11:28 a.m.
Michael,
Thanks for working on this and getting in contact with the manufacturer.
I think I should be the contact person since I plan to take responsibility
for setting up and guarding the machine itself.
My thoughts & concerns are as follows:
- What level of trust do we have with the ATM operator?
- Do they have experience working with 3rd parties who handle the
security of the ATM?
- Will the ATM operator allow us to have exclusive control over the ATM
and keep the door keys?
- If so, how do we assure the ATM operator that we won't steal their
cash?
- Note that if they don't return to pick up their cash on Sunday
then we can send it to their address by certified mail, which
protects us
legally.
- If not, how do we ensure that the ATM operator will return the
keys and pick up their cash on Sunday?
- If we can't open the machine then we can't send it on to its
next destination and we will be in legal trouble.
- What do we do if someone steals the BATM during the conference
or overnight?
- Does the hotel have insurance to protect us, and if so do we have
to work with hotel security for this?
- Should I move the BATM offsite overnight to prevent this, and
should I get security to make sure there's no criminal activity involved?
- Can we have a daily/nightly cash out with the ATM operator to
reduce this risk?
- What do we do if a hardware hacker hijacks the device while at the
conference causing some violation?
- Does the ATM operator work allow Monero transactions? If not, what
value is this?
- What types of demonstrations should we give to show off the BATM?
I might be a bit more worried than I need to be but this is going to be the
most hostile environment imaginable for a high-tech ATM to run. I think
that if the manufacturer and the ATM operator understand the 'dangerous'
situation this is, then we'll be better off.
-Sean
On Mon, Jul 16, 2018 at 11:03 AM, Michael Schloh von Bennewitz <
michael(a)getmonero.org> wrote:
Hello list,
As agreed in the village meeting, here is the offer from our local
Vegas ATM operators. The company has offered to operate our machine
using their MSB (money transmitter) license. They have a fixed KYC
policy as well, so I assume that exchanging small sums with no
identification or large sums after photo identification is possible
to configure.
Regardless of whether we accept their offer, it's possible that we
reconfigure the machine for all the reasons given during the meeting.
I'm trying to:
Ensure that people can exchange small amounts for testing purposes
with no loss of private data (no free giveaway of face, blood type,
numbers, and whatever else appears on identification cards.)
Request that one treasurer can be copied on all private email.
Request that we maintain control over the machine, in order to
open it and review its construction for education purposes.
Request that I can reveal the name of the company and the
names of people who will service the machine using the MSB.
Request that we can verify that they have a MSB license.
QUESTIONS
We can reject this offer and try to have the machine in our village
even with no proper license. If anybody wants this, please suggest
how the arrangement should be.
Does anybody want to be the contact person for this company if
we choose to accept their offer to operate our loaned machine?
Are there other questions aside from the 'Im trying to...' list
that I should ask them in the next days?
Cheers,
Michael
--
Michael Schloh von Bennewitz
Software Development Engineer
Europalab Networks R&D, Munich
Office: +49(89)44239885 UTC+2
Mobile: Same as 'Office'
Web: http://michael.schloh.com/
_______________________________________________
Monero-defcon mailing list -- monero-defcon(a)lists.getmonero.org
To unsubscribe send an email to monero-defcon-leave(a)lists.getmonero.org