http://www.zawya.com/Story.cfm?id=ZAWYA20011007092224&Section=Industries&page=Legal 07 October 2001 The Dubai Appeal Court yesterday over turned a lower court ruling issued against Lee Alan Ashurst, the 22-year-old Briton accused of hacking into Etisalat's computer network, by finding him guilty on both charges of opening private e-mails of Etisalat employees and misusing Etisalat services through unauthorised entry of its internet system. The Dubai Misdemeanours Court had, on July 1, found Ashurst not guilty on the charge of opening private e-mails of Etisalat employees and fined him Dh10,000 on the second charge alone. The appeal court upheld the Dh10,000 fine but convicted Ashurst on both the first and second charges. The civil component of the case has been referred by the appeal court to the Dubai Civil Court. Etisalat is asking the court to award the Dh2,835,000 for damages they allege Ashurst caused to their network. With regard the first charge, the misdemeanours court had said that "Regarding the opening of private e-mail messages of Etisalat employees without their knowledge or permission, the word 'message' in law does not apply to "electronic messages" or e-mails, according to the text of Article 380 of the Penal Code. The case goes back to June 15 last year when Etisalat informed Dubai Police that it had detected an unauthorised entry of its internet network through the user name of a local company and the connection was made through that company's telephone line. Following police investigation the person responsible was identified as the defendant. Etisalat claimed that Ashurst's unauthorised entry and his copying of certain files resulted in harm to the network and network users in addition to unauthorised disclosure of company secrets. After confiscating Ashurst's laptop and other equipment the forensic lab discovered files that proved that defendant scanned the network on more than one occasion with the purpose of discovering security gaps in the network and entering it. They also discovered that the defendant had copied the password files to his computer. The technical report prepared for the court, said the defendant used a decryption programme to uncover names of various Etisalat internal network users by using their passwords. He also roamed freely through the main data base using names and passwords of Etisalat employees. According to court records Ashurst had told police that he carried out the entry of the Etisalat network then got the idea of entering the operating system in the UAE using the 'Saint' computer programme. Ashurst denied changing or destroying any computer files or causing Internet server to collapse. He also denied giving away the method by which he penetrated the network and that what he was doing is called by Etisalat 'Instray', which is using a decryption file and an internet user password decryption file. "The technical report confirmed that the defendant's laptop contained files and programmes used for piracy, infecting computer systems and decryption of passwords, but the mere presence of these programmes is no indication of (a crime)," the misdemeanour court said. Two senior academicians from UAE University and a computer engineer were asked during the court hearings to give their expert opinion to the court. The expert witnesses said that the two computer programmes in question, 'John the Ripper' and 'Saint', which the prosecution claims were used by the defendant to hack into restricted sites on the Etisalat database, are not illegal and are standard tools that come with the operating system, in addition, the programmes can be down loaded from the Internet. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Oct 08 2001 - 03:04:52 PDT