Ali Jahangiri: Thoughts on Public Presence

Sun Aug 8 16:27:07 CDT 2010

The following article represents the opinions of on various public material related to Dr. Ali Jahangiri. This article does not constitute errata per se, without additional information and research.

Dr. Jahangiri maintains a strong public presence with a web site dedicated to his career, sites for several of his books, Facebook page, ( now deleted) Twitter stream, Google profile and more. He states that his "vast professional experience and academic activities are the keys to his success".

Jahangiri's "Awards & Honors" appears impressive upon page load, but falls apart after reading the list. Seven of his honors are being an "invited speaker" to a class on 'Live Hacking', that he created. Generally, when an instructor teaches material that they wrote and developed (i.e., the "Live Hacking" book/CD), especially for a commercial or personal interest, it is not in the role of an "invited speaker". Rather, it is a company or organization hiring the person to come train a class on the topic.

As Ben Rothke points out, Jahangiri "notes his acceptance into the Marquis Who's Who is his bio." Rothke notes that "Marquis, like most who's who firms accept nearly everyone who applies, including serial killers" and are solely in it for the money, not honoring the people in it.

One of the most curious things about Dr. Jahangiri is his prevalent use of "Dr." while seemingly never disclosing where he received his education. His page touting his education only states that he "achieved his Doctorate in science in Information Technology Management in December 2005. He is holding M. Sc. in Information Technology and B.Sc. in Computer Engineering". He apparently makes no mention of where he received his doctorate, something most doctors will mention in some capacity. One might check his resume as most professionals will list their education bonafides with more detail. However, his resume page states "Please visit the "Contact" page and submit your request to receive a copy of Dr. Ali Jahangiri's C.V. The requests will be verified prior to submission." Such a vetting process to see his resume comes across as shady, as if he wants to hide something from potential employers or clients. Even when asked for his resume during inquiry of a possible speaking engagement, he directed the person to his web site instead.

From his home page, he mentions he "has registered and pending patents in the area of network security and cyber forensic." Checking the US Patent Office, there appears to be a single submitted patent (not granted) related to forensics. In US Patent 20080065811, titled "Tool and method for forensic examination of a computer", he outlines what seems to be a rehashing of Microsoft's COFEE tool, conceived in 2006 and already in the field by April 2008. Jahangiri's patent was filed November 12, 2007, a year or more after other similiar patents (e.g., 7,644,138 & 7,640,323 in December 6, 2005). Of course, additional patents, granted or pending, may have been filed in other countries.

In place of a public resume, Dr. Jahangiri does offer a list of his "researches" with a few curious entries. In 2008, he apparently researched "Web base port scanning and new port scanning methodology". As a long time security practitioner, I find it difficult to believe anyone could really develop a new or different port scanning method or methodology. Creating a web-based application to launch port scans had been done for years by many companies. With no public papers outlining new port scanning techniques or methodologies, this seems like hollow filler. Jahangiri's work on "Bulletin Board System and communication protocols" between 1998 and 1999 is curious, as BBSs lost most appeal in the U.S. during the early 90's as people began to favor the Internet, unless this entry refers to a web-based BBS solution and the communication protocols related to them (most, if not all, fully documented by others). He also lists both "Web server vulnerability assessment and methodology" and "Web application penetration test techniques" between 2005 and [2010], yet does not appear to have any research published regarding this topic. What does a PhD research for four years that leads to no new techniques or methodologies? Going back farther, Jahangiri says he researched "Computer network usage in the small & medium size companies" in 2003, years after networks were widely used by small and medium sized companies. What exactly did this "research" entail? Why are no publications or presentations involving these topics linked off this page?

With Jahangiri conducting "more than 1,000 hours of training per year" and researching eight different topics, one has to wonder when he has time to actually perform any real world consulting. Further, with eight topics and almost 1,000 hours left in a ~ 2,000 hour work year, why aren't there more research papers, publications or presentations with new information?

We realize that such a public presence typically does not go into all the details of one's professional career, but having such a presence with an amazing lack of details and making grandiose claims about experience raises many questions. Coupled with at least two counts of heavy plagiarism in his books, one has to wonder if Jahangiri has any of the expertise he claims.

main page ATTRITION feedback