taint.org: Justin Mason’s Weblog

Computing: mentioned in a Slashdot thread about green server farms — a page extolling the OpenVPS virtual-server software’s environmental benefits:

OpenVPS is good for the environment: a low-end server these days consumes no less than 200W. Given that typical servers run 24/7/365 this amounts (to) 1752 KWh per year. And because every joule of energy consumed by a server is transformed to heat, you need to at least double this to consider the air conditioning costs, which brings us to 3504 KWh per year. …

At some point this becomes an ethical question: If my CPU is 99.9% idle, is it environmentally (not to mention fiscally!) responsible of me to keep this server running?

Virtualization technologies such Linux VServer used by OpenVPS offer a very viable alternative. If the server acts and feels like a dedicated server, what difference does it really make if it’s actually virtual? Yet consolidating 30 physical servers into 30 OpenVPS accounts running on one (albeit power hungry) server would save over 100000 kWh per year. That’s as much energy as is consumed on average by 10 houses!

What an excellent point! The OpenVPS dev’s slashdot commment reveals another good demo of this –

  # cat /proc/uptime
  16000520.62 9482790.31

The first number is seconds of uptime, the second number is seconds spent in a CPU-idle state. So the server for taint.org, going by those numbers, has spent 59% of its time in a CPU-idle state — and converting fossil fuels to waste heat in the process…

Tags: computing, cpu-idle, energy, kwh, number, openvps, point, server, slashdot, uptime, year

Patents: Sun files for patents on per-employee software pricing plans (/.). ‘Method for licensing software to an entity, including determining a per-employee cost for the software, determining a number of employees of the entity, and determining a total licensing cost using the number of employees and the per-employee cost, wherein the total licensing cost comprises a software license for all employees of the entity and all customers of the entity.’

But, in my opinion, here’s the good news — this is a patent on a license agreement. In other words, this is a new front for patents — the field of law.

Once the lawyers start running into situations where trivial concepts in their license agreements are patented, you can be sure the situation will start to turn around. ;)

Tags: cost, entity, license, licensing, method, number, opinion, patents, pricing, software, sun

Patents: Newsforge: Patents in an open source world, by Lawrence Rosen (founding partner of Rosenlaw and Einschlag).

Interesting article, but I’m not sure summary point number 2 (’continue to document our own “prior art” to prevent others from patenting things they weren’t the first to invent’) really helps, when the patent examiners clearly haven’t performed the simplest Google check. I’ve found obvious prior art in 30 seconds, by plugging 3 words from patent claims into Google in the past (and yes, I have a reasonable idea how to read patent claims by now).

Point number 3 is interesting, since it contradicts most other advice I’ve read regarding patent searches: ‘Conduct a reasonably diligent search for patents we might infringe. At least search the portfolios of our major competitors. (This, by the way, is also a great way to make sure we’re aware of important technology advances by our competitors.) Maintain a commercially reasonable balance between doing nothing about patents and being obsessed with reviewing every one of them.’

However, this comment really is interesting and raises something major that I’d never heard of before — users of proprietary software can also face a significant risk from the patent threat. In particular, according to the linked comment, Microsoft licensed some patented technology from a company called Timeline Inc., but the license was not sublicenseable — in other words, it did not grant their customers the rights to fully use the technology! (in fairness to MS, this was established later in court.) Result: href=”http://trends.newsforge.com/comments.pl?sid=39443&cid=96153″>MS SQL server OEMs and ISVs are now being sued.

Tags: art, comment, google, newsforge, number, patent, patents, point, search, technology, way

Politics: Kerry in Colorado:

“Just to put your minds all at ease, I have four words for you that I know will relieve you greatly,” Kerry told the fund-raiser. “How does this sound? Vice President Hunter Thompson.”

Travel: Great posting on culture shock and ‘going native’ at Yankee Fog.

Hacks: Dan Kaminsky’s LayerOne presentation hits Slashdot. Definitely one of the highlights of that conference.

Spam: confession for two: a spammer spills it all. Interesting — especially since the spammer winds up earning less than he would have working for Starbucks.

It’s also worth noting this posting from Gary Smith on the sa-users list, in which Gary filled out a spam form with some not-entirely-valid info — with hilarious results!

So I did talk to some of these lenders. Apparently they buy leads from www.lendergateway.com . One guy that I talked to was irritated because it costs him $100 per lead they sell him and it’s supposed to only be sold to him. He apologized quite a bit and was nice enough to give me the information on who sold him the names. The number he game me goes to voicemail which I’m going to try later. A couple other people told me what I can do with myself and one lady kept saying that she couldn’t give me information on who provided her with my information.

The stupid thing is each time I talk to them I tell them I’m on a cell and that I need their name and number and I’ll call them right back. They give it to me… So when they hang up I start calling again and again. I’ve been irritating the hell out of them…

Anyways, that’s the fun storing of what happens when these forms are filled out.

$100 per spurious ‘lead’ would make a serious dent, if enough spurious leads showed up… ;)

Tags: ease, fund-raiser, great, information, lead, number, politics, sound, spam, spammer, travel

Spam: via kris:

Genius!

Tags: application, beerdb, feature, framework, java, maypole, mvc, number, perl, struts-style, web

eVoting: One of the desired features for new voting mechanisms is that they will increase voter ‘turnout’, encouraging people to vote who are too busy (or too unmotivated) to visit a polling station.

This has been used to suggest internet voting (see the fiasco that was the now-scrapped SERVE project) and voting-by-phone. Both offer a scary number of vote-fixing opportunities and possible failure modes, and are fundamentally a bad idea.

However, it turns out there is a great system to implement absentee voting securely, reliably, conveniently (for the voter) and even cheaply! A comment on Bruce Schneier’s Crypto-Gram newsletter (scroll down to comment number 3) details this.

I’ve copied the entire mail here, since it’s hard to link to in the other location, and is well worth a page to itself:

From: Fred Heutte

Thanks for your cogent thoughts on ballot security. I almost completely agree and was one of the first signers of David Dill’s petition. I am also involved professionally in voter data — from the campaign side, with voter files, not directly with voting equipment – but we’re close enough to the vote counting process to see how it actually works.

I would only disagree slightly in one area. Absentee voting is quite secure when looking at the overall approach and assessing the risks in every part of the process. As long as reasonable precautions like signature checking are done, it would be difficult and expensive to change the results of mail voting significantly.

For example, in Oregon, ballots are returned in an inside security envelope which is sealed by the voter. The outside envelope has a signature area on the back side. This is compared to the voter’s signature on file at the elections office. The larger counties actually do a digitized comparison, and back that up with a manual comparison with a stratified random sample (to validate machine results on an ongoing basis), as well as a final determination for any questionable matches.

Certainly it is possible to forge a signature. However, this authentication process would greatly raise the cost of forged mail ballots, absent consent of the voter. In turn, interference or coercion with absentee voting would require much higher travel costs (at least) than doing so at a polling place, for a given change in the outcome.

It is true that precincts have poll watchers, and absentee voters do not. But consider this. Ballot boxes, which are often delivered by temporary poll workers from the precinct to the elections office, are occasionally stolen, but mail ballots are handled within a vast stream of other mail by employees with paychecks and pensions at stake. The relatively low level of mail fraud inside the postal system is a testament to its relative security, and the points where ballots are aggregated for delivery to the elections office are usually on public property and can also be watched by outside observers if need be.

Oregon has had some elections with 100% ‘vote by mail’ since 1996, and all elections since 1999. So far, no verifiable evidence of voter fraud has emerged, despite many checks and some predictions by those with a political axe to grind that we would be engulfed in a wave of election fixing.

The reality is that Oregon’s system, which is based on some common-sense security principles, has proven to be robust. The one lingering problem has been the need of some counties to make their voters use punch cards at home because of their antiquated vote counting equipment. But while this is a vote integrity issue – since state statistics show a much higher undervote and spoiled ballot total for punch cards as compared to mark-sense ballots – it is not a security issue per se. And with Help America Vote Act (HAVA) funding to convert to more modern vote counting systems, the Oregon chad remains in only one county and will go extinct after 2004.

The mark-sense (’fill in the ovals’) ballots we have work well, and have low rates of over-votes and under-votes, despite the lack of automated machine checking that is possible in well-designed precinct voting systems. This suggests that reasonable visual design and human-friendly paper and pencil/pen home voting is a very reliable and secure system. When aided by automated counting equipment, we even have the additional benefit of very fast initial counts.

The increase in voter participation in Oregon since the advent of vote-by-mail — 10 to 30 percentage points above national averages, depending on the kind of election — leads to the only other issue, which is slow machine counts on election night after the polls close due to the surge of late ballots received at drop-off locations around the state. Oregon in fact isn’t really ‘vote by mail,’ it’s vote-at-home, with a paper ballot that can be mailed or left at any official drop-off point in the state, including county election offices, many schools and libraries, malls, town squares, etc.

The great advantage of the Oregon system is that it relies on the principle that if you appeal to the best instincts of the citizen, the overwhelming majority will ‘do our part’ to ensure the integrity of the democratic voting process, whether it is full consideration of the candidates and issues before voting, watching to make sure all ballots are securely transferred and counted, or favoring those laws and policies that insure that everyone eligible can vote, that their votes are counted, and that the candidates and measures with the most votes win.

The system is also cheaper than running traditional precinct elections. What’s not to like?

It’s so simple, and so sensible. Next time someone suggests ‘i-voting’ or ‘m-voting’ or whatever, you know what to point to…

Tags: absentee, envelope, evoting, mail, number, process, security, side, signature, voter, voting

Funny: The staff of O2 Retail, Kennedy Road, Navan have set them up the foneblog, it appears, and are messing about… Why not give ‘em a call? Looks like their number is +353 46 21803!

On the subject — Dervala on texting. I couldn’t get over the text frenzy that took place over New Year’s — I’d forgotten all about it in the few months I’d been away.

Tags: call, dervala, foneblog, frenzy, funny, looks, navan, number, place, staff, text

E-Voting: Very interesting page reproducing a translation of part of an expert report detailing an incident that occurred during an ‘electronic election’ in Belgium on May 18th 2003.

The latest EDRI-gram notes:

The total number of preferential votes cast on a specific candidate was higher than the total number of votes for his list. A series of tests was conducted on the computer of the president of the voting committee, but the error could not be reproduced. The difference in votes was exactly 4096, leading the research-team to the conclusion that the error was probably due to a spontaneous inversion of a binary position in the read-write memory of the PC.

This serves as a pretty good pointer to how, even if the software is audited to death and pronounced reliable, the hardware can still trip you up. Computers are fundamentally unreliable.

The solution? Why, a Voter-Verifiable Audit Trail of course. ;)

Tags: e-voting, election, error, expert, incident, may, number, page, part, report, translation

FROM: UNIVERSAL STAKES LOTTERY, IRELAND. (forwarded by Rick Kleffel on the forteana list)

SCOvEveryone: so SCO showed some ‘evidence’ of code-copying from SCO to Linux — problem is, it’s code from UNIX v7, written around 1978/79; the code was released in BSD UNIX, rereleased by SCO/Caldera themselves under a BSD license later, and versions appear in textbooks under public domain. In other words, the SCO ‘pattern analysis’ team who found this ‘copied code’ didn’t realise that this source had been released long ago — even by their own company, no less. ho hum, good luck prosecuting based on that. next!

Blogs: Malte, one of the SpamAssassin dev team, now has a weblog too — and with a better translation of the ‘W32.Blaster caused the blackout’ theory too. ;)

From: “James” (spam-protected)
Date: Mon Aug 18, 2003 4:15:40 AM US/Pacific
To: (spam-protected)
Subject: Congratulation! ( Please acknowledge this mail asap)

FROM: UNIVERSAL STAKES LOTTERY
IRELAND. REF NUMBER: 014/060/532 BATCH NUMBER: 762901-PCD03

Sir/Madam,

We are pleased to inform you of the result of the Lottery Winners International programs held on the 3rd of July, 2003. Your e-mail address attached to ticket number 27522465896-6453 with serial number 3772-554 drew lucky numbers 7-14-18-23-31-45 which consequently won in the 2nd category, you have therefore been approved for a lump sum pay out of 2,000,000 (EUROS ) (TWO MILLION EUROS)

CONGRATULATIONS!!!

For security purpose and clarity, we advise that you keep your winning information confidential until your claims have been processed and your money remitted to you. This is part of our security protocol to avoid double claiming and unwarranted abuse of this program by some participants. All participants were selected through a computer ballot system drawn from over 20,000 companies and 30,000,000 individual email addresses and names from all over the world. This promotional program takes place every year. This lottery was promoted and sponsored by eminent personalities like the Sultan of Brunei. We look forward to your active participation in our next year USD50 million slot. You are requested to contact our clearance office to assist you with the claim and transfer of your winnings fund into your instructed account by acknowledging the receipt of this mail with the email address below.

Email address: (spam-protected)

Note that, all winnings must be claimed not later than one month. After this date all unclaimed funds will be null and void.

Please note in order to avoid unnecessary delays and complications, remember to quote your reference number and batch numbers in all correspondence. Furthermore, should there be any change of address do inform our agent as soon as possible. Congratulations once more and thank you for being part of our promotional program. NOTE: YOU ARE AUTOMATICALLY DISQUALIFIED IF YOU ARE BELOW 18 YEARS OF
AGE.

Sincerely yours,

James Clark.

(Lottery Coordinator)

Tags: bsd, code, from, lottery, number, sco, stakes, team, universal, unix

FFII have discovered that Amazon.com have received a patent from the EPO ‘which covers all computerised methods of automatically delivering a gift to a third party’. It seems to cover Amazon’s ‘One-Click’ ordering system, as well.

Wierd: Tiny town to reek of sex. Don’t get excited — it’s only moth pheromones. (via Peter Darben on the forteana list.)

Medical slang, including:

• ATS: Acute Thespian Syndrome
• Departure lounge — Geriatric ward
• DBI: Dirtbag index (calculated by the number of tattoos on the body multiplied by number of recent missing teeth, to estimate days without a bath)
• NFN: Normal for Norfolk
• Pumpkin positive: When you shine a penlight into the patient’s mouth and his brain is so small his whole head lights up
• PFO: Pissed, fell over
• Scepticaemia: What doctors develop with experience

And — finally! — an explanation for that ER term:

• Stat: Immediately, shortened from the Latin statim

Linux: GrokLaw on SCO and Sun’s Linux indemnification FUD. Well worth a read – especially the bit where Mr. GrokLaw finds an old SCO contract that does include indemnification terms. Indemnification, that is, with some pretty serious get-out clauses and stings in the tail.

Weather: Mont Blanc closed due to record heatwave. ‘This year, for the first time since its conquest in 1786, the heatwave has made western Europe’s highest peak too dangerous to climb. Mont Blanc is closed. The conditions have been so extreme, say glaciologists and climate experts, and the retreat of the Alps’ eternal snows and glaciers so pronounced, that the range — and its multi-billion-pound tourist industry — may never fully recover.’

Food: Cooking for the Mafia. ‘Conrad Gallagher was the highest flier in the gaudy firmament of New Ireland. A Michelin star at the age of 26, and a swank restaurant, called Peacock Alley’. Not too long afterwards, things had not gone so well — he was in the Brooklyn Detention Centre. Pretty terrifying article — a US jail is not one of the nicest places in the world…

Spam: The Howard Dean election campaign ran into a wrinkle last week — and pretty soon was apparently ‘joe-jobbed’. This one is going to get interesting, if the Dean campaign follow up, as joe-jobbing an election campaign is in violation of federal election law, and is apparently taken quite seriously.

Reminder: keep an eye on Spamvertized.Org for the latest news in political spam!

Tags: amazon, blanc, com, ffii, heatwave, indemnification, linux, mont, number, sco

Lost from the Baghdad museum: truth (Guardian). hmmm! It seems we’ve been had:

(In April, it was widely reported that) 100,000-plus priceless items were looted (from the Baghdad museum) either under the very noses of the Yanks, or by the Yanks themselves. And the only problem with it is that it’s nonsense. It isn’t true. It’s made up. It’s bollocks.

Incredible — it seems (a) the museum was looted — to a degree; the vast majority of ‘missing’ items had actually been moved into safe storage, and ‘most of the serious looting was an inside job’.

And (b) the academics and journalists who reported ‘170,000 items … stolen or destroyed’ had been led by the nose by Dr Donny George, the museum’s director of research. It just wasn’t true:

Over the past six weeks it has gradually become clear that most of the objects which had been on display in the museum galleries were removed before the war. Some of the most valuable went into bank vaults, where they were discovered last week. Eight thousand more have been found in 179 boxes hidden ‘in a secret vault’. And several of the larger and most remarked items seem to have been spirited away long before the Americans arrived in Baghdad.

George is now quoted as saying that that items lost could represent ‘a small percentage’ of the collection and blamed shoddy reporting for the exaggeration. ‘There was a mistake,’ he said. ‘Someone asked us what is the number of pieces in the whole collection. We said over 170,000, and they took that as the number lost. Reporters came in and saw empty shelves and reached the conclusion that all was gone. But before the war we evacuated all of the small pieces and emptied the showcases except for fragile or heavy material that was difficult to move.’

This indictment of world journalism has caused some surprise to those who listened to George and others speak at the British Museum meeting. One art historian, Dr Tom Flynn, now speaks of his ‘great bewilderment’. ‘Donny George himself had ample opportunity to clarify to the best of (his) knowledge the extent of the looting and the likely number of missing objects,’ says Flynn. ‘Is it not a little strange that quite so many journalists went away with the wrong impression, while Mr George made little or not attempt to clarify the context of the figure of 170,000 which he repeated with such regularity and gusto before, during, and after that meeting.’ To Flynn it is also odd that George didn’t seem to know that pieces had been taken into hiding or evacuated. ‘There is a queasy subtext here if you bother to seek it out,’ he suggests.

Tags: april, collection, guardian, hmmm, museum, number, problem, truth, war, yanks

Joe Haslam (hi Joe!) mailed about Aeronautics.RU, wondering if it’s a fake. I’m pretty sure not, and John Sutherland at The Guardian concurs, noting that it was big in the City of London:

You don’t factor news into your model, but intelligence. There is a surfeit of war news, but reliable intelligence is hard to come by. The canny (stock market) trader in these parlous days has a first port of call - GRU (Glavnoye Razvedyvatelnoye Upravleniye), the espionage arm of the Russian military.

GRU is the most sophisticated agency of its kind in the world. And, since Glasnost, the most transparent. GRU has thousands of agents worldwide (especially in countries such as Iraq, where Russia has traditional trade links). Intelligence has always been a top priority for Ivan. The number of agents operated by the GRU during the Soviet era was six times the number of agents operated by the KGB.

Russia, superpower that it was, still has spy satellites, state-of-the-art interception technology and (unlike the CIA) men on the ground. The beauty of GRU is that it does not (like the CIA) report directly to the leadership but to the Russian ministry of defence. In its wisdom, it makes its analyses publicly available. These are digested as daily bulletins on www.iraqwar.ru.

… and syndicated onto Aeronautics.RU as well. Sadly, since the Russians closed up their Baghdad embassy and got out of Iraq, just in time it seems, all the reports have dried up. Ah well.

The reporting was incredibly detailed, and modulo a big chip on their shoulder about US imperialism, pretty informative.

Joe also points to another Aeronautics.RU article, ‘how military communications are intercepted’. Venik, the author, notes that the US is using SINCGARS ‘frequency-hopping’ radios, which use a daily-broadcast shared secret as an initial vector for the algorithm which determines what frequencies to ‘hop’ through, throughout the day.

However, security afforded by frequency-hopping methods is very dependant on the strict adherence to protocols for operating such radios. The US troops and other operators of frequency-hopping radio sets frequently disregard these protocols. An example would be an artillery unit passing digital traffic in the frequency-hopping mode, which would enable an unauthorized listener to determine the frequency-hopping algorithm and eavesdrop on the transmission. (jm: sounds like a known-plaintext attack; similar attacks were used by the Allies on German use of Enigma during WWII.)

Even when proper protocols for using frequency-hopping radios are being adhered to interception and decryption of these signals is still possible. The frequency-hopping interceptors are special advanced reconnaissance wideband receivers capable of simultaneously tracking a large number of frequency-hopping encrypted transmissions even in high background noise environments.

It then details some seriously specialized equipment for breaking frequency-hopping radio transmissions, which can ‘process the complete 30 to 80 MHz ground-to-ground VHF band within a 2.5 ms time slot’.

So judging by all of that, the chances of finding one of those ‘FH-1 frequency-hopping interceptors’, ‘manufactured by VIDEOTON-MECHLABOR Manufacturing and Development Ltd of Hungary’, sitting in the Russian embassy in Iraq about 2 weeks ago, would have been pretty high I’d bet. ;)

He doesn’t detail why encryption the system uses, or how that is supposedly being broken. But I don’t doubt it was, personally. Given the ‘artillery unit’ hole noted above, there were probably quite a few ways to get hold of the day’s key, given enough time and thought; and from what I’ve read, it can only be very tricky to use good crypto, and keep it secure, in a battlefield environment. And those Russians have had plenty of time to think about US military systems after all. ;)

Tags: aeronautics, cia, city, fake, gru, guardian, intelligence, model, news, number

Matthew Leeming describes his unnerving encounter in Afghanistan with the murderers of General Massoud:

This summer that place was Afghanistan, from where I have just crossed, disguised as a woman in a shapeless burqa, over the 16,000ft Shai Salim pass into Pakistan. I met a number of people who, by English standards, were decidedly weird … so the two Moroccan journalists with whom I shared a house in the Panjshir seemed almost normal. It was not until after they had killed themselves and General Ahmad Shah Massoud, the commander of the Afghan anti-Taleban forces, a week later that I realised I had spent five days living with two of Osama bin Laden’s kamikaze fighters.

Date: Fri, 28 Sep 2001 14:25:20 +0000
From: “Martin Adamson” (spam-protected)
To: (spam-protected)
Subject: Breakfast with the killers

http://www.spectator.co.uk

Breakfast with the killers

Matthew Leeming describes his unnerving encounter in Afghanistan with the murderers of General Massoud

‘Every year there’s one place in the globe worth going to where things are happening,’ says Basil Seal to his mother, immediately before stealing her jewels to fund such a trip. ‘The secret is to find out where and to be on the spot at the time.’

This summer that place was Afghanistan, from where I have just crossed, disguised as a woman in a shapeless burqa, over the 16,000ft Shai Salim pass into Pakistan. I met a number of people who, by English standards, were decidedly weird — one man asked me if it were true that in England women could marry their dogs — so the two Moroccan journalists with whom I shared a house in the Panjshir seemed almost normal. It was not until after they had killed themselves and General Ahmad Shah Massoud, the commander of the Afghan anti-Taleban forces, a week later that I realised I had spent five days living with two of Osama bin Laden’s kamikaze fighters.

Foreigners in Afghanistan tread a fairly well-worn path, usually a triangle between the acting capital in Faisalabad, the Panjshir valley and the government’s military base, Khawja Bahauddin, in the north. Transport is either by Jeeps that cost $200 per day, or — for the really reckless — the government’s ropy, Russian-built helicopters.

I had heard that if there is a Shangri-la it is the Panjshir in August, a narrow, fertile valley surrounded by arid mountains from which the Afghans have for centuries shot at their invaders. It ends at Kabul, which is now one of the main battle-fronts between the government and the Taleban. I arrived, after a torturing road journey from Khawja Bahauddin, between the mulberry and grape harvests, and as I walked along the road groups of men and children invited me to join them for lunch. It was a sponger’s paradise.

I was an official guest of the government, and now my guide, Qhudai, took me to the government guest house, opposite the government’s helicopter base, before leaving me to recover. I was woken before dawn every morning by the shriek of helicopter engines starting up, and would take my breakfast watching soldiers embarking for the flight to another front. No expense has been spared on the house itself, nor on the bill for staff, and I was comfortable for the first time in a month. (I had been sleeping in chai khanas, which are a cross between a night shelter for the homeless and a boarding school.) For two days I was served enormous meals of mutton and rice, alone in a dining-room designed to seat 30. This changed when the Moroccan journalists arrived.

I first saw them pacing up and down in front of the house. They did not return my hello. That evening I was served dinner on the floor of my room as the Moroccans made free with the dining-room. They spent all the next day in their bedroom with the door open, lying on their beds and staring at the ceiling.

On Qhudai’s return, I delegated him to make inquiries from the staff. ‘They are Arabs,’ he reported, with some disgust. ‘They are very unfriendly.’

The next day I determined to break the ice. ‘I’m not eating in my room,’ I told the major domo. ‘I shall eat with the journalists.’ At eight p.m. sharp I presented myself in the dining-room. Both journalists had already started on the bread. There was a definite hierarchy between them. The first sat at the head of the table. He was large and dark, but his most curious feature were two blackened indentations on his forehead, which looked like the result of torture with an electric drill.

I asked him where he and his companion came from and he said Morocco, but they lived in Brussels. I tried to have a polite conversation about holiday destinations in Morocco, but he was unforthcoming. There was something about his manner that prevented me from asking exactly where he lived in Brussels. His companion said nothing, but ate his way through the rice and mutton with a hearty appetite.

The next day the senior Moroccan saw me using a satellite phone, and he became a good deal more amiable. Satellite phones are status symbols but also basic necessities for travel in Afghanistan, and mine had got me out of a number of scrapes already. He approached me, and asked if I had the phone number of Bismillah Khan, the military commander of the Panjshir. I did, and volunteered the services of Qhudai to help.

‘We are doing a television documentary about Afghanistan, and we need to get on a helicopter to Khawja Bahauddin,’ he told me.

The person to arrange this was the commander of the Panjshir, Bismillah Khan. As it happened, I had met him several days before and knew his telephone number. But he didn’t answer.

‘Do you have General Massoud’s number?’ asked the senior Moroccan. I was slightly staggered.

‘No. I don’t think he gives it out. You see, the Russians can find out where you are from a satellite phone and send a missile in to kill you. That was how they got Dudaev.’

Qhudai looked slightly menacing.

‘Why do you want to meet Commander Massoud?’ I asked the Moroccans. I remember them exchanging glances.

‘For our TV film,’ he said.

Afterwards Qhudai said to me, ‘I think they are spies.’

‘But everyone’s a spy in Afghanistan,’ I said. ‘You’re a spy.’

‘But they are Arab spies.’ There seems little love lost between Persian speakers and Arabs, so I put this down to racial prejudice.

We left shortly afterwards, and gave no further thought to the Moroccans, except occasionally to speculate that they were probably still waiting in the Panjshir for a helicopter.

A week later we heard that Massoud had been fatally injured in a Taleban attack, but it was only after we had crossed the border into Pakistan and saw a newspaper report that two Moroccans posing as journalists were responsible that we realised the identity our companions. Qhudai reproached himself for his stupidity. I was horrified that we had spent five nights sleeping next to a room full of several kilos of explosives.

After talking on the phone to some of Massoud’s lieutenants we managed to piece together an account of what had happened. While Massoud’s security was tight in many ways, he was always prepared to see journalists. He was a charming, well-educated product of a French lycée and journalists were always happy to see him. Access was controlled by a sidekick we had come to loathe — Engineer Asim — who was obstructive until he was offered money. Asim let the Moroccans into Massoud’s room.

According to our sources, Massoud immediately realised that there was something wrong (the torture marks on the forehead?), and shouted to Asim to get them out. At this, the senior Moroccan exploded the bomb hidden in his camera. He and Asim were pulverised. The second Moroccan (the one who ate more) escaped and jumped into the river Oxus, from which he was fished by guards and shot. Massoud — still living — was flown to Tajikistan for treatment. The Taleban immediately claimed that he had been killed outright, and most press reports supported this, but it seems more likely that he hung on to life for nearly a week and died without regaining consciousness.

In retrospect, one can see that the murder of Massoud was a deliberate first step in a carefully planned series of atrocities. Massoud represented the only credible military threat to the Taleban. Known as the ‘Lion of the Panjshir’, revered by his men, he had defeated the Russians 15 times and almost certainly could not be displaced from his stronghold in western Afghanistan. Many people — including Massoud’s younger brother, Wali, the Afghan ambassador in London — have been urging the West for years to arm the Northern Alliance properly to ensure the Taleban’s defeat, but to no avail. Now the man who may go down in history as one of the great generals of irregular warfare, who, with proper support, could have defeated the Taleban in a year, is dead and the West is desperately looking for credible and committed Muslim allies with whom to fight the Taleban.

Tags: ahmad, moroccan, number, osama, panjshir, place, salim, summer, week, woman

Some vague web musing: while reading Cory Doctorow’s “Metacrap” essay on metadata, I noticed this:

Certain kinds of implicit metadata is awfully useful, in fact. Google exploits metadata about the structure of the World Wide Web: by examining the number of links pointing at a page (and the number of links pointing at each linker), Google can derive statistics about the number of Web-authors who believe that that page is important enough to link to, and hence make extremely reliable guesses about how reputable the information on that page is.

He’s right, of course — that’s how Google works. But while reading this, it occurred to me that this implicitly rewards websites that consist of small numbers of large pages, instead of high numbers of short pages; if your site has a page for ever sub-heading (think of a Linux HOWTO document here), and a linker to your site links to the page that’s relevant to what they’re talking about, your Google ranking will be lower than if you keep the document all in one page and use named anchors.

Personally, despite what Jakob Neilsen thinks, I prefer the all-in-one page mode myself. It’s quicker to download (overall), easier to print or read offline, and I’m not afraid to use a scrollbar. Interesting to see Google (accidentally) recommends it too ;)

The rest of the essay is spot on, in my opinion.

BTW, Cory also writes for Boing Boing, one of the coolest mags I used to read back when, and now a top-quality weblog.

Tags: cory, document, essay, google, linker, metadata, number, page, site, web