[10228] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, June 2, 2014
daemon@ATHENA.MIT.EDU (Monique Buchanan)
Mon Jun 2 14:45:09 2014
Resent-From: ist-security-fyi@MIT.EDU
From: Monique Buchanan <myeaton@MIT.EDU>
To: ist-security-fyi <ist-security-fyi@MIT.EDU>
Date: Mon, 2 Jun 2014 18:44:04 +0000
Message-ID: <2642307C-250F-461E-AC76-0E28A720A926@mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2140730268=="
Errors-To: ist-security-fyi-bounces@MIT.EDU
--===============2140730268==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_2642307C250F461EAC760E28A720A926mitedu_"
--_000_2642307C250F461EAC760E28A720A926mitedu_
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. The eBay Data Breach
2. Sites Hosted by WordPress Can Be Hijacked
3. TrueCrypt Retired?
4. Signs of a Compromised MIT Account
----------------------------------
1. The eBay Data Breach
----------------------------------
On May 21 eBay announced that it suffered a major data breach, exposing per=
sonal data of up to 233 million registered users. The company is now being =
investigated by three states with a joint probe into its security practices=
.
eBay has been criticized for taking three months to notice the breach and t=
hen a few more weeks before making an announcement. No mass email was sent,=
but they did post a warning to their website, originally with a =93learn m=
ore=94 link that lead to a blank page (now fixed).
eBay is telling all customers to reset their password<http://www.ebay.com/r=
eset?_trkparms=3Dclkid%3D7201697038475507917>. If members used their passwo=
rd at other sites, they should change their passwords for those sites as we=
ll.
The data was stolen via a number of compromised employee credentials, accor=
ding to eBay. The thieves were then able to access the company=92s corporat=
e network.
What did the thieves get? There was no financial or other confidential pers=
onal information in the compromised database. But the thieves did get hold =
of real names, email addresses, phone numbers and home addresses of custome=
rs in addition to their passwords, which were encrypted.
Read the story in the news here<http://www.techrepublic.com/article/the-eba=
y-data-compromise-what-you-need-to-know/> and here<http://www.fool.com/inve=
sting/general/2014/05/27/ebay-data-breach-response-teaches-everyone-how-not=
.aspx>.
---------------------------------------------------------------
2. Sites Hosted by WordPress Can Be Hijacked
---------------------------------------------------------------
If you run a WordPress site that is hosted by wordpress.com<http://wordpres=
s.com>, be careful about logging in from public wifi or another unsecured n=
etwork. The site could be hijacked even if two-factor authentication is in =
place.
The WordPress servers send an unencrypted cookie in plaintext that, if grab=
bed by someone else, could be used to bypass login requirements and give wh=
oever has the cookie access to the account holder's information with the ac=
count holder's privileges. WordPress sites self-hosted on servers with full=
HTTPS support are not vulnerable to the attack.
According to this article<http://arstechnica.com/security/2014/05/unsafe-co=
okies-leave-wordpress-accounts-open-to-hijacking-2-factor-bypass/>, a fix i=
s schedule with the next WordPress release.
-----------------------------
3. TrueCrypt Retired?
-----------------------------
The TrueCrypt open source encryption project<http://truecrypt.sourceforge.n=
et/> has ceased operations after issuing a warning on the site that the sof=
tware is no longer secure. The site includes instructions for users to migr=
ate to BitLocker and for decrypting files that were encrypted by TrueCrypt =
on the various platforms (Mac, Windows and Linux).
The TrueCrypt website mentions that development stopped in May 2014 after M=
icrosoft stopped supporting Windows XP. The reasons given as well as those =
not given are baffling some security experts. Some are positing that the co=
mpany received a National Security Letter and is doing what Lavabit did<htt=
p://www.newyorker.com/online/blogs/closeread/2013/08/the-nsa-and-its-target=
s-lavabit-shuts-down.html> to avoid disclosing customer data. Others have s=
uggested that it might be a hoax or an attack, or that the TrueCrypt develo=
pers found an overwhelming vulnerability. Another believes that the product=
will be available in the future<https://www.grc.com/misc/truecrypt/truecry=
pt.htm>, but under a different name and ownership. Earlier this year, TrueC=
rypt came under audit<http://istruecryptauditedyet.com/> and the project is=
currently in its second phase of formal cryptanalysis. TrueCrypt is also t=
he encryption tool endorsed by Edward Snowden<http://www.wired.com/2014/05/=
truecrypt/>.
There are alternatives to using TrueCrypt. IS&T at MIT offers PGP Full Disk=
Encryption for Windows and supports FileVault on the Mac: see full informa=
tion on these products in the KB<http://kb.mit.edu/confluence/x/HZIBCQ>.
These articles offer additional alternatives:
* PC World<http://www.pcworld.com/article/2304851/so-long-truecrypt-5-e=
ncryption-alternatives-that-can-lock-down-your-data.html>
* ghacks.net<http://www.ghacks.net/2014/05/29/list-truecrypt-encryption=
-alternatives/>
* techshout.com<http://www.ghacks.net/2014/05/29/list-truecrypt-encrypt=
ion-alternatives/>
Read the story in the news here<http://krebsonsecurity.com/2014/05/true-goo=
dbye-using-truecrypt-is-not-secure/> and here<http://arstechnica.com/securi=
ty/2014/05/truecrypt-security-audit-presses-on-despite-developers-jumping-s=
hip/>.
------------------------------------------------------
4. Signs of a Compromised MIT Account
------------------------------------------------------
When the IS&T Security Team receives notices of spam coming from MIT, one o=
f the things we do is verify that the emails actually came from an MIT acco=
unt. If not, we ask people to block or just delete these emails. To be sure=
people are staying aware of bogus emails, we remind people that MIT will n=
ever ask for personal information or ask our constituents to verify their a=
ccount information via email.
It happens at times that unwanted messages DO come from an MIT email accoun=
t. If so, the next question is whether the messages were sent deliberately =
(misuse of a mailing list, for example) or whether the email account was ha=
cked (compromised).
In the case of a compromised MIT account, the spammers have taken over the =
use of the account by logging in to the account as that user. They have the=
user=92s email address and password and are able to send out messages pret=
ending to be the account holder. This makes it trickier to prevent emails f=
rom arriving in our inboxes, because our servers will not block emails comi=
ng from within MIT.
Before responding to these emails by messaging the sender, be aware that th=
e legitimate account holder has nothing to do with the spam being sent. A r=
eply to their spam will also likely not be received by the account holder, =
but by another email account because the sender has modified the =93reply-t=
o=94 field.
There are a few indicators in full email headers that the message was sent =
by a spammer using a compromised MIT account. Find out how to spot the sign=
s<http://kb.mit.edu/confluence/x/uF8YCQ>.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Read all archived Security FYI Newsletter articles and submit comments onli=
ne at http://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Monique Buchanan
IT Security Communications Coordinator
Information Systems & Technology (IS&T)
Massachusetts Institute of Technology
http://ist.mit.edu/secure
tel: 617.253.2715
--_000_2642307C250F461EAC760E28A720A926mitedu_
Content-Type: text/html; charset="Windows-1252"
Content-ID: <C3606820A2CB9843975BF8B9BC092FA3@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-1=
252">
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space;">
<div style=3D"margin: 0px; font-family: Arial;">In this issue:</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">1. The eBay Data Breach</di=
v>
<div style=3D"margin: 0px; font-family: Arial;">2. Sites Hosted by WordPres=
s Can Be Hijacked</div>
<div style=3D"margin: 0px; font-family: Arial;">3. TrueCrypt Retired?</div>
<div style=3D"margin: 0px; font-family: Arial;">4. Signs of a Compromised M=
IT Account</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">---------------------------=
-------</div>
<div style=3D"margin: 0px; font-family: Arial;">1. The eBay Data Breach</di=
v>
<div style=3D"margin: 0px; font-family: Arial;">---------------------------=
-------</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">On May 21 eBay announced th=
at it suffered a major data breach, exposing personal data of up to 233 mil=
lion registered users. The company is now being investigated by three state=
s with a joint probe into its security
practices. </div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">eBay has been criticized fo=
r taking three months to notice the breach and then a few more weeks before=
making an announcement. No mass email was sent, but they did post a warnin=
g to their website, originally with
a =93learn more=94 link that lead to a blank page (now fixed).</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;"><a href=3D"http://www.ebay.=
com/reset?_trkparms=3Dclkid%3D7201697038475507917">eBay is telling all cust=
omers to reset their password</a>. If members used their password at other =
sites, they should change their passwords
for those sites as well.</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">The data was stolen via a n=
umber of compromised employee credentials, according to eBay. The thieves w=
ere then able to access the company=92s corporate network. </div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">What did the thieves get? T=
here was no financial or other confidential personal information in the com=
promised database. But the thieves did get hold of real names, email addres=
ses, phone numbers and home addresses
of customers in addition to their passwords, which were encrypted.</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">Read the story in the news =
<a href=3D"http://www.techrepublic.com/article/the-ebay-data-compromise-wha=
t-you-need-to-know/">
here</a> and <a href=3D"http://www.fool.com/investing/general/2014/05/27/eb=
ay-data-breach-response-teaches-everyone-how-not.aspx">
here</a>.</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">---------------------------=
------------------------------------</div>
<div style=3D"margin: 0px; font-family: Arial;">2. Sites Hosted by WordPres=
s Can Be Hijacked</div>
<div style=3D"margin: 0px; font-family: Arial;">---------------------------=
------------------------------------</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">If you run a WordPress site=
that is hosted by
<a href=3D"http://wordpress.com">wordpress.com</a>, be careful about loggin=
g in from public wifi or another unsecured network. The site could be hijac=
ked even if two-factor authentication is in place. </div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">The WordPress servers send =
an unencrypted cookie in plaintext that, if grabbed by someone else, could =
be used to bypass login requirements and give whoever has the cookie access=
to the account holder's information
with the account holder's privileges. WordPress sites self-hosted on serve=
rs with full HTTPS support are not vulnerable to the attack. </div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">According to <a href=3D"htt=
p://arstechnica.com/security/2014/05/unsafe-cookies-leave-wordpress-account=
s-open-to-hijacking-2-factor-bypass/">
this article</a>, a fix is schedule with the next WordPress release.</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">---------------------------=
--</div>
<div style=3D"margin: 0px; font-family: Arial;">3. TrueCrypt Retired?</div>
<div style=3D"margin: 0px; font-family: Arial;">---------------------------=
--</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">The <a href=3D"http://truec=
rypt.sourceforge.net/">
TrueCrypt open source encryption project</a> has ceased operations after is=
suing a warning on the site that the software is no longer secure. The site=
includes instructions for users to migrate to BitLocker and for decrypting=
files that were encrypted by TrueCrypt
on the various platforms (Mac, Windows and Linux). </div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">The TrueCrypt website menti=
ons that development stopped in May 2014 after Microsoft stopped supporting=
Windows XP. The reasons given as well as those not given are baffling some=
security experts. Some are positing
that the company received a National Security Letter and is doing <a href=
=3D"http://www.newyorker.com/online/blogs/closeread/2013/08/the-nsa-and-its=
-targets-lavabit-shuts-down.html">
what Lavabit did</a> to avoid disclosing customer data. Others have suggest=
ed that it might be a hoax or an attack, or that the TrueCrypt developers f=
ound an overwhelming vulnerability. Another
<a href=3D"https://www.grc.com/misc/truecrypt/truecrypt.htm">believes that =
the product will be available in the future</a>, but under a different name=
and ownership. Earlier this year,
<a href=3D"http://istruecryptauditedyet.com/">TrueCrypt came under audit</a=
> and the project is currently in its second phase of formal cryptanalysis.=
TrueCrypt is also the encryption tool
<a href=3D"http://www.wired.com/2014/05/truecrypt/">endorsed by Edward Snow=
den</a>.</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">There are alternatives to u=
sing TrueCrypt. IS&T at MIT offers PGP Full Disk Encryption for Windows=
and supports FileVault on the Mac:
<a href=3D"http://kb.mit.edu/confluence/x/HZIBCQ">see full information on t=
hese products in the KB</a>. </div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">These articles offer additi=
onal alternatives:</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<ul>
<li style=3D"margin: 0px; font-family: Arial;"><a href=3D"http://www.pcworl=
d.com/article/2304851/so-long-truecrypt-5-encryption-alternatives-that-can-=
lock-down-your-data.html">PC World</a>
</li><li style=3D"margin: 0px; font-family: Arial;"><a href=3D"http://www.g=
hacks.net/2014/05/29/list-truecrypt-encryption-alternatives/">ghacks.net</a=
>
</li><li style=3D"margin: 0px; font-family: Arial;"><a href=3D"http://www.g=
hacks.net/2014/05/29/list-truecrypt-encryption-alternatives/">techshout.com=
</a>
</li></ul>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">Read the story in the news =
<a href=3D"http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-=
is-not-secure/">
here</a> and <a href=3D"http://arstechnica.com/security/2014/05/truecrypt-s=
ecurity-audit-presses-on-despite-developers-jumping-ship/">
here</a>.</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">---------------------------=
---------------------------</div>
<div style=3D"margin: 0px; font-family: Arial;">4. Signs of a Compromised M=
IT Account</div>
<div style=3D"margin: 0px; font-family: Arial;">---------------------------=
---------------------------</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">When the IS&T Security =
Team receives notices of spam coming from MIT, one of the things we do is v=
erify that the emails actually came from an MIT account. If not, we ask peo=
ple to block or just delete these emails.
To be sure people are staying aware of bogus emails, we remind people that=
MIT will never ask for personal information or ask our constituents to ver=
ify their account information via email.</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">It happens at times that un=
wanted messages DO come from an MIT email account. If so, the next question=
is whether the messages were sent deliberately (misuse of a mailing list, =
for example) or whether the email
account was hacked (compromised).</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">In the case of a compromise=
d MIT account, the spammers have taken over the use of the account by loggi=
ng in to the account as that user. They have the user=92s email address and=
password and are able to send out messages
pretending to be the account holder. This makes it trickier to prevent ema=
ils from arriving in our inboxes, because our servers will not block emails=
coming from within MIT. </div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">Before responding to these =
emails by messaging the sender, be aware that the legitimate account holder=
has nothing to do with the spam being sent. A reply to their spam will als=
o likely not be received by the account
holder, but by another email account because the sender has modified the =
=93reply-to=94 field. </div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial;">There are a few indicators =
in full email headers that the message was sent by a spammer using a compro=
mised MIT account.
<a href=3D"http://kb.mit.edu/confluence/x/uF8YCQ">Find out how to spot the =
signs</a>.</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div style=3D"margin: 0px; font-family: Arial; min-height: 16px;"><br>
</div>
<div apple-content-edited=3D"true">
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; t=
ext-align: start; text-indent: 0px; text-transform: none; white-space: norm=
al; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-w=
rap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-=
space;">
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; t=
ext-align: start; text-indent: 0px; text-transform: none; white-space: norm=
al; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-w=
rap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-=
space;">
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; t=
ext-align: start; text-indent: 0px; text-transform: none; white-space: norm=
al; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-w=
rap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-=
space;">
<div style=3D"margin: 0px; font-family: Helvetica;">=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</div>
<div style=3D"margin: 0px; font-family: Helvetica;">Read all archived Secur=
ity FYI Newsletter articles and submit comments online at
<a href=3D"http://securityfyi.wordpress.com/"><span style=3D"color: rgb(4, =
46, 238);">http://securityfyi.wordpress.com/</span></a>.</div>
<div style=3D"margin: 0px; font-family: Helvetica;">=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</div>
<div style=3D"margin: 0px; font-family: Helvetica;"><br>
</div>
<div style=3D"margin: 0px; font-family: Helvetica;"><br>
</div>
Monique Buchanan<br>
IT Security Communications Coordinator<br>
Information Systems & Technology (IS&T)<br>
Massachusetts Institute of Technology<br>
<a href=3D"http://ist.mit.edu/secure">http://ist.mit.edu/secure</a><br>
tel: 617.253.2715<br>
<br>
<br>
</div>
</div>
</div>
</div>
<br>
</body>
</html>
--_000_2642307C250F461EAC760E28A720A926mitedu_--
--===============2140730268==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============2140730268==--
