Zoom Kiosks Hacked - Hackers Can’t Resist Free iPods

January 16th, 2007 Davis Posted in Technology, Kiosks |

BacklightOne of the major advantages to using kiosks at a retail store is the reduction in shrinkage that retailers see, once they introduce kiosks at the retail level. Because customers have to actually pay for a product before they can get their hands on it, vending can save retailers significant amounts of money by reducing the amount of theft from shoplifters and unscrupulous employees. Like anything though, if you give someone enough incentive, people will always figure out a way to get around theft deterrent systems.

When I was a kid, people took the time to figure out a way to short circuit Coke machines into giving away free sodas, by spitting water into the slot for dollar bills. Considering that Zoom systems is catering to a much higher end of the retail market with their iPod and cell phone kiosks, it shouldn’t be much of a surprise that hackers have already figured out a way to get around the theft protections built into the Zoom vending machines.

Because Zoom is using internet explorer to run their kiosk software, hackers have figured out that it’s relatively easy to bypass their security protections by accessing the file explorer window and then tricking the machine into thinking that you’ve already paid.

Since most of the Zoom’s kiosks are either inside of a Macy’s location or in an airport, this limits the effectiveness of this hack because there are still security guards that can watch out for this, but this hack could still undermine the usefulness of kiosk technology, if you have to have physical security monitoring the machines. While I’d be surprised to find out that Zoom hasn’t already responded to this threat by making it more difficult to gain access to the file explorer window, this hack still highlights an important issue for kiosk manufactuers to consider when designing their vending solutions.

By removing an actual human from the transaction process vending can save time and money for many businesses, but without the right theft controls, it can also expose retailers to even higher levels of theft. Even with this exploit, I would still be willing to bet that retailers see significant less shrinkage with Zoom kiosks than without them, but for a technology that depends upon removing humans from the transaction process, these sorts of exploits are a significant threat to the kiosk industry. If retailers can’t feel comfortable in having an unmonitored vending machine selling their inventory, it will greatly diminish the appeal and convenience that vending can have as a retail solution.

8 Responses to “Zoom Kiosks Hacked - Hackers Can’t Resist Free iPods”

  1. craig keefner Says:
    January 17th, 2007 at 6:58 am

    One of the Zoom’s for Sony is being trialled over in the Flatirons mall outside of Boulder, CO. We inspected the machine earlier and did not find that vulnerability. It may be a different release/version specific to Macy’s (maybe they did their own interface?)

    Craig

  2. davis Says:
    January 17th, 2007 at 11:01 am

    You would think that if one system was compromised that all of them would be, but it could be that Sony is using different software in their kiosks. I didn’t actually test this out myself, so I can’t speak from first hand experience, but I’ll stop in at my local Macy’s tonight and see if I can try and replicate the vulnerability on their Zoom machine.

  3. mjf Says:
    January 24th, 2007 at 3:39 pm

    Not surprising. The setting that turns off this hack is in Internet Options, and can also be controlled by right-clicking on the image toolbar (the ‘floppy icon’ mentioned in the hack). There are so many config options, it’s difficult to ensure they’re all set the way you want them.

  4. Neil Farr Says:
    January 25th, 2007 at 2:56 am

    Great idea vending kiosks (they are becoming more popular in the UK too). But surely for a kiosk rollout like that, they shouldn’t be using a non-secure browser or at least use kiosk security product. We always get our clients to use Cyberbrowser and Kioskmonitor or other packages like them to save problems like this in the future. IE is great for *some* kiosk applications in kiosk mode BUT is really easy to hack and change, so shouldnt be used for transactional purposes. At worst case, they should have at least set up 1 unit as secure as they could make it, and cloned that.

  5. Stephanie Kropkowski Says:
    January 25th, 2007 at 1:53 pm

    Another option would have been KioWare Kiosk Software (http://www.kioware.com) which wraps around and secures browser-based applications, allowing users access only to the application.

  6. Dave S Says:
    June 25th, 2007 at 3:44 pm

    We use Kioware at our public location. users seem to get around the kioware software at least once a week. I remoted in to one that was suspect and found the kioware software running with the task bar in view and someone streaming music through the kiosk.

  7. Rick B Says:
    September 12th, 2007 at 9:04 am

    Dave, It sounds like Kioware isn’t the problem — if you were seeing the task bar, you were running Kioware under explorer.exe, which would definitely leave you exposed. Instead, they recommend that you create a new windows user, and use their configuration tool to set that new user’s shell to Kioware instead of explorer. As far as secure kiosk software goes, users won’t be able to get around that.

  8. KioMan Says:
    February 19th, 2008 at 4:28 pm

    There is always a way around it…

Leave a Reply