E2-labs' project Ethan dissected. Anatomy of a franchise proposal based on non-existing partnerships (UPDATED)

22/11/2009 Written by Roberto Preatoni

In case you didn’t under­stand, this is the solu­tion of our *crypto* jeop­ardy game posted in the last news.

We received a notice that on Wik­iLeaks some­body uploaded an inter­est­ing doc­u­ment. It’s a PDF file, called Project Ethan (after Tom Cruise’s Mis­sion Impos­si­ble car­ac­ther?) and it refers to E2-​labs very recent plans to open in India an edu­ca­tional and IT secu­rity fran­chise net­work. We down­loaded the doc­u­ment and we found some very inter­est­ing infor­ma­tion in it, regard­ing E2-​labs future plans and how the name of Zone-​H (and a few oth­ers) was used to back up the whole plan to con­vince pos­si­ble investors to invest money in Mr. Zaki Qureshey expan­sion plans. Need­less to say, Zone-​H was never informed about such plans and never gave any con­sent to be included in it.

The doc­u­ment is a finan­cial invest­ment por­posal, made up by 28 pages. It seems to be writ­ten by Grant Thorn­ton, a well-​known finan­cial advi­sor com­pany. We have no doubt that the doc­u­ment was orig­i­nally pro­duced by such com­pany, it’s too well struc­tured, E2-​labs and Zaki Qureshey def­i­nitely don’t posses the busi­ness skills to do that. Nev­er­the­less, the doc­u­ment it’s filled by improper state­ments. We don’t think that Grand Thorn­ton did it on pur­pose, we just imag­ine the sit­u­a­tion where they were given some state­ments and mate­r­ial by Zaki Qureshey and they granted it for real, with­out ver­i­fy­ing it. And that is bad, after all, the entire businell pro­posal carry their name.

The result is a well writ­ten doc­u­ment meant to attract pos­si­ble investors, backed up by Grant Thorn­ton name, which sounds to the ears of pos­si­ble investors as a guar­an­tee that it is refer­ring to a seri­ous pro­posal. This is prob­a­bly the rea­son why E2-​Labs Mr.Zaki Qureshey decided to invest some money to look for Grant Thorn­ton advo­cacy. Just another case to use somebody’s name for his plans.

In this arti­cle, we are going to show some excerpts from that doc­u­ment, fol­lowed by some of our com­ments. Why did we decide to make this doc­u­ment pub­lic? Because that doc­u­ment is yet another exam­ple of Mr. Zaki Qureshey uneth­i­cal busi­ness prac­tices and because it’s involv­ing directly my an Zone-​H name and because this is the only way we have to make clear to the gen­eral pub­lic that we have noth­ing to do with Mr. Zaki Qureshey bogus pro­pos­als.

As you can see, this page to the doc­u­ment is refer­ring to E2-​Labs’ part­ner­ships with known secu­rity indus­try names around the globe and to the world’s pre­mier dig­i­tal secu­rity obser­va­tory, which is Zone-​H (we’ll see the name in clear later on). Need­less to say, E2-​Labs doesn’t have any exclu­sive tie-​up with Zone-​H. Actu­ally doesn’t have any tie-​up at all.

Here we have an inter­est­ing state­ment: “num­ber of hack­ers are three times the secu­rity pro­fes­sion­als”. Inter­est­ing, I’d like to know the source of such information…

Here again, we have:

1) Zone-​H name spent one more time.

2) ref­er­ence to E2-​Labs job ori­ented courses. Remem­ber, E2-​Labs was adver­tis­ing such “job guar­an­teed” courses ille­gally using my face and we already ana­lyzed the busi­ness scheme behind such offer.

3) state­ments boast­ing E2-​labs hav­ing exclu­sive part­ner­ships with com­pa­nies such Verisign. We found and inter­est­ing arti­cle on an Indian news­pa­per, in which E2-​Labs is named as a fran­chisee of the Verisign brand. It’s inter­est­ing, we didn’t know that Verisign’s busi­ness model was to expand through a fran­chis­ing model…

Here it’s writ­ten: “E2-​Labs in asso­ci­a­tion with Zone-​H has devel­oped a world class train­ing cur­ricu­lum…”. Let me make it clear: E2-​Labs has devel­oped noth­ing in asso­ci­a­tion with Zone-​H. They are using Zone-H’s trade­mark “Hands on Hack­ing Unlim­ited” on the page CareerOrientedTraining.htm with­out our consent.

Here again, Zone-​H is named as a key part­ner into Ethan project, which is not true.

Here Zone-​H is labeled as such orga­ni­za­tion pro­vid­ing train­ing, ser­vices and con­sult­ing on behalf of E2-​labs in the SAARC region. This is not true. Zone-​H never pro­vided any ser­vice in such region in coop­er­a­tion with E2-​Labs.

A funny state­ment: “E2-​Labs will be appointed as infor­ma­tion secu­rity advi­sor for Indian Defence and Intel­li­gence Agen­cies”. We have 2 ques­tions here:

1) why “will be”? Is it yet a dream?

2) isn’t it inap­pro­r­i­ate to name such coop­er­a­tion agree­ment, give the extremely con­fi­den­tial nature of it? If it ever was true…

This is the slide which is caus­ing me most of the anger. I am named as part of the key man­age­ment and tech­ni­cal board, in the slide “Man­age­ment Overview”. I am not a mem­ber of any E2-​Labs man­age­ment committee!

Again, Zone-​H dragged into the franchisor-​franchisee scheme

Here it’s made clear that the fran­chis­ing scheme is based also on the guar­an­teed jobs scheme, involv­ing the fran­chisee in it, with all the pos­si­ble legal consequences…

… as well as it’s made clear in the finan­cial fore­casts, where the guar­an­teed job busi­ness line is the most impor­tant among the rev­enues items. A quick note on this bud­get: a Gross Profit Mar­gin start­ing from 46% and top­ping 60% through­out the years seems very unrea­son­able. Grant Thornthon’s guys should have noticed this…

This is the inter­est­ing part of the Ethan plan. Giv­ing the strong part­ner­ship between E2-​Labs and some big for­eign names and brands, the tar­geted fran­chisee has to pay a hefty good­will of 50,000 USD to ben­e­fit from it. The point is that in real­ity, the fran­chisee is pay­ing this money for unex­ist­ing parter­ships which he will never be able to ben­e­fit from.

Some more words about Zone-​H in the end­ing slide of the doc­u­ment. Are you ready to invest now?

Some final con­sid­er­a­tions: E2-​Labs plans to start an IT secu­rity col­lege in India was indeed a good idea. Mr. Zaki Qureshey bril­liantly fore­casted India’s future needs of IT secu­rity experts. Even this Ethan project fran­chis­ing scheme could have been a good idea, if what stated in it was true. But unfor­tu­nately it is ruined by the way E2-​Labs con­ducted busi­ness in the last 7 years.

What Mr. Zaki Qureshey does not under­stand is that if his way of doing busi­ness was nor­mal his com­pany was prob­a­bly at this time 100 times larger than it is today, con­sid­er­ing how big is the Indian mar­ket. This means respect­ing con­tracts, respect­ing and pay peo­ple work­ing for him, not sell­ing courses lur­ing stu­dents offer­ing them non-​sustainable jobs, not abus­ing of somebody’s else image and brands, not bull­shit­ting about James Bondish part­ner­ships, not screw­ing peo­ple, not threat­en­ing peo­ple etc. etc. All prac­tices unknown to E2-​Labs way of doing busi­ness. Busi­ness never means fuck­ing the counterparts.

What a pity, what a waste and what a lost opportunity.

PS: shouts to littleyoda…

UPDATE: we received from Fyo­dor Yarochkin, the for­mer SNORT devel­oper this email (It was sent also to E2-​labs):

From: Fyo­dor

Date: 27-​11-​2009 16:47

Sub­ject: Recent zone-​h publication

Hey Zaki and guys,

Today to my atten­tion came the post at zone​-​h​.org blog claim­ing to
pub­lish some busi­ness doc­u­men­ta­tion, which was leaked from e2labs.

I am per­son­ally not inter­ested at all to be involved in the whole
scan­dal, but one thing I’d like to note, if the exctracts from so
called “pro­posal” are authen­tic, this may bring seri­ous trou­ble to
vio­la­tor. Let me repeat it again:

1. I am not affi­lated with “snort” as brandname/​organization/​whatever.
I am for­mer devel­oper of the snort soft­ware, I can proffe­sion­ally
sup­port and pro­mote snort as open­source IDS, but I don’t own rights to
the name and I don’t rep­re­sent “snort” as orga­ni­za­tion, busi­ness
part­ner in any pos­si­ble way.
2. I never ever gave any­one per­mis­sion to use snort as brand name,
not even that I am allowed to do such thing at all. (see #1). If snort
name or logo’ve been used any­where — this is seri­ous vio­la­tion of
source­fire and now­days check­point copy­right rights.
3. Vio­lat­ing 2 may get vio­lat­ing party into seri­ous trou­ble with
source­fire (which was recently aquired by even big­ger mon­ster -
Check­Point). and those guys have alot of money to spend on law­ers to
make sure that vio­lat­ing party pays. Know­ing how israeli com­pa­nies
work, I am sure they would do it, shall this info get pub­lic. I am not

Please keep this in mind

Share this content: