Dragonbones wrote:As a youngster, I was into code-breaking. One time, a quarter of a century ago, I looked at a photocopier, which had entry codes so each user could be charged by the month, and I thought to myself: "What happens when the photocopier repairman needs to test it? There must either be one fixed code for all machines of this model that the repairman uses, or he must have a key, or there's a variable code based on the machine, presumably based on its serial number." Opening the machine up, I could not find a keyhole, so I proceeded to test the latter hypothesis, starting with the last three or four digits of the #, and adding digits one by one. I hit the jackpot within mere seconds, at four or five digits (I can't recall which). It was ridiculously easy. I wasn't interested in mass, free copies -- just in finding the flaw in the system.
It's entirely possible that some ATM designers have been as stupid as the designers of that photocopier.
Photocopiers and ATM's are very different! I used to use CLC4040's with a Fiery rip. The code was always Fiery.1 – easy (although this won't get you free copies). ATM engineers don't work from the front of the machine, they either do it offsite (diagnostic software) or work from the back of the machine. You can press as many numbers on the keypad you like without a card, nothing will happen. While I can't explain what the person the OP saw I'm dam sure you can't get money out of a cash machine by simply pressing four keys in a simple combination to get money out!!
A card is needed, which has a magnetic strip on the back which contains three rows of data. Your actual pin is only an encryption code to an algorithm that gives you access to your account. So why create something so sophisticated just to be able to break it with a simple 0000 code?