It makes me giggle a little every time I read about how bad security Mac OS X has based on the number of patches and/or the time Apple take to make them.

Windows has beaten every record in repeatedly being hit by malware, it costed roughly $14 billion dollars last year to just get rid of it, and Macs have problems???

It is important to make the distinction between this and a virus or other malware that exploits an actual security flaw in Mac OS X. This trojan poses as a video codec and tricks the user into downloading it, mounting the disk image, and installing the trojan. It doesn’t exploit any security holes in OS X, it exploits user stupidity/gullibility.

That’s only important if you’re trying to be apologetic about the issue, saying somwhow it isn’t Apple’s fault. as opposed to dealing with the issue head on.  In reality, there’s no reason Apple shouldn’t be shipping a malware scanner with their Client and Server operating systems.  Even if one where to assume that it is impossible for a Mac to get hit by malware then there’s still the issue of Macs being used to spread malware for other platforms.

with some security analysts comparing Mac OS X to Windows 98

A valid comparison now that Mac malware is out on the net for every script-kiddie to modify and deploy.  Windows 98 (DOS) was basically thrust into an enviornment and met with threats that Microsoft never imagined it would meet.  The Mac OS could be in the very same position now.  Apple nor the majority of the Mac user base has any expectation of any kind of malware attack.  Apple has been very late at deploying OSS patches, ignoring basic rules of security (’open safe files’, firewall off by default, anyone?), not educating their user base about security and generally getting away with it because of they knew they weren’t going to be attacked.

I do not believe, however, that the folks running Apple are idiots. I think they’re intelligent people who know that security is a big issue in the PC industry, and if you don’t take it seriously, you will get burned.

I disagree.  Sure the people at Apple are smart but they know they don’t have to take security as seriously as Microsoft (post SP2) and they still won’t get burned. Why does Leopards guest account have such security oversights as were mentioned in your link?  Why doesn’t the Mac OS let the user know they don’t have AV installed or a firewall running? Or automatically sweep the system for malware? Why doesn’t the firewall tell the user a particular app is trying to access the network? Regardless of whether or not the OS has an exploit in the wild that doesn’t preclude a social engineering attack or some other attack vector.

So it this one trojan a harbinger of the future? We don’t know, but I have a suspicion that the folks in Cupertino will do what they can to ensure that it isn’t. The bottom line is that Apple needs to be quick on its feet. One example of a quick response that comes to mind is the Dashboard security hole discovered shortly after Tiger was released, Apple responded quickly. Apple addressed this issue in the 10.4.1 update, issued within days of the exploit’s discovery. And in the 10.4.2 update, Apple reworked widget installation and management to prevent future malicious widgets. If Apple can respond just as quickly to future threats, Mac users will be in good hands.

Here’s the thing; why was that problem present in the first place?  Probably because Apple didn’t even bother to have their security folk examine that feature for possible attack vectors.  They waited for users in the wild to discover that problem.  APPL should have a security team auditing every feature they want to introduce to the OS.  At least that way APPL won’t miss obvious security flaws like that one.

Mac users who ignore when problems occur are as bad as the Windows zealots who say “I have never had a single problem on Windows - ever.” It’s just a stupid joke.

I don’t get it.  Even if there are a few malware attacks on the Mac it wouldn’t be likely that the majority of the user base would get infected.  So if the chances are that you aren’t going to be infected then where’s the harm in ignoring it.  If you’re not likely to get infected then really you’re just seeing monsters in the dark by being so paranoid.

Why is it a “stupid joke” for a Windows user to say they’ve never had a single problem on Windows? Never once has a piece of Windows malware even come close to hitting a majority of the Windows user base (i.e. 51% or more). The patches for almost all of the “Summer of Worms” malware had been out for months before the epidemics hit.
Starting on day 1 of XP’s launch, a properly updated XP box behind a hardware firewall (read: any router) running Mozilla/Opera/MYIE2 or another “alternate” browser would have been basically immune to all malware that plagued users of the time.

But viewing the problems in their right perspective is it obvious why this is a minor problem.

• Macs are rarely hit by malware,
• the Mac warns the user before running downloaded software, in Leopard it even tells it’s a program before saving it on the HD,
• malware can’t do system-level damage and spread themselves automatically on Macs.

Because of full automation in Windows is possible, no user action needed, to install software I believe many PCs are infected without the user having any clue about it.

Windows is a terrible platform, especially security-wise, and it would really be an achievement of Apple if they managed to produce an OS as insecure as Windows.

Why is it a “stupid joke” for a Windows user to say they’ve never had a single problem on Windows?

As I said, Windows zealots and trolls like Kuaidang are a joke when they try to sell the idea that they have never had a single problem on Windows.

And Kuaidang, I’m not suggesting that Mac users shouldn’t ignore the problem. I’m suggesting that they shouldn’t deny problems, if they pop up, simply because they are fans of Apple and Macs. I’m suggesting that people shouldn’t be trolls, like you, and deny the problems that do exist on their platform of choice.

And in regards to your crap about the OS coming with scanners and tools, check out this article. Windows Vista’s included tools are crap and you need to get extra help.

Vista cannot fend off today’s malware without help from security products

The Virus Bulletin tests try to catch out anti-virus software with a variety of malicious programs including bots and worms known to be spreading online, file infectors, polymorphic and macro viruses.

While Live OneCare did manage to spot 100% of the macro viruses it was tested against, it missed some wild viruses, polymorphic programs and file infectors.

Live OneCare caught 99.91% of the known active viruses it was tested against. This left it vulnerable to 37 separate malicious programs.

So yeah, we know you like to get on your high horse and say “ha ha ha ha” when some little trojan pops up for OS X and you like to make it seem that Windows and OS X are equal in this regard. When you do this, you only reinforce the fact that you are a predictable, pathetic troll.

This is a non-malicious Trojan for OS X; not a polymorphic or macro virus, not a bot or worm, not a file infector.

Macs are rarely hit by malware,

Past results does not determine future action.  Read the link in the article.  This malware was made by a group that normally makes Windows malware but now they’ve decided to attack the Mac too.  I highly doubt this will be the last piece of Mac malware they create. 
Now that this attack is freely available on the internet it is open to anyone who decides to deploy it.

the Mac warns the user before running downloaded software, in Leopard it even tells it’s a program before saving it on the HD

First, this attack isn’t specific to Leopard and works on Tiger too.  Second, Leopard doesn’t differenciate between good apps from the internet and bad ones so it’s really a non-factor here.  Downloading Quicksilver sets off the same alarms that downloading Reap.A would set off.  So how is that of any use in this situation?  there user has already been convinced to download the file to install it so unless there’s something specifically alerting the user that this file is not safe (i.e. a malware scanner) then it makes no difference at all.

Because of full automation in Windows is possible, no user action needed, to install software I believe many PCs are infected without the user having any clue about it.

2002 called and it wants its FUD back.

Windows is a terrible platform, especially security-wise, and it would really be an achievement of Apple if they managed to produce an OS as insecure as Windows

Ironically, Microsoft products since the security push that produced XP SP2 has been producing some of the most secure products on the market.  The security researcher linked to in the article (matasano.com/log) constantly re-iterates how secure Microsoft’s new products are (even compared to Apple products).  IIS 6, Windows Server 2003, ASP.Net, Managed Code, and Windows Vista are the most secure products in their respective markets and that includes beating out OS X among others.

2002 called and it wants its FUD back

No, it’s still 1994 on Windows PCs.

And Kuaidang, I’m not suggesting that Mac users shouldn’t ignore the problem.

I didn’t say you were suggesting that. I WAS SAYING THAT IT’S PERFECTLY FINE FOR MAC USERS TO IGNORE THE ISSUE.  If the likelyhood of getting infected or attacked is low then it’s perfectly fine to ignore it. 
I live in a very safe neighborhood in suburban Minnesota and I have no problem ignoring the possibilty of break-ins and robberies.  When I lived in East Oakland it was a different story. We had bars on all the windows and guard dogs. In Minnesota I have an eight pound cat. Precautions and paranoia should reflect the level of threat one is likely to face.

And in regards to your crap about the OS coming with scanners and tools, check out this article.

The shape of Vista’s security is a wholly separate issue as to whether or not OS X should come with scanners and tools.

Windows Vista’s included tools are crap

The article is about OneCare, which does not come with Vista.  If you had even the slightest knowledge of Vista you’d probably know that.
FYI, the tools Vista come with are Windows Defender and the Outlook/Mail/IE spam and phishing filter, both of which are extremely highly rated.  The spam and phishing stuff is easily the best in the business.

and you need to get extra help.

No shit.  Every comsumer install of Vista and XP SP2 bothers the hell out of you when you don’t have anti-virus installed and repeatedly tells the user they will be more vunerable to attack without them.  Hell, even if your virus definitions aren’t up-to-date you get an alert about the possible implications.  I don’t see why you think this is some kind of slam against the product itself.

So yeah, we know you like to get on your high horse and say “ha ha ha ha” when some little trojan pops up for OS X and you like to make it seem that Windows and OS X are equal in this regard. When you do this, you only reinforce the fact that you are a predictable, pathetic troll.

Obviously you didn’t even read my post.  You just came up with your own strawman for me to represent and now you’re attacking it.  That’s fine and dandy but I clearly said that Apple and Microsoft aren’t in the same boat:

I don’t get it.  Even if there are a few malware attacks on the Mac it wouldn’t be likely that the majority of the user base would get infected.  So if the chances are that you aren’t going to be infected then where’s the harm in ignoring it.  If you’re not likely to get infected then really you’re just seeing monsters in the dark by being so paranoid.

Maybe you missed that part.

This is a non-malicious Trojan for OS X; not a polymorphic or macro virus, not a bot or worm, not a file infector.

You’re delusional if you think a trojan that can change your DNS server is “non-malicious”.  From the previous article:

This Trojan horse, a form of DNSChanger, uses a sophisticated method, via the scutil command, to change the Mac’s DNS server (the server that is used to look up the correspondences between domain names and IP addresses for web sites and other Internet services). When this new, malicious, DNS server is active, it hijacks some web requests, leading users to phishing web sites (for sites such as Ebay, PayPal and some banks), or simply to web pages displaying ads for other pornographic web sites. In the first case, users may think they are on legitimate sites and enter a user name and password, a credit card, or an account number, which will then be hijacked. In the latter case, it seems that this is being done solely to generate ad revenue.

Maybe you should read the blog that the OP linked to:
http://www.matasano.com/log/981/a-roundup-o f-leopard-security-features/

These are Mac security researchers who contend that Vista is far and away more secure than OS X.  Note: it is not “safer” but it is more secure.  In the same way that my house in Minnesota (with the doors or windows unlocked 90%+ of the time) is safer than my house in East Oakland with bars on all the windows or than the Whitehouse.

are a joke when they try to sell the idea that they have never had a single problem on Windows

LOL.  For years I’ve been asking you guys how exactly malware would get on the system I described above and you have come up with nothing.  It’s pretty ridiculous for you to assume that it is impossible for a windows user (especially one running behind a router with Opera and a fully patched box) would have to be lying to say that they never had any security problems.
All you would have to do is test the theory yourself if you had doubts.  Microsoft even provides a copy of XP and a free copy of Virtual PC for you… if you’d like to take the Pepsi challenge.

Actually, I dare you to prove me wrong.  Install XP in a VM in the fashion I described, use it for a while, and post on your blog here exactly how malware got on your system.  Fuck it… I’ll set up an XP install, blog the whole thing (here if Pilky and the site creators allow me to), make videos of the whole thing, and prove exactly how easy it is.  I’d even take suggestions as to what sites I should visit, what software to run, etc.

I’m sure Digg and Slashdot will love it.

OK, Anon, while you’re playing pedantic and try to paint me as an Apple apologist,

you missed the overarching point:

I don’t agree with the alarmist response to Mac security issues nor the smug response--both piss me off.

No I didn’t miss the point, I just disagreed with it.  I don’t think “Mac users’ smugness toward malware will come back and bite them”.  IMO it’s perfectly fine to ignore the threats because at the end of the day I really doubt my Macs (of which I now have 4) is going to get infected.
If I went to Vegas and put odds on it I’d have give it 90 to 1 or better.  So why be worry at all?

Have we seen you around these parts before?

Nope. Never. Don’t know what you’re talking about. lol!

No, it’s still 1994 on Windows PCs

LOL, nice Register link.  This “non-Malicious” (as you would put it) piece fo software was installed at the factory not something a user contracted.  This is basically akin to the virus on the iPod thing that happed a while back except even more beign.  It’s even less noteworthy than those proof-of-concept Mac viruses you guys are always dismissing.
From your link:

Although the infection itself is harmless, Stoned.Angelina will undoubtedly have left Microsoft and Bullguard execs blushing with embarrassment about the apparent flaws in their software which allowed an ancient virus to slip through the back door.

On its website Bullguard offered some reassurance to Medion customers hit by the virus:

“Stoned.Angelina is a low-risk boot virus that infects the MBR (Master Boot Record) of hard disks. This is a very old virus. Apart from its ability to spread from computer to computer, it carries no payload (damage) to the systems it infects.”

It added that the virus commonly spreads by being booted from an infected floppy disk, and causes no damage to the operating system.

Note: it is not “safer” but it is more secure.  In the same way that my house in Minnesota (with the doors or windows unlocked 90%+ of the time) is safer than my house in East Oakland with bars on all the windows or than the Whitehouse.

Sure, if you just focus on ports and firewalls, it’s secure. Fire up IE with ActiveX activated and surf some “shady sites” and see how “secure” it is. But this is you arguing semantics again.

And your analogy with Oakland implies that Windows only has more problems because more people attack it, which is complete BS. It’s designed differently and has a slew of issues stemming from ActiveX to VB to macros to a ton of crap all listed on Symantec’s site.

But you just want to focus on whether or not the firewall is active in OS X and ignore all that other crap on Windows that isn’t on the Mac.

For years I’ve been asking you guys how exactly malware would get on the system I described above and you have come up with nothing.

Again, it is a joke when Windows zealots try to sell the idea that they have never had a single problem on Windows.

You haven’t stated that yourself here. You keep arguing theoretical because you are a troll and that’s what you do - you argue.

Actually, I dare you to prove me wrong.  Install XP in a VM in the fashion I described

LOL. First off, I don’t need VM, I have PCs. Secondly, why aren’t you using Vista? LOL

I’m not going to waste my time with you Kuaidang. Everyone here who uses Windows every day knows what a giant pain in the ass it is. Vista is already a failure and referred to as ME II. But I suppose you’ll go on and on about how ME was the best Windows and how Vista isn’t a “failure” and you’ll argue semantics on what “failure” means. Ugh. You are a troll.

Fuck it… I’ll set up an XP install, blog the whole thing

Not Vista? LOL

Yes, please prove to us all the hoops the average user has to jump through just to use their computer without having it get hosed. And make sure you don’t record yourself downloading all that porn. While you are doing that, make sure you download a lot of WMV movies. After that, go to Kaaza and download some stuff and install it.

I’ll blog the same activities on my Mac, then we can compare the amount of time it took to manage the systems and also the resulting spyware, adware, stealth rootkits, etc.

LOL, nice Register link.  This “non-Malicious” (as you would put it) piece fo software was installed at the factory not something a user contracted

So what? It’s a virus from 1994 on Vista laptops and I thought it was hilarious that you said it was 2002 FUD. LOL

Malicious, to me, is it damages your computer. Changing my DNS isn’t damage. Here we are arguing semantics again. LOL.

Kuaidang, there are fewer and fewer people like you defending Windows. We all know it’s, for the most part, crap as a computing experience. My position is using a Windows PC requires a lot more hand-holding, has more problems and more hassles than a OS X Mac. All you do when you talk about all the crap you have to do and all the warnings that we all see every day using Windows is confirm my notion that Windows is crap.

If you want to argue that you can keep your PC clean if you spend a lot of energy and time on it, fine. That only makes me laugh, though.

Many in the world are realizing they don’t even need PCs. Most people, as I stated 2 years ago, are going with gaming consoles instead of gaming PCs.

The reasons for putting up with all of its problems are disappearing. And soon people won’t be tied to Office anymore either.

Do you have IStorm or Storm on your system yet? Know how to eradicate it?

I guess Windows PCs don’t offer the best Web browsing experience because of compatibility anymore since everyone is using Opera or Firefox.

The Mac OS could be in the very same position now.  Apple nor the majority of the Mac user base has any expectation of any kind of malware attack.  Apple has been very late at deploying OSS patches, ignoring basic rules of security (’open safe files’, firewall off by default, anyone?), not educating their user base about security and generally getting away with it because of they knew they weren’t going to be attacked.

BTW, that’s total crap, and if you used OS X you would know it. OS X is updated all the time.

Trojans are not new to the Mac. Anyone can change the icon of an app and make it look like a JPEG, for example.

This is a disc image that you must click on a Web page link to download, then you must run the app inside that disc image mounted, enter your password and press enter.

With this Trojan, it doesn’t matter if “Open safe” is on or not. It doesn’t matter if you have a firewall or not. There’s nothing similar between this and Windows 98. As you said yourself, this isn’t a Leopard-only Trojan.

Apple on security.

Sure, if you just focus on ports and firewalls, it’s secure. Fire up IE with ActiveX activated and surf some “shady sites” and see how “secure” it is. But this is you arguing semantics again.

LOL.  Again with the 2002 FUD.  You’ve got a blog here, why don’t you put your money where your mouth is and prove it.  We can do a paypal bet.
FYI, ActiveX is activated on the default install of XP (IE6 and 7) and Vista.  Either way, you’re still ignoring my point.  I said prefer alternative browsers like Maxthon, Mozilla, and Opera (circa 2001).. and I experienced no problems.

we can do a log and find out exactly where this stuff comes from… sense you obviously keep avoiding me when I ask you how it’s going to get on my system (what sites should I visit).

LOL. First off, I don’t need VM, I have PCs. Secondly, why aren’t you using Vista? LOL

Because that’s too easy.  Vista’s security is well beyond anything you’d be able to throw at it in such a test.  There’s no way you could win so I’m trying to keep it fair.

And your analogy with Oakland implies that Windows only has more problems because more people attack it, which is complete BS. It’s designed differently and has a slew of issues stemming from ActiveX to VB to macros to a ton of crap all listed on Symantec’s site.

None of which aplies to 2007.  Again, let’s do the test.

But you just want to focus on whether or not the firewall is active in OS X and ignore all that other crap on Windows that isn’t on the Mac.

Because that’s not relevant to the point I was making in the first post.  NONE OF IT HAD TO DO WITH COMPARING THE SECURITY OF THE TWO OPERATING SYSTEMS.
No matter how good or bad security becomes on another platform has no bearing on whether or not Apple should be deploying systems with the firewall on by default, not opening “safe files”, and shipping with malware scanning or anti-phishing tools (in Tiger) or taking other security measures.
It’s a wholly separate issue to Windows security.

Vista is already a failure

You’re “Vista is a failure” routine died the second the Windows and Office division posted a 27% improvement from year to year and beat estimates by over 1 BILLION dollars.  88 million licenses with 75% being premium. 260 million PC’s estimated this year. Biggest quarter since 1999.
Obviously a failure. LOL!
Please don’t link to the Inquirer or Register for anything.  That’s like quoting a story from the National Inquirer.  Even in their tagline they admit to being abrasive (i.e. trolling).  For instance, have you looked at the software section and the articles they’re posting about Leopard right now?

A Leopard ate my data

Apple OSX 10.5 hacked in one day

Leopard battles bugs

Bloke says Leopard’s firewall is pants

A Leopard ate my Mac

Leopard can’t run Java 1.6

Leopard firewall scuppers Skype

Apple fixes some Leopard Time Machine bugs… But it is still rotten, claim users

[url=http://www.theinquirer.net/gb/inquirer/news /2007/09/25/leopard-snubs-powerpcs]Leopard snubs PowerPCs…
Performance too spotty [/url]

My position is using a Windows PC requires a lot more hand-holding, has more problems and more hassles than a OS X Mac.

So what happened to you saying, “a joke when they try to sell the idea that they have never had a single problem on Windows”.  Why don’t you put your money where your mouth is.  Pick an OS (XP or Vista), let’s define some basic parameters and see if I can go without any problems for a designated period of time with no “hand-holding”.  If I can you transfer $500 into my paypal acocunt and if I can’t then I transfer $500 into yours.  It’s put up or shut up now… what ‘cha gonna do?

I guess Windows PCs don’t offer the best Web browsing experience because of compatibility anymore since everyone is using Opera or Firefox.

Clearly LOL
http://en.wikipedia.org/wiki/Usage_share_of _web_browsers

BTW, that’s total crap, and if you used OS X you would know it. OS X is updated all the time

Yes, it is updated all the time BUT THE OSS IS OFTEN UPDATED LATE.

http://blog.washingtonpost.com/securityfix/ 2006/05/a_time_to_patch_iii_apple_2.html

Here’s what I found: Over the past two years, after being notified about serious security flaws in its products, it took Apple about 91 days on average to issue patches to correct those vulnerabilities. I also found that almost without exception, open-source Linux vendors were months ahead of Apple in fixing the same flaws.

Apple ‘negligent’ in patching OS X’s open-source parts, says researcher

August 06, 2007 (Computerworld)—One of the researchers who went public last month with the first iPhone vulnerability said today that Apple Inc.’s lackadaisical updating of the open-source components it uses in Mac OS X is inexcusable and negligent.

“Apple has a habit of not keeping [Mac OS X’s] open-source [components] up to date,” said Charles Miller, a researcher at Baltimore-based Independent Security Evaluators (ISE) who presented at last week’s Black Hat security conference in Las Vegas. “Open-source software is as secure, I think, as closed-source, but Apple isn’t keeping up with fixes.

In other reports, Miller was quoted as using the word negligent when describing Apple’s treatment of outdated code. “Negligent, that’s a tough word, but yes, it is,” he said.

After he, Honoroff and Mason fuzzed the vulnerability out of WebKit, the application framework that forms the foundation of the Safari browser—specifically from the Perl Compatible Regular [removed]PCRE) handling code within WebKit—they discovered that the flaw they had rooted out had been fixed by the open-source project more than a year before.

“This wasn’t a one-time affair,” said Miller, who noted that he and the other researchers had dug up another vulnerability in WebKit that had been patched in its original open-source code months before. He also pointed to the recent episode with Samba, the open-source file- and print-sharing software used by Mac OS X. In that case, Apple left its Samba code unpatched for more than two months after the code was updated.

“And that wasn’t just since May,” added Miller, referring to the Samba vulnerability. “Until last week, Apple hadn’t updated its Samba code in over two years.”

Miller said his problem isn’t with open source—it’s often patched faster than commercial, proprietary software, he said—but with Apple’s sluggish pace in implementing fixes and/or updates of the open-source pieces it uses in Mac OS X. Apple’s approach, he said, puts users at risk. Even the least experienced hackers can easily find flaws to exploit, just by doing a little “compare and contrast,” he noted.

“All you have to do to find a zero-day [vulnerability] is to find an open-source package used in Mac OS X, look through the change logs [of that open-source component], and you’re done. You don’t have to do any real security research at all,” Miller claimed.

Apple being late to update OSS products is FACT.  Not anecdotal experience, hearsay, or a quote from the Register but fact that you can easily verify yourself.

As to Windows vs Mac security:

http://www.matasano.com/log/981/a-roundup-o f-leopard-security-features/

from the OP:

This feature removes a talking point argument about Microsoft Windows Vista’s superior security, but it doesn’t address the underlying point of that argument. Cocoa programs running in Darwin are less secure than Win32 programs running under NTOSKRNL, and aren’t even in the same ballpark as Managed C++ or C# programs.

That’s not a Windows zealot or uninformed journalist either.  This is a security researcher famous on the blogosphere for his connections to other Mac security issues who calls himself a “Mac fanboi”.

All you ideas of the Mac having better security than curent versions of Windows are refuted by Mac security researchers:

http://www.matasano.com/log/808/mac-punditr y-and-the-office-paradox/
http://www.matasano.com/log/644/safety-vs-s ecurity-2/

Many in the world are realizing they don’t even need PCs. Most people, as I stated 2 years ago, are going with gaming consoles instead of gaming PCs.

Best quote ever from you.
FYI, we never discussed PC gaming with each other.  It’s kinda funny when you can’t even keep your trolling straight.
BTW, Microsoft has the best selling next-gen console and the top 2 best selling console games of all-time.

Do you have IStorm or Storm on your system yet? Know how to eradicate it?

WTF is iStorm?  Google search for iStorm gives me this:
http://www.mathgamehouse.com/istorm/
Sounds cool though lol.

This is a disc image that you must click on a Web page link to download, then you must run the app inside that disc image mounted, enter your password and press enter.

With this Trojan, it doesn’t matter if “Open safe” is on or not. It doesn’t matter if you have a firewall or not.

Exactly.  If Apple shipped a virus/malware scanner with the OS then it would have caught such a malicious program and no one would ever run the risk of infection from it (assuming the scanner is properly updated).