In The News: Reach Out. The world's waiting (and spying!)

Blackberry users beware: this from Engadget.com ... but it's all over the news here: Etisalat orchestrated the installation of a so-called "performance enhancing patch" onto over a hundred thousand Blackberrys in the UAE which, as it turns out, is actually a spyware software! People (especially the Crackberry crowd) are outraged but Etisalat has been conspicuously mum on the subject since the story broke almost a month ago.

FYI: Etisalat is the (government owned?) telecommunications provider for the UAE (affectionately known as "Etisal-crap" although Etisalat subscribers have more choice names for them I'm sure!) The market here is a duopoly with the only competition coming from one other provider called Du (affectionately known as, "Duh!").

BlackBerry update in UAE reportedly surveillance software in disguise
by Donald Melanson, posted Jul 14th 2009 at 4:59PM

There's not much in the way of official statements on this one just yet, but itp.net is reporting that a recently pushed out update for all BlackBerry users on the UAE-based carrier Etisalat is not a "performance enhancement patch" as advertised, but rather some spyware that could potentially give Etisalat the ability to keep an eye on its customers' messages. The first suspicions about the update apparently arose when users noticed dramatically reduced battery life and slower than usual performance from their phones, which led to a bit of detective work from programmer Nigel Gourlay, who pegged the software down as coming from electronic surveillance company SS8. While it's not switched on by default, the software can reportedly let Etisalat flip the switch on phones one by one and monitor their emails and text messages -- or it could if it hadn't completely bogged down the network. Apparently, the software wasn't designed for such a large scale deployment, which resulted in the slowdown and battery drain as some 100,000 BlackBerrys constantly tried and failed to sign in to the one registration server for the software.

A more recent account of the fiasco from itp.net. If Etisalat won't "reach out", RIM has issued a statement of their own:

It’s time for Etisalat to explain spyware fiasco
By Damian Reilly on Sunday, July 26, 2009

"Reach out. The world's waiting," Etisalat implores visitors to its website. What it doesn't mention is that if you are using a Blackberry to "reach out" - which is lately the bizarre Americanism for communicating - your emails could well be sent on to a third party.

At the end of June, Etisalat asked its customers using Blackberry devices to download a "network improvement patch." Many did. Shortly thereafter, their Blackberrys ceased to work. Investigating the malfunction, computer experts discovered that the patch did not improve network performance.

In fact, Canadian firm Research in Motion (RIM) which actually makes Blackberrys was so alarmed by Etisalat's claims that the patch was intended to enhance performance that it put out a strongly worded statement, distancing itself from the UAE's largest telecom company.

"It is not a RIM authorised upgrade. Independent sources have concluded that the Etisalat update is not designed to improve performance of your Blackberry, but rather to send received messages back to a central server... In this case, Etisalat appears to have distributed a telecommunications surveillance system," the statement said.

Etisalat had originally claimed that the patch was "required for service enhancements particularly for issues identified related to the handover between 2G to 3G network coverage areas", but RIM would have none of it.

The RIM statement says flatly: "In general terms, a third-party patch cannot provide any enhancements to network services as there is no capability for third parties to develop or modify the low-level radio communications protocols that would be involved in making such improvements."

At the time of writing, no one from Etisalat was available for comment.

With each passing day that Etisalat remains silent on the issue, the dreams of conspiracy-theorists from Al-Ain to Ras al-Khor will become yet more fervent. Come on Etisalat - you're a huge and normally very eloquent communications company. It's time you communicated with your customers. What was the purpose of the patch and why did you ask people to download it? Over to you.

And for those of you who are saying to yourselves, "Phew! Glad I'm not in the UAE right now!", the software vendor that created this piece of work is an American company called SS8. They have sold this "patch" to communications networks all over the world and no doubt they and other service providers have learned a thing or two from the Etisalat fiasco. One more reason to stay off the grid and not get a Blackberry.

Speaking of off the grid, my internet at home is down (again)... argh! I need to make a call to Du (again!) to see what gives (did I mention that they are unofficially called, "Duh"?) On the bright side, at least I know I am not being spied on at home ... at least not my own internet (someone on my floor has an unsecure signal) ... and I should probably get some curtains in my new apartment.

In The (real life second hand) News: The Thief and The Man Tracker

As I have blogged recently, I go to Arabic class every Sunday and Wednesday evening. Since it is the summer session, we are a small class, only 4 students and only one is male, I will call him Peter (which is not his real name … kind of a standing joke in the class but wouldn’t really make sense to repeat here). Anyway, my class-mate “Peter” was uncharacteristically late for class yesterday but he had a most brilliant excuse and shared with us the events of his weekend (this is a rather long post so grab a chair):

Since we often have to speak in class (in Arabic) about what we did today or yesterday or on the weekend, we all know quite a bit about each other’s lives. Our mate Peter is training to climb Mount Kilimanjaro this winter so he frequently goes to the gym and for massages. This weekend was no different: a work out and a massage … but that’s when things took a different twist.

Some banks here have an SMS notification service; after every transaction on your account, you receive a text message. For my bank it is a paid subscription. I had it for a short trial period and the messages are nearly instantaneous! I was still standing at the ATM waiting for my money when the message came through! If only they were that fast and reliable with all their services! But I digress.

Shortly after his massage, our mate Peter started to receive a series of text messages from his bank … crikey! Seems his credit card went shopping without him! He called immediately to cancel the card and then called the Police.

For matters of this nature, the Police are rather nonchalant especially if it involves an ex-pat. One must make a claim in person and even then, without a bank statement, they couldn’t (or wouldn’t) do anything. With this in hand, he returned to the Police station but still not much action. Only a, “We’ll catch him” with the feet up on the desk and an “insha’allah” which is a vague phrase meaning literally, “if God wills it” or sometimes, “hopefully” but in this case, “I can’t promise you anything so sorry ‘bout your luck, fella”.

Our mate Peter was not deterred and decided to do some detective work of his own. The first transaction, according to the statement, was at “The Nutrition Centre” for body building supplements and lip balm. So he started calling all the locations in Dubai. After a few calls he got a match, seems the purchase was made at the store in Ibn Battuta mall. Peter raced down to the mall to speak with the clerk but the description of the thief was not very clear, only that it was a man with a black back-pack.

The next transaction was within a short time of the first, about 10 minutes and Ibn Battuta is a big mall, it takes more than 10 minutes to get out of the mall to your car so the second purchase was likely also in IBM. But the problem is that the name of the retailer is usually not the same as the name of the credit card merchant. So our mate Peter walked the mall until, low and behold, he found the merchant, a perfume shop. Indeed, they also had a record of the thief’s purchase and even better, they had cameras!

Peter thought he had hit the motherlode. He had already suspected that the card was stolen from the gym and the purchase at the Nutrition place confirmed that. The gym is located in his building so the list of possible suspects is greatly reduced, probably one of the other residents and probably someone he has seen before. Not so! The man on surveillance tape was a stranger. But at least he now knew what the guy looked like.

At this point, the police were still not very helpful so our mate Peter continued the search on his own.

The next logical stop for this episode of Man-Tracker was the gym. From the sign-in sheet, he got a list of names of people at the gym for around the same time his credit card grew legs and armed with the list, our mate Peter used what any good detective would use to track a hardened criminal … Facebook! And sure enough, the thief had a profile complete with color photo! The building door man recognized the color photo and confirmed, Mr. Thief was a regular at the gym but not a resident (which tells you how reliable security really is at these buildings … mine included). Anyway, Mr. Thief was planning to be back the next day.

So the following day, our mate Peter waited around at the gym for Mr. Thief to arrive … and waited … and waited … and eventually Mr. Thief did not disappoint. A quick call to the Police (who apparently could now take action since the case was solved) arrested the thief, clad only in a pair of swimming trunks.

As it turns out, Mr. Thief was probably in the country illegally, spoke very little English and spoke no Arabic whatsoever. He spoke only Italian and might have caught a break because of the language barrier but this was not his lucky day. Our mate Peter is Belgian and as is the case with many Europeans, he speaks several different languages fluently, Italian being one of them. By now he also speaks enough Arabic to communicate with the Police and most locals, no matter who they are, are very impressed to see an ex-pat attempting to use the language.

Our mate Peter was given two choices: Mr. Thief could repay the 3000 Dirhams (about $1000CND) in charges on the card, sign a letter apologizing and swearing he will never do it again and go free. Or our mate would forego the repayment and Mr. Thief would face the courts for theft and fraud. Mr. Thief was initially very arrogant and denied everything. Only after a phone call did he come to realize the pickle he was in. Our mate Peter had already made up his mind and Mr. Thief will probably be jailed for 3 to 5 years and then be deported. We suggested to Peter that he could recoup his money by selling his story to the newspapers :-)

A couple of things come to mind about this story:

Firstly, our mate Peter recited most of his story to the class in Arabic with a little help from the teacher for some words we haven’t learned yet (and surprisingly I understood most of it.) That was impressive but now the bar has been raised. When it came my turn to speak and I could barely string together a single sentence, I realized I need to kick it up a notch … there’s that competitive streak again!

Secondly, Dubai is very safe BUT things do still happen here same as anywhere else. And don’t assume the Police will be interested in helping. There may have been a different reaction had it been a local making the accusation but luckily, my classmate was persistent and in the end, he prevailed. At the best of times, things happen in the Middle East on their own schedule and in their own way which is not necessarily efficient nor fair. That’s just the way it is.

Lastly, that SMS notification service by the bank is more than just an interesting novelty! I think I will subscribe. Also going to keep a closer eye on my wallet! Its good to learn from experience, even better when you can learn from some one else’s!

My Name ... Arabic-style

I have found a use for my new-found Arabic language skills: I discovered yesterday that I can read my name in Arabic! I was very curious about the fact that there is no sound for the letter 'p' in Arabic ... so how were they spelling it???

The obvious difference between Arabic and English is the direction of the script, right-to-left versus left-to-right but this was surprsingly easy to overcome. The capital letter comes at the end of the word and not the beginning, also not too difficult. The biggest challenge though, everyday written Arabic does not generally bother with the vowels (the slashes and squiggles above and below the script) so its a bit hard to tell exactly what Arabic words should sound like unless you already know the word. So purely based on my vehicle registration card (without vowels), this is my name:

b-ee-n-ee-l-A
n-oo-r-ee-N
z-oo-l-n-ee-R

Happy Belated Birthday ...

.. to my favourite nephew :-) When ya got the iTunes figgered, you need to teach me :-)

Sheikh Mo in the flesh

From time to time I go to Starbucks for a coffee with my boss. We work in Emirates Towers which is a prominent landmark in Dubai because of its unique shape and its location on Sheikh Zayed Road. Everyone knows Emirates Towers. I've read that the Crown Prince of Dubai has an office in ET so we are in good company. (I'm also told that there is a modeling agency in the building. On days when there is a model-call, boss and his #1 coffee companion don't invite me along ... cramps their style I guess.)

One day a few weeks ago, boss and I were heading down for a "gahwa oo Haleeb" (that's "caffè latté" in Arabic ... those classes are really paying off!) and as we approached the escalator, a large group of 25 to 30 local men appeared. Seeing locals around in their traditional local attire is nothing out of the ordinary but a group that size is unusual and a rather imposing sight! We followed them onto the escalator and my boss told me to have a look at the man leading the pack, its Sheikh (pronounced "shake") Mohammed bin Rashid al Maktoum, Vice-president of the UAE and Ruler of Dubai ... affectionately known as "Sheikh Mo". Sure enough, it was him! Haha! Looks just the same as in the photos. No doubt some of the entourage were there for his personal safety but there was nothing obvious (no men in black suits with guns and ear pieces and shifty eyes); just a bunch of guys heading to The Noodle House for lunch.

I have only seen Sheikh Mo once before ... or more correctly, I saw his white Mercedes SUV driving down Al Khail Road one Friday morning. How do I know it was Sheikh Mo's? It was Dubai license plate "1". I suspect he does not pay speeding tickets like the rest of us and I think he was in a hurry to get somewhere that day :-)

Arabic Language Classes

as-salamulakum, marhaba, ahlan ... peace be upon you, welcome, hello!

Yes, the blog is feeling a little neglected of late :-( There's been a lot happening these days ... my friend visited for most of the month of May which was awesome! My Grandma passed away so I went home in early June. The rest of the month was littered with deadlines, errands and other busy-ness ... more on all that later (except the work-related stuff which all I will say is ... argh!!!) The blog, being an extra-curricular thing, sometimes takes a back seat. But July is shaping up to be a bit more relaxed (public holiday next Monday woot woot!) so I hope to catch up here. And to make matters worse, my lap-top died ... or just went blind ... not sure what's wrong but luckily I did not lose any data, just the screen. In the mean time, I am struggling to get by on my Mac (which has issues of its own).

One of the things that has become an all-consuming hobby is Arabic classes. I started in May with Beginner I at the Arabic Language Centre. It is a rather intense program and, as I said, my friend was visiting so I had better things to do than conjugate verbs and memorize vocabulary! The teacher was ... how shall I say? ... less than patient and I went home after every lesson feeling like the class retard (I now understand how some learning-challenged kids must feel!) Since I hate that feeling (and I got PO'd), my competitive streak kicked in and I studied my buns off to spite her. Perhaps that is just her teaching style, she succeeded in getting me off my ass, but I was happy to start Beginners II with a different teacher (who is great!)

One of the differences between Beginner I and Beginner II is the use of transliterations. In Beginner I, we learned the Arabic alphabet which (surprisingly!) is not as difficult as one might think but it was always accompanied by the "latin-ized" pronunciation. Starting with Beginner II, this is not the case! It was a matter of survival and a steep learning curve to wean myself off my "Englishized" cheat notes.

So how am I doing with the Arabic language? This is one of the most difficult languages for anglophones to learn, especially one who has been monolingual for the last 40 years! And one can function quite comfortably in Dubai without knowing a shred of Arabic so there's not much in the way of "immersion". I can sound out words when I see them written in Arabic but with a limited vocabulary, I don't actually know what I'm saying. I can count and tell time and know days of the week. I can understand simple conversations (if spoken VERY slowly ... shway shawy!) No one understands when I speak, I have to repeat myself in English. Baby steps :-)

Since I am temporarily a Mac user in a PC world, I can't seem to post videos here but here's a link to a cute little clip on You Tube of kids singing the Arabic Alphabet ... sing along if you know the words!!! hehe

http://www.youtube.com/watch?v=yK9kq0UMDdY