Back!

Qatar Journal is finished, so I'm back blogging here.

At the moment, I'm working on a CGI-IRC gateway, a cleanup of another codebase. It's mostly just a matter of replacing bits of code with CPAN modules, but after it's fairly tidy I'm going to replace the guts of the code with POE::Component::IRC by Chris Williams. That's mainly because I don't trust the IRC code I'm working with, and the POE code looks like it's well maintained.

The idea is that eventually, I'll authenticate web users with OpenID and some sort of NickServ. I haven't quite worked it out yet. Should be a fun bit of work, and very, very web 2.0 ;)

This blog has moved

There's an idiom in the software industry: "eating your own dog-food". If you've built some software, it's not right to ask other people to use if you don't. Hence, I've moved my blog to Qatar Journal.

Every user of Qatar Journal can have a blog on the site, so if you'd like one, you need to visit the signup page, choose a username, enter your email address (twice) and click 'Create Account'. Users can also choose to receive a nightly summary of all the local news headlines.

Is Qtel a bit simple?

I've been banned from QatarLiving. I'm sure the ban wasn't intentional, but I've been banned nonetheless. This morning, it was obvious that QatarLiving discussions were being attacked by someone with the intent of disruption. There was some speculation about who was responsible. Eventually, someone at the website banned the IP address of the attacker.

Unfortunately, Qtel employs a few Internet filters, and everyone behind a particular filter has the same public IP address. Thus, a system which is meant to make the web safer for Qatar's surfers has rendered one of the most popular discussion sites in Qatar completely inaccessible. This has happened before, of course. At the beginning of the year, Wikipedia saw a fair amount of abuse coming from a single IP address, and blocked the entire country from anonymous posting. It's not as if people don't know a solution to these problems - it's just that no one at Qtel is willing to make the fix.

Setting up a decent filtering proxy should be trivial, but Qtel's implementation masks users' true IP addresses from the sites they visit, and restricts the ability of site operators to punish abusers. How simple is Qtel? I'd say it's plain stupid.

Best blogs in Qatar

<BLUSH> This blog has been chosen as one of the best blogs in Qatar. I'm choking back the tears, but will still manage to give a 10-minute acceptance speech, given half a chance.

Qatar Journal - The Online Newspaper for Qatar

At the end of its first week, I'd say the launch of Qatar Journal has been a success. It's taken less than two months from the initial idea through to launching the site. I had hoped to launch a couple of weeks earlier, but I wanted to be in Qatar when it happened.

The response has been good from journalists and PR companies. I'm now getting a steady stream of stories, which is easing the administration of the site.

The technology has had some teething problems, with my server running out of memory on the first night, but it's now settled down. I've got a very long bug-list, which I'll start fixing in a couple of weeks. None of the bugs are serious, just annoying. Ben Figgis has pointed out a bug in the Qatar Journal feed that doesn't seem to be affecting slashdot, so I'll need to investigate. It's nice when people point out a problem, because noticing the bug is the difficult bit. Fixing is usually easy. Thanks Ben.

Still in the UK

Sorry, I've been away from a PC for the past two weeks. I'm still in the UK because Sara has had surgery. She's OK, and is getting out of hospital today, but we can't return to Doha until at least May 20.

Qatar Journal

I had a leisurely coffee with Qatari from QL last Thursday. We were talking about the state of the IT sector in Qatar, and generally solving the world's problems. Anyway, he was hassling me saying I should have some sort of commercial project, because there was money to be made.

I'm a bit skeptical about making money from websites. There were a lot of good ideas during the dot-com boom that produced no cash. He started quoting some figures about google ads, and how little you need to spend on hosting. Anyway, I went home that night and had a chat with Sara about it.

There's a gap at the moment for serious local news. QL and others serve the demand for informal chat, but the local papers have abysmal websites and mainstream news sites don't cover Qatar. Thus, I'm going to start up a news site, named Qatar Journal. The official launch will be on 12 May 2007 (exactly one month after my chat with Qatari) - it will be rough around the edges, but it's better to launch quickly and fix things as we go along.

Basically, there's going to be no editorial. The easiest way to scare advertisers is to start getting cynical about press releases, so I'm going to leave all discussion to the readers. Obviously, there's going to be an editorial element in choosing stories, and here I have an advantage over the newspapers' sites: I only need to pick around 10 stories a day, whereas they are publishing (almost) everything.

Anyhow, I just wanted to blog this before anyone starts asking - "why are you trying to compete with QL?". I'm not. I'm a regular QL reader, and it's great. Qatar Journal is an online local newspaper, and when it generates its own community, it will have a very different tone to QL. Hopefully, some readers will visit both sites, but I would guess that most QL regulars will stick with what they know - I'm not trying to poach anyone.

Let me know what you think about the site, and keep an eye on progress. Everything should be working very soon, but it'll take a couple of weeks to get the site looking professional.



Also, discovered Alexa today. Here is an image snapshot of Qatar websites (April 2007), and a permalink for future comparison.

First TC meeting

So, Gord and I are at the security conference for a few days. Here's a few things I've learned:

• The current malware products are sophisticated - the HackDoor client looks a well-designed piece of software engineering. I'd always assumed they would be fairly naive. The server side looks simpler, but then server programming is simple ;)


• Phishing scams have avoided those banks which have implemented two-way authentication on their websites.


• Firewire ports and PCMCIA slots have direct memory access, so can be used to copy an image of your computer's RAM even if no one is logged in. This can recover useful forensic material even after a reboot cycle, as modern BIOS's don't clear RAM. Eek.


• Vista has an option for encrypting the filesystem. However, files are cached in RAM in an unencrypted state. Eek.


• There are no data, from anyone, on the scale of the IT security problem that exists in the gulf. Honestly.

There aren't many delegates from Qatar at the conference beyond the staff of Q-CERT. That's a shame, and I can't work out whether it's down to a lack of interest or poor advertising. I'm sure if they'd mentioned the free Ritz lunches, the attendance would have been much higher.

iGov ictQatar IT Forum

TOO MANY ACRONYMS! The Gulf Times (and probably every other paper) today announced there's going to be a meeting at the Ritz tomorrow to talk about developing government IT services so they can be accessed through the web. I could probably make some useful suggestions, if I were invited. But I'm not, and neither are you.

Why bother advertising a meeting if it's not open to the public? That's like me issuing a press release saying "Family meeting, 7.30, around the dinner table. We're going to talk about the state of the bathroom." Of course, Wednesday's papers will follow up the story with photos of Hessa al-Jaber shaking some guy's hand. There won't be any details of what was discussed - just a photo and a repeat of the purposes of the meeting. Grr.

Given that I'm not invited, here are my suggestions. The important ones are non-technical.

1. Scatter the money around. Don't spend millions on a single project to do everything - it will fail, and all your money will have been wasted.


2. All initial projects should be finished within three months. A two-year project will fail, and you will be two years behind schedule.


3. After three months, see who's got something working - give them more money and more responsibility. Stop funding the projects that haven't achieved anything; look for new small projects instead.


4. Replace the leaders of failed projects. Publicise the successful projects.


5. Insist on compliance to internet standards. If someone is using an ActiveX control, Macromedia Flash, or non-validating HTML, take away their money. They don't understand the web, and eventually you will be embarrassed if people believe their solution is representative of the State of Qatar.


6. Insist that people use a free database in their solutions. It saves on costly licenses for still-born projects, and the database code will be cleaner if programmers believe they need to swap from MySQL to Oracle at a later date.


7. Apart from following internet standards, and using free databases, don't enforce any other standards. In particular, enforcing Microsoft products will halve your pool of talented programmers; enforcing project management and system analysis methodologies will double the bureaucratic overhead. Both of these will encourage failure.

Natashia

Today, I saw a photo of my niece, Natashia. She looks like a happy little kid, and I'll get to meet her at the end of April when we take a trip to the UK. Because I've never seen her, I sometimes forget that I have a niece, so it was a nice surprise to get an email this morning full of photos.