jl2012 (OP)
Legendary
 Offline
Activity: 1792
Merit: 1097
|
 |
October 13, 2013, 03:08:51 PM |
|
I put this here because this is actually related to the security of the reference client.
Without https, MITM attack is really simple. For example, the Chinese government is notorious for DNS hijacking. Although the bitcoin-qt windows package is signed by bitcoin foundation, it is really easy to establish another bitcoin foundation inc. in another country and apply a legit cert for it.
Is there any reason not to run bitcoin.org on https, and host the binary of reference client on sf.net? It sounds quite irony as PKI is implemented in the payment protocol while the client itself is not properly protected by this.
|
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
|
|
|
|
|
|
|
In order to get the maximum amount of activity points possible, you just need to post once per day on average. Skipping days is OK as long as you maintain the average.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
dree12
Legendary
Offline
Activity: 1246
Merit: 1077
|
|
October 13, 2013, 03:52:32 PM |
|
Many people don't realize the severity of this problem. SatoshiDICE also doesn't use HTTPS, so a MITM can change the addresses to whomever. Any Bitcoin business that displays addresses should be using HTTPS, and any client download website should as well.
|
|
|
|
|
jl2012 (OP)
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
October 13, 2013, 04:09:14 PM |
|
Many people don't realize the severity of this problem. SatoshiDICE also doesn't use HTTPS, so a MITM can change the addresses to whomever. Any Bitcoin business that displays addresses should be using HTTPS, and any client download website should as well.
The sites for Armory and Electrum are also not running on https I guess this is discussed somewhere else: who is holding and paying for bitcoin.org and bitcoin.net? Both were registered by Satoshi but bitcoin.net is now directed to a parking site and will expire in August 2016. I guess bitcoin.org is held by Gavin? |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5194
Merit: 12974
|
|
October 13, 2013, 04:33:54 PM |
|
bitcoin.org is hosted on GitHub, which doesn't support HTTPS. For example, the Chinese government is notorious for DNS hijacking.
The Chinese government also controls several certificate authorities, so they can bypass HTTPS anyway. |
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
|
bee7
|
|
October 13, 2013, 04:53:43 PM |
|
@jl2012, @dree12, although I would not argue that the MITM problem has place, I would like to ask you, what kind of OS you are using? This is a rhetorical question. Let's assume that many people are using Windows and - even more - they are using IE. Everyone knows that it has many flaws and security problems. So the average user installs some antivirus protection on his computer. But even the up to date AV databases are not guarantee 100% defense. Some time a new breaches found by malicious users and they produce a new viruses that are not identified by the present AV tool-kits for a while. Then let's imagine that one of these bad guys targets specifically at satoshidice and makes a virus that changes the content of the page displayed at client side, directly in the browser. Then it has no sense if the page have been received with http or with https. So, some times the use of https is an overkill that would lead to growing expenses at both sides - the content providers one and at the client as https ultimately disables any intermediate caching of the information transferred. The only way to protect yourself from unwanted financial loses is to double check the addresses you are sending your coins by all available means (browse blockchain, e.t.c), verify md5/sha1/sha256 check-sums and pgp-signatures usually attached to open source sw published in open repositories, e.t.c. For example, the download page of the bitcoin-qt reference client has a clear link to the signed sha256sums of the currently available version: http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.8.5/SHA256SUMS.asc/view : -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
84543f10de5e82ce6e88dd5a501db37c6327edf79a2a04f29199c24843e71f63 bitcoin-0.8.5-linux.tar.gz
c583260f59a5e31ba8f819ed91b992423da6893095c6a910877451d01492625e bitcoin-0.8.5-macosx.dmg
6f6b8fd68f56a8e700090267c53aa592b9c9e5c993f44c7be11ba9b87e1f92bb bitcoin-0.8.5-win32-setup.exe
169161d7a3270e221952f65ff276c649c5818bb9fc10059fd00a531343194b75 bitcoin-0.8.5-win32.zip
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.20 (Darwin)
iQIcBAEBCAAGBQJSMlvWAAoJECnZ7msfxzDBwLsP/RMLxLW16uKFOl87fGDxuCj6
/4c6Z2xgTafb1qOGv9Jh89qfD2V0bmOq97ynrM9SwgW2A3qIYeEju2X3kP1cardM
Hs/mj6LkLuNxsJ65opDbVTPsfL3ztoakNv9v7Kw815/iALl4f7A+YpY1KxiTe+du
+qh14s1nG3I6VTyva6Z2zJbW9JDCvWcGWnbYtpRABszfWBic3/GL4+kjhn4Dj5ty
rHzClX2v8ARLqx/GkM2lLI8OD2yylishrKWIEb9I/Y6J3fyAYyf3S2HXvjG4RJIC
t0/phDZjxRs7FIW97zvSJC5yhlk3tcF5t2qrhpZ8ifek/0TUvar3bXGPripJ291N
YwXfgHNAAWDhiRf4tGHnh6+xn3p8oaFnsiqQpK55KCS/0i6R/fePckpVKHiK9Ptn
WjWisG2LVIyohqrOHRi1xT9VMhtUFcRNrMPp4ujNIrxKFMyRncSUiEtoDI4/dst1
3/WvRTKApr4kRH6sto0dQbLRozDTGZUJOT3vlkQUwrd3qbxuEiLDMfCaRSPSgDRp
pt3wC8t3LtHcPgFnw+ovMAebMJ50glkKh/hSA/ha+PNuuezPWYmGEIVtvwubm7Lu
HXxqQQ0WOW/eDLbxiH495911wgyIZvvt3x9fZZeBhrHS0iAgZ6YTVzV83bwLAoNn
0CgjFiWg+jl23CgpZKqv
=QovN
-----END PGP SIGNATURE----- Usually such a measure is enough to detect any tampered file. So there is no reason indeed to distribute it over https. |
|
|
|
|
dree12
Legendary
Offline
Activity: 1246
Merit: 1077
|
|
October 13, 2013, 04:56:21 PM |
|
@jl2012, @dree12, although I would not argue that the MITM problem has place, I would like to ask you, what kind of OS you are using? This is a rhetorical question. Let's assume that many people are using Windows and - even more - they are using IE. Everyone knows that it has many flaws and security problems. So the average user installs some antivirus protection on his computer. But even the up to date AV databases are not guarantee 100% defense. Some time a new breaches found by malicious users and they produce a new viruses that are not identified by the present AV tool-kits for a while. Then let's imagine that one of these bad guys targets specifically at satoshidice and makes a virus that changes the content of the page displayed at client side, directly in the browser. Then it has no sense if the page have been received with http or with https. So, some times the use of https is an overkill that would lead to growing expenses at both sides - the content providers one and at the client as https ultimately disables any intermediate caching of the information transferred. The only way to protect yourself from unwanted financial loses is to double check the addresses you are sending your coins by all available means (browse blockchain, e.t.c), verify md5/sha1/sha256 check-sums and pgp-signatures usually attached to open source sw published in open repositories, e.t.c. For example, the download page of the bitcoin-qt reference client has a clear link to the signed sha256sums of the currently available version: http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.8.5/SHA256SUMS.asc/view : -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
84543f10de5e82ce6e88dd5a501db37c6327edf79a2a04f29199c24843e71f63 bitcoin-0.8.5-linux.tar.gz
c583260f59a5e31ba8f819ed91b992423da6893095c6a910877451d01492625e bitcoin-0.8.5-macosx.dmg
6f6b8fd68f56a8e700090267c53aa592b9c9e5c993f44c7be11ba9b87e1f92bb bitcoin-0.8.5-win32-setup.exe
169161d7a3270e221952f65ff276c649c5818bb9fc10059fd00a531343194b75 bitcoin-0.8.5-win32.zip
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.20 (Darwin)
iQIcBAEBCAAGBQJSMlvWAAoJECnZ7msfxzDBwLsP/RMLxLW16uKFOl87fGDxuCj6
/4c6Z2xgTafb1qOGv9Jh89qfD2V0bmOq97ynrM9SwgW2A3qIYeEju2X3kP1cardM
Hs/mj6LkLuNxsJ65opDbVTPsfL3ztoakNv9v7Kw815/iALl4f7A+YpY1KxiTe+du
+qh14s1nG3I6VTyva6Z2zJbW9JDCvWcGWnbYtpRABszfWBic3/GL4+kjhn4Dj5ty
rHzClX2v8ARLqx/GkM2lLI8OD2yylishrKWIEb9I/Y6J3fyAYyf3S2HXvjG4RJIC
t0/phDZjxRs7FIW97zvSJC5yhlk3tcF5t2qrhpZ8ifek/0TUvar3bXGPripJ291N
YwXfgHNAAWDhiRf4tGHnh6+xn3p8oaFnsiqQpK55KCS/0i6R/fePckpVKHiK9Ptn
WjWisG2LVIyohqrOHRi1xT9VMhtUFcRNrMPp4ujNIrxKFMyRncSUiEtoDI4/dst1
3/WvRTKApr4kRH6sto0dQbLRozDTGZUJOT3vlkQUwrd3qbxuEiLDMfCaRSPSgDRp
pt3wC8t3LtHcPgFnw+ovMAebMJ50glkKh/hSA/ha+PNuuezPWYmGEIVtvwubm7Lu
HXxqQQ0WOW/eDLbxiH495911wgyIZvvt3x9fZZeBhrHS0iAgZ6YTVzV83bwLAoNn
0CgjFiWg+jl23CgpZKqv
=QovN
-----END PGP SIGNATURE----- Usually such a measure is enough to detect any tampered file. So there is no reason indeed to distribute it over https. If your computer is compromised, it's the end of the world already. I'm serious here. A virus that can modify webpages clientside can also break md5/sh1/sha256 checksum executables. It can corrupt your GPG executable. A virus can do anything. This doesn't mean HTTPS is useless. Any virus that can break HTTPS security can break GPG security too. |
|
|
|
|
|
bee7
|
|
October 13, 2013, 05:04:57 PM |
|
Yes, you are right, that you cant't be sure if your computers security has been compromised. But also it is not possible to "virtualize" the whole internet. If the attack is targeted specifically at you, and thus, it is conducted under a human control, then with some extent of probability that human would succeed to make you believe your eyes. But "regular" viruses would fail to make your reality completely virtual.
|
|
|
|
|
jl2012 (OP)
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
October 13, 2013, 05:30:06 PM |
|
bitcoin.org is hosted on GitHub, which doesn't support HTTPS. For example, the Chinese government is notorious for DNS hijacking.
The Chinese government also controls several certificate authorities, so they can bypass HTTPS anyway. Okay, do you want to argue that https is useless and we should abandon it? Using https may not help us to defend against governmental attack, but it definitely makes hackers' life much harder. |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
|
bee7
|
|
October 13, 2013, 05:36:36 PM |
|
bitcoin.org is hosted on GitHub, which doesn't support HTTPS. For example, the Chinese government is notorious for DNS hijacking.
The Chinese government also controls several certificate authorities, so they can bypass HTTPS anyway. Okay, do you want to argue that https is useless and we should abandon it? Using https may not help us to defend against governmental attack, but it definitely makes hackers' life much harder. sorry, I did not got who did you ask your question, so here is my response: https is not useless, ofc. You know, that it is possible to put the nail in place with microscope, but it is much more correct to do it with a hammer. If the _static_ content to be verified could be verified offline using sha/pgp scheme then this approach should be used as it conserves resources. The Earth resources. This is MHO. |
|
|
|
|
jl2012 (OP)
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
October 13, 2013, 05:41:35 PM |
|
bitcoin.org is hosted on GitHub, which doesn't support HTTPS.
github is running on https |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
jl2012 (OP)
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
October 13, 2013, 05:48:53 PM
Last edit: October 13, 2013, 06:01:51 PM by jl2012 |
|
@jl2012, @dree12, although I would not argue that the MITM problem has place, I would like to ask you, what kind of OS you are using? This is a rhetorical question. Let's assume that many people are using Windows and - even more - they are using IE. Everyone knows that it has many flaws and security problems. So the average user installs some antivirus protection on his computer. But even the up to date AV databases are not guarantee 100% defense. Some time a new breaches found by malicious users and they produce a new viruses that are not identified by the present AV tool-kits for a while. Then let's imagine that one of these bad guys targets specifically at satoshidice and makes a virus that changes the content of the page displayed at client side, directly in the browser. Then it has no sense if the page have been received with http or with https. So, some times the use of https is an overkill that would lead to growing expenses at both sides - the content providers one and at the client as https ultimately disables any intermediate caching of the information transferred. The only way to protect yourself from unwanted financial loses is to double check the addresses you are sending your coins by all available means (browse blockchain, e.t.c), verify md5/sha1/sha256 check-sums and pgp-signatures usually attached to open source sw published in open repositories, e.t.c. For example, the download page of the bitcoin-qt reference client has a clear link to the signed sha256sums of the currently available version: http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.8.5/SHA256SUMS.asc/view : -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
84543f10de5e82ce6e88dd5a501db37c6327edf79a2a04f29199c24843e71f63 bitcoin-0.8.5-linux.tar.gz
c583260f59a5e31ba8f819ed91b992423da6893095c6a910877451d01492625e bitcoin-0.8.5-macosx.dmg
6f6b8fd68f56a8e700090267c53aa592b9c9e5c993f44c7be11ba9b87e1f92bb bitcoin-0.8.5-win32-setup.exe
169161d7a3270e221952f65ff276c649c5818bb9fc10059fd00a531343194b75 bitcoin-0.8.5-win32.zip
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.20 (Darwin)
iQIcBAEBCAAGBQJSMlvWAAoJECnZ7msfxzDBwLsP/RMLxLW16uKFOl87fGDxuCj6
/4c6Z2xgTafb1qOGv9Jh89qfD2V0bmOq97ynrM9SwgW2A3qIYeEju2X3kP1cardM
Hs/mj6LkLuNxsJ65opDbVTPsfL3ztoakNv9v7Kw815/iALl4f7A+YpY1KxiTe+du
+qh14s1nG3I6VTyva6Z2zJbW9JDCvWcGWnbYtpRABszfWBic3/GL4+kjhn4Dj5ty
rHzClX2v8ARLqx/GkM2lLI8OD2yylishrKWIEb9I/Y6J3fyAYyf3S2HXvjG4RJIC
t0/phDZjxRs7FIW97zvSJC5yhlk3tcF5t2qrhpZ8ifek/0TUvar3bXGPripJ291N
YwXfgHNAAWDhiRf4tGHnh6+xn3p8oaFnsiqQpK55KCS/0i6R/fePckpVKHiK9Ptn
WjWisG2LVIyohqrOHRi1xT9VMhtUFcRNrMPp4ujNIrxKFMyRncSUiEtoDI4/dst1
3/WvRTKApr4kRH6sto0dQbLRozDTGZUJOT3vlkQUwrd3qbxuEiLDMfCaRSPSgDRp
pt3wC8t3LtHcPgFnw+ovMAebMJ50glkKh/hSA/ha+PNuuezPWYmGEIVtvwubm7Lu
HXxqQQ0WOW/eDLbxiH495911wgyIZvvt3x9fZZeBhrHS0iAgZ6YTVzV83bwLAoNn
0CgjFiWg+jl23CgpZKqv
=QovN
-----END PGP SIGNATURE----- Usually such a measure is enough to detect any tampered file. So there is no reason indeed to distribute it over https. So you are trying to verify an unprotected file with unprotected message on the same site? And how do we know the PGP public key is legit? It just doesn't make any sense. The best way, of course, is to download, audit and compile the source code. But most users won't be able to do this. |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
|
bee7
|
|
October 13, 2013, 05:54:25 PM |
|
So you are trying to verify an unprotected file with unprotected message on the same site? And how do it know the PGP public key is legit? It just doesn't make any sense.
The best way, of course, is to download, audit and compile the source code. But most users won't be able to do this.
The message is protected by the PGP signature, thus you have to believe that the PGP infrastructure is not broken. This way you may be sure that the file you downloaded has been crafted by the person who signed the message. BTW, how do you believe that your bitcoin-qt (provided you inspected its source code) is not talking to the bot net which in turn aims to steal your bitcoins? |
|
|
|
|
jl2012 (OP)
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
October 13, 2013, 06:01:08 PM |
|
So you are trying to verify an unprotected file with unprotected message on the same site? And how do it know the PGP public key is legit? It just doesn't make any sense.
The best way, of course, is to download, audit and compile the source code. But most users won't be able to do this.
The message is protected by the PGP signature, thus you have to believe that the PGP infrastructure is not broken. This way you may be sure that the file you downloaded has been crafted by the person who signed the message. BTW, how do you believe that your bitcoin-qt (provided you inspected its source code) is not talking to the bot net which in turn aims to steal your bitcoins? Most people, including me, are unable to audit the source code. I trust the people holding the bitcoin.org (ie. Gavin and other bitcoin devs) so I'm happy to use the binary (also with the fact that I believe some other people will try to compile and compare the binary). But how do I know the PGP public key is legit at the first place, if it is not linked to bitcoin.org in any way? The bottom line, IMO, is to run bitcoin.org over https, and offer the binary hashes. The binary itself may be transmitted with http. A better way is to offer a torrent for the reference client (through https, of course). |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
|
bee7
|
|
October 13, 2013, 06:07:51 PM
Last edit: October 13, 2013, 06:18:34 PM by bee7 |
|
Most people, including me, are unable to audit the source code. I trust the people holding the bitcoin.org (ie. Gavin and other bitcoin devs) so I'm happy to use the binary (also with the fact that I believe some other people will try to compile and compare the binary). But how do I know the PGP public key is legit at the first place, if it is not linked to bitcoin.org in any way?
The bottom line, IMO, is to run bitcoin.org over https, and offer the binary hashes. The binary itself may be transmitted with http. A better way is to offer a torrent for the reference client (through https, of course).
Then please read about PGP and check this page: all devs PGP keys are listed there Edit: I updated the PGP description link to the more specific one, sorry for initial ambiguity Edit2: bit-torrent protocol does not provide more security than http. It provides only stronger data integrity apart from possible higher download speed. Edit3: The use of ssl/tls encrypted links between the nodes does not change the picture unless you have a Certificate Authority that issues certificates for each node in the network. This would kill the overall idea of the bitcoin network decentralization |
|
|
|
|
jl2012 (OP)
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
October 13, 2013, 06:15:09 PM |
|
Most people, including me, are unable to audit the source code. I trust the people holding the bitcoin.org (ie. Gavin and other bitcoin devs) so I'm happy to use the binary (also with the fact that I believe some other people will try to compile and compare the binary). But how do I know the PGP public key is legit at the first place, if it is not linked to bitcoin.org in any way?
The bottom line, IMO, is to run bitcoin.org over https, and offer the binary hashes. The binary itself may be transmitted with http. A better way is to offer a torrent for the reference client (through https, of course).
Then please read about PGP and check this page: all devs PGP keys are listed there Edit: I updated the PGP description link to the more specific one, sorry for initial ambiguity I know how PGP works. But I don't personally know any of the devs so it is impossible for me to verify the authenticity of the keys, and I don't have a web-of-trust that would lead me to them. |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
|
bee7
|
|
October 13, 2013, 06:21:26 PM |
|
I know how PGP works. But I don't personally know any of the devs so it is impossible for me to verify the authenticity of the keys, and I don't have a web-of-trust that would lead me to them.
You don't need to know them personally. If you don't believe the PGP public keys they posted on bitcoin.org site then you should not believe the correctness of the binary you could load over httpS using the link provided at bitcoin.org site. Then don't use bitcoins at all as you can't trust the whole system. |
|
|
|
|
jl2012 (OP)
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
October 13, 2013, 06:27:44 PM |
|
I know how PGP works. But I don't personally know any of the devs so it is impossible for me to verify the authenticity of the keys, and I don't have a web-of-trust that would lead me to them.
You don't need to know them personally. If you don't believe the PGP public keys they posted on bitcoin.org site then you should not believe the correctness of the binary you could load over httpS using the link provided at bitcoin.org site. Then don't use bitcoins at all as you can't trust the whole system. How do I know "they" are THE THEY I trust? You are begging the question. With https at least some so-called "professional CA" have audited the authenticity of the identity. |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
|
bee7
|
|
October 13, 2013, 06:40:58 PM |
|
How do I know "they" are THE THEY I trust? You are begging the question. With https at least some so-called "professional CA" have audited the authenticity of the identity.
The CA infrastructure only confirms that you got connected to the authentic site by its name and then the connection is got encrypted. The CA does not provide the authenticity of the information published on the site. Apart from CA there is the ISP hosting the bitcoin.org site that you have to trust a priori. The cryptographic algorithms behind the PGP are as strong as in any other area covered by our discussion. If you feel uncomfortable to trust all this, then you should not trust bitcoin sha256 PoW. Thus you should convert all your btc to fiat and quit. I am sorry I have nothing to add. |
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5194
Merit: 12974
|
|
October 13, 2013, 06:45:19 PM |
|
github is running on https
It doesn't support HTTPS for hosted sites, though. |
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
jl2012 (OP)
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
October 13, 2013, 06:56:09 PM |
|
How do I know "they" are THE THEY I trust? You are begging the question. With https at least some so-called "professional CA" have audited the authenticity of the identity.
The CA infrastructure only confirms that you got connected to the authentic site by its name and then the connection is got encrypted. The CA does not provide the authenticity of the information published on the site. Apart from CA there is the ISP hosting the bitcoin.org site that you have to trust a priori. The cryptographic algorithms behind the PGP are as strong as in any other area covered by our discussion. If you feel uncomfortable to trust all this, then you should not trust bitcoin sha256 PoW. Thus you should convert all your btc to fiat and quit. I am sorry I have nothing to add. I don't know why you mention cryptographic algorithms of PGP here. All educated bitcoin users assume it is reasonably secure. The only problem here is I can't verify the key. Anyone between me and the server can send me a fake key, and DNS hijack may direct me to another site. If the key is hosted on a https site, at least I know that the key is provided by the legit holder of bitcoin.org, assuming that all trusted CAs are not compromised, and the server itself is not compromised. (EDIT: also my computer is not compromised) Isn't this exactly the reason why the send-to-ip-address function in the very original Satoshi client was obsoleted? And now we are reviving it, relying on CA cert? |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
jl2012 (OP)
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
October 13, 2013, 06:57:52 PM |
|
github is running on https
It doesn't support HTTPS for hosted sites, though. Is this relevant to the current discussion? The bitcoin source code is served over https: https://github.com/bitcoin/bitcoin |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
|
bee7
|
|
October 13, 2013, 07:15:35 PM |
|
I don't know why you mention cryptographic algorithms of PGP here. All educated bitcoin users assume it is reasonably secure.
The only problem here is I can't verify the key. Anyone between me and the server can send me a fake key, and DNS hijack may direct me to another site. If the key is hosted on a https site, at least I know that the key is provided by the legit holder of bitcoin.org, assuming that all trusted CAs are not compromised, and the server itself is not compromised. (EDIT: also my computer is not compromised)
Isn't this exactly the reason why the send-to-ip-address function in the very original Satoshi client was obsoleted? And now we are reviving it, relying on CA cert?
Then, tell me what is the probability that you see different PGP keys of the same person browsing http://bitcoin.org/en/development from three different locations from three different computers connected to different ISPs excluding your own PC? I assume it is lim(1/x) where x->ꝏ. Then write down the PGP public key you see in these three (four,...) paces and then come back to your PC, download the binary and check sums file using the links provided on the bitcoin.org site and verify both file's integrity. Voila. The fact that you use https to download the source from the github in no way authenticates the content. You could make the repository on a github that has very similar name. just try these two links: https://github.com/bitcoin https://github.com/bitcoin (in the second link I used the russian small letter 'o' instead of latin one) |
|
|
|
|
jl2012 (OP)
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
October 13, 2013, 07:29:10 PM |
|
Then, tell me what is the probability that you see different PGP keys of the same person browsing http://bitcoin.org/en/development from three different locations from three different computers connected to different ISPs excluding your own PC? I assume it is lim(1/x) where x->ꝏ. Then write down the PGP public key you see in these three (four,...) paces and then come back to your PC, download the binary and check sums file using the links provided on the bitcoin.org site and verify both file's integrity. Voila. If you run this process over https, wouldn't it be more trustworthy? The fact that you use https to download the source from the github in no way authenticates the content. You could make the repository on a github that has very similar name. just try these two links: https://github.com/bitcoin https://github.com/bitcoin (in the second link I used the russian small letter 'o' instead of latin one) that's pretty irrelevant to our discussion because people shouldn't follow a random link on the web provided by an untrusted party. |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
gmaxwell
Moderator
Legendary
Offline
Activity: 4158
Merit: 8411
|
|
October 13, 2013, 07:32:07 PM |
|
HTTPS is more deeply insecure than just the CA infrastructure sucking. It requires you to keep the signing keys _online_, on a publicly accessable well know webserver, where they're maximally vulnerable to compromise. Practically any website of scale is run out of some colo, most of which have fairly poor plant security. Because of DOS attacks (I'd estimate) 3/4 of large Bitcoin sites have handed their SSL keys over to cloudflare... etc. Back to the CA infrastructure: Many CAs will issue a certificate to anyone who can place a file on a URL of the the domain in question of the CA's choosing. They fetch this file over HTTP, so anyone who can MITM a websever can get a certificate issued for the price of a few bucks and a few hours delay. The system is not just weak to state level attackers. It's stronger than nothing at all, but there is a good argument that its a false sense of security, and as a result I've been torn about if it would be good or not... Though in this case, the services we're using simply don't support it. (I've advocated it though: Even if user's overall security were ultimately decreased by using it, it shifts the spectrum of compromises to ones where the public will blame the victim (or the CA infrastructure) rather than "bitcoin", which reduces the ecosystem risk...) There there is a question of what you'd even be authenticating against. AFAIK, Bitcoin.org isn't formally controlled by any of active developers (I believe the domain is under Sirus' control). I mean, if you're just going to trust _any_ HTTPS site to obtain the data from, I'll drop my pgp key at the bottom of this message, and you can use the fact that you got my key from the forum to verify the keys in question.  (Theymos, why doesn't the forum profile stuff have a field for pgp keys?)
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGiBDg/VFURBACg59JwLVsoc1glYtf2ZJo305JIfxhMO63/BiUkrC0U0C88Syvt
By0lyd4YQiUNRfdJmpJI2WU3gNma3Dh03OCOrQ/8CiTj8V/KtoUjUqGHiMbXmu4M
mIy5SBCGD1hnOFem1amU7yWOrn0flSNjbhsjaSMWktu8Y5XXIJ1LkOWcewCg0p0B
n6stieVpyNfARWDrTzHZffUD/2jdb38tK6scrloWRy53zzTK9MjrIK2zjV1G9HgP
+r6uBwwwmYvP4kctKTBxKqsLjuxz02B8qZuxnQuqFA2ssT5L/3Otug3cGZlrAsXo
GpOB3NqNvN9W95b5BY2lrXTRj81pVuNL7l4YxLeZnp3N56jt7AO6k56zIVDBYBC5
ZKorA/9h/vBT132sTQHv1V5iHRzgybVNKtl7krO5M7rngq5HElK+gHkls+0VJryy
KL5dbr2ew0ihO5u5m1dRhOmBtA0zYbM8l4xMF8+Fo1D1KaUleN/vjP49QrhFXcgH
TAQfG2bMszfb96JoSD4PbttCy2svBLlg4pAdpdjg7s2sHBNAVbQfR3JlZ29yeSBN
YXh3ZWxsIDxncmVnQHhpcGgub3JnPohkBBMRCAAkAhsDAh4BAheABQsJCAcDBRUI
CgkLBRYCAwEABQJSE6QCAhkBAAoJEKyFk2KwQTv6QNwAn2f6PYlpZNJd3dcL7+em
1Weh6IbzAJ9hMi0JTEaC+cE8j7hdS8pmqNeD64kBHAQTAQIABgUCUJwKfQAKCRCe
v/LCLZ/avTWGB/4+SU5IUOTTR9iCc26TzPG7W8WPMZj/NOcYaPTaJwKBddArNZ/w
J4jgaS6JX/WRHMJoB/I1VAVDl2g8l7CZlBOTBQ6lZM7kmRWA9vrh3P+bGV5T8MhW
Zw54x5UnYQ2iHuMaZVOrmGaUl718DoWYpiYL0jbjD5ep3dX1D/QgFc5xHpDk3PQ0
XBHhBwyQsegdxNR+RTH9eWLIba1ytOCwVMdbMPtU+X32A0diPk06ICLg/8qCKFO4
Fwio1jrRnr99YRwEORKfaEcvGEeLdCo2RuzNsQV4uXx/67WRzDOhk7NiPu7Q6qCC
nLPqFa2CN/mLxjDKYDLf5CzvclXWUVTAU3A2iQEcBBABCgAGBQJRjOQqAAoJEHSB
CwEjRsmmvIcIAIagJPLS5wTCfb8GCMQNow6tMIZEdnFAGwFDbabrgcHM2DK7AAPN
qhc1vsSXWmNrf2o5B9nsVGPlQVEyqIi0eF5MV4nwDipCHm3iSyGNmekAgUx2J5zL
b9tzmt5lcb5QKejTsYS0rQgLN1f5HU54oUQiZmio1fbDqIwPZaEgHPUr/rkCr3mP
4mKYyQ4aDiYp4r3zdX+7ofSuE6kjB58J/Rb/lQicvs5qRViJY2pTnA0aYM0rwO59
4Jx8yWXcjaCtFxVuufUqG4QVskezqfsekMUB1+l/W1GOJcq+iMzs/0WtxZpTEhel
D4l7sjcu6SnpxDuToyuS+kkoUbhBniqdjEWJARwEEAEIAAYFAlGV08IACgkQf6sR
Qmfk+gSMQAf+I4+BXIwMAqMSfK11VXZ68XkGDA5trEsD7Bd3NB+dbqiQqt9+2lyW
siPn7WxLAW6hktvmgwUnsUVT6GswTxf7wg+uC9c9mMuL/Ejww/kKWd9w/zF+EYJl
11IBzptaqiSyVvDfEiAThaSiQs6Z7PezWVUk0ecIT+hTWxVKEpWL6lBizb4+WBWY
W3OYiPj2DYwIzrRfK0V4L0I4TuR0pqSguCg2kI/IQwu8FSsJdG4vdEstAVpNDmwr
SvTHZCKFZ3ofOJnh6xZq/edVhKGQlMfUtIb1wKWWqwqL0buDV+9gUd3UdFnf5FIw
MBb0Bvs/8sZST+QYAHqrekyrVZsu2LJpvYkBHAQQAQIABgUCUcHXPgAKCRAUPJ9B
2PBW3aMACADTX7R7o8Nrf/bx9EQAdpKmiQ7RP+iiS/kCrhr5DMOzp9BiSd6JQ6S2
J6B+QYYnXoOtN62x8YUf0vQI8qn7XMn/3cU5Ib28wle1xZSt87nwTNz3aWOStYlH
KPot0ZCl27Dqda//YpGpgdtvolNWAvG6u3vnlix7cepMIoTd56N3a3UxTDE3kzQ7
GqxWeSmkWZZeYo1APNvqKq8ndRAdldMDNdYTHTUxl151nq7PzJA9sKFJrOmMzm3L
M3ZkDIqI421muJL1Tz7RuJiKBFwN+lnAhbpOMZ0auXY/QMO4Nz6X0FxcpxQsieHg
P3ChZoM1mDxKldod7itYEjdz8kgVwKsHiQIcBBABAgAGBQJRw2v1AAoJEFQP1LYI
gV8Toh0QAJjsdjC10ktQlQ6JxXRFQf6KbRB06ZoPbmJRmGiCLKYUxj7oO845N/42
xYl4raQdKhh0vZl0b7PeqGR98nCUSaIDDimKEjShMdyw1Lku8chJ5uqMMsA9RA2V
vSFg8JvrdsUVfnAk9K3ei5tLVDNtB/Olqbnr+itI3lzVkKi0CI8CwQqs5iXLVLl7
ESCeQUnnTDyvKE5Q0YPfFFJadzGxPXDX3pc4JAFecntrRaGRjzeywwxFdJ1JjM8Z
5czn35ceoLxDI3+7ecqnNrdn+gjYPQvdJMLsxs6HITQUehPkWABzbP7eMkahMjJM
cVVE1iRQU3RRsvsVs5v0RIevxg7RVJoyK/Du9gAXDkCnvRkz+g22b+ACummMCsxl
nflZuykXFHDOCxqcN+kw3+vnIDpGQvTDsxJgT9Zzq6A29MbhG34NPl51Tm9H9m63
xnBIO9ryCnpWi/YxVIlGpyfcUT9h/9V8SRQoV3R/mvpwh5zz55dsaOUXaL12yW6b
BtsbnJU7H5YPRAJ4hQPfxelvHh6nMeSe8S3kKAqpGHpyd0q+k7OfmEXgIxdx1yOT
pv2IXszPwt1MvoKT2HC23S6S/IjCBXRHsiyD4milC+qZTe5wnmEdOWW4l5CIuMqd
LXn9R1KDEsRj5yhha6l5s2uXkmosbeUtnwPJLRtA0jL2st35QPnJiGIEExECACIF
Ak9jkH4CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEKyFk2KwQTv6D+sA
n1kY8QkeusFapU3p6mNh/AlYd591AKDMLMX6Pt/G/H9qETRl0DcoQfmI/IkCHAQQ
AQIABgUCUh0HoQAKCRC5pAjnHarJdDovD/9hZEMp3a4pFTQs1sjbiciX5GzCFyId
FOLn7Zzat+qYbUVel57Hvp8YnX/dhqVJveyBJa48xQDXbIU04RgpBMr1cn/QVOLz
Isj1RLnxLcsrYNpNPsYDFP/IjKNWfdeEZg4xrWlWMXVUuVsXQsCzgC30oWBdo4ll
NhM+jPqxB8zDt4iXO42QlHiOb+dUI1fR3J790BZepTYiGL//K2+nwpmeWLV52nzI
7f9TaCfNAz+OYDC5DY1e7DFJCFUUOZ2YKqiyAPBudp4PkPT1TFMyXFj332LQn2hk
gkeKdjUJnDAzmTfHlAO+YKad497dQkcG+NcPj1Myht9wIhLx+H9KuPvx+JDZxZYa
//67Tb11WSuYzqzvXNOK07MG6B5KVCM1EdFcigc8POWChPbTnEWiFqlrM7vUIv9W
GQzYNrA6eZrVZb79wtGv9cf/d76I2BkQfWHaQoUmG6IaiLOwnq8uGhwV7g0t/7KE
8k2g4WaIxRoIJ84ZGmsGk7o6fEZ+6um4cjS/eVUiXASN1Ro1NNnnvPHO9Dkw1AAw
tcVhUAgHQORO9bRV3MeTt5CXvwWM6DONb6r3iypbkPjjqOh85pNd1x6XZm8Ib2Q5
Fl+wGtH8Ofu57GqQTY5+Yh6lLKq6nnnFpp04AiO+MJOI0UZHzuhhtYK4S2xZeBWD
qdgLCDnlY1tkWYhhBBMRCAAhAhsDAh4BAheABQJR7ugWBQsJCAcDBRUICgkLBRYC
AwEAAAoJEKyFk2KwQTv64EkAnjZXqgaBLmk0L4Rd+bbrr5mG7SgTAJ9Jk4xhWw0A
6c8insZBLqmXYsM8YokCHAQQAQIABgUCUjJIkAAKCRDhZvoRVxE5Ft2SD/9Qn/PV
XkdqOZYhvcmUl+OAVNXFIN+L5k3Mo18MAu4tjoaa+MHz/GBthc2r20o+0Pqdm3YC
sXzhoatFZBL945eJ7IPwjU/aAr9N2v0Fa3AA4aqneicPpSm79WHvFHHdyhNkz/7S
Mzy9xgQcg7oPDPv9qDm1YawyGyHADYlPJXbamz5++fRZhi7PTjLgIF2QEeKpulqT
/BZ5WT5KdcJK2lYTt1cqyMc8OeuJByrMfMwiOfQ6KcBXIo3qtnssf5OGSaOREAYh
t1slKyq9wTqTvi7G8PX0HxxjqDzTmauh3mUkXaseG7KRJCzb+15+A2S1zmxdFylh
VP161N5vRg9gQLMD7ul6R4DD2ak6SmYBvlGCrvfqNZHK3760nSj3gtWifcwamAFO
nvXwAX4sHs/2Kff5I4o6MXyIvEn7ICslVcjGCTfDTLXZ5YA6foqfB8XfSP5JEJJ7
Ju3ueOu9C3nYYr3LGnoskeH+diIcNQi4nV1QBvSJroupDKu3WRtM7rWoJuVLLiRl
oUnnnjylfgGGLFXH5RUtUOVG08iqxpVQHpBCIKyy9IPFt0j3nNIUZicquYg3/jT5
+SATaBwtGieK4v+JRryrNa6GcGqCf/NraPyD7Lij3k4DvNAmMMwjLNu5+tQShESv
2Mu5OMED5Ro6WdATHPffvmEME8PjvSHK4/jdZbQkR3JlZ29yeSBNYXh3ZWxsIDxn
bWF4d2VsbEBnbWFpbC5jb20+iF8EExECAB8CGwMECwcDAgMVAgMDFgIBAh4BAheA
AhkBBQJBBXWdAAoJEKyFk2KwQTv6teoAoLeIyhRYtATYLYdwXiPDV2Crzf8mAJ9R
CMOzHRzTqPmR0p45O4aukRAopYhhBBMRCAAhAhsDAh4BAheABQsJCAcDBRUICgkL
BRYCAwEABQJSE6QAAAoJEKyFk2KwQTv6tikAnAmDdiKtWsIr6G2NyZGDSGWGbCjI
AJ9Dry5BHQ0b9a1Q4qtiEp+els9yoohGBBMRAgAGBQJBBXk6AAoJENr1TExlPIMe
xbMAniIjo9OOQSguHBprAULJXx4KsIo6AJ45nry1Q/eUwxWMYiYrtNFfoTGNGYhF
BBARAgAGBQJDv3QoAAoJEGBhwP8QCpUP8N8AmwSz6UntGTXZ8uj1wwHRycSjX7ph
AJinAqhZTm03ScyN/oWxQMYsrKVpiEYEExECAAYFAkO/jUgACgkQlKx7Dv753XIR
KgCfcCZOR5wCeecsADzvd0nGCmfEmMgAnRenx30i2kz6mmUeeT8liI986QlqiEYE
EBECAAYFAkZBTEwACgkQvCEYTv+mBWfDNACfVoaWJUJudbBegWhuO1QBnt/AXdwA
niLxgjxJsPt87AZR5BHXGLkBbi9yiEYEExECAAYFAkZCTqAACgkQvCEYTv+mBWf4
iACfabWvDJ/UwqgHTsgv4iO/XGmvTHgAoKZsQNTwApxCSkCx+EIu2y2IhkVxiEYE
EBECAAYFAke8dNcACgkQ91hV3lO6dzFdAwCgmGaThcgatcyCCkvQcoGx7rp655sA
oJqyQNv46EufAiYE6qKl8sadcwoiiEYEExECAAYFAke8dN4ACgkQ8AA1q7Z/VrKF
FACfZysRUdI9CVz6vwIxO35Kk9Sw/ZkAn17FhwqSqDN5FWp6pSlhNeImoT6UiEYE
EBECAAYFAknFRTEACgkQLLp3j+s0tdyxnQCfapR/hfHSYEa7eaqsWOvRX/XCM/EA
oI+jdRNSpsSL3NvVsuF0eM0WDqjMiEYEEBECAAYFAknG468ACgkQN+HBdXAJatEn
oQCfSHpK7dqls7zheevijWO3CyEnOckAn2ItFWkuRv21KQ259MHXlfpkbHAPiEYE
EBECAAYFAknG/NIACgkQqDKTP8AvU8UUNACdHnSAHlvnI62yGamY+zc02kwS5O4A
n2jSu/DW3gXwZX8fROCo/L3KwCzEiEYEEBECAAYFAknH+i8ACgkQCRwR0q6GALaR
ugCeJ++0cGFuaUUWsbbK2REliBpR/twAn3iGsxgrmzdwe/Yy9H19Y1tWmRRviEYE
EBECAAYFAke9+DIACgkQw59SNOwW/7NjvQCfZBJTpXhXujdFSRZvKXqo2BMihN0A
nAxq8L63lSSHrJjc9zA64XgBraUYiEYEEBECAAYFAknM3xAACgkQUjSEXfK5IPVq
SgCgk1DtCAoHlK8B92aSnVbWnMDN/3UAn2GiDpqU9gggGbU66x/j5pCIxwfiiEYE
EBECAAYFAkoqvjEACgkQwVZrBISfqG/jDgCgiTwVDZWYV7h1LVEhesAexcFZyN4A
mwXhMjGYtFAZyYWEIg5miDMNYEFjiEYEEBECAAYFAkoq/iIACgkQH7RH36CJtsnd
6gCgkC4vhbmLqQIoL8HsVZa2laWidXcAoIXQfLFicr/RXAa5ZHtzyBM99fImiEYE
EBECAAYFAkosd6kACgkQ8wVamQKxwLlKkACglLCUr2WSh2k9hOCkDDyGnas26KgA
oLwZVmxDS3dM9/bYodpErALW5jZeiEYEEhECAAYFAkorRrAACgkQ3khMMfgtqh1P
tACeOXluX00Y56h7w3N78RX3ZQxt3oQAoKgvjClB6vqE0UFwb77cl2kI9sXhiEYE
EhECAAYFAkorTG0ACgkQilXfypicVTVWcwCdGGJl/mFfnrKreLlOLySs9cbChG8A
niXck50/wwS42Or+Lw9BB4p8CIXciEYEEBECAAYFAk2FNcwACgkQUJT6e6HFtqQt
5gCeNBBHI6EXd5vS6f3aXL23mABFjTEAn0gQ/13fJ6U9PoNtc6XDY7j7mPSGiQIc
BBABCAAGBQJNhiNuAAoJEC77yX/lL6ddc98QAILCZFzAsDMcfMghxTKsogHhzyF7
ierZrgNiQPuRTSFJU900xWUvEK2oxbuiUZdbdyo59NRcPHJ2NN7FhfZc+p0SSQ0m
zy/VyC0hl+lsLO0X02Xk/7duLp2bAAf8g8ZIu8BTnibcKI433JDh9iuWnyauEGHd
XofoCu01U9R64yHlf96VKlJEdQre8XgW1imiHU2xsP4QZz1jY8o95y+T77hWdglg
Ul2mZrpcCyPq4/btbXhYbp6XVyerLecqnr9d+FJdQZcK5MsSH+GPvEXh0NhBZIu1
JIWuf+QcsvLCmmXZ+EwE7094+JaBg+fuGx4cptAp0n5b6abekMk29dFrEnVGxCzB
hwQhCNl5LT0J1021fEKpabuHNAqUf+1CL1dtdCGPyOd4LH3xx0XUlssAj1mv37I4
uuB0pyRt0wCR40TdH3Fn4z0kXJ0BbL1XOyrGG0/cwtQzu0k0ppecr7RFpt/5L29c
rZ/XYiY3E+a6TDNH6RfwzCGeTFiJwz3Xk6Yid4bw3oD/ZQ2OV7/TQ3hSR8CRiLbB
ySAtmk7TQD74t1+7xARLkgzYX3e8bfrwiYHYCpYodJYoa8d88p1sUl6Kdrc4DKYl
87eHZLErWSD7qIO+7G2TXftsO1wN2ew6W76asqz9QV1XYGMQs48Az4Uw0c9En8Zr
bfo6NW8aZ1qCK2+OiQIcBBABCgAGBQJO6mIqAAoJECnZ7msfxzDBhl4P/0SorMgS
ySetj8rC1E3yL6ofNvV/nQ2+gncfiXBAcgz8cq0eTgmCNixQNtYGpZgY+RPMsGHI
c749lZKjXU/6uniDZioUUv+mU6OTOOhfnRORaFegyvVXe7g8+cK+aqHw/TJZpMPT
6p0oQ3ydYPqiPY79t4Nv/X1iyWNsN/IQuQQwVavxgPvqiYS3DCb7nLHKuI9D87ST
8qDZvwzX7IK+IgRWedr0GrQRR7VtVX2TpSwYWxldnnyG7OVAiiEcO7ccpcQ++Dkp
e3A5DrQ5U56XUVukJooR/oHYnzT1pogkAyHwDhFY/Z6LntLe2SHH4HdDY7gJsuRA
CQcvjk8gVmrpd66H+bf+RYDgzeL2h34+/QTTWopCAdqtiDUc/U4Z8BW4rlV7ofe4
4dl16g6oMC1atl0gv5LMgkkDmMbul6Dyd+jBkqvkkNpMKcBcsmjkYvFrify4RTcK
zlDFxBfRRCLt1C1wOLeEA/39wwkmfMqkKwMRnCvSC7sCBfS/sOu0wvzfJpMcON5Y
6eBGPAIU0I4M9rLBIPWSarIu/Q4H8SfruAFqG8tgjujVL4PR+BIrlJGYwzoer1D7
2AkGPexxNY4TYoZ5GdMkW8HT+B62vJ4nssj0PPr+Hsob6yYyFBQrpzG+JVNi4nHy
20+PvrEAB1iMY2nhECkJcbk3MqVmb1T0ZPP+iQEcBBMBAgAGBQJQnAp9AAoJEJ6/
8sItn9q9whQH/2dLBJr0Jsi7bYD2grZ3SBcvZXwT7RM0u68uotBJEBCCyWtIpe1p
lofe531ZO5KsWfMz4J7S+Jl/iBfgZgiLJcmXgDoAqvZp/z5qqdFSKQUgjj3xdLcP
zFbuQ3azf6QMbMjv9/o0LBH7CEjvrqJIP2HETPQbcZmz5zY25DCY9VabgQYn5WRN
YS/xBUChTW+jxuEyQpK+OgOxt9EA3dfU3cqCl3lN8NLvTSezch8vGWNeY2zQ9RM6
qheBNDb06KdskXT7DC5bAETc3alZYINjU1FipeLntEl6OfWP2wSbyK2bA0XUntvl
Vsw/paKd29Q/RYvg0V+H+fiEJDSp1x44hU2JARwEEAEKAAYFAlGM5CoACgkQdIEL
ASNGyaYCzgf/dtRipUICmMsMxpcRMOefR+t7ew9syACTQbrtSpTNoh+OFqSpp7Wo
OlzOmgeRH5rnHk7XIMfXD8GHVBMHqslrDst631ZREYGWKDfEvwCHM8rfJGKCWJ/Y
+eqndC3dIPgw3cmEX9wfoLhqw+uigxN6e3/1zsQ/Q98k1XYaO5qET7dQAWUEk+O+
7Eoio242K1zP0w4z4li8Vj/mZ/Kwa0lA3FRgPFwUVXRmnhpsPQvau/0n855laTzz
FBHriwC+EA9JxiNr5OtUN2OZazPeMA0SStoURFu/akPn9CwTFOJGMVdPu0Yl9vdq
0Zs/v+OVX9+fMpnwhBwHGxQOzwMhq6hYHokBIgQQAQIADAUCUV4h6gUDABJ1AAAK
CRCXELibyletfKTLB/9YLyBitQYKHDYVHC0bXHxKDGLL9W3qGfGmIdctlQIeVd2q
+bgvT+MTDdAW8N7Lt3qAHm+/FQ5n3LyZH7P9QRgt54FMB5WEqTvLVOi1zEMSQ19X
c28vhi3mJlyiHzdKTHQXb+ZHj9r1qnKh1BEmaB4DxJ5Gzufck8qvsQjOwRtPMw04
gRL7WH0lAAfh5vrrtmpEss0VmgWipdivMDqVWlc28NSkb9IFt/ZCCqTgEcoRxA2G
oGnkQE7Vq/3+EEhy/Q4f0P+UPTdVulSzjtpkqd+4VXYSmPLrNyh1k3rv+R23Q0Bt
tGwF96tlW48rEcWQJn4LqdDk0Nvt42wfltzIE5JmiQEiBBABAgAMBQJRb5wxBQMA
EnUAAAoJEJcQuJvKV618pLUIALygLGmNJ5AcvA2MMOnUwUp6BiTAZ3PLCY0kjkWW
o4giBT2b6AwRDYYa0biXmu5Uqmjmmd2Gpo6KpchiNIIBFVOoVsGWnWrTJiP9BmYW
Lm1f4kH8hok4MackuXXW1od+cX7Wt+FWfagppq4A7821q60kJqlIG5QBkN8m/O4z
tN9PhTpLaAnvRdZkTxLXwNWwrCKb7u3Mfdb1TAxNDkn21LAO0ETqfKKGuac1hqSI
9A2mXeeG5pIkTkwFGOVcexAKcUYAY5Gr8qJmrOXD+9Ra6L5pKJ0Qdn75eso2R/Mh
9g0HbpwbKOgJVk9TWiDsbh4IF5ZdDtGIWExviD3M/gq9uwOJARwEEAEIAAYFAlGV
08IACgkQf6sRQmfk+gTvGggAjlfIDLungp9Gzm0SlWG6zsEihauIWf24nCYVjHI+
x9fhkbI5+hieH8ODNYhiKmCrO3esY6R1FeYBWkHns/+zIP+WxpdHisEzE9tIFY9D
hBqILR8aej+kBrn91oY/33Z+U1ukGyvjIU6LF9T6uobAhY+0QmHCV1Fvh/zPHT2b
K31rfHpovNgwOLc2BEa++9HWQYPSGbBvEYHlZFBmwv+d8uyv7pFOQXSbvr4oVhoy
3weX7BGDIT8GZNyTP0G2WT7eVw1IXIuYE3ERIQYZLy22aPLPj8b1unJdq7YZouqR
jX9+XCXksWNpOJXXa7qQkWIYcQKYEIVkE+7BxtRBcxONMIkBHAQQAQIABgUCUcHX
PgAKCRAUPJ9B2PBW3YwGCAC+lQH1kMHmYOI2/XTONtRaJLF/R02fzO2OxOcF1lMP
7Z647aKSZSnE6R22gEREEgOWnemMcsmYY42oz40mNGm8uj3VkG78TJO9vbLkj3O6
eCjaC0hHpRZ0AuuPuIkms106ruFeCreywIdgHYBsc8bGmV1l6HeE2MmXp8O3yDhC
2hAYbFLcDuOlOkqgJtQsQP35ItnXQzRZyFMo3Fiu4YFDnKv/BGXVjRYkJ25lHAc6
F42df6kjey04ymGPa+JoyF4pHAsWRqnGVKP+34E2DVqayiXxGW5cROF3pjFUoxE2
UxXSuAx0zHwEBSZRvrdjA8nOrW1TYBpL1JjudhD08pXliQIcBBABAgAGBQJRw2vd
AAoJEFQP1LYIgV8TpC4QAI6FpLOnxc1LQfcjwFEQbUMRL4M9Y3V/uQhmKIwJjcTc
atBlN78LFb31I1DOdXHHCOV4IhyXlvMc6/C/ujifiWXLL5yTawUX+d+eR3oiUEmH
03f20/nZaZaX9PcCLA5YiV8/PwipoINT0C0V5tLuG/sdfTcBeCcGLrbb58kubl9v
HaFqC7HS9SR7c8gCQJVIp9uvj3M7K8L4S4hWyA2eCmUwzxJlhd+H7kCOJPwKfCZ0
5ZE1OsNdnmMuLG/0+AGiog52Py+OLLnaCR5ZEazc01yty4n+faMRIq6zQG/WqQ/R
YijVNeEpKf/rVttfkvwwLEVfks/ZepFqyBtyxTLoa6xuqS/6jccvvurxqzRyV6/5
e0ONLbNEtr/xA6ZsraE2R5Bwht+GR6dhLSW61lY6WV+RkUiSeoxyn9e5c+UnFucd
VfP/dOsxFntl4Q47nGQSJTQBOCaN5NOgvbrYWGIQkhHGae/ScDhFeedsnDbXxizM
vat6cHRVzl6qqeUeGCiY0XiuUuJGR6c3xE4WCOux1CqWX6eUOR+zauT9R0McNDxv
aNp9NjC8N5Da+pGjas4mdPf29kAfNGm3N3WwnHEecxa2l4L3lhvML5s/cYv/MxFV
KcoO5uoiDuh66e61pXdKJIdwb2jYRFN9Wv4CxCk/ZC5O8z1mUjdo+VIl3l73ez2T
iGkEExECACkCGwMCHgECF4ACGQEFAkQbxxUICwoDBAIJCAcHFQkKCAMCAQUWAwIB
AAAKCRCshZNisEE7+jsSAJwPVfY7TDIis7GGdOH84FT8d9NEVACfc5f/cGUIIBQg
GAxab7tcTnZCnw+JAhwEEAECAAYFAlIdB6EACgkQuaQI5x2qyXTgRg//VnrtK+K5
6bPjeQs62Lv4yWBbrEN4VCWd8H6k01mQcAyBuqwgU3Yrw8g9PwcYNyiBZ9bdOg30
TzXVQl/VvkY91ntjOcz2Nhizeb+ZvVu/6xAEZL9x2rjasisziF6Ttrt9mrrazny9
t07R89xMHH98Pz6UPfCgU3V5Xyq1iMusUukPzvZNbKNKltC0AOAn1blvWgM92UX3
OCqa22WdI6cuF/2syNwiPirujMIp36hLFHSW9uMB6Gim3xw3SHn9FPQvNjWtF7DR
vUTwzxlZ6bYYcvl50xQq2nSjBnkvT/tdizhO1yeeCkqs/3faVPIXnEt3k5/LipP6
R7jmz2yknKttvHmB7/nnnMVVGYMr7lA4rSbmjoY9fLI52tTnS+5ZfMF7zShHeNMG
6DGBhyNXUcE613SyJAXLvbsy3Brtp99gagLFZjgnpOONaAZo0DnHivvi0XPUWCKh
Najg329LoF/8n9owaX1iYCcGyfJhfKuLK8P/kBUDRdDCwl3EndhVNusbGUVOVOLW
IClsxcXBBeVuve4fyTynRk3bD7bikjNS2clLRxQcxaEHoQh+wt7yd1ZRa81hZnFk
z+TKSoMiwncBVR2fxEV2kCI6Isd8Kjpf+CX89lZVjSJNcZnOS+mC1UGs0nQ2w0fO
Ygg26CXAnAF4sYBXEjvfUAjkJvznYwp8JIyIZAQTEQgAJAIbAwIeAQIXgAIZAQUC
Ue7oFAULCQgHAwUVCAoJCwUWAgMBAAAKCRCshZNisEE7+uGiAJ4phWqLFJcC2mlr
MdMVz3PpI9fG1wCdEYn82hDClihbSs/pt1KpMx4VrM2JAhwEEAECAAYFAlIySJAA
CgkQ4Wb6EVcRORaQlQ/7B7mU+xcB5evKdRsJmqv1BXIpfL/ViMC8I/I5Hwf7U/2A
4HCNlwWcRRF402VlIvzur3sWlJ5mY45fTXCwwdmDyWeoRPLp11rRPxQax/U+2Oim
qiYL1jsz/b3btxYl3xr8538Flo94IJ7o0HdDOt3XsnH1onSUwmPAXx192ToQ7OKm
fKKBb9uOVYhw7dhprWDdpvLnXIeR4ZHyJD52bXrpx4TVHTUWbymKFa30H/zaU0PF
2aH8fPgLFv1pc6EEyFNnDClCf24lPmftAq0BSSGLuNPf7JyMIL8IFewudk3Ng6XF
jmUZSq/bcW/Z9u9eRsunghHuTKNHWI7W8b4yjEstjFQ1qBeT5LpSdGY6axzG1EIf
sGZLnytyF8Zm2Cv2RI2kGHlqmTNO63Fgcb1/IvdqzuDhCfsxo/fF6YO49MOm7AH7
3es1opqAm1vwoOI/xwrU0HiVgc4xaoB4qGR/BjHIdmUyMs565mirT/etuQg8FJKZ
kzseNu/TlQI7kixTW/4vHc3fcb2pbPeSeuY7LbDSrK79E1agbUcieClxEJIQowhX
EqzRK/wsBhmjhd+hFW6177m7Cti23Oir9IawgbYAwVDEiN7hwaR0FlVsS+bp90Ns
d1w++e8WrwDSlVx5jIZywm6F3YjXCs63V2bII5IIM/L3FACQFxXudBlto7sMv+W0
JkdyZWdvcnkgTWF4d2VsbCA8Z21heHdlbGxAanVuaXBlci5uZXQ+iEkEMBECAAkF
AlEVrgECHSAACgkQrIWTYrBBO/pZuACglq0zUvvZlNXQFX0lyPrlNUDNaaIAn2U0
qvQaL3WLWCjQmIbWnT+4eQBliFwEExECABwFAkEFdbUCGwMECwcDAgMVAgMDFgIB
Ah4BAheAAAoJEKyFk2KwQTv6XIUAnjXZi06Mv78I5lFI5u3l8/hw/6dTAKDQRd8a
m07yPQy7qQ68EkVuN/2s8ohmBBMRAgAmAhsDAh4BAheABQJEG8cXCAsKAwQCCQgH
BxUJCggDAgEFFgMCAQAACgkQrIWTYrBBO/r3ZACdEE+stPwVZck/IX8bW0/h4jsa
BFwAnjQCl4KN6nYgyMVjgkmFpsF+9apjiEYEExECAAYFAkEFeUEACgkQ2vVMTGU8
gx6y1QCeJdatTaMoNSHFTpHafoSFZ4XKTOQAoJF8ZGdhJKR1oMAME9g3zgpxYjb5
iEYEEBECAAYFAkO/dDQACgkQYGHA/xAKlQ8NwwCfZhlmfZFqgiy7vE8zpffWqKLs
vKMAn0xChPVluOUIpeIa4TfkwpzdDG4/iEYEExECAAYFAkO/jU8ACgkQlKx7Dv75
3XLiQQCgp2WvlnZXbt0jmkFedctZjzdHdZYAn2zjxqTmznODbeJ6z6AjkWSde3Qr
iEYEExECAAYFAkZCTCAACgkQvCEYTv+mBWe/JwCdEOgrJcvIfII7IPb/NGC4a8JC
I7cAnRTlJPvKS2ruIwVU8zRuDPM9lvRpiEYEEBECAAYFAke8dNcACgkQ91hV3lO6
dzGpVQCfVb0eV7bJ33xVZD77LGyj0AtYulEAoP3/12XqbUY/R9S7x9Hiyp6CipPp
iEYEExECAAYFAke8dN4ACgkQ8AA1q7Z/VrLh6ACcDONWI/UB+ukw/U9CLyP4YmrH
Dg8An2WXP6cGSP1ITlN30jx+Zg8fGRJOiEYEEBECAAYFAknFRTEACgkQLLp3j+s0
tdzBhwCdE7Y8lQ/HwyNFfWWkhdzAEfhS7wsAoMgyuLm09lC1ris7aGDVxsmVys6k
iEYEEBECAAYFAknFhmAACgkQO50JPzGwl0sURQCgoOqKkd0RYyXRT77p6HLMJXXQ
9CkAnj1VLpSLZEjLwafUlxV07jRg12aBiEYEEBECAAYFAknG468ACgkQN+HBdXAJ
atGRdACfXT5WopL1u8EuhKkCJjRxbDnJOhYAnjCyF28BYGX9ZbQXleN5mF8l8xNw
iEYEEBECAAYFAknG/NIACgkQqDKTP8AvU8WXfQCfSm1PoIdF+vvMoVCcskkiKcax
xrAAn1QmPJt4h81pSGYwf2JszWCtcP5PiEYEEBECAAYFAknH+i8ACgkQCRwR0q6G
ALYENACfckTT3yaUKgkNQavy4jfFOXbVjXYAniXIYNqWkhrDZ7NnUE15u8r2amOE
iEYEEBECAAYFAke9+DIACgkQw59SNOwW/7MVCwCfW/1sgPPfy0prq2M7uFzyWq11
PB8An0H1sH0z+q4/UoMnyp6Eb05142YbiEYEEBECAAYFAknM3xAACgkQUjSEXfK5
IPXScQCg6D2j7hqxqGuF2V0FUdX/x+cnN3gAoNs3AtmqstpC67NpTbcelAjUCO1e
iEYEEBECAAYFAknQBaAACgkQuuui10VsrVHfgACdF1YQ8nkVOTkmF/CdO1JTbDt4
9qMAn2WCcRr+OBIEAmoXdLYczfa2gfA+iEYEEBECAAYFAkoqvjEACgkQwVZrBISf
qG9JvgCeJHeZ59+P+OAZmBf9r1gazvFbABsAn0gyrc9PWkoAUNeIOp3qXerhO2VR
iEYEEBECAAYFAkoq/iIACgkQH7RH36CJtsnKbQCfYw7YOSWT+hs6f54G/5CNgbF7
vyMAn32Wx/Wb0FBcoHOBHeINMH9759bAiEYEEBECAAYFAkosd6kACgkQ8wVamQKx
wLlnuQCfd3QMWOlWBgaxULjkOZvLGTKY/k8AoK8+1byObidHiaUo4xTeQEuLaPBf
iEYEEhECAAYFAkorRrAACgkQ3khMMfgtqh1FnACgs8PU1TtDY9qXbp2rvqi7BE6C
lIMAoOeDPWbFNSAZRhFSqmHCUBsOGArriEYEEhECAAYFAkorTG0ACgkQilXfypic
VTWeBwCfdCxOA8D8T1jnER9YnKpb4c2R9o0AniUHTGImrNTbbBA/KS/uKYxOKCqV
iEYEEBECAAYFAk2FNcwACgkQUJT6e6HFtqTBLgCfa9MTF8gT7bHqPtzMobmZQUsj
m08AnAkt9Uz7GfIewZkTjFqNCVnzllP1iQIcBBABCAAGBQJNhiNuAAoJEC77yX/l
L6ddYoQP/RQU+zSMODDiUAewpRMPTxD/3206/wsclXJZd5YayFAIszrXvzzl7xak
E0V+jXt2AdXE5jO3dbMeqxOMxpp1FQQRbFqHzSO6z2ZaKjDl4GX/lhkBetCVpaGy
FoA7jfDxmDt8dCCCrfBFa7EaNd5qz00HJd7DvYOfRZjiN6At56JFNrqUe8P7eLuh
7NirsLCqSga3+5q+4BZy9eK2mdoK8jlf2FmVzjGWorRZwEAdZPftMECvWjnxL7nl
WX3d2yvgWNo9cSHlYnNsSr9gHwb6MQ/3hrmE140vH+nJfuspjPMJJPL2IzFvkmpD
sczmP6J8PTSdX8gtGLE6eyLkN42zRgYOLkXQC0kQALlS1yI/YsMlKAL2abRqb/sF
4Mb4+d1iUfhg3EbirkjwhgSW+EhVG/txjKKorcYVxymwp1YkZOXXGGFJI6Fh36hl
itJVCUB5evRs93eL48185KXmCWET7MGyfIHgMbFN/7X63u+FBwnj4WV9V4F227an
WVArakrC6XixHr+l27tH/hQVjtf2EfNLDB0va5ivPrs8xw6HDQUZyuFP88qcwRIh
xAv9AbA26tfFzxwNv3lnuFkPc9v1NIhBL4UaN/IgKWjfCh4/VxJCt0Svc1ZFvghF
76GVfU4EWGIfTrxFv6JZZpD1Bt5EdxX13Ii7QNtyc2upfbqMBACjiQIcBBABCgAG
BQJO6mIqAAoJECnZ7msfxzDB1nkP/jI9qf7yuhDid3QfVxTszudciiFUToPz5XvE
pK3JR67MSKWsf3oHySsTgFpI6gw39RMFXSTZv3HhunLVd64qPxTxGnC4gtDFsg6y
3tT3BtNt2gpSNpHQfn5ww361AbEDvevYYrlqjEFq5Y4PQQV6l4zwe8bFuajmX44t
s0bZY9MqbWutzhjS72cB9X9hDJQMQJVh7xlMdu1S2XCq6iT+9ZCIJCI6uvBrjgAo
JKsT+h1DqeYGxdEZ8SJ3kJC8871z4JObNoTDEk32X62WGy771HKQDAh5sDRSgnUN
HbQ2xyN5ojE4/h3pnlchzia72y+D5cXu3zlmpo41xadjt6njgXidvZ1Jd8xsTwY6
2wVZYsPT97NTp/FETbLjgVqRYOmHym0/C3v09vywBAaiiAQqRrihz8ORT2r2UFGA
HN1XYWs/EhgIFvPD+Jx63WGeinhSa6q8GQ/NyPsldjAiTDsns+DUIvSV28H6XfAa
MhDz9WhnsVswIcyQ3pJRqDHiCdgIVM3tJuQa5LloRuIzMNMens1Hew5400ELp2gF
YeskQToM/2dvB/gmYxCCap7fXTsFAw05kOOk4kTku51irfkxvCi0LV/Sq7v8OKpu
VNAHUxsqYFBahxtt0X8rpuWI2KjZdkLwGlZL7TU5p98ZDmn1qUUNvdtFDEVzVZgV
4E9wx987iQEcBBMBAgAGBQJQnAp9AAoJEJ6/8sItn9q9YCAH/Anx/Fhdl+v2Jtst
XG6dJ2aMWJTJvVYpOZ7lwpvaYfe8+Hd8gmGRKMp4PFKlO3TQFzfXj7u95BjVt4z7
dQqy4x7PRrtX+ZTiLsY4DD4QVoeJbLl3MWZK00xWedU5AJi6DCZv8jJdJjq0nHjR
WtoOxXATipA0j4cgyHGRAsG3ZdTHdopYsFg7O7FLJE9teOLD5j6Jfq5gyAGs01Qd
BuqrEAPf0HRL4wldPU20yxPoS1VSjVESwBEvXm7FVUp3TGqfDaUCfZ7WbEObuu5s
MZuY94iUuruNljFe76fa+8uun3boJ4xMpYjJJUkw7M9xeLE3n07yoLzw3qkrSpHN
Rr62sTmJARwEEAEKAAYFAlGM5CoACgkQdIELASNGyaa0bgf9FKx8R0O5crt9unLx
Jixqbif6zjJfG6xY7Rj0MiLFEvgnrpd8kttSv7zKOYZuOpr4gy/GxxfOLtSJ6IWS
hUfrs/T0q72M4QaVYtW0TW7EQ263F87WN2CjqELeW6prNulVXTMxRj0QT4pPRMoT
HAuFTER+vUpVuZ782WMz42WFn27PZtWd6qN90IJNr116X8DL6DfsSYlXSV3AFBhS
PR+ln+dC2M0Qn9s8zJ8msQOKxERf8tp6p88/3Rcapi847afNnbX8qtQgAZX46piJ
GxqJeDIoKhqC41rHXxAv0OkXHeZHuHREzd2wNUTQxnU38UyENp+XyId29irhnwe7
AyFl/okBHAQQAQgABgUCUZXTwgAKCRB/qxFCZ+T6BCgFCACQ+rzZURKFQyqkyg1L
TmKBqNKb6QLdL96ejhEGdThqd6Vrik8uZK/3rNXPKM0fFSa/jvkTGLngsu6GQKB7
pynWfFFDriZdFlBLjFSJfk3erG6jNqzgmeMJcsn5Z2arlj7eH/koYG6Xybl5L/We
FbHM/KWenaqr3xsWp4toXIMVK0km6J2ClipoKYjRyN6ZKvW0SOo83lEDBM61LtLv
ob4Eg8i9yLdWj4/wS5Eq5TXKvOZckjxqrGr6xpKz9Lf7cKSFn4iVlUyGOGaCDh3Y
eWB0iIwBK6QVQb703uepLsGsnDLdpZgHdlfZuJaobCTPfXpKOW6U+ZfxgCesZzlp
7zH+tCRHcmVnb3J5IE1heHdlbGwgPGdyZWdAbGludXhwb3dlci5jeD6IcAQwEQIA
MAUCQ7ijGikdIC5jeCBzdG9sZSB0aGlzIGRvbWFpbiBmcm9tIG1lIHllYXJzIGFn
bwAKCRCshZNisEE7+sh5AJsHGsTdF+0YapLwR6ealdNWlZXuAgCgvjNcVeQ5JwWW
752/wYpjixv1phKIRgQQEQIABgUCOE8xXQAKCRAaMIFTfX/T0oHpAJ9/mUWYOaIh
OKO9EuTpRHN2tiRI4wCeICLi57kh9pBuIaO1189KObZebLmIRgQQEQIABgUCOF24
AAAKCRBHv5FbfZcFiZCgAKCVXquOut++/kCdM7kH/TQUvqAbGACfZSxjPKVSWdVK
dQUftxd8O6QWvKiIRgQQEQIABgUCO6gRSwAKCRAT1SVHgh0pCYm/AJ9SdD3DPF20
UPRYXCcIOXOJk0/xAwCgkS7fXEGr2AfSutl4jzfr9+MfChKIRgQQEQIABgUCO9Uk
IAAKCRDDyNwmetdO0IRRAKC6CVdDNuogBtdaaByg09cquNPgAgCgtCbuSaiPY8hv
FSwG5nop7Fe4o5+IRgQQEQIABgUCO9UkLQAKCRAlC5BzRH4S5zTtAKCaRvGKJ8nd
usBoSxQAMWftQMcKHgCgvo7N8SCPoYj3i2sw1Il4XMqI5HCIRgQQEQIABgUCO9Uk
OgAKCRA5bK7rT6WnUm3gAJ9HzzUA4Nqg7I+xygpOFYNo7b37WQCfYKkD3z8V5dtr
6momCbvxq4y9gp2IRgQQEQIABgUCO9UkRwAKCRD52gvIgLGfjKvdAKDjYirko2YS
pFEhXhEgnvx/aJ9cHQCfWxcIB2352NX1ciZV01TEn/33muaIRgQTEQIABgUCQQV5
QQAKCRDa9UxMZTyDHnYYAJ9srneINrgGdeJorA6+Vu4MWcL4HwCglAOWmezb1b1e
dIAQsdeILI0pesuIVQQTEQIAFQUCOD9UVQMLCgMDFQMCAxYCAQIXgAAKCRCshZNi
sEE7+o+6AJ463zIhPZ6eTXSA5C/hBWw4MGo6NQCdEUz49Jiyb4tLfy0QbGujCZxD
3qCIXQQTEQIAFQUCOD9UVQMLCgMDFQMCAxYCAQIXgAASCRCshZNisEE7+gdlR1BH
AAEBj7oAnjrfMiE9np5NdIDkL+EFbDgwajo1AJ0RTPj0mLJvi0t/LRBsa6MJnEPe
oIhGBBARAgAGBQJHvHTYAAoJEPdYVd5TuncxWWgAoMqCeYpI5uqZhNkhL74WDxDU
NYb6AKDUkYAiHKrxvvZERKCgZmpN6FfkWrQnR3JlZ29yeSBNYXh3ZWxsIDxnbWF4
d2VsbEBtYXJ0aW4uZmwudXM+iGgEMBECACgFAkO4oz8hHSBDaGFuZ2VkIGpvYnMg
YSBmZXcgeWVhcnMgYWdvLi4uAAoJEKyFk2KwQTv6AJ8AoKB6moAYS6/0geQcOBaM
WD/kre0bAKCmS3cNJSKVfk5tUFRE2P45zZTOJIhGBBARAgAGBQI7qBFOAAoJEBPV
JUeCHSkJqIgAn3SYWbpMQ7G+ZlD9jFeqC9DNB3SBAJ9CIM2fAXTuWcx6FrCDCgFs
WMF/YohGBBMRAgAGBQJBBXlBAAoJENr1TExlPIMeHSoAn2Obxo5vFplcKvc6yiyO
Gje4qJVUAKCgl2+43fBzCOROMmP6UYYwL2DTDIhXBBMRAgAXBQI6ZEc6BQsHCgME
AxUDAgMWAgECF4AACgkQrIWTYrBBO/r2KwCfWlRc/yk5Jbm4/do+4sbuJ3W5R7EA
mgJwQP3ibL+vIzpGpCSsT5wcBKDhiF8EExECABcFAjpkRzoFCwcKAwQDFQMCAxYC
AQIXgAASCRCshZNisEE7+gdlR1BHAAEB9isAn1pUXP8pOSW5uP3aPuLG7id1uUex
AJoCcED94my/ryM6RqQkrE+cHASg4YhGBBARAgAGBQJHvHTYAAoJEPdYVd5Tuncx
D7kAn2Nl6j43WQYVLVI/J8Kw7onREi3TAJ9GZY8KGquDhzrByZUkDMpe/gYSMNHW
1tbUARAAAQEAAAAAAAAAAAAAAAD/2P/gABBKRklGAAEBAQEsASwAAP/bAEMAEAsM
DgwKEA4NDhIREBMYKBoYFhYYMSMlHSg6Mz08OTM4N0BIXE5ARFdFNzhQbVFXX2Jn
aGc+TXF5cGR4XGVnY//bAEMBERISGBUYLxoaL2NCOEJjY2NjY2NjY2NjY2NjY2Nj
Y2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY//CABEIASAAwAMBIgAC
EQEDEQH/xAAZAAADAQEBAAAAAAAAAAAAAAACAwQBAAX/xAAYAQADAQEAAAAAAAAA
AAAAAAAAAQIDBP/aAAwDAQACEAMQAAABv7cqe7uDdHgLsAGcJI3uwC7NHvdwuzcZ
mbwD24HZuBvZwbncHZq0HBsk29soTVjvLEV+eeQet3mkz2i8pzV/SUVJZuC7O5mZ
3BvAhNkepi8TwASxxMxNoJbwA8lbNGSyBvoy01Du7NI7OwO7eCNQqliGbN8BuTQy
sk1uec1In0QT80PQWEGt6kdEmufQdDbpn2blT02xpqxeRY7mhRaqia0uIbNwk87d
QAN5OOP15B+eJ5UP9Dz77g87NM/Pjuhik92DOpFKdDFNVMYhM1aXlsT9TlMRw5Kn
bkDwnj9byql1/k+npk3u7SPCFdEWnDAGPkqTq4GTT3+cybfEt4F6HnXNEl6M7Jqv
Nc+n518Q03RHpn6OzU65eIsRmszViO2H0k2mbp0TQzk1IoQ0qyR5VGjsMwMhI8/1
/MCB0j7iyrz7Ljxl0pEkSxh+j5tydlElEaUaBJjJdMEfHWqna4YdOiVTsVs4eC3i
uNvnrqPEBsrRlrhz0zsTsfK+brObZp0wCBUxMV2KXydLoKZVE7ZRQuVXvie92mfn
ymmX1cLBlxAqookbNV4s5ps1nJqcTABnGhHPXLCJ0Y8vgv6Ocu3LiTzPd8xOEaFg
JqNOg0Mm6HTHFWnM0Hmho2kvZDnOJUExDSfYh+2G93VJT0AHjo9eRODmJBxFk0Wp
5N7JdTtbF0XfvnEOpC9DnmyocWdtjvdwF3cCpPQWjwR9BY1uW9OVdAJrx2pq6g5q
Q63KoaqXzQ+R7PiXAWTdrlacTHNjvOdldnTjU1LBjFSvlHot2aW3XTQNMs7Aywei
ElScPDtlq9Cpbd5voiCjGYaORbLFSrSreBanam58tUWbB6KbwYmaxmpdIotcy7Ma
3CAN9Tz/AEHOZ0ia0iIExDAMWrTprlJP0cUUX0p+ZUvRnVIYWNOOZgMWYhSaFtOQ
0gn30Fy4VsBj+QQWMkqTaS5k8T3Ndmm0OMEAwxDN0Ws7uD//xAAlEAACAgICAgID
AQEBAAAAAAAAAQIRAxASISAxE0EEIjIwQBT/2gAIAQEAAQUC/wC9zSE7/wCfJ/UX
KB8p8zR8w8rFmkLMfP3GSl/q5JEvyEj5LdnQ2czkWJlkZDdmORyV/wCGSVJodass
ekJiZ1q2R6IxX+Hykp2NjenekjiVqtpi9R6fllfbRL2etcRYxYziPGPGcK1VaiL1
CXlyfO2yTPRRGBxEhIooaGhwGq2pdwf7eGXJS9knUbL7j2JbXjROJdEhe49C3l/m
f6jovUF3CNC/xoy47R6IXJrbm5GRty3AQhass+izkXrNCizG7a3USe0R0ixzZyZG
XcX0vTGWxSZL9oyj32iLtac78Y69kYo/UnxGQkR9SOkKURUxqiYiElv7aVPePSHk
Hy+OpXFOvuL6Gncox4cpKUJco5OmiHbi9Oiz2PWMSOLZHFQojQxe47ocExQ4n5P9
JkXUoO34MRD0heEhEJo5Lx/KQhCfcXaSbL2iIhbZkZk58ccJIy45tYuVb/IX6fYi
HS9E9oh6QhbnFM9EGNkWr3k/nicWQhpum2RONagxCFpyHIqyPR0NEZbm+mY95I1r
H7yLqhCEIcj2cqOQuYuQ3JHIgxmR9fcVW8ku6R/J7T0hC1x6+EUdI4nxxEqcmSYv
6j61lVSvUJ0S0hMsW0vGQ2Sfcfa3liNeKEITL85sk9Y14SVk8bT4lbT0mWRZZYmc
ixyJyGxEF45V0x+FlllnIUhSOZ8g5jYyCF4vs4IliJLjqPcWvCxMssssRCBHzlGy
ceKk71iGNeF+CRCAl1lnKOSLkLK0o5LPk8JR5KeGhYiK4yHricDgcBYzghQEhujM
uWRIfrH2OIp+PHvJHoooSEiiituROZ9kmY2fSYpHM5nM5GXKoi1QkJFeDkTmOW2Q
I+uJCFn/AJ7J4nDXMkQfSF42Nk5lvwZD2l+pGVCzGb8mNNt6ZAiLwssnOiUu1K/B
mJdvV0SytnNnITvUfZB7bJZonyscr2nfhj6HLWWfhHX2vUX2mWTf6lFeClr2+SQ5
ksjYyjiNaT1AaIsbJvl4VuhOvBQFDtQJD3yIyFJPU56QyMuJJ290P3r/xAAbEQAC
AgMBAAAAAAAAAAAAAAAAARARAiAwEv/aAAgBAwEBPwHuoqPJ55VOW9TRQx82ZaLW
ihmWiFFzYx6LgxqVxb0UpFFRnKhTZc56LZDMtriyyzLjQsSjOaKKFCixsbm1DcKb
L4Isb53v/8QAHREAAgIDAQEBAAAAAAAAAAAAAAECERAgMBIhQP/aAAgBAgEBPwHu
8WfT0eusdL2ssQsPiiPG8IjqyhLNCFweqeXo9Uucd0N5RHmkLjRRHjY5FkMqR6Ly
8qIlWXFlSsUMPFCQlxoS/F//xAAlEAAABQMCBwEAAAAAAAAAAAAAAREhQCAwMRBQ
AhIiQWFxgZH/2gAIAQEABj8C3nNWJORm44xdWxiOgeApGEqMwpwPdTBY/uA2dXoe
EpVPBegrzXmrQgq/gbm+jqpPKjJ/Q4PTlMeSh4oUHFKD0hzC8BhOKywW3ms9MbOw
xo5WU0W9i2nbbmkLJcNIUzgGRBVsMECHHWSneQttbLhOF9uS2a1vS2wNr4u//8QA
JRAAAgICAgIDAAMBAQAAAAAAAAERIRAxQVEgYXGBkTBAodHw/9oACAEBAAE/If77
mGxCSn/WkWXOQo9nG5VjpSvGTfDR3olXQSVT6G0iZ1/HvWTEKSTvZqO0iU8JPQm6
y3zw9jSSk1MkkJv+FkS2yRS5DwG1Iy3ksQUwIZDEIUEFyb0MUvzbhSxotM12KdMn
LDfo9gpGCaBuJXeExskuGTQiyNPz0hCpe+hqE/pQd7E7WiYUhL0IfAjoloR+DZq0
aY1FHYkkcvKwXHA5rvrrAlC9scoRzMQhfhkuGXRKg4tExaLCmhIkeEwQ2y7G7O9l
BJ7CmFkRoSEhKzA0h9SRDkhlBZS1AjeZHcLL0XbEjuuA3QVLHD0hrEDJIXhBAxba
DcoXRHQEvC0hPovHGhOPZJwkhIGGEER7I4TQ4IiJGhkrX2KA2CjTLsQZOk5xz4ME
OJxCzofsJYSRrYzdIh0niIMIByomXayzdyMiRbEx6JJbG8yE6PS/wVJhkwNg7D/w
RwmTpQu2MQo0Jp6wlyEEEUhUpE8qDZ/wEk2dDaUGqIEoEw5se6r0SpOnsiocg7uC
QfZD9LHBoc05yLDcoHihMWiRmohDakQuCYSBJCwhoVljYIK0EiWP6iTLsQxyRBsK
LlIbGaCQpJUYk+UJiGUN9FHjFXEJqHDiyW8PY9IcYWUEDovchnMJbKa4kdE2LCxN
Pq8FRNukLSKbC2maDhhxiTgQwQ62ENRi5C8JjLqNhM5DFuhUTKxpMjwQIYcYTKBz
0J7MghbsvoYqYuxsul2WWXNaHJuT5KAoYvgxAiWw0Cd6SMDdSwo9F4aJjTF3EWlZ
W24E6IkhKS4lFBUxxxh7IjaW2yLQk0rQi6IMarVj47DOX8AxhNIbnZu9hhZSDyxO
FkgSRHilcPlTUsaNRhMTGGGIhBCYheBSx7wJZhFyQPmxwwsCeQnsiJRAsK0TtlBd
+RZ6GkjThO8lDFOLMXTBxKbD38CJa8VhA1MQNyo1sKEA8J0b4XuO6GE0liVNtFVH
n2IY3WfRLpURRo0J4iGnImIleGIvAgYs/wAnY/kbsRnXgmB6Jc6DH7bY9qM0pwsL
1Er4F9CJKEIUhYL7IEMqjQGbTJhOcwJU/YU5RaEORXIIooJYiKhuZDf4QFAnOA4d
RBBIxVyYeheAEFsglLFAMb2Nz8m8d2WQTD3PcLp2h0iC5HlttkqjiCQiTQxQQ/I5
JbGVx94tgSlxNFpBhkS74N48WH2hsUiScHyIG7GLaT7h7QqK0ehIo2HBLHULQ+gn
k0K7wJECFehDTkbhgYnDE8rJ9Hx+DobeBr9Y/wCknEG7IlbhkQbiANHUU+ANLr8F
Lkl0QQQcFB98YGhG/g6UUlEXEx8GQEwyTnDFhRgl06Q5xs+RHvD9hlJob65z2DGE
JWQSLs5NMTFgreTRLS+w2f6GmoOrKFzJRRHo5vCl9nH1n//aAAwDAQACAAMAAAAQ
m6MZ/XSnFJ1VBVTiU3nEWIzdROKxMZlqxDkeq3aVfD/fQBOSsaI/J85NIJotvo5h
j6OOSJX1cU5bIWLez6Cw9f8A5lGePKJNlp/TYlWtE3PBk5/RsDHQpSikfG1qFFEA
zQrgZtGOHA56N2ATsBcLIjf/AOlO/XD2OwHoYNnCC73Dd0672uDMX3IeYRaZ+N5D
WZH62naVlvNSNN20NgcmU51mfWn/xAAcEQEBAQEAAwEBAAAAAAAAAAABABEQICEx
QTD/2gAIAQMBAT8Q/sGxx9yDZsLExE8Mgwg5m8FhDwCPdkDhlh4OkceBBH3hwtvs
LHA6IILMienH1zfA0J0Q7DezkIme5OPA5bLBY2pKpLTLL34DmQG7Ge5IJw+20waR
1nSwL0erOj7LGJgrfCXvhxQw2xYwlLXu8GIMYIntNDyPnAWEyQC+ZPXEvy1aODge
MbWXhen7a/I4LZzOvA4PFnC/lu82eDZzYfA+H//EAB0RAQEBAQEBAQEBAQAAAAAA
AAEAERAhMSAwQVH/2gAIAQIBAT8Q7v8ANcnp5Clu2aiCP42XWWC+Wzay/DHy2Vtl
YfCxnpxTPzjZJZxeWol48WVtmb0OpwpsJLPezd8h3hM+zBILRbIMYMdtvwbYZIZa
/Lbb1+WUS+zM2/4Sf9klyH38U4z8vMl7MPY8TiSSWThKTwOHHqWSSbN8WF/TzQkQ
Tu++4/bEFmZTZacxxUeQLD7PDxrAfwTeBs/KWnUg3p+P/8QAJRABAAICAgIDAQAD
AQEAAAAAAQARITFBURBhcYGRoSCxwdHw/9oACAEBAAE/EPNy4f4jL8EqVKiRP8ql
ebly4eymAAI9Q8XLgwZZ4Yxlf4X5TxcYtI5ZhhPRhQw2Ex0eyGbPyxFO2/TU/Nhg
oU38wQAvyjzINrZNowAtWeGPm5cuX41RcLCr5iwSlzgWGgO4wzqXC74i2gw4ZfM7
GHICZVSNQNRTuPHB7gZVbR3GPm5cuXLS1gvqWiK6uDRg7muJ7MQJ64lsuGDaJY5J
S5myBiTqVaUjmWyBFonLChjokY+L8myUEcv8YhssK5ictyugxHLMALQqWNcRGK8c
YRIRRVMKTUVzVA1eYITJ3CzgS5UHiujiXFj4qJEQV0XXbK8NvoQ6hxXETVCq6iAq
FwKvloJcmkuHub4zDVUFrtNdhC7HUTkS1/JygoGKkGDh64hFEC24txeLHuMfKYjZ
ORihZeBGS9rzKl0rPRGRXVWwMZWFtJxE5JS5SCJS6hFduoisqUNbK1AoBKjOGKnO
oVtz/Jdx8IFrREqbN9PUXDlcQBJL6JoOWf2MdxPXC9s7yZlhRRKO5TmO2X4m2Mmm
Ny8Rrgi7k55Gfn6IRxeEixYyVQC66lHWJtOJg9QcBiMMAHNR2puATzKQpiNVomJm
UVExcrymmczgLIe42UEp1FbKs0Ey3tl0t1xHwsAGyAWQYCuIIbtbiFtUJmgq8sMG
MwA6lxUUcuYsQPBZhizL2lIC6NEFIwDM7KeHMo3eRpI5dGrGJoPEvwgaAOHUQsA0
scQLtBdLGNQcVCIsPRjSiv1Azdr3MKrzKDd/cDN9Q1XaCUvuLqYHVwIUbiMHNS1b
5ydy6NJmziHnbBTqHh6v0SwW4luFe4DE48OMEAVCoLqcoflhhuUuEfmtLQqlUmJS
JcRStVNjJ8qU6B+IsAVDhl22pToHwdzeh8NVVDyQIVrtYqRuPI5lszjagShtwE2B
6G3/AMgloGmpPvcxgDm2GWAUdN3CvjhiYaDc0g9q2CoAkzGUjomSfcpH2dz3TYlz
6w+5fNNl1CJW9L2QbBmdQC/cMGv5HEYJhDiWJUUMyhOiHLLI2dwHBlCsB6lCBmhB
UsyQHDMaOH5gjcuKcSIelgy3HcRCXpDJKOEVBA3iXYL+YbNsS+0Sz5lBhoIZrqYp
rMUv1M4lEo4a3Aa5JivmJmRLaGxi2VI8CuHZ3MhgXipfPTUdtccRUjQYzEDDG5iF
Qvq8srqJAt4l4aBmLfZq2AIN36m8apoPuKArZueyWIxXBlglAhMMtR2HEYRt8z/r
JZuG9jBdFF3BwyoNpi+PHOyZZdRoTGSx7g0TPAw6tStAcEulpfmXgSA8xQ8pZFOJ
dcTVUeowUp/ZioigOLiIl3FYNVKlrMXTqUJ4xELxMJmUEMQscQ47jin7DVz8wM2T
7il+8BM9RDQ0+Kp14hUdcwB2q8wAMQY8we+/Azqlk0AfMXbLEjLuY8xwlixeVwaP
cMq9GWL0kUOnzH7H7Fsoc8JQI25nYsvEVZMFqcxxI0kA0qVKiwMIJrY+pXQI2RzY
S8cQCuOGMgtS1qC67IM6wsorJdMtBhU3AjdI+ZQzFKR2jZMCBk6zLifMbZy9yyb3
5N288wpLiO1L6vQ9QHrOoLpioxKMepSFSi9SoFlU41LmUDMdChNRoXK7zdFTQMwZ
EoNSwOqx5dlqbQNRI5jmFZlLiTLMlObgLcBAvMWZiuWeYMQWo8w6q4bk1LNluUuc
2yqpcuA5u+IitDmmLVv5Ly1iF3fUV1M1e4BnmGpNAuVixeoarlXdytdwMah12xTC
TrEJRzC69SgHk4hrzmJU2JdsW4yzrxRBZScwV5lA4g8FwTUWynfMV07auODbBBnM
KZvKRyt74jKnbM8bwRwOTuYUVUvzcve00xnioVLVmncsNheal3Dz8MsRNS6uUL2z
g4MTE54/Jlq5qJuaj2U8ZiGv9ll3mXI3VGO5QdaYJq8y5cvzUUVFWR5Q9WWBSx7c
y9msEd+9ctCb6Ilblp+Tq+JRqDTbHUsReP7Lc2rGoq+Ki2KF7rrxSzQOKjuUW8ps
pnVxZIKOpjCv3ylxwzbiWgXXfuC1xXJ1xK9DUTDA3RuWqTMycZhgxMF6TCRZsH5B
cCu5V4+4bgojGP2GICgwGiWHKrYVLZ9wo2E7gPcEYfFkQlMGN3QSULyLmULcjdZM
ghAeJmB1NOJlvUz4CABcE7mVmCiL+9wNi/8AqILOZWKZUe5TzBSjaLcN5nMT6Mhx
8xgC37guZ4uZKqfnMkA7EQk7Jcp5lbleAjDbt2QBQBTjSQdDXHzMincx+SZY4Mzt
SoLGq7kyhDZWqg1qVYKssunJiWQGCN4ho4gDFEVV4nulcZACjg4iLiLT1EdFxDnJ
M+kob4CCitXBp2wsVMYr/wC/v+4Y4iXEKaVti5UxhQh/842+65nplXoZnpl0IlQ7
muZmYiAqoXwhKGjBOUHMrKY5HERrkeOoFWOYvAndMxC1jzLL2wVozUuEqUG2MsHA
I5tEOcxK2MVxEOdEyfcuAJeFsBI0gKkAW2w1L4fUts0PARhv7YNR7iOXh06mltni
sMQTLPaXw5dykZMVMVZbqXEtBg/Us3XESK3xHRG0lcnIpNxoJ/IZYJxKgjcRwagU
ixzHNtLgLIPQypBQsy1xHHEENm5ciFNNYg5ZGumFgObeZl632iP8bYo/Lcyzu7eZ
lbzBJDRggSUby9PEX1LiibBNB+4INtHcz6mAHFwLFPuHbklqQWIMAx3KNqIgGb+o
C6fcA+xKS8P+PKhe/UtDn1MCZl0EV7wQLhvA/kDssiZKk2Mctj/aKNbx3GNeXbcK
r/IG8NKDQ5HJLjiiXZBwAA1uCQBPOoiUCVue/wDkRgG0qIaAef/ZiGEEExEIACEC
GwMCHgECF4AFAlHu6BYFCwkIBwMFFQgKCQsFFgIDAQAACgkQrIWTYrBBO/ptYgCd
FnVMGN0733LWz2GqjkJ1qg9pvZ0AoM1ajgrnWlKG7iVMr3vibqd7P5g3iEYEEBEC
AAYFAkO/gu8ACgkQYGHA/xAKlQ8VPwCfczENH+PCM/FJW9m5r7HdcWSEoOUAn3P2
t7QBFdHrlGaSz1fkcmLtQSUBiEYEExECAAYFAkO/nn8ACgkQlKx7Dv753XIrQgCe
Ip+CjTerzzd2fcsxYbk4VsiMXHkAn1V3K6TikTtGivFbBhaMdqNI7J/8iEYEExEC
AAYFAkZCTCQACgkQvCEYTv+mBWfdlwCfdsVXNuuDl+dHsklavkltZVzbmb4Anj+b
qlpqUND532n1QoDQZIilNicbiEYEExECAAYFAke8dN4ACgkQ8AA1q7Z/VrLh4QCf
ZyEm7OkRwhUQ8Qjjbm7/fyH9JlwAn02y4Ih2xf3qkcXdHoBr51+HP5wGiF4EExEC
AB4FAkO/gW0CGwMGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQrIWTYrBBO/r9mQCf
Wbn5JfDpEb4W9Xph62TAqLyXjosAn3ocHj9/0ts98Z7X7XfJpX8EN5L7iEYEEBEC
AAYFAknG468ACgkQN+HBdXAJatEVaACffvf7tlc5YI1DJ85LebtOYg0LN7kAn2PO
I/qXZyj1plG+QNeak7Qdak+tiEYEEBECAAYFAknG/NIACgkQqDKTP8AvU8URIACe
JyV4V43XGloZZgbnH7WYp8LQ0mwAoKJIDsfb09avd0GnEF/MLFarMQOeiEYEEBEC
AAYFAknH+i8ACgkQCRwR0q6GALaT8wCeJwLY7oeKW4oJcSgEkaW2eQ9dpOMAn1lW
1xnmyTPB6vdJd9CutRkT7WJliEYEEBECAAYFAke9+DIACgkQw59SNOwW/7MCjACf
SVUj7MSZrkZ+NHfhtlTPSuzpN4gAn1zsciqRwl2n/VCSM61L2Efr4TOuiEYEEBEC
AAYFAknM3xAACgkQUjSEXfK5IPXV0wCfaN7bQMh9C9mxhjTcD1A5rt6vxmAAnim6
LiUs5+ddKpJZS0419AkficiqiEYEEBECAAYFAkoqvjEACgkQwVZrBISfqG/grACe
LIHM/fOJbAiRrMjdORFw3tqWBKwAn0PhvYma8BL0iym/mN+phmhhyDxEiEYEEBEC
AAYFAkoq/iIACgkQH7RH36CJtsnTHQCdEt/5eEMytRQsjLDSQumd7qO8BoAAniig
YEt+96qCXhXOM9HqLrmH5JjAiEYEEBECAAYFAkosd6kACgkQ8wVamQKxwLnunACf
ZlKyc/FatRcHEbP4rnfajV6+UaMAnjd/TNskE6ENsTAL0uhSiEdIxBKTiEYEEhEC
AAYFAkorRrAACgkQ3khMMfgtqh0WeQCfV7wt7yHjZ829bQHgxsrjQ0UIM1AAoNAr
e8E81ws5vOPmyf43AT8efwiJiEYEEhECAAYFAkorTG0ACgkQilXfypicVTWHeQCf
cVvxqUP5ShKXI9r/zO3UcHc79BwAn2TlCJWyKtm+TjYpAleLG8KnJvu5iEYEEBEC
AAYFAk2FNcwACgkQUJT6e6HFtqStDQCgoFbPtcA04iNOYYsavBYnOnfemKoAn2Kz
ufgoVxc+UyaKrec44RyClfpGiQIcBBABCAAGBQJNhiNuAAoJEC77yX/lL6dd0tQP
/Atoq9IonikO+g9QJQGriMaU+Pmeq6SSwKIvLzt8Pe9uaFBcyewcCre4RVDshtam
dSAPPaRdUzFAFlGMAaoIoEzhx9Ia1iuvBnLGkK+ONL99F9NYbAn2gojN4IuHKXqs
+tFJLzV9Ao6xQKn4/FftOpoPER0Um1j7M1RmyKwAuYWY3FW2vxg+df4ukYPWTckE
6SlQ9Pf4y/1+a9xzW53290jBuuv9pS4iXgU2RdTfgKTmq8JLgCqGekA3OPEVd0HA
dmIY84VVquAy+geaHBHSNR6tku4XGXSD9pGPgBbEkICASuou/zwS905109GiCdhb
ROLPU69U7gf3C2eQw/fzl7m0aOQjsQsw+l3RlGAh25FiFvf/P2ZGttOgLPsoUPe9
oI4Q5VMMWl5pmH1WY08SOaidyZjHRUqTNdT5haCOlLDPPkMzcCb0SHlvsA8zNPTn
kIurId0jdBUwtJc07bzHpGVI9xMlyXwDbSiTPpw0xbjebbesCdIoXLd69FfBMFRh
tBEOJUROftKsoL5sTBBavdTyXc3YIKHoW5CGvphPLOWH3uzVBvb/jLkz3w/qIJLZ
IxkdiQ7wzgoMa5i2vb5aGJJle/6t/5SKFUlF72MzSXJzMKIVe69bmWVVv8Z6gSS6
BHHEsMUUwlhfRmyf5uXdrrFDY4SzINCLkHY4V6sel8osiQIcBBABCgAGBQJO6mIq
AAoJECnZ7msfxzDBz0wP/3kf3Wr1zlT+E+h25joo+hX6iWhqx/+mj6ea5i1mKC8b
iarj00fHK6fm+EMSWwJbViE8nISZVFxBE1nV93Y/FLw08CW5Y19PO04dNJr7KMJ9
iOBLFEI13URsD6Xq8JmfpPx+SFJ75T+5yb7hYmtHH+OdGJvug6iun9wCLF0WIB88
Y/39ju0aDLhX0P9ZtxZJRbhJlulywb6ifZf55E2hlS+F5GwHMzYAmOz2SV5TLOgK
htUlt/KdWqeupE75rPx+8sF7eojP8yJzZW/mnR6zO4M2Tq3mqmTMaXIJ4ts5MjrK
QzS3xhX5EHQUZhpCxVVEMSn7Gzazx23xSVixL/qTEEAobXeKlLfgP1fuNXJK7qS8
4qwLEwuliYg4VitxYVLs56TUuvEqGtWgUtFQP+sRzlEKkuXgOEosz3qLnP46dt8A
WL9xhr+mDu65ECN354M7E/2+583HUi4Fzx8sqtDbns+kE+J+/hp4DO+HfYcr5pvv
BV2B/Le7+LTPssFbhCKU5RWbje+E5T18QB5MaeImUiWOF7s5O9A7spkhmvUQbMQ0
tsn3HGIYR/q44m76PUKebrIqj8P3+/mjihbw+e+S8bJ5pilD3jIc4C9hjfBYaXJ8
UI3I+eL2yeXi/ErUUpEAzoeSGsvj9Xk9IdOyrSJrsh9EZej2UxBZrp58Fqdwzxl2
iQEcBBMBAgAGBQJQnAp9AAoJEJ6/8sItn9q9xzUH/10CYbIiR6YrmM23keofleJY
53OwXve8rWgjumd+WjtGiVbVWn2e243O7BCS46NWr1zIbJGYKMT9PU7IA+eihS3P
8m/mlndljmU8tKMAH3eSKYTXlBqaWCtIibMXGWivvwaEQ0S2m20pOXlDhyQaE/4X
qw1fkst3y4zZCKFz1JPQS6Y/81r/fECekvyD7jp6D3M0jTVbNVCfdOdX+hw63vVU
M3YJP1EyQNFLakS0YgfLDTSBWyW/A7bNmLCkqQOwEsJxgMtBMkIY7xDHgyVRWxQl
5X+WRzoG1Z9ATm785G3joqMppMEvpPVzsu7XIklExJ0sMyCK3heswVHJzxhaBUWJ
ARwEEAEKAAYFAlGM5CoACgkQdIELASNGyaaYWgf7B35qnzN6+yO0x+12eKnkY1Bh
Ax31KFa6s9BSPVt3xFwswBktRrpX3wJ1ChSRW4TWxYAGyamfyMiGNspcBSrDsFCk
Jn4vuM4K7tdJCKo2wnUaLJoZs1PiJhd1aobcrb9xPTuc51O/OPArzEwrA/YTxpTj
vq+pgIBu1KwbvMsgi8wiJEW/l3gVby3dQqID7Bt7kREzaZ2/B1lzrQHM8RA4UsUg
W5c2UAicxRG/8TaPIGROt+1MxiCd7ImVTUnGsXdvzSvE17GN+PdJaIXsfuem8hen
EbQCSIV289mmRiIjJguOeXyYOeQ4HV/URlN4Y7U+Mam1Q2Gg3EDiRyhHdjJZlYkB
HAQQAQgABgUCUZXTwgAKCRB/qxFCZ+T6BECRCACGOlKdDKhWWW5YI1+yizJvZ0ig
at1mOe+mQqWo9syq/+DGQ92Mm57PkL7LI6qHCbHQK8QiJauzOL6LG0PJTHrcAad6
M0egHoLrTpq8tNpawkTIaZIiCRARvvPO1jHNi7z+/xZcX5sVlMTVBhxrOmqKhQfP
EGhQj6L2gBPobqaE8G+wXGrO1VNO55B+E54kj649RyFaOKTLU4EZgBSkGCGKM1cz
VdeOy3zYycre0wWLCNbXHbkSxA0nF4Apwra68gMF9dm7ndt0taqIumh+RpeytKQU
twwbLHQA7EQS7rf4UzcSTSJYF+WX2PEHbpg0AoQIT0mmfSjwq46mBABXTLxeiQEc
BBABAgAGBQJRwdc+AAoJEBQ8n0HY8FbdfWYH/it4gWiBzFw+YKtScjimpwGRqO/a
AP/NJqusU2Wrq81ZnrUQAgZBBX3tXa+82l1BbcZkA6ntJxOdeTpquQR1XdArTdID
Lz13R00vvk981/un5njbjeo1mZKcIxyo5GfqbhKobNIAmy4qAMsG+H0tjE3WKMSp
qJjWBV+EVh6V0Ayoqyg8KagNm8WOeT/oKBjBE+x6W5Moy4qyoLgVqsP71ULqbHI0
7tW/muRTZnoJPwwUYBOjOxlJL1+Q0zCAyyfThvJr6tg0U/GM5iuYvidO2RV1XV8V
5hfyuYq0rbeH3FWc3G3kitNw9mCzZzCMCPNYtd+tUAlHaPLMDCt/88tAYMKJAhwE
EAECAAYFAlHDa/UACgkQVA/UtgiBXxOWkw//YGs7+H2QYknkEm8VX/MvJqhYudPw
zmJvIq0r1sZnBdxhgDUG3MXzGYGSe6HvGaaanhQTAwkxTGAC48KN+nAwvSXn3RLF
qzDAYYO0ZrpiZFvjnn4qNJ+ZitEbeQb3qHIcq8o4ARcGgFU/TyNOht7JQnVS+I1J
F2tmu8FA++1E6hpxNvS+E9j1p6JFvofSMSUgOCH0TNHdKSHtXvl7fcN3B03rKxxO
Mpp9zM6wofm7/bY5IVdKJRhhjGIldAyF3VByi4ucmlv8ismOroxeVAG3u8LbnLY3
ABW56i22+dEGBeagwlhNukX3DtOyyLuJy5dq6IkpfurT+zNbC8/UltSa9llJ+o6A
h9A1nGF6hnc2JCYrss3BtfYj50TCCT2FYtcWmu3ilscmV8NMVzQqFVVXNKkp3ddm
GGuVVNmlaocRAChQGbhuVdNwdBuC5qNgtzVhPOAXROLFxIduqG8S1751/3kfTT4/
wh07Ks/lH+pgehW3ZXhri7vreD4bQBLlQyziwXpxuUjpMkdYnyt3iyGPhvFkCG5u
ZrG4AUc7zx+tm5mdK84IMyl50lJ2JnX8yLnQegthFDTBBiTyTTKPSgS8h7u+2E1I
u7d1DVMrV5/vUo5YcMEH7vbpaKlv1MMFdtFma0/DJd8o+oZ2rzFvr/EVyzYFCbSv
gS1b+1LDXirFebeIZgQTEQIAJgIbAwIeAQIXgAUCRBvHFwgLCgMEAgkIBwcVCQoI
AwIBBRYDAgEAAAoJEKyFk2KwQTv6UHYAoI2G1IQgesKbdYTGKy3v3H2TWsYyAKCy
AU83BBvaKLfT8yOAzV7roC7iwokCHAQQAQIABgUCUh0HoQAKCRC5pAjnHarJdIex
EACAxVaSHgCDZ1SAL7IFyggTnx6yf7cu+da9dDe3XC4uvX8rdBx7W43PsbG9hZjC
9fAaKebh5//dAKy97nv1llCYClFYG150pgqK2rF3BdRUmP5/rNcZ9gJPmXffQmfR
SZ5XQi9VzWoFGV+Xe5CsejlYOAUtSnZC9jkkbaZDEYmEWyfVM8qQgAK8s2DKDvSR
u5xJBOCxQEBZVOHHp+nCqZePbhrnrWlOkfHgz4i2O+5/uaXy7DMCcyy1XD3wpS3w
YyyETr5QUhFHKMNn7rFg9hxov82/lUkkV/zOQalbfOtuiSWdTrylX9J3Ca/9M4UM
H7hSWGP7OtndxIdsWWtBA1NcALuFn6KwNiZ77mtEcTHEjDtH4AjbpePWhHKdbyAk
s7v7/R9woSg93GkYxYStFIin0poMEhM5K0ZnvYnMSxVVr3s6M8qf8f470u+CV7K8
UfpKiH0Li/EvUBri19F9tpil1MQnvRQ0vuxkAyMJsLcsjryuqqog74ngTGUKTIxs
cx2ZxOdFcB3hBC+OclVWJdxVSy08gev6YHHCwNqa9+6+KogySwmrumrV6BWjB9M8
9OYkSjyEnebJbM2Jbc+tZCiKQsLTGp4xjjq7h+NMuvLFcZ7n17FJzKJNtEuBMuE9
ayL73ZaLkIH9q50PKU3XzBzATym1XVQ77iLUS6c6ryfkWIkCHAQQAQIABgUCUjJI
kAAKCRDhZvoRVxE5FhYXD/4mxLR9y1pNaafFhri3wNp0rw7yH2WIoDHg/e267gH+
+Cu1/Yy79/PnptSITJxhpnhx08nDyYT389ekmVOCurEXbdu+NORQf8uOO5z6xc74
vCPeWjqSx0wlmkvVdOD06JPvVzTvBH5KFu8ZEtLW8hpKZcDajM4pSMW9sjgCDYek
qrwkNp6+N2Q0iJ/GnVHrJ3RX2jr5qDZ3a1fJjdaZkhtZnFjU1LMBjp+ruyJqUc1Y
8QbdxfIT/5CZN4miyKAUKukF/+RTuvUjtwFUYmCqm0qdo9G7YNQAug7ZsO93XSmL
8+2QbCcM/GRmo8FiJdeQvaD1XI6du4Z+xpVKX/fQW9alXXxCzUtjI9WPZz9fRrjY
hBww5YgAc2EqbE/aHZzgxm60k+X7VDK57ViVnPMWW9moDldTuXOvF/CryC4fXyS4
SYsmL4MJjj0xascTFEbbRhoEV9O8ZpPDuolYN9osGtCM+0SWQVdax28QZTN3qvfX
VVOpcpLHnZxYeiY3I0uwCXj2phokvqYfHfZpusqwrx0B25iAyukFWKPuF1O+ieVb
fZVzCmar1OHkYdmxwaYYIB95cNldAdbOi1R4paTc7wYU/P2/UdRMQFFp3x1oTsQ7
Q7rs2geQQihxtO7CllGK+C4ckZHYFno3Pf0LoXtZL7DeW9Fv8FrFM68D9M42yrP+
8bQoR3JlZ29yeSBNYXh3ZWxsIDxnbWF4d2VsbEB3aWtpbWVkaWEub3JnPohKBBMR
AgAKBQJGQk5ZAwUCeAAKCRC8IRhO/6YFZ9A0AJ9T1mZ//H8/TRCaAw2OGYokTgas
WACfSO85K4lCPz+I8YGnhg0Wh9Hw/qGIYQQTEQgAIQIbAwIeAQIXgAUCUe7oFgUL
CQgHAwUVCAoJCwUWAgMBAAAKCRCshZNisEE7+uS5AJwMCsYNSQridGSO2BT7k6jT
DziJXQCgj/9SJ6u5ZzsibQ56UeXftEO4LDmIRgQQEQIABgUCR7x02AAKCRD3WFXe
U7p3MaxBAJ44YbLFPMqYDln2pbP2c0c/PwLAVwCfSuXASFJHGkliHL+UkUh2Lx6H
EYiIRgQTEQIABgUCR7x03gAKCRDwADWrtn9WssFtAJ9TySvr1mTbtynxhNTqmTBI
wJqT8wCeOeIxXamzYKe6BPj/IZ6xSLGbvtaIRgQQEQIABgUCScVFMQAKCRAsuneP
6zS13DtAAJ9MGEynCuINOu+/1wxZCJn9LzMdmgCeLqMM6Yxtratu9C+yRGzy+UdA
uF6IRgQQEQIABgUCScbjrwAKCRA34cF1cAlq0dkqAKCBFt4OWFWdtEEMx60xiPWm
wjGwAwCgnjqqPw4qV6kG4Sk2L7FIGf2jAFKIRgQQEQIABgUCScb80gAKCRCoMpM/
wC9TxWVBAKCWvwQAAa1K0qblVY35Z8btofnknACgvmtNCS1Ooikfv7kx/49BG8iD
2ReIRgQQEQIABgUCScf6LwAKCRAJHBHSroYAtp2LAKCJUH2UhNGSq5KE9Pe2yTfj
tbWchQCdGvM/p5+MOTd1KxGzA5pMp8ADRq+IRgQQEQIABgUCR734MgAKCRDDn1I0
7Bb/s6IWAJ9CYQloInEzAHg3QAvDqiZcLKyN3QCfZI64gJGfql7SUd8XAMUWsP54
zd+IRgQQEQIABgUCSczfEAAKCRBSNIRd8rkg9SvoAJ9g2juK1J+zFYlevQvptNXu
CmkbhgCfWYl2J/qKAuqJi2SVwOCIQSYCnauIRgQQEQIABgUCSdAFoAAKCRC666LX
RWytUccZAJ487uiJziu+wEN/ZDNy20qoSML9TQCcD4DYuXysSLc2PhwOmZGI1y0y
3g6IRgQQEQIABgUCSiq+MQAKCRDBVmsEhJ+obwvFAJ97r1QZ8dQNwt7o5EfrKXvg
9eNkFgCghEPi0RehmYt37qxTXUgQpLSEM++IRgQQEQIABgUCSir+IgAKCRAftEff
oIm2ycYMAJ9FkTXhxyfDOLWc3a3EowGAnrnsxwCdGXFoskUiirXxF2bvZzRk9TP3
qn6IRgQQEQIABgUCSix3qQAKCRDzBVqZArHAuQqnAKDUem+tt/9EZa6cSpUT/g9l
U3zunQCfaWixcFh7aocHlxcCdl0yHoNGqw2IRgQSEQIABgUCSitGsAAKCRDeSEwx
+C2qHSH3AJ0duMofuz+gWPXENcInV1tea9hBDgCdGsr38srONv83km5FTGB6vv6c
ueOIRgQSEQIABgUCSitMbQAKCRCKVd/KmJxVNdX6AJ9yq6dwqYuepeKFXjV8WsJz
V/wHiACfenM1iKPhrXBYjb3auRS93O3S2+GIRgQQEQIABgUCTYU1zAAKCRBQlPp7
ocW2pFUZAKCYXnhcMXVljeUhJ3qxAxxRUrPKlACeIW73dHzENjty0lx1YdE7Ckni
qVeJAhwEEAEIAAYFAk2GI24ACgkQLvvJf+Uvp13coQ/+MRBcIoacLhwVbkdOE/Jk
e606a4ORoE2+16JKTHmn/Z+Nz/UHylOb6Mu9KdhJB6wAiL9RR1iWX1gnN33pfDeD
Zv5GoHTd2sWMyOHhwVNfur2BjKst31NvtVvomst7JmZmX6f496zF035ISZqbCo+q
jVJddPoXzVFl7Cxg4ByJR5FS/LcTBCmInfiWu9zS5JvQyqlaRtuJuEFwWFDx1wSr
UgLsKbSjHj3Lu/m3JdAyoFK3F078kHORaFPpYSXmBAJ88AM+NSayqwGICUUwIrjN
EHvO0ur6bRmtAdqYykJ1HSM6USicIycSgBidGTmd23YteXK5XZDnZO6UJWlJrSd9
2BFQyLnoB4+o0Xd2co/NTyYq4YuRE28Dc7Tjwc9vlfEoWg08uC8DyDGcAQWwrKl9
mXj2LBh5b4MaMUk6q5qpmMfXvsU2EeW1Lw1PE0mWKEvHfpASt+4GK1Bfr42Wzbw9
JDEws7GNrDun/H0lJ+9Xt19I6T896F3cjcaR7TrQoYoOYjA5sUnbU8DPlxiGIkwR
iKFosZRgQFKpRzGKTXqdeGEMH1eJc6+B4Z/l4Ei2QDUc/lX2XD2CWFwHdp163w/A
3rmXUNpI4bkG/3PMorceRYvHiedCBWXwJ2FuUjYnjzKzzlPqmwaU8wFltoYhT/A8
iBOPQxpd/6WCCa9LyOzFtyeJAhwEEAEKAAYFAk7qYioACgkQKdnuax/HMME9+hAA
vityPbh8w0C3qij6x2BQsgIzsYd07Yjflu3rJev2IX0r13xmPm7DEEvgtVjOxdyH
vKCYoz86c8oOvCHpzj0zByqRAOfPjJyJ+sOYwrIlosPSUegKt8xMYjC/KOKuRvIW
NGrRBJM+ufgxdZdNyyco3YnPAQZzrJJ2lAsFrCJz/w7Ip1+ljtK0YnhCdo3XpUkF
TPzGpZ13AtyOlT987fU37YPXPvrRygAoq3oU7j6Ugq/QcdP2Qq6FNie+Fp712vJB
rqFiCHaEJLpWdolwM4dDS+5SiR3PpOpMWjHIION3tZfh3h0M3ObnyxLC17cVXI3v
BjbmPVZW89AGvD5FQRuSNaSJN5MEmHskO3mfOpzWq0eR6KB+lyHx53ANBhveAjDt
JFC6iozzmWGA/RimIpQarntjxcPD0j/scboNtmy7Fk7SPWuV3LNuFVgg6tGgA5U8
SrjNZnni30g8WNQudE6HEEJexpcD6KtMjDK+UHbIVFmEtysl6baSKLuNhXaDHBk2
Rmuq5IXJTdyDPqtgF44M9gRppuN9jH1ok9JBNUcMJmIy3IAn8PHzJxSu13znCYbf
UPmxc6oEhgdtQWkNbGdaRirkJ5xSsWxcZcpylOyRerhg4rHeETw7E9npumFx6fih
BBSexpytGteI0fnRxpRIq07j4NooeGZhs57nGzi6Q6+JARwEEwECAAYFAlCcCn0A
CgkQnr/ywi2f2r0JyAgAkBfUJrnm8MyjqhcCY7Osppyw09aJu+Ctb/+r2PpHbqhf
Y+nfBdIoRds+SKh+cnkmWYwn6PDPnC6BL2cquM+/87wY00s1Mhge+2PAD+daOo9T
oVIQQ+Zsf2kHH2SamiE2IYreI+zFe7Byt2+vYf6To4pM9O8Hqwq03lE0vsXncqWV
5SG6vwte9CgQIkVavcPBXrYKXk4hoA8pg7YGGWRawwR+CZCjtDrfRtudGoMpG/QO
qBRuT38lONVLmg6Ay5upkdn5tO03mtu7jLBIEZjwM0Tw6O7oJPxR7b2g9THRrGCu
JtvPpBfftRbR9c3KYcuNLS0rHVX91AqUYcgWu10h+okBHAQQAQoABgUCUYzkKgAK
CRB0gQsBI0bJpjuDB/95aqjSr/IxfRVtEFZGx45tViUC4mAXG09zMlGvMykj8m5A
yLPFo7YklBf/pQ7grLr4MyRSZdf14Iql5IVDN36znEGZK7C0uetyc0S61uLLrfaZ
QYL+hwsg4Mhw1ulOtbYK7JfnBQwTpipSsGY8A2DtxjxXyzSCkzzH7FwnFwbECiwd
qHhX0LB2GtvbnuLueW0CXN8lnC1spszfSHV9rn2Cn4qqzJFZ2SSkPZdXqL5GzVfq
ZfE44tFcV4NVoR+c0oB5HusI8uhX2mtKV793vNE/abzSye17A0BXzqb1Y6k8pkuQ
39ue71lIx3B0lKH5RfFwWZI+U2b263LJqDeuQoABiQEiBBABAgAMBQJRXiHqBQMA
EnUAAAoJEJcQuJvKV618wKoH/RG3p4wrdDT0ePz6JeglsAzR3Ls5fFloXCENY/Ia
sK4+lW15r/sQke7VbBQGiw14n8tt/55joHcokjMIdJs4UrEyqcx8mojNvJlJ0S2V
0Oz257fYd1/yE6T7yrBWaNk0xSSidjZtdaY23hW9VAWdBkjRBmUT7WW47WLSQBOi
uqc573l1hjM6CunslpTqaL+z9F8CfNQI2+63/HrjPYPqffOgOv2cwmg8sAXAgdOo
8vrjugWalyz94YGcqqm4744dehQl6Ga7tICo29QjDlHbsAKBZE5UpWLsmegv/G0T
HlPWCdbaibk9mEg+munvjYZbDxu634GtHp6gT1iO7KIvGI6JASIEEAECAAwFAlFv
nDEFAwASdQAACgkQlxC4m8pXrXzQuAf/clEqrojF/BPHaDbYVGc/HLZE0f3h3mgF
1N+iqaNO5ybHI4eOX+bxNonJWEftyjtCfWR6Szr4TSvsiP0jr2OFZW5m5Fm5aLUX
NHcCDpASvfSOk5nL7eBB4cbiqYAiDnJ/M9y38o/zEUciT8ccLkItM/sxoXCyTuiL
v6tYBO91ur9ZvvAz+HtqXnPicABPvg/tlI2r+mllq0L4f03d5kCayuddM6Qz6HwS
MUZjGp4vDruDAy4aNibH80HBq/j4N+OWlq76biI674Harevte0mqYfpP7Eq+H/A2
MbenckMREZyMO8ERNf40saglsqPVEqSk9SvtOTCGanlWnGQezmg9QIkBHAQQAQgA
BgUCUZXTwgAKCRB/qxFCZ+T6BPDXB/9/YmqEyK/PRaJhhameGqE1eTLY31MMcH3i
R1x4urhdU3l7VqCsRWa37XPv/8CrHSx2uxWzxM4w72kqCBAWkC+CGzikvvLkPggm
VhpXYzuAytRtMDEUA1eykl7A/RDhpiBPD+A7gCznQvcFJe6BiSy2eCTVGrSYRqZC
nSfkr4VTNGS+XbjhGHrRO/Ep1X3Xv4Re2YlMxJS2w7mekccEO1mfd3oDu7q6KZF7
Nwm7yIqRMml3ZbbVwPzpwSVRLpu1jz29p0A6M4zGP0Vpf5lkHxaeRc1eT5j4uvUg
6df9hoalgMBIgTinWPsN/dQ8XEV6Txgl96UsezkXoJ8ONm5lawQliQEcBBABAgAG
BQJRwdc+AAoJEBQ8n0HY8FbdXbEIAJWr8CQe6CcgZwkIJrsf2HvKnlejdtaS5xu3
KVp7e+kQ5DGiOOXNCO+0w4f1iplXo/2R+KKS0txD6swCcKfBnGtUn6ix6PWQ7XOW
vKhD48UAtMGLQRxMDGa3qJT9ttWbRkgj/8fkMLk/PUSJ3nfDrNmUrZI5/5hNh0NG
Qgl8W674k3oZ/SRVr7Q1PnFkCIgo1UXOYF77yqJBXA594Bv2qhdXZD7y3/oTBqmk
M43Gsigt8TKvUgHEg3bDy8sfblsPLJxGL0Y/ct0Y6H9399qtW8Htt+kItRKDlVDK
MyFSGc+/nyoyf8589+AnNUguoZF0HAqEY0DmosBC6IeRXxL2sUqJAhwEEAECAAYF
AlHDa/UACgkQVA/UtgiBXxPagA//d4tESXBhu4Fh8GyYm9yxaWYEdzz/zJlj+ype
V5dR5szxwtHzd5fbzQpzW1uxpSJ52yr0pgzYEi5jqYuuOQCT69W0qBShe+XQyibF
NvaibSD8QSVqmMHTuPqoYj8r/z8Cl+n7H6ciyUNvhE1uXURYh0kNlgE2/81V4Q+d
c6TLyawREUSNJ/vMiSkV1k5ySVFIkXBvDc1U7N/XyzHRo90SXEixsTjFudYrIaoC
psmJdbGWubvH2LYo1/9aMivbU2xkVZjtt2gfg3WCZjnE9bHv4R+VDkb9G+sez5ci
5cO3caZ/a+W8qrwuiwsfXhl7VUUfVYKyygJA4cHZMgIQZT7dloOUJMvJJTmbghLJ
XEgzYlYE/D4Ar/bTvYK/VxTBq6QeI4nKvO1SfaO7Dt+eRqaLXWybfDrjOgaylCia
P1JZIJkCIfFlZNlrWMxqPDJTXHrqHf9XAFXxVIASYo504n/Ih7QF36Nt4WjdSUNP
KDhhLYmer4AcB4BdyVtwh0uDHPh7NMT98PlGx9kyDi97Z3GqSfXdPCJMD03czIYO
AeI14MK4YNjYMbgDYbshJa1cXYz/Y6mJVZ9EgBGpMLZ+AEp6tooJQ2qJfHTpm0Ml
QbRbjp58WG/HYU/yepgcr221lemhWXpqxIGd88AiaNLw0ND2HYPaQ/VWZOxyIExb
id2JB+GIYAQTEQIAIAUCRgUWdgIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJ
EKyFk2KwQTv6Vc0AoIrFVV37keAF9xwCCRYlc6r96+7cAJ4gxHEq9L7F9DrF0AeN
u9c5ZTaYxokCHAQQAQIABgUCUh0HoQAKCRC5pAjnHarJdHkVEACmSiIz3hAeSbg6
7kaqCCHNz0McM6G4d7xZKDbfRZmbS+lgEAYMlCZyhGZQmzIT7roeme5qVj4IzP95
AeDgXuLyi++V11SeCfgE0Ku5ESL/sAkKuK5G6l4A2itHf4aMD5U7lxGfWK8fHjF8
ht5Yl6CFtY72nn+CWLuDX+XcS2nZi5SN02OszKCICDHnnfEKD4ztevuUO6K71PVP
iVivuPWEqW5lF2wgxP0fp+AUCHtA4XFl4pODvrxPMZH1VU1xSf1ppl67HTZON/ZX
ocw4GvmrUL9u0zpHeaS6xNX2dbfSIyECzY+fV8h/VTqVo049KkEKPu4jsfvUnVMI
I7nKu+2FOWsFsDSDCg6aSNHk3CL/1dI+E3h398e43zDsz5K5mvzBVb8ODsso+Ny5
DwZ/b+IoORP+SAXTu0y6qEHBhnGkts1mQZrfiiQjPnRYA+xdFxKdqmCaznL41IlS
cE2egvsuELdTNdAgVLu0WRm1BNwNd6ZGyvGvLpTPp7rzsUVor2Ie5pfcjgBxpmbl
nDNvvPBubIDcj2RoASEHQ3JyhwC5hESsb9bgratnq1+e0upr+nG+6l3uNLhZvlgc
1GGfvwqPqGEWw2d0kFPLtj/ygJJLneNwfL2cjc87GH4E+B6DiUCoSAmLHcfWV0gx
72GV8bj43/U/L/x8QzXTr6jlnysJ/YkCGwQQAQIABgUCUjJIkAAKCRDhZvoRVxE5
FhN7D/i/ZXGWRisGBwLCaNEXC6lLcMcum/6z8Fb9Akv+Hew3Z2QLUtFkXVHme8yA
Wjy5VGUcIIs9Q4GlFD5BttCkfAkCplexTjvhQGCk/hqCAuzo0vXweZoOuktgRfxz
X6a4wb/bV3nMHmalDSMOwr9Gr7VK55p8tBrBWk9jZt3eqke0layBqQm5AmqOSC1F
rDVUO7uyM3IRuwU0f0qktknCuRiAuaIPsC6Hu9TBPl8hM8HXoLt2Mrth442oiCtk
HKh+CCkqhckzQUUjQQzKKlSE+kSq9TYSPnfHurRP4WGirAkzeU3VzGVw9JwyFqPr
N6JvDTj4pATwQaYoAAxJfnCuC/MY1SJqQ7DPs+HX/9d2zZQtDyvdt8Ml3rSA0N3n
i2ue+CXM2nOtswfqgZgi3iPDgsrSIn3TEpjO3rhFgBZGVMzcOQfcnHYgLwWxrDMu
+DNfqtR8JhMvptSch8fUZeanEYEsqNC7tHgsyK8KwWhwDKr+iFyszJtvLMwPDKGp
2ss2KvqW4FNcB9msOGKPweKsLjYFzzusl2E9QaWmsY3EnJt+35qd1jptuHrKahHo
jLNZ0hLASIYM8HLgyTnGV3L/ZpmFMyaKPgpcRyAWyANA6geVFd2GDoUWpHcmwphb
NtH+peahqb/6FIOTjhAwctUA/cyXSNLlmbO3MBo7vp/oFX0qtCZHcmVnb3J5IE1h
eHdlbGwgPGdtYXh3ZWxsQG1vemlsbGEuY29tPohhBBMRCAAhAhsDAh4BAheABQJR
7ugWBQsJCAcDBRUICgkLBRYCAwEAAAoJEKyFk2KwQTv64GoAn0CcwlPD8zx/HHY/
QsTpUiolEzSPAJ48z00eU9eUz4Ch42p7sc5imcjEZIkBHAQQAQIABgUCUcHXPgAK
CRAUPJ9B2PBW3RjdCAC/1aSpOwhfw7SSHFIcS7SMUoavMJ61Q9/b2gLKBpk4pjbt
J3+3ZB+g+SatPY+6mfwqZVZUkpscQuGSryE7SHXMAANX0BJqf0X3oZisk+vAUyoZ
TTdB44disDl4ZFgsGMt7525X55FUcTQ8fBCf7tgkXO8fAV2bhGvcCYPnvKt9EJmH
e3m5wzT/zN51LrJF5ozy5uN/q3llh7I2bwJLDbNN3KY6Q7oSx3bNVjxT5gr5Fwm9
res6rxuMhmPD3soryQ/1Zfex/iliz0jYGlKVflGWn3XNhjSzpDW4fIlxk3g4rNBU
XP+yN0gBLjIZm1KLq9Y92Wxuilhillw5VOYw29PfiQIcBBABAgAGBQJRw2v1AAoJ
EFQP1LYIgV8TSl4P/AoimOJuWFC1L6Q6tfqrXuRFih4JiQfJuy4s6jVNSbLz89tc
LahsqzjzUGWMYQbCSLaUXZXKC+tMoH+2q/EEfpwn8dvBznsd2ZXsOhT1OgehK/MP
jT1IwKzPhHUK4Zn9RDZQ6E0gEr5KO4qn0+T04B220OG8dirj2ShIXibnnEi5tlNq
hdrVnPPVjiaal4KU45CP1Ii3NIGiwYGUsl+IP2pBv8DKVzuJdn5YAOCokeF/jzW0
uaOYyUUu1cBImKXR+ooAJY15OqtnEKy+6TXhia91A6ldQQqwzGnhzd2yte/4ujaM
DWbCdauwuRlDFaNjapmT6YL/MXhslT/kJTxJpD4DM6ZpGYKiPo3PQVHdBu/3u1Lt
rJQks5Sup3ryCSjjjKSlJf2gkKHfDfVuLWp2KEjMSqfalrwrUzAf5l3KX9Z278qu
h5kOTxX7nIkNeMxSnfGp+xdBC3QArnK7LHfZcdaTIgxnCxHD3kk+zV5tV+RVTD4J
y9R8VOYsFHyB4bQYFdzYSGOsrzM0jTUrPn6KlCG8V4LMTxI7hWqFjExMswNg4R+C
I7TFmFqhF4VbtmxiEC/zmpWxrxB3PTGHO5AogveEkUhDoFHAXcGZ/jpuq6Z6CxRu
v3kmfqxNSaIJYbBwHLu3rY1utXCycH9CG2j6bn5nxoIkPmhM6c39+fLLBEZviGIE
ExECACIFAlEVri8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEKyFk2Kw
QTv68XEAn1giAwjG4ClwEHuWtN9PnLxHViYkAKC5olT/PqAPLKqtH4Zu2U0lHwjd
vYkCHAQQAQIABgUCUh0HoQAKCRC5pAjnHarJdKTzEAChSbgQSb9lLfaa5kJLT2ww
/LM9oNDd/dU3kwZtOlnaCbGZISFJ0EYqj/5Ya45yKXn23fLcZvI41T5NYBqh54mn
niXExNWDMLzF4egVWs7kHUzsWvGZkYvBdkM454h+e2bFKaj1zJkM/OX3jhB94+PL
f/QJUz+nYn+/Alv2TxI2mP9WgwpSPok+KPy8qzXKKSExecOTbrY77uObP4XcVATg
vFy1tkMP2aonv0+a+XfR4QFsVcHS+Muk10SPGvMnYhKct1MOkZltI+VwRvhG4sCW
ieM66qYQwQVpssToy/dyCigfNQuSTBMWre++gAbodd/t+NGG67HkVhWYTL1rymIO
v5upBRdbzaNCEfBnGfVhUYpw36MEg44gYSUFkgchhquwqWi6NYDs3m8SRGaNH1uI
ec7AGHBjZnOd+DakVXgWSydXOVhchDJ28WVTVMx970Y2/0K4zFAUPQgER1WnRDUn
V7hvK5gviYdW63UG5ozXB89b6vGRTdj0khxpLYrtBLZLikUz3lBlJpGR69/wPe+I
2nD3HzR+oSH5ywiwf28aBEhx6CVq8uv/Tr7vh2fq8zZGOYqpuDioCGzyiekQHtC9
BvSmsWgcn40Q+rk4GNqD+RLSIgJuB+ZxogB0fgg99Dfxy5iHXRTy0TCogxn2TZdu
e/Fi4GhD6jhhkXBPGh+UrYkCHAQQAQIABgUCUjJIkAAKCRDhZvoRVxE5FnznD/42
167tm4U2u87pwXNJ6YvmrmFcTZqyT0Ujo1keoHo1jKXQrItMITT+Und37U9RXraX
IupY7mA25Uricl5J2sqWm/V7rXJ6AnlmvAPaixkVCE12G2N3KCNB3eLk1j/GkzDF
theowHpRBMmn/Bm91q2nncuA00VDb4tJ1YHFQ56ujsUvCRBEiebyQi5Qbzut9Z0g
SmOofjaaIPxoXnZuAIDPiUkfgXDJim689HAG3nKToGCkLFaeCr5v3JUSGQV7icZm
HhxoLZc1gvj4Z1ZibaJ+JjNSbeI0ebxxqYStWeU7wtKgntZ2fKLw95IzE2WGp/nV
hDlyhq4O/9VmZ9jikgejRDcmctLGE0sx0BnKTxK149spJKNE74NAguTaZjb0TkZ3
gIDSS74oj007WWmzwfJ/Q7gDi52E5QasKkpaAB2PeuIgGt+ENEaI7kyj/qVp35Ix
xsSmhe7+qT/l2OlaCMrUZO82wSR1adPkBd0v8Q8yMEA9L2kC2CPQKlViiYkoUA6l
ppO3ZVYyBN45buO+9szTf8469U1B/gtbijDqNRJ0dj38kCWnkd0keAeZnNgE9WTe
inV1UXApLjScl9QD78AUCTeyzCgF8dv9JsqNt1v4rikc0kkMx5KqDqb3kt06liTc
VzmJo6G0d51dEeWYECKDKNfsVbvTwRCNHdjjYjjPGbkCDQQ4P1SHEAgAoPuXtD5w
z39jiUD6yXO+PD5k1H0tQG9hOjaNHlTJn8f29ENwmEWUBLFV4LaxcT6h+DTJQ1FO
sgJfGWaEDf6YUAly0Iwzoct1OgjJEa/G6lVnieYLb7SG78etsBc5tSpHUTBW8aF6
jfopfAJkpALytHPALkxBF0ouSq6mLZIIUPJVndSnsBECyNv9lMgdMl4AQTOeXAtO
4bGeK30FkEoUN00V1AuRgbxshf53H7ebe5hk6A2kVy/OEmxfCuLSqrJsaIGRZx+E
ZKMmCappY8lbW217FrzkloAjKpodihrMsHkiw+/prOtWYMklJHYCeM7tAxTlMFsv
I7c44dOb4bpOiwADBgf+M0GCslmS4o6T2XgKC25okCjuERFHSg0dUvPW/372rSmt
uNx8bFoiVw9bXltYnLImuJo9dQWsMXFLm+x+qp4J9gzHvTWjDcnDLBLVraxHiCbv
hhmkTEOoqQx1nTqTaokFlX5WSRinZ/2e0beehEI8dIvi63D+Q024yATHsmNrY4FN
LmQ6uh1ChLKiEI6+KfOCiEGV2rAtz/PdAQRSltWI79AsYFoUFSKtjNGiR15SHCQt
0kSf0NCy84GhXTsiPWqhW4kI4w456NS2eaq90p+jT09ViIonO6P7h/40B0qY3rjJ
MhVcS6+Drkr6iP1nlq2W81bXudrWY9JCEkmsVDL0p4hJBCgRCAAJBQJSE6QeAh0B
AAoJEKyFk2KwQTv62tMAn2xLJcT2GOURGpiCa23nBKcFmjMhAJ9V/w279ZjmRYMZ
tKRxvAgGVZeDMYhFBBgRAgAGBQI4P1SHAAoJEKyFk2KwQTv6epsAnj8hRoCCYhJV
dFzfGbptbJCD4T5IAJiYvGpPvQNkcjO8/sTgQtmJOxdhuQINBFITpCYBEADTSuz4
ET2+aZOzOrpVJ8Ry5FTkyez0KqlnIokmg1cN3JTwEhhFtBQjGX3S8o8WT8vByweG
QHsB9Kq/FH0cTreMWn5ew/oMHmsgUOehjKextvThHb7vR7B2NsDUB+oBb5EWdOiq
KKbkLo0CvVF2XfpTAZ7SFtqlQjdpCogaX65fENyR3i7liYn9Iz132g35OX1sf1gF
PvIMMYW+g2vTwyzbdtbn7m+yC11nDW67gj+wpCHETub3IUQvxqQyxPhW3oGvrX/T
mCeT3T9srECqW9024HohLq6uQTka1H+Iwba+o0MHK+ylXheuTrFVLOwqvatlJuwc
sn7YJklJ+QjXJu3/dIZMAawsW106Zh3+fInY4rnCz9ktdluz0m+fWr+bY3+CJ+Fy
8Wp1OElLz2WB9DGdhUxvsgt5N12EtKD6G1vjrK5IbQ8bUL1hUjYbzFlWFmypwMMt
+3gOh8/Nhj2YOTnfZ+96rSmmFAFNSqsFR5O6KvVl4Oul/76sM44BGUj8rkFSppXf
Q3jj8lm/44C+3B3ekFsqz+6eN/CH1xFO1buy1a3DJ9J3MPYYvmrOwnMHUHxmPXyC
1TMe2t5OwpJFSFBmQqz7LCmSSbsLXx+tkHNu/S218HYpxPtzo3fLztVpDc7VNDXh
Cu/FC5LAoCHGopxKaMtD3b73Pl3ebALAI7JnrQARAQABiE8EGBEIAA8FAlITpCYC
GwwFCQeEzgAACgkQrIWTYrBBO/rH0wCdEEEwYEjNWkSAiG7E1YVTVqvDf3UAnRtJ
5vsLousknV9sLkV1YTU1HGbDuQINBFIdBzIBEAC7gqEAK4+Im7lQRfAqwjE8P4aY
x86/kNEksCAsMQQ8fCX0xhvd+7Mp08/Rldtzo8vKkltXs3749reGgLSri/ir2C1S
axIJ+HP0qwMdcAOUzxPMWPJCQZvdry/i5n+nPleTS1m3TTlVYI5R+2l6Zh1CNXO3
FKgtorHfRix0T7Wxz8nmstHzYG/Sgh7WOwnJ+NWLaeATTynk3DL4f4mSgZT9l171
vHVTUspHDaM/Q3bMzORaTFyEHetELDsajI27+r6vtDp4zXh8+lbSpupvO5WDxOGa
WUoWyolgSBOfyZWySgwwO9oIElK0DBODyVJ2KYHerrIKvDBi8yGhogCnLJ4gvKOL
SrcjmPhYbufM9YhXLBjUE0SSRH9CSLsOLGu/dr+Wxt34lxzkqm/WOSpXjzp1S3dZ
3fwDu+UwAAuTS6kyOo6zPHd9qxHHqVKZtnP4ppbPwGQU9Hx4W1f29uIml6xCqlLv
IhBGsuUXpJfznFTZPt/zIupHsAVBwqw/2Efkd1rh35ZFGXVxdgzq2CSh1IGrgixl
l4xVVbV/l/DRlLjAlNUFuybqOjaWboo2zwlralWbn+GiSjipcOgF7Pc0ucw1bSHE
Lj/7ZAV8v4ZMJirLkcYb/y1yMu6g6DmG3+mJry/6vFL5Lwt53UqI4HsONlds1/5d
ZWDkTWJRf295ZQue3wARAQABiQJuBBgRCAAPBQJSHQcyAhsCBQkJZgGAAikJEKyF
k2KwQTv6wV0gBBkBCAAGBQJSHQcyAAoJEOq1r5TZ6avnbM4QAIGsO3ZyLmVE2GXS
EvdBhD8JBRcL42OnzFa1jG/4qSu8E1IYX35TDq+5SgbBywQadI9NQEp3yXgfRAWa
IBBoFmYDEXFA11C8rBhN2CyWqLUljV5kGi7/wIvwssLHW7ODOZOKd66wJm6HHF2I
xbrLZKzmGEB6SPUIXkxfoA3QtuvNKZ4pCz8/osFifeOm+etV3Go71aYAt5t410/z
0kYxGm//jAkyIU7GGXfLKHfdOEaroGhoIG1I491zhkukx3RWlKysLolnwlwQq8gy
AOiB9N/FG3lV0iG2dEnstv7paqZqYh/p9ZaXja7gPO48U7cAM0DUDqELdaJ0tuWV
IwIcbkBeT3wvN8Re5cRrRDrYtQVOAzK++QhcyvAE3jQLZJ9FKoWnD+mugicXdGeU
hkV0jHwTEk9EjeQw2TvEPwJ/REPW6aEN3DdJSNeB7TISlSAoLG84Yrxyp1+Z+3lP
zyW0zcOe7hYvHtYAJlcSVm1EFv6vSEaNCMsmtyfET2T+DB812GIVju8VyQ+xUF2m
8QDtXaguj7b/03AQ2FG9/Do13+lxvOfgDa4fNHuclYOJMR+MrzYS7cf+iCIWGdE1
4W39jcJSzUm2AGwxHlQJ8kj/vpdyC2YGrGIlii3/ZVcfytZfpR2hr5M0d0Tg8rCi
rIn2QbI7uX0CkddarDSnGxuB5Z4Vmy4AoMcOCqU2LOKWriS105PkQSrH1BRgAKC3
WZ1sAuyy1zOg6xZ5/5F/G5EAGw==
=hJ/K
-----END PGP PUBLIC KEY BLOCK-----
|
|
|
|
|
|
bee7
|
|
October 13, 2013, 07:41:28 PM
Last edit: October 13, 2013, 09:25:31 PM by bee7 |
|
If you run this process over https, wouldn't it be more trustworthy?
No, as any way the third party services are used to host the files. This is why all files check-summed and these check sums are signed by the developer, so no one could tamper the file, no hardware error may alter the file. that's pretty irrelevant to our discussion because people shouldn't follow a random link on the web provided by an untrusted party.
It is relevant as you started this thread with particularly this statement: Without https, MITM attack is really simple.
I think any kind of spoofing is relevant to the problem you pointed and the commonly adopted solution of the problem is used in this particular case. |
|
|
|
|
jl2012 (OP)
Legendary
Offline
Activity: 1792
Merit: 1097
|
|
October 13, 2013, 07:45:06 PM |
|
HTTPS is more deeply insecure than just the CA infrastructure sucking. It requires you to keep the signing keys _online_, on a publicly accessable well know webserver, where they're maximally vulnerable to compromise. Practically any website of scale is run out of some colo, most of which have fairly poor plant security. Because of DOS attacks (I'd estimate) 3/4 of large Bitcoin sites have handed their SSL keys over to cloudflare... etc. Back to the CA infrastructure: Many CAs will issue a certificate to anyone who can place a file on a URL of the the domain in question of the CA's choosing. They fetch this file over HTTP, so anyone who can MITM a websever can get a certificate issued for the price of a few bucks and a few hours delay. The system is not just weak to state level attackers. It's stronger than nothing at all, but there is a good argument that its a false sense of security, and as a result I've been torn about if it would be good or not... Though in this case, the services we're using simply don't support it. (I've advocated it though: Even if user's overall security were ultimately decreased by using it, it shifts the spectrum of compromises to ones where the public will blame the victim (or the CA infrastructure) rather than "bitcoin", which reduces the ecosystem risk...) There there is a question of what you'd even be authenticating against. AFAIK, Bitcoin.org isn't formally controlled by any of active developers (I believe the domain is under Sirus' control). I mean, if you're just going to trust _any_ HTTPS site to obtain the data from, I'll drop my pgp key at the bottom of this message, and you can use the fact that you got my key from the forum to verify the keys in question. (Theymos, why doesn't the forum profile stuff have a field for pgp keys?) I think Peter asked people to include their PGP key fingerprint on the slides for Bitcoin Conference. I think it's a good idea. Did anyone really do so? |
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
Peter Todd
Legendary
Offline
Activity: 1120
Merit: 1150
|
|
October 13, 2013, 09:20:21 PM |
|
I think Peter asked people to include their PGP key fingerprint on the slides for Bitcoin Conference. I think it's a good idea. Did anyone really do so?
As far as I know Timo Hanke was the only person who did in addition to myself. |
|
|
|
DoomDumas
Legendary
Offline
Activity: 1002
Merit: 1000
Bitcoin
|
|
October 14, 2013, 01:39:35 PM |
|
sure it would be better if all those websites use https. I dont think it is so bad.
I'm more preoccupied by botnet/rootkit/virus/malware/spyware than a "no-https" website.
Being pretty sure some sort of cyber-critter is actually using my GPU to mine while my computer is idle, but I dont know how to find it and erradicate it, Therefore, this is more a problem than a no-https website on my side.
OP bring a good observation anyway, I must admit.
|
|
|
|
|
b!z
Legendary
Offline
Activity: 1582
Merit: 1010
|
|
October 15, 2013, 06:44:53 AM |
|
sure it would be better if all those websites use https. I dont think it is so bad.
I'm more preoccupied by botnet/rootkit/virus/malware/spyware than a "no-https" website.
Being pretty sure some sort of cyber-critter is actually using my GPU to mine while my computer is idle, but I dont know how to find it and erradicate it, Therefore, this is more a problem than a no-https website on my side.
OP bring a good observation anyway, I must admit.
Format your HDD and take the proper security precautions when you setup your OS again. |
|
|
|
|
|
Lohoris
|
|
October 15, 2013, 02:51:25 PM |
|
sure it would be better if all those websites use https. I dont think it is so bad.
I'm more preoccupied by botnet/rootkit/virus/malware/spyware than a "no-https" website.
Being pretty sure some sort of cyber-critter is actually using my GPU to mine while my computer is idle, but I dont know how to find it and erradicate it, Therefore, this is more a problem than a no-https website on my side.
OP bring a good observation anyway, I must admit.
Format your HDD and take the proper security precautions when you setup your OS again. what if he has a rootkit in the firmware of the keyboard or battery? |
|
|
|
grue
Legendary
Offline
Activity: 2058
Merit: 1431
|
|
October 15, 2013, 03:32:23 PM |
|
what if he has a rootkit in the firmware of the keyboard or battery?
tinfoil-level security |
|
|
|
|
Lohoris
|
|
October 15, 2013, 03:36:51 PM |
|
what if he has a rootkit in the firmware of the keyboard or battery?
tinfoil-level security Exactly. You have to draw the line somewhere. And there's no "correct" level to place that line, you'll never be 100% safe. |
|
|
|
|
bee7
|
|
October 15, 2013, 04:04:08 PM |
|
what if he has a rootkit in the firmware of the keyboard or battery?
tinfoil-level security Exactly. You have to draw the line somewhere. And there's no "correct" level to place that line, you'll never be 100% safe. But this could be verified to some extent. If after the OS and all necessary firewall/antivirus software re-installation on the new clean partition with no access to any previously used media the problem isn't gone then it is the case of such a rootkit presence with a very high probability. |
|
|
|
|
|
Lohoris
|
|
October 16, 2013, 07:32:19 AM |
|
You have to draw the line somewhere.
And there's no "correct" level to place that line, you'll never be 100% safe.
But this could be verified to some extent. If after the OS and all necessary firewall/antivirus software re-installation on the new clean partition with no access to any previously used media the problem isn't gone then it is the case of such a rootkit presence with a very high probability. And how can you know if "the problem is gone"? |
|
|
|
|
bee7
|
|
October 16, 2013, 01:51:40 PM |
|
You have to draw the line somewhere.
And there's no "correct" level to place that line, you'll never be 100% safe.
But this could be verified to some extent. If after the OS and all necessary firewall/antivirus software re-installation on the new clean partition with no access to any previously used media the problem isn't gone then it is the case of such a rootkit presence with a very high probability. And how can you know if "the problem is gone"? By observing the system for some period after re-installation. |
|
|
|
|
|
