A US Tool Repurposed by Taliban

September 17, 2021

China is the notorious Big Brother of Asia, but the now Taliban run Afghanistan will be using US-made tools to technologically repress people. According to Market Beat article: “US-Built Databases A Potential Tool Of Taliban Repression,” the United States designed databases for the democratically lead Afghanistan. The databases were designed to help Afghanis by promoting law, government accountability, and modernize the country.

The databases were built without much security and they are now in the Taliban’s hands. There are many databases, including ones that include biometrics for identify verification. The Taliban could use the databases for government surveillance and harm Taliban detractors. Former American allies or possible anti-Taliban people have already received threatening messages and taking precautions.

The Taliban claims they are not interested in retribution and are seeking International aid and unfreezing foreign held assets. The world is waiting with bated breath about what the Taliban will do to Afghanis.

The US created the Afghanistan Automated Biometric Identification Database and former officials in the country state the entire database was erased before the pullout. There are still other databases the Taliban has access to:

“Among crucial databases that remained are the Afghanistan Financial Management Information System, which held extensive details on foreign contractors, and an Economy Ministry database that compiled all international development and aid agency funding sources, the former security official said.

Then there is the data — with iris scans and fingerprints for about 9 million Afghans — controlled by the National Statistics and Information Agency. A biometric scan has been required in recent years to obtain a passport or a driver’s license and to take a civil service or university entrance exam.”

It is also possible that voter registration databases and an anti-fraud database of government officials could be under Taliban control.

Unexpected consequences? Exciting.

Whitney Grace, September 17, 2021

FR Is Going Far

September 6, 2021

Law enforcement officials are using facial recognition software and the array of cameras that cover the majority of the world to identify bad actors. The New York Times reports on a story that was used to track down a terroristic couple: “A Fire In Minnesota. An Arrest In Mexico. Cameras Everywhere.”

Mena Yousif is an Iranian refuge and Jose Felan is a felon. The couple were frustrated about the current state of the American law enforcement system and government, especially after George Floyd’s death. They set fire to buildings, including schools, stores, gas stations, and caused damage to over 1500. The ATF posted videos of the pair online, asking for any leads to their arrests. The ATF received tips as Felan and Yousif traveled across the US to the Mexican border. The were on the run for two weeks before they were identified outside of a motel in Texas.

Mexican authorities deployed a comprehensive facial recognition system, deployed in 2019, and it was used to find Felan and Yousif. Dahua Technology designed Mexico’s facial recognition system. Dahua is a Chinese company, one of the largest video surveillance companies in the world, and is partially owned by the its government. The US Defense and Commerce departments blacklisted Dahua for China’s treatment of Uighur Muslims and the trade war. Dahua denies the allegations and stated that it cannot control how its technology is used. Facial recognition did not catch Yousif and Felan, instead they were given a tip.

China is marketing surveillance technology to other countries, particularly in South America, Asia, and Africa, as a means to minimize crime and promote order. There are issues with the technology being perfect and the US does use it despite them:

“In the United States, facial recognition technology is widely used by law enforcement officials, though poorly regulated. During a congressional hearing in July, lawmakers expressed surprise that 20 federal agencies were using it without having fully assessed the risks of misuse or bias — some algorithms have been found to work less accurately on women and people of color, and it has led to mistaken arrests. The technology can be a powerful and effective crime-solving tool, though, placing it, for now, at a tipping point. At the start of the hearing, Representative Sheila Jackson Lee, Democrat of Texas, highlighted the challenge for Congress — or anyone — in determining the benefits and downsides to using facial recognition: It’s not clear how well it works or how widely it’s used. As Ms. Jackson Lee said, “Information on how law enforcement agencies have adopted facial recognition technology remains underreported or nonexistent.”

Many governments around the world, including the US, seem poised to their increase the amount of facial recognition and tracking technology for law and order. What is interesting is that China has been a pacesetter.

Whitney Grace, September 9, 2021

NSO Group: The Rip in the Fabric of Intelware

July 22, 2021

A contentious relationship with the “real news” organizations can be risky. I have worked at a major newspaper and a major publisher. The tenacity of some of my former colleagues is comparable to the grit one associates with an Army Ranger or Navy Seal, just with a slightly more sensitive wrapper. Journalists favored semi with it clothes, not bushy beards. The editorial team was more comfortable with laptops than an F SCAR.

Communications associated with NSO Group — the headline magnet among the dozens of Israel-based specialized software companies (an very close in group by the way)— may have torn the fabric shrouding the relationship among former colleagues in the military, government agencies, their customers, and their targets.

Whose to blame? The media? Maybe. I don’t have a dog in this particular season’s of fights. The action promises to be interesting and potentially devastating to some comfortable business models. NSO Group is just one of many firms working to capture the money associated with cyber intelligence and cyber security. The spat between the likes of journalists at the Guardian and the Washington Post and NSO Group appears to be diffusing like spilled ink on a camouflage jacket.

I noted “Pegasus Spyware Seller: Blame Our Customers Not Us for Hacking.” The main point seems to be that NSO Group allegedly suggests that those entities licensing the NSO Group specialized software are responsible for their use of the software. The write up reports:

But a company spokesman told BBC News: “Firstly, we don’t have servers in Cyprus.

“And secondly, we don’t have any data of our customers in our possession.

“And more than that, the customers are not related to each other, as each customer is separate.

“So there should not be a list like this at all anywhere.”

And the number of potential targets did not reflect the way Pegasus worked.

“It’s an insane number,” the spokesman said.

“Our customers have an average of 100 targets a year.

“Since the beginning of the company, we didn’t have 50,000 targets total.”

For me, the question becomes, “What controls exist within the Pegasus system to manage the usage of the surveillance system?” If there are controls, why are these not monitored by an appropriate entity; for example, an oversight agency within Israel? If there are no controls, has Pegasus become an “on premises” install set up so that a licensee has a locked down, air tight version of the NSO Group tools?

The second item I noticed was “NSO Says ‘Enough Is Enough,’ Will No Longer Talk to the Press About Damning Reports.” At first glance, I assumed that an inquiry was made by the online news service and the call was not returned. That happens to me several times a day. I am an advocate of my version of cancel culture. I just never call the entity again and move on. I am too old to fiddle with the egos of a younger person who believes that a divine entity has given that individual special privileges. Nope, delete.

But not NSO Group. According to the write up:

“Enough is enough!” a company spokesperson wrote in a statement emailed to news organizations. “In light of the recent planned and well-orchestrated media campaign lead by Forbidden Stories and pushed by special interest groups, and due to the complete disregard of the facts, NSO is announcing it will no longer be responding to media inquiries on this matter and it will not play along with the vicious and slanderous campaign.” NSO has not responded to Motherboard’s repeated requests for comment and for an interview.

Okay, the enough is enough message is allegedly in “writing.” That’s better than a fake message disseminated via TikTok. However, the “real journalists” are likely to become more persistent. Despite a lack of familiarity with the specialized software sector, a large number of history majors and liberal arts grads can do what “real” intelligence analysts do. Believe me, there’s quite a bit of open source information about the cozy relationship within and among Israel’s specialized software sector, the interaction of these firms with certain government entities, and public messages parked in unlikely open source Web sites to keep the “real” journalists learning, writing, and probing.

In my opinion, allowing specialized software services to become public; that is, actually talk about the capabilities of surveillance and intercept systems was a very, very bad idea. But money is money and sales are sales. Incentive schemes for the owners of specialized software companies guarantee than I can spend eight hours a day watching free webinars that explain the ins and outs of specialized software systems. I won’t but some of the now ignited flames of “real” journalism will. They will learn almost exactly what is presented in classified settings. Why? Capabilities when explained in public and secret forums use almost the same slide decks, the same words, and the same case examples which vary in level of detail presented. This is how marketing works in my opinion.

Observations:

1. A PR disaster is, it appears, becoming a significant political issue. This may pose some interesting challenges within the Israel centric specialized software sector. NSO Group’s system ran on cloud services like Amazon’s until AWS allegedly pushed Pegasus out of the Bezos stable.

2. A breaker of the specialized software business model of selling to governments and companies. The cost of developing, enhancing, and operating most specialized software systems keeps companies on the knife edge of solvency. The push into commercial use of the tools by companies or consumerizing the reports means government contracts will become more important if the non-governmental work is cut off. Does the world need several dozen Dark Web indexing outfits and smart time line and entity tools? Nope.

3. A boost to bad actors. The reporting in the last week or so has provided a detailed road map to bad actors in some countries about [a] What can be done, [b] How systems like Pegasus operate, [c] the inherent lack of security in systems and devices charmingly labeled “insecure by design” by a certain big software company, and [d] specific pointers to the existence of zero day opportunities in blast door protected devices. That’s a hoot at ??????? ???? “Console”.

Net net: The NSO Group “matter” is a very significant milestone in the journey of specialized software companies. The reports from the front lines will be fascinating. I anticipate excitement in Belgium, France, Germany, Israel, the United Kingdom, and a number of other countries. Maybe a specialized software Covid Delta?

Stephen E Arnold, July 22, 2021

Smart Devices and Law Enforcement: Yes, the Future

June 28, 2021

I read “Security Robots Expand across U.S., with Few Tangible Results.” The write up highlights Yet Another Security Sales Play or YASSP. The write up states:

Officer Aden Ocampo-Gomez, a spokesman for the Las Vegas Metropolitan Police Department, said that while the complex is no longer in the agency’s top 10 list for most frequent 911 calls in the northeastern part of the Las Vegas Valley, he doesn’t think all the credit should go to Westy. “I cannot say it was due to the robot,” he said.

No surprise. Crime is a result of many factors; some of which make many, many people uncomfortable. A parent loses a job and steals money from an old timer with a cane. A hormone filled young person frustrated with a person staring decides to beat up the clueless person looking for a taxi. A street person needs a snort of Cisco. Many examples, and I have not wandered into the thicket of gangs, vendettas, psychological weirdness, or “hey, it seemed like fun.”

The write up does bump up a reality for vendors of police-related technology. Here’s an interesting passage:

But the finances behind the police robot business is a difficult one. Last year, Knightscope lost more money than ever, with a $19.3 million net loss, nearly double from 2019. While some clients are buying more robots, the company’s overall number of clients fell to 23, from 30, in the past four years. Plus, the number of robots leased has plateaued at 52 from the end of 2018 through the end of last year. The pandemic certainly didn’t help things. Just two months ago, Knightscope told investors that there was “substantial doubt regarding our ability to continue” given the company’s “accumulated deficit,” or debt, of over $69 million as of the end of 2020. Its operating expenses jumped by more than 50 percent, including a small increase on research, and a doubling of the company’s marketing budget. Knightscope itself recently told investors that absent additional fundraising efforts, it will “not be solvent after the third quarter of 2022.”

Earlier this month I gave a talk to a group on the East Coast affiliated with a cyber crime outfit. One question popped up on the Zoom chat:

What’s law enforcement look like in five years?

As I have pointed out many times, if I could predict the future, I would be rolling in Kentucky Derby winnings. I said something to the effect, “More technology.”

That’s what CNBC is missing in its write up about the robot outfit Knightscope: Enforcement agencies worldwide are trying to figure out how to attract individuals who will enforce laws. Australia has explored hiring rehabbed criminals for special roles. Several years ago, I had dinner with one of these individuals, and I came away thinking, “This is a perfect type for undercover work.”

The major TV outlets in my area of the Rust Belt routinely run interviews with government officials who point out that there are employment opportunities in law enforcement.

The problem is that finding employees is not easy. Once a person is an employee, often that individual wants to work on a schedule appropriate to the person, not the organization. If asked to do extra work, the employee can quit or not show up. This issue exists at fast food outfits, manufacturing plants, and government agencies.

What the write up ignores is that robots will work. Using semi smart devices is the future. Turn ‘em on; devices mostly work.

One can’t say that for human counterparts.

Net net: Without enough humans who will actually work, smart devices are definitely the future. I stand by my observation to the cyber crime seminar attendees. What do you want patrolling your subdivision: A smart device or a 22 year old fascinated with thumbtyping who wants a three day work week and doesn’t want to get involved.

Think about it. Knightsbridge, if I can do anything to boost your company, let me know.

Stephen E Arnold, June 28, 2021

German Monitoring Comes into Focus

June 23, 2021

Redittor u/emooon alerts us to some disturbing legislation in the post, “Germany is About to Pass a Law that Allows German Intelligence Agencies to Use Trojan Software on its Citizens Without Any Reasons for Suspicion.” The post points us to a warning from the civil rights and consumer protection organization Digitale Gesellschaft (“Digital Society”); see here for the original German version and here for Google’s auto-translation. The society’s press release states that several entities, including the Chaos Computer Club, Facebook, and Google, protested the law in an open letter (original here) to the German Parliament. Despite the objections, however, the law was passed on June 10. U/emooon summarizes the problem:

“The focus of criticism is the authority to use the so called State-Trojans for the purpose of source telecommunication surveillance, with which in particular also stored encrypted communication directly on the end devices of the users is to be diverted and monitored. Not only are ongoing communications to be monitored, but in some cases stored messages are also to be accessed retroactively. This not only represents a significant encroachment on the fundamental rights of those affected, but also undermines the security of communications as a whole, as the authorities hack into the devices and exploit security loopholes instead of closing them. In addition, the powers to monitor individuals are to be massively expanded and the intelligence services are to be given broad discretion to take action. This is justified in particular by activities on the Internet.”

Then there is the part that prompted that open letter mentioned above:

“[These organizations] all fear that the expansion of Article 10 could force communications service providers to limit the security and integrity of their own services to help intelligence agencies spy. This reaches as far as being obligated to transfer ‘software-updates’ through the German intelligence agencies in order for them to integrate spyware.”

Furthermore, we are told, the law undermines the well-established separation requirement between the intelligence services and the police. This is not an encouraging development.

Cynthia Murrell, June 23, 2021

An Amusing Analysis of Palantir Technologies

June 7, 2021

I find analyses of intelware/policeware companies fascinating. “Palantir DD If You Want to Understand Company and Its History Better” is based on research conducted since November 2020. The write up asserts that Palantir is three “companies”: The government software (what I call intelware/policeware), the adding sales professionals facet of the business, and “their actual like full AI for weaponization and war and defense for the government.”

I must admit my research team has characterized Palantir Technologies in a different way. Palantir has been in business for more than a decade. The company has become publicly traded, and the stock as of June 2, 2021, is trading at about $25 per share. The challenge for companies like Palantir are the same old set of hurdles that other search and content processing firms have to get over without tripping and hitting the cinders with their snoot; namely:

  1. Generating sustainable and growing revenue streams from a somewhat narrow slide of commercial, financial, and government prospects. Newcomers like DataWalk offer comparable if not better technology at what may be more acceptable price points.
  2. Balancing the cost of “renting” cloud computer processing centers against the risk of those cloud vendors raising prices and possibly offering the same or substantially the same services at a lower price. Palantir relies on Amazon AWS, and that creates an interesting risk for Palantir’s senior management. To ameliorate the risk of AWS raising prices, buying a Palantir competitor, or just rolling out an Amazon version of the Palantir search and content processing system, Palantir signed a deal with IBM. This deal is for a different slice of the market, but it remains to be seen if this play will pay off in a substantial way.
  3. Figuring out how to expand the firm’s services’ business without getting into the business of creating customized versions of the Analyst’s Notebook type of product that Palantir offers. Furthermore, exceptional revenues can be generated from consulting, and to keep clients happy, Palantir may find that it has to resell competitors’ products. In short, consulting looks super from one point of view. From another it can derail the original Palantir business model. Money talks, particularly when the company has to payback its investors, invest in new technology, and spend money to generate leads and close.
  4. The clients have to be happy. Anecdotal evidence exists that some Palantir customers are not in thrill city. I am not going to identify the firms which have stubbed their toes on Palantir’s approach and the system’s value. Some online searching yields helpful insights.
  5. The company has a history of walking a fine line between appropriate and inappropriate behavior. The litigation (now sealed) between Palantir and the original i2 Ltd., the company which developed to a large part the current approach to intelware/policeware is usually unknown or just ignored. That’s not helpful. Combine the i2 matter with Palantir’s method of providing its software to analysts in some battle zones reveals helpful nuances about the firm’s methods.

To sum up, the analysis — at least to me — was a hoot.

Stephen E Arnold, June 7, 2021

Facial Recognition: Use It or Diffuse It?

May 24, 2021

Facial recognition technology is an important application. Doors can unlock when the technology “recognizes” a person. Investigators can take a zero leads situation and generate a list of possible matches for a surveillance photo. Google can “look” at an image and offer similar pictures. Perfect? What smart software is? Figure 30 to 85 percent accuracy in my experience. Why the wide variance. There are individuals who wear Cyberdazze shields like this:

image

Not many smart software programs can ID the person in this high-resolution image.

I spotted two interesting takes on facial recognition.

The first is explicated in “Time Magazine Lauds Clearview AI Despite Its Sketchy Facial Recognition Tech.” The article about the Time Magazine endorsement of Clearview AI states:

Time Magazine released its inaugural list of the 100 Most Influential Companies, featuring an array of large and small corporations that “are helping to chart an essential path forward.” Disturbingly, among its choices of “disruptors” is Clearview AI, the controversial facial recognition start-up known for illicitly scraping Americans’ images and demographic information from social media and selling the data to law enforcement. By celebrating a company that engages in illegal mass surveillance, Time is complicit in the degradation of our privacy and our civil liberties.

The idea is that Time Magazine is cheerleading for an outfit which is not benefiting those in the US.

The second is expressed in “Amazon Pauses Sales of Facial Recognition Software to Police Indefinitely.” This write up indicates that Amazon’s self-imposed ban on the sale of its facial recognition software will continue.

What’s interesting is that technology is linked with an application of pattern recognition methods. The topic is fraught because it is an intensely subjective discussion flavored with some technical information.

In my experience, technology diffuses and does so inexorably. “Knowing” is often sufficient to allow a third party to replicate a technology and apply it. Laws and rules can be imposed to prevent this technology diffusion. The only way to prevent this dispersal is via secrecy; that is, the “information wants to be free” truism makes clear that communication from one who knows to one who doesn’t initiates an often irreversible process.

Facial recognition is propagating and quickly. Apple and Google are using privacy as a marketing tactic. Neither firm is going to turn down the dollars that come from the information those firms gather. Unlock a phone with your face. Yep, facial recognition linked to specific data about location, time, and actions. Wander through the airport in Quito and a quite efficient system developed outside the US records, analyzes, and stores those data for reference. Those weird images on the GOES card. Absolutely a useful image.

My point is that talk about facial recognition is interesting, but it is unlikely to alter the use of the technology. Time Magazine may be right in IDing Clearview AI as an important company. It is. Amazon may be doing marketing when it won’t sell its facial recognition to law enforcement. But what about Amazon’s partners?

The good ship facial recognition has sailed.

Stephen E Arnold, May 24, 2021

Specialized Technology: Why Processing Talk Can Be Helpful to Anyone

May 7, 2021

Some specialized services companies have provided cheat sheets for audio and video intercepts. I heard that this technology was under wraps and available only to those with certain privileges. Not any longer.

An outfit at Wordcab.com can perform what once was an intelligence function for anyone with Internet access, content, and a way to pay. Navigate to Wordcab.com and sign up. The company says:

Automagically summarize all your internal meetings. Wordcab creates detailed, natural-language summaries of all your meetings and sales calls. So you can focus on people, not paper.

Thumbtypers will thrill with the use of the word “automagically.” The service can ingest a Zoom recording and generate a summary. The outputs can be tweaked, but keep in mind, this is smart software, not Maxwell Perkins reincarnated as your blue pencil toting digital servant. There’s an API so the service can be connected to whizzy distributed services and, if you have a copy of Palantir Gotham-type software, you can do some creative analysis.

The idea is that the smart software can make an iPhone toting bro or bro-ette more efficient.

The key point is that once was a secret capability is now available to anyone with an Internet connection. And to those who don’t think there is useful information in TikTok-type services. Maybe think again?

Stephen E Arnold, May 7, 2021

Signal and Cellebrite: Raising Difficult Questions

April 22, 2021

Signal published an summary of its exploration of the Cellebrite software. Founded in Israel and now owned by the Japanese company Sun Corporation, Cellebrite is a frequent exhibitor, speaker, and training sponsor at law enforcement and intelligence conferences. There are units and subsidiaries of the company, which are not germane to this short blog post. The company’s main business is to provide specialized services to make sense of data on mobile devices. Yes, there are other use cases for the company’s technology, but phones are a magnet at the present time.

Exploiting Vulnerabilities in Cellebrite UFED and Physical Analyzer from an App’s Perspective” makes clear that Cellebrite’s software is probably neither better nor worse than the SolarWinds, Microsoft Exchange Server, or other vendors’ software. Software has bugs, and once those bugs are discovered and put into circulation via a friendly post on a Dark Web pastesite or a comment in a tweet, it’s party time for some people.

Signal’s trope is that the Cellebrite “package” fell off a truck. I am not sure how many of those in my National Cyber Crime 2021 lectures will find that explanation credible, but some people are skeptics. Signal says:

[Cellebrite’s] products have often been linked to the persecution of imprisoned journalists and activists around the world, but less has been written about what their software actually does or how it works. Let’s take a closer look. In particular, their software is often associated with bypassing security, so let’s take some time to examine the security of their own software.

The write up then points out vulnerabilities. The information may be very useful to bad actors who want to configure their mobile devices to defeat the Cellebrite system and method. As readers of this blog may recall, I am not a big fan of disclosures about specialized software for certain government entities. Others — like the Signal analysts — have a different view point. I am not going to get involved in a discussion of this issue.

What I want to point out is that the Signal write up, if accurate, is another example of a specialized services vendor doing the MBA thing of over promising, overselling, and over marketing a cyber security solution.

In the context of the cyber security threat intelligence services which failed to notice the not-so-trivial SolarWinds, Microsoft Exchange Server, and Pulse Secure cyber missteps — the Signal essay is important.

Let me express my concern in questions:

What if the cyber security products and services are not able to provide security? What if the indexes of the Dark Web are not up to date and complete so queries return misleading results? What if the auto-generate alerts are based on flawed  methods?

The cyber vendors and their customers are likely to respond, “Our products are more than 95 percent effective.” That may be accurate in some controlled situations. But at the present time, the breaches and the Signal analysis may form the outlines of a cyber environment in which expensive cyber tools are little more than plastic hammers and saws. Expensive plastic tools which break when subjective to real world work.

Stephen E Arnold, April 22, 2021

Did You Know You Had a LexID? No. Worth Checking Maybe

April 22, 2021

With ICE’s contract with Thomson Reuters’ CLEAR expiring, The Intercept reports, “LexisNexis to Provide Giant Database of Personal Information to ICE.” Apparently the company could not resist the $16.8 million contract despite downplaying its ties to the agency in the past. Once focused on providing data to legal researchers and law firms, reduced sales compelled LexisNexis to branch into serving law enforcement. The firm will be supplying Homeland Security agents with billions of records that aggregate data from sources both public and private, like credit histories, bankruptcy records, license plate photos, and cell phone subscriber info. Naturally, these profiles also come with analytics tools. Reporter Sam Biddle writes:

“It’s hard to wrap one’s head around the enormity of the dossiers LexisNexis creates about citizens and undocumented persons alike. While you can at least attempt to use countermeasures against surveillance technologies like facial recognition or phone tracking, it’s exceedingly difficult to participate in modern society without generating computerized records of the sort that LexisNexis obtains and packages for resale. The company’s databases offer an oceanic computerized view of a person’s existence; by consolidating records of where you’ve lived, where you’ve worked, what you’ve purchased, your debts, run-ins with the law, family members, driving history, and thousands of other types of breadcrumbs, even people particularly diligent about their privacy can be identified and tracked through this sort of digital mosaic. LexisNexis has gone even further than merely aggregating all this data: The company claims it holds 283 million distinct individual dossiers of 99.99% accuracy tied to ‘LexIDs,’ unique identification codes that make pulling all the material collected about a person that much easier. For an undocumented immigrant in the United States, the hazard of such a database is clear.”

Biddle notes that both LexisNexis and Thomson Reuters are official data partners of Palantir, which insists it is not, itself, a data company. It is, however, a crucial partner to law enforcement agencies at all levels across the US, as well as the security departments at several corporations. The firm supplies its clients, including ICE, with huge datasets, analysis tools, and consultants to help organizations track anyone of interest. Despite these partnerships, both Thomson Reuters and LexisNexis have largely escaped the controversy that has surrounded Palantir.

Biddle has trouble reconciling LexisNexis’ new contract with its insistence it is actually on the side of detainees because it supplies them with access to an e-library of legal materials. For its part, the firm takes pains to note the contract complies with President Biden’s Executive Order 13993, which revised immigration enforcement policies and DHS interim guidelines. We are reminded, though, that despite the new occupant of the Oval Office, those running ICE remain the same. It is their hands into which this astounding trove of personal data is being delivered.

Cynthia Murrell, April 22, 2021

Next Page »

  • Archives

  • Recent Posts

  • Meta