Discussion:
Retail Terminal with NO Windows
(too old to reply)
DrFranken
2014-10-12 23:54:34 UTC
Permalink
Raw Message
By now you've likely heard of the next break, this time KMart, the
biggest yet. How did they do it? A virus in MS Windows, AGAIN! KMart
says the virus could not be detected with today's tools.

Sadly one of my customers used to make the premier software for credit
card (etc) processing for retailers on IBM i was been purchased a couple
years ago. The new owners are phasing out the IBM i software (because
they can't spell i) and is asking their customers to move to their
Windows platform instead. Needless to say asking IBM i customers to
move their CC processing to Windows is falling over like me in a ballet.

But no matter where the processing of the cards is handled between the
vendor and the baks most (all??) retailers seem to have Windows at the
point where the customer (and their card) interface to the retailer.
This is where the card data has been stolen. Worse it appears most
retailers are still using XP (You know the one that's no longer
supported!) [Yes I am aware of extended support for XP for retail.]

So my question is could you, would you, create a retail terminal that
does NOT use Windows? Could you do it with IBM i? Or have you already
done so!?

--

- Larry "DrFranken" Bolhuis

www.frankeni.com
www.iDevCloud.com
www.iInTheCloud.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Wilson, Jonathan
2014-10-13 08:45:17 UTC
Permalink
Raw Message
On Sun, 2014-10-12 at 19:54 -0400, DrFranken wrote:

>
> So my question is could you, would you, create a retail terminal that
> does NOT use Windows? Could you do it with IBM i? Or have you already
> done so!?

Conceivably you could have the retail application reside on a Linux, or
Mac, box "terminal", but that would be time consuming for any vendor to
rewrite their application or GUI front end depending on how separated
the UI was from the "back end &/or front end validation" and what it was
originally written in, most likely MFC and C++.

Also lets not forget that "terminal" is such a miss-used name, in
reality they are most likely full blown computers pretending to be dumb
cash registers, with the added problem that the chip and pin systems are
also much more than the tiny reader/keypad most people see... then add
in the fact that a lot of cashpoints are nothing more than a windows PC
in a hardened shell doing all the work over the internet, although my
local "corner shop" works using dial up (and I assume, a direct call to
the processor, not via the internet) and things become even more scary.

On the above, seeing an old cashpoint running doom also sugests that its
not impossible to get hold of cashpoints, so with time and effort I'm
sure it would be possible to work out some crack where a cashpoint could
be exploited with a malformed card or possibly be tricked into
maintenance/service mode.

I would also say, its doesn't really matter what the OS is as when/if
Linux or Mac gains more traction on the desk top, especially the home
user market (1), it will also attract more attention from virus writers
and crackers and the SSL and Bash bugs have shown its not as immune from
problems as we, linux, "users" thought.

(1) The new Steam OS might possibly be the kicker here, if/when it takes
off Linux will be able to play games and depending on how many new or
high market share games it supports its likely that more people will
take up Linux, expecially "the kids" (and I use that term very loosely)
as if the must have game also runs on a steam box, it won't take them
long before they realise that it will run even better on their pc if
only they put "Steam Linux" on it and bring the PC's higher powered
hardware into the mix.

Also just how secure/un-hackable is the i? We have long known about its
memory protections and how programs can't access the memory space of
other jobs, or how LPAR's (of which I know very little) can isolate
whole systems from each other... but IBM can ignore such concepts and
ideas in its "OS" programs, so just how hard would it be to use MI
and/or C to pretend to be an IBM supplied program, running in IBM
"space," with all the power over the whole system that would mean also
what about the more common problems of buffer overruns or pointer
errors, we already know of a "Bug" where long parameters supplied with
short parameters in the caller, or via a command such as SMBJOB, means
data gets muddled/is in an inconsistent state.

>
> --
>
> - Larry "DrFranken" Bolhuis
>
> www.frankeni.com
> www.iDevCloud.com
> www.iInTheCloud.com

Jon

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Nathan Andelin
2014-10-13 17:02:35 UTC
Permalink
Raw Message
>
> So my question is could you, would you, create a retail terminal that does
> NOT use Windows? Could you do it with IBM i? Or have you already done so!?


Yes. We wrote, offer, and support a POS application for school-lunch
cashiers. The magnetic stripe reader is just an alternative to keyboard
input. The POS terminal is just a web browser, which runs on i/OS, Android,
Mac, Linux, in addition to Windows.

The back-end is written in ILE RPG.

At first, I wondered if you were asking about attaching a magnetic stripe
reader to say a USB port on a Power System, running IBM i. I couldn't see
the point of that.

Nathan.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Mark D
2014-10-13 17:23:06 UTC
Permalink
Raw Message
On 10/13/2014 01:02 PM, Nathan Andelin wrote:
>> So my question is could you, would you, create a retail terminal that does
>> NOT use Windows? Could you do it with IBM i? Or have you already done so!?
>
> Yes. We wrote, offer, and support a POS application for school-lunch
> cashiers. The magnetic stripe reader is just an alternative to keyboard
> input. The POS terminal is just a web browser, which runs on i/OS, Android,
> Mac, Linux, in addition to Windows.
>
> The back-end is written in ILE RPG.
>
> At first, I wondered if you were asking about attaching a magnetic stripe
> reader to say a USB port on a Power System, running IBM i. I couldn't see
> the point of that.
>
> Nathan.
Off topic but this is a pet peeve for me... Hopefully it's okay because
it's relevant.

The problem with the various Windows POS hacks going on is not windows
(not that windows isn't a huge problem). Any OS has vulnerabilities. I
can all but guarantee IBM i enjoys rich security through obscurity.
Nobody is trying desperately to find holes. The various POS systems out
there are not thoroughly cut down and properly secured devices. This is
the fault of both the merchant and the integrator. Heck they should be
on a separate VLAN with no outbound internet access to begin with so
that even if malware got placed it couldn't phone home. They should
have their OS loaded to read only media that reloads from scratch on
reboot. They could use a hypervisor and reload the OS from a VM
snapshot so that no changes can ever be written. There are various
other things that could happen but simply don't happen.

There is a fundamental laziness when it comes to security primarily
because the merchants aren't really held accountable for the losses they
cause. I hear far more concern about PCI compliance than actual security.

The magstripe reader being a keyboard is a big problem. If they didn't
behave that way and were API driven, the malware authors would have to
support every kind of magstripe reader.

I can understand such occurrences with mom and pops and I have worked
with secret service and helped some of them get back running. But
target, home depot, and other large nationwide chains? Completely and
totally unacceptable. Do these companies not hire one single competent
CISO? How come people can't infect slot machines with malware? Maybe
because the casinos at least attempt to do network security right.

Mark

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
John Yeung
2014-10-13 17:26:13 UTC
Permalink
Raw Message
On Mon, Oct 13, 2014 at 1:02 PM, Nathan Andelin <nandelin-***@public.gmane.org> wrote:
> At first, I wondered if you were asking about attaching a magnetic stripe
> reader to say a USB port on a Power System, running IBM i. I couldn't see
> the point of that.

I think one of the issues that Larry brought up was that the breach
occurred at POS; meaning that the data was compromised before it ever
got to the back end. So it wouldn't have mattered how secure the back
end was. Therefore, if you *did* hook the stripe reader up *directly*
to the IBM i, that would eliminate Windows as an attack vector
completely. That would be the point.

Your model was:

> The POS terminal is just a web browser, which runs on i/OS,
> Android, Mac, Linux, in addition to Windows.

And what Larry's saying, I believe, is that in your case, you have
i/OS, Android, Mac, Linux, and Windows as attack vectors.

John Y.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Nathan Andelin
2014-10-13 17:40:35 UTC
Permalink
Raw Message
>
> And what Larry's saying, I believe, is that in your case, you have
> i/OS, Android, Mac, Linux, and Windows as attack vectors.
>

Okay, so you're suggesting connecting the magnetic stripe reader directly
to an IBM i Power Server? Can't trust any OS on the front-end? What sort of
UI requirements might a POS terminal support?

Nathan.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Roger Harman
2014-10-13 18:07:49 UTC
Permalink
Raw Message
That's going to be a LOT of very LONG cables running to a really big USB hub wherever the IBM box resides.

Or, a whole lotta IBM I boxes at the checkout lanes. Actually, I like that idea <grin>.


> Date: Mon, 13 Oct 2014 11:40:35 -0600
> Subject: Re: Retail Terminal with NO Windows
> From: nandelin-***@public.gmane.org
> To: midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
>
> >
> > And what Larry's saying, I believe, is that in your case, you have
> > i/OS, Android, Mac, Linux, and Windows as attack vectors.
> >
>
> Okay, so you're suggesting connecting the magnetic stripe reader directly
> to an IBM i Power Server? Can't trust any OS on the front-end? What sort of
> UI requirements might a POS terminal support?
>
> Nathan.
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
James H. H. Lampert
2014-10-13 18:11:35 UTC
Permalink
Raw Message
>> Okay, so you're suggesting connecting the magnetic stripe reader
>> directly to an IBM i Power Server? Can't trust any OS on the
>> front-end? What sort of UI requirements might a POS terminal
>> support?
> That's going to be a LOT of very LONG cables running to a really big
> USB hub wherever the IBM box resides.
>
> Or, a whole lotta IBM I boxes at the checkout lanes. Actually, I
> like that idea <grin>.

Hmm. Or you could have a fully isolated intranet confined to its own
LAN. The modern equivalent of good old fashioned Twinax.

--
JHHL
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Charles Wilt
2014-10-13 18:18:46 UTC
Permalink
Raw Message
Officially (for PCI), that's how it's supposed to be.

Of course it can't be completely isolated...as the POS needs to talk to the
processor...

The you have various holes so that the equipment can be supported/software
updated...

And you end up with something like what we have.

I'd agree that the use of WinXP at the POS is a bad idea; really any full
blown OS. A mobile OS is probably a better choice, but even there you're
talking about lots more functionality than is really needed.

Charles

On Mon, Oct 13, 2014 at 2:11 PM, James H. H. Lampert <
jamesl-6/ELSmrcqeUu8xhjR5IN5AC/***@public.gmane.org> wrote:

>
> Okay, so you're suggesting connecting the magnetic stripe reader
>>> directly to an IBM i Power Server? Can't trust any OS on the
>>> front-end? What sort of UI requirements might a POS terminal
>>> support?
>>>
>> That's going to be a LOT of very LONG cables running to a really big
>> USB hub wherever the IBM box resides.
>>
>> Or, a whole lotta IBM I boxes at the checkout lanes. Actually, I
>> like that idea <grin>.
>>
>
> Hmm. Or you could have a fully isolated intranet confined to its own LAN.
> The modern equivalent of good old fashioned Twinax.
>
> --
> JHHL
>
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Nathan Andelin
2014-10-13 18:46:10 UTC
Permalink
Raw Message
>
> A mobile OS is probably a better choice, but even there you're
> talking about lots more functionality than is really needed.
>

Regarding functionality, that varies from application to application. But I
think the functional expectations for POS are often quite high.

Regarding security, I don't see any problem with mapping a magnetic swipe
reader to an input capable field on an HTML form - which could be hidden.
Nor do I see a problem with using SSL over TCP/IP for a connection with an
IBM i host.

The most vulnerable points of attack would be users unwarily downloading
malware to the POS device - say an iPad. Or possibly connecting to sites
other than the application server.

The mobility of the device could be both an advantage and a disadvantage.
But I think most concerns could be handled either by disabling the device
in some way, only storing it in a secure location, and implementing
policies that limit access and use.

Nathan.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Charles Wilt
2014-10-13 18:12:17 UTC
Permalink
Raw Message
Bring back Twinax!



On Mon, Oct 13, 2014 at 2:07 PM, Roger Harman <roger.harman-***@public.gmane.org>
wrote:

> That's going to be a LOT of very LONG cables running to a really big USB
> hub wherever the IBM box resides.
>
> Or, a whole lotta IBM I boxes at the checkout lanes. Actually, I like
> that idea <grin>.
>
>
> > Date: Mon, 13 Oct 2014 11:40:35 -0600
> > Subject: Re: Retail Terminal with NO Windows
> > From: nandelin-***@public.gmane.org
> > To: midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> >
> > >
> > > And what Larry's saying, I believe, is that in your case, you have
> > > i/OS, Android, Mac, Linux, and Windows as attack vectors.
> > >
> >
> > Okay, so you're suggesting connecting the magnetic stripe reader directly
> > to an IBM i Power Server? Can't trust any OS on the front-end? What sort
> of
> > UI requirements might a POS terminal support?
> >
> > Nathan.
> > --
> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> > To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/midrange-l.
> >
>
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
r***@public.gmane.org
2014-10-13 18:25:13 UTC
Permalink
Raw Message
Only for connectivity to speakers!
So inflexible, fraught with errors and unreliable!


Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: Charles Wilt <charles.wilt-***@public.gmane.org>
To: Midrange Systems Technical Discussion <midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org>
Date: 10/13/2014 02:12 PM
Subject: Re: Retail Terminal with NO Windows
Sent by: "MIDRANGE-L" <midrange-l-bounces-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org>



Bring back Twinax!



On Mon, Oct 13, 2014 at 2:07 PM, Roger Harman <roger.harman-***@public.gmane.org>
wrote:

> That's going to be a LOT of very LONG cables running to a really big USB
> hub wherever the IBM box resides.
>
> Or, a whole lotta IBM I boxes at the checkout lanes. Actually, I like
> that idea <grin>.
>
>
> > Date: Mon, 13 Oct 2014 11:40:35 -0600
> > Subject: Re: Retail Terminal with NO Windows
> > From: nandelin-***@public.gmane.org
> > To: midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> >
> > >
> > > And what Larry's saying, I believe, is that in your case, you have
> > > i/OS, Android, Mac, Linux, and Windows as attack vectors.
> > >
> >
> > Okay, so you're suggesting connecting the magnetic stripe reader
directly
> > to an IBM i Power Server? Can't trust any OS on the front-end? What
sort
> of
> > UI requirements might a POS terminal support?
> >
> > Nathan.
> > --
> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> > To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/midrange-l.
> >
>
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
> To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Charles Wilt
2014-10-13 18:26:19 UTC
Permalink
Raw Message
But secure!

On Mon, Oct 13, 2014 at 2:25 PM, <rob-***@public.gmane.org> wrote:

> Only for connectivity to speakers!
> So inflexible, fraught with errors and unreliable!
>
>
> Rob Berendt
> --
> IBM Certified System Administrator - IBM i 6.1
> Group Dekko
> Dept 1600
> Mail to: 2505 Dekko Drive
> Garrett, IN 46738
> Ship to: Dock 108
> 6928N 400E
> Kendallville, IN 46755
> http://www.dekko.com
>
>
>
>
>
> From: Charles Wilt <charles.wilt-***@public.gmane.org>
> To: Midrange Systems Technical Discussion <midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org>
> Date: 10/13/2014 02:12 PM
> Subject: Re: Retail Terminal with NO Windows
> Sent by: "MIDRANGE-L" <midrange-l-bounces-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org>
>
>
>
> Bring back Twinax!
>
>
>
> On Mon, Oct 13, 2014 at 2:07 PM, Roger Harman <roger.harman-***@public.gmane.org>
> wrote:
>
> > That's going to be a LOT of very LONG cables running to a really big USB
> > hub wherever the IBM box resides.
> >
> > Or, a whole lotta IBM I boxes at the checkout lanes. Actually, I like
> > that idea <grin>.
> >
> >
> > > Date: Mon, 13 Oct 2014 11:40:35 -0600
> > > Subject: Re: Retail Terminal with NO Windows
> > > From: nandelin-***@public.gmane.org
> > > To: midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > >
> > > >
> > > > And what Larry's saying, I believe, is that in your case, you have
> > > > i/OS, Android, Mac, Linux, and Windows as attack vectors.
> > > >
> > >
> > > Okay, so you're suggesting connecting the magnetic stripe reader
> directly
> > > to an IBM i Power Server? Can't trust any OS on the front-end? What
> sort
> > of
> > > UI requirements might a POS terminal support?
> > >
> > > Nathan.
> > > --
> > > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> > list
> > > To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > > To subscribe, unsubscribe, or change list options,
> > > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > > or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > > Before posting, please take a moment to review the archives
> > > at http://archive.midrange.com/midrange-l.
> > >
> >
> > --
> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> > To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/midrange-l.
> >
> >
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Charles Wilt
2014-10-13 18:44:06 UTC
Permalink
Raw Message
Actually I never ran into issue with twinax...

But then again, I never used it without star running it over UTP using a
baluns and a "power panel" from Black Box Corp.

In fact, I've still got some twinax terminals/printers in the
warehouse...been there since 1996. Those are going to have to be replaced
we we move off our Power5 box... :(

Charles


On Mon, Oct 13, 2014 at 2:25 PM, <rob-***@public.gmane.org> wrote:

> Only for connectivity to speakers!
> So inflexible, fraught with errors and unreliable!
>
>
> Rob Berendt
> --
> IBM Certified System Administrator - IBM i 6.1
> Group Dekko
> Dept 1600
> Mail to: 2505 Dekko Drive
> Garrett, IN 46738
> Ship to: Dock 108
> 6928N 400E
> Kendallville, IN 46755
> http://www.dekko.com
>
>
>
>
>
> From: Charles Wilt <charles.wilt-***@public.gmane.org>
> To: Midrange Systems Technical Discussion <midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org>
> Date: 10/13/2014 02:12 PM
> Subject: Re: Retail Terminal with NO Windows
> Sent by: "MIDRANGE-L" <midrange-l-bounces-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org>
>
>
>
> Bring back Twinax!
>
>
>
> On Mon, Oct 13, 2014 at 2:07 PM, Roger Harman <roger.harman-***@public.gmane.org>
> wrote:
>
> > That's going to be a LOT of very LONG cables running to a really big USB
> > hub wherever the IBM box resides.
> >
> > Or, a whole lotta IBM I boxes at the checkout lanes. Actually, I like
> > that idea <grin>.
> >
> >
> > > Date: Mon, 13 Oct 2014 11:40:35 -0600
> > > Subject: Re: Retail Terminal with NO Windows
> > > From: nandelin-***@public.gmane.org
> > > To: midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > >
> > > >
> > > > And what Larry's saying, I believe, is that in your case, you have
> > > > i/OS, Android, Mac, Linux, and Windows as attack vectors.
> > > >
> > >
> > > Okay, so you're suggesting connecting the magnetic stripe reader
> directly
> > > to an IBM i Power Server? Can't trust any OS on the front-end? What
> sort
> > of
> > > UI requirements might a POS terminal support?
> > >
> > > Nathan.
> > > --
> > > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> > list
> > > To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > > To subscribe, unsubscribe, or change list options,
> > > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > > or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > > Before posting, please take a moment to review the archives
> > > at http://archive.midrange.com/midrange-l.
> > >
> >
> > --
> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> > To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/midrange-l.
> >
> >
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Roger Harman
2014-10-13 20:18:16 UTC
Permalink
Raw Message
I'd hate to think about how many miles of twinax I've probably pulled.

UTP, baluns, patch panels..... bad memories. Put in the first ever PC network at a previous employer - Token ring - we already had 3 System/38's using it. Ran the PC network over unused phone wire with baluns. Yuck.


> Date: Mon, 13 Oct 2014 14:44:06 -0400
> Subject: Re: Retail Terminal with NO Windows
> From: charles.wilt-***@public.gmane.org
> To: midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
>
> Actually I never ran into issue with twinax...
>
> But then again, I never used it without star running it over UTP using a
> baluns and a "power panel" from Black Box Corp.
>
> In fact, I've still got some twinax terminals/printers in the
> warehouse...been there since 1996. Those are going to have to be replaced
> we we move off our Power5 box... :(
>
> Charles
>
>
> On Mon, Oct 13, 2014 at 2:25 PM, <rob-***@public.gmane.org> wrote:
>
> > Only for connectivity to speakers!
> > So inflexible, fraught with errors and unreliable!
> >
> >
> > Rob Berendt
> > --
> > IBM Certified System Administrator - IBM i 6.1
> > Group Dekko
> > Dept 1600
> > Mail to: 2505 Dekko Drive
> > Garrett, IN 46738
> > Ship to: Dock 108
> > 6928N 400E
> > Kendallville, IN 46755
> > http://www.dekko.com
> >
> >
> >
> >
> >
> > From: Charles Wilt <charles.wilt-***@public.gmane.org>
> > To: Midrange Systems Technical Discussion <midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org>
> > Date: 10/13/2014 02:12 PM
> > Subject: Re: Retail Terminal with NO Windows
> > Sent by: "MIDRANGE-L" <midrange-l-bounces-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org>
> >
> >
> >
> > Bring back Twinax!
> >
> >
> >
> > On Mon, Oct 13, 2014 at 2:07 PM, Roger Harman <roger.harman-***@public.gmane.org>
> > wrote:
> >
> > > That's going to be a LOT of very LONG cables running to a really big USB
> > > hub wherever the IBM box resides.
> > >
> > > Or, a whole lotta IBM I boxes at the checkout lanes. Actually, I like
> > > that idea <grin>.
> > >
> > >
> > > > Date: Mon, 13 Oct 2014 11:40:35 -0600
> > > > Subject: Re: Retail Terminal with NO Windows
> > > > From: nandelin-***@public.gmane.org
> > > > To: midrange-l-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > > >
> > > > >
> > > > > And what Larry's saying, I believe, is that in your case, you have
> > > > > i/OS, Android, Mac, Linux, and Windows as attack vectors.
> > > > >
> > > >
> > > > Okay, so you're suggesting connecting the magnetic stripe reader
> > directly
> > > > to an IBM i Power Server? Can't trust any OS on the front-end? What
> > sort
> > > of
> > > > UI requirements might a POS terminal support?
> > > >
> > > > Nathan.
> > > > --
> > > > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> > > list
> > > > To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > > > To subscribe, unsubscribe, or change list options,
> > > > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > > > or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > > > Before posting, please take a moment to review the archives
> > > > at http://archive.midrange.com/midrange-l.
> > > >
> > >
> > > --
> > > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> > list
> > > To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > > To subscribe, unsubscribe, or change list options,
> > > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > > or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > > Before posting, please take a moment to review the archives
> > > at http://archive.midrange.com/midrange-l.
> > >
> > >
> > --
> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> > list
> > To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/midrange-l.
> >
> >
> > --
> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
> > To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/midrange-l.
> >
> >
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Henrik Rützou
2014-10-13 18:12:11 UTC
Permalink
Raw Message
here is an example on a browser based POS terminal based on a
tuch screen and with IBM I as the backend

sorry the text in is danish, but I think you understand the flow ...

http://powerext.com/shoecafe.mp4

On Mon, Oct 13, 2014 at 8:07 PM, Roger Harman <***@hotmail.com>
wrote:

> That's going to be a LOT of very LONG cables running to a really big USB
> hub wherever the IBM box resides.
>
> Or, a whole lotta IBM I boxes at the checkout lanes. Actually, I like
> that idea <grin>.
>
>
> > Date: Mon, 13 Oct 2014 11:40:35 -0600
> > Subject: Re: Retail Terminal with NO Windows
> > From: ***@gmail.com
> > To: midrange-***@midrange.com
> >
> > >
> > > And what Larry's saying, I believe, is that in your case, you have
> > > i/OS, Android, Mac, Linux, and Windows as attack vectors.
> > >
> >
> > Okay, so you're suggesting connecting the magnetic stripe reader directly
> > to an IBM i Power Server? Can't trust any OS on the front-end? What sort
> of
> > UI requirements might a POS terminal support?
> >
> > Nathan.
> > --
> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> > To post a message email: MIDRANGE-***@midrange.com
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > or email: MIDRANGE-L-***@midrange.com
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/midrange-l.
> >
>
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-***@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-***@midrange.com
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>


--
Regards,
Henrik Rützou

http://powerEXT.com <http://powerext.com/>
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-***@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-***@midrange.com
Before posting, please take a moment to review the archiv
DrFranken
2014-10-14 00:10:24 UTC
Permalink
Raw Message
Henrik,

This is much like what I was thinking. The only thing available to the
user is the browser, nothing else.

Boot it up from the host every time so that the O/S cannot be
compromised there.

There are of course still questions as have been brought up, such as
there MUST be some O/S behind the browser. How locked down is that? All
communications SSL. How does a pin pad or card reader interface to it?



- Larry "DrFranken" Bolhuis

www.frankeni.com
www.iDevCloud.com
www.iInTheCloud.com

On 10/13/2014 2:12 PM, Henrik Rützou wrote:
> here is an example on a browser based POS terminal based on a
> tuch screen and with IBM I as the backend
>
> sorry the text in is danish, but I think you understand the flow ...
>
> http://powerext.com/shoecafe.mp4
>
> On Mon, Oct 13, 2014 at 8:07 PM, Roger Harman <***@hotmail.com>
> wrote:
>
>> That's going to be a LOT of very LONG cables running to a really big USB
>> hub wherever the IBM box resides.
>>
>> Or, a whole lotta IBM I boxes at the checkout lanes. Actually, I like
>> that idea <grin>.
>>
>>
>>> Date: Mon, 13 Oct 2014 11:40:35 -0600
>>> Subject: Re: Retail Terminal with NO Windows
>>> From: ***@gmail.com
>>> To: midrange-***@midrange.com
>>>
>>>>
>>>> And what Larry's saying, I believe, is that in your case, you have
>>>> i/OS, Android, Mac, Linux, and Windows as attack vectors.
>>>>
>>>
>>> Okay, so you're suggesting connecting the magnetic stripe reader directly
>>> to an IBM i Power Server? Can't trust any OS on the front-end? What sort
>> of
>>> UI requirements might a POS terminal support?
>>>
>>> Nathan.
>>> --
>>> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
>> list
>>> To post a message email: MIDRANGE-***@midrange.com
>>> To subscribe, unsubscribe, or change list options,
>>> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
>>> or email: MIDRANGE-L-***@midrange.com
>>> Before posting, please take a moment to review the archives
>>> at http://archive.midrange.com/midrange-l.
>>>
>>
>> --
>> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
>> To post a message email: MIDRANGE-***@midrange.com
>> To subscribe, unsubscribe, or change list options,
>> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
>> or email: MIDRANGE-L-***@midrange.com
>> Before posting, please take a moment to review the archives
>> at http://archive.midrange.com/midrange-l.
>>
>>
>
>
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-***@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-***@midrange.com
Before posting, please take a moment to review th
Henrik Rützou
2014-10-23 16:33:05 UTC
Permalink
Raw Message
Sorry for the delay, I just missed the later responses to tread.



The App I showed a little film of ( http://powerext.com/shoecafe.mp4 ) is
actually a FDA (Front-end Driven Application) based on EXT JS.



EXT JS is OO Javascript component based framework that comes with a
complete client based MVC. You launch the complete application written I OO
javascript files by getting files stored in the IFS but they could in
principle be stored anywhere else.



The only interaction with the server is thereafter done by calling REST
services that either receives and/or delivers data in POST/FORM or JSON.



POS is actually not so hard to do on a touch screen, the problem is if you
have to process credit card transaction or print receipts.


I my example we have some small POS Epson printers that is connected to IBM
I so when we accept

a sale the receipt are printed from IBM I to an OUTQ according to the POS
terminal position but it is in fact separate processes initiated by a REST
call to the server. Fortunately we don’t need Credit Card processing but
real POS applications (used in malls) needs to ‘talk’ with the Credit Card
terminal since there may be rebates connected to the type of credit card of
the holder etc.

On Tue, Oct 14, 2014 at 2:10 AM, DrFranken <***@frankeni.com> wrote:

> Henrik,
>
> This is much like what I was thinking. The only thing available
> to the user is the browser, nothing else.
>
> Boot it up from the host every time so that the O/S cannot be
> compromised there.
>
> There are of course still questions as have been brought up, such
> as there MUST be some O/S behind the browser. How locked down is that? All
> communications SSL. How does a pin pad or card reader interface to it?
>
>
>
> - Larry "DrFranken" Bolhuis
>
> www.frankeni.com
> www.iDevCloud.com
> www.iInTheCloud.com
>
> On 10/13/2014 2:12 PM, Henrik Rützou wrote:
>
>> here is an example on a browser based POS terminal based on a
>> tuch screen and with IBM I as the backend
>>
>> sorry the text in is danish, but I think you understand the flow ...
>>
>> http://powerext.com/shoecafe.mp4
>>
>> On Mon, Oct 13, 2014 at 8:07 PM, Roger Harman <***@hotmail.com>
>> wrote:
>>
>> That's going to be a LOT of very LONG cables running to a really big USB
>>> hub wherever the IBM box resides.
>>>
>>> Or, a whole lotta IBM I boxes at the checkout lanes. Actually, I like
>>> that idea <grin>.
>>>
>>>
>>> Date: Mon, 13 Oct 2014 11:40:35 -0600
>>>> Subject: Re: Retail Terminal with NO Windows
>>>> From: ***@gmail.com
>>>> To: midrange-***@midrange.com
>>>>
>>>>
>>>>> And what Larry's saying, I believe, is that in your case, you have
>>>>> i/OS, Android, Mac, Linux, and Windows as attack vectors.
>>>>>
>>>>>
>>>> Okay, so you're suggesting connecting the magnetic stripe reader
>>>> directly
>>>> to an IBM i Power Server? Can't trust any OS on the front-end? What sort
>>>>
>>> of
>>>
>>>> UI requirements might a POS terminal support?
>>>>
>>>> Nathan.
>>>> --
>>>> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
>>>>
>>> list
>>>
>>>> To post a message email: MIDRANGE-***@midrange.com
>>>> To subscribe, unsubscribe, or change list options,
>>>> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
>>>> or email: MIDRANGE-L-***@midrange.com
>>>> Before posting, please take a moment to review the archives
>>>> at http://archive.midrange.com/midrange-l.
>>>>
>>>>
>>> --
>>> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
>>> list
>>> To post a message email: MIDRANGE-***@midrange.com
>>> To subscribe, unsubscribe, or change list options,
>>> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
>>> or email: MIDRANGE-L-***@midrange.com
>>> Before posting, please take a moment to review the archives
>>> at http://archive.midrange.com/midrange-l.
>>>
>>>
>>>
>>
>> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-***@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-***@midrange.com
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>


--
Regards,
Henrik Rützou

http://powerEXT.com <http://powerext.com/>
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-***@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-***@midrange.com
Before posting, please take a moment to review the archi
Mike Cunningham
2014-10-13 17:59:43 UTC
Permalink
Raw Message
http://www.computerwise.com/ethernet/ep310.html

Do you mean with something like this?

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org] On Behalf Of John Yeung
Sent: Monday, October 13, 2014 1:26 PM
To: Midrange Systems Technical Discussion
Subject: Re: Retail Terminal with NO Windows

On Mon, Oct 13, 2014 at 1:02 PM, Nathan Andelin <nandelin-***@public.gmane.org> wrote:
> At first, I wondered if you were asking about attaching a magnetic
> stripe reader to say a USB port on a Power System, running IBM i. I
> couldn't see the point of that.

I think one of the issues that Larry brought up was that the breach occurred at POS; meaning that the data was compromised before it ever got to the back end. So it wouldn't have mattered how secure the back end was. Therefore, if you *did* hook the stripe reader up *directly* to the IBM i, that would eliminate Windows as an attack vector completely. That would be the point.

Your model was:

> The POS terminal is just a web browser, which runs on i/OS, Android,
> Mac, Linux, in addition to Windows.

And what Larry's saying, I believe, is that in your case, you have i/OS, Android, Mac, Linux, and Windows as attack vectors.

John Y.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request-Zwy7GipZuJhWk0Htik3J/***@public.gmane.org
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
Loading...