Securing the smart home, a guide to my reviews series

Posted on by
Reply

I began a series of reviews for Network World on securing the smart home. These three articles were published earlier this year:

Since then, I have written additional stories, but before I introduce those I want to take a step back and review the decision process that I would recommend in terms of what gear you should buy and at what point during your smarter home networking automation journey. And let’s also take a moment and review the decisions that you have made so far on hubs and wireless access points and how these decisions can influence what you buy next.

While there is no typical decision process for this gear, here are a series of five questions that you should have begun thinking about:

  1. Do you already own a smart thermostat? If not, make sure you pick the one that will work with your hub device. Nest doesn’t work with Apple’s HomeKit, for example. I will talk about my experience with Nest in a future installment. Also, you might also want to make sure that you can upgrade your older thermostat with something more intelligent, in terms of wiring and network access.
  2. Are you in the market for a new TV? If you are, consider what your main motivation is for buying one and which ecosystem (Apple, Google or Amazon) you want to join and use as your main entertainment provider. It used to be that buying a TV was a major purchase, but today’s flat screens are relatively inexpensive. Most new TVs come with wireless radios and built-in software to connect with Netflix, Amazon, and other streaming providers too.
  3. Are most of your cellphones Android or iOS? While many of the smart home products work with apps on both kinds of phones, that doesn’t necessarily mean that features are at parity between the two phone families. In some cases, vendors will prefer one over the other in terms of their app release schedule and that could be an issue depending on which side you are on. If you are serious about considering Apple HomeKit products, obviously you will need at least one Apple phone for managing its basic features. While Apple’s ecosystem supports the largest collection of smart home devices, overall, many of the smart home products will work on either Google Home or Amazon Alexa as well.
  4. Do you have sufficient wireless and wired infrastructure to support where you want to place all your devices? As I mentioned in my last installment, one of the major reasons for using a better wireless infrastructure like the Linksys Velop is because of its wider radio coverage area. Make sure you understand what your spouse is willing to tolerate in terms of wiring and AP placement too while you are assembling your new network requirements and scouting out potential AP locations around your home. As part of this decision, you might also need to upgrade your ISP bandwidth plan if you are going to be consuming more Internet services such as video and audio streaming.
  5. Do you have enough wired ports on your network switch? With all the devices that you plan on using, you probably are going to run out of wired ports. And while you might think that most smart home products are connected wirelessly, many require some kind of wired gateway device (the Philips Hue is an example here) that will consume a wired Ethernet port.

Those five questions should help get you started on your smart home journey. But before you purchase anything else, you might want to consider these security issues too.

  1. Do you understand the authentication requirements and limitations of each smart home app? One of the biggest limitations of the smart apps is how they set up their security and authentication. In many cases, the app can only use a single login ID and password. If you want multiple family members to use the app, you may have to share this information with them, which could be an issue. You might want to consider a document that lays out your family “rights management” — do you want your kids to be able to remotely control your thermostat or monitor your home security cameras? What about your spouse? This begs the next question:
  2. Who in the family is authorized to make changes to your smart infrastructure? By this I mean your network configuration and access to your computers, printers, and other IT gear. Again, in the past once this was set up it wasn’t often changed by anyone. But the smart home requires more subtle forms of access and this could be an issue, depending on the makeup of your family and who is the defacto family IT manager.
  3. You should plan for the situation when you (or another family member) loses their phone with all of your connected apps and authentication information. This is one of the major security weaknesses of the smart home: your apps hold the keys to the kingdom. Most of the apps automatically save your login info as a convenience, but that also means if you lose your phone, it can be a massive inconvenience. Some of these apps will only work when they are on your local network, but others can reach out across the Internet and do some damage if they fall into the wrong hands. Given how often your family members lose their phones (I know of one 20-something who loses her phone twice a year), this might be worthwhile. You might want to record the procedures for resetting your passwords on your various connected apps and other login information.
  4. What happens when one of your smart devices is compromised? The reports earlier this year about the compromised web server that comes with a Miele dishwasher are somewhat chilling, to say the least. How can you detect when a smart device is now part of a botnet or is running some malware? We will have some thoughts later in the series, but just wanted to raise the issue.

As you can see, making your home network smarter also means understanding the implications of your decisions and the interaction of products that now could create some serious family discussions, to say the least.

The remaining reviews in the series include:

The smart home series: Nest is building a smarter thermostat

Posted on by
Reply

If the Philips Hue smart light bulb is the first connected home product, probably the most desired home networking product is the smart thermostat. While Nest wasn’t the first in the field, it has become the market leader and was purchased by Google back in 2014. One of the reasons why I chose my test home in suburban St. Louis was because the homeowners already had one installed. I wanted to see how it would interact with the Google Home and Alexa Echo units and what other equipment it would integrate with.

Nest is like many smarthome products: there is the actual thermostat itself, an attractive low-slung cylinder that has a built-in 480×480 pixel touch screen and a rotating collar for its main menu controls. Then there is a smartphone app and a web service. The apps run on both Android and IoS devices. (iOS 8 or later, or Android 4.1 or later)

Nest can’t replace all analog thermostat installations, but there is this helpful page that will walk you through what you have now and how your existing thermostat is wired to figure it out. They also have an installation video and troubleshooting tips. My home owners are moderately handy and they had no issues getting it installed. In my informal poll of other Nest users, I didn’t hear any horror stories either.

Once you wire it up to your HVAC system, you have to download its app to your phone and get the software setup. That took about 15 minutes. You can control up to 20 different thermostats and in two different locations from one app and one account. Unlike other smart home products,

Nest allows this account to grant access to two users with two separate email addresses. You still may want to use a throwaway email address to share among your family, if they have authority to change your home temperature conditions. It connects to your home network via Wi-Fi and like other products, initial setup is via Bluetooth.

We set up the Nest with both Alexa and Google Home. Nest doesn’t directly work with Apple’s HomeKit although there is this workaround. We also set up Nest with the ADT Pulse alarm system app that was installed in our test home. More on these connected apps in a moment.

Nest calls its product a learning thermostat, and this is because it automatically figures out your usage patterns on a daily basis. For example, the new generation units will light up to greet you when you come home. You can wait a couple of weeks for it to learn your schedule, or set up a typical schedule like any programmable thermostat. But unlike an analog thermostat, it has a series of sensors, as you might imagine. Besides temperature, it also measures humidity, activity and ambient light. That means it can make smarter decisions about your occupancy and usage patterns. That is one of its chief selling points.

Nest has some built-in routines that help you save money on your heating and cooling bills, called Nest Sense. It has all sorts of automated routines here. One is called Eco Temperatures. Basically, you set up a temperature range that your home will operate at, and if no one is home that is the default mode of operation. Others are called Cool to Dry, Leaf, Airware, Home/Away Assist, and Time-to-temp.

The Nest phone app is cleanly organized and once you get done setting up these various routines, you probably won’t be spending much time with it. With my test homeowners, one said she is so ingrained in using the thermostat directly that when she walks by it in her hallway she thinks about changing the temperature then. The other said he used both the Nest app and the voice commands but still was getting used to using both of them. Part of the issue here is that unlike lighting that you change frequently during the day, you probably don’t think about your home temperature control very often.

Another selling point for Nest is that it has a large range of other products that integrate with it. That is what drove my test homeowners to buy it since it works with their ADT security system. One of my homeowners used the ADT/Nest control because she forgot her Nest app password. So it is nice to have all these different mechanisms to control it, to be sure.

Finally, Nest was easy to setup with both the Amazon Alexa and Google Home, taking less than five minutes to get each one configured. Using it was simple too, and both seemed to perform the same way in terms of controlling the thermostat. My male homeowner said he is starting to prefer the Amazon hub for home control, just because it has so many more connected apps. But he finds the Google hub provides him with more thorough answers to his questions.

Nest is now on their third generation product, which retails for $249. (I tested the second generation.) But don’t let that price scare you: your local electric or gas utility might have rebate offers. (In St. Louis, it was $125 from both companies combined). It comes in four colors.

The smart home series: Philips Hue lighting system review

Posted on by
Reply

In today’s installment, I look at the Philips Hue lighting system. This has four main components: a network-attached bridge or controller, the smart bulbs themselves, web-based software and the smartphone software that is used to turn your lights on and off. We tested the product in the same suburban home location outside of St. Louis where we tested our earlier products, connecting Hue to both the Alexa Echo Dot and the Google Home hubs.

Hue comes with three different kinds of bulbs: white-only, white ambiance and multi-color, which includes white. The White Ambiance allows you to do more than just dim up and down at the one color temperature and gives you access to 50,000 shades of white light. I tested the multi-color. Both come with built with radios that communicate via the ZigBee LightLink protocols back to the bridge.

To me, a lamp is a necessary evil and something that doesn’t require a great deal of thought. This is because I am someone with zero sense of interior design. I tell you this upfront, which is one of the reasons I was testing these products at a home where both residents have a lot more design-savvy and understanding of lighting placement and mood creation.

If you are a design philistine like me, then you probably won’t get much out of this product and should just stick with ordinary lamps. But if you do take the plunge, make sure you are buying what Philips calls “gen 3” bulbs (which is what I tested). These bulbs have deeper green, cyan and blue for even better mood setting. Philips claims the bulbs can deliver 16 million different colors, but since I am colorblind I couldn’t verify this claim. Nevertheless, you have a wide color palette that you can play with on your smartphone and have a lot of fun finding that exact color to match your mood, your decor, what your spouse is wearing, or whatnot. All the bulbs are LEDs, so are very energy-efficient. They all fit into a standard base and (unlike the early CF bulbs) are small enough to fit in most ordinary lamp housings.

Why bother with smart bulbs? Several reasons. First, you can remotely turn them on and off, both instantly and on a specified schedule, to make your home more comfortable and secure. Second, you can set various moods by having them dim or brighten appropriately. And finally, you have bragging rights when you have your friends over for dinner or parties. By now many of you have already bought your own smart hub: this gives you the first practical application that can readily demonstrate its utility.

When I first got the Hue kit I thought it was mostly “nice to have” but not an essential use case. The more I and my test couple used them, the more we liked them and the more we came to rely on the ability to control them at will and to set different moods. I think this bears emphasis: Hue is creating something new and really giving you a new dimension on how you live and consume lighting in your home.

You don’t need a smart hub to operate your Hue lights, because you can control them via the smartphone app  (shown here) or you can also purchase a variety of hardware controllers that can fit inside a standard light switch receptacle or sit on your coffee table if you want a physical object. That is all well and good, but really that gear is just a glorified “Clapper” device that is about as exciting. But using the Alexa or Google Home hubs means you have voice commands for your lights. This means you don’t have to look for your phone and can just turn your lights on or off quickly as you enter a room.

Getting setup from scratch took about 15 minutes on either hub, using a very similar process. The biggest issue I faced was switching my lighting system from the Amazon to the Google hub, which a normal user wouldn’t necessarily do. If you are going to change hub vendors, you should do a factory reset to make things easier. The controller/bridge connects to your home network via Wi-Fi, and it also works with Apple Home Kit hubs too.

The most important part of the hub-related setup is naming your various rooms where the bulbs will be located. The workflow for doing this is different in Amazon Alexa versus the Google Home. With Alexa, it picks up this information from the Hue app. In Google, you have to create your room names on its app.

For the most part, the Hue bulbs worked fine with either Alexa or Google Home. But sometimes Alexa would make a mistake, thinking a particular bulb was on when it was off, or vice-versa. And sometimes Alexa would turn on a bulb in the wrong room. We couldn’t reproduce these errors. It isn’t clear who is at fault here: because sometimes the app shows a bulb is on when it is off. For the majority of time though, things work as intended.

If you are just going to control your lights locally — meaning while you are in your home — then you don’t have to worry about the web server piece of the product. This is needed for two purposes: first for controlling your lights when you are away from home, and second to integrate with any Nest products and other home automation web services. For either purpose you will need to create an account on meethue.com and then use that login on your smartphone app. As with other smart home products, only one account (meaning one email address) per home is allowed. If you want multiple family members to have lighting controls, you might want to create a special email address that everyone can access. Philips is looking into having multiple accounts with different access rights at some point in the future.

Once you get going with the standard bulbs, Philips makes a bunch of different other bulb sizes that can you expand your horizons and play interior decorator. I didn’t test any of these. You can purchase a rechargeable portable light source called Go and lights that come with a variety of their own decorative bases. Given that Philips has been making electric lights for more than a century, this is not unexpected that there will be others joining its Hue product line in the near future.

Hue comes in various product configurations, the basic white-only starter kit with two bulbs and the controller is $70. It is available online and in a variety of electronics and lighting stores too.

 

Warning: your mobile phone is not safe from hackers

Posted on by
2

The biggest cyber threat isn’t sitting on your desk: it is in your pocket or purse. I am talking of course about your smartphone. Our phones have become the prime hacking target, due to a combination of circumstances, some under our control, and some not.

Just look at some of the recent hacks that have happened to phones. There are bad apps that look benign, apps that claim to protect you from virus infections but are really what are called “fake AV” and harm your phone instead, and even malware that infects application construction tools. I will get to some of the specifics in a moment. If you are in St. Louis on August 3, you can come hear me speak here about this topic.

Part of the problem is that the notion of “bring your own device” has turned into “bring your own trouble” – as corporate users have become more comfortable using their own devices, they can infect or get infected from the corporate network.  And certainly mobile users are less careful and tend to click on email attachments that could infect their phones. But the fault really lies in the opportunity that mobile apps present.

For example, take a look what security researcher Will Strafach has done with this report earlier this year. He demonstrated dozens of iOS apps that were vulnerable to what is called a man-in-the-middle attack. These allow hackers to intercept data as it is being passed from your phone through the Internet to someplace else. At the time, his report grabbed a few headlines, but apparently, that wasn’t enough. In a more recent update, he found that very few of the app creators took the hint — most did nothing. He estimates that 18 million downloaded apps still have this vulnerability. Security is just an afterthought for many app makers.

Another issue is that many users just click on an app and download it to their phones, without any regard to seeing if they have the right app. Few of us do any vetting or research to find out if the app is legit, or if it part of some hacker’s scheme, and to do so really requires a CS degree or a lot of skill. Take the case of the “fake AV” app that infects rather than protects your phone. There are hundreds of them in the Google Play store. FalseGuide is another malware app that has been active since last November and infected more than two million users.

The Judy malware has infected between 8.5 million to 36.5 million users over the past year, hiding inside more than 40 different apps. DressCode initially appeared around April 2016 and since then it has been downloaded hundreds of thousands of times. Both look like ordinary apps that your kids might want to download and play with. Hackers often take legit apps and insert malware and then rename and relist them on the app stores, making matters worse.

Even the WannaCry worm, which was initially Windows-only, has been found in seven apps in the Google Play store and two in Apple’s App Store. Speaking of Apple, the malware XcodeGhost is notable in that it has targeted iOS devices and resulted in 300 malware-infected apps being created, although that malware infected Apple’s desktop development environment rather than the mobile phones directly.

So what can you do? First, make sure your phone has a PIN to lock its use, and if you have a choice of a longer PIN, choose that. There are still at least ten percent of users that don’t lock their phones. Having a PIN also encrypts the data on your phone too.

Next, use encrypted messaging apps to send sensitive information, such as Signal or WhatsApp. Don’t trust SMS texts or ordinary emails for this.

Use a password manager, such as Lastpass, to store all your passwords and share them across your devices, so you don’t have to remember them or write them down.

When you are away from your home or office network, use a VPN to protect your network traffic.

Don’t automatically connect to Wi-Fi hotspots by name: hackers like to fool you into thinking that just because something is named “Starbucks Wi-Fi” it could be from someone else. Apple makes a Configurator app that can be used to further lock down its devices: use it.

Turn off radios that aren’t in use, such as Bluetooth and Wi-Fi.

Don’t do your online banking — or anything else that involves moving money around — when you are away from home.

Don’t let your kids download apps without vetting them first.

Turn on the Verify Apps feature, especially on Android devices, to prevent malicious or questionable apps from being downloaded.

Keep your devices’ operating systems updated, especially Android ones. Hackers often take advantage of phones running older OS’s.

I realize that this is a lot of work. Many of these tasks are inconvenient, and some will break old habits. But ask yourself if you want to spend the time recovering from a breach, and if it is worth it to have your life turned upside down if your phone is targeted.

Speech: How to make your mobile phone safe from hackers

Posted on by
Reply

While the news about laptop camera covers can make any of us paranoid, the real cyber threat comes from the computer we all carry in our pockets and purses: our mobile phones. In this speech I am giving at Venture Cafe STL, I will describe some of the more dangerous cyber threats that can turn your phone into a recording device and launch pad for hackers, and how you can try to prevent these in your daily life.

iBoss blog: The new rules for MFA

Posted on by
Reply

In the old days — perhaps one or two years ago — security professionals were fond of saying that you need multiple authentication factors (MFAs) to properly secure login identities. But that advice has to be tempered with the series of man-in-the-middle and other malware exploits on MFAs that nullify the supposed protection of those additional factors. Times are changing for MFA, to be sure.

I wrote a three-part series for the iBoss blog about this topic. Here is part 1, which introduces the issues.  Part 2 covers some of the new authentication technologies. If you are responsible for protecting your end users’ identities, you want to give some of these tools careful consideration. A good place to start your research is the site TwoFactorAuth, which lists which sites support MFA logins. (The Verge just posted their own analysis of the history of MFA that is well worth reading too.)

And part 3  goes into detail about why a multi-layered approach for MFA is best.

Is there good news for journalism in the gig economy?

Posted on by
Reply

This piece originally appeared in Sam Whitmore’s MediaSurvey.com in late June 2017.

We all know that the Bezos Post and the Grey Lady are doing well selling monthly subscriptions. (During the last three months of 2016, the Times added 276,000 net digital-only subscribers, more than they started the year.) They are the counter-examples in the otherwise dismal NewspaperDeathWatch (done by my podcasting partner Paul Gillin) series of layoffs and site closures.

But what about some way new models that could support quality journalism? Here are a few bright spots, some operating sites, some ideas that are still being worked out:

  • The Marshall Project, which is a non-profit newsroom focused on criminal justice with stories such as The Mental Health Crisis Facing Women in Prison and How to Cut Down on Searches in Traffic Stops: Legalize Pot.
  • Press Think, which is a US version of the Dutch site, De Correspondent. That site is funded solely by its 56,000 members who pay about $63 a year. Jay Rosen is leading that effort, which has articles on politics and the gaming nature of PR. It is funded by a foundation for now. The idea is to optimize for trust.
  • Stratechery, which is Ben Thompson’s one-person effort to look at the intersection of tech and business, with recent pieces on the Amazon/Whole Foods deal (which has one of the more insightful things said about the merger) and Google and antitrust.
  • The Information, which is also tech news related. That has been around for several years and has done some excellent reporting, which is what you would expect if you hire some of the top journalists and charge $400 a year for subscriptions.
  • Most recently is Civil, which announced plans to build a blockchain-powered marketplace on Ethereum. This marketplace could be where citizens and journalists form common communities and financially support factual reporting and investigative work. The motivation is to substantially limit misinformation through effective collaborative-editing methods. Call it “fact-checking as a service,” if you will. It hasn’t yet launched.

All of these efforts are worth watching to see what gains traction. Against this landscape, or maybe in spite of it, are a series of re-energized corporate blogs that seem to be well-funded (such as IBM’s SecurityIntelligence.com) and new information delivery models (such as Jason Calacanis’ Inside.com series of email newsletters — NB: I am a contributor to both efforts).

Will any of these gain real traction? Hard to say. Paying for content is expensive, and paying for superior content is even more expensive. Crowdfunding may not bring in enough dough, whether it is in traditional dollars or some crypto-currency that can trade at wide valuations.

Part of the problem certainly began years ago when advertising revenue evaporated, or at least moved to other places. But that just shifted the cost basis of most pubs. There is the issue that Google and other search sites now collect those funds, and have sucked the air out of any news-oriented site.

But another issue is the trust deficit that news sites now have with their readers. Witness the CNN issue earlier last week, or any of the latest collection of presidential Tweets. So, as they say in the media, stay tuned.

FIR B2B podcast: Millennials vs. Baby boomers on B2B marketing, a new book called “Tap”

Posted on by
Reply

It isn’t surprising that millennials are less satisfied with their jobs – given that they change them so frequently. Perhaps they have unrealistic salary or promotion expectations. This survey, the Data Snapshot: 2017 Career Outlook for Tech Marketers, of several hundred marketers from both the US and UK is worth looking at, not just because it points out generational differences but it also shatters some myths too.

Are vendors paying freelancers to place stories in reputable publications they write for? David Berlind thinks so. We describe what motivated him to post a complaint about how freelancers are double-charging for their stories, being paid by both a vendor client and their editors.

Next, Anindya Ghose’s Tap: Unlocking the Mobile Economy should be on every B2B marketer’s reading list for how to understand mobile ecommerce and mobile transactions. It is a rare book that provides solid research and is enjoyable to read. He shows that the balance between advertising and peer group recommendations for purchasing products and services is shifting to more of a mix, and this book will help guide marketers to understanding how to play that mix to their favor without alienating consumers. He covers the nuances of location-based advertising and how mobile phones access this information. B2B marketers have to get better at using mobile technologies. And the smartphone has become the glue between online and offline channels, so marketers need to understand how this glue is applied and how to become more effective at using it.

Finally, this post from Buffer (We Made These 10 Social Media Mistakes so Don’t Have To) is well worth reviewing. Many of us have made most of the mistakes on this list, and some of them are worth discussing with your social media team to try to prevent them in the future.

Listen to our podcast here:

FIR podcast with Shel Holtz: Does PR have a data gap?

Posted on by
Reply

This week Paul Gillin and I are guests on Shel Holtz’ For Immediate Release podcast.  We talk about these topics:

  • In a follow-up to a report last week, a PR agency owner takes issue with the Center for Public Relations’ survey on the industry’s view of White House communications.
  • Real estate site Zillow sent a cease-and-desist letter to a blogger who, it turns out, wasn’t violating their intellectual property at all. Still, there are lessons here for bloggers and companies.
  • While media outlets are increasingly interested in data journalism, PR doesn’t seem to be pitching many data stories.
  • A UK organization accidentally sent members an email telling them their passwords had been reset. That was just its first mistake.
  • Voice search and smart audio are coming to the enterprise, which means it will have a place in the B2B world.
  • Venture Capital CEO Dave McClure was outed in the New York Times for inappropriate behavior with a woman who was hoping to work for his company. He penned an apology. He should have done a few other things instead.
  • Tech correspondent Dan York reports Instagram’s new anti-spam tools, Facebook’s penalties for people who post too many links, Alibaba’s plans to compete with Amazon’s Echo, and new widgets in WordPress 4.8.

You can listen to our hour-long podcast here.

What happened to the Web user interface?

Posted on by
1

More than 20 years ago, the Web was just getting started. People were experimenting with all kinds of web servers as publishing mechanisms and as user interfaces for various devices. Back then, I thought this was a neat idea: having a web interface was a great way to demonstrate a product across the Internet, unify the user experience across different browsers and end user platforms without having to develop separate programs for them, and perhaps simplify end user training too. It was the brave new world.

Back then, there were some dissenting voices. Having more Web UIs would ”set computer programming back 30 years and is about the worst technology I’ve laid eyes on,” said one UI consultant that I interviewed at the time. Another pointed out that the Windows graphical interface (which was just getting going back then) was far superior to anything the Web could produce in terms of interactive controls. That distinction has largely disappeared over the decades. And having the cloud to handle various tasks (think calendar synch or database queries) makes the Web UI superior to a local Windows app under certain circumstances.

I wrote about these issues for Computerworld in the summer of 1996. Back then, Netscape (remember them?) and Microsoft were duking it out over which company’s HTML extensions were going to become more popular (we know how that fight went down). At the time, I said, “having all software go to the Web UI might hasten to have an all-Windows world: since multi-platform apps can be supported by web servers, developers have moved away from Everything Else and concentrated on Everything Windows.” I don’t think that has come true, and let’s not forget about smartphone apps that have their own wicked interface with their own screen real estate limitations.

I asked my favorite UX consultant, Danielle Cooley, what she thought about my comments from 1996. “Things have changed dramatically, of course, both on the technology side and the design side,” she told me in a recent email. “Speaking as the user advocate, I would say consumers’ standards are much higher across the board then they were 21 years ago. Thanks to the user-centered approach taken by large organizations like Amazon, Apple, and Google, laypeople have less patience for digital products that force them to contort their thinking and behavior. Now, they have more and more access to tools that fit the way they already think and behave. Many organizations still suffer from serious UX immaturity. Lack of investment and integration here has resulted in the confusing and frustrating interfaces we’ve all come to hate. The fact that there are still SO MANY of these, 21 years after your Computerworld article, is telling and alarming.”

But the Web UI is here to stay, one way or another. Now at least we have responsive design, so at least smaller or larger screens can view appropriate webpages automatically. And hopefully, developers will finally learn what makes for a better UI experience.