Am I crazy in thinking that the shop I was in that has CentOS 3 running their self checkouts should have a more up to date and currently supported OS? These are brand new self checkouts (the shop has had them for about a year now, but you get my point.)

It’s a genuine question. Am I wrong in thinking that using this OS on a self checkout is a terrible idea? (FWIW this shop is an international retailer)

I have no stake in the shop or anything. I just happened to be there when they had to reboot a self checkout and I noticed the OS version as I was going by.

  • TimeSquirrel@kbin.melroy.org
    link
    fedilink
    arrow-up
    8
    ·
    3 months ago

    What is the risk if it’s all on a closed internal network? You can safely run Windows 98 as long as you’re very careful about what goes in and out at your gateway.

    Commerical networks tend to be a bit more robust than Joe Schmoe’s basement router. It’s a giant pain to keep up with each and every update on everything a store uses (not just self checkouts, things like CCTV systems, HVAC monitoring, electronic signage like smart screens, etc.) so usually it’s all controlled at the network level.

    I install CCTV, I guarantee you more than three quarters of the DVRs and PoE cameras I install never get updated and are “set and forget”. I’ve pulled out 10-15 year old cameras still with original firmware in giant national chain stores when they do refreshes of their infrastructure.

      • TimeSquirrel@kbin.melroy.org
        link
        fedilink
        arrow-up
        2
        ·
        3 months ago

        I’m sure it’s not directly connected with an externally accessible IP. It’s either communicating with a backoffice server, or on a secure VPN tunnel to the rest of the corporate network.

        • delirious_owl@discuss.online
          link
          fedilink
          arrow-up
          1
          ·
          3 months ago

          The point is that it shouldn’t be accessible, but a vulnerability would make it accessible. Its connected to the internet. Its a risk.