After all, this is just another example of you Linux people have duplicated/imitated/copied yet another concept from the Windows world so you can do something already doable in Windows!
Not quite. We haven't actually duplicated, as far as I can tell, Active Directory service yet. Samba 4 is trying to do that, I think. I may be wrong about AD not being duplicated yet though.
Either way, Microsoft took LDAP (an established standard which Sun was already gearing up to use for authentication due to the failure of NIS+ and Novell had already been using for quite some time) and mixed it with Kerberos (an ages-old project available on UNIX for years) and tweaked both a little for incompatability's sake to make Active Directory. AD isn't a new concept - more or less, they were copying Novell and using existing tools to do it.
So getting Active Directory to work on Linux (or any mainstream UNIX, for that matter) is just a matter of working around the crap Microsoft added to the existing standards. IIRC, there's not a whole lot, and people have already done it as far as client machines are concerned.
Either way, your basic insinuation about copying is misplaced in this case. Active Directory has no value except in a Windows network. If you just want a network of Linux boxes to share authentication, you don't want Active Directory - there's much better ways of doing it. LDAP (which that's all FDS is - an LDAP server and tools) has a much broader scope than just Active Directory.
They're making billions selling products to people who know damn well the products are bad for them.
Good lord, everyone just assumes smokers don't know that smoking is bad for them. Yeah, we know. Yeah, we'll continue to smoke. We don't expect you to understand. But _no one_ starts smoking anymore without knowing that it's bad for them. This isn't the 1950's anymore.
My car is a '65 Ford Galaxie with a shot motor. I'm pretty sure it wouldn't pass, but either way, I just didn't want to deal with it.
The way I got away with it was that I kept my mailing address in Oklahoma, and any time it came up, I'd say that I spent half my time in Illinois and half my time in Oklahoma. Gets most cops off your back if they think you're migratory. My business was in Illinois, but as far as Illinois was concerned, I was a resident of Oklahoma.
It takes a bit of fast talking sometimes to get away with it, but it's not too hard, especially if you're single and don't have to worry about government assitance or children in school.
Or if someone gets shot, you can sue the gun manufacturer.
Or if someone breaks into your house and injures themselves, they can sue you for it.
Both have happened, so I wouldn't be surprised if someone would sue over this. I agree though that the contract probably has provisions limiting liability. That doesn't mean some asshole with a greedy lawyer won't try, and that with our broken ass system they won't win.
Same reason Oklahoma quit inspecting cars. Mechanics would want to be paid for such, and the government isn't paying. Mechanics were just making sure the lights and horn worked, 'cause to them, that was what $5 got you (which was the cost of the inspection). To do the full inspection was about $60 in labor, but they couldn't charge more than $5.
Besides, poor people don't get their car aligned. They just keep buying used tires for $15 a pop every few months. Usually only one or two tires needs replaced, anyway.
Emission tests mandated by the state, now, that could be added in. But not every state does that (one of the reasons that even while living in Illinois, I kept my plates as Oklahoma - no frikkin' emissions tests).
Car wiring is not rocket science. The only way offhand I can think of to make this too difficult for the average shadetree mechanic (which, people who can't afford car care quickly become or make friends with) is if it was wired into the ignition control module. That would require the manufacturers to make an interface for it.
Most likely, it's just inline with the keyswitch. Ten minutes and a $10 cable tool and I'd have that out for you. And I'm not a mechanic.
More effective would be to engage steering lock permanantly somehow, but that would make the vehicle hard to move or tow. Plus that 6'4" coworker with all the tatoos and the harley could just break it for you. Of course, it makes it harder to hide the car...
Re:I wouldn't buy a car with this system
on
High-Tech RepoMan
·
· Score: 2, Insightful
Actually, quite a lot of the people who have bad credit _know_ how to bypass this sort of thing.
You don't ask rich people to help you fix your car. Rich people who can fix cars are called "mechanics" and "shop owners", and won't help you for a twelve pack. Poor people fix their own cars, or junk 'em and buy another one for $300.
Now, bad with credit != poor, but bad with credit != stupid, either. And poor != stupid as well. But most people I know who are handy with a wrench fall below the poverty line.
It's similar to people calling refrigerators "iceboxes". Back in the day, before aluminum was cheap, people used tinfoil. Aluminum foil became the standard, but people kept calling it tinfoil because that's what they'd called it all their life.
Kind of like how some people call any tissue "Kleenex" no matter who manufactured it. Or sheetrock, for that matter.
You'd just need to talk all ISP's and service providers (your coffee shop, bar, restaurant, college, etc.) into adding it to their DNS servers. If every dns server claims that it's authoritative for.here, your idea will work.
Of course, that requires that they run DNS servers or at least have update access to the DNS server they use. Most of the small firewalls those places use don't have that capability. Still, having.here be a registered name wouldn't help it any.
I wouldn't know about 2003. My experience was with an older version, although for the life of me I can't remember which. I didn't have anything to do with the mail there, and the email guys installed it, but then I was the one that always got called to fix it 'cause I was standing in for the webmaster at the time.
The thing I always got called in on was that it would, for no reason, stop talking to the mail server. We had several servers, and the only fix was to go into the registry and change the string containing the mail server to another server. After the 20th time of doing that at 3am, you start to think someone in redmond hates your guts.
You know, the type of thing that if it happened in something like, say, squirrelmail, they'd have a fix for it in a couple days. There was no fix for this the six months I was acting webmaster, and I was taught the fix by the old webmaster before he got deployed.
Joy. Their "pioneering work" with outlook web access used to get me woken up in the middle of the night at least once a week to play with registry settings when the OWA server forgot how to talk to the mail servers.
Hopefully their foray into online advertising will be just as successful.
When I first had to make the decision on which to learn, PostgreSQL's documentation was rather lacking. MySQL, on the other hand, had fantastic documentation that filled a 3" binder. I was used to MS SQL Server, but for what I did with databases back then there wasn't that big a difference.
Note that it's not that way anymore. I've looked at PostgreSQL's documentation and it seems like it's pretty good. I'll be finding out soon, since I have to migrate some stuff over to it.
Throw in that MySQL used to be the fastest popular database around, most webhosting companies offer it, most people don't need advanced features (MySQL was pretty bare on these for a long time), and that it's had a lot of success stories (like slashdot), MySQL has been able to nearly take over the market for free databases.
I said it was designed to practice, test, and develop technologies that in and of themselves would be useful in developing a network that would survive a nuclear attack.
Which we already had in place and working. I know. Personal experience here. I worked with it. It was designed and implemented before the ARPANET, but after work on packet switching had already been done. Why didn't they use packet switching? Because message switching is more reliable for networks that have non-automated segments.
And of course the guys who signed the checks were thinking of military applications. Half my last post was military applications for the internet. Note that none of them involve it being a communications system - because it wasn't designed as a communications system at all, much less an emergency one.
How can everyone who worked on the project be unaware of what the goals of the project were? That doesn't make sense. The higher-ups were the same people who controlled the architecture and layout of the ARPANET. They would have had to have known what the goals were (someone has to know, after all). Wouldn't some of that research show up on the maps? I've seen them - lots of branches, very few loops, central control at BBN.
Computers in the 80's were not considered communication tools by the government. Computers were used on the existing network to automate certain tasks, but the messages were all made to be able to route by hand if necessary. Work backward, and this is especially true considering the expensive and bulky minis and mainframes available in the 60's and 70's. ARPANET was designed to share computer resources. Otherwise, you'd see voice and simple (teletype-style) communication hardware developed for the ARPANET that was portable. Why wasn't it? Because they already had it!
Somone with a couple suitcases of equipment could plug into the existing redundant communications system already in place in 1969 when the ARPANET project started. It was secure, it was easy to use (for the day), and reliable enough that one medium sized military base would receive thousands of messages a day over it. It could be handled by a minicomputer or by someone sitting in front of a simple teletype plugged into the cable. It could be used by ships over radio, submarines with intermittant contact, satillite, telephone modems, anything - and it was as secure as military communications get. The system was good enough that it was still in use when I left the service in 2002. I could have sat down, plugged in a teletype from 1965, and sent a message to the president personally if I had felt like getting an article 15 for it.
Given that all this already existed, and the government was not secretive about the existance of it (airports and civilian ships used it, as well as NATO countries and embassies), why would they try to build the ARPANET to those standards, and if so, why hide it?
Sometimes the official version is true, you know. It's not always spin. And sometimes the nasty (and really, what would have been so nasty about it anyway?) version is RUMOR and MISCONCEPTION. And that, my friend, is what you're spreading.
Most voting americans don't have a clue about what their cantidates actually stand for, outside of things like "I do/do not support abortion", "I talk to god", "more jobs are good", and any dirt their opponent brings up, which is usually pointless bullshit that has nothing to do with how well he can run the country. They just vote their party and go on, while the democratic machine breaks down.
I would hope that Bush would be a wake up call, but I know better. More of the same, 2008.
Just curious, but what's a gange farmer? I know that's probably a misspelling, but the only thing I could find on "gange" was a verb that involved tying a fishhook.
It's called, "We own it, we're not giving it to you, so why don't you go cry," EU sons of bitches.
If my neighbors voted to take all my stuff from my house, and I've got a loaded gun, plenty of ammo, and a "no trespassing" sign, guess who's takin' my stuff?
Well, my neighbors' families, after they take me to civil court over shooting their family members, probably, but certainly not my neighbors.
Creating your own root servers and forcing migration isn't feasible. European business, government, and citizenry have too much invested in the current system, and the migration costs would be insane.
It's an empty threat. They can't do it, unless they do it over a span of ten years or so, and even then they'll meet a lot of resistance. Once businesses find out how much they'll be paying for this little political move, they'll drop their support faster than you can say 'needless expenditure'.
The address pool is limited. Granted, we could arrange a deal by treaty for this, I suppose, and the U. N. could probably hand out the address space. This would make sense for IPv6, actually. But be that as it may, someone has to say who gets what addresses. Otherwise it'd be the backbone providers duking it out.
The name situation is similar, in a way. Someone has to dictate who has control over the DNS repository. There has to be some kind of global naming system, and DNS is the best we have. ICANN allows different registrars to assign names (although there is some corruption in that deal - check verisign, for instance) for the non-country TLD's (other than.mil and.gov), and the country-specific TLD's are left to the government of those countries to manage. New TLD's have to be approved before they can be used. If the name servers were just all over the place, running with no centralized control, then you'd get (besides conflicts and stupid shit like verisign's ad crap) a situation where your internet service was different between ISP's. Remember, 99% of the population doesn't know what DNS is, much less how to change their settings for nameservers.
The current situation is far from perfect, but changing the way the name system works will be much, much harder than converting to IPv6, for instance. So we're stuck with the current system for the foreseeable future.
The only way the U. N. could have any sort of control at all over this would be in a long-term takeover, since the U. S. isn't going to hand it over to them. The name system could be changed, but only gradually and under government mandate. The two systems would need to work together for a while, and there would have to be several years for people to migrate. If you went with a radical change - i.e. not using DNS at all, but something else - it would be even more severe, as it would break compatability with older software.
And if you follow the debates, most of the world will use the new root servers that will be offered by the UN.
In communist countries, maybe.
The capitalist countries, that'd be a hard line to push. You can't change the addressing, period, if you want to talk to each other - so they'll have to follow the "numbers" part of ICANN or they'll end up being completely cut off from the U. S. altogether. So that just leaves the names, which by moving to a new system will break every link on the web, every remote hostname setting on every ecommerce system, and end up creating major damage to the business infastructure of any country that tries this. Businesses will rally against it hard, and if there's one thing most governments listen to, it's business.
The politicians and emmisaries can talk all they want, but it will change nothing. Only a very, very heavy handed government could do this and pull it off - and even China isn't blocking the U. S. root servers.
Typical knee-jerk reaction, I'd just ignore it. The U. S. wouldn't declare war over this. And really, this is an economic thing anyway - if the U. N. or the E. U. set up their own servers, it wouldn't be more than a few months before there was a compatability system working between the two, so any user on the 'net would have access to both systems seamlessly.
That said, I don't see the U. S. giving control of the root servers to the U. N. Not that it gives us a lot of advantage, but there's no advantage for us giving it away, either. Remember, good or bad, Bush works for us, and the majority of us chose not to fire him when we had the chance.
Slashdot Mirror
After all, this is just another example of you Linux people have duplicated/imitated/copied yet another concept from the Windows world so you can do something already doable in Windows!
Not quite. We haven't actually duplicated, as far as I can tell, Active Directory service yet. Samba 4 is trying to do that, I think. I may be wrong about AD not being duplicated yet though.
Either way, Microsoft took LDAP (an established standard which Sun was already gearing up to use for authentication due to the failure of NIS+ and Novell had already been using for quite some time) and mixed it with Kerberos (an ages-old project available on UNIX for years) and tweaked both a little for incompatability's sake to make Active Directory. AD isn't a new concept - more or less, they were copying Novell and using existing tools to do it.
So getting Active Directory to work on Linux (or any mainstream UNIX, for that matter) is just a matter of working around the crap Microsoft added to the existing standards. IIRC, there's not a whole lot, and people have already done it as far as client machines are concerned.
Either way, your basic insinuation about copying is misplaced in this case. Active Directory has no value except in a Windows network. If you just want a network of Linux boxes to share authentication, you don't want Active Directory - there's much better ways of doing it. LDAP (which that's all FDS is - an LDAP server and tools) has a much broader scope than just Active Directory.
Since when has Japan been part of America?
Sony's a Japanese company, and the article is on a Japanese site.
They still use the same tactics. They're just chaning their image.
I'm sure they're sincere in wanting their image to change, but they're still lower than dirt.
They're making billions selling products to people who know damn well the products are bad for them.
Good lord, everyone just assumes smokers don't know that smoking is bad for them. Yeah, we know. Yeah, we'll continue to smoke. We don't expect you to understand. But _no one_ starts smoking anymore without knowing that it's bad for them. This isn't the 1950's anymore.
My car is a '65 Ford Galaxie with a shot motor. I'm pretty sure it wouldn't pass, but either way, I just didn't want to deal with it.
The way I got away with it was that I kept my mailing address in Oklahoma, and any time it came up, I'd say that I spent half my time in Illinois and half my time in Oklahoma. Gets most cops off your back if they think you're migratory. My business was in Illinois, but as far as Illinois was concerned, I was a resident of Oklahoma.
It takes a bit of fast talking sometimes to get away with it, but it's not too hard, especially if you're single and don't have to worry about government assitance or children in school.
Or if someone gets shot, you can sue the gun manufacturer.
Or if someone breaks into your house and injures themselves, they can sue you for it.
Both have happened, so I wouldn't be surprised if someone would sue over this. I agree though that the contract probably has provisions limiting liability. That doesn't mean some asshole with a greedy lawyer won't try, and that with our broken ass system they won't win.
Judges are contract interpreters. They decide if a contract has been upheld, and if not, what penalties apply to the failing party.
They don't enforce anything directly. That's for cops, the prison system, and whoever actually puts garnishes on your paycheck.
Of course, I always expected to see Judge Judy bang someone on the head with her gavel... I guess that would apply.
Same reason Oklahoma quit inspecting cars. Mechanics would want to be paid for such, and the government isn't paying. Mechanics were just making sure the lights and horn worked, 'cause to them, that was what $5 got you (which was the cost of the inspection). To do the full inspection was about $60 in labor, but they couldn't charge more than $5.
Besides, poor people don't get their car aligned. They just keep buying used tires for $15 a pop every few months. Usually only one or two tires needs replaced, anyway.
Emission tests mandated by the state, now, that could be added in. But not every state does that (one of the reasons that even while living in Illinois, I kept my plates as Oklahoma - no frikkin' emissions tests).
Car wiring is not rocket science. The only way offhand I can think of to make this too difficult for the average shadetree mechanic (which, people who can't afford car care quickly become or make friends with) is if it was wired into the ignition control module. That would require the manufacturers to make an interface for it.
Most likely, it's just inline with the keyswitch. Ten minutes and a $10 cable tool and I'd have that out for you. And I'm not a mechanic.
More effective would be to engage steering lock permanantly somehow, but that would make the vehicle hard to move or tow. Plus that 6'4" coworker with all the tatoos and the harley could just break it for you. Of course, it makes it harder to hide the car...
Actually, quite a lot of the people who have bad credit _know_ how to bypass this sort of thing.
You don't ask rich people to help you fix your car. Rich people who can fix cars are called "mechanics" and "shop owners", and won't help you for a twelve pack. Poor people fix their own cars, or junk 'em and buy another one for $300.
Now, bad with credit != poor, but bad with credit != stupid, either. And poor != stupid as well. But most people I know who are handy with a wrench fall below the poverty line.
It's similar to people calling refrigerators "iceboxes". Back in the day, before aluminum was cheap, people used tinfoil. Aluminum foil became the standard, but people kept calling it tinfoil because that's what they'd called it all their life.
Kind of like how some people call any tissue "Kleenex" no matter who manufactured it. Or sheetrock, for that matter.
That's a futurama reference, actually.
It's in the episode "Anthology of Interest I".
Tokyo is GMT+9.
You leave the U.S. today and get there tomorrow.
That needs a convention, not a reserved name.
.here, your idea will work.
.here be a registered name wouldn't help it any.
You'd just need to talk all ISP's and service providers (your coffee shop, bar, restaurant, college, etc.) into adding it to their DNS servers. If every dns server claims that it's authoritative for
Of course, that requires that they run DNS servers or at least have update access to the DNS server they use. Most of the small firewalls those places use don't have that capability. Still, having
I wouldn't know about 2003. My experience was with an older version, although for the life of me I can't remember which. I didn't have anything to do with the mail there, and the email guys installed it, but then I was the one that always got called to fix it 'cause I was standing in for the webmaster at the time.
The thing I always got called in on was that it would, for no reason, stop talking to the mail server. We had several servers, and the only fix was to go into the registry and change the string containing the mail server to another server. After the 20th time of doing that at 3am, you start to think someone in redmond hates your guts.
You know, the type of thing that if it happened in something like, say, squirrelmail, they'd have a fix for it in a couple days. There was no fix for this the six months I was acting webmaster, and I was taught the fix by the old webmaster before he got deployed.
Joy. Their "pioneering work" with outlook web access used to get me woken up in the middle of the night at least once a week to play with registry settings when the OWA server forgot how to talk to the mail servers.
Hopefully their foray into online advertising will be just as successful.
When I first had to make the decision on which to learn, PostgreSQL's documentation was rather lacking. MySQL, on the other hand, had fantastic documentation that filled a 3" binder. I was used to MS SQL Server, but for what I did with databases back then there wasn't that big a difference.
Note that it's not that way anymore. I've looked at PostgreSQL's documentation and it seems like it's pretty good. I'll be finding out soon, since I have to migrate some stuff over to it.
Throw in that MySQL used to be the fastest popular database around, most webhosting companies offer it, most people don't need advanced features (MySQL was pretty bare on these for a long time), and that it's had a lot of success stories (like slashdot), MySQL has been able to nearly take over the market for free databases.
I said it was designed to practice, test, and develop technologies that in and of themselves would be useful in developing a network that would survive a nuclear attack.
Which we already had in place and working. I know. Personal experience here. I worked with it. It was designed and implemented before the ARPANET, but after work on packet switching had already been done. Why didn't they use packet switching? Because message switching is more reliable for networks that have non-automated segments.
And of course the guys who signed the checks were thinking of military applications. Half my last post was military applications for the internet. Note that none of them involve it being a communications system - because it wasn't designed as a communications system at all, much less an emergency one.
How can everyone who worked on the project be unaware of what the goals of the project were? That doesn't make sense. The higher-ups were the same people who controlled the architecture and layout of the ARPANET. They would have had to have known what the goals were (someone has to know, after all). Wouldn't some of that research show up on the maps? I've seen them - lots of branches, very few loops, central control at BBN.
Computers in the 80's were not considered communication tools by the government. Computers were used on the existing network to automate certain tasks, but the messages were all made to be able to route by hand if necessary. Work backward, and this is especially true considering the expensive and bulky minis and mainframes available in the 60's and 70's. ARPANET was designed to share computer resources. Otherwise, you'd see voice and simple (teletype-style) communication hardware developed for the ARPANET that was portable. Why wasn't it? Because they already had it!
Somone with a couple suitcases of equipment could plug into the existing redundant communications system already in place in 1969 when the ARPANET project started. It was secure, it was easy to use (for the day), and reliable enough that one medium sized military base would receive thousands of messages a day over it. It could be handled by a minicomputer or by someone sitting in front of a simple teletype plugged into the cable. It could be used by ships over radio, submarines with intermittant contact, satillite, telephone modems, anything - and it was as secure as military communications get. The system was good enough that it was still in use when I left the service in 2002. I could have sat down, plugged in a teletype from 1965, and sent a message to the president personally if I had felt like getting an article 15 for it.
Given that all this already existed, and the government was not secretive about the existance of it (airports and civilian ships used it, as well as NATO countries and embassies), why would they try to build the ARPANET to those standards, and if so, why hide it?
Sometimes the official version is true, you know. It's not always spin. And sometimes the nasty (and really, what would have been so nasty about it anyway?) version is RUMOR and MISCONCEPTION. And that, my friend, is what you're spreading.
Most voting americans don't have a clue about what their cantidates actually stand for, outside of things like "I do/do not support abortion", "I talk to god", "more jobs are good", and any dirt their opponent brings up, which is usually pointless bullshit that has nothing to do with how well he can run the country. They just vote their party and go on, while the democratic machine breaks down.
I would hope that Bush would be a wake up call, but I know better. More of the same, 2008.
Just curious, but what's a gange farmer? I know that's probably a misspelling, but the only thing I could find on "gange" was a verb that involved tying a fishhook.
It's called, "We own it, we're not giving it to you, so why don't you go cry," EU sons of bitches.
If my neighbors voted to take all my stuff from my house, and I've got a loaded gun, plenty of ammo, and a "no trespassing" sign, guess who's takin' my stuff?
Well, my neighbors' families, after they take me to civil court over shooting their family members, probably, but certainly not my neighbors.
Creating your own root servers and forcing migration isn't feasible. European business, government, and citizenry have too much invested in the current system, and the migration costs would be insane.
It's an empty threat. They can't do it, unless they do it over a span of ten years or so, and even then they'll meet a lot of resistance. Once businesses find out how much they'll be paying for this little political move, they'll drop their support faster than you can say 'needless expenditure'.
Yes, someone needs to be in charge.
.mil and .gov), and the country-specific TLD's are left to the government of those countries to manage. New TLD's have to be approved before they can be used. If the name servers were just all over the place, running with no centralized control, then you'd get (besides conflicts and stupid shit like verisign's ad crap) a situation where your internet service was different between ISP's. Remember, 99% of the population doesn't know what DNS is, much less how to change their settings for nameservers.
The address pool is limited. Granted, we could arrange a deal by treaty for this, I suppose, and the U. N. could probably hand out the address space. This would make sense for IPv6, actually. But be that as it may, someone has to say who gets what addresses. Otherwise it'd be the backbone providers duking it out.
The name situation is similar, in a way. Someone has to dictate who has control over the DNS repository. There has to be some kind of global naming system, and DNS is the best we have. ICANN allows different registrars to assign names (although there is some corruption in that deal - check verisign, for instance) for the non-country TLD's (other than
The current situation is far from perfect, but changing the way the name system works will be much, much harder than converting to IPv6, for instance. So we're stuck with the current system for the foreseeable future.
The only way the U. N. could have any sort of control at all over this would be in a long-term takeover, since the U. S. isn't going to hand it over to them. The name system could be changed, but only gradually and under government mandate. The two systems would need to work together for a while, and there would have to be several years for people to migrate. If you went with a radical change - i.e. not using DNS at all, but something else - it would be even more severe, as it would break compatability with older software.
And if you follow the debates, most of the world will use the new root servers that will be offered by the UN.
In communist countries, maybe.
The capitalist countries, that'd be a hard line to push. You can't change the addressing, period, if you want to talk to each other - so they'll have to follow the "numbers" part of ICANN or they'll end up being completely cut off from the U. S. altogether. So that just leaves the names, which by moving to a new system will break every link on the web, every remote hostname setting on every ecommerce system, and end up creating major damage to the business infastructure of any country that tries this. Businesses will rally against it hard, and if there's one thing most governments listen to, it's business.
The politicians and emmisaries can talk all they want, but it will change nothing. Only a very, very heavy handed government could do this and pull it off - and even China isn't blocking the U. S. root servers.
Typical knee-jerk reaction, I'd just ignore it. The U. S. wouldn't declare war over this. And really, this is an economic thing anyway - if the U. N. or the E. U. set up their own servers, it wouldn't be more than a few months before there was a compatability system working between the two, so any user on the 'net would have access to both systems seamlessly.
That said, I don't see the U. S. giving control of the root servers to the U. N. Not that it gives us a lot of advantage, but there's no advantage for us giving it away, either. Remember, good or bad, Bush works for us, and the majority of us chose not to fire him when we had the chance.