Wednesday, January 31, 2007

Friends from UK

Robin and Claire were visiting over the past few days, so no coding has been done. I promised Paul Hastings that I'd update the InetAddressLocator, but as yet, I haven't even installed a Java SDK. Oops. The weather's been great for pottering about Doha (Corniche, Souks and Sports City). On Friday night, Chris and Paul arrive, which means either I get to see the sights all over again, or I give them a map and directions.

Sunday, January 07, 2007

RDF::Core and Perl mongers

This morning, I finished tidying up the work I did before Christmas on memory usage in RDF::Core. I've posted the bug reports here. One of the problems with having a holiday is that when you return to work, it takes you days to catch up on projects. I should really make better notes, or keep a TODO list, or something.

Sent an email to CMU about Qatar Perl Mongers, asking them to publicise the society amongst staff and students; received a reply from Chuck Thorpe. Hopefully, there might be some munging soon in Qatar. Once there are a few people signed up to the mailing list, I'll start begging sponsorship to fly an open-source guru out to speak, but that depends on finding enthusiastic members, of which there are currently none.

Warned gutenberg to move their catalog to a mirrored position, as I don't want to gobble up their bandwidth when I release my search code (maybe this week).

Thursday, January 04, 2007

Qatar's Internet security

The Gulf Times announced today that OISSG is holding free security training seminars in Doha over the next couple of weeks. OISSG is a not-for-profit organization dedicated to information security. Sounds tempting, until you realise it's a sales opportunity. Expect to be frightened by cyber-criminals; baffled by the complexity of the problem; and have doubts raised about your ability to protect your systems. "Don't worry, for a small fee, you can have peace of mind by buying our stuff."

If only there was a local IT security organisation looking out for the best interests of Qatar. Well, there might be soon. Q-CERT is being set up and is recuiting. From the job specs and application procedures, you could be forgiven for thinking the jobs are limited to US academics. However, Q-CERT is undeniably a good thing - I just wonder whether its main focus will be to protect the new universities and financial centre, or whether it will also try to fix some existing problems.

The recent wikipedia silliness has exposed a security vulnerability that is politically charged. Resident web-surfers know their requests are funneled through an automated filter, which occasionally protects them from their own seedy surfing habits (or just blocks sites at random). It is also well known that there is no censorship in Qatar. Bafflingly contradictory? Nope. The local ISP does the filtering, and it is operationally independent from the government.

The filter is now a well-publicised single point of failure, which any technologist will tell you is a tempting target for an american teenager. Knock out the filter, and you knock out web access for an entire country. Will Q-CERT recommend removing the filter? If so, it might be tough to find the decision-maker responsible for censorship when the role was abolished in 1996.