aggregator

Microsoft President Calls Washington State's New Facial Recognition Law 'a Significant Breakthrough'

Slashdot - Your Rights Online - Cz, 2020-04-02 00:10
Microsoft President Brad Smith took a break from responding to the COVID-19 outbreak this week to praise Washington state's landmark facial recognition regulations. Washington Gov. Jay Inslee signed a bill Tuesday that establishes rules specifically governing facial recognition software. From a report: Smith called the law an "early and important model" and "a significant breakthrough" in a blog post published Tuesday. Some cities have enacted their own facial recognition rules, but Washington is the first to establish statewide regulations. "This balanced approach ensures that facial recognition can be used as a tool to protect the public, but only in ways that respect fundamental rights and serve the public interest," Smith said. The new law requires public agencies to regularly report on their use of facial recognition technology and test the software for fairness and accuracy. Law enforcement agencies must obtain a warrant before using facial recognition software in investigations unless there is an emergency. The bill also establishes a task force to study the use of facial recognition by government agencies. Under the bill, public entities using facial recognition software to make decisions that produce "legal effects" must ensure a human reviews the results. That category includes decisions that could affect a person's job, financial services, housing, insurance, and education.

Read more of this story at Slashdot.

Cloudflare Launches a DNS-Based Parental Control Service

Slashdot - Your Rights Online - Śr, 2020-04-01 22:50
Cloudflare introduced today '1.1.1.1 for Families,' a privacy-focused DNS resolver designed to help parents in their efforts to safeguard their children's online security and privacyââââââ by automatically filtering out bad sites. From a report: This new tool makes it simple for parents to add protection from malware and adult content to the entire home network, allowing them to focus on working from home instead of worrying about their kids' online safety. "1.1.1.1 for Families leverages Cloudflare's global network to ensure that it is fast and secure around the world," Cloudflare's CEO Matthew Prince said in an announcement published today.

Read more of this story at Slashdot.

OpenWRT Code-Execution Bug Puts Millions of Devices At Risk

Slashdot - Your Rights Online - Śr, 2020-04-01 12:00
Dan Goodin writes via Ars Technica: For almost three years, OpenWRT -- the open source operating system that powers home routers and other types of embedded systems -- has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital signature verifications are easy to bypass, a researcher said. Security researcher Guido Vranken, however, recently found that updates and installation files were delivered over unencrypted HTTPs connections, which are open to attacks that allow adversaries to completely replace legitimate updates with malicious ones. The researcher also found that it was trivial for attackers with moderate experience to bypass digital-signature checks that verify a downloaded update as the legitimate one offered by OpenWTR maintainers. The combination of those two lapses makes it possible to send a malicious update that vulnerable devices will automatically install. [...] The researcher said that OpenWRT maintainers have released a stopgap solution that partially mitigates the risk the bug poses. The mitigation requires new installations to be "set out from a well-formed list that would not sidestep the hash verification. However, this is not an adequate long-term solution because an attacker can simply provide an older package list that was signed by the OpenWRT maintainers." From there, attackers can use the same exploits they would use on devices that haven't received the mitigation. OpenWRT maintainers didn't immediately respond to questions asking why installation and update files are delivered over HTTP and when a longer-term fix might be available. In the meantime, OpenWRT users should install either version 18.06.7 or 19.07.1, both of which were released in February. These updates provide the stopgap mitigation.

Read more of this story at Slashdot.

Marriott Discloses New Data Breach Impacting 5.2 Million Guests

Slashdot - Your Rights Online - Śr, 2020-04-01 02:30
An anonymous reader quotes a report from CNET: Marriott International said Tuesday that names, mailing addresses, loyalty account numbers and other personal information of an estimated 5.2 million guests may've been exposed in a data breach. This is the second major security incident to hit the hotel group in less than two years. Marriott said it spotted that an "unexpected amount" of guest information may've been accessed at the end of February using the login credentials of two employees at a franchise property. The hotel group said information exposed may include names, addresses, emails, phone numbers and birthdays as well as loyalty account details and information like room preferences. Marriott said the investigation is ongoing but that it doesn't believe credit card numbers, passport information or driver's license numbers were exposed. In 2018, Marriott announced that hackers compromised the reservation database for its Starwood division, exposing records of up to 383 million guests and more than 5 million passport numbers.

Read more of this story at Slashdot.

Zoom is Leaking Peoples' Email Addresses and Photos To Strangers

Slashdot - Your Rights Online - Wt, 2020-03-31 22:01
Popular video-conferencing Zoom is leaking personal information of at least thousands of users, including their email address and photo, and giving strangers the ability to attempt to start a video call with them through Zoom. From a report: The issue lies in Zoom's "Company Directory" setting, which automatically adds other people to a user's lists of contacts if they signed up with an email address that shares the same domain. This can make it easier to find a specific colleague to call when the domain belongs to an individual company. But multiple Zoom users say they signed up with personal email addresses, and Zoom pooled them together with thousands of other people as if they all worked for the same company, exposing their personal information to one another.

Read more of this story at Slashdot.

Authors, Publishers Condemn the 'National Emergency Library' As 'Piracy'

Slashdot - Your Rights Online - Wt, 2020-03-31 05:30
An anonymous reader quotes a report from NPR: Last week, when the Internet Archive announced its "National Emergency Library," expanding access to more than a million digitized works, the group explained the move as a goodwill gesture in the time of coronavirus. With so many brick-and-mortar libraries forced to close their doors, in other words, the group was opening up its lending program: Now, instead of its usual policy of just one digital copy per reader for a 14-day period, many frustrated readers could borrow copies of the same book during the same time -- and could do so through the end of June or the end of the global pandemic, whichever came sooner. But there's one major issue that several media outlets, including NPR, failed to mention in covering the decision: Many writers and publishers say the website, even before the creation of this National Emergency Library, has been sharing full digital copies of their books without their permission. And over the weekend, dozens of prominent authors, from Colson Whitehead and Neil Gaiman to Alexander Chee, made clear that they were upset with the Internet Archive's model -- and doubly so now, with the expansion of lending services and its timing. "With mean writing incomes of only $20,300 a year prior to the crisis, authors, like others, are now struggling all the more â" from cancelled book tours and loss of freelance work, income supplementing jobs, and speaking engagements," the Authors Guild, a professional group that provides legal assistance to writers, said in a statement released Friday. "And now they are supposed to swallow this new pill, which robs them of their rights to introduce their books to digital formats as many hundreds of midlist authors do when their books go out of print, and which all but guarantees that author incomes and publisher revenues will decline even further." "Acting as a piracy site -- of which there already are too many -- the Internet Archive tramples on authors' rights by giving away their books to the world," the guild added. The Internet Archive pushed back against this characterization with a lengthy rebuttal. Brewster Kahle of the Internet Archive said the group "uses the same controls limiting access to these works as the publishers themselves, with encrypted files that are meant to disappear from the user's computer after a brief period," reports NPR. "The copies the group lends, Kahle said, are owned by the Internet Archive -- either through donations, straight-up purchases or collaborations with brick-and-mortar libraries."

Read more of this story at Slashdot.

Court Finds Algorithm Bias Studies Don't Violate US Anti-Hacking Law

Slashdot - Your Rights Online - Pn, 2020-03-30 13:34
"A federal court in D.C. has ruled in a lawsuit against Attorney General William Barr that studies aimed at detecting discrimination in online algorithms don't violate the Computer Fraud and Abuse Act," reports Engadget: The government argued that the Act made it illegal to violate a site's terms of service through some investigative methods (such as submitting false info for research), but Judge John Bates determined that the terms only raised the possibility of civil liability, not criminal cases. Bates observed that many sites' terms of service (which are frequently buried, cryptic or both) didn't provide a good-enough notice to make people criminally liable, and that it's problematic for private sites to define criminal liability. The judge also found that the government was using an overly broad interpretation when it's supposed to use a narrow view whenever there's ambiguity. "Researchers who test online platforms for discriminatory and rights-violating data practices perform a public service," wrote the staff attorney for the American Civil Liberties Union (which filed the suit "on behalf of academic researchers, computer scientists, and journalists who wish to investigate companies' online practices.") "They should not fear federal prosecution for conducting the 21st-century equivalent of anti-discrimination audit testing." Their announcement notes it's the kind of testing used by journalists "who exposed that advertisers were using Facebook's ad-targeting algorithm to exclude users from receiving job, housing, or credit ads based on race, gender, age, or other classes protected from discrimination in federal and state civil rights laws."

Read more of this story at Slashdot.

What Happens When Epidemiologists are Undermined By Politics?

Slashdot - Your Rights Online - Pn, 2020-03-30 09:34
Earlier this month Slashdot covered the Imperial College in London forecast of "what happens if the U.S. does absolutely nothing to combat COVID-19," which predicted 2.2 million deaths just in the U.S. and another 510,000 in Great Britain. The paper was co-written by Neil Ferguson, one of the world's leading epidemiologists, and "launched leaders in both countries into action," according to the Washington Post. Earlier this month Ferguson posted on Twitter that Microsoft and GitHub are working to "document, refactor and extend" the thousands of lines of C code written over 13 years ago to run pandemic simulations, "to allow others to use [it] without the multiple days training it would currently require (and which we don't have time to give)." But the Washington Post's national health correspondent and senior political reporter look at a new twist this week: In recent days, a growing contingent of Trump supporters have pushed the narrative that health experts are part of a deep-state plot to hurt Trump's reelection efforts by damaging the economy and keeping the United States shut down as long as possible. Trump himself pushed this idea in the early days of the outbreak... After Ferguson gave new testimony to British officials Wednesday...Fox News host Laura Ingraham wrongly stated that in his testimony Ferguson's projection had been "corrected." The chyron on her show Thursday night stated, "Faulty models may be skewing COVID-19 data...." But in fact, Ferguson had not revised his projections in his testimony, which he made clear in interviews and Twitter. His earlier study had made clear the estimate of 500,000 deaths in Britain and 2.2 million in the United States projected what could happen if both took absolutely no action against the coronavirus. The new estimate of 20,000 deaths in Britain was a projected result now that Britain had implemented strict restrictions, which this week came to include a full lockdown... [O]ne factor many modelers failed to predict was how politicized their work would become in the era of President Trump, and how that in turn could affect their models.

Read more of this story at Slashdot.

Ask Slashdot: Should the Internet Be A Public Utility?

Slashdot - Your Rights Online - Pn, 2020-03-30 06:34
The pandemic has "proven conclusively that the internet should be a public utility," argues Quartz. "It's a basic necessity in the 21st century, like running water, gas, and electricity. Indeed, the United Nations in 2016 declared that internet access is a human right." Sure, you could theoretically survive without it, just as you might light your home with candles or warm it by fire. Just as you could arguably trek to the closest freshwater source and walk back with buckets of the life-sustaining stuff. But in wealthy societies, like the U.S., those are absurd notions. Living under such conditions is virtually impossible and endangers everyone... [T]hough we have a whole lot of social woes to contend with right now -- pressing medical and economic needs -- it's not too soon to recognize that internet service providers' profits are not the top priority and that lack of access exacerbates existing class divides.... Increasingly, towns, cities, and states are taking a close look at Chattanooga, Tennessee, which built its own high-speed fiber-optic internet network in 2009. A 2018 Consumer Reports survey found the city's broadband was rated best in the US. There are already more than 500 communities nationwide operating public networks or leveraging their massive contracts with broadband providers to ensure free wiring of schools, libraries, and other publicly-accessible wifi hotspots. This patchwork approach to public access is taking hold across the U.S. and there is a growing understanding that internet access is a social issue that has to be addressed by governments, not private companies operating with profit as their sole motivator. Perhaps after the pandemic panic gives way to a new state of normalcy, the people will demand inexpensive and reliable high-quality broadband, and maybe private internet service providers will have to sing a different tune. An anonymous reader asked how exactly this could be accomplished, and long-time Slashdot reader Futurepower(R) suggested towns and cities should own the fiber lines, and then rent it out "to as many Internet-providing companies as are interested." But the original submission also asks, "If you aren't convinced yet, why not?" So share your own opinions in the comments. Should the internet be a public utility?

Read more of this story at Slashdot.

America's FDA Eases Restrictions on Mask-Sterilizing Technology Amid Coronavirus Shortages

Slashdot - Your Rights Online - Pn, 2020-03-30 01:47
USA Today reports: Ohio Governor Mike DeWine Sunday afternoon said federal officials have promised to ease restrictions on a technology to clean and reuse the masks deemed the safest for healthcare workers and first responders in the coronavirus outbreak.... Officials are scrambling for the N95 masks and other protective equipment for health care workers as the number of COVID-19 cases is expected to spike over the coming months. On Saturday, DeWine publicly pleaded with the FDA to approve an emergency-use permit for [Columbus-based research firm] Battelle's technology amid a shortage of personal protective equipment, including masks.... The U.S. death total has doubled in two days, climbing above 2,300 Sunday. Dr. Anthony Fauci, who has been a leading voice in the effort to curb the outbreak, said 100,000 to 200,000 Americans could die before the crisis is over. DeWine said those numbers make it urgent for the FDA to clean as many masks as it can... The Battelle process uses "vapor phase hydrogen peroxide" to sanitize the N95 masks, allowing them to be reused up to 20 times, the company said in a statement. Each of the company's Critical Care Decontamination Systems can sterilize 80,000 masks per day, Battelle said... DeWine on Sunday said the FDA authorized Battelle to sterilize just 10,000 surgical masks a day. "They're only approved a fraction of what we can do," DeWine said during the press conference. But DeWine said in his afternoon press conference that an FDA commissioner told him "this would be cleared up today."

Read more of this story at Slashdot.

After 5 Years of Construction, 'Space Fence' Finally Declared Operational

Slashdot - Your Rights Online - N, 2020-03-29 21:59
An anonymous reader quotes Space News: The space surveillance radar site known as the Space Fence is ready for use after five years in construction, the U.S. Space Force announced March 27. The $1.5 billion Space Fence — located on Kwajalein Island in the Republic of the Marshall Islands — is a ground-based radar system that tracks satellites and space debris primarily in low Earth orbit... The Space Fence can track tiny objects as small as a marble. It also provides a search capability for objects at higher orbits. Data from the Space Fence will feed into the military's Space Surveillance Network. The Space Surveillance Network tracks about 26,000 objects. The addition of the Space Fence will increase the catalog size significantly over time, the Space Force said in a news release... "Space Fence is revolutionizing the way we view space by providing timely, precise orbital data on objects that threaten both manned and unmanned military and commercial space assets," said Chief of Space Operations Gen. John Raymond.

Read more of this story at Slashdot.

Remote City Council Meeting Interrupted By Pornographic Videos

Slashdot - Your Rights Online - N, 2020-03-29 18:34
Friday's first-ever remote meeting for the Los Angeles City Council had to shut down for 20 minutes because of pranksters posting "pornographic videos". The Los Angeles Daily News has the story: Council President Nury Martinez called a recess about an hour into the meeting, which is centered around a Los Angeles-centric relief package for workers, renters and homeless people during the public health crisis. She said there were "inappropriate videos" being posted. Soon afterward, city officials' voices could be heard discussing turning peoples' video capabilities off on the channel. The reporter posted on Twitter that the meeting faced other challenges. "Councilman Joe Buscaino just yelled at his kids to be quiet." ("Maybe it's past Joe's bedtime," joked an assistant news editor.) The meeting ran on for nearly 11 hours, and by the end just six people remained in Zoom's meeting room. "Seven people on the 15-member City Council voted to ban all evictions in Los Angeles, with 6 against. But that was not enough to pass the ban. They needed 8 votes."

Read more of this story at Slashdot.

Zoom Removes Code That Sends Data to Facebook

Slashdot - Your Rights Online - N, 2020-03-29 16:41
An anonymous reader quotes Motherboard: On Friday video-conferencing software Zoom issued an update to its iOS app which stops it sending certain pieces of data to Facebook. The move comes after a Motherboard analysis of the app found it sent information such as when a user opened the app, their timezone, city, and device details to the social network giant. When Motherboard analyzed the app, Zoom's privacy policy did not make the data transfer to Facebook clear. "Zoom takes its users' privacy extremely seriously. We originally implemented the 'Login with Facebook' feature using the Facebook SDK in order to provide our users with another convenient way to access our platform. However, we were recently made aware that the Facebook SDK was collecting unnecessary device data," Zoom told Motherboard in a statement on Friday.... "We sincerely apologize for this oversight, and remain firmly committed to the protection of our users' data," Zoom's statement concluded.

Read more of this story at Slashdot.

Doc Searls: 'Zoom Needs to Clean Up Its Privacy Act'

Slashdot - Your Rights Online - So, 2020-03-28 20:38
The former editor-in-chief of the Linux Journal just published an annotated version of Zoom's privacy policy. Searls calls it "creepily chummy with the tracking-based advertising biz (also called adtech). I'll narrow my inquiry down to the "Does Zoom sell Personal Data?" section of the privacy policy, which was last updated on March 18. The section runs two paragraphs, and I'll comment on the second one, starting here: Zoom does use certain standard advertising tools which require Personal Data ... What they mean by that is adtech. What they're also saying here is that Zoom is in the advertising business, and in the worst end of it: the one that lives off harvested personal data. What makes this extra creepy is that Zoom is in a position to gather plenty of personal data, some of it very intimate (for example with a shrink talking to a patient) without anyone in the conversation knowing about it. (Unless, of course, they see an ad somewhere that looks like it was informed by a private conversation on Zoom.) A person whose personal data is being shed on Zoom doesn't know that's happening because Zoom doesn't tell them. There's no red light, like the one you see when a session is being recorded. If you were in a browser instead of an app, an extension such as Privacy Badger could tell you there are trackers sniffing your ass. And, if your browser is one that cares about privacy, such as Brave, Firefox or Safari, there's a good chance it would be blocking trackers as well. But in the Zoom app, you can't tell if or how your personal data is being harvested. (think, for example, Google Ads and Google Analytics). There's no need to think about those, because both are widely known for compromising personal privacy. (See here. And here. Also Brett Frischmann and Evan Selinger's Re-Engineering Humanity and Shoshana Zuboff's In the Age of Surveillance Capitalism.) Zoom claims it needs personal data to "improve" its users "experience" with ads -- though Searls isn't satisfied. ("Nobody goes to Zoom for an 'advertising experience,' personalized or not. And nobody wants ads aimed at their eyeballs elsewhere on the Net by third parties using personal information leaked out through Zoom.") His conclusion? "What Zoom's current privacy policy says is worse than 'You don't have any privacy here.' It says, 'We expose your virtual necks to data vampires who can do what they will with it.'"

Read more of this story at Slashdot.

US Officials Reportedly Agree To Cut Off Huawei From Global Chip Suppliers

Slashdot - Your Rights Online - So, 2020-03-28 03:25
Senior U.S. government officials have agreed to new rules to cut off Huawei from global chip suppliers, according to a Reuters report Thursday, citing sources familiar with the matter. CNET reports: Under the new measures, foreign companies that use American chipmaking equipment would first need to secure a license before supplying some chips to Huawei, the report says. The focus of the new rules is to restrict the sale of more sophisticated chips to the Chinese telecom giant rather than generic, more widely available chips. Trump hasn't signed off on the proposed new measures yet, but if he does, a slew of US tech companies stand to lose, like Apple and Qualcomm along with Huawei. It could also negatively impact the world's largest chipmaker, Taiwan's TSMC, the report says.

Read more of this story at Slashdot.

Trump Signs $2 Trillion Coronavirus Relief Bill

Slashdot - Your Rights Online - Pt, 2020-03-27 23:20
President Trump on Friday signed into law the largest economic stimulus package in modern American history, backing a $2 trillion measure that expands on a Republican proposal issue last week called the CARES Act -- the Coronavirus Aid, Relief, and Economic Security Act. The New York Times reports: Under the law, the government will deliver direct payments and jobless benefits for individuals, money for states and a huge bailout fund for businesses battered by the crisis. Mr. Trump signed the measure in the Oval Office hours after the House approved it by voice vote and less than two days after the Senate unanimously passed it. The legislation will send direct payments of $1,200 to millions of Americans, including those earning up to $75,000, and an additional $500 per child. It will substantially expand jobless aid, providing an additional 13 weeks and a four-month enhancement of benefits, and for the first time will extend the payments to freelancers and gig workers. The measure will also offer $377 billion in federally guaranteed loans to small businesses and establish a $500 billion government lending program for distressed companies reeling from the crisis, including allowing the administration the ability to take equity stakes in airlines that received aid to help compensate taxpayers. It will also send $100 billion to hospitals on the front lines of the pandemic. You can read the bill yourself here.

Read more of this story at Slashdot.

US Space Force Successfully Launches First Mission

Slashdot - Your Rights Online - Pt, 2020-03-27 09:00
schwit1 shares a report from UPI: The first official mission for the new U.S. Space Force lifted off from Florida at 4:18 p.m. EDT on Thursday into a virtually cloudless sky with a military communications satellite aboard. A United Launch Alliance Atlas V rocket emblazoned with the Space Force chevron logo carried the satellite toward orbit from Cape Canaveral Air Force Stations Complex 41. The payload on board is the sixth in a constellation of next-generation satellites known as Advanced Extremely High Frequency or AEHF. The satellite system, developed by Lockheed Martin, has upgraded anti-jamming capability. Northrop Grumman is the manufacturer. The new network provides global coverage for national leaders and tactical warfighters operating on the ground, at sea or in the air, Lockheed said. The anti-jam system also serves international allies such as Canada, the Netherlands, United Kingdom and Australia.

Read more of this story at Slashdot.

'League' of Cybersecurity Professionals Band Together To Help Hospitals Fight Off Hackers

Slashdot - Your Rights Online - Pt, 2020-03-27 01:20
pgmrdlm shares a report from NBC News: A growing group of cybersecurity professionals is volunteering their expertise to help hospitals fight off hackers while doctors and nurses fight the coronavirus. Calling themselves the CTI League -- Countering Threat Intelligence, and a nod to the superhero team the Justice League -- the group has swelled from a handful of professionals to 450 members worldwide in less than two weeks. "If some hospital gets attacked by some ransomware and wouldn't be able to pay, people will die because they wouldn't be able to get the medical services needed," said the group's founder, Ohad Zaidenberg. Coordinating over Slack, the CTI League identifies what types of vulnerabilities active hackers are using, then searches for hospitals and other medical facilities that might be vulnerable to them so that they can fix them first. "The first thing we want to do is neutralize attacks before they happen. The second is to help any medical organization after they are attacked," Zaidenberg said.

Read more of this story at Slashdot.

Zoom iOS App Sends Data to Facebook Even if You Don't Have a Facebook Account

Slashdot - Your Rights Online - Cz, 2020-03-26 22:05
As people work and socialize from home, video conferencing software Zoom has exploded in popularity. What the company and its privacy policy don't make clear is that the iOS version of the Zoom app is sending some analytics data to Facebook, even if Zoom users don't have a Facebook account, according to a Motherboard analysis of the app. From the report: This sort of data transfer is not uncommon, especially for Facebook; plenty of apps use Facebook's software development kits (SDK) as a means to implement features into their apps more easily, which also has the effect of sending information to Facebook. But Zoom users may not be aware it is happening, nor understand that when they use one product, they may be providing data to another service altogether. "That's shocking. There is nothing in the privacy policy that addresses that," Pat Walshe, an activist from Privacy Matters who has analyzed Zoom's privacy policy, said in a Twitter direct message. Upon downloading and opening the app, Zoom connects to Facebook's Graph API, according to Motherboard's analysis of the app's network activity. The Graph API is the main way developers get data in or out of Facebook. UPDATE: On Friday March 27, Zoom updated its iOS app to stop sending data to Facebook. "We originally implemented the 'Login with Facebook' feature using the Facebook SDK in order to provide our users with another convenient way to access our platform," Zoom told Motherboard. "However, we were recently made aware that the Facebook SDK was collecting unnecessary device data. We sincerely apologize for this oversight..."

Read more of this story at Slashdot.

A Hacker Stole and Leaked the Xbox Series X Graphics Source Code

Slashdot - Your Rights Online - Cz, 2020-03-26 15:00
An anonymous reader quotes a report from Engadget: AMD has been having a particularly rough few months, apparently. The chip designer has revealed that a hacker stole test files for a "subset" of current and upcoming graphics hardware, some of which had been posted online before they were taken down. While AMD was shy on details, the claimed intruder told TorrentFreak that the material included source code for Navi 10 (think Radeon RX 5700 series), the future Navi 21 and the Arden GPU inside the Xbox Series X. The self-proclaimed hacker added that she wanted $100 million for the source code and threatened to "leak everything" if there was no buyer. She reportedly found the GPU data in a "hacked computer" in November, although AMD said it hadn't been approached until December. AMD doesn't appear to be bowing under pressure. It believed the stolen code was "not core to the competitiveness or security" of its products, and said there was an "ongoing criminal investigation."

Read more of this story at Slashdot.