[RISKS] Risks Digest 24.01
Date: Tue, 9 Aug 2005 13:58:34 -0500 (CDT)
From: [log in to unmask]
Subject: Hermann Chinery-Hesse and software in Ghana
There is an interesting article in the August 2005 issue of IEEE Spectrum
on the above subject. Mr. Chinery-Hesse runs a very successful software
business in Ghana. Some of the high points:
* Software that is lean and efficient, so it runs well on old PCs such as
386/486. These are affordable in Ghana.
* Software design for robustness under third-world conditions. For example,
frequent writes to disk to minimize work lost of the power goes off, as it
* Rather extreme measures to protect proprietary software, such as updates
installed in personal visits by software company employees. This to cope
with conditions in a country where any sense of ethics is practically
* Shunning of open source software, on the grounds that having the source
makes it too easy for unscrupulous users to modify the code so as to line
their own pockets.
This last item could well be criticized as security through obscurity.
Surely the incentives are there for users to make a considerable effort to
tamper with closed source proprietary software. One could argue that open
source software would be easier to audit for unauthorized modifications.
But then who audits the auditors? And how can they be sure that the code
actually running in the machine is accurately represented by the source code
they can see.
This suggests a larger research topic: how can we make computer systems that
are guaranteed to "work right" when they are to be installed in a den of
thieves? Seems like this has applicability to the problem of electronic
voting systems in the U.S.
Patrick O'Beirne, BSc, MA, FICS, managing director
http://www.SystemsPublishing.com Tel:+353 55 22294
"Spreadsheet Check and Control" courseware book with
47 key practices to detect and prevent errors.