Something is not right with this story... (Score 1)

As a photo lab technician with alot of experience in Woolworths Limited and its retail operations I offer my observations on this issue. Most Big W stores run the Fujifilm DPC3 with Windows XP and the Whitech Phototeller software. The default configuration on all these DPC's is that autorun is disabled (after all it would sometimes interrupt the full screen kiosk software on XP) and that the card reader and USB ports are configured to be read only at an OS level. The permissions on them are heavily restricted, but they do not have any internet security of anti-virus software. That is probably a flaw, but the kiosks should never be directly connected to the internet and the threat is limited by the aforementioned configuration. Whitech's software handles all the upload and download for off-site jobs on an on-site server, which is also generally responsible as relay for sending orders from the kiosks to the Digital Imaging Controller (assuming a Fujifilm printer). Ideally only this server should have an internet connection, all the other kiosks and imaging controllers should just be on a separate subnet without internet access. While not necessarily all setups I have seen have this separate subnet it is common. However, the policies that are setup on the kiosks are the Fujifilm defaults and should not be tampered with and I have confirmed that Woolworths Limited stores get the same default configuration. If these are different on the kiosk in question chances are they are using an older kiosk version (or a flawed newer one), a technician has modified the setup for testing and has failed to return the configuration to its original state or an employee has made changes against the recommendations of Fujifilm. I run a Fujifilm system with DPC3s and an identical setup to most Big W stores and have never had any problems, nor discovered any viruses when doing AV scans. It is important to note that with the exception of some obscure USB based viruses there should be few entry points for a virus on these kiosks. While I agree AV software should probably be installed on these by default to mitigate the extra risk, there is obviously something fishy with the kiosk in question.