...so here it is for the unlucky. There were a few pictures, and text examples I removed so it wouldn't get too big, but it's mostly intact.
---- 1 Overview Not all people that send undesirable email (spam) are the same. Their motives differ as greatly as their tools and technical abilities. This document uncovers a spam gang who seeks to acquire your banking information, and the response from one of the targeted victims: Citibank.
This document describes the unique bulk-mailing tool used for recent rash of financial email scams. These scams target financial entities such as Citibank, Wells Fargo, Halifax Bank, eBay, and Yahoo. Only one specific spam gang uses this tool for these financial scams. This spam gang started slow with only a few members, but has increased in both gang membership and spam volume.
All emails and headers are provided unmodified with the following exception: all personal information has been modified to protect the identity of the recipient. These modifications are denoted with bold and underlined typeset. Every effort has been made to retain the same data format without disclosing personal information. For data taken from the public domain, such as newsgroup postings and messages from open forums, no effort has been made to modify the data or protect the publicly disclosed recipient.
2 The Citibank Scam With the growth of online banking comes online fraud. These schemes vary from web sites that "look" like the actual financial institution to email asking for personal banking information. At first glance, the email below (Fig. 1) looks like just another one of these simple bank fraud schemes.
At a quick glance, this email appears to be from Citibank, as it contains a Citibank URL. But a closer inspection indicates a financial scam:
* The email contains multiple misspellings and grammatical errors, such as "becaurse" and "This automatic email sent to:".
* The content contains hash-busters (unique characters in the contents that are used to bypass hash-based spam filters). For example, the "-t-" and "K" in the main paragraphs, and the "y" and "C" before the long lines of hyphens. Different recipients received the message with different hash-buster characters.
* Although the included URL begins with "www.citibank.com", it actually goes to "sd96v.pisem.net" [ref 1]. This server is hosted in Moscow, Russia and is not part of Citibank.
* The email header does not originate from Citibank. Instead, it originated from a DSL system in Italy. Network scans of this host (Appendix A) indicate that the system was likely compromised.
People who clicked on the link saw the Citibank web page and a popup that prompts for login information (Fig. 2, Fig. 3). Although the Citibank web page actually came from Citibank, the popup came from a non-Citibank server. Victims that entered banking information in the popup essentially gave their accounts to an unknown scam artist.
2.1 Mass Mailing Revisions The 29-Sep-2003 mass mailing (Fig. 1, Fig. 2, and Fig. 3) is actually the second revision of the fraudulent bank emails. The first revision appeared on 16-Aug-2003 and asked the recipient to view new banking terms and conditions. Users who clicked on the link were redirected to a server in China. The first revision included the recipient's email address as a field in the URL. The second revision replaced the address field with a series of random characters. The popup for the second revision only asked for the user's Card and PIN numbers. The third release on 25-Oct-2003 (Fig. 4) was revised to prompt for the user's Card number, PIN number, and expiration date.
In nearly every case, a Russian server was used, either to host the requests, or to act as a web-bug and count the number of hits. For example, the web bug from the first revision can be found here. According to this web-log, there were 107,274 hits on 16-Aug-2003, and 91,573 hits on 17-Aug-2003 (Fig. 5). These were primarily due to responses to the first sp
As much juvenile and downright silly Stallman gets, I wish he'd get a bit of support from "the community". He's one of the founding fathers after all.
What, me, donate? Wait, I've only been using the internet since 1995. I don't even run an open source OS. Don't tax me, don't tax thee, let's tax this guy behind this tree.
I wish there'd be modifiers for "cynical" alongside "funny" or "offtopic".
CD's spin. That's a great waste of energy, specially if you're a portable-player type. Ideally, mechanical energy shouldn't have to be employed to access digital storage media.
(Just don't reply to tell me electricity is cheaper and cheaper and whatnot. I'm just providing rationale to get rid of that stupid stupid idea altogether. I mean, rotating discs made of platinum, you gotta think they were thinking of LP's too much when they came up with that.)
Organize a website to get developers to write an Open Source one.
Let me get something straight here. People. Are. Just. Not. Gonna. Bother .
I have more of an interest in trying out Linux than most of the desktop users out there. I dual booted into Red Hat 5 for a long while, basically because I liked messing around in it - and Quake ran great - and always ended up deleting the partition to free HD space, always in scarcity.
I'm running enough open source software by now that it'd be painless to switch to Linux. It's a bit more powerful and configureable, and I'd be somewhat happier running Linux. But I really have a life besides my computer, and I'm not gonna bother hacking up a driver or starting a whole community around it.
And I'm not gonna bother deciphering meant-for-engineers technical docs to see if my CD-ROM drive has some quirky use for some dandy non-mandatory ATAPI instruction. If random distros of Linux (and it's not just Mandrake, read up the comments) are frying random popular cd-rom drives, I'm just not gonna bother.
I got my NIC for free when I joined my broadband provider, and I'm just not gonna bother searching hardware stores to see if they have some Linux-compatible NIC. It either runs on what I have, or I ignore it.
And most users are even less interested in Linux than I have. I happen to have a particular taste for computers and programming and geek culture. Most economists - high-level professionals who've gone through heavy scientific and mathematical training - care even less.
Cluetrain arriving: people just don't organize their lives around Linux.
People use sub-par nonstandard tienda-de-descuentos el-cheapo xing-ling put-together-with-nose-bugger hardware. Period. Hardware is expensive for those of us not living in alice's-wonderland-with-7%-GDP-growth-in-one-semes ter. Americans often lose all notion of how much poorer the rest of the world is.
You either put up with that and write safe software for sub-par nonstandard tienda-de-descuentos hardware, or you create clear specifications of what kind of system you must have for Linux to even work.
(By the way, am I the only one annoyed by the fact that even the modern-est Linux distros only support 10% of the ethernet cards supported by Win95?)
There were industry-wide Multimedia PC specs for a while - MPC1, MPC2, MPC3. That kind of standardisation makes life easier for the computer buyer. Perhaps someone should come up with Linux Hardware Specifications (in two or three levels, low-end, desktop and high-end). That way, anyone could go to their local tienda-de-descuentos el-cheapo xing-ling computer assembler and ask for a Linux Computer, level two.
That said, just imagine what Slashdot'd be saying if this problem happened with a M$ release.
Mandrake should make clear what component of their distro causes the LG problem, so one can check other Linux distros (sp. relatively unknown ones) before permanently damaging one's hardware.
Now, really. Big Fusses are made over the smallest security issues in Windows - it's just sad that something serious as this is hushed down.
I'm glad Slashdot is starting to pay a bit of attention to the economics of this whole twenty-first century schizoid trip. I was pretty sad that they had chose to post about pretty much any Nobel prize, except the one for economics.
And, well, I'm an economist too, and I particularly like 'The Economist' as a medium who doesn't deny the juicy details in the interaction between theory and empirical evidence to the non-economist layman.
Political bias is pretty hard to avoid, but where the left-of-center media will appeal to emotion and to misleading common sense, 'The Economist' shows as much actual content as you'll find outside the academic publications.
I might be repeating someone, but I couldnt find any mentions to this while skimming the discussion. A much needed feature in web authoring environments is integrated FTP. I still use HTMLKit, a big, bloated, ugly piece of crippleware because of that.
As the former brazilian Federal Reserve chairman put it, "specialists have been able to predict nine of the five major crisis in the past decades".
Or if you like Dilbertiana, from Scott Adams' "The Dilbert Principle"'s chapter on machiavellic methods: "Always predict disaster. No project is so succesful that you can't point out a few examples of what you 'were afraid that could happen'".
It's a whole industry. I'm reminded of Alvin Toffler.
Stuff in general usually has a diminishing marginal utility - that means, each extra unit of stuff yields less utility (satisfaction) than the previous one.
For those calculus-savy, d*u^2/d^2*q
That's been incorporated in the whole body of theory, to explain everything - from demand response to lower interest rates to risk management in capital asset portfolios.
Just a few ideas rolling - I'm sure/.'ers will come up with more, and comment on this specific case. Not being an american, I lack the general "feeling" on the workings of the american economy.
0) Both empirical data and theoretical elaboration seem to concurr on that an Added Value tax would be the most efficient kind of taxation. Sales taxes don't quite distribute tax burden efficiently along the production chain. But how complex is really the production chain in a high added value internet reseller?
1) In countries with a high unemployed capacity, sales taxes will be very hurtful, as they will reduce consumption. But in a mature economy like the US, a carefully planned combination of consumption taxes and investment exemptions could encourage savings - and americans save four to five times less than their european counterparts.
2) The deadweight burden (the loss in welfare that doesn't become govt revenue) of a tax depends (among other supply-related factors) on demand elasticity - how much will demand react to a change in prices. If internet buyers are more price-sensitive than, say, buyers at the Walmart station in Dullsboro/OH, this could be hurtful to profitability perspectives as a whole.
3) How will this affect e-commerce with other countries? Foreigners are never happy to pay US taxes.
4) From a general equilibrium viewpoint, how large is the internet retail market in comparison to the large scheme of things? If not large enough, could it be the proverbial butterfly in south america causing a month-long storm in India?
5) I don't know if product-factor (Leontieff) matrixes are done by US bureaus of statistics regularly, but it would be interesting to take a peek if they did. Leontieff matrixes attempt to capture the interdependence of sectors in the economy - and while not being theoretically strict from a general equilibrium viewpoint, they're a very practical statistical tool. Anyone knows something about this?
6) Are they just trying to alleviate the govt. deficit? It doesn't seem to me the administration really cares about govt deficit.
7) Are they trying to impose stricter regulations on the internet on the grounds of tax evasions?
Perhaps this should serve as a cautionary tale on how open source development is _not_ the panacea it's sold to be.
In theory, capitalism is a Columbus' egg: competing firms will strive to satisfy the customer, thus maximizing social welfare. But just as lack of competition begets corporate mammoths like our friends from Seattle (I'm talking about Sub Pop, I swear! Nirvana, Soundgarden, et cetera), an established reputation might beget open source initiative monoliths.
I'm not up to date enough to claim with a reasonable degree of certainty that the XFree86 group has become a stagnant monolith, but that's a theoretical possibility I've been fiddling with for a while.
Mainstream public sector economics has been developing the idea that government departments and autarchies compete for influence and budgeting, and perhaps it wouldn't be that much of a stretch to imagine open source projects compete for user-base share and reputation. And while that can be good for the same reasons free market competition is good - Linux distros keep one-upping each other - the presence of an open source standard might lead to a great concentration of power in the hands of project maintainers, swollen egos and entire project deaths.
Sure, it's open source, but I'm surely not getting to hack the Linux kernel in a long time, since I actually have a life and professional uses for the only computer I own. Should the "official" development of the Linux kernel stall (sp. at a point where there are serious bugs), I could choose one of the BSDs - monolithic developer groups themselves.
Solutions lie in the projects' group development rules, and having little experience in working with them, I don't have a lot of solutions. But wouldn't the story of RMS itself show that even the Elders have egos and can screw things up?
Open source just isn't a solution per se, and I feel the really important game is not in the licensing models, but in the group development models. Perhaps they need a bit of standardising and a few cool acronyms right now.
It's a smart move, after all. Instead of releasing a late alpha version as a product (like Win95) that'll have to be endlessly patched and fixed and improved (Win95 Plus, Win98, Win98SE), they're quietly leaking alpha versions so people can report bugs and they can fix it over two years until they have a 98SE-like stable build to market.
But then again, if I was teaching one of those hyped Human Resources classes at a business college, I'd insist on the case of Apple/Steve Jobs/John Scully as a fable on how no fancy management theory substitutes talent
I'd have to ignore the case of NeXT, but we want to teach people the right values, don't we? Microeconomic theory teaches that in the long run talent should prevail - talent being producing what customers want for the smallest cost, _not_ producing technically brilliant solutions that leave geeks drooling at the terse, elegant source code - but why step away from the opportunity of bringing the long run a little bit faster?
In any case, programmers need to satisfy the business demands, not their own egos. Brilliant programmers who fail to do so (and instead of patching and fixing the frankenstein that's already there demand that a new system is built altogether) will be unemployed, and, heck, they should be.
but it's time for some realism and some recognition that a safe, well paid, job is usually better than a temporary obscenely-paid one.
Actually, you need to do a present-value cashflow comparison between the two options.
Really, "present-value cashflow comparison" is a Business 101 buzzphrase, but it's pretty much how you understand how financial decisions should be made. Everything else in finance (from internal rate of return decisions to Black-Scholes derivative evaluation) are variations on that theme, with different degrees of sophistication.
Here's a quick tutorial I just found on Google. It's really easy to understand, and might avoid unwanted insertions in thy financial behinds.
Weeell, there's always a trade-off between space and money spent. Most silent PC solutions involve changing your hard drive and your power source and your last name and often the gender of your newborn.
What really bothers me is how the OSS people will seldom come up with new concepts (unless it's strictly in the techie level, like patch/diff or CVS), and will instead readily duplicate whatever functionality mainstream proprietary software has.
That must be because there is no research behind OSS development.
In any case, I feel this is the result of a flaw in patent laws. There _should_ be a way to patent an interesting functionality concept you came up with (like, say, dynamic tables, in Excel).
(Now, yes, the modularity of software like Firebird _is_ a concept, I realize, appreciate and support.)
Slashdot Mirror
...so here it is for the unlucky. There were a few pictures, and text examples I removed so it wouldn't get too big, but it's mostly intact.
----
1 Overview
Not all people that send undesirable email (spam) are the same. Their motives differ as greatly as their tools and technical abilities. This document uncovers a spam gang who seeks to acquire your banking information, and the response from one of the targeted victims: Citibank.
This document describes the unique bulk-mailing tool used for recent rash of financial email scams. These scams target financial entities such as Citibank, Wells Fargo, Halifax Bank, eBay, and Yahoo. Only one specific spam gang uses this tool for these financial scams. This spam gang started slow with only a few members, but has increased in both gang membership and spam volume.
All emails and headers are provided unmodified with the following exception: all personal information has been modified to protect the identity of the recipient. These modifications are denoted with bold and underlined typeset. Every effort has been made to retain the same data format without disclosing personal information. For data taken from the public domain, such as newsgroup postings and messages from open forums, no effort has been made to modify the data or protect the publicly disclosed recipient.
2 The Citibank Scam
With the growth of online banking comes online fraud. These schemes vary from web sites that "look" like the actual financial institution to email asking for personal banking information. At first glance, the email below (Fig. 1) looks like just another one of these simple bank fraud schemes.
At a quick glance, this email appears to be from Citibank, as it contains a Citibank URL. But a closer inspection indicates a financial scam:
* The email contains multiple misspellings and grammatical errors, such as "becaurse" and "This automatic email sent to:".
* The content contains hash-busters (unique characters in the contents that are used to bypass hash-based spam filters). For example, the "-t-" and "K" in the main paragraphs, and the "y" and "C" before the long lines of hyphens. Different recipients received the message with different hash-buster characters.
* Although the included URL begins with "www.citibank.com", it actually goes to "sd96v.pisem.net" [ref 1]. This server is hosted in Moscow, Russia and is not part of Citibank.
* The email header does not originate from Citibank. Instead, it originated from a DSL system in Italy. Network scans of this host (Appendix A) indicate that the system was likely compromised.
People who clicked on the link saw the Citibank web page and a popup that prompts for login information (Fig. 2, Fig. 3). Although the Citibank web page actually came from Citibank, the popup came from a non-Citibank server. Victims that entered banking information in the popup essentially gave their accounts to an unknown scam artist.
2.1 Mass Mailing Revisions
The 29-Sep-2003 mass mailing (Fig. 1, Fig. 2, and Fig. 3) is actually the second revision of the fraudulent bank emails. The first revision appeared on 16-Aug-2003 and asked the recipient to view new banking terms and conditions. Users who clicked on the link were redirected to a server in China. The first revision included the recipient's email address as a field in the URL. The second revision replaced the address field with a series of random characters. The popup for the second revision only asked for the user's Card and PIN numbers. The third release on 25-Oct-2003 (Fig. 4) was revised to prompt for the user's Card number, PIN number, and expiration date.
In nearly every case, a Russian server was used, either to host the requests, or to act as a web-bug and count the number of hits. For example, the web bug from the first revision can be found here. According to this web-log, there were 107,274 hits on 16-Aug-2003, and 91,573 hits on 17-Aug-2003 (Fig. 5). These were primarily due to responses to the first sp
As much juvenile and downright silly Stallman gets, I wish he'd get a bit of support from "the community". He's one of the founding fathers after all.
What, me, donate? Wait, I've only been using the internet since 1995. I don't even run an open source OS. Don't tax me, don't tax thee, let's tax this guy behind this tree.
I wish there'd be modifiers for "cynical" alongside "funny" or "offtopic".
of the LG/Linux incident?
CD's spin. That's a great waste of energy, specially if you're a portable-player type. Ideally, mechanical energy shouldn't have to be employed to access digital storage media.
(Just don't reply to tell me electricity is cheaper and cheaper and whatnot. I'm just providing rationale to get rid of that stupid stupid idea altogether. I mean, rotating discs made of platinum, you gotta think they were thinking of LP's too much when they came up with that.)
I'm running enough open source software by now that it'd be painless to switch to Linux. It's a bit more powerful and configureable, and I'd be somewhat happier running Linux. But I really have a life besides my computer, and I'm not gonna bother hacking up a driver or starting a whole community around it.
And I'm not gonna bother deciphering meant-for-engineers technical docs to see if my CD-ROM drive has some quirky use for some dandy non-mandatory ATAPI instruction. If random distros of Linux (and it's not just Mandrake, read up the comments) are frying random popular cd-rom drives, I'm just not gonna bother.
I got my NIC for free when I joined my broadband provider, and I'm just not gonna bother searching hardware stores to see if they have some Linux-compatible NIC. It either runs on what I have, or I ignore it.
And most users are even less interested in Linux than I have. I happen to have a particular taste for computers and programming and geek culture. Most economists - high-level professionals who've gone through heavy scientific and mathematical training - care even less.
Cluetrain arriving: people just don't organize their lives around Linux.
Sheeesh, some people...
Does _any_ version of Windows cause this?
Let me guess. No.
People use sub-par nonstandard tienda-de-descuentos el-cheapo xing-ling put-together-with-nose-bugger hardware. Period. Hardware is expensive for those of us not living in alice's-wonderland-with-7%-GDP-growth-in-one-semes ter.
Americans often lose all notion of how much poorer the rest of the world is.
You either put up with that and write safe software for sub-par nonstandard tienda-de-descuentos hardware, or you create clear specifications of what kind of system you must have for Linux to even work.
(By the way, am I the only one annoyed by the fact that even the modern-est Linux distros only support 10% of the ethernet cards supported by Win95?)
There were industry-wide Multimedia PC specs for a while - MPC1, MPC2, MPC3. That kind of standardisation makes life easier for the computer buyer. Perhaps someone should come up with Linux Hardware Specifications (in two or three levels, low-end, desktop and high-end). That way, anyone could go to their local tienda-de-descuentos el-cheapo xing-ling computer assembler and ask for a Linux Computer, level two.
That said, just imagine what Slashdot'd be saying if this problem happened with a M$ release.
Mandrake should make clear what component of their distro causes the LG problem, so one can check other Linux distros (sp. relatively unknown ones) before permanently damaging one's hardware.
Now, really. Big Fusses are made over the smallest security issues in Windows - it's just sad that something serious as this is hushed down.
I'm glad Slashdot is starting to pay a bit of attention to the economics of this whole twenty-first century schizoid trip. I was pretty sad that they had chose to post about pretty much any Nobel prize, except the one for economics.
And, well, I'm an economist too, and I particularly like 'The Economist' as a medium who doesn't deny the juicy details in the interaction between theory and empirical evidence to the non-economist layman.
Political bias is pretty hard to avoid, but where the left-of-center media will appeal to emotion and to misleading common sense, 'The Economist' shows as much actual content as you'll find outside the academic publications.
Really - it's not Fox News.
I might be repeating someone, but I couldnt find any mentions to this while skimming the discussion. A much needed feature in web authoring environments is integrated FTP. I still use HTMLKit, a big, bloated, ugly piece of crippleware because of that.
Or if you like Dilbertiana, from Scott Adams' "The Dilbert Principle"'s chapter on machiavellic methods: "Always predict disaster. No project is so succesful that you can't point out a few examples of what you 'were afraid that could happen'".
It's a whole industry. I'm reminded of Alvin Toffler.
Oh, drats. I forgot I can't just use mathematics. WHat got cut due to HTML parsing was:
d*u^2/d^2*q < 0. At optimum, d*u/d*q = 0, i.e. an extra unit yields no further utility.
For those calculus-savy, d*u^2/d^2*q That's been incorporated in the whole body of theory, to explain everything - from demand response to lower interest rates to risk management in capital asset portfolios.
D-oh. I think I just posted a huge, stupid message. Gosh, I wish I could take it back.
Just a few ideas rolling - I'm sure /.'ers will come up with more, and comment on this specific case. Not being an american, I lack the general "feeling" on the workings of the american economy.
0) Both empirical data and theoretical elaboration seem to concurr on that an Added Value tax would be the most efficient kind of taxation. Sales taxes don't quite distribute tax burden efficiently along the production chain. But how complex is really the production chain in a high added value internet reseller?
1) In countries with a high unemployed capacity, sales taxes will be very hurtful, as they will reduce consumption. But in a mature economy like the US, a carefully planned combination of consumption taxes and investment exemptions could encourage savings - and americans save four to five times less than their european counterparts.
2) The deadweight burden (the loss in welfare that doesn't become govt revenue) of a tax depends (among other supply-related factors) on demand elasticity - how much will demand react to a change in prices. If internet buyers are more price-sensitive than, say, buyers at the Walmart station in Dullsboro/OH, this could be hurtful to profitability perspectives as a whole.
3) How will this affect e-commerce with other countries? Foreigners are never happy to pay US taxes.
4) From a general equilibrium viewpoint, how large is the internet retail market in comparison to the large scheme of things? If not large enough, could it be the proverbial butterfly in south america causing a month-long storm in India?
5) I don't know if product-factor (Leontieff) matrixes are done by US bureaus of statistics regularly, but it would be interesting to take a peek if they did. Leontieff matrixes attempt to capture the interdependence of sectors in the economy - and while not being theoretically strict from a general equilibrium viewpoint, they're a very practical statistical tool. Anyone knows something about this?
6) Are they just trying to alleviate the govt. deficit? It doesn't seem to me the administration really cares about govt deficit.
7) Are they trying to impose stricter regulations on the internet on the grounds of tax evasions?
8) etc. etc.
Ha ha, anti-MS libel, how entertaining!
Perhaps this should serve as a cautionary tale on how open source development is _not_ the panacea it's sold to be.
In theory, capitalism is a Columbus' egg: competing firms will strive to satisfy the customer, thus maximizing social welfare. But just as lack of competition begets corporate mammoths like our friends from Seattle (I'm talking about Sub Pop, I swear! Nirvana, Soundgarden, et cetera), an established reputation might beget open source initiative monoliths.
I'm not up to date enough to claim with a reasonable degree of certainty that the XFree86 group has become a stagnant monolith, but that's a theoretical possibility I've been fiddling with for a while.
Mainstream public sector economics has been developing the idea that government departments and autarchies compete for influence and budgeting, and perhaps it wouldn't be that much of a stretch to imagine open source projects compete for user-base share and reputation. And while that can be good for the same reasons free market competition is good - Linux distros keep one-upping each other - the presence of an open source standard might lead to a great concentration of power in the hands of project maintainers, swollen egos and entire project deaths.
Sure, it's open source, but I'm surely not getting to hack the Linux kernel in a long time, since I actually have a life and professional uses for the only computer I own. Should the "official" development of the Linux kernel stall (sp. at a point where there are serious bugs), I could choose one of the BSDs - monolithic developer groups themselves.
Solutions lie in the projects' group development rules, and having little experience in working with them, I don't have a lot of solutions. But wouldn't the story of RMS itself show that even the Elders have egos and can screw things up?
Open source just isn't a solution per se, and I feel the really important game is not in the licensing models, but in the group development models. Perhaps they need a bit of standardising and a few cool acronyms right now.
It was a market failure, and it lost some of Jobs' money.
Technical validity is pointless if it doesn't market well.
It's a smart move, after all. Instead of releasing a late alpha version as a product (like Win95) that'll have to be endlessly patched and fixed and improved (Win95 Plus, Win98, Win98SE), they're quietly leaking alpha versions so people can report bugs and they can fix it over two years until they have a 98SE-like stable build to market.
Well, it's a smart conspiracy theory.
I'm reminded of this Slashdot piece on Microsoft claiming Apple is monopolistic.
I'd have to ignore the case of NeXT, but we want to teach people the right values, don't we? Microeconomic theory teaches that in the long run talent should prevail - talent being producing what customers want for the smallest cost, _not_ producing technically brilliant solutions that leave geeks drooling at the terse, elegant source code - but why step away from the opportunity of bringing the long run a little bit faster?
In any case, programmers need to satisfy the business demands, not their own egos. Brilliant programmers who fail to do so (and instead of patching and fixing the frankenstein that's already there demand that a new system is built altogether) will be unemployed, and, heck, they should be.
Actually, you need to do a present-value cashflow comparison between the two options.
Really, "present-value cashflow comparison" is a Business 101 buzzphrase, but it's pretty much how you understand how financial decisions should be made. Everything else in finance (from internal rate of return decisions to Black-Scholes derivative evaluation) are variations on that theme, with different degrees of sophistication.
Here's a quick tutorial I just found on Google. It's really easy to understand, and might avoid unwanted insertions in thy financial behinds.
Good idea, indeed.
You might also get rich in the process. Remember all the voodoo finance tricks taught in business schools were invented/discovered by economists.
Did I mention we just rule?
That must be because there is no research behind OSS development.
In any case, I feel this is the result of a flaw in patent laws. There _should_ be a way to patent an interesting functionality concept you came up with (like, say, dynamic tables, in Excel).
(Now, yes, the modularity of software like Firebird _is_ a concept, I realize, appreciate and support.)