Re: Department store self-checkouts run on XP (and they crash)


"CBFalconer" <cbfalconer@xxxxxxxxx> wrote in message
news:4578E3FD.51BED432@xxxxxxxxxxxx
Tom wrote:

Here's yet another example of a very poor embedded design that somehow
made it
out the door.

For those of you who haven't seen self-checkouts yet, they're basically a
way
to replace cashiers by getting the cutomers to scan and bag their own
items.
You put your item infront of the barcode scanner and then you put it in a
bag
that sits on a scale. The checkout weighs each item to make sure you're
not
bagging anything that you haven't paid for. This all sounds like a good
idea
in theory.

So I was at the local department store a few days ago and while using the
self-checkout, the application completely quit and I was left staring at
a
standard Windows XP desktop with the green hills in the background.
There
were three items left in the taskbar: PipeServer, Switch Checker (with
its
default blue MFC icon) , and a console app called POS (how appropriate).
At
first I got a really good laugh out of how poorly written this thing was
and
how it just crashed for no reason. Next I noticed that the touchscreen
remained fully functional I could move the mouse pointer! Now I became
genuinely worried about how serious of a security hole this was. I was
almost
tempted to start poking around to see if I could find the self-test
program
for the change dispenser in the start menu, or to see what other PCs I
could
find on the network. But curiosity didn't get the better of me this time
and I
just left the thing alone.

Next I became somewhat annoyed that I now had to push the big red "I'm an
idiot" button to call a real cashier for help. Eventually the guy started
walking towards me with that standard obligatory fake smile. As soon as
he saw
the screen, the smile vanished and his expression quickly changed to that
of a
deer caught in the headlights. He told me that he'd have to call the
manager.
After about twenty minutes of runaround from cashiers, head cashiers,
managers, assistant managers, and leprechauns who have no clue what
they're
doing I was finally able to pay for my purchases. I'm never using the
self-checkout ever again.

Now what I want to know is what kind of company could let a product like
this
out the door. I'm not too concerned about the crashing as much as I am
about
the fact that ANYONE off the street can potentially gain access to the
insides
of a machine that handles inventory, cash, and credit cards. Something
like
this would have been completely unacceptable at pretty much every company
that
I've ever worked at. If I was in change of QA at this particular company
I
would order an immediate shutdown of all units in the field until the
gaping
security hole is fixed. How this kind of implementation could have ever
gotten
past a design review is beyond me.

As I was leaving the store, I noticed one of the assistant managers
making a
big handwritten "out of order" sign which he would put on the checkout. I
guess nobody knows how to reboot it. Meanwhile another one of them opened
the
little door underneath the checkout (which is not locked) to reveal a
power
bar, a PC, and A KEYBOARD! Best. Security. Ever.

I suggest you repost this to comp.risks. Also identify the
grocery. I NEVER use those things on various principles, including
preserving jobs.

--
Chuck F (cbfalconer at maineline dot net)
Available for consulting/temporary embedded and systems.
<http://cbfalconer.home.att.net>


Hi Chuck,

Have you thought about dumping your computers and hiring a bunch of
scribes - that would make jobs.

More seriously - the system Tom describes is obviously far from perfect but
his best bet is to moan to the store. I do a lot of work designing embedded
bits and pieces that go into retail POS systems (nothing Windows based I
promise) and in my experience the store will apply enormous pressure to the
supplier of the system to fix the bugs.
The MD of at least one major UK chain gets a daily report of all the non
functional lanes in their stores - things get fixed or dumped pretty fast.

Michael Kellett

www.mkesc.co.uk




.