Skip to content

The 2.5m$ GhanaPostGPS – Exclusive Technical Details from Vokacom – Part 2

Posted in Personal, and Tech Review

The previous article, “The 2.5m$ GhanaPostGPS – Exclusive Technical Details from Vokacom – Part 1“, I commented on the use of a 24-core server, hosted in Ghana by the GhanaPostGPS people, however the current application being run from Amazon AWS.

Part One of the series is here: https://blog.khophi.co/ghanapostgps-exclusive-technical-details-vokacom-part-1/

Part Three of the series is here: https://blog.khophi.co/ghanapostgps-exclusive-technical-details-vokacom-part-3/

They claim to have a ’24-core server’ with ‘high-end firewalls’ are a way to ensure ‘National Security’. If so, then why the heck is the app being hosted on Amazon AWS? Does that not nullify the whole idea behind “National Security”, “Natural Project” whatever?

Food for thought!

However, in this article, we consider the next section of the email I received from a Vokacom Developer shedding light on the behind the scenes.

I talk about the section of the email below in this article:

Email from Vokacom Developer
Email from Vokacom Developer

Vokacom Analytics. What is that?

“Analytics is not google-analytics; it’s Vokacom Analytics. We provide GhanaPost with Database access and it’s corresponding reports; not google analytics to see how many crashes are happening; but how many people are registering their addresses; where are they; how many failures; how many security requests; which was responded to, how many households; etc. This disclosure was to the point that if the app is free, then why pay?” – Vokacom Developer

What is Vokacom Analytics? Anyone apart from Vokacom used it before? How does it work?

“but how many people are registering their addresses; where are they; how many failures; how many security requests; which was responded to, how many households; etc.”

Maybe I am missing a point, however, what is special and unique about this analytics?

  • “How many people are registering?” Finding this information, is it rocket science? Is it not a mere SQL query with a date range on the User model/table, whatever is being used.
  • “Where are they?” Trivial query, as well. Follow the query above to retrieve the locations of the users from the above timeframe
  • “How many failures?” At the server level or application level? Whichever the level, there is a million + 1 well-tested server and application level logs open source software out there. For server-level, a free option like Amplify is available if you use Nginx.
    • For application level, again there are plenty of open sources free-to-use solutions that you won’t need to lay your finger on a single line of code.

Case in point, there is a curated list for anyone interested in Server level monitoring and analytics and application level analytics and monitoring here: https://github.com/onurakpolat/awesome-analytics

You can thank me later.

Unless it is part of the ‘national security’ ‘national project’ clause in order to get away with all sorts of unnecessary options and justify the use of wrong tools, there is no use of Vokacom Analytics, whatever that thing is.

Heck, for what the developer describes above, related to the application level logs and monitoring, it all boils down to mere SQL queries.

  • “How many security requests”? And that means any breach of security attempts or what? Isn’t that something that comes for free (i.e the software and programs) with the so-called ‘high-end firewalls’ DDoS protection, or Vokacom Analytics ends up handling this? ‘Ɛsɛ mo ara!’

They say, there are many ways of killing a cat, except not all the means or ways are humane and wise and reasonable. How Vokacom killed the cat, I Can’t Think Far, and these excuses and justifications are just a way and means to either throw dust into our eyes with their so-called Vokacom Analytics OR find a reason for the wastage of funds.

Why kill a cat with Vokacom Analytics which, implicitly costs a lot of money (going to someone’s pocket, from all taxpayer’s pockets), when the same cat can be killed using free-to-use, even more well-tested, publicly known and vouched-for, and even better analytics solutions? Just why, Vokacom?

14,000$ for an SQL Server

“Many tech companies make money from enterprise usage and enterprise is not an incremental cost on basic; it’s a quantum leap. Take SQL Server license; express edition is free; standard edition is 931 per cal; enterprise edition is $14,256 per core. On a 24core server, SQL Enterprise license will be $171k! https://www.microsoft.com/en-us/sql-server/sql-server-2017-pricing

Whether to use SQL Server from Microsoft or not is debatable, and won’t go down that rabbit hole for now.

However, it is always wise to cut one’s coat according to their size. Unless Microsoft has in a way strong-armed Ghana to ship with their application, gushing out 170+k$ each year just to keep running on them is just senseless.

Is it a wise choice? The answer would depend on who you ask.

What are the basic reasons many developers (likely same with Vokacom) still pay exorbitant prices for almost no extra gain each year:

  • Developers are adamant and unwilling to learn and grow and be responsible for their systems
    • Very often, it is easier to pick up a phone and call a representative of a service you pay for to come help you, rather than using the head. Kinda fun, right?
  • Biased, personally influenced developers who would place their necks on alters for Microsoft to chop off.
    • A way to waste money on Microsoft Partners and whatnot
  • The developers are not the ones paying. They say, ‘Tax payer’s money is No man’s money’. Or it is the company paying, so no one cares.
  • The developers don’t care about saving costs.
    • Developers who do not provide smarter options to help their company/government/enterprise save more are just the worst! Seriously!

Is Microsoft SQL bad?

The answer is simply a big NO.

So dude, what’s your problem?

My problem is, why would anyone in their right mind, pay for a product (worse when you don’t have the luxury of money) which does NOTHING more than a free version?

My problem is this.

Imagine this scenario. There are two cars in front of Alice made by two different manufacturers, BMW and GM Electric. Both cars have the same tires, engine power, rims, seating capacity, trunk space, steering comfort, interior luxury, you name it. Everything about these two cars is almost the same, except they’re made by different manufacturers and are sprayed differently AND the car from GM costs 1,000$ but that from BMW is 100% free to own.

When Alice was asked to choose one, she chose the 1,000$ GM electric car. When asked the reasons, she said she had driven the 1,000$ GM car before and is comfortable with it.

Alice’s primary and ONLY reason for going with the 1k$ car is because she’s driven it before. And so, although it costs 1,000$, and she 100% knows the BMW does exactly the same the GM does, she still prefers the GM.

At some point, it gets extremely hard to understand why Alice keeps ‘wasting’ money on something there’s a free and equally effective option.

All Alice would have to do is ‘test’ the BMW first, try to see if she can get comfortable with that too. In fact, both cars have same seating position, clutch, gear handle and everything at the same positions. No difference, except one, costs money, and the other is free.

Eventually, Alice would have to ‘migrate’, as in carrying her belongings from the GM car to the BMW.

As much as the above scenario is probably not a good one, that’s EXACTLY what is happening with the paying of 170+k$ for a product of which there exists a free version doing even better.

You can Read about some reasons people still keep with Microsoft here

Why do companies pay for Microsoft SQL Server, when PostgreSQL costs less and has more features?

Is it possible for GhanaPostGPS to migrate to using a free alternative such as PostgreSQL, which has more features and costs less?

Yes

What would it take?

It will take lots of research, careful planning, and a team of TRUE serious Developers, who aren’t the type who hide behind vendors, but rather, rise up and take charge of their architecture.

Vokacom is saying they want ‘control’ over their architecture, yet they’ve outsourced to Microsoft to handle the job the developers SHOULD be doing. How’s that for ‘control’?

How much would it take?

For starters, it wouldn’t take 171,000$. And after the migration, it would take 0$ each year for the rest of Ghana’s life!

Concluding Thoughts

Organizations using a product or service which there exist a free alternative, for no absolutely better reason is just senseless!

Don’t be like Alice. Think. Use your head. Get serious developers, who are truly ready to take charge of every turn of the architecture, not the type who hide behind vendors, at the cost of 171k$ a year.

They had all the means to save some cash, but well, they didn’t. The why, ‘ɛsɛ ɔmo ara!’

Don't be like Vokacom
Don’t be like Vokacom

Fun Fact: Skype, which now belongs to Microsoft, even uses PostgreSQL.

Just think about it!

For the final part of this 3 part article, I touch on the last part, which is Google Maps API.

Don’t Be Like Vokacom, please!

Read third article: https://blog.khophi.co/ghanapostgps-exclusive-technical-details-vokacom-part-3/

  • James Luther

    Interesting write up Rexford. I’m not sure whether Vokacom’s developers are simply inexperienced or they just wanted to increase the project’s cost. Also, what do you think of the application itself?

    • Thanks.

      I’ve not used the mobile application before for the simple reason of the unnecessary details it asks before use.

      However, their website version, I’ve tried, and it works pretty straightforward and easy.

    • Kpakpo

      It has been ripped apart. Not even Proguard obfuscation could help them. The developer is not qualified to realize that Proguard DOES NOT shield you from a poorly substandard written java code full of vulnerabilities. It only makes your BADLY written code slightly difficult to read by other inexperienced developers. But pros who can read Assembly and C codes will take a reverse engineered APK as a walk in the park.
      A kenyan already made the application useless. Please don’t use that mobile app. Don’t join the thousands of security unconscious Ghanaians who don’t know what threats the app poses to their security and identity. Read up on the other white dude who did a proof of concept on his twitter to compromise the app, Stefan Froehlich. When he’s talking facts, our people are defending the indefensible.

  • Kpakpo

    Rex, if its Enterprise talk they shouldn’t get us started at all. I heard an ignoramus from GhanaPost say they are daring anyone to try and hack their system, and that hacking is criminal…hahahaha, ei Ghana..as our people will say “too know paaa nie”. Maybe he should ask the FBI, CIA and NSA, he’ll learn that security is an illusion as they keep getting hacked. Haven’t they asked why their(FBI,CIA,NSA) choice of OS is the BSD variants and not Microsoft…God help us. And for the ignoramus developer, if we’re talking Security, he should never ever ever put Microsoft and National Security in the same statement. Has he read up on why Microsoft is turning to FreeBSD and Open Source(free most times)? Our people are backward!!!!

    On PostgreSQL, the enterprise version is EnterpriseDB, doesn’t cost half of Vokacom’s 170k bill.
    Even Oracle 12c enterprise doesn’t.
    And as ignoramus as the developer from vokacom is, he’s talking about embedded DDoS features in a firewall and im laughing, honestly I was waiting for him to talk about the use of a WAF as well. Is he that ignorant and inexperienced that he doesn’t know that for an Enterprise solution NginxPlus gives you all that for less than $3000 per server? “boys kasa”.
    So if they want us to start talking enterprise talk they’ll loose that argument too. I think they assumed that all Ghanaians are as ignorant as they themselves are, but ignorant enough to throw jargons at us and go scot free to Dubai to chop the money.

    What I’m expecting Dr.Bawumia to do is to challenge all tech firms in Ghana to re-present bids and bills and lets see.And that ridiculous requirements they put in public tender expecting firms to pay crazy amounts, how many graduates from KNUST, Legon..etc who want to run startups but have the skill set to deliver can afford it. Instead of empowering young entrepreneurs like he promised he’s enriching himself…whiles his subjects like Ursula deceive Ghanaians in the name of “firewall upgrade” for 2.5m. SHAME!
    Dr.Bawumia did this with the Bank of Ghana GHS 4 billion deal(signed by JM) to create an interconnect of telco mobile wallets and charged GHIPSS to build that thing for less, why not this sham of a project called Ghanapost GPS???…let me guess, free chop for all the cronies of his government.

    You see the sad thing is that nothing will be done about all our expert analysis. This is Ghana, as one of the NPP guys said of technocrats like us “they’ll talk and stop and we’ll chop over $1.8m free..let them talk.”

    As for the so-called Isaac Sisi on your first post, I wonder what “flawed assumptions” means…ooooh let me guess, possible ‘brown envelope payment’ to push the vokacom gig eh!! Lord have Mercy.

  • Kpakpo

    Rex, we need to demand from them a full breakdown of how the $2.5m was spent. Public Accounts Committee or EOCO, is this not part of their mandate. A fellow in our tech industry drew my attention to the link below on CNN. There should be a legal way for us to demand a public report on how our $2.5m tax was used for the b****t app. Job for the boys indeed.

    http://money.cnn.com/2017/10/30/news/paul-manafort-millions/index.html?sr=twCNN103017paul-manafort-millions0503PMStory

    • That legal way would usually end up being something that needs to be looked into for misuse of funds, and the committee to investigate the former would end up needing investigation and the cycle goes on and on!

      Like rat on hamster wheel