All about Mobile, Web, Technology, Politics, Security, E-Commerce and Living in the Philippines.

Tuesday, June 20, 2006

Nokia and Siemens on $30B Venture

Nokia and Siemens, two of world's giants in the telecommunication industry has announced a merger in $30B venture (via AP), it will be called Nokia Siemens Networks. This is has big implications since Nokia, Seimens and Erricson are the three major providers of technology and hardware for telecommunications; while Erricson went with Sony to augment its phone design; A Nokia and Seimens combination would far exceed just augmenting the designs of their phone but in terms of technology as well since both has been in forefront of producing technology for Voip, Wifi and Web2.0 for mobile.

Monday, June 19, 2006

Smart (Telecom) Philippines deploys HSPDA

Nokia released today; June 19, 2006; states that Smart Philippines has deployed its HSPDA network which is a simple software upgrade on its existing 3G network.

Original Press Release:


Nokia powers Smart's HSDPA network in the Philippines

Nokia Connection 2006, Singapore - After the first High Speed Downlink Packet Access (HSDPA) call in a live WCDMA network in the country, Philippines' leading wireless service provider Smart Communications Inc. (SMART) launched their HSDPA network. The solution, provided by Nokia, allows Smart to operate its network more cost-efficiently and offer its customers data services at speeds of up to four times faster than current 3G speeds.
"Our aim is to revolutionize mobile communications by enabling our subscribers to access data-rich multimedia content and application right through their handset," said Rolando Peña, Network Services Division head at Smart Communications. "To accomplish this, our engineers are working round-the-clock to establish the widest 3G network in the country in the shortest possible time."
To date, Smart has deployed more than 1,000 3G base station sites across the country. This allows more subscribers to enjoy Smart 3G services such as video calling, video streaming, high speed Internet browsing and downloading of data-rich content like full music tracks and video clips.
"Nokia is pleased to have met our rollout challenge with Smart. Deploying HSDPA is just a simple software upgrade to the Nokia supplied WCDMA network. It is for this reason why it was easy for us to make the first HSDPA call in the country which was just a month after 3G network was operational in February," says Markku Nieminen, Account Director, Networks, Nokia. 
In WCDMA 3G, Nokia has 59 customers to date. Nokia's high-performing HSDPA is a simple software upgrade to Nokia WCDMA networks, thus enabling cost-effective and fast rollout.  Nokia is a leader in the HSDPA market, with over 20 contracts globally.  Many network operators have already opened their HSDPA networks with the Nokia HSDPA.
Nokia is supplying the HSDPA solution to Smart as part of the WCDMA 3G network contract announced in January 2006. Nokia has been the sole network supplier to Smart since 1998.
About Smart Communications Inc.
Smart Communications, Inc. is the Philippines' leading wireless services provider with 20.4 million subscribers on its GSM network as of end-December 2005. Of the total subscriber base served, 15.4 million are under the brands Smart Buddy, Smart Gold, addict mobile, addict mobile prepaid, Smart Infinity, Smart Kid, Smart Kid Prepaid and Smart ACeS. The remaining 5 million are serviced through its subsidiary, Pilipino Telephone Corp., under the GSM brand Talk 'N Text.
Since launching its GSM service in 1999, SMART has introduced world-first wireless data services, including mobile commerce services such as Smart Money, Smart Load and Smart Padala. SMART is a wholly owned subsidiary of the Philippines ' dominant telecommunications carrier, the Philippine Long Distance Telephone Company. For more information, please visit hacked. Hacker announces on public mailing list.

Around 12.57AM Today, June 19, 2006, A message was posted on the IT Specialist mailing list at Yahoo announcing a successful defacement of the Philippine Regulations Commission's website by White Hat Hackers from the Philippines called PHTeam. Although i find it to be a generous act, the government officials may blow it out of proportion and use it as an excuse to lash back against all Hackers (White Hats, Grey Hats, or Black Hats) which could turn into another Hackers Crackdown like what happened in the US.

Original post (email address hidden):

Message-ID: <>
Subject: [IT SPECIALIST] sino gusto pumasa sa PRC exam? <-- kami yung white hat hackers

this monday morning (12:35 AM) ko lang na-hack yung database nung site. hopefully mamya pasok sa opisina, naandyan pa rin yung pinasok ko entry na white hat hackers, including the url. mawawala lang siguro yan kung gising ngayon yung other team of hackers and matakaw sila sa credit and burahin nila yung pinasok ko sa database may access na me sa database ng Professional Regulation Commission. grabe ang sql injection atsaka grabe yung pag nagamit pala ng "sa" na username sa ms sql server database na website o kahit sa desktop application. pag "sa" yung connection string, pwede mag-command shell using sql.  buti hindi "sa" ang ginamit na user connection string ng PRC. kundi baka mas devastating pa yung pwede gawin nung other hackers. mas limited lang yung pwedeng gawin since walang shellcode exploit. ni-try ko i-reboot (i.e. shutdown -t 5) using sql server's shell stored proc yung site nung PRC, pero hindi gumana. basta't "sa" yung mssql connection, meron shelling ng executable, anything can be done, alter index.html (home page defacing or the whole site), create a file, delete a file, shutdown the pc, install a program there, the list is endless. but since hindi "sa" ang ginamit na username sa connection string dun sa PRC, di possible yung shellcode exploit, confined lang ang defacing ng site sa mga table rows. pero delikado pa rin site nila maski walang access sa shelling, meron pa rin mga permission sa tables yung connection string, pwedeng-pwede ko halimbawa mag-insert ng pumasa or mag-alter ng exam result, nakapag-create din ako ng two tables dun. ang hirap din pag public-facing ang application like websites. prone i-attack ng hackers. kailangan security-conscious talaga yung program developer, lalu na kung e-commerce site halimbawa, what if yung i-shi-ship na product order ng iba is gusto mo sayo i-direct, kagulo na actually dalawa hackers na yung  nakapasok dun sa PRC site. yung team ng and sa susunod na mga gagawin ko program using ms sql server hindi na "sa" yung gagamitin ko username sa connection string pero ang nakakatuwa rin dun sa site ng PRC, hindi lahat MS SQL yung ginamit na database, yung iba portion ng website ni-implement using MySQL nasa 62 (64 minus the two table i created there) tables lahat yung MS SQL  database nila dun. hopefully within this week ma-ayos na ng PRC yung vulnerability ng site nila

Tuesday, June 13, 2006

Microsoft WGA Defeated Again.

News submitted to says Microsoft will disable for the mean time the Window Genuine Advantage (WGA) tool which MS distributed via Windows Update. This is after the tool received much bad press last week due to it intrusive nature. According also to the story, MS "promised" to fix this problem by setting the tool to check every 14 days instead of the daily routine.

However a quick search over the net will give you a pretty large amount of information how to disable the tool ranging from using firewalls to block the tool from connecting over the Internet to completely disabling it via registry which leaves me thinking, was this tool really necessary? MS cant even secure Windows against casual crackers and hackers, what more against the entire world who is bent into defeating WGA I guess MS will be fighting a losing battle with this one

Related Links