THE   HACKER  SAGA
Latest Updates here

No intelligible information being released by EIM (Emirates Internet & Multimedia) asides from wild accusations about hacking - which not surprisingly are unsubstantiated so far.

One wonders if EIM and/or Etisalat's spokespeople are aware of the difference between "hacking" and "cracking" and "DOS" (Denial of Service) attacks. 

With the total PR debacle resulting from at first blatant outright lies of:

Then to the explosive press release of 21st June

Followed by the pathetic email of 22nd June etc. etc.

Then the system stuttering again over the weekend, one could not be faulted for seeing this as  a disgraceful attempt by Etisalat to camouflage their gross inefficiencies by targeting what is fast appearing to be a scapegoat. 

Months of disruptions followed by two weeks of severe problems cannot be explained away by "hacking."

Multiple dial up attempts just to get a login screen, then multiple redials in to get past the password authentication. Indefinite delays being stalled at the proxy server have been going on for ages and progressively getting to the point of absurdity, where one must repeatedly re-enter the URL and try for a fresh hit, or change manually to one of the various proxy servers run by EIM, or just wait it out for indeterminable minutes.

A bit of the story below as reported in the local press. We feature Gulf News's coverage simply because Khaleej Times do not archive their old papers beyond a week.

Update on 17 March 2001
The story came out on ITP.net on 12/Feb as well.
14/March saw this posted on our Discussion Board.

Etisalat hacking: Defense challenges technical report By Hani M. Bathish

The court on Sunday (11 Mar) set March 19 as the date for next hearing in the case.

The defense lawyer, Dr Habib Al Mulla, told Khaleej Times yesterday that what concerned him was not the charge of penetrating the Etisalat computer network but the charge of causing damage to their system, which he aimed to disprove.

The charge of penetrating Etisalat networks is punishable by a maximum of six months in prison and Dh10,000 fine, according to the Etisalat internal law," Dr Al Mulla said.

He said that when the prosecution completed the presentation of its evidence, the defense would present evidences based on reports of its own technical experts.

Update on 15 February 2001

"The latest farcical story about the Lee Ashurst case in Gulf News - 12 Feb '01.

Seems quite extraordinary, that all stories before today talked about Lee denying having done anything at ALL stages of this investigation.

Now suddenly, there is talk of confessions from day one and Lee having admitted using certain programs and done certain things.

The charge sheet against Lee had apparently not even been given to his Lawyer before the trial, as the news article clearly states: "The case was suspended until March 11 after Ashurst's lawyer, Dr Habib Al Mulla, asked the court for a copy of the case file against him in order to prepare his defence."

So a bit of analysis:-

Gulf News' own article of 25 June 2000 states: "Ashurst was arrested at his flat on June 14"
Actually the first Articles in the papers came out on the 21st of June. Pretty sloppy reporting.

Article states: "Etisalat claims that on June 21, Ashurst misused the Internet service for illegal purposes"

June 21st? Talk about reporters confusion? Or if not, then whose confusion? The problems in Etisalat's password authentication servers peaked more around June 8th and 9th. The police and Etisalat Employees visited Lee on June 14th. Mix up by the reporter? or the Accuser?

SAINT is actually derived from SATAN, and both are quite standard tools included with many distributions of Linux. Every other Network Administrator, or aspiring Admin would have them.

"Jack the Ripper?" Sounds like a pent-up over-reactive imagination. The program probably being referred to is "John the Ripper". As the writers of the program will candidly tell you, "John the Ripper is a password cracker, currently available for UNIX, DOS, Win32. Its primary purpose is to detect weak UNIX passwords". Again it is just about a standard tool used by Network Administrators to make sure their users are not using simple passwords that can be easily guessed.

Both programs simply check for COMMON vulnerabilities and mis-configurations. Why would a hugely cash rich and technically efficient ISP like Etisalat, who forever blame the whole world for all their problems, never admitting to ever have any technical problems caused by their own technical set up - be vulnerable to these "COMMON" problems?

Now suddenly, where has "BOOKS" come from? Since when have "How to hack into computer" books been available? Did they really confiscate anything other than his laptop?   Sounds like the writer, or someone else, is trying to create hype. 

Article states: " He has also been accused under Article No 380 of Federal Penal Law No 3 of 1987 which covers the opening of mail other than his own."

Interesting that a Law promulgated years before Internet and Email was known and used in the UAE would cover this case. We shall see.

Article states: "pleaded not guilty during the first court hearing yesterday."

Seven ( 7 ) months for Etisalat to prepare its so called technical report? WOW - talk about efficiency from Etisalat. We wonder how many times the "report" needed to be tweaked and modified to try and fit into their story. And such patience from the Courts to allow this to drag on so long, keeping the defendant in limbo.

Come to think of it, who  prepared the expert technical reports? And where did the "technical experts" come from? How impartially was it done. We hope we won't hear one day that they used the cynical ploy of taking a Network Admin from say the Public Prosecutions office, or a similar such positioned person, and used him as an "independent" source and "expert"?

And here too is the reference to "Ashurst's confession." A counter suit was launched against Etisalat after a confession was made? Interesting new development!

Gulf News, you have disappointed us by so obviously printing a story which is twisted and one sided. Shame on you.

Update on 13 November 2000

With Etisalat keeping so quiet on the issue, one can only conclude that they have reached a dead end as far as proof of damage to their systems is concerned.

This is hardly surprising. They have not even presented the vaguest form of the alleged damage.

Was there in fact ever any damage at all?

Just look at the past months.

Then they send out a feeble email apologizing for the terrible service.

On top of it they  have the gall to include a reference to it being a worldwide problem too.

Yes, we can safely assume that their problems now are their own, just as they were back in April/May this year.

.......continued....... >>>

Update 13/Nov continued ...  >>>

Does Lee have to just wait it out?

What do you think?

Have the press been "asked" to leave the story be?

Should Ashurst be passive against this highly arrogant and smug multi-billion dollar earning monolith?

Should he keep quiet and wait for them to offer a settlement?

Will Etisalat react like they often do, with venomous vindication as their main goal?

Will Etisalat prefer to quickly limit the Public Relations damage they may face?

A lot of questions for thought. Especially for Lee.

Perhaps you can help by airing your views.

Update on 26 August 2000

Meanwhile the Dubai Prosecution Department has put on hold the defamation complaint against Etisalat. This has been protested by Lee's lawyer through a letter to the Attorney General. - GN reported 25/8

Are the forces against Lee gathering? Will Lee get a fair chance to defend himself?

Delays and procrastination are in the interest of L'il sister E. Then again, justice here moves slowly during the summer months when everyone wants to be on holiday.

Perhaps September will see some movement. (26/Aug/00)

• Space left available for updates
•  
• Alleged hacker's suit delayed - KT Article 28/8 (28/Aug/00)
• Etisalat delays in presenting evidence against hacker - GN Headline 25/8 (26/Aug/00)
• Unfortunately there has been a news blackout since 26/July even though the  first hearing in the case against Etisalat and its President and CEO, Ali Salim Al Owais was scheduled for August 12. (21/Aug/00)
• Lee Ashurst's own posting to his support Web Board - From the Lee Ashurst Discussion Board 8/8 (10/Aug/00)
• Alleged hacker files civil case for initial compensation - Dubai Press Club 26/7
• Hacker suspect seeks compensation from Etisalat - GN Headline 25/7 (26/Jul/00)
• Hacker suspect's charges against Etisalat move forward - GN Headline 10/7 (10/Jul/00)
• Interesting discourse on the whole story - From the Lee Ashurst Discussion Board 8/7 (08/Jul/00)
• Was ARAB ISP Hack illegal? - Wired.com Article 5/7 (08/Jul/00)
• Brit fights Middle East hacking accusations - ZDNet 5/7
• Gulf news talks about hackers & crackers (04/Jul/00)
• Barrage of complaints about Etisalat's service - GN Letters 4/7 (04/Jul/00)
• Hacker suspect's lawyer seeks Etisalat data - GN Headline 3/7 (04/Jul/00)
  The first hearing of the case seeking the disclosure will be at the Civil Court of First Instance on July 9
• Accused UAE Hacker Files Defamation Lawsuit - infowar.com Hacker News 3/7
• Accused hacker sues mideast Internet company for defamation - AFP 2/7
• Special Reports - GN 1/7 :
  Cracking the Hacker myth (general info) - GN Headline 1/7
  Hacker's Glossary (very limited)
  Keynotes
  Editorial Comment  (04/Jul/00) 
• No smoke without fire, Etisalat tells hacker suspect - GN Headline 29/6 (29/Jun/00)
• Hacker suspect challenges Etisalat for proof - GN Headline 27/6 (28/Jun/00)
• Lawyer of accused Hacker hits back at Etisalat - ITP Arabia 27/6
• Conundrum - from Mr. J. Ross, Alain - and 3 other letters - GN Letter 27/6
• Dubai "hacker" denies all - BBC News 27/6
• Computer experts to analyze evidence in hacking case - GN Headline 26/6
• 3 scathing attacks: Admit fault - Twice pitied - Double indemnity - GN Letter 26/6
• Alleged hacker denies UAE allegations - BBC News 26/6
• Briton accused of Middle East hacking - ZDNet 26/6
• Internet Hacking suspect formally charged - GN Headline 25/6
• Done before - from D. DeMateo, Dubai - GN Letter 25/6
• Dubai "hacker" charged - BBC News 25/6
• Hacker suspect says Etisalat makes him scapegoat - GN Headline 23/6
• Pathetic email from EIM to all subscribers - 22/6
• Dubai Hacking Suspect could face jail - BBC 22/6
• Hacker may be charged with damaging national economy - GN Headline 22/6
• Lessons to be learnt - Gulf News's  view - GN Editorial 22/6
• Suspected hacker bailed in UAE - BBC News 22/6
• Suspected hacker arrested in Dubai - BBC News 21/6
• Arabia.com on this topic - 21/6 24/6 2/7
• UAE arrest over alleged Internet sabotage - BBC News 20/6
• One arrested as Etisalat searches for Internet Hackers - GN Headlines 21/6
• Internet disruptions grow costly, say companies - GN Headline 9/6
• Internet dial-up service fails - GN Headline 8/6
•  (28/Jun/00)