well go for one that has lots of development tools for which the software can be run on a normal desktop computer .
It 's easier to develop for windows that to develop for a custom devkit .</tokentext>
<sentencetext>Ultimately it comes down to "why not?
"  ATMs need an OS.
The cost of a Windows XP licence is trivial compared with that of the hardware and custom software development.
Might as well go for one that has lots of development tools for which the software can be run on a normal desktop computer.
It's easier to develop for windows that to develop for a custom devkit.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210773</id>
	<title>Re:DES</title>
	<author>Anonymous</author>
	<datestamp>1244135040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You don't need a rootkit, as I found out several years ago.</p><p>A woman I was seeing (for twenty dollars a pop) watched as I put the PIN number in. She then stole my checkbook, my debit card, and spare car keys. I think it's chronicled in one of my journals somewhere (there's a brief account in my latest, which I just posted a couple of hours ago, but there's a detailed one in an older one).</p><p>Any way, she wrote some bogus checks and withdrew money from the ATM. The bank made good on the checks, but not the debit card. If they have your PIN number, they're automatically authorized to use the card, even after it's reported stolen! It was a disaster; it caused several checks to bounce and ultimately cost me several thousand dollars, even though she only stole $700 before the card wouldn't work (no more money in the account).</p><p>I no longer use a debit card. Fool me once, shame on you. Fool me twice, shame on me.</p></htmltext>
<tokenext>You do n't need a rootkit , as I found out several years ago.A woman I was seeing ( for twenty dollars a pop ) watched as I put the PIN number in .
She then stole my checkbook , my debit card , and spare car keys .
I think it 's chronicled in one of my journals somewhere ( there 's a brief account in my latest , which I just posted a couple of hours ago , but there 's a detailed one in an older one ) .Any way , she wrote some bogus checks and withdrew money from the ATM .
The bank made good on the checks , but not the debit card .
If they have your PIN number , they 're automatically authorized to use the card , even after it 's reported stolen !
It was a disaster ; it caused several checks to bounce and ultimately cost me several thousand dollars , even though she only stole $ 700 before the card would n't work ( no more money in the account ) .I no longer use a debit card .
Fool me once , shame on you .
Fool me twice , shame on me .</tokentext>
<sentencetext>You don't need a rootkit, as I found out several years ago.A woman I was seeing (for twenty dollars a pop) watched as I put the PIN number in.
She then stole my checkbook, my debit card, and spare car keys.
I think it's chronicled in one of my journals somewhere (there's a brief account in my latest, which I just posted a couple of hours ago, but there's a detailed one in an older one).Any way, she wrote some bogus checks and withdrew money from the ATM.
The bank made good on the checks, but not the debit card.
If they have your PIN number, they're automatically authorized to use the card, even after it's reported stolen!
It was a disaster; it caused several checks to bounce and ultimately cost me several thousand dollars, even though she only stole $700 before the card wouldn't work (no more money in the account).I no longer use a debit card.
Fool me once, shame on you.
Fool me twice, shame on me.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209889</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211173</id>
	<title>Re:ATM != desktop computer</title>
	<author>networkconsultant</author>
	<datestamp>1244136660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>It is however easier to find a tech that knows how to troubleshoot windows than one that knows how to run ifconfig &amp; route.</htmltext>
<tokenext>It is however easier to find a tech that knows how to troubleshoot windows than one that knows how to run ifconfig &amp; route .</tokentext>
<sentencetext>It is however easier to find a tech that knows how to troubleshoot windows than one that knows how to run ifconfig &amp; route.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28228375</id>
	<title>Again, ATM != Desktop</title>
	<author>DrYak</author>
	<datestamp>1244201820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>ATMs need an OS of some sort.</p></div><p>Do they, really ?<br>All an ATM needs is to be able to :<br>- read data from the card<br>- read a PIN from the keypad<br>- read an amount of money from said key pad.<br>- display a couple of messages during this process.</p><p>That's something so simple that it could be mostly handled by a PIC microcontroller.</p><p><div class="quote"><p> More advanced OS' make it easier to have the software display videos and animations, have more complex functionality and better compatibility with modern software.</p></div><p>But who in his/her right state of mind needs an OS and hardware capable to run a WoW-client on a simple ATM ?<br>(Or running Doom on an e-voting machine, for those who read the recent that story on<nobr> <wbr></nobr>/.)</p><p>There's no need to play video or surf web. Only handle a couple of simple tasks and that's it.</p><p>I understand that, for some embed type of machine, a full-blown OS may have some advantages. An embed machine driving an advertising display, for example. In that situation it has several advantages :<br>- Low cost (of-the-shelf parts instead of custom board with microcontroller)<br>- Low cost to develop something for it (any person with half a functional brain cell able to throw some shit under Visual Studio<nobr> <wbr></nobr>.Net can do the job)</p><p>But here we are speaking about banks (same goes also electronic voting machines).<br>The single most important feature for these machines is security.<br>Even if it comes at the expense of more custom hardware and less easy to develop for.<br>A simple micro-controller would be better because :</p><p>- A smaller code means easier to debug, audit and check for weaknesses<br>By Linus' law more eyeballs make bugs more shallow. A smaller code simply makes a higher eyeball-per-line-of-code ratio.</p><p>- Less opportunity to run unwanted software on the machine.<br>If running a full blown desktop OS on common hardware, you have enough resource to run a full Apache server serving the sensitive data to the web. Or use a "blue-pill" like hyper-visor running the main software in a virtual machine and doing all the bad trick from the outside of the machine.<br>With something as primitive as a micro-controller there's slightly less opportunity to add a malicious payload to the minuscule programme ROM.</p><p>If the bank company really needs to display some animated stupid adds, they should use 2 screens :<br>1 small screen, driven by a simple microcontroller handling the transaction, and the huge stupid blinking stuff executed out of a separate Windows XPe machine on a 2nd screen, with no connection by the 2 machines.</p></div>
	</htmltext>
<tokenext>ATMs need an OS of some sort.Do they , really ? All an ATM needs is to be able to : - read data from the card- read a PIN from the keypad- read an amount of money from said key pad.- display a couple of messages during this process.That 's something so simple that it could be mostly handled by a PIC microcontroller .
More advanced OS ' make it easier to have the software display videos and animations , have more complex functionality and better compatibility with modern software.But who in his/her right state of mind needs an OS and hardware capable to run a WoW-client on a simple ATM ?
( Or running Doom on an e-voting machine , for those who read the recent that story on / .
) There 's no need to play video or surf web .
Only handle a couple of simple tasks and that 's it.I understand that , for some embed type of machine , a full-blown OS may have some advantages .
An embed machine driving an advertising display , for example .
In that situation it has several advantages : - Low cost ( of-the-shelf parts instead of custom board with microcontroller ) - Low cost to develop something for it ( any person with half a functional brain cell able to throw some shit under Visual Studio .Net can do the job ) But here we are speaking about banks ( same goes also electronic voting machines ) .The single most important feature for these machines is security.Even if it comes at the expense of more custom hardware and less easy to develop for.A simple micro-controller would be better because : - A smaller code means easier to debug , audit and check for weaknessesBy Linus ' law more eyeballs make bugs more shallow .
A smaller code simply makes a higher eyeball-per-line-of-code ratio.- Less opportunity to run unwanted software on the machine.If running a full blown desktop OS on common hardware , you have enough resource to run a full Apache server serving the sensitive data to the web .
Or use a " blue-pill " like hyper-visor running the main software in a virtual machine and doing all the bad trick from the outside of the machine.With something as primitive as a micro-controller there 's slightly less opportunity to add a malicious payload to the minuscule programme ROM.If the bank company really needs to display some animated stupid adds , they should use 2 screens : 1 small screen , driven by a simple microcontroller handling the transaction , and the huge stupid blinking stuff executed out of a separate Windows XPe machine on a 2nd screen , with no connection by the 2 machines .</tokentext>
<sentencetext>ATMs need an OS of some sort.Do they, really ?All an ATM needs is to be able to :- read data from the card- read a PIN from the keypad- read an amount of money from said key pad.- display a couple of messages during this process.That's something so simple that it could be mostly handled by a PIC microcontroller.
More advanced OS' make it easier to have the software display videos and animations, have more complex functionality and better compatibility with modern software.But who in his/her right state of mind needs an OS and hardware capable to run a WoW-client on a simple ATM ?
(Or running Doom on an e-voting machine, for those who read the recent that story on /.
)There's no need to play video or surf web.
Only handle a couple of simple tasks and that's it.I understand that, for some embed type of machine, a full-blown OS may have some advantages.
An embed machine driving an advertising display, for example.
In that situation it has several advantages :- Low cost (of-the-shelf parts instead of custom board with microcontroller)- Low cost to develop something for it (any person with half a functional brain cell able to throw some shit under Visual Studio .Net can do the job)But here we are speaking about banks (same goes also electronic voting machines).The single most important feature for these machines is security.Even if it comes at the expense of more custom hardware and less easy to develop for.A simple micro-controller would be better because :- A smaller code means easier to debug, audit and check for weaknessesBy Linus' law more eyeballs make bugs more shallow.
A smaller code simply makes a higher eyeball-per-line-of-code ratio.- Less opportunity to run unwanted software on the machine.If running a full blown desktop OS on common hardware, you have enough resource to run a full Apache server serving the sensitive data to the web.
Or use a "blue-pill" like hyper-visor running the main software in a virtual machine and doing all the bad trick from the outside of the machine.With something as primitive as a micro-controller there's slightly less opportunity to add a malicious payload to the minuscule programme ROM.If the bank company really needs to display some animated stupid adds, they should use 2 screens :1 small screen, driven by a simple microcontroller handling the transaction, and the huge stupid blinking stuff executed out of a separate Windows XPe machine on a 2nd screen, with no connection by the 2 machines.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209995</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213791</id>
	<title>Re:ATM != desktop computer</title>
	<author>Bert64</author>
	<datestamp>1244147580000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Firewalls are not the ultimate solution, they have vulnerabilities and misconfigurations too... Also as firewalls become more complex, the risk of vulnerabilities increases.</p><p>Firewalls should not be relied on as the only facet of security, they should be only a small part of an in depth security policy. If the firewall is taken out of the equation, the system should be able to stand on it's own.</p></htmltext>
<tokenext>Firewalls are not the ultimate solution , they have vulnerabilities and misconfigurations too... Also as firewalls become more complex , the risk of vulnerabilities increases.Firewalls should not be relied on as the only facet of security , they should be only a small part of an in depth security policy .
If the firewall is taken out of the equation , the system should be able to stand on it 's own .</tokentext>
<sentencetext>Firewalls are not the ultimate solution, they have vulnerabilities and misconfigurations too... Also as firewalls become more complex, the risk of vulnerabilities increases.Firewalls should not be relied on as the only facet of security, they should be only a small part of an in depth security policy.
If the firewall is taken out of the equation, the system should be able to stand on it's own.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209995</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211531</id>
	<title>Re:ATM != desktop computer</title>
	<author>sjames</author>
	<datestamp>1244138160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Because ATMs are very high value targets and there's no practical way to fully audit XP. Because XP is designed to do anything and everything while security calls for a fully audited system that can only do what it is supposed to do. Consider, the malware has to hook in somewhere. The less somewheres there are, the harder it is to do that. ATMs are an embedded application, it's silly to run a desktop OS on them.</p><p>Linux would be a better choice since it's design allows for it to be stripped down to the essentials and for a kernel to be built without  most of the features and extraneous drivers. It's much easier to harden Linux because of that and the ability to remove the userspace. Strip it down to a minimalist kernel, a very few utilities to be used for booting and diagnostics and the actual embedded app.</p><p>Even that is inferior to an app running on bare metal as far as auditability goes.</p><p><div class="quote"><p>Also, anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network.</p> </div><p>And yet, the malware is apparently out there and ATMs HAVE been compromised. I guess either the banks have no such sense or it's just not enough.</p></div>
	</htmltext>
<tokenext>Because ATMs are very high value targets and there 's no practical way to fully audit XP .
Because XP is designed to do anything and everything while security calls for a fully audited system that can only do what it is supposed to do .
Consider , the malware has to hook in somewhere .
The less somewheres there are , the harder it is to do that .
ATMs are an embedded application , it 's silly to run a desktop OS on them.Linux would be a better choice since it 's design allows for it to be stripped down to the essentials and for a kernel to be built without most of the features and extraneous drivers .
It 's much easier to harden Linux because of that and the ability to remove the userspace .
Strip it down to a minimalist kernel , a very few utilities to be used for booting and diagnostics and the actual embedded app.Even that is inferior to an app running on bare metal as far as auditability goes.Also , anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network .
And yet , the malware is apparently out there and ATMs HAVE been compromised .
I guess either the banks have no such sense or it 's just not enough .</tokentext>
<sentencetext>Because ATMs are very high value targets and there's no practical way to fully audit XP.
Because XP is designed to do anything and everything while security calls for a fully audited system that can only do what it is supposed to do.
Consider, the malware has to hook in somewhere.
The less somewheres there are, the harder it is to do that.
ATMs are an embedded application, it's silly to run a desktop OS on them.Linux would be a better choice since it's design allows for it to be stripped down to the essentials and for a kernel to be built without  most of the features and extraneous drivers.
It's much easier to harden Linux because of that and the ability to remove the userspace.
Strip it down to a minimalist kernel, a very few utilities to be used for booting and diagnostics and the actual embedded app.Even that is inferior to an app running on bare metal as far as auditability goes.Also, anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network.
And yet, the malware is apparently out there and ATMs HAVE been compromised.
I guess either the banks have no such sense or it's just not enough.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</id>
	<title>Re:ATM != desktop computer</title>
	<author>NES HQ</author>
	<datestamp>1244132580000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext>Why shouldn't an ATM run Windows? Cue the standard Windows-bashing, but a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do.

<p>Also, anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network.

</p><p> Yes, it's Windows. But without crazy Aunt Judy trying to install her cat screensavers Windows should be fine for the task.</p></htmltext>
<tokenext>Why should n't an ATM run Windows ?
Cue the standard Windows-bashing , but a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do .
Also , anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network .
Yes , it 's Windows .
But without crazy Aunt Judy trying to install her cat screensavers Windows should be fine for the task .</tokentext>
<sentencetext>Why shouldn't an ATM run Windows?
Cue the standard Windows-bashing, but a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do.
Also, anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network.
Yes, it's Windows.
But without crazy Aunt Judy trying to install her cat screensavers Windows should be fine for the task.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210413</id>
	<title>ATMs...</title>
	<author>EddyPearson</author>
	<datestamp>1244133660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>...are probably one of the few devices that most Slashdotters would agree should <b>definitely</b> be running proprietary, private software.</p><p>I had no idea there were ATMs out there running Windows. Given access to the software/a machine running it, I can't see how this would have been difficult to pull off. This is a serious WTF? moment.</p></htmltext>
<tokenext>...are probably one of the few devices that most Slashdotters would agree should definitely be running proprietary , private software.I had no idea there were ATMs out there running Windows .
Given access to the software/a machine running it , I ca n't see how this would have been difficult to pull off .
This is a serious WTF ?
moment .</tokentext>
<sentencetext>...are probably one of the few devices that most Slashdotters would agree should definitely be running proprietary, private software.I had no idea there were ATMs out there running Windows.
Given access to the software/a machine running it, I can't see how this would have been difficult to pull off.
This is a serious WTF?
moment.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28216859</id>
	<title>Re:ATM != desktop computer</title>
	<author>the\_y\_the</author>
	<datestamp>1244120280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I work for one of the biggest banks in Australia. The ATMs we use are Diebold machines. However, believe it or not, they are all running on Windows XP, with specialised Diebold software running on top. Everything that the customer sees on their ATM screen is simply the GUI of the Diebold software. I forget the name of the software package, but running XP on ATM is not as rare as you might think.</htmltext>
<tokenext>I work for one of the biggest banks in Australia .
The ATMs we use are Diebold machines .
However , believe it or not , they are all running on Windows XP , with specialised Diebold software running on top .
Everything that the customer sees on their ATM screen is simply the GUI of the Diebold software .
I forget the name of the software package , but running XP on ATM is not as rare as you might think .</tokentext>
<sentencetext>I work for one of the biggest banks in Australia.
The ATMs we use are Diebold machines.
However, believe it or not, they are all running on Windows XP, with specialised Diebold software running on top.
Everything that the customer sees on their ATM screen is simply the GUI of the Diebold software.
I forget the name of the software package, but running XP on ATM is not as rare as you might think.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210903</id>
	<title>Re:ATM != desktop computer</title>
	<author>twistah</author>
	<datestamp>1244135520000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p>They run XP embedded, which allow you to customize which components are used much more so than regular XP. That is not to say I don't see your point -- we've broken into plenty of Diebold XP ATMs during authorized penetration tests using regular Windows exploits. After that, it's game over with the software this product mentions. Then again, regular OS's have been running on ATMs for a long time, and many still run OS/2.</p></htmltext>
<tokenext>They run XP embedded , which allow you to customize which components are used much more so than regular XP .
That is not to say I do n't see your point -- we 've broken into plenty of Diebold XP ATMs during authorized penetration tests using regular Windows exploits .
After that , it 's game over with the software this product mentions .
Then again , regular OS 's have been running on ATMs for a long time , and many still run OS/2 .</tokentext>
<sentencetext>They run XP embedded, which allow you to customize which components are used much more so than regular XP.
That is not to say I don't see your point -- we've broken into plenty of Diebold XP ATMs during authorized penetration tests using regular Windows exploits.
After that, it's game over with the software this product mentions.
Then again, regular OS's have been running on ATMs for a long time, and many still run OS/2.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210889</id>
	<title>Re:ATMs...</title>
	<author>Anonymous</author>
	<datestamp>1244135460000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Secrecy and security are not synonymous. Software that is subject to public scrutiny will tend to be more secure.</p></htmltext>
<tokenext>Secrecy and security are not synonymous .
Software that is subject to public scrutiny will tend to be more secure .</tokentext>
<sentencetext>Secrecy and security are not synonymous.
Software that is subject to public scrutiny will tend to be more secure.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210413</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210039</id>
	<title>Re:ATM != desktop computer</title>
	<author>sigmoid\_balance</author>
	<datestamp>1244132100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>It's funny when you see it boot up if it previously had a failure or lost power. I never saw Win XP ATMs, but I saw lots of WinNT/Win2k ATMs.

And yeah, I'm living in Eastern Europe.</htmltext>
<tokenext>It 's funny when you see it boot up if it previously had a failure or lost power .
I never saw Win XP ATMs , but I saw lots of WinNT/Win2k ATMs .
And yeah , I 'm living in Eastern Europe .</tokentext>
<sentencetext>It's funny when you see it boot up if it previously had a failure or lost power.
I never saw Win XP ATMs, but I saw lots of WinNT/Win2k ATMs.
And yeah, I'm living in Eastern Europe.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210435</id>
	<title>Re:Magnetic strip?</title>
	<author>u38cg</author>
	<datestamp>1244133720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Most of them?  Is there anywhere that doesn't continue to issue mag stripes as a precaution against chip failures (~1\% per annum)?</htmltext>
<tokenext>Most of them ?
Is there anywhere that does n't continue to issue mag stripes as a precaution against chip failures ( ~ 1 \ % per annum ) ?</tokentext>
<sentencetext>Most of them?
Is there anywhere that doesn't continue to issue mag stripes as a precaution against chip failures (~1\% per annum)?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210197</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28212451</id>
	<title>Re:ATMs...</title>
	<author>Anonymous</author>
	<datestamp>1244142180000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Quite the opposite in fact.  For the same reason as voting machines, I would feel much safer knowing that it was possible to check that the code was secure. See http://en.wikipedia.org/wiki/Security\_through\_obscurity</p></htmltext>
<tokenext>Quite the opposite in fact .
For the same reason as voting machines , I would feel much safer knowing that it was possible to check that the code was secure .
See http : //en.wikipedia.org/wiki/Security \ _through \ _obscurity</tokentext>
<sentencetext>Quite the opposite in fact.
For the same reason as voting machines, I would feel much safer knowing that it was possible to check that the code was secure.
See http://en.wikipedia.org/wiki/Security\_through\_obscurity</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210413</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210729</id>
	<title>Re:I call BS, mostly</title>
	<author>Peter Simpson</author>
	<datestamp>1244134920000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>From TFR:<br>"Additionally, the malware harvests what is believed to be key or PIN data, saving the<br>information in a file C:\WINDOWS\kl."</p><p>So, they waffle on whether the PIN is captured.  The filename "kl", does imply "KeyLogger", though.</p><p>Perhaps Eastern European ATMs are built differently that those in North America...maybe "saving a bit of money" by doing the encryption of the PIN in the PC, instead using an encrypting secure keypad.</p><p>Or, since the same keypad is used for PIN entry and regular input, perhaps the control signal that tells the keypad whether to encrypt or pass keypresses through has been tampered with...so the entered PIN comes through as normal keypresses, and is encrypted by the malware and passed on after logging to the file?</p><p>Or, maybe it's just a guess on the part of the author.</p></htmltext>
<tokenext>From TFR : " Additionally , the malware harvests what is believed to be key or PIN data , saving theinformation in a file C : \ WINDOWS \ kl .
" So , they waffle on whether the PIN is captured .
The filename " kl " , does imply " KeyLogger " , though.Perhaps Eastern European ATMs are built differently that those in North America...maybe " saving a bit of money " by doing the encryption of the PIN in the PC , instead using an encrypting secure keypad.Or , since the same keypad is used for PIN entry and regular input , perhaps the control signal that tells the keypad whether to encrypt or pass keypresses through has been tampered with...so the entered PIN comes through as normal keypresses , and is encrypted by the malware and passed on after logging to the file ? Or , maybe it 's just a guess on the part of the author .</tokentext>
<sentencetext>From TFR:"Additionally, the malware harvests what is believed to be key or PIN data, saving theinformation in a file C:\WINDOWS\kl.
"So, they waffle on whether the PIN is captured.
The filename "kl", does imply "KeyLogger", though.Perhaps Eastern European ATMs are built differently that those in North America...maybe "saving a bit of money" by doing the encryption of the PIN in the PC, instead using an encrypting secure keypad.Or, since the same keypad is used for PIN entry and regular input, perhaps the control signal that tells the keypad whether to encrypt or pass keypresses through has been tampered with...so the entered PIN comes through as normal keypresses, and is encrypted by the malware and passed on after logging to the file?Or, maybe it's just a guess on the part of the author.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210481</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211873</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244139720000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Actually, no<nobr> <wbr></nobr>... computers and computer-run devices like ATMs DO NOT need an OS.<br>Back in the 1970s, we used to run programs on basically "bare metal".  We would key in the bootstrap manually which would read in the program and the program would run.... no OS at all<br>I know it would be way more complicated, but the OS/Program separation is artificial and is NOT required, and I'd argue, on important-to-secure machines, it might be that they should only run a program and not an OS as well.</p></htmltext>
<tokenext>Actually , no ... computers and computer-run devices like ATMs DO NOT need an OS.Back in the 1970s , we used to run programs on basically " bare metal " .
We would key in the bootstrap manually which would read in the program and the program would run.... no OS at allI know it would be way more complicated , but the OS/Program separation is artificial and is NOT required , and I 'd argue , on important-to-secure machines , it might be that they should only run a program and not an OS as well .</tokentext>
<sentencetext>Actually, no ... computers and computer-run devices like ATMs DO NOT need an OS.Back in the 1970s, we used to run programs on basically "bare metal".
We would key in the bootstrap manually which would read in the program and the program would run.... no OS at allI know it would be way more complicated, but the OS/Program separation is artificial and is NOT required, and I'd argue, on important-to-secure machines, it might be that they should only run a program and not an OS as well.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209995</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210655</id>
	<title>Re:ATM != desktop computer</title>
	<author>ILongForDarkness</author>
	<datestamp>1244134620000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Hehe. We have a large Sun/Storage Tek tape library at my work. The SL300000 <a href="http://www.sun.com/storagetek/tape\_storage/tape\_libraries/sl3000/" title="sun.com">http://www.sun.com/storagetek/tape\_storage/tape\_libraries/sl3000/</a> [sun.com] . It runs Win2k. The question is what is a new $120k device (~70k but then that is before you get the drives for the library<nobr> <wbr></nobr>:-)) from an old school UNIX vendor doing running an out of support version of Windows<nobr> <wbr></nobr>:-) . We also have microscopes that are controlled by windows but the GUI is in Linux (they come with both computers in one case). It all comes down to what the developers were comfortable with at the time, and whether device drivers are available I guess.</htmltext>
<tokenext>Hehe .
We have a large Sun/Storage Tek tape library at my work .
The SL300000 http : //www.sun.com/storagetek/tape \ _storage/tape \ _libraries/sl3000/ [ sun.com ] .
It runs Win2k .
The question is what is a new $ 120k device ( ~ 70k but then that is before you get the drives for the library : - ) ) from an old school UNIX vendor doing running an out of support version of Windows : - ) .
We also have microscopes that are controlled by windows but the GUI is in Linux ( they come with both computers in one case ) .
It all comes down to what the developers were comfortable with at the time , and whether device drivers are available I guess .</tokentext>
<sentencetext>Hehe.
We have a large Sun/Storage Tek tape library at my work.
The SL300000 http://www.sun.com/storagetek/tape\_storage/tape\_libraries/sl3000/ [sun.com] .
It runs Win2k.
The question is what is a new $120k device (~70k but then that is before you get the drives for the library :-)) from an old school UNIX vendor doing running an out of support version of Windows :-) .
We also have microscopes that are controlled by windows but the GUI is in Linux (they come with both computers in one case).
It all comes down to what the developers were comfortable with at the time, and whether device drivers are available I guess.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210179</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244132700000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Cheaper to develop. Use off the shelf Windows and some rapid application tools and you have yourself a pretty ATM in no time. The downside is that your ATM is compatible with the largest library of hacking tools and probably won't be patched nearly as often as a desktop PC.</p></htmltext>
<tokenext>Cheaper to develop .
Use off the shelf Windows and some rapid application tools and you have yourself a pretty ATM in no time .
The downside is that your ATM is compatible with the largest library of hacking tools and probably wo n't be patched nearly as often as a desktop PC .</tokentext>
<sentencetext>Cheaper to develop.
Use off the shelf Windows and some rapid application tools and you have yourself a pretty ATM in no time.
The downside is that your ATM is compatible with the largest library of hacking tools and probably won't be patched nearly as often as a desktop PC.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209995</id>
	<title>Re:ATM != desktop computer</title>
	<author>abigsmurf</author>
	<datestamp>1244131980000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>Why run Windows? Linux? DOS? etc.</p><p>ATMs need an OS of some sort. More advanced OS' make it easier to have the software display videos and animations, have more complex functionality and better compatibility with modern software. So long as the firewalls are properly configured to sandbox the unit, vulnerabilities are irrelevant.</p></htmltext>
<tokenext>Why run Windows ?
Linux ? DOS ?
etc.ATMs need an OS of some sort .
More advanced OS ' make it easier to have the software display videos and animations , have more complex functionality and better compatibility with modern software .
So long as the firewalls are properly configured to sandbox the unit , vulnerabilities are irrelevant .</tokentext>
<sentencetext>Why run Windows?
Linux? DOS?
etc.ATMs need an OS of some sort.
More advanced OS' make it easier to have the software display videos and animations, have more complex functionality and better compatibility with modern software.
So long as the firewalls are properly configured to sandbox the unit, vulnerabilities are irrelevant.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210355</id>
	<title>Closed Network</title>
	<author>relguj9</author>
	<datestamp>1244133540000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>Plus firewall, 'nuf said.  The problem is when people break into the back of a machine and physically install malware on it... if you have people breaking in or social engineering their way into the back of a physically locked machine then you are going to have problems.  I don't care if it's running some logic flow on an EEPROM, it's still going to be hacked.</htmltext>
<tokenext>Plus firewall , 'nuf said .
The problem is when people break into the back of a machine and physically install malware on it... if you have people breaking in or social engineering their way into the back of a physically locked machine then you are going to have problems .
I do n't care if it 's running some logic flow on an EEPROM , it 's still going to be hacked .</tokentext>
<sentencetext>Plus firewall, 'nuf said.
The problem is when people break into the back of a machine and physically install malware on it... if you have people breaking in or social engineering their way into the back of a physically locked machine then you are going to have problems.
I don't care if it's running some logic flow on an EEPROM, it's still going to be hacked.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28218155</id>
	<title>Re:ATM != desktop computer</title>
	<author>kmoser</author>
	<datestamp>1244133600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Citibank used to run their own proprietary software but now they (and others) run Windows:

<a href="http://www.youtube.com/watch?v=FAnmuRHYamc" title="youtube.com" rel="nofollow">http://www.youtube.com/watch?v=FAnmuRHYamc</a> [youtube.com]</htmltext>
<tokenext>Citibank used to run their own proprietary software but now they ( and others ) run Windows : http : //www.youtube.com/watch ? v = FAnmuRHYamc [ youtube.com ]</tokentext>
<sentencetext>Citibank used to run their own proprietary software but now they (and others) run Windows:

http://www.youtube.com/watch?v=FAnmuRHYamc [youtube.com]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214907</id>
	<title>Re:ATM != desktop computer</title>
	<author>HTH NE1</author>
	<datestamp>1244109600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>However, <a href="http://xkcd.com/463/" title="xkcd.com">http://xkcd.com/463/</a> [xkcd.com]</p></htmltext>
<tokenext>However , http : //xkcd.com/463/ [ xkcd.com ]</tokentext>
<sentencetext>However, http://xkcd.com/463/ [xkcd.com]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211307</id>
	<title>Re:ATM != desktop computer</title>
	<author>eugene\_roux</author>
	<datestamp>1244137260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>s/is an ATM/is any system/</p><p>Just sayin'...</p></htmltext>
<tokenext>s/is an ATM/is any system/Just sayin'.. .</tokentext>
<sentencetext>s/is an ATM/is any system/Just sayin'...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209889</id>
	<title>DES</title>
	<author>bluefoxlucid</author>
	<datestamp>1244131380000</datestamp>
	<modclass>Funny</modclass>
	<modscore>3</modscore>
	<htmltext>DES doesn't really mean "Designed Extremely Secure"<nobr> <wbr></nobr>....</htmltext>
<tokenext>DES does n't really mean " Designed Extremely Secure " ... .</tokentext>
<sentencetext>DES doesn't really mean "Designed Extremely Secure" ....</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28215523</id>
	<title>DEEP</title>
	<author>hh4m</author>
	<datestamp>1244112780000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Its quite easy to infect all those machines, one just needs to be a geeky intern at the company that makes the firmware for the ATMs. (obviously there are other ways to break into the company)

So all in all, infect/modify the firmware source at its weakest security point  and you have a backdoor into the machine.

that being said, id just like to point out that we have smart chips in our credit cards here in the middle of africa too.</htmltext>
<tokenext>Its quite easy to infect all those machines , one just needs to be a geeky intern at the company that makes the firmware for the ATMs .
( obviously there are other ways to break into the company ) So all in all , infect/modify the firmware source at its weakest security point and you have a backdoor into the machine .
that being said , id just like to point out that we have smart chips in our credit cards here in the middle of africa too .</tokentext>
<sentencetext>Its quite easy to infect all those machines, one just needs to be a geeky intern at the company that makes the firmware for the ATMs.
(obviously there are other ways to break into the company)

So all in all, infect/modify the firmware source at its weakest security point  and you have a backdoor into the machine.
that being said, id just like to point out that we have smart chips in our credit cards here in the middle of africa too.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211021</id>
	<title>Re:ATM != desktop computer</title>
	<author>Lonewolf666</author>
	<datestamp>1244136060000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Even Unix won't save you if the attacker gets physical access to the machine. I learned how to "crack" SCO Unix 10 years ago in an administration course by booting from floppy and resetting the password file.<br>If you can prevent <b>that</b>, it should be possible to secure Windows with a firewall that blocks all ports except the one your ATM application uses.<br>This said, Linux may actually be easier/cheaper to secure. But I don't consider a Windows based ATM an automatic security risk if the developer does his homework.</p></htmltext>
<tokenext>Even Unix wo n't save you if the attacker gets physical access to the machine .
I learned how to " crack " SCO Unix 10 years ago in an administration course by booting from floppy and resetting the password file.If you can prevent that , it should be possible to secure Windows with a firewall that blocks all ports except the one your ATM application uses.This said , Linux may actually be easier/cheaper to secure .
But I do n't consider a Windows based ATM an automatic security risk if the developer does his homework .</tokentext>
<sentencetext>Even Unix won't save you if the attacker gets physical access to the machine.
I learned how to "crack" SCO Unix 10 years ago in an administration course by booting from floppy and resetting the password file.If you can prevent that, it should be possible to secure Windows with a firewall that blocks all ports except the one your ATM application uses.This said, Linux may actually be easier/cheaper to secure.
But I don't consider a Windows based ATM an automatic security risk if the developer does his homework.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213115</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244145000000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>"Also, anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network."</p><p>Apparently many banks don't employ such people, or their ATMs wouldn't have been hit by the slammer worm.</p><p>Sorry, but past evidence has shown that these Windows-based ATMs are not "decently hardened" nor are they run by "anyone with any network design sense".</p></htmltext>
<tokenext>" Also , anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network .
" Apparently many banks do n't employ such people , or their ATMs would n't have been hit by the slammer worm.Sorry , but past evidence has shown that these Windows-based ATMs are not " decently hardened " nor are they run by " anyone with any network design sense " .</tokentext>
<sentencetext>"Also, anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network.
"Apparently many banks don't employ such people, or their ATMs wouldn't have been hit by the slammer worm.Sorry, but past evidence has shown that these Windows-based ATMs are not "decently hardened" nor are they run by "anyone with any network design sense".</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211255</id>
	<title>Re:DES</title>
	<author>plague3106</author>
	<datestamp>1244137080000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Um, as soon as you reported your card stolen, they should have deactivated it, regardless of whether or not someone had the pin.</p><p>I think the moral to your story is 1) be careful who you take to your ATM and 2) check your bank balance daily.  Most ATMs networks impose a $300 limit per withdrawl.</p></htmltext>
<tokenext>Um , as soon as you reported your card stolen , they should have deactivated it , regardless of whether or not someone had the pin.I think the moral to your story is 1 ) be careful who you take to your ATM and 2 ) check your bank balance daily .
Most ATMs networks impose a $ 300 limit per withdrawl .</tokentext>
<sentencetext>Um, as soon as you reported your card stolen, they should have deactivated it, regardless of whether or not someone had the pin.I think the moral to your story is 1) be careful who you take to your ATM and 2) check your bank balance daily.
Most ATMs networks impose a $300 limit per withdrawl.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210773</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211431</id>
	<title>True Story</title>
	<author>ohnotherobots</author>
	<datestamp>1244137740000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext>A friend of mine had his atm card in a Bank of America machine to withdraw money when the power went out. When it came back on a few seconds later, he was greeted with the Windows XP Embedded splash screen before the atm interface came up. The machine didn't realize it still had his card, so he couldn't get it back. (This is especially funny since he is a MS fanboy.)</htmltext>
<tokenext>A friend of mine had his atm card in a Bank of America machine to withdraw money when the power went out .
When it came back on a few seconds later , he was greeted with the Windows XP Embedded splash screen before the atm interface came up .
The machine did n't realize it still had his card , so he could n't get it back .
( This is especially funny since he is a MS fanboy .
)</tokentext>
<sentencetext>A friend of mine had his atm card in a Bank of America machine to withdraw money when the power went out.
When it came back on a few seconds later, he was greeted with the Windows XP Embedded splash screen before the atm interface came up.
The machine didn't realize it still had his card, so he couldn't get it back.
(This is especially funny since he is a MS fanboy.
)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211331</id>
	<title>Withdraw my money?!</title>
	<author>TreyGeek</author>
	<datestamp>1244137320000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext>"which would potentially allow criminals to clone the card in order to withdraw cash. "<br>
<br>
Heh... the joke is on the hacker.  I have no money in my bank account to withdraw!</htmltext>
<tokenext>" which would potentially allow criminals to clone the card in order to withdraw cash .
" Heh... the joke is on the hacker .
I have no money in my bank account to withdraw !</tokentext>
<sentencetext>"which would potentially allow criminals to clone the card in order to withdraw cash.
"

Heh... the joke is on the hacker.
I have no money in my bank account to withdraw!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210713</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244134860000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>RE: "a decently hardened copied of XP is more than sufficient for the minimal work"..</p><p>That's the problem...it's more than sufficient.  When designing something to be secure, you want the system to sufficient, nothing more.  ATMs shouldn't even run Windows, linux, DOS, or any other general purpose OS.  They should run the minimal set of programs required to perform banking transactions.  There are levels of "security".  While a hardened general purpose platform is better than an unhardened one, it is not a good design when security is paramount.</p></htmltext>
<tokenext>RE : " a decently hardened copied of XP is more than sufficient for the minimal work " ..That 's the problem...it 's more than sufficient .
When designing something to be secure , you want the system to sufficient , nothing more .
ATMs should n't even run Windows , linux , DOS , or any other general purpose OS .
They should run the minimal set of programs required to perform banking transactions .
There are levels of " security " .
While a hardened general purpose platform is better than an unhardened one , it is not a good design when security is paramount .</tokentext>
<sentencetext>RE: "a decently hardened copied of XP is more than sufficient for the minimal work"..That's the problem...it's more than sufficient.
When designing something to be secure, you want the system to sufficient, nothing more.
ATMs shouldn't even run Windows, linux, DOS, or any other general purpose OS.
They should run the minimal set of programs required to perform banking transactions.
There are levels of "security".
While a hardened general purpose platform is better than an unhardened one, it is not a good design when security is paramount.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28216637</id>
	<title>Re:ATM != desktop computer</title>
	<author>pcardno</author>
	<datestamp>1244118900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>"It costs a licensing fee. It has more security liability than pretty much any other choice."

Yes, it does when it's hooked up to internet with no protection. That isn't this case. I may be entirely wrong, but isn't it the case that an unconnected (except for a highly secure private network), fully patched Windows XP machine is no easier to break into that an equivalent Linux / OSX machine.

"Linux costs nothing to license. BSD costs nothing to license. Windows costs something. That's an added, unneeded cost."

The licensing fee means you can blame them when it's their fault. If you want to blame someone else with Linux for a fundamental OS security issue, you'll still need to license it for a cost. That's why Red Hat make money.

"Because there aren't lots of dev tools for Linux that run on a normal desktop computer?"

Original question was wrong. Who cares, as long as the development tool does the job effectively.

"How is it easier to develop an ATM on Windows than on Linux? They both have tons of tools and myriad experienced developers and companies. Linux is probably better optimized for appliance uses and has a larger share of the appliance market than Windows, making it easier to find companies to work on it."

Because they've been doing it for years so it's far easier to port from old Windows to new Windows rather than rebuild the whole things from scratch. There may well be a new, better technology, but it's a hell of a lot cheaper to regression test against a newer version of an existing platform than it is to rebuild for an entirely new one.</htmltext>
<tokenext>" It costs a licensing fee .
It has more security liability than pretty much any other choice .
" Yes , it does when it 's hooked up to internet with no protection .
That is n't this case .
I may be entirely wrong , but is n't it the case that an unconnected ( except for a highly secure private network ) , fully patched Windows XP machine is no easier to break into that an equivalent Linux / OSX machine .
" Linux costs nothing to license .
BSD costs nothing to license .
Windows costs something .
That 's an added , unneeded cost .
" The licensing fee means you can blame them when it 's their fault .
If you want to blame someone else with Linux for a fundamental OS security issue , you 'll still need to license it for a cost .
That 's why Red Hat make money .
" Because there are n't lots of dev tools for Linux that run on a normal desktop computer ?
" Original question was wrong .
Who cares , as long as the development tool does the job effectively .
" How is it easier to develop an ATM on Windows than on Linux ?
They both have tons of tools and myriad experienced developers and companies .
Linux is probably better optimized for appliance uses and has a larger share of the appliance market than Windows , making it easier to find companies to work on it .
" Because they 've been doing it for years so it 's far easier to port from old Windows to new Windows rather than rebuild the whole things from scratch .
There may well be a new , better technology , but it 's a hell of a lot cheaper to regression test against a newer version of an existing platform than it is to rebuild for an entirely new one .</tokentext>
<sentencetext>"It costs a licensing fee.
It has more security liability than pretty much any other choice.
"

Yes, it does when it's hooked up to internet with no protection.
That isn't this case.
I may be entirely wrong, but isn't it the case that an unconnected (except for a highly secure private network), fully patched Windows XP machine is no easier to break into that an equivalent Linux / OSX machine.
"Linux costs nothing to license.
BSD costs nothing to license.
Windows costs something.
That's an added, unneeded cost.
"

The licensing fee means you can blame them when it's their fault.
If you want to blame someone else with Linux for a fundamental OS security issue, you'll still need to license it for a cost.
That's why Red Hat make money.
"Because there aren't lots of dev tools for Linux that run on a normal desktop computer?
"

Original question was wrong.
Who cares, as long as the development tool does the job effectively.
"How is it easier to develop an ATM on Windows than on Linux?
They both have tons of tools and myriad experienced developers and companies.
Linux is probably better optimized for appliance uses and has a larger share of the appliance market than Windows, making it easier to find companies to work on it.
"

Because they've been doing it for years so it's far easier to port from old Windows to new Windows rather than rebuild the whole things from scratch.
There may well be a new, better technology, but it's a hell of a lot cheaper to regression test against a newer version of an existing platform than it is to rebuild for an entirely new one.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210541</id>
	<title>Re:Magnetic strip?</title>
	<author>gstoddart</author>
	<datestamp>1244134200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>What is this 1980? What countries are still using magnetic strips for credit and debit cards?</p></div></blockquote><p>Well, Canada and the US for example.</p><p>Cheers</p></div>
	</htmltext>
<tokenext>What is this 1980 ?
What countries are still using magnetic strips for credit and debit cards ? Well , Canada and the US for example.Cheers</tokentext>
<sentencetext>What is this 1980?
What countries are still using magnetic strips for credit and debit cards?Well, Canada and the US for example.Cheers
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210197</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211795</id>
	<title>How do you trust an ATM?</title>
	<author>goodmanj</author>
	<datestamp>1244139300000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>This brings up a serious question.  You need some cash in an unfamiliar state or country, and you come across an ATM.  How do you know if you can trust it?</p><p>Given the number of people who've been scammed by everything from <a href="http://www.snopes.com/fraud/atm/atmcamera.asp" title="snopes.com">bolt-on ATM card skimmers</a> [snopes.com] to oldschool <a href="http://www.securityinfowatch.com/root+level/1276382" title="securityinfowatch.com">fake night deposit boxes</a> [securityinfowatch.com], this is worth worrying about.</p><p>The standard security mantra is, "only use trusted hardware to authenticate yourself", but that can't happen here.</p><p>Anyone have any ideas for an ATM authentication system that will both prove to the bank that I am who I say I am, and prove to me that the ATM isn't stealing my authentication keys?</p><p>The only solution I can think of involves trusted hand-held devices like cell phones or keychain password tokens.</p></htmltext>
<tokenext>This brings up a serious question .
You need some cash in an unfamiliar state or country , and you come across an ATM .
How do you know if you can trust it ? Given the number of people who 've been scammed by everything from bolt-on ATM card skimmers [ snopes.com ] to oldschool fake night deposit boxes [ securityinfowatch.com ] , this is worth worrying about.The standard security mantra is , " only use trusted hardware to authenticate yourself " , but that ca n't happen here.Anyone have any ideas for an ATM authentication system that will both prove to the bank that I am who I say I am , and prove to me that the ATM is n't stealing my authentication keys ? The only solution I can think of involves trusted hand-held devices like cell phones or keychain password tokens .</tokentext>
<sentencetext>This brings up a serious question.
You need some cash in an unfamiliar state or country, and you come across an ATM.
How do you know if you can trust it?Given the number of people who've been scammed by everything from bolt-on ATM card skimmers [snopes.com] to oldschool fake night deposit boxes [securityinfowatch.com], this is worth worrying about.The standard security mantra is, "only use trusted hardware to authenticate yourself", but that can't happen here.Anyone have any ideas for an ATM authentication system that will both prove to the bank that I am who I say I am, and prove to me that the ATM isn't stealing my authentication keys?The only solution I can think of involves trusted hand-held devices like cell phones or keychain password tokens.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211111</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244136420000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>Using Windows on an ATM is a sign someone in management somewhere got a nice kickback from M$</p></div><p>there fixed that for ya.</p><p>captcha: reworked</p></div>
	</htmltext>
<tokenext>Using Windows on an ATM is a sign someone in management somewhere got a nice kickback from M $ there fixed that for ya.captcha : reworked</tokentext>
<sentencetext>Using Windows on an ATM is a sign someone in management somewhere got a nice kickback from M$there fixed that for ya.captcha: reworked
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213815</id>
	<title>Re:DES</title>
	<author>Eternauta3k</author>
	<datestamp>1244147640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>A guy in my city was caught a few months ago doing a high-tech version of this. He made a kind of man-in-the-middle attack by putting a fake reader on top of the ATM's card reader, and a fake keyboard over the real one. That way, you used the ATM and your card info and PIN was recorded. Afterwards, the guy picked up the device, cloned your card and used your PIN. Clever, huh?</htmltext>
<tokenext>A guy in my city was caught a few months ago doing a high-tech version of this .
He made a kind of man-in-the-middle attack by putting a fake reader on top of the ATM 's card reader , and a fake keyboard over the real one .
That way , you used the ATM and your card info and PIN was recorded .
Afterwards , the guy picked up the device , cloned your card and used your PIN .
Clever , huh ?</tokentext>
<sentencetext>A guy in my city was caught a few months ago doing a high-tech version of this.
He made a kind of man-in-the-middle attack by putting a fake reader on top of the ATM's card reader, and a fake keyboard over the real one.
That way, you used the ATM and your card info and PIN was recorded.
Afterwards, the guy picked up the device, cloned your card and used your PIN.
Clever, huh?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211403</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209933</id>
	<title>Re:ATM != desktop computer</title>
	<author>Gizzmonic</author>
	<datestamp>1244131560000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I think most ATMs used to run OS/2 up until about 10 years ago.  I'm waiting for the ATM that runs Mac OS X!</p></htmltext>
<tokenext>I think most ATMs used to run OS/2 up until about 10 years ago .
I 'm waiting for the ATM that runs Mac OS X !</tokentext>
<sentencetext>I think most ATMs used to run OS/2 up until about 10 years ago.
I'm waiting for the ATM that runs Mac OS X!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210815</id>
	<title>Re:Windows XP?</title>
	<author>WillKemp</author>
	<datestamp>1244135220000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Of course they're doing it wrong - they're a bank, that's what they do.</p></htmltext>
<tokenext>Of course they 're doing it wrong - they 're a bank , that 's what they do .</tokentext>
<sentencetext>Of course they're doing it wrong - they're a bank, that's what they do.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209921</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210367</id>
	<title>Not much of details</title>
	<author>Anonymous</author>
	<datestamp>1244133540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Despite all that scare flags the linked article is triggering, basically it does not say how the ATM is compromised. Can any ATM be compromised by the hacker without any inside help? Or does it require some help from the maintenance people who open the machine provide access to the innards? Unless the method works on the ATM without any inside help it might not be as scary as it sounds.</htmltext>
<tokenext>Despite all that scare flags the linked article is triggering , basically it does not say how the ATM is compromised .
Can any ATM be compromised by the hacker without any inside help ?
Or does it require some help from the maintenance people who open the machine provide access to the innards ?
Unless the method works on the ATM without any inside help it might not be as scary as it sounds .</tokentext>
<sentencetext>Despite all that scare flags the linked article is triggering, basically it does not say how the ATM is compromised.
Can any ATM be compromised by the hacker without any inside help?
Or does it require some help from the maintenance people who open the machine provide access to the innards?
Unless the method works on the ATM without any inside help it might not be as scary as it sounds.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210465</id>
	<title>Another view via el reg &amp; trustwave</title>
	<author>auric\_dude</author>
	<datestamp>1244133840000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext>A reasonable report via <a href="http://www.theregister.co.uk/2009/06/03/atm\_trojans/" title="theregister.co.uk">http://www.theregister.co.uk/2009/06/03/atm\_trojans/</a> [theregister.co.uk] and something slightly more technical <a href="http://regmedia.co.uk/2009/06/03/trust\_wave\_atm\_report.pdf" title="regmedia.co.uk">http://regmedia.co.uk/2009/06/03/trust\_wave\_atm\_report.pdf</a> [regmedia.co.uk] via trust wave.</htmltext>
<tokenext>A reasonable report via http : //www.theregister.co.uk/2009/06/03/atm \ _trojans/ [ theregister.co.uk ] and something slightly more technical http : //regmedia.co.uk/2009/06/03/trust \ _wave \ _atm \ _report.pdf [ regmedia.co.uk ] via trust wave .</tokentext>
<sentencetext>A reasonable report via http://www.theregister.co.uk/2009/06/03/atm\_trojans/ [theregister.co.uk] and something slightly more technical http://regmedia.co.uk/2009/06/03/trust\_wave\_atm\_report.pdf [regmedia.co.uk] via trust wave.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211969</id>
	<title>Re:DES</title>
	<author>Anonymous</author>
	<datestamp>1244140140000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Next time you see a piece of metal in an ATM you should lean up against the wall a few steps away and call the cops, see if they want to catch someone in the act of trying to scam an ATM. If it's a slow night, you might get an officer to respond.</htmltext>
<tokenext>Next time you see a piece of metal in an ATM you should lean up against the wall a few steps away and call the cops , see if they want to catch someone in the act of trying to scam an ATM .
If it 's a slow night , you might get an officer to respond .</tokentext>
<sentencetext>Next time you see a piece of metal in an ATM you should lean up against the wall a few steps away and call the cops, see if they want to catch someone in the act of trying to scam an ATM.
If it's a slow night, you might get an officer to respond.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211403</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28212007</id>
	<title>Re:ATM != desktop computer</title>
	<author>moose\_hp</author>
	<datestamp>1244140260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><a href="http://i168.photobucket.com/albums/u190/moose\_hp/Image001.jpg" title="photobucket.com">Once in an ATM on a mall</a> [photobucket.com]
<br> <br>
And I have my money on that bank, I feel so secure.</htmltext>
<tokenext>Once in an ATM on a mall [ photobucket.com ] And I have my money on that bank , I feel so secure .</tokentext>
<sentencetext>Once in an ATM on a mall [photobucket.com]
 
And I have my money on that bank, I feel so secure.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214639</id>
	<title>Re:I call BS, mostly</title>
	<author>deKernel</author>
	<datestamp>1244108400000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I would say that all in all, you are pretty close.</p><p>However, at least 4 of the largest ATM vendors (Diebold, NCR, Wincore and Fujistu) all use either Windows XP or the embedded version. I have not seen Windows CE used on an actual true ATM. I have seen it used on Ticket-In/Ticke-Out machines in the gambling world that were "enhanced" by a third party to act like an ATM. Also, most of those vendors assume that the ATM is either sitting on a secure network link or using a framed connection for security.</p><p>Regarding your statement about BS on the article, I would pretty much agree. The only way to truly get the PIN that a customer enters at an ATM is if the ATM configuration has been comprised meaning the ATM was not put into a true PIN-entry state (that state must be entered after the card data has been read because the track data must be sent to the EPP so a proper encrypted PIN block can be created). If the new configuration could put the ATM into a state using a standard PIN entry screen but not in the correct state, the EPP will, in fact, give you the key presses. Now granted, that transaction could not be processed by the network because a valid encrypted block would not be created meaning it could not be authenticated by the final authorizor.</p></htmltext>
<tokenext>I would say that all in all , you are pretty close.However , at least 4 of the largest ATM vendors ( Diebold , NCR , Wincore and Fujistu ) all use either Windows XP or the embedded version .
I have not seen Windows CE used on an actual true ATM .
I have seen it used on Ticket-In/Ticke-Out machines in the gambling world that were " enhanced " by a third party to act like an ATM .
Also , most of those vendors assume that the ATM is either sitting on a secure network link or using a framed connection for security.Regarding your statement about BS on the article , I would pretty much agree .
The only way to truly get the PIN that a customer enters at an ATM is if the ATM configuration has been comprised meaning the ATM was not put into a true PIN-entry state ( that state must be entered after the card data has been read because the track data must be sent to the EPP so a proper encrypted PIN block can be created ) .
If the new configuration could put the ATM into a state using a standard PIN entry screen but not in the correct state , the EPP will , in fact , give you the key presses .
Now granted , that transaction could not be processed by the network because a valid encrypted block would not be created meaning it could not be authenticated by the final authorizor .</tokentext>
<sentencetext>I would say that all in all, you are pretty close.However, at least 4 of the largest ATM vendors (Diebold, NCR, Wincore and Fujistu) all use either Windows XP or the embedded version.
I have not seen Windows CE used on an actual true ATM.
I have seen it used on Ticket-In/Ticke-Out machines in the gambling world that were "enhanced" by a third party to act like an ATM.
Also, most of those vendors assume that the ATM is either sitting on a secure network link or using a framed connection for security.Regarding your statement about BS on the article, I would pretty much agree.
The only way to truly get the PIN that a customer enters at an ATM is if the ATM configuration has been comprised meaning the ATM was not put into a true PIN-entry state (that state must be entered after the card data has been read because the track data must be sent to the EPP so a proper encrypted PIN block can be created).
If the new configuration could put the ATM into a state using a standard PIN entry screen but not in the correct state, the EPP will, in fact, give you the key presses.
Now granted, that transaction could not be processed by the network because a valid encrypted block would not be created meaning it could not be authenticated by the final authorizor.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210481</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210595</id>
	<title>The top 10 ways computer security list</title>
	<author>lwriemen</author>
	<datestamp>1244134440000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>10. Don't always run as root<br>9. Don't open attachments from unknown sources<br>8. Don't run Windows!<br>7. Don't run Windows!<br>6. Don't run Windows!<br>5. Don't run Windows!<br>4. Don't run Windows!<br>3. Don't run Windows!<br>2. Don't run Windows!<br>1. Don't run Windows!</p></htmltext>
<tokenext>10 .
Do n't always run as root9 .
Do n't open attachments from unknown sources8 .
Do n't run Windows ! 7 .
Do n't run Windows ! 6 .
Do n't run Windows ! 5 .
Do n't run Windows ! 4 .
Do n't run Windows ! 3 .
Do n't run Windows ! 2 .
Do n't run Windows ! 1 .
Do n't run Windows !</tokentext>
<sentencetext>10.
Don't always run as root9.
Don't open attachments from unknown sources8.
Don't run Windows!7.
Don't run Windows!6.
Don't run Windows!5.
Don't run Windows!4.
Don't run Windows!3.
Don't run Windows!2.
Don't run Windows!1.
Don't run Windows!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211289</id>
	<title>Re:ATM != desktop computer</title>
	<author>plague3106</author>
	<datestamp>1244137200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Seriously, you're this dumb?  Cell phones are desktop computers either, but they run Windows and Linux as well.  My cable box is not a desktop computer, and it run Windows.  My dads cable box runs Linux (which, oddly, seems to lockup from time to time).</p></htmltext>
<tokenext>Seriously , you 're this dumb ?
Cell phones are desktop computers either , but they run Windows and Linux as well .
My cable box is not a desktop computer , and it run Windows .
My dads cable box runs Linux ( which , oddly , seems to lockup from time to time ) .</tokentext>
<sentencetext>Seriously, you're this dumb?
Cell phones are desktop computers either, but they run Windows and Linux as well.
My cable box is not a desktop computer, and it run Windows.
My dads cable box runs Linux (which, oddly, seems to lockup from time to time).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28216263</id>
	<title>Re:How do you trust an ATM?</title>
	<author>phantomfive</author>
	<datestamp>1244116740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Go into a bank.  It's what I've always done.</htmltext>
<tokenext>Go into a bank .
It 's what I 've always done .</tokentext>
<sentencetext>Go into a bank.
It's what I've always done.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211795</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211739</id>
	<title>It doesn't matter the software</title>
	<author>Anonymous</author>
	<datestamp>1244139000000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>1</modscore>
	<htmltext><p>I was talking to someone yesterday that works for a company that deals with card fraud.  You wouldn't believe how easy it is to get someone's information;  someone can simply put a skimmer on an ATM which will grab your card's track data without you knowing.  Many of you have probably heard of it, it's just a piece of hardware that sits on top of the card reader, storing everyone's info.  As far as I know it requires absolutely no connection to the ATM software.</p><p>The information on magstripe cards is most commonly stored in a two-track format.  Track 1 contains your personal information, such as name, address, bank, etc.  Track 2 contains the important information, such as card number, expiration, and the CVV/CV2 code.</p><p>Once the skimmer has enough information (which can easily be HUNDREDS of cards), they sell "dumps" of the track data which people can either buy and encode onto a card themselves, or buy on a fully-finished card.  The latter option is more convenient for most carders (fraudsters), because many of the cards sold by these vendors are indistinguishable from the real thing.  Most vendors also have a minimum buy amount, so you have to buy at least $300 worth of dumps, which can be dozens of cards, all with $10k limits.v</p></htmltext>
<tokenext>I was talking to someone yesterday that works for a company that deals with card fraud .
You would n't believe how easy it is to get someone 's information ; someone can simply put a skimmer on an ATM which will grab your card 's track data without you knowing .
Many of you have probably heard of it , it 's just a piece of hardware that sits on top of the card reader , storing everyone 's info .
As far as I know it requires absolutely no connection to the ATM software.The information on magstripe cards is most commonly stored in a two-track format .
Track 1 contains your personal information , such as name , address , bank , etc .
Track 2 contains the important information , such as card number , expiration , and the CVV/CV2 code.Once the skimmer has enough information ( which can easily be HUNDREDS of cards ) , they sell " dumps " of the track data which people can either buy and encode onto a card themselves , or buy on a fully-finished card .
The latter option is more convenient for most carders ( fraudsters ) , because many of the cards sold by these vendors are indistinguishable from the real thing .
Most vendors also have a minimum buy amount , so you have to buy at least $ 300 worth of dumps , which can be dozens of cards , all with $ 10k limits.v</tokentext>
<sentencetext>I was talking to someone yesterday that works for a company that deals with card fraud.
You wouldn't believe how easy it is to get someone's information;  someone can simply put a skimmer on an ATM which will grab your card's track data without you knowing.
Many of you have probably heard of it, it's just a piece of hardware that sits on top of the card reader, storing everyone's info.
As far as I know it requires absolutely no connection to the ATM software.The information on magstripe cards is most commonly stored in a two-track format.
Track 1 contains your personal information, such as name, address, bank, etc.
Track 2 contains the important information, such as card number, expiration, and the CVV/CV2 code.Once the skimmer has enough information (which can easily be HUNDREDS of cards), they sell "dumps" of the track data which people can either buy and encode onto a card themselves, or buy on a fully-finished card.
The latter option is more convenient for most carders (fraudsters), because many of the cards sold by these vendors are indistinguishable from the real thing.
Most vendors also have a minimum buy amount, so you have to buy at least $300 worth of dumps, which can be dozens of cards, all with $10k limits.v</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28220177</id>
	<title>hacking PINs</title>
	<author>rs232</author>
	<datestamp>1244202720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>"<i>I think that this story is half bogus. PIN numbers aren't stored on a debit card</i>"<br> <br>

But if you have a keylogger installed on a compromised XP system then you can read it off as they are typing it in.<br> <br>

"When a PIN number is typed into an ATM machine it is automatically encrypted by a 3DES encryptor on the PIN pad"<br> <br>

Do you have any citations for this?<br> <br>

'Abstract. We describe new attacks on the financial <a href="http://www.schneier.com/blog/archives/2006/11/attacking\_bankc.html" title="schneier.com">PIN</a> [schneier.com] processing API'</htmltext>
<tokenext>" I think that this story is half bogus .
PIN numbers are n't stored on a debit card " But if you have a keylogger installed on a compromised XP system then you can read it off as they are typing it in .
" When a PIN number is typed into an ATM machine it is automatically encrypted by a 3DES encryptor on the PIN pad " Do you have any citations for this ?
'Abstract. We describe new attacks on the financial PIN [ schneier.com ] processing API'</tokentext>
<sentencetext>"I think that this story is half bogus.
PIN numbers aren't stored on a debit card" 

But if you have a keylogger installed on a compromised XP system then you can read it off as they are typing it in.
"When a PIN number is typed into an ATM machine it is automatically encrypted by a 3DES encryptor on the PIN pad" 

Do you have any citations for this?
'Abstract. We describe new attacks on the financial PIN [schneier.com] processing API'</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210481</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209955</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244131740000</datestamp>
	<modclass>Funny</modclass>
	<modscore>3</modscore>
	<htmltext>but how else is Microsoft supposed get Office 2009 - ATM edition to market?  And just think, Clippy could be a money clip instead of a paper clip! The bottom line is it's win-win in this rough riding tsunami wave of data mining nugget pack of wolves devouring economy for today's business-ready customer driven shim-sham!</htmltext>
<tokenext>but how else is Microsoft supposed get Office 2009 - ATM edition to market ?
And just think , Clippy could be a money clip instead of a paper clip !
The bottom line is it 's win-win in this rough riding tsunami wave of data mining nugget pack of wolves devouring economy for today 's business-ready customer driven shim-sham !</tokentext>
<sentencetext>but how else is Microsoft supposed get Office 2009 - ATM edition to market?
And just think, Clippy could be a money clip instead of a paper clip!
The bottom line is it's win-win in this rough riding tsunami wave of data mining nugget pack of wolves devouring economy for today's business-ready customer driven shim-sham!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209991</id>
	<title>Mac OSX on the ATM</title>
	<author>rliden</author>
	<datestamp>1244131980000</datestamp>
	<modclass>Funny</modclass>
	<modscore>1</modscore>
	<htmltext>"Hi!, I'm an ATM."</htmltext>
<tokenext>" Hi ! , I 'm an ATM .
"</tokentext>
<sentencetext>"Hi!, I'm an ATM.
"</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209933</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210507</id>
	<title>Re:Magnetic strip?</title>
	<author>117</author>
	<datestamp>1244134020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Here in the UK the <a href="http://en.wikipedia.org/wiki/EMV" title="wikipedia.org" rel="nofollow">EMV</a> [wikipedia.org] standard was only rolled out nationwide in 2004, and until that time all physical credit/debit card transactions used the magnetic strip, so it isn't too hard to believe that other countries are sitll using the magnetic strip.</htmltext>
<tokenext>Here in the UK the EMV [ wikipedia.org ] standard was only rolled out nationwide in 2004 , and until that time all physical credit/debit card transactions used the magnetic strip , so it is n't too hard to believe that other countries are sitll using the magnetic strip .</tokentext>
<sentencetext>Here in the UK the EMV [wikipedia.org] standard was only rolled out nationwide in 2004, and until that time all physical credit/debit card transactions used the magnetic strip, so it isn't too hard to believe that other countries are sitll using the magnetic strip.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210197</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210619</id>
	<title>Re:Credit card companies need to wise up</title>
	<author>truthsearch</author>
	<datestamp>1244134500000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p> They have to understand that 'eating the loss', while it may make sense from a short term financial perspective does nto make sense for a longer term perspective.</p></div><p>Actually, it does.  There will always be fraud.  And companies have a threshold which they consider acceptable (IIRC MasterCard's was generally 2\% back when I worked for them).  The cost of rolling out advanced security tech is huge, and compared to a small reduction in fraud it's simply not worth it to these companies.</p><p>Most fraud is not done through cloned plastic.  So even completely eliminating this risk may not be cost effective.</p><p>(As a customer I want all fraud gone.  I'm just explaining the corporate perspective.)</p></div>
	</htmltext>
<tokenext>They have to understand that 'eating the loss ' , while it may make sense from a short term financial perspective does nto make sense for a longer term perspective.Actually , it does .
There will always be fraud .
And companies have a threshold which they consider acceptable ( IIRC MasterCard 's was generally 2 \ % back when I worked for them ) .
The cost of rolling out advanced security tech is huge , and compared to a small reduction in fraud it 's simply not worth it to these companies.Most fraud is not done through cloned plastic .
So even completely eliminating this risk may not be cost effective .
( As a customer I want all fraud gone .
I 'm just explaining the corporate perspective .
)</tokentext>
<sentencetext> They have to understand that 'eating the loss', while it may make sense from a short term financial perspective does nto make sense for a longer term perspective.Actually, it does.
There will always be fraud.
And companies have a threshold which they consider acceptable (IIRC MasterCard's was generally 2\% back when I worked for them).
The cost of rolling out advanced security tech is huge, and compared to a small reduction in fraud it's simply not worth it to these companies.Most fraud is not done through cloned plastic.
So even completely eliminating this risk may not be cost effective.
(As a customer I want all fraud gone.
I'm just explaining the corporate perspective.
)
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209905</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28219709</id>
	<title>But how?</title>
	<author>cavebison</author>
	<datestamp>1244196660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>What I want to know is, *how* was the malware installed?</p><p>Do those ATMs have Autorun turned on for keycard slots?  Did they type the code in binary using the 0 and 1 keys?  How did it get there in the first place?  TFA doesn't mention it, and surely that's the most important thing?</p></htmltext>
<tokenext>What I want to know is , * how * was the malware installed ? Do those ATMs have Autorun turned on for keycard slots ?
Did they type the code in binary using the 0 and 1 keys ?
How did it get there in the first place ?
TFA does n't mention it , and surely that 's the most important thing ?</tokentext>
<sentencetext>What I want to know is, *how* was the malware installed?Do those ATMs have Autorun turned on for keycard slots?
Did they type the code in binary using the 0 and 1 keys?
How did it get there in the first place?
TFA doesn't mention it, and surely that's the most important thing?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210477</id>
	<title>Re:ATM != desktop computer</title>
	<author>CopaceticOpus</author>
	<datestamp>1244133900000</datestamp>
	<modclass>Funny</modclass>
	<modscore>4</modscore>
	<htmltext><p>This is a perfect chance to call your bank:</p><p>YOU: "I've been reading online about ATMs which are based on Windows XP being attacked by cybercriminals, and I'm worried. Are your ATMs running on Windows?"</p><p>THEM: "I'm not sure about the particular technology used in our ATMs, but we've had no security issues thus far."</p><p>YOU: "THEN YOU'D BETTER GO CATCH THEM!" Tee hee-hee! (click!) Snicker, snicker, snort, snicker...</p></htmltext>
<tokenext>This is a perfect chance to call your bank : YOU : " I 've been reading online about ATMs which are based on Windows XP being attacked by cybercriminals , and I 'm worried .
Are your ATMs running on Windows ?
" THEM : " I 'm not sure about the particular technology used in our ATMs , but we 've had no security issues thus far .
" YOU : " THEN YOU 'D BETTER GO CATCH THEM !
" Tee hee-hee !
( click ! ) Snicker , snicker , snort , snicker.. .</tokentext>
<sentencetext>This is a perfect chance to call your bank:YOU: "I've been reading online about ATMs which are based on Windows XP being attacked by cybercriminals, and I'm worried.
Are your ATMs running on Windows?
"THEM: "I'm not sure about the particular technology used in our ATMs, but we've had no security issues thus far.
"YOU: "THEN YOU'D BETTER GO CATCH THEM!
" Tee hee-hee!
(click!) Snicker, snicker, snort, snicker...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211215</id>
	<title>Re:ATM != desktop computer</title>
	<author>Phroggy</author>
	<datestamp>1244136900000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do.</p></div><p>It's the precise nature of the "more than" that has us worried.</p></div>
	</htmltext>
<tokenext>a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do.It 's the precise nature of the " more than " that has us worried .</tokentext>
<sentencetext>a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do.It's the precise nature of the "more than" that has us worried.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210967</id>
	<title>Re:ATM != desktop computer</title>
	<author>butabozuhi</author>
	<datestamp>1244135820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Bank management may be comprised of buffoons, but they aren't the only reason ATMs are Windows based. Although I'm no longer in the banking industry, when I left a few years ago the trend with the big ATM manufacturers was Windows. The vendors said they were locked down. The vendors said they gave greater functionality (i.e. marketing) than the old machines (notice they have ads showing on them nowadays?). Why change something if it ain't broke? Somehow, someway, the vendors were sold on Windows and pushed it down to the banks. Banks, who need to use established vendors and have support contracts, had really little choice than to 'move forward.'

The day Diebold announced their 'next generation windows ATMs' I bet the criminal world let out a cheer!</htmltext>
<tokenext>Bank management may be comprised of buffoons , but they are n't the only reason ATMs are Windows based .
Although I 'm no longer in the banking industry , when I left a few years ago the trend with the big ATM manufacturers was Windows .
The vendors said they were locked down .
The vendors said they gave greater functionality ( i.e .
marketing ) than the old machines ( notice they have ads showing on them nowadays ? ) .
Why change something if it ai n't broke ?
Somehow , someway , the vendors were sold on Windows and pushed it down to the banks .
Banks , who need to use established vendors and have support contracts , had really little choice than to 'move forward .
' The day Diebold announced their 'next generation windows ATMs ' I bet the criminal world let out a cheer !</tokentext>
<sentencetext>Bank management may be comprised of buffoons, but they aren't the only reason ATMs are Windows based.
Although I'm no longer in the banking industry, when I left a few years ago the trend with the big ATM manufacturers was Windows.
The vendors said they were locked down.
The vendors said they gave greater functionality (i.e.
marketing) than the old machines (notice they have ads showing on them nowadays?).
Why change something if it ain't broke?
Somehow, someway, the vendors were sold on Windows and pushed it down to the banks.
Banks, who need to use established vendors and have support contracts, had really little choice than to 'move forward.
'

The day Diebold announced their 'next generation windows ATMs' I bet the criminal world let out a cheer!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28217335</id>
	<title>ATMs in Australia</title>
	<author>Anonymous</author>
	<datestamp>1244124060000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Criminals here dont bother with owning the ATM, the fill it with a gas and the explode it open.</p></htmltext>
<tokenext>Criminals here dont bother with owning the ATM , the fill it with a gas and the explode it open .</tokentext>
<sentencetext>Criminals here dont bother with owning the ATM, the fill it with a gas and the explode it open.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210385</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211099</id>
	<title>Re:ATM != desktop computer</title>
	<author>Youngbull</author>
	<datestamp>1244136360000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Why shouldn't an ATM run Windows? Cue the standard Windows-bashing, but a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do.</p></div><p>I guess the designers of this system is actually saying the same as you are, but here is the catch.. XP is too much for what an ATM is supposed to do. With all the features of a desktop OS it brings with it security issues and possible bugs. Something as vital as an ATM should be running on custom software top to bottom, developed to handle the task at hand securily.</p></div>
	</htmltext>
<tokenext>Why should n't an ATM run Windows ?
Cue the standard Windows-bashing , but a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do.I guess the designers of this system is actually saying the same as you are , but here is the catch.. XP is too much for what an ATM is supposed to do .
With all the features of a desktop OS it brings with it security issues and possible bugs .
Something as vital as an ATM should be running on custom software top to bottom , developed to handle the task at hand securily .</tokentext>
<sentencetext>Why shouldn't an ATM run Windows?
Cue the standard Windows-bashing, but a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do.I guess the designers of this system is actually saying the same as you are, but here is the catch.. XP is too much for what an ATM is supposed to do.
With all the features of a desktop OS it brings with it security issues and possible bugs.
Something as vital as an ATM should be running on custom software top to bottom, developed to handle the task at hand securily.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214929</id>
	<title>Re:ATMs in the UK</title>
	<author>Anonymous</author>
	<datestamp>1244109720000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>The "Microsoft Visual C runtime error" was nice, but I rather had my card back. (or a mouse, so I could at least press the OK button)<br>Especially the code that calculates the possible combinations of notes/coins to withdraw an exact amount was a bit buggy at NatWest.</p></htmltext>
<tokenext>The " Microsoft Visual C runtime error " was nice , but I rather had my card back .
( or a mouse , so I could at least press the OK button ) Especially the code that calculates the possible combinations of notes/coins to withdraw an exact amount was a bit buggy at NatWest .</tokentext>
<sentencetext>The "Microsoft Visual C runtime error" was nice, but I rather had my card back.
(or a mouse, so I could at least press the OK button)Especially the code that calculates the possible combinations of notes/coins to withdraw an exact amount was a bit buggy at NatWest.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210385</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211093</id>
	<title>Re:DES</title>
	<author>jDeepbeep</author>
	<datestamp>1244136360000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>If they have your PIN number, they're automatically authorized to use the card, even after it's reported stolen!</p></div><p>Well, there is a difference between reporting a card as stolen, and telling the bank to disable the card because of fraudulent use, no?  Even so, if reported quickly enough,  the bank ought to be able to credit your account back for any transactions that clear,  and send you affidavits to sign in the mail afterwards.</p></div>
	</htmltext>
<tokenext>If they have your PIN number , they 're automatically authorized to use the card , even after it 's reported stolen ! Well , there is a difference between reporting a card as stolen , and telling the bank to disable the card because of fraudulent use , no ?
Even so , if reported quickly enough , the bank ought to be able to credit your account back for any transactions that clear , and send you affidavits to sign in the mail afterwards .</tokentext>
<sentencetext>If they have your PIN number, they're automatically authorized to use the card, even after it's reported stolen!Well, there is a difference between reporting a card as stolen, and telling the bank to disable the card because of fraudulent use, no?
Even so, if reported quickly enough,  the bank ought to be able to credit your account back for any transactions that clear,  and send you affidavits to sign in the mail afterwards.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210773</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210683</id>
	<title>Re:ATM != desktop computer</title>
	<author>Thaelon</author>
	<datestamp>1244134740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Probably acting as a general purpose OS to allow ATM manufacturers to do less work since they only have to write software for a common OS.</p></htmltext>
<tokenext>Probably acting as a general purpose OS to allow ATM manufacturers to do less work since they only have to write software for a common OS .</tokentext>
<sentencetext>Probably acting as a general purpose OS to allow ATM manufacturers to do less work since they only have to write software for a common OS.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28215791</id>
	<title>Re:ATM != desktop computer</title>
	<author>Fred\_A</author>
	<datestamp>1244114160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>I'd have thought Linux would be cheaper, but for all we know, they did a thorough analysis, discovered there were suitable savings to be made through use of Windows.  Speculating that it's cheaper with so little information is pointless.</p></div><p>You're obviously not familiar with the way corporations work. Picking a solution because it's cheaper or the best tool for the job pretty much only happens through sheer luck.<br>Important considerations are :<br>- the colours used on the brochure<br>- whether the PHB liked the salesperson<br>- how much "incentives" were offered</p></div>
	</htmltext>
<tokenext>I 'd have thought Linux would be cheaper , but for all we know , they did a thorough analysis , discovered there were suitable savings to be made through use of Windows .
Speculating that it 's cheaper with so little information is pointless.You 're obviously not familiar with the way corporations work .
Picking a solution because it 's cheaper or the best tool for the job pretty much only happens through sheer luck.Important considerations are : - the colours used on the brochure- whether the PHB liked the salesperson- how much " incentives " were offered</tokentext>
<sentencetext>I'd have thought Linux would be cheaper, but for all we know, they did a thorough analysis, discovered there were suitable savings to be made through use of Windows.
Speculating that it's cheaper with so little information is pointless.You're obviously not familiar with the way corporations work.
Picking a solution because it's cheaper or the best tool for the job pretty much only happens through sheer luck.Important considerations are :- the colours used on the brochure- whether the PHB liked the salesperson- how much "incentives" were offered
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210857</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28219387</id>
	<title>Re:I call BS, mostly</title>
	<author>slash.duncan</author>
	<datestamp>1244235240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>&gt; When a PIN number is typed into an ATM machine</p><p>You DO realize that PIN stands for "Personal Identification Number" and that ATM is short for "Automated Teller Machine", right?</p><p>So expanding the above, we have:</p><p>"When a personal identification number number is typed into an automated teller machine machine"...</p><p>WTF?  Do you stutter stutter all all the time time when you type type?</p><p>(OTOH, I must admit for years I used the term "hot water heater"... until someone called my attention to the fact that it<nobr> <wbr></nobr>/actually/ was a "cold water heater".  Why would someone wish to heat water that's already hot?  It's not designed to be a steam generator and in fact if it gets to that point it's rather dangerous.  Of course, here in Phoenix in the summer, it often<nobr> <wbr></nobr>/is/ a "hot water heater", or at least a "warm water heater", tho it then then becomes more a water storage unit than a water heating unit.)</p><p>Just something to think about.</p></htmltext>
<tokenext>&gt; When a PIN number is typed into an ATM machineYou DO realize that PIN stands for " Personal Identification Number " and that ATM is short for " Automated Teller Machine " , right ? So expanding the above , we have : " When a personal identification number number is typed into an automated teller machine machine " ...WTF ?
Do you stutter stutter all all the time time when you type type ?
( OTOH , I must admit for years I used the term " hot water heater " ... until someone called my attention to the fact that it /actually/ was a " cold water heater " .
Why would someone wish to heat water that 's already hot ?
It 's not designed to be a steam generator and in fact if it gets to that point it 's rather dangerous .
Of course , here in Phoenix in the summer , it often /is/ a " hot water heater " , or at least a " warm water heater " , tho it then then becomes more a water storage unit than a water heating unit .
) Just something to think about .</tokentext>
<sentencetext>&gt; When a PIN number is typed into an ATM machineYou DO realize that PIN stands for "Personal Identification Number" and that ATM is short for "Automated Teller Machine", right?So expanding the above, we have:"When a personal identification number number is typed into an automated teller machine machine"...WTF?
Do you stutter stutter all all the time time when you type type?
(OTOH, I must admit for years I used the term "hot water heater"... until someone called my attention to the fact that it /actually/ was a "cold water heater".
Why would someone wish to heat water that's already hot?
It's not designed to be a steam generator and in fact if it gets to that point it's rather dangerous.
Of course, here in Phoenix in the summer, it often /is/ a "hot water heater", or at least a "warm water heater", tho it then then becomes more a water storage unit than a water heating unit.
)Just something to think about.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210481</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210539</id>
	<title>Re:Magnetic strip?</title>
	<author>MoonBuggy</author>
	<datestamp>1244134200000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>It's the problem of legacy support. Cards still have magstripes because on occasion you'll come across a situation where there isn't a chip reader, and ATMs (presumably) still have magstripe readers for the occasions that the card doesn't have a chip. If you've got access to the OS, as the criminals mentioned in the article do, you can presumably activate whatever reader you like.</p><p>There's also the fact that this is Eastern Europe - without wanting to perpetuate negative stereotypes, I think it is quite fair to comment that they are not the most developed economies, and as such large scale investment in upgraded technology may well be low down on the list of priorities.</p><p>I'm not sure why the US often seems to share in this kind of technological resistance. A combination of large size and historical mistrust for coordination from a central authority might make it difficult to get cooperation on new projects from everyone simultaneously, I guess, which greatly exacerbates the legacy tech issue.</p></htmltext>
<tokenext>It 's the problem of legacy support .
Cards still have magstripes because on occasion you 'll come across a situation where there is n't a chip reader , and ATMs ( presumably ) still have magstripe readers for the occasions that the card does n't have a chip .
If you 've got access to the OS , as the criminals mentioned in the article do , you can presumably activate whatever reader you like.There 's also the fact that this is Eastern Europe - without wanting to perpetuate negative stereotypes , I think it is quite fair to comment that they are not the most developed economies , and as such large scale investment in upgraded technology may well be low down on the list of priorities.I 'm not sure why the US often seems to share in this kind of technological resistance .
A combination of large size and historical mistrust for coordination from a central authority might make it difficult to get cooperation on new projects from everyone simultaneously , I guess , which greatly exacerbates the legacy tech issue .</tokentext>
<sentencetext>It's the problem of legacy support.
Cards still have magstripes because on occasion you'll come across a situation where there isn't a chip reader, and ATMs (presumably) still have magstripe readers for the occasions that the card doesn't have a chip.
If you've got access to the OS, as the criminals mentioned in the article do, you can presumably activate whatever reader you like.There's also the fact that this is Eastern Europe - without wanting to perpetuate negative stereotypes, I think it is quite fair to comment that they are not the most developed economies, and as such large scale investment in upgraded technology may well be low down on the list of priorities.I'm not sure why the US often seems to share in this kind of technological resistance.
A combination of large size and historical mistrust for coordination from a central authority might make it difficult to get cooperation on new projects from everyone simultaneously, I guess, which greatly exacerbates the legacy tech issue.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210197</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214695</id>
	<title>Re:At least it's not Vista . . .</title>
	<author>bitt3n</author>
	<datestamp>1244108640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>"Are you sure you want to withdraw this money?"
</p><p>"Will you spend it wisely?"
</p></div><p>the first operating system that prevents people from buying itself</p></div>
	</htmltext>
<tokenext>" Are you sure you want to withdraw this money ?
" " Will you spend it wisely ?
" the first operating system that prevents people from buying itself</tokentext>
<sentencetext>"Are you sure you want to withdraw this money?
"
"Will you spend it wisely?
"
the first operating system that prevents people from buying itself
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210097</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209905</id>
	<title>Credit card companies need to wise up</title>
	<author>gurps\_npc</author>
	<datestamp>1244131440000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext>They have to understand that 'eating the loss', while it may make sense from a short term financial perspective does nto make sense for a longer term perspective.  There are superior methods out there to verify credit card information, we don't need to use the same method that was used 50 years ago.</htmltext>
<tokenext>They have to understand that 'eating the loss ' , while it may make sense from a short term financial perspective does nto make sense for a longer term perspective .
There are superior methods out there to verify credit card information , we do n't need to use the same method that was used 50 years ago .</tokentext>
<sentencetext>They have to understand that 'eating the loss', while it may make sense from a short term financial perspective does nto make sense for a longer term perspective.
There are superior methods out there to verify credit card information, we don't need to use the same method that was used 50 years ago.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214889</id>
	<title>Re:ATM != desktop computer</title>
	<author>Eil</author>
	<datestamp>1244109480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>Why shouldn't an ATM run Windows?</p></div></blockquote><p>Because the Windows codebase has just about the worst security track record in history?</p><p>Because it was never designed to be a even general-purpose operating system?</p><p>Because there are many other operating systems that are designed and tested exclusively to operate reliably in embedded environments where security is a top priority?</p></div>
	</htmltext>
<tokenext>Why should n't an ATM run Windows ? Because the Windows codebase has just about the worst security track record in history ? Because it was never designed to be a even general-purpose operating system ? Because there are many other operating systems that are designed and tested exclusively to operate reliably in embedded environments where security is a top priority ?</tokentext>
<sentencetext>Why shouldn't an ATM run Windows?Because the Windows codebase has just about the worst security track record in history?Because it was never designed to be a even general-purpose operating system?Because there are many other operating systems that are designed and tested exclusively to operate reliably in embedded environments where security is a top priority?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210695</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244134800000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>It's cost effective, far easier to test and besides they aren't using regular copies of XP to this. Believe it or not these companies actually have the source to the version XP they use.

I know it makes for a great slashdot post, but learn about something before posting popular banter.</htmltext>
<tokenext>It 's cost effective , far easier to test and besides they are n't using regular copies of XP to this .
Believe it or not these companies actually have the source to the version XP they use .
I know it makes for a great slashdot post , but learn about something before posting popular banter .</tokentext>
<sentencetext>It's cost effective, far easier to test and besides they aren't using regular copies of XP to this.
Believe it or not these companies actually have the source to the version XP they use.
I know it makes for a great slashdot post, but learn about something before posting popular banter.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210395</id>
	<title>Re:ATM != desktop computer</title>
	<author>jeremywc</author>
	<datestamp>1244133600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><i>An ATM is not a desktop computer.</i> <br>
<br>
That's not completely true. For at least the last 10 years, most ATMs have been x86 boxes running OS/2 or Windows 2K/XP.</htmltext>
<tokenext>An ATM is not a desktop computer .
That 's not completely true .
For at least the last 10 years , most ATMs have been x86 boxes running OS/2 or Windows 2K/XP .</tokentext>
<sentencetext>An ATM is not a desktop computer.
That's not completely true.
For at least the last 10 years, most ATMs have been x86 boxes running OS/2 or Windows 2K/XP.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209921</id>
	<title>Windows XP?</title>
	<author>Anonymous</author>
	<datestamp>1244131500000</datestamp>
	<modclass>Funny</modclass>
	<modscore>5</modscore>
	<htmltext><p>..."on ATMs running Microsoft's Windows XP operating system..."</p><p>Let me be the first to say "ur doin it wrong."</p></htmltext>
<tokenext>... " on ATMs running Microsoft 's Windows XP operating system... " Let me be the first to say " ur doin it wrong .
"</tokentext>
<sentencetext>..."on ATMs running Microsoft's Windows XP operating system..."Let me be the first to say "ur doin it wrong.
"</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327</id>
	<title>Re:ATM != desktop computer</title>
	<author>99BottlesOfBeerInMyF</author>
	<datestamp>1244133300000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p><div class="quote"><p>Ultimately it comes down to "why not?"</p></div><p>It costs a licensing fee. It has more security liability than pretty much any other choice.</p><p><div class="quote"><p> The cost of a Windows XP licence is trivial compared with that of the hardware and custom software development.</p></div><p>Linux costs nothing to license. BSD costs nothing to license. Windows costs something. That's an added, unneeded cost.</p><p><div class="quote"><p>Might as well go for one that has lots of development tools for which the software can be run on a normal desktop computer.</p></div><p>Because there aren't lots of dev tools for Linux that run on a normal desktop computer?</p><p><div class="quote"><p>. It's easier to develop for windows that to develop for a custom devkit.</p></div><p>How is it easier to develop an ATM on Windows than on Linux? They both have tons of tools and myriad experienced developers and companies. Linux is probably better optimized for appliance uses and has a larger share of the appliance market than Windows, making it easier to find companies to work on it. </p><p>In short, I don't buy your arguments at all. Using Windows on an ATM is a sign someone in management somewhere is an incompetent buffoon.</p></div>
	</htmltext>
<tokenext>Ultimately it comes down to " why not ?
" It costs a licensing fee .
It has more security liability than pretty much any other choice .
The cost of a Windows XP licence is trivial compared with that of the hardware and custom software development.Linux costs nothing to license .
BSD costs nothing to license .
Windows costs something .
That 's an added , unneeded cost.Might as well go for one that has lots of development tools for which the software can be run on a normal desktop computer.Because there are n't lots of dev tools for Linux that run on a normal desktop computer ? .
It 's easier to develop for windows that to develop for a custom devkit.How is it easier to develop an ATM on Windows than on Linux ?
They both have tons of tools and myriad experienced developers and companies .
Linux is probably better optimized for appliance uses and has a larger share of the appliance market than Windows , making it easier to find companies to work on it .
In short , I do n't buy your arguments at all .
Using Windows on an ATM is a sign someone in management somewhere is an incompetent buffoon .</tokentext>
<sentencetext>Ultimately it comes down to "why not?
"It costs a licensing fee.
It has more security liability than pretty much any other choice.
The cost of a Windows XP licence is trivial compared with that of the hardware and custom software development.Linux costs nothing to license.
BSD costs nothing to license.
Windows costs something.
That's an added, unneeded cost.Might as well go for one that has lots of development tools for which the software can be run on a normal desktop computer.Because there aren't lots of dev tools for Linux that run on a normal desktop computer?.
It's easier to develop for windows that to develop for a custom devkit.How is it easier to develop an ATM on Windows than on Linux?
They both have tons of tools and myriad experienced developers and companies.
Linux is probably better optimized for appliance uses and has a larger share of the appliance market than Windows, making it easier to find companies to work on it.
In short, I don't buy your arguments at all.
Using Windows on an ATM is a sign someone in management somewhere is an incompetent buffoon.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210157</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210939</id>
	<title>Re:ATMs...</title>
	<author>Anonymous</author>
	<datestamp>1244135700000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>...are probably one of the few devices that most Slashdotters would agree should <b>definitely</b> be running proprietary, private software.</p></div><p>
Security through obscurity is NOT a valid security policy.  It would only remain private for as long as it takes a thief to lift an ATM into a truck and drive away.</p></div>
	</htmltext>
<tokenext>...are probably one of the few devices that most Slashdotters would agree should definitely be running proprietary , private software .
Security through obscurity is NOT a valid security policy .
It would only remain private for as long as it takes a thief to lift an ATM into a truck and drive away .</tokentext>
<sentencetext>...are probably one of the few devices that most Slashdotters would agree should definitely be running proprietary, private software.
Security through obscurity is NOT a valid security policy.
It would only remain private for as long as it takes a thief to lift an ATM into a truck and drive away.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210413</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210571</id>
	<title>Re:ATM != desktop computer</title>
	<author>iamhigh</author>
	<datestamp>1244134320000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext>I'll second your argument, and I could be considered an MS fanboy by this crowd's standard.  But there is no reason to have an ATM running windows, the most used, most exploited OS on something like an ATM.  I wouldn't even use Linux, but probably recommend a custom OS, as you can control the hardware used.  Then the attackers have to hack some pretty much unknown system, that can easily be built from the ground up to use software and hardware security measures.</htmltext>
<tokenext>I 'll second your argument , and I could be considered an MS fanboy by this crowd 's standard .
But there is no reason to have an ATM running windows , the most used , most exploited OS on something like an ATM .
I would n't even use Linux , but probably recommend a custom OS , as you can control the hardware used .
Then the attackers have to hack some pretty much unknown system , that can easily be built from the ground up to use software and hardware security measures .</tokentext>
<sentencetext>I'll second your argument, and I could be considered an MS fanboy by this crowd's standard.
But there is no reason to have an ATM running windows, the most used, most exploited OS on something like an ATM.
I wouldn't even use Linux, but probably recommend a custom OS, as you can control the hardware used.
Then the attackers have to hack some pretty much unknown system, that can easily be built from the ground up to use software and hardware security measures.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213243</id>
	<title>Re:ATM != desktop computer</title>
	<author>mindbomb2323</author>
	<datestamp>1244145420000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Both Diebolds and NCR atms use to run os/2 warp and would have to this day if it wasnt for IBM dropping it totally.  Atms locking up use to be a once in a blue moon issue but now with xp embedded running on them it seems like i get 2 a week that have to be rebooted from a lock up.</htmltext>
<tokenext>Both Diebolds and NCR atms use to run os/2 warp and would have to this day if it wasnt for IBM dropping it totally .
Atms locking up use to be a once in a blue moon issue but now with xp embedded running on them it seems like i get 2 a week that have to be rebooted from a lock up .</tokentext>
<sentencetext>Both Diebolds and NCR atms use to run os/2 warp and would have to this day if it wasnt for IBM dropping it totally.
Atms locking up use to be a once in a blue moon issue but now with xp embedded running on them it seems like i get 2 a week that have to be rebooted from a lock up.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210975</id>
	<title>Re:ATM != desktop computer</title>
	<author>AlecC</author>
	<datestamp>1244135880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Since the stole information is being printed off on the bank's receipt printer, they presumably have an insider in the bank who installs the malware and collects the output, but would be very hard to trace back to the fraudulent use.</p></htmltext>
<tokenext>Since the stole information is being printed off on the bank 's receipt printer , they presumably have an insider in the bank who installs the malware and collects the output , but would be very hard to trace back to the fraudulent use .</tokentext>
<sentencetext>Since the stole information is being printed off on the bank's receipt printer, they presumably have an insider in the bank who installs the malware and collects the output, but would be very hard to trace back to the fraudulent use.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210385</id>
	<title>ATMs in the UK</title>
	<author>Canazza</author>
	<datestamp>1244133600000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p>there are many ATMs in the UK that use Windows XP as their OS of choice. Having personally seen crash screens and machines caught in a restart loop.</p><p>Why they are using windows, I don't know to be honest. Why they'd be using a Linux distro, I don't know. The banks probably don't know either, as far as I'm aware they get their ATMs from companies like NCR or IBM (or Diebold, as we've seen before) who are the companies who supply the software. It just so happens that the software they write is written for Windows Operating System. Remember, the cost of hiring someone who can programme for Windows is significantly less for someone who can programme for Linux (As they will likely also be able to programme for Windows, thus, with a larger skill-set they'll demand more money) And a bulk licence for Windows where they're churning out 1,000+ ATMs boils down to next to nothing.</p><p>The cheapest programmer, the cheapest hardware, a slightly costly OS. Something has to be a weak link, and the exploiters exploit it.</p></htmltext>
<tokenext>there are many ATMs in the UK that use Windows XP as their OS of choice .
Having personally seen crash screens and machines caught in a restart loop.Why they are using windows , I do n't know to be honest .
Why they 'd be using a Linux distro , I do n't know .
The banks probably do n't know either , as far as I 'm aware they get their ATMs from companies like NCR or IBM ( or Diebold , as we 've seen before ) who are the companies who supply the software .
It just so happens that the software they write is written for Windows Operating System .
Remember , the cost of hiring someone who can programme for Windows is significantly less for someone who can programme for Linux ( As they will likely also be able to programme for Windows , thus , with a larger skill-set they 'll demand more money ) And a bulk licence for Windows where they 're churning out 1,000 + ATMs boils down to next to nothing.The cheapest programmer , the cheapest hardware , a slightly costly OS .
Something has to be a weak link , and the exploiters exploit it .</tokentext>
<sentencetext>there are many ATMs in the UK that use Windows XP as their OS of choice.
Having personally seen crash screens and machines caught in a restart loop.Why they are using windows, I don't know to be honest.
Why they'd be using a Linux distro, I don't know.
The banks probably don't know either, as far as I'm aware they get their ATMs from companies like NCR or IBM (or Diebold, as we've seen before) who are the companies who supply the software.
It just so happens that the software they write is written for Windows Operating System.
Remember, the cost of hiring someone who can programme for Windows is significantly less for someone who can programme for Linux (As they will likely also be able to programme for Windows, thus, with a larger skill-set they'll demand more money) And a bulk licence for Windows where they're churning out 1,000+ ATMs boils down to next to nothing.The cheapest programmer, the cheapest hardware, a slightly costly OS.
Something has to be a weak link, and the exploiters exploit it.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211437</id>
	<title>Insert ATM card...</title>
	<author>Bobfrankly1</author>
	<datestamp>1244137800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Insert ATM card...<br>
Observe message stating that the ATM is now deleting all files on your ATM card.<br>
Watch helplessly as the progress bar nears completions while filenames zip across the screen<br>
Take possession of the card as the machine spits it out with an accompanying "GOT YA!" on the screen<br>
 Still waiting for this one...</htmltext>
<tokenext>Insert ATM card.. . Observe message stating that the ATM is now deleting all files on your ATM card .
Watch helplessly as the progress bar nears completions while filenames zip across the screen Take possession of the card as the machine spits it out with an accompanying " GOT YA !
" on the screen Still waiting for this one.. .</tokentext>
<sentencetext>Insert ATM card...
Observe message stating that the ATM is now deleting all files on your ATM card.
Watch helplessly as the progress bar nears completions while filenames zip across the screen
Take possession of the card as the machine spits it out with an accompanying "GOT YA!
" on the screen
 Still waiting for this one...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211793</id>
	<title>Re:ATM != desktop computer</title>
	<author>Muad'Dave</author>
	<datestamp>1244139300000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Dugg for using 'cue' (correctly) instead of 'queue'. 8-)</htmltext>
<tokenext>Dugg for using 'cue ' ( correctly ) instead of 'queue' .
8- )</tokentext>
<sentencetext>Dugg for using 'cue' (correctly) instead of 'queue'.
8-)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213991</id>
	<title>Re:ATM != desktop computer</title>
	<author>serialband</author>
	<datestamp>1244148300000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Why shouldn't an ATM run Windows? Cue the standard Windows-bashing, but a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do.</p><p>Also, anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network.</p><p> Yes, it's Windows. But without crazy Aunt Judy trying to install her cat screensavers Windows should be fine for the task.</p></div><p>The ATM runs a very stripped down version of Windows XP.  It then runs a single app that does all the work.  The bank tellers also run XP desktops with a single application that connects to the centralized database.  Nothing else is allowed to run on these systems, so why does it even need Windows XP.  It's a ludicrous setup.  The ATMs and bank teller systems have no need of Windows XP in any way shape or form.</p><p>Banks used to run dumb terminals that connected to a centralized server.  That's all they still need now, because they run a single application to do just that.  What idiot decided several years ago that they needed brand new Dells with XP that needed someone to whittle down to just run one and only one application?  The banks make lots of money off us and demonstrate that they can waste it all on the expensive Dell systems.</p></div>
	</htmltext>
<tokenext>Why should n't an ATM run Windows ?
Cue the standard Windows-bashing , but a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do.Also , anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network .
Yes , it 's Windows .
But without crazy Aunt Judy trying to install her cat screensavers Windows should be fine for the task.The ATM runs a very stripped down version of Windows XP .
It then runs a single app that does all the work .
The bank tellers also run XP desktops with a single application that connects to the centralized database .
Nothing else is allowed to run on these systems , so why does it even need Windows XP .
It 's a ludicrous setup .
The ATMs and bank teller systems have no need of Windows XP in any way shape or form.Banks used to run dumb terminals that connected to a centralized server .
That 's all they still need now , because they run a single application to do just that .
What idiot decided several years ago that they needed brand new Dells with XP that needed someone to whittle down to just run one and only one application ?
The banks make lots of money off us and demonstrate that they can waste it all on the expensive Dell systems .</tokentext>
<sentencetext>Why shouldn't an ATM run Windows?
Cue the standard Windows-bashing, but a decently hardened copied of XP is more than sufficient for the minimal work that an ATM has to do.Also, anyone with any network design sense would vlan &amp; firewall the ATMs off of the rest of the network.
Yes, it's Windows.
But without crazy Aunt Judy trying to install her cat screensavers Windows should be fine for the task.The ATM runs a very stripped down version of Windows XP.
It then runs a single app that does all the work.
The bank tellers also run XP desktops with a single application that connects to the centralized database.
Nothing else is allowed to run on these systems, so why does it even need Windows XP.
It's a ludicrous setup.
The ATMs and bank teller systems have no need of Windows XP in any way shape or form.Banks used to run dumb terminals that connected to a centralized server.
That's all they still need now, because they run a single application to do just that.
What idiot decided several years ago that they needed brand new Dells with XP that needed someone to whittle down to just run one and only one application?
The banks make lots of money off us and demonstrate that they can waste it all on the expensive Dell systems.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213829</id>
	<title>Re:ATM != desktop computer</title>
	<author>Bert64</author>
	<datestamp>1244147700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>But you point out that an ATM has minimal work to do...<br>Windows is not a minimal OS, it contains a lot of functionality that serves no purpose in the context of an ATM. Any functionality could potentially have bugs, the less complexity you have the lower the risk.</p></htmltext>
<tokenext>But you point out that an ATM has minimal work to do...Windows is not a minimal OS , it contains a lot of functionality that serves no purpose in the context of an ATM .
Any functionality could potentially have bugs , the less complexity you have the lower the risk .</tokentext>
<sentencetext>But you point out that an ATM has minimal work to do...Windows is not a minimal OS, it contains a lot of functionality that serves no purpose in the context of an ATM.
Any functionality could potentially have bugs, the less complexity you have the lower the risk.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</id>
	<title>ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244131380000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>An ATM is not a desktop computer.  WTF is an ATM doing running Windows?</p></htmltext>
<tokenext>An ATM is not a desktop computer .
WTF is an ATM doing running Windows ?</tokentext>
<sentencetext>An ATM is not a desktop computer.
WTF is an ATM doing running Windows?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28229211</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244209440000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>...In that case I've got some really bad news about aeroplanes that may put you off flight<nobr> <wbr></nobr>;)</p></htmltext>
<tokenext>...In that case I 've got some really bad news about aeroplanes that may put you off flight ; )</tokentext>
<sentencetext>...In that case I've got some really bad news about aeroplanes that may put you off flight ;)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28246167</id>
	<title>Re:The top 10 ways computer security list</title>
	<author>Anonymous</author>
	<datestamp>1244386380000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>watch the post related to T-Mobile breach<nobr> <wbr></nobr>......and post again<nobr> <wbr></nobr>...<br>I'm not a Microsoft fan<nobr> <wbr></nobr>...but really despise NIX ignorants<nobr> <wbr></nobr>...</p></htmltext>
<tokenext>watch the post related to T-Mobile breach ......and post again ...I 'm not a Microsoft fan ...but really despise NIX ignorants .. .</tokentext>
<sentencetext>watch the post related to T-Mobile breach ......and post again ...I'm not a Microsoft fan ...but really despise NIX ignorants ...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210595</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214865</id>
	<title>Re:DES</title>
	<author>benjfowler</author>
	<datestamp>1244109420000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>That bit of metal that traps cards is known as a 'Lebanese Loop'.</p><p>If an ATM looks like its been tampered with, don't use it.  If an ATM retains your card, get the card stopped immediatelly.</p><p>I'm paranoid, so I've memorized the toll-free phone number of my bank, so I can call them if something bad happens.  The crooks aren't stupid, and if they get your card, they'll try and clean out the account as quickly as possible.  This is especially serious with debit cards, where the banks shift more of the liabilities for fraud onto their customers (since it's your money, not theirs).</p></htmltext>
<tokenext>That bit of metal that traps cards is known as a 'Lebanese Loop'.If an ATM looks like its been tampered with , do n't use it .
If an ATM retains your card , get the card stopped immediatelly.I 'm paranoid , so I 've memorized the toll-free phone number of my bank , so I can call them if something bad happens .
The crooks are n't stupid , and if they get your card , they 'll try and clean out the account as quickly as possible .
This is especially serious with debit cards , where the banks shift more of the liabilities for fraud onto their customers ( since it 's your money , not theirs ) .</tokentext>
<sentencetext>That bit of metal that traps cards is known as a 'Lebanese Loop'.If an ATM looks like its been tampered with, don't use it.
If an ATM retains your card, get the card stopped immediatelly.I'm paranoid, so I've memorized the toll-free phone number of my bank, so I can call them if something bad happens.
The crooks aren't stupid, and if they get your card, they'll try and clean out the account as quickly as possible.
This is especially serious with debit cards, where the banks shift more of the liabilities for fraud onto their customers (since it's your money, not theirs).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211403</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211185</id>
	<title>Re:At least it's not Vista . . .</title>
	<author>Anonymous</author>
	<datestamp>1244136720000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Maybe if ATMs did that the states would not be in the terrible mess they are currently in.</p></htmltext>
<tokenext>Maybe if ATMs did that the states would not be in the terrible mess they are currently in .</tokentext>
<sentencetext>Maybe if ATMs did that the states would not be in the terrible mess they are currently in.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210097</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211403</id>
	<title>Re:DES</title>
	<author>BlackSnake112</author>
	<datestamp>1244137560000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>5</modscore>
	<htmltext><p>Sneakier way that I have seen. The bad guys slide this metal piece into the ATM slot. This catches your card bit will not release it. Some even let you make your transaction but still keep the card. Usually one of the bad guys is around the ATM watching. They walk up pretending to help. They ask you to enter in you pin again or ask for your pin so they can enter the pin. Either way they now have your pin. Nothing works of course. You go away, they take out the piece of metal with your card. Now they have your pin and your card.</p><p>I read about this. I have so far taken 4 pieces of metal out of the ATM card slot at 3 different location around the Washington DC area. All 4 times, someone very quickly left the scene. I did report it to the each bank when they were open again. All 4 times happen to be after 9PM.</p><p>Look at the ATM slot before you put your card in. If it looks like there is a extra thin piece of metal, either go to a different ATM, or see if you can take it out. I used the trusty paperclip to remove the metal. Not that hard.</p></htmltext>
<tokenext>Sneakier way that I have seen .
The bad guys slide this metal piece into the ATM slot .
This catches your card bit will not release it .
Some even let you make your transaction but still keep the card .
Usually one of the bad guys is around the ATM watching .
They walk up pretending to help .
They ask you to enter in you pin again or ask for your pin so they can enter the pin .
Either way they now have your pin .
Nothing works of course .
You go away , they take out the piece of metal with your card .
Now they have your pin and your card.I read about this .
I have so far taken 4 pieces of metal out of the ATM card slot at 3 different location around the Washington DC area .
All 4 times , someone very quickly left the scene .
I did report it to the each bank when they were open again .
All 4 times happen to be after 9PM.Look at the ATM slot before you put your card in .
If it looks like there is a extra thin piece of metal , either go to a different ATM , or see if you can take it out .
I used the trusty paperclip to remove the metal .
Not that hard .</tokentext>
<sentencetext>Sneakier way that I have seen.
The bad guys slide this metal piece into the ATM slot.
This catches your card bit will not release it.
Some even let you make your transaction but still keep the card.
Usually one of the bad guys is around the ATM watching.
They walk up pretending to help.
They ask you to enter in you pin again or ask for your pin so they can enter the pin.
Either way they now have your pin.
Nothing works of course.
You go away, they take out the piece of metal with your card.
Now they have your pin and your card.I read about this.
I have so far taken 4 pieces of metal out of the ATM card slot at 3 different location around the Washington DC area.
All 4 times, someone very quickly left the scene.
I did report it to the each bank when they were open again.
All 4 times happen to be after 9PM.Look at the ATM slot before you put your card in.
If it looks like there is a extra thin piece of metal, either go to a different ATM, or see if you can take it out.
I used the trusty paperclip to remove the metal.
Not that hard.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210773</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213731</id>
	<title>Re:ATM != desktop computer</title>
	<author>Bert64</author>
	<datestamp>1244147340000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Because it makes it cheaper...</p><p>Cheaper because windows coders are ten a penny and very cheap...<br>Cheaper because hardware that will run windows is also extremely cheap and widely available... They can use whatever the cheapest components available are, and be pretty much guaranteed that there will be drivers for it...</p><p>And because many of the people making decisions don't realize anything other than windows exists, so it just becomes a default component, you wouldn't build a computer without a processor and many people think windows is as integral to a computer as the processor.</p></htmltext>
<tokenext>Because it makes it cheaper...Cheaper because windows coders are ten a penny and very cheap...Cheaper because hardware that will run windows is also extremely cheap and widely available... They can use whatever the cheapest components available are , and be pretty much guaranteed that there will be drivers for it...And because many of the people making decisions do n't realize anything other than windows exists , so it just becomes a default component , you would n't build a computer without a processor and many people think windows is as integral to a computer as the processor .</tokentext>
<sentencetext>Because it makes it cheaper...Cheaper because windows coders are ten a penny and very cheap...Cheaper because hardware that will run windows is also extremely cheap and widely available... They can use whatever the cheapest components available are, and be pretty much guaranteed that there will be drivers for it...And because many of the people making decisions don't realize anything other than windows exists, so it just becomes a default component, you wouldn't build a computer without a processor and many people think windows is as integral to a computer as the processor.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210481</id>
	<title>I call BS, mostly</title>
	<author>Anonymous</author>
	<datestamp>1244133900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I think that this story is half bogus. PIN numbers aren't stored on a debit card. They are stored on a server located at a transaction network, that a bank uses to process their card base.

When a PIN number is typed into an ATM machine it is automatically encrypted by a 3DES encryptor on the PIN pad. It's NEVER in clear text. The ATM machines and ATM transaction processing companies use a pivate/public key encryption system.

At least in the USA, the only part of a transaction that is encrypted down the wire is the PIN number between the ATM machine and transaction network. If the data is sent over the internet, the transaction is encrypted via a IPSEC tunnel or SSL.

I have not seen an ATM machine that runs on Windows XP. Most of the newer ATM machines run on Windows CE.

It would be trivial to sniff the network and grab card numbers if you had access to the network that the transaction was running across, but the PIN number would be much tougher to get. It's would be a little more complicated to get the card information based upon a device or software installed on the ATM to grab the card number as it's being swiped in the card reader. IF you could do that, then you could also get the track2 data that is loaded on to the card. That information consists of the card holders name and address.

Basically, I'm claiming BS on the article, as I see it as hype.</htmltext>
<tokenext>I think that this story is half bogus .
PIN numbers are n't stored on a debit card .
They are stored on a server located at a transaction network , that a bank uses to process their card base .
When a PIN number is typed into an ATM machine it is automatically encrypted by a 3DES encryptor on the PIN pad .
It 's NEVER in clear text .
The ATM machines and ATM transaction processing companies use a pivate/public key encryption system .
At least in the USA , the only part of a transaction that is encrypted down the wire is the PIN number between the ATM machine and transaction network .
If the data is sent over the internet , the transaction is encrypted via a IPSEC tunnel or SSL .
I have not seen an ATM machine that runs on Windows XP .
Most of the newer ATM machines run on Windows CE .
It would be trivial to sniff the network and grab card numbers if you had access to the network that the transaction was running across , but the PIN number would be much tougher to get .
It 's would be a little more complicated to get the card information based upon a device or software installed on the ATM to grab the card number as it 's being swiped in the card reader .
IF you could do that , then you could also get the track2 data that is loaded on to the card .
That information consists of the card holders name and address .
Basically , I 'm claiming BS on the article , as I see it as hype .</tokentext>
<sentencetext>I think that this story is half bogus.
PIN numbers aren't stored on a debit card.
They are stored on a server located at a transaction network, that a bank uses to process their card base.
When a PIN number is typed into an ATM machine it is automatically encrypted by a 3DES encryptor on the PIN pad.
It's NEVER in clear text.
The ATM machines and ATM transaction processing companies use a pivate/public key encryption system.
At least in the USA, the only part of a transaction that is encrypted down the wire is the PIN number between the ATM machine and transaction network.
If the data is sent over the internet, the transaction is encrypted via a IPSEC tunnel or SSL.
I have not seen an ATM machine that runs on Windows XP.
Most of the newer ATM machines run on Windows CE.
It would be trivial to sniff the network and grab card numbers if you had access to the network that the transaction was running across, but the PIN number would be much tougher to get.
It's would be a little more complicated to get the card information based upon a device or software installed on the ATM to grab the card number as it's being swiped in the card reader.
IF you could do that, then you could also get the track2 data that is loaded on to the card.
That information consists of the card holders name and address.
Basically, I'm claiming BS on the article, as I see it as hype.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28212157</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244140980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Why wouldn't it?</p><p>As an NCR Technician who works on them everyday I was very pleased to see the upgrade from OS2.</p><p>They are faster, more reliable, and have better troubleshooting tools.</p><p>They are no more vulnerable if you have access to the PC inside.</p><p>And I would like to point out I just finished working on an NCR that has an ASUS motherboard..2GB DDR2 RAM, and a 2.8GHz processor...all of the shelf components.. It is essentially a computer...</p></htmltext>
<tokenext>Why would n't it ? As an NCR Technician who works on them everyday I was very pleased to see the upgrade from OS2.They are faster , more reliable , and have better troubleshooting tools.They are no more vulnerable if you have access to the PC inside.And I would like to point out I just finished working on an NCR that has an ASUS motherboard..2GB DDR2 RAM , and a 2.8GHz processor...all of the shelf components.. It is essentially a computer.. .</tokentext>
<sentencetext>Why wouldn't it?As an NCR Technician who works on them everyday I was very pleased to see the upgrade from OS2.They are faster, more reliable, and have better troubleshooting tools.They are no more vulnerable if you have access to the PC inside.And I would like to point out I just finished working on an NCR that has an ASUS motherboard..2GB DDR2 RAM, and a 2.8GHz processor...all of the shelf components.. It is essentially a computer...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210857</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244135340000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><i>It costs a licensing fee. It has more security liability than pretty much any other choice.</i> <br> <br>
As far as I know though, most of this is via the browser and email applications and IIS.  XP can be pretty secure if you disable all unneeded services. <br> <br>
<i>In short, I don't buy your arguments at all. Using Windows on an ATM is a sign someone in management somewhere is an incompetent buffoon.</i> <br> <br>
I'd have thought Linux would be cheaper, but for all we know, they did a thorough analysis, discovered there were suitable savings to be made through use of Windows.  Speculating that it's cheaper with so little information is pointless.<br> <br>
There's no indication of how the malware is installed.  I suspect this requires physical access, in which case the OS chosen makes no difference at all.</htmltext>
<tokenext>It costs a licensing fee .
It has more security liability than pretty much any other choice .
As far as I know though , most of this is via the browser and email applications and IIS .
XP can be pretty secure if you disable all unneeded services .
In short , I do n't buy your arguments at all .
Using Windows on an ATM is a sign someone in management somewhere is an incompetent buffoon .
I 'd have thought Linux would be cheaper , but for all we know , they did a thorough analysis , discovered there were suitable savings to be made through use of Windows .
Speculating that it 's cheaper with so little information is pointless .
There 's no indication of how the malware is installed .
I suspect this requires physical access , in which case the OS chosen makes no difference at all .</tokentext>
<sentencetext>It costs a licensing fee.
It has more security liability than pretty much any other choice.
As far as I know though, most of this is via the browser and email applications and IIS.
XP can be pretty secure if you disable all unneeded services.
In short, I don't buy your arguments at all.
Using Windows on an ATM is a sign someone in management somewhere is an incompetent buffoon.
I'd have thought Linux would be cheaper, but for all we know, they did a thorough analysis, discovered there were suitable savings to be made through use of Windows.
Speculating that it's cheaper with so little information is pointless.
There's no indication of how the malware is installed.
I suspect this requires physical access, in which case the OS chosen makes no difference at all.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210833</id>
	<title>Re:ATM != desktop computer</title>
	<author>pilgrim23</author>
	<datestamp>1244135280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>entry to the system is the big stumbling block; "open box, insert USB or other media close box".  Every vending machine I have ever encountered has some code that puts it into a "service mode".  I would not be at all surprised that if you  say: Punch "Use English" twice then savings account then some other button then slide in a "special" card and do the service voodoo.  Now given such a "service personnel only"  HOLE and I am SURE its there, it would be trivial to program a basic overflow on a ATM card to make the whole system avaialble via keyboard.  Then use ascii  to punch in a<nobr> <wbr></nobr>.com on the keyboard and you are good to go.</htmltext>
<tokenext>entry to the system is the big stumbling block ; " open box , insert USB or other media close box " .
Every vending machine I have ever encountered has some code that puts it into a " service mode " .
I would not be at all surprised that if you say : Punch " Use English " twice then savings account then some other button then slide in a " special " card and do the service voodoo .
Now given such a " service personnel only " HOLE and I am SURE its there , it would be trivial to program a basic overflow on a ATM card to make the whole system avaialble via keyboard .
Then use ascii to punch in a .com on the keyboard and you are good to go .</tokentext>
<sentencetext>entry to the system is the big stumbling block; "open box, insert USB or other media close box".
Every vending machine I have ever encountered has some code that puts it into a "service mode".
I would not be at all surprised that if you  say: Punch "Use English" twice then savings account then some other button then slide in a "special" card and do the service voodoo.
Now given such a "service personnel only"  HOLE and I am SURE its there, it would be trivial to program a basic overflow on a ATM card to make the whole system avaialble via keyboard.
Then use ascii  to punch in a .com on the keyboard and you are good to go.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211833</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244139540000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>If an ATM runs Windows, it should be Embedded or CE or some such and not full blown 2k or XP.</htmltext>
<tokenext>If an ATM runs Windows , it should be Embedded or CE or some such and not full blown 2k or XP .</tokentext>
<sentencetext>If an ATM runs Windows, it should be Embedded or CE or some such and not full blown 2k or XP.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210097</id>
	<title>At least it's not Vista . . .</title>
	<author>Anonymous</author>
	<datestamp>1244132340000</datestamp>
	<modclass>Funny</modclass>
	<modscore>4</modscore>
	<htmltext><p>"Are you sure you want to withdraw this money?"
</p><p>"Will you spend it wisely?"
</p><p>"You don't seem to have much left, have you planned for an emergency?"
</p><p> . . . etc. . . .</p></htmltext>
<tokenext>" Are you sure you want to withdraw this money ?
" " Will you spend it wisely ?
" " You do n't seem to have much left , have you planned for an emergency ?
" .
. .
etc. .
. .</tokentext>
<sentencetext>"Are you sure you want to withdraw this money?
"
"Will you spend it wisely?
"
"You don't seem to have much left, have you planned for an emergency?
"
 .
. .
etc. .
. .</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209921</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210197</id>
	<title>Magnetic strip?</title>
	<author>TheRaven64</author>
	<datestamp>1244132760000</datestamp>
	<modclass>Troll</modclass>
	<modscore>0</modscore>
	<htmltext>What is this 1980?  What countries are still using magnetic strips for credit and debit cards?</htmltext>
<tokenext>What is this 1980 ?
What countries are still using magnetic strips for credit and debit cards ?</tokentext>
<sentencetext>What is this 1980?
What countries are still using magnetic strips for credit and debit cards?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210027</id>
	<title>Re:ATM != desktop computer</title>
	<author>Anonymous</author>
	<datestamp>1244132040000</datestamp>
	<modclass>Funny</modclass>
	<modscore>1</modscore>
	<htmltext><p>As much as I like the Mac OS, I don't think I want a "lickable" ATM.<nobr> <wbr></nobr>:-P</p></htmltext>
<tokenext>As much as I like the Mac OS , I do n't think I want a " lickable " ATM .
: -P</tokentext>
<sentencetext>As much as I like the Mac OS, I don't think I want a "lickable" ATM.
:-P</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209933</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28215251</id>
	<title>Re:How do you trust an ATM?</title>
	<author>FunkSoulBrother</author>
	<datestamp>1244111280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I think the best answer is choose the bank who is willing to cover you the best/most for having to use this inherently insecure (as you've illustrated) system.</p><p>If there is no such bank willing to accept the risk, I guess you just have to plan ahead/use travellers checks or something.</p></htmltext>
<tokenext>I think the best answer is choose the bank who is willing to cover you the best/most for having to use this inherently insecure ( as you 've illustrated ) system.If there is no such bank willing to accept the risk , I guess you just have to plan ahead/use travellers checks or something .</tokentext>
<sentencetext>I think the best answer is choose the bank who is willing to cover you the best/most for having to use this inherently insecure (as you've illustrated) system.If there is no such bank willing to accept the risk, I guess you just have to plan ahead/use travellers checks or something.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211795</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210301</id>
	<title>ATM is bad enough</title>
	<author>Anonymous</author>
	<datestamp>1244133180000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>WITHOUT any data-sniffing involved...</p></htmltext>
<tokenext>WITHOUT any data-sniffing involved.. .</tokentext>
<sentencetext>WITHOUT any data-sniffing involved...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214915</id>
	<title>Diebold ATMs</title>
	<author>benjfowler</author>
	<datestamp>1244109600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I've noticed that a lot of the crappier plasticky, insecure-looking ATMs around the place tend to have big DIEBOLD badges on them.</p><p>Diebold also make criminally badly-engineered voting machines.  Coincidence?</p></htmltext>
<tokenext>I 've noticed that a lot of the crappier plasticky , insecure-looking ATMs around the place tend to have big DIEBOLD badges on them.Diebold also make criminally badly-engineered voting machines .
Coincidence ?</tokentext>
<sentencetext>I've noticed that a lot of the crappier plasticky, insecure-looking ATMs around the place tend to have big DIEBOLD badges on them.Diebold also make criminally badly-engineered voting machines.
Coincidence?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211753</id>
	<title>Re:I call BS, mostly</title>
	<author>Anonymous</author>
	<datestamp>1244139120000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>Or, since the same keypad is used for PIN entry and regular input, perhaps the control signal that tells the keypad whether to encrypt or pass keypresses through has been tampered with...so the entered PIN comes through as normal keypresses, and is encrypted by the malware and passed on after logging to the file?</p></div><p>I don't think that would work since they could just as well decrypt the PIN from the pad if they had the keys. If the pads used public key crypto, there would be no need to store the keys in a  tamper resistant manner inside the pad. They could randomly switch the pad to clear text mode, log the pin and claim it was wrong. Then switch back to PIN entry mode and leave the ATM software do its job.</p></div>
	</htmltext>
<tokenext>Or , since the same keypad is used for PIN entry and regular input , perhaps the control signal that tells the keypad whether to encrypt or pass keypresses through has been tampered with...so the entered PIN comes through as normal keypresses , and is encrypted by the malware and passed on after logging to the file ? I do n't think that would work since they could just as well decrypt the PIN from the pad if they had the keys .
If the pads used public key crypto , there would be no need to store the keys in a tamper resistant manner inside the pad .
They could randomly switch the pad to clear text mode , log the pin and claim it was wrong .
Then switch back to PIN entry mode and leave the ATM software do its job .</tokentext>
<sentencetext>Or, since the same keypad is used for PIN entry and regular input, perhaps the control signal that tells the keypad whether to encrypt or pass keypresses through has been tampered with...so the entered PIN comes through as normal keypresses, and is encrypted by the malware and passed on after logging to the file?I don't think that would work since they could just as well decrypt the PIN from the pad if they had the keys.
If the pads used public key crypto, there would be no need to store the keys in a  tamper resistant manner inside the pad.
They could randomly switch the pad to clear text mode, log the pin and claim it was wrong.
Then switch back to PIN entry mode and leave the ATM software do its job.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210729</parent>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211307
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28246167
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210595
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28216263
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211795
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_58</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211021
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210157
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_65</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211969
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211403
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210773
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209889
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_36</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28220177
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210481
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209991
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209933
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211255
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210773
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209889
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_55</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210355
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211753
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210729
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210481
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210815
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209921
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_60</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213791
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209995
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211093
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210773
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209889
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210683
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210833
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210027
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209933
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_47</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210889
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210413
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_49</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210435
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210197
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_52</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213829
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210939
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210413
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_48</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28212007
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28219387
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210481
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_39</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28212451
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210413
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28216859
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_42</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210571
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210157
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210695
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28216637
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210157
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211833
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214907
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_34</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213731
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_59</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211289
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210507
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210197
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_50</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213991
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_41</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211873
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209995
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_64</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210713
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28212157
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_37</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210039
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_40</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210655
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213815
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211403
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210773
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209889
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210477
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_56</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28217335
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210385
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211185
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210097
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209921
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_32</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214889
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_63</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28215791
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210857
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210157
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_46</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210903
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210619
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209905
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_62</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28229211
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_53</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209955
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210179
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214639
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210481
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210967
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210157
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28218155
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_54</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213115
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_45</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211531
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_68</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28228375
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209995
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_61</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211111
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210157
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_44</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214929
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210385
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_35</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213243
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210395
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_51</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211173
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210157
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210539
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210197
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_67</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211099
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_38</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28215251
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211795
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210975
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_43</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211793
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_66</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211215
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_57</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210541
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210197
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214695
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210097
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209921
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_04_1424210_33</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214865
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211403
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210773
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209889
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_04_1424210.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209921
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210097
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211185
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214695
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210815
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_04_1424210.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210385
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214929
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28217335
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_04_1424210.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210481
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28220177
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214639
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28219387
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210729
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211753
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_04_1424210.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209889
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210773
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211093
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211403
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214865
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213815
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211969
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211255
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_04_1424210.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210595
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28246167
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_04_1424210.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209901
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211307
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28216859
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28229211
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210179
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210157
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210327
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211021
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211111
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210967
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28216637
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211173
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210857
----http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28215791
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210571
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210903
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209933
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210027
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209991
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210147
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210713
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214907
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28214889
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211099
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211215
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211833
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210975
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213115
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210355
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213991
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213829
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211793
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211531
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210039
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28212007
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209995
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211873
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213791
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28228375
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210477
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28218155
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209955
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210395
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210833
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213243
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28213731
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210695
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210683
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28212157
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211289
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210655
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_04_1424210.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210197
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210507
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210435
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210541
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210539
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_04_1424210.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210367
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_04_1424210.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28209905
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210619
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_04_1424210.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28211795
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28216263
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28215251
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_04_1424210.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210413
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210889
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28210939
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_04_1424210.28212451
</commentlist>
</conversation>
