Following Windows XP Service Pack 2 released in August 2004, Microsoft finallz releases the long waited Windows XP SP3 which includes all previously released Windows XP updates, including security updates and hotfixes, and select out-of-band releases.

Microsoft is not adding significant Windows Vista functionality to Windows XP through SP3. However, SP3 does include Network Access Protection (NAP) to help organizations that use Windows XP to take advantage of new features in the Windows Server® 2008 operating system. Further, Windows XP SP3 does not include Windows Internet Explorer 7

Previously Released Functionality

• MMC 3.0
• MSXML6
• Microsoft Windows Installer 3.1
• Background Intelligent Transfer Service (BITS) 2.5
• IPsec Simple Policy Update for Windows Server 2003 and Windows XP
• Digital Identity Management Service (DIMS) DIMS makes it possible for users who log on to any domain-joined computer to silently access all of their certificates and private keys for applications and services. Peer Name
• Peer Name Resolution Protocol (PNRP) 2.1
• Wi-Fi Protected Access 2 (WPA2)

New and Enhanced Functionality

• “Black Hole” Router Detection
• Network Access Protection (NAP)
• Descriptive Security Options User Interface
• Enhanced security for Administrator and Service policy entries
• Microsoft Kernel Mode Cryptographic Module
• Windows Product Activation

All details on Windows SP3 page

The 320 MB Windows XP SP3 is available for download here

Tags: microsoft, release, security, service pack, services, sp3, update, windows, XP

I found very interesting post on Tom Barrett's "ICT in my Classroom" blog about how Twitter is used as an educational tool.

Tom's post also describes where Twitter is positioned among other communications tools. Twitter is not a synchronous or an asynchronous communication system. It is rather both at once depending how channel's followers use it.

He makes a nice metaphoric comparison between Twitter and a flowing torrent where people can just stand by it and observes the flow. Some prefers to jump into while others simply do not pay much attention to the  stream.

Personally I am amazed to see how many different ways Twitter is used today. There are, indeed, lots of individuals (you and me) but also some politicians (Clinton, Obama, UK Prime Minister), Public Services (LA fire department, AmCross), Airlines, News agencies, etc.. which are increasingly using it, but not necessarily to interact with others but to broadcast content or information.

Is any company using Twitter for internal use only ? 

Tags: 2008, air, airlines, art, ATT, blog, ces, communication, downing, ia, ict, im, iso, lan, nomadcom.net, paris, post, prime minister, public, services, twit, Twitter, uk, wp

Not yet sure if it is a good news or not, but Air France has become the first airline in the world to offer an in-flight mobile phone service on international flights.

One Airbus A318 aircraft operating European routes has been fitted with a mini GSM base station to provides 123 passengers the possibility to :

• Send and receive sms and mms messages
• Send and receive emails via all phones with Internet access

During the second half of the trial, passengers will be able to make and receive phone calls, with the service being regulated to maintain passengers’ comfort and well-being.

If passengers kindly turn off ringing traffic data from/to an aircraft should not be a big deal, if not journeys may become quite annoying with uninterrupted flow of incoming messages ringing alert.

Hard to imagine how will be a long haul flight with full mobile phone services (voice and data) "offered" to passengers. 

At the end of the six-month trial, Air France will examine the feedback and comments made by customers to determine whether to launch this service on all its flights.

What is your feeling about the availability of in-flight mobile phone service ? 

For the technical part,
Air France uses Mobile OnAir onboard mobile telephony system, certified by EASA (European Aviation Safety Authority) which does not interfere with the radio-navigation instruments on this Airbus A318 and may only be used at cruising altitude once the new illuminated sign “Switch off your phone” is turned off (recycling the "no smoking" sign ?).  The system is activated at 3,000 metres (10,000 feet).

More about this trial on AirFrance site including a video of the 1st trial flight.

Tags: -50 days-, 2007, access, air, airbus, aircraft, airfrance "air france" gsm "gsm onboard" aircraft aviat, art, availability, Aviation, blog, bt, ces, customer, europe, flight, gsm, HP, ia, im, in-flight, International, internet, internet access, ITU, King, lan, launch, light, list, mobile, mobile phone, nomadcom.net, passengers, phone, phones, safe, safety, services, sms, term, traffic, video, what is, world, wp, www

British secret services MI5 warned UK businesses about Chinese hackers.

MI5 director-general wrote to 300 UK firms including Banks and law firms to warn them about "electronic espionage attacks" conducted by "Chinese state organizations".

IT Security company Sophos reports that 30 per cent of malware are "made in China". Trojan horses are designed to rob login credentials of anything including email and games. 

China's People's Liberation Army (PLA) was already blamed in September 2007 for attacking governments computers of France, Germany, New Zealand, Australia and United States, including Pentagon systems.

Trojan horses often target computers with unpatched vulnerabilities and without proper level of security deployed.  

The Chinese government has denied any involvement in the attacks and pointed its finger to unidentified hackers.

The question is now to discover if malware "made in China" are really powerful and smart of if attacked computers were the result of a serious lack of security and preventive protection measures.

Source: The Register 

Tags: 2007, art, ATT, attack, blog, ces, computer, computers, design, espionage, event, game, ia, im, King, lan, law, login, malware, nomadcom.net, nyt, power, sco, security, services, spy, spy cyber china espionage "cyber spy" attack warning MI, the register, uk, wp, www

I found the article below on "The Register" site and asked myself the following question: 

If connecting to Internet using an open and unsecured wifi access point is considered as a crime, why authorities do not apply the same principle to other services (mainly electricity and water) we often use without any formal agreement of the owner ?

 " More than half of computer users have illegally stolen Wi-Fi connections, according to The Times – but only 11 alleged offenders have been arrested in the UK, as the police seem to think those deploying Wi-Fi should be more careful about securing their connections.

The data was collected from a "Have Your Say" survey on the website of security-specialist Sophos: apparently 54 per cent of the 560 people who responded admitted nicking bandwidth from insecure Wi-Fi routers.

This might say more about Sophos customers than the general population, and extrapolating the results to every computer user in the country is probably a crime against statistics: so that's exactly what The Times has done.

…

Anyone caught stealing a Wi-Fi connection can be fined up to a grand, even if it's left unsecured, so make sure you ask nicely next time you're looking to log on, and if the person next to you has never stolen a Wi-Fi connection then we have to assume that you have. "

What is your opinion about accessing open wifi ? Do you think it is a crime ?

Source: The Register

Tags: 2007, access, agreement, art, blog, ces, computer, connection, connections, crime, customer, electricity, enforcement, free, ia, im, internet, internet access, King, lan, law, list, MIT, nomadcom.net, police, population, security, services, statistics, survey, the register, thief, thieves, uk, user, water, web, website, what is, wifi, wireless, wp, www

8th of November: World Usability Day "Make life easy" 

Swiss UPA, the Swiss chapter of the Usability Professional Association proposes to ease access to free public wireless networks using a specific sign ((o)) that would help users to detect easy to use wireless networks. 

Today, before getting online using a wireless device, users have first to find an user-friendly wireless access point and then try to connect to it.

The user has to detect which wireless networks are available from his location and check if they are public and free of charge. Often wireless network names do not inform the visitor if the access to the network is free or not. The wireless access point might not be protected but once connected users are redirected to a page where they will be invited to purchase access rights.

Swiss UPS also highlight the fact that once connected to a free and public wireless network, it is not uncommon to reach an authentication page before getting access to the Internet. This procedure has 2 main disadvantage:

• Some authentication pages cannot be completed when using a Smartphone or a PDA.
• Some services such email, Instant Messaging, VoIP, etc… do not require the use of a browser and users cannot pass easily through this authentication method.

To make users' life easier, Swiss UPS proposes to include at the beginning of the SSID (Service Set Identifier which broadcasts the name of the wireless network) of public and free wireless networks the  following distinctive sign:  ((0))

Usage of the sign ((o)) is free and open to all individuals, collectivities and organizations which operate a WiFi network respecting  Swiss UPA usability charter.

More about Swiss UPA (in German), UPA International (English) and about World Usability Day

Source: Canard WiFi 

Tags: 2007, access, art, blog, ces, ergonomic, find, free, ia, im, International, internet, IT World, lan, light, location, network, nomadcom.net, online, pda, phone, public, services, smartphone, swiss, swiss upa, Telecommunications, upa, USA, usability, usage, user, wifi, wireless, world, wp, www

People affected by California wildfires get and send firsthand information using micro-blogging service Twitter. Usually during emergencies, all telecommunications networks get overloaded due to huge communication flow increase in all affected areas.

2004 Tsunami taught us that when telephone landlines do not work anymore, mobile network is overloaded, short-messages (SMS) were still going through, but often with up to a hour delivery delay (better than no communication).

One of the most critical problem to solve during emergencies is how to spread information on both directions (from affected people to emergency services and from helpers to victims). In addition, affected people and their relatives are in need to get in touch.

In California, the American Red Cross, among others, have open 2 Twitters threads. One is made to push information out (e.g evacuation routes) and the 2nd one is "Safe and Well" which provides a way for affected people to register as “safe and well.” using a list of standard messages.

Concerned relatives can search the list of those who have registered themselves as “safe and well.” directly on American Red Cross website.

Among many sources: Stephenson Strategies, Wired, KPBS and Occam Razr.

Tags: 2007, 24, american red cross, arc, blog, california, cellular, ces, communication, delay, emergency, how to, ia, ict, im, lan, list, live, micro-blogging, mobile, Mobile Communications, network, nomadcom.net, phone, red cross, safe, search, services, sms, sun, telecom, Telecommunications, touch, twit, Twitter, user, web, website, wildfire, wp, www

The attacks on Swiss financial institutes with the aim of unjustified enrichment and the threat of the targeted industrial espionage via the internet are the main topics of the fifth semi-annual report of the Reporting and Analysis Centre for Information Assurance.

The report assesses the situation of the first half of the year 2007 in Switzerland and is now available online and clearly shows that the human factor remains the weakest point of ICT security.

Focus areas of issue 2007/I

• Attacks on Swiss financial services
  "Classic" phishing attacks by e-mail with password requests have decreased substantially in Switzerland. Moreover, all such attacks have been unsuccessful. On the other hand, successful attacks with malware have increased. Two-factor authentication systems (e.g. transaction authentication numbers, SecurID, etc.) do not afford protection against such attacks and must be viewed as insecure once the computer of the customer has been infected with malware.

• Industrial espionage and data theft
  The threat posed by targeted state or private industrial espionage continues. Not only the operators of critical infrastructures, the armament industry, or public authorities are threatened. Medium-sized industrial companies as well as manufacturers of luxury articles and fashion are also being targeted. The attacks are carried out by sending targeted e-mails to individual employees which contain malware in their attachments or links to bogus websites.
• Attacks on web servers:
  malware distribution, phishing, data theft Compromising of web servers has increased. The purpose is to use web servers to distribute malware, such as by drive-by infection, to steal data (especially on commercially used servers), to carry out (interim) storage of data (e.g. in connection with phishing), or to distribute messages that are generally political in nature.
• Malware / attack vectors
  Malware is still usually distributed through e-mail attachments or e-mails with links to bogus websites. Using clever social engineering techniques, the victim is deceived into opening the attachment or clicking on the link. Websites installing malware on the computer without any action by the user (drive-by infections) have heavily increased as an infection vector. Vulnerabilities in the operating system, the browser, or other applications are exploited. For a long time now, this no longer only happens on dubious sites, but also on (compromised) serious and well-known sites. Rates of recognition of malware by anti-virus software remain low.

The complete report is available on Melani website in italian, german, french and english.

A complete and useful list of all Internet risks and related protection measures is also available.

Tags: 2007, 24, aim, analysis, Annual, art, ATT, attack, blog, ces, computer, connection, CTU, customer, engine, espionage, human, ia, ict, ICT Security, im, industry, install, internet, IT World, ITU, King, lan, list, malware, melani, nomadcom.net, online, password, phishing, public, risk, security, services, social, storage, swiss, switzerland, theme, threat, user, web, web server, website, wp, www, XP

AT&T threaten to disconnect its customers (Def. Customer:someone who pays for goods or services) who may criticized its services on the Internet (blog, others sites, etc..). AT&T customers must accept TOS (Terms of Service) where you can find the following statement on the section "Term & Termination".

5.1 Suspension/Termination. Your Service may be suspended or terminated if your payment is past due and such condition continues un-remedied for thirty (30) days. In addition, AT&T may immediately terminate or suspend all or a portion of your Service, any Member ID, electronic mail address, IP address, Universal Resource Locator or domain name used by you, without notice, for conduct that AT&T believes (a) violates the Acceptable Use Policy; (b) constitutes a violation of any law, regulation or tariff (including, without limitation, copyright and intellectual property laws) or a violation of these TOS, or any applicable policies or guidelines, or© tends to damage the name or reputation of AT&T, or its parents, affiliates and subsidiaries. Termination or suspension by AT&T of Service also constitutes termination or suspension (as applicable) of your license to use any Software. AT&T may also terminate or suspend your Service if you provide false or inaccurate information that is required for the provision of Service or is necessary to allow AT&T to bill you for Service

AT&T also reserves the rights to update or change from time to time the terms of the agreement and apparently without notice. It is the customer's responsibility to regularly check, on their website, to check if terms have changed and if he/she still agrees with them as they become effective immediately after being posted on AT&T website.

This Agreement may be updated or changed from time to time. The current Agreement shall be posted at: www.att.net/legal/tos (“Website”). This site will be updated as changes are made. You agree to visit the Website periodically to be aware of and review any such revisions. All changes shall become effective upon posting of the revised Agreement on the Website. Your continued use of the Service following such notice constitutes your acceptance of those changes. If you do not agree to the revisions, you must terminate your Service immediately.

So, Dear and Cherished AT&T customer, if you really expect to have "The World. Delivered" by AT&T, you rather have to be nice with them. Otherwise…… 

Source: Zataz

Tags: 2007, agreement, AT038T, ATT, blog, cable, ces, copyright, criticism, CTU, customer, disconnection, dress, find, fon, ia, im, internet, IT World, ITU, lan, law, live, MIT, nomadcom.net, pda, post, review, sco, services, space, Telecommunications, term, threat, update, violation, vision, web, website, world, wp, www, XP

Whisher, a Spanish start-up, backed by Switzerland’s leading phone company, Swisscom, and the venture firm Benchmark Capital Europe is apparently very active for few month now. The principle of Whisher is that Wireless Access to the Internet should be free and accessible from everywhere which is basically the same concept than FON Movimiento, except that you don't need to purchase any specific hardware.

Whisher' users are requested to download an application through which they can share their wireless access (works also with WEP or WPA connections) with other Whisher members 

The newly released version 2.0 beta of the software offers more than just storing and encrypting connections' passwords such:

• Wireless connection manager
• WiFi sharing
• Chat with other users connected on the same wireless access point.
• Multi Instant Messenger support (Yahoo, MSN, AIM, ICQ, GoogleTalk, Twitter, Jabber)
• File Transfer (with users sharing the same wireless AP)
• LAN Support
• GeoLocation
• Other Networks connections (access via commercial access; hotspot, etc..). FON is supported too.
• Around You. Gives you informations about coming events, restaurants around the wireless connection you are currently using.

New services that should be available soon :

• Voice Support
• Global File Sharing 

Plateform supported : Windows XP, Linux, Mac O/S. Vista not available yet.

The software is still beta and some stability and registation problems have been reported. More information on their Blog

Tags: 2007, access, aim, api, art, blog, capital, ces, connection, connections, europe, event, fon, fon movimiento, free, global, google, HP, ia, icq, im, instant messenger, internet, lan, location, messenger, Mobile Communications, msn, network, nomadcom.net, password, phone, problems, release, sco, services, share, sharing, swiss, swisscom, switzerland, Telecommunications, twit, Twitter, user, vista, whisher, wifi, windows, wireless, wp, www, XP, yahoo