{"version":3,"file":"WJBZI1Ghk-103.DUlEiw-F.mjs","names":["o","n"],"sources":["https:/framerusercontent.com/modules/xkgOTPH3D819XQA1Lv94/f7EzDt54JfBX9aTXubsh/WJBZI1Ghk-103.js"],"sourcesContent":["import{jsx as e,jsxs as t}from\"react/jsx-runtime\";import{Link as o}from\"framer\";import{motion as n}from\"framer-motion\";import*as i from\"react\";export const richText=/*#__PURE__*/e(i.Fragment,{children:/*#__PURE__*/t(\"p\",{children:[\"The \",/*#__PURE__*/e(o,{href:\"https://www.iso.org/obp/ui/#iso:std:iso-iec:27002:ed-3:v1:en\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"ISO/IEC 27002\"})}),\" got its long-overdue revamp and now it's got a structure you need to know about. If you're not familiar with this name, don't worry too much! The ISO/IEC 27002 is a standard that is part of the ISO/IEC 27000 family. These are developed by the ISO (International Organization for Standardization) and the IEC (International Electrotechnical Commission). As such, ISO/IEC 27002 is an \",/*#__PURE__*/e(\"strong\",{children:\"information security\"}),\" standard that provides a recognized framework for information security management best practices. The last time the industry had seen an update on this standard was back in 2013, when the second version came out. This year, in February, the third version was published and everyone who cares about cybersecurity is super excited to know what's new there. Here, we'll give you a short summary.\"]})});export const richText1=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"What's new\"}),/*#__PURE__*/t(\"p\",{children:[\"Let's start with the title. It reads \",/*#__PURE__*/e(\"em\",{children:\"Information security, cybersecurity and privacy protection\"}),\". So this new iteration not only deals with information security, like the previous one, but also cybersecurity and privacy, and that's clear from the very beginning. This interest in these two concepts reveals what (at least part of) the rationale is for issuing this third version. Namely, ISO/IEC 27002 is catching up to \",/*#__PURE__*/e(o,{href:\"https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/t(n.a,{children:[\"NIST's \",/*#__PURE__*/e(\"em\",{children:\"Framework\"})]})}),\" \",/*#__PURE__*/e(\"em\",{children:\"for Improving Critical Infrastructure Cybersecurity\"}),\", as well as the growing attention to privacy protection. Indeed, we have mentioned \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/cybersecurity-trends-2021/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"elsewhere\"})}),\" that the increasing prioritization of privacy is pushing more organizations to comply with modern privacy laws, such as the LGPD and the CCPA. Ultimately, something the new iteration of ISO/IEC 27002 offers is the possibility of navigating more easily between various other frameworks and standards.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Now we can move on to the structure. The past edition grouped security controls into 14 clauses, whereas the new edition groups them into four \",/*#__PURE__*/e(\"strong\",{children:\"themes\"}),\": organizational, people, physical and technological controls. The previous version's clauses and this new version's themes are listed in Figure 1. These themes' names are interestingly reminiscent of the four \",/*#__PURE__*/e(o,{href:\"https://csrc.nist.gov/glossary/term/entity\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"entities\"})}),\" (or parties) that NIST mentions in some of its documents. In fact, \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/human-security-sensor/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"it has been suggested\"})}),' that impact on these entities is to be taken into consideration when conducting risk assessments. This could facilitate finding common ground between ISO and NIST. However, a case could be made that the organizational theme is a \"',/*#__PURE__*/e(o,{href:\"https://www.iso27001security.com/html/27002.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"catch-all group\"})}),\"\\\" that houses controls that don't fit too well in the remaining themes. In that sense, maybe the intention is good but the reference between themes and entities is not as perfect as one would probably wish.\"]}),/*#__PURE__*/e(\"img\",{alt:\"ISO/IEC 27002\",className:\"framer-image\",height:\"540\",src:\"https://framerusercontent.com/images/NgHZYyXYPHCP8veH95xoebKYs.png\",srcSet:\"https://framerusercontent.com/images/NgHZYyXYPHCP8veH95xoebKYs.png?scale-down-to=512 512w,https://framerusercontent.com/images/NgHZYyXYPHCP8veH95xoebKYs.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/NgHZYyXYPHCP8veH95xoebKYs.png 1920w\",style:{aspectRatio:\"1920 / 1080\"},width:\"960\"}),/*#__PURE__*/e(\"h6\",{children:\"Figure 1. ISO/IEC 27002's 2013 version clauses and 2022 version themes.\"}),/*#__PURE__*/t(\"p\",{children:[\"Remarkably, the 2013 version's 114 security controls went through merging and updating processes to create this year's version. Now we've got 93 \",/*#__PURE__*/e(\"strong\",{children:\"security controls\"}),\", of which 82 come from the previous version —58 updated, and 24 merged— and 11 are new. The following are the new ones:\"]}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Threat intelligence\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Information security for use of cloud services\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"ICT [information and communications technology] readiness for business continuity\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Physical security monitoring\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Configuration management\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Information deletion\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Data masking\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Data leakage prevention\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Monitoring activities\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Web filtering\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Secure coding\"})})]}),/*#__PURE__*/t(\"p\",{children:[\"As could be easily guessed, the first three belong to the organizational theme; the fourth, to the physical theme; and the rest, to the technological theme. Let us just say that one of the most interesting controls in this list is the second one, referring to \",/*#__PURE__*/e(o,{href:\"https://en.wikipedia.org/wiki/Cloud_computing\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"cloud computing\"})}),\". Indeed, this control reminds us just how badly the ISO/IEC 27002 needed an update. We have stated \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/cybersecurity-trends-2021/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"elsewhere\"})}),\" that cloud adoption grew last year, and this is expected to go on this year. Moving down the list to the technological-themed controls, we can see that some of them suit privacy regulation requirements, again, showcasing privacy protection as a priority.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Another helpful addition of this iteration is that each control is characterized by values of a set of \",/*#__PURE__*/e(\"strong\",{children:\"attributes\"}),\":\"]}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Control type (preventive, detective and/or corrective)\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Information security properties (confidentiality, integrity and availability)\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Cybersecurity concepts (identify, protect, detect, respond and recover)\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Operational capabilities (e.g., governance, asset management, information protection)\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Security domains (governance and ecosystem, protection, defense, and resilience)\"})})]}),/*#__PURE__*/t(\"p\",{children:[\"What catches the eye immediately are the cybersecurity concepts, whose values refer to the functions taken into account by the \",/*#__PURE__*/e(o,{href:\"https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"NIST cybersecurity standard\"})}),'. As stated by this standard, these functions, considered together, \"provide a high-level, strategic view of the lifecycle of an organization\\'s management of cybersecurity risk.\" The attributes we see in this new version inform about the applications of controls, reflecting their complexities more vividly. However, it has been ',/*#__PURE__*/e(o,{href:\"https://www.iso27001security.com/html/27002.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"suggested\"})}),' that the assignment of some of these attributes could be arbitrary and, if done more accurately, \"the standard would become unwieldy.\"']}),/*#__PURE__*/t(\"p\",{children:[\"Finally, the previous version mentioned objectives that each control would help to achieve. So, if an objective is accepted by an organization, they could refer to controls related to that objective and implement them to mitigate risk. In this year's version, objectives transformed into \",/*#__PURE__*/e(\"strong\",{children:\"purposes\"}),\". The idea is pretty much the same, although \",/*#__PURE__*/e(o,{href:\"https://www.iso27001security.com/html/27002.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"there is criticism\"})}),\" that purposes don't reference the organization's information risks the controls aim to mitigate as clearly as objectives did.\"]}),/*#__PURE__*/e(\"h2\",{children:\"How does the new version affect organizations?\"}),/*#__PURE__*/t(\"p\",{children:[\"Organizations around the world seek to be certified as compliant with security standards. When it comes to the ISO/IEC 27000 family, the standard that \",/*#__PURE__*/e(o,{href:\"https://www.iso.org/standard/54534.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"can be used\"})}),' worldwide \"as the basis for formal compliance assessment by accredited certification auditors\" is the ISO/IEC 27001:2013.']}),/*#__PURE__*/e(\"p\",{children:\"In turn, what the ISO/IEC 27002 does is provide information about the security controls that organizations can implement according to their needs and the risks they have identified. In short, the new version shouldn't impact auditing and the fact it's now published doesn't mean ISO/IEC 27001-certified organizations are getting their certification revoked. What it does mean for organizations is an opportunity to update their security controls and find out what new controls they should be implementing.\"}),/*#__PURE__*/t(\"p\",{children:[\"At Fluid Attacks, we use the \",/*#__PURE__*/e(o,{href:\"https://help.fluidattacks.com/portal/en/kb/articles/criteria-compliance-iso27001\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"ISO/IEC 27001:2013\"})}),\" and the \",/*#__PURE__*/e(o,{href:\"https://help.fluidattacks.com/portal/en/kb/articles/criteria-compliance-iso27002/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"ISO/IEC 27002:2022\"})}),\" as a reference for our assessments of organizations systems' security vulnerabilities. \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/contact-us/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Contact us\"})}),\"!\"]}),/*#__PURE__*/t(\"p\",{children:[\"_____\",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),\"⚠️ \",/*#__PURE__*/e(\"strong\",{children:\" \"}),/*#__PURE__*/t(\"em\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Caution:\"}),\" Many major details from the new standard are missing in this blog post. Having read this post in no way substitutes for careful reading of the ISO/IEC 27002:2022. For your purposes other than personal, we recommend that you purchase and read the \"]}),/*#__PURE__*/e(o,{href:\"https://www.iso.org/standard/75652.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:/*#__PURE__*/e(\"em\",{children:\"full text\"})})}),/*#__PURE__*/t(\"em\",{children:[\".\",/*#__PURE__*/t(\"strong\",{children:[/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{})]})]}),\"_____\"]})]});export const richText2=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://marketingplatform.google.com/about/analytics/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Google Analytics\"})}),\" is a web analytics service that allows us to use various tools and information exclusive to Google to analyze specific data in our companies. Thanks to Google Analytics, we can know the performance of our marketing actions according to the behavior of users on our websites and applications. This service can contribute a lot to understanding our users or clients so we can offer them better experiences and, therefore, get better results. However, not everything's just peachy.\"]}),/*#__PURE__*/t(\"p\",{children:[\"This month, \",/*#__PURE__*/e(o,{href:\"https://matomo.org/blog/2022/02/france-google-analytics-gdpr-breach/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"I read that\"})}),\" the French Data Protection Agency, CNIL (\",/*#__PURE__*/e(\"em\",{children:\"Commission Nationale de l'Informatique et des Libert\\xe9s\"}),\"), determined that the use of Google Analytics is \",/*#__PURE__*/e(\"em\",{children:\"illegal\"}),\" under GDPR (General Data Protection Regulation). As you may know, GDPR is a set of data protection and privacy rules within the European Union (EU) and the European Economic Area (EEA). These rules apply to any organization that stores, processes or transfers personal information of European citizens, even operating outside those territories.\"]}),/*#__PURE__*/t(\"p\",{children:[\"The CNIL's decision immediately follows the same decision \",/*#__PURE__*/e(o,{href:\"https://matomo.org/blog/2022/01/google-analytics-gdpr-violation/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"taken earlier this year\"})}),\" by the Austrian Data Protection Authority (\",/*#__PURE__*/e(\"em\",{children:\"Datenschutzbeh\\xf6rde\"}),\", DSB). And all this comes out of what was already resolved in 2020 by the Court of Justice of the European Union (CJEU). \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/schrems-shield/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"As I stated\"})}),' at that time, the CJEU \"determined that the EU-U.S. Privacy Shield agreement, a safeguard used by many companies to transfer personal data from the European Union to the United States for commercial purposes, was invalid.\"']})]});export const richText3=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"Schrems I and II\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/schrems-shield/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Let's briefly revisit\"})}),' what happened some years ago. It all started back in 2013 when Austrian privacy rights campaigner Max Schrems contested the transfer of personal data of European individuals from Facebook to servers in the U.S. After typically protracted and tiresome legal imbroglios, it was finally in 2015 that the CJEU determined that the principles of the existing Safe Harbor agreement between the EU and the U.S. Department of Commerce were inadequate for the protection of EU citizens\\' information. That ruling received the name \"Schrems I.\"']}),/*#__PURE__*/e(\"p\",{children:'Almost overnight, those under the Safe Harbor had to look for an alternative, which led to the emergence of the above-mentioned EU-U.S. Privacy Shield agreement. And while this was created to be consistent with EU laws for the use of personal information, it appears that there could still be indiscriminate access to such data by national authorities or intelligence agencies in the U.S. As I noted, \"requests by these agencies could take priority over EU personal privacy rights, according to [the] United States security laws.\" Therefore, the Privacy Shield was not complying with the GDPR. Thanks to another long and arduous effort, this new agreement was invalidated with the \"Schrems II\" ruling in 2020.'}),/*#__PURE__*/t(\"p\",{children:[\"Once again, the parties involved, companies in the U.S. and EU, had to seek changes and reformulations. Despite this, some ended up ignoring what happened, and it was precisely this that led to the DSB decree in Austria. \",/*#__PURE__*/e(o,{href:\"https://matomo.org/blog/2022/01/google-analytics-gdpr-violation/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"In the words of Erin,\"})}),\" from Google Analytics alternative, Matomo, \\\"The choice to ignore is what landed one Austrian business in the [DSB's] line of fire, damaging the brand's reputation and possibly resulting in a hefty fine of up to €20 million or 4% of the organization's global turnover.\\\" But aren't there many at the moment surely doing the same thing? Well, as stated, penalization is a possibility; for now, what matters is to reinforce widespread compliance.\"]}),/*#__PURE__*/e(\"img\",{alt:\"GA illegal\",className:\"framer-image\",height:\"350\",src:\"https://framerusercontent.com/images/JzV39BLUCq0oz4n6ILxHtWu9I.png\",srcSet:\"https://framerusercontent.com/images/JzV39BLUCq0oz4n6ILxHtWu9I.png?scale-down-to=512 512w,https://framerusercontent.com/images/JzV39BLUCq0oz4n6ILxHtWu9I.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/JzV39BLUCq0oz4n6ILxHtWu9I.png 1920w\",style:{aspectRatio:\"1920 / 700\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"This image was taken from \",/*#__PURE__*/e(o,{href:\"https://noyb.eu/sites/default/files/styles/media_large/public/2022-01/google_analytics_illegal_2.png?itok=sviSf0Sj\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"noyb.eu.\"})})]}),/*#__PURE__*/e(\"h2\",{children:\"DSB and CNIL ruled against Google Analytics\"}),/*#__PURE__*/t(\"p\",{children:[\"It seems that \",/*#__PURE__*/e(o,{href:\"https://noyb.eu/en/austrian-dsb-eu-us-data-transfers-google-analytics-illegal\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"noyb,\"})}),\" the group of professionals founded by Max Schrems that acts in favor of the privacy rights of individual users in Europe, discovered an inappropriate behavior in the aforementioned Austrian company. They were using Google Analytics. And Google is among those U.S. providers that are required by law to provide personal data to their country's authorities. The thing is that, from that service, IP addresses and other user identifiers were being sent as cookie data to the U.S. Then, based on Schrems II, reviving that decision and rejecting insufficient measures of regulation taken so far by Google, DSB was the first to declare that the use of Google Analytics, at least in Austria, is illegal. Although, as Schrems himself says, \\\"The bottom line is: Companies can't use U.S. cloud services in Europe anymore.\\\"\"]}),/*#__PURE__*/t(\"p\",{children:[\"So, not a month passed before France, \",/*#__PURE__*/e(o,{href:\"https://noyb.eu/en/update-cnil-decides-eu-us-data-transfer-google-analytics-illegal\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"through the CNIL,\"})}),\" took the same decision on the use of Google Analytics. As stated in \",/*#__PURE__*/e(o,{href:\"https://www.cnil.fr/en/use-google-analytics-and-data-transfers-united-states-cnil-orders-website-manageroperator-comply\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"a press release,\"})}),\" the CNIL orders French website managers/operators to comply with the GDPR (Articles 44 et seq. are being violated) and, if necessary, to discontinue using that service under current conditions. In this case, the CNIL explicitly has given a month's deadline for the parties involved to comply with the decree. Furthermore, they mentioned something that affected their decision and that I choose to highlight now: What was reported by the noyb association to Austria is part of a set of \",/*#__PURE__*/e(o,{href:\"https://noyb.eu/en/101-complaints-eu-us-transfers-filed\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"101 complaints\"})}),\" that \",/*#__PURE__*/e(o,{href:\"https://noyb.eu/en/eu-us-transfers-complaint-overview\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"noyb presented\"})}),\" for the EU and EEA countries \",/*#__PURE__*/e(o,{href:\"https://www.cnil.fr/en/use-google-analytics-and-data-transfers-united-states-cnil-orders-website-manageroperator-comply\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:'\"against 101'})}),' data controllers allegedly transferring personal data to the U.S.\"']}),/*#__PURE__*/e(\"p\",{children:\"Such complaints (within which Facebook Connect joined Google Analytics) were filed in 2020, shortly after Schrems II. Only this year, two European countries have acted on them. However, others are expected to do the same in a sort of chain reaction. It is expected that they recognize and enforce their regulations in favor of protecting the sensitive information of website users. Incidentally, it seems that the investigations will continue, extending to other web tools whose use may be leading to the data transfer reprimanded here.\"}),/*#__PURE__*/e(\"h2\",{children:\"And now, how to proceed?\"}),/*#__PURE__*/t(\"p\",{children:[\"In the short term, many Austrian and French companies or foreign companies providing website services to citizens of these two countries will have to look for alternative tools with similar functionality to Google Analytics (e.g., \",/*#__PURE__*/e(o,{href:\"https://matomo.org/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Matomo,\"})}),\" \",/*#__PURE__*/e(o,{href:\"https://piwik.pro/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Piwik Pro\"})}),\"). Tools that do not give them legal headaches. Businesses in the other EU and EEA member states can prepare for something analogous. In the long term, \",/*#__PURE__*/e(o,{href:\"https://noyb.eu/en/austrian-dsb-eu-us-data-transfers-google-analytics-illegal\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"as noyb points out,\"})}),' \"Either the U.S. adapts baseline protections for foreigners to support their tech industry, or U.S. providers will have to host foreign data outside of the United States.\" If they do not resort to any of these options, alternative, non-U.S. products and services may well end up leading the market in Europe.']})]});export const richText4=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:\"It looks like this is going to be a promising year for vulnerability research. Although the discovery of high and critical severity vulnerabilities may leave some biting their nails down to the nub, perhaps also understandably fascinated, it should lead to reinforcing application security.\"}),/*#__PURE__*/t(\"p\",{children:[\"Case in point: Last year, cybersecurity and compliance solutions specialist Onapsis dived into \",/*#__PURE__*/e(o,{href:\"https://capec.mitre.org/data/definitions/273.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"HTTP response smuggling\"})}),\". This is when attackers abuse interpretation and parsing discrepancies in different HTTP agents to inject malicious content that evades security controls. Fast forward to the beginning of this month, it looks like the firm struck gold. They shared that they found several vulnerabilities allowing the aforementioned kind of attack in a common component of German software multinational SAP's applications. One of the vulnerabilities is rated \",/*#__PURE__*/e(\"strong\",{children:\"critical\"}),\". Luckily, the \",/*#__PURE__*/e(o,{href:\"https://blogs.sap.com/2022/02/08/sap-partners-with-onapsis-to-identify-and-patch-cybersecurity-vulnerabilities/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"coordinated actions\"})}),\" of Onapsis and the SAP Product Security Response Team led to a patch release along with the public disclosure the same day, February 8.\"]}),/*#__PURE__*/e(\"p\",{children:\"We're dedicating this post to communicate what the recent critical vulnerability in SAP is about.\"})]});export const richText5=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"What's the bug deal?\"}),/*#__PURE__*/e(\"p\",{children:\"Organizations use SAP applications to manage critical business processes. These include enterprise resource planning and customer relationship, product lifecycle and supply chain management. Some SAP applications are SAP NetWeaver, SAP Content Server and SAP Web Dispatcher. The thing is: These three, for instance, have a component by default called Internet Communication Manager (ICM). What it does is it provides a working HTTP(S) server to enable the products to connect to the Internet. It also enables them to talk to each other via HTTP(S). And what happens when there are vulnerabilities in this component? Chaos ensues.\"}),/*#__PURE__*/e(\"p\",{children:\"The problem affecting the ICM concerns its memory handling mechanism. To understand this, we ought to know how this component works.\"}),/*#__PURE__*/t(\"p\",{children:[\"ICM does things typical of a \",/*#__PURE__*/e(o,{href:\"https://datatracker.ietf.org/doc/html/rfc7231#section-1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"server\"})}),'; that is, it \"listens on a connection for a request, parses each message received, interprets the message semantics in relation to the identified request target, and responds to that request with one or more response messages.\" It does this in the shared memory of the operating system by placing the message on a buffer by means of Memory Pipes (MPI), that is, a group of data structures and functions.']}),/*#__PURE__*/e(\"p\",{children:\"Let's say the message is parsed; then the ICM lists the HTTP handlers that will process it, the last one being the back-end (e.g., Java/ABAP application) invoker that, sharing the same memory space with ICM, receives the message through the MPI buffers. These buffers have all the same, small capacity and, depending on its size, a message could take up more than one buffer.\"}),/*#__PURE__*/t(\"p\",{children:[\"This is where things get ugly. The size of the HTTP message can be made intentionally too big, especially if it has malicious content attached. Assuming there's a proxy in place (i.e., an intermediary hub between the user and the ICM), the message will be forwarded to the ICM, but the latter will have to split it, affecting the response queue of the connection, handling one part and storing the extra portion. The researchers at Onapsis refer to this issue as \",/*#__PURE__*/e(o,{href:\"https://onapsis.com/icmad-sap-cybersecurity-vulnerabilities\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"HTTP desynchronization\"})}),\".\"]}),/*#__PURE__*/e(\"p\",{children:\"Exploiting the critical vulnerability in SAP, an unauthenticated attacker can smuggle a complete request that would alone produce an extra response. If this happens, again, the proxy would issue one request but receive a split response from the ICM, as a part is left in queue on a different MPI buffer. Now is when the victim steps onto the stage, sending, for example, a login request. When they send the message to the proxy, it will be forwarded by the proxy as one request but also get split in the ICM, which will store the extra response in queue for later. The attacker would then send another request and, leveraging HTTP desynchronization, receive back the sensitive information originally intended for the victim, such as their session cookies or token created after the login request. Thus, they would be able to hijack the victim's session.\"}),/*#__PURE__*/t(\"p\",{children:[\"Session hijacking is kind of tame compared to poisoning the proxy's web cache, which is another possibility \",/*#__PURE__*/e(o,{href:\"https://onapsis.com/icmad-sap-cybersecurity-vulnerabilities\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"described\"})}),\" by Onapsis. It's the same mechanism, but the attacker's original message may contain malicious JavaScript concatenated with the URL they want to mess with. The payload is stored in the cache as the response of the URL. When the victim requests the system for the poisoned URL, the proxy returns the malicious response. This attack could persist and would compromise every single user and potentially the entire SAP application.\"]}),/*#__PURE__*/e(\"h2\",{children:\"The bug has been squashed!\"}),/*#__PURE__*/t(\"p\",{children:[\"The vulnerability we just described was assigned the ID \",/*#__PURE__*/e(o,{href:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22536\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"CVE-2022-22536\"})}),\" and rated critical with the highest possible CVSSv3 score of \",/*#__PURE__*/e(o,{href:\"https://nvd.nist.gov/vuln/detail/CVE-2022-22536\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"10.0\"})}),\". As this score communicates straightforwardly, no privileges are required to exploit this vulnerability and it poses a critical threat to confidentiality, integrity and availability. Further, its ubiquity and low complexity (i.e., it's easy to exploit!) make it a major threat to cybersecurity.\"]}),/*#__PURE__*/t(\"p\",{children:[\"A \",/*#__PURE__*/e(o,{href:\"https://www.cisa.gov/uscert/ncas/current-activity/2022/02/08/critical-vulnerabilities-affecting-sap-applications-employing\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"CISA advisory\"})}),' lists how exploitation of this vulnerability could impact organizations if left unpatched. Namely, \"theft of sensitive data, financial fraud, disruption of mission-critical business processes, ransomware, and halt of all operations.\"']}),/*#__PURE__*/t(\"p\",{children:[\"As mentioned at the beginning of this post, this poisonous bug was \",/*#__PURE__*/e(o,{href:\"https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+February+2022\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"already patched\"})}),\", along with two other vulnerabilities in SAP. So, everyone is urged to go and patch their SAP applications asap!\"]}),/*#__PURE__*/t(\"p\",{children:[\"FYI, Fluid Attacks' research team has kept busy too finding zero-day vulnerabilities. And our team also looks for them in the systems of our clients using our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/continuous-hacking\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Continuous Hacking\"})}),\" service. Take a look at our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/advisories/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"advisories\"})}),\" page to find out what we've been up to!\"]})]});export const richText6=/*#__PURE__*/e(i.Fragment,{children:/*#__PURE__*/t(\"p\",{children:['If you type into Google \"How many cyberattacks happen per day in 2022?\" one of the first results could say something like this: ',/*#__PURE__*/e(o,{href:\"https://techjury.net/blog/how-many-cyber-attacks-per-day/#gref\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:'\"Every 39 seconds,'})}),' there is a new attack somewhere on the web.\" However, I found that number was mentioned in an ',/*#__PURE__*/e(o,{href:\"https://eng.umd.edu/news/story/study-hackers-attack-every-39-seconds\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"A. James Clark School of Engineering study\"})}),\" in 2007! Currently, that number should be pretty different. Actually, I saw that \",/*#__PURE__*/e(o,{href:\"https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-reach-20-billion-usd-by-2021/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Cybersecurity Ventures in 2019\"})}),\" estimated a ransomware attack on a business every 11 seconds by the end of the last year. Read it carefully, \",/*#__PURE__*/e(\"em\",{children:\"only\"}),\" that kind of attack against \",/*#__PURE__*/e(\"em\",{children:\"only\"}),\" organizations or companies. You can already try to picture the disproportionate magnitude of the problem, which begs the question: How is it that all of this started?\"]})});export const richText7=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"Answering this question, believe it or not, doesn't take us back to the early days of computer networks. \",/*#__PURE__*/e(o,{href:\"https://www.economist.com/1843/2017/10/05/the-crooked-timber-of-humanity\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"According to Tom Standage\"})}),\" in the \",/*#__PURE__*/e(\"em\",{children:\"1843\"}),' magazine, we have to go back to the first half of the 19th century. The first \"cyberattack\" was perpetrated in France on a telecommunication network, specifically, a ',/*#__PURE__*/e(\"strong\",{children:\"mechanical telegraph system\"}),\". And although \",/*#__PURE__*/e(o,{href:\"https://www.merriam-webster.com/dictionary/cyber\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"the combining form cyber-\"})}),\" denotes a relationship with computer networks, Standage's approach may be somewhat valid because it refers to an attempt to steal controlled information from a network of information systems, precisely, \",/*#__PURE__*/e(o,{href:\"https://www.economist.com/1843/2017/10/05/the-crooked-timber-of-humanity\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"\\\"the world's first\"})}),\" national data network.\\\" That's very similar to what's happening today, even though we talk about different technology and cyberattacks \",/*#__PURE__*/e(o,{href:\"https://csrc.nist.gov/glossary/term/Cyber_Attack\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"now go beyond\"})}),\" information theft. Let's put this earlier attack into context.\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://www.britannica.com/technology/telegraph\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Following Encyclopedia Britannica's\"})}),\" definition, a \",/*#__PURE__*/e(\"strong\",{children:\"telegraph\"}),' is \"any device or system that allows the transmission of information by coded signal over distance.\" This term is generally used to refer to the electric telegraph, developed in the 19th century. However, it was initially used to describe the pre-electric version near the end of the 18th century. In 1791-2, the French inventor ',/*#__PURE__*/e(o,{href:\"https://en.wikipedia.org/wiki/Claude_Chappe\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Claude Chappe,\"})}),\" with the help of his brother Ignace, developed a very successful visual telegraph or optical semaphore system. \",/*#__PURE__*/e(o,{href:\"https://www.britannica.com/technology/telegraph\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:'\"This system'})}),' consisted of pairs of movable arms mounted at the ends of a crossbeam on hilltop towers.\" Both the crossbeam and the arms could vary their position angles to represent numbers and letters (see image below).']}),/*#__PURE__*/e(\"img\",{alt:\"Chappe telegraph\",className:\"framer-image\",height:\"400\",src:\"https://framerusercontent.com/images/udK4i2VZvEN6fyfuHZhG63VuLWw.png\",srcSet:\"https://framerusercontent.com/images/udK4i2VZvEN6fyfuHZhG63VuLWw.png?scale-down-to=512 512w,https://framerusercontent.com/images/udK4i2VZvEN6fyfuHZhG63VuLWw.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/udK4i2VZvEN6fyfuHZhG63VuLWw.png 1920w\",style:{aspectRatio:\"1920 / 800\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"Chappe's telegraph and some configurations (two images [\",/*#__PURE__*/e(o,{href:\"https://upload.wikimedia.org/wikipedia/commons/2/21/Rees%27s_Cyclopaedia_Chappe_telegraph.png\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"1,\"})}),\" \",/*#__PURE__*/e(o,{href:\"https://upload.wikimedia.org/wikipedia/commons/thumb/1/19/T%C3%A9l%C3%A9graphe_Chappe_1.jpg/438px-T%C3%A9l%C3%A9graphe_Chappe_1.jpg\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"2\"})}),\"] taken from Wikipedia).\"]}),/*#__PURE__*/t(\"p\",{children:[\"At that time, as \",/*#__PURE__*/e(o,{href:\"https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8113174\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Stefano Selleri\"})}),' of the University of Florence says, the communication networks of centralized states were mostly \"postal networks, with the exchange of written messages at the top speed technologically available: pigeons and horses.\" But with the invention of the aforementioned visual telegraph, another type of network could be established. In this case, messages were transmitted through chains of towers. These towers ',/*#__PURE__*/e(o,{href:\"https://www.britannica.com/technology/telegraph\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"were reportedly\"})}),\" 3 to 6 miles (5 to 10 km; \",/*#__PURE__*/e(o,{href:\"https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8113174\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"even more)\"})}),\" apart from each other, and operators could achieve a transmission rate of about three symbols per minute with them. It was then possible to speak of a telecommunication network (at least a modern one, overcoming the ancient use of beacons for elementary messages). For material objects were no longer being delivered but \",/*#__PURE__*/e(\"em\",{children:\"only\"}),\" information.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Each message could straightforwardly travel through the network. Via a telescope, the telegraph operators watched what one of the adjacent towers was transmitting. Then, they adjusted the elements of their systems to match the shared configurations. At first, Chappe defined 256 possible configurations, but after seeing difficulties in their recognition, he ended up reducing them to 92. Later, he published the first manual containing 8,464 \",/*#__PURE__*/e(o,{href:\"https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8113174\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:'\"messages'})}),' that could be transmitted, obtained by pairing individual symbols.\" In this way, ',/*#__PURE__*/e(o,{href:\"https://www.economist.com/1843/2017/10/05/the-crooked-timber-of-humanity\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"France achieved\"})}),\" faster communication than with the use of letters from one end to the other. Now it just took minutes!\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8113174\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"The Paris-Lille\"})}),\" line, which included 18 towers over an extension of 190 km, was the first to be officially inaugurated in 1794. Since then, the expansion of the network was almost inexorable, reaching even countries such as Belgium and Italy, and its use was exclusive to the governments. Four decades after the inauguration, in 1834, another pair of brothers began to gain prominence in this line of events. \",/*#__PURE__*/e(o,{href:\"https://www.economist.com/1843/2017/10/05/the-crooked-timber-of-humanity\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"They were\"})}),\" the bankers Fran\\xe7ois and Joseph Blanc who sought to take advantage of the French network of visual telegraphs.\"]}),/*#__PURE__*/t(\"p\",{children:[\"The Blancs traded \",/*#__PURE__*/e(o,{href:\"https://www.ig.com/en/bonds/what-are-government-bonds\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"government bonds\"})}),\" at the exchange in Bordeaux, \",/*#__PURE__*/e(o,{href:\"https://www.economist.com/1843/2017/10/05/the-crooked-timber-of-humanity\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:'\"where information'})}),' about market movements took several days to arrive from Paris by mail coach.\" Knowing in advance whether the market was rising or falling could be a great advantage for traders, so they wouldn\\'t have to guess. Unlike many had already tried, the Blanc brothers sought a covert method to be the first in Bordeaux to obtain such information. Therefore, they decided to \"hack\" into the telegraph network.']}),/*#__PURE__*/t(\"p\",{children:[\"According to \",/*#__PURE__*/e(o,{href:\"https://nakedsecurity.sophos.com/2018/05/31/forget-vpnfilter-heres-backlash-a-networking-hack-from-way-way-back/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Paul Ducklin\"})}),' from Naked Security, part of that network\\'s security depended on obscurity. Regular telegraph operators received no information on the meaning of the tower configurations, except those used for \"error correction and flow control.\" So, a \"backspace\" symbol told the message transcriber to ignore the previous character. The transcription was carried out in certain towers that were like storage centers. There it was chosen which line the message should follow in its forwarding. The information traveling from Paris to Bordeaux, for example, had to pass through one of these centers in the city of Tours (see image below).']}),/*#__PURE__*/e(\"img\",{alt:\"France map\",className:\"framer-image\",height:\"400\",src:\"https://framerusercontent.com/images/cT3ujfcIkwFX3kpFzpT6snRNw.png\",srcSet:\"https://framerusercontent.com/images/cT3ujfcIkwFX3kpFzpT6snRNw.png?scale-down-to=512 512w,https://framerusercontent.com/images/cT3ujfcIkwFX3kpFzpT6snRNw.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/cT3ujfcIkwFX3kpFzpT6snRNw.png 1920w\",style:{aspectRatio:\"1920 / 800\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"Paris-Tours, 200 km; Tours-Bordeaux, 300 km (taken from \",/*#__PURE__*/e(o,{href:\"https://news-sophos.go-vip.net/wp-content/uploads/sites/2/2018/05/chappe-map-6401.png\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Naked Security\"})}),\").\"]}),/*#__PURE__*/e(\"p\",{children:\"Consequently, what the Blanc brothers did was to bribe one of the operators in Tours to insert a spurious character —their own data— from there, indicating the market behavior of the last day, followed by a backspace. This would result in the Bordeaux central tower erasing this supposed error at the time of transcription and leaving the original message clean. This trick would not have worked when trying to do it from Paris because, in Tours, the key character would have disappeared in the middle of the transcription.\"}),/*#__PURE__*/t(\"p\",{children:[\"Therefore, the Blancs also had to figure out how to move the information they needed from Paris to the tower in Tours without arousing suspicion. They allegedly resorted to sending packages with small \",/*#__PURE__*/e(o,{href:\"https://www.schneier.com/blog/archives/2018/05/1834_the_first_.html/#comment-321502\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"items such as\"})}),\" socks or neckties. This happened every time a confederate in Paris noticed significant changes, of a particular magnitude, in the bond market. Through the characteristics of the package and items, the operator could then decode the message about the market movement. He could then send it via the Tours-Bordeaux telegraph line for rapid transmission. Finally, another of the accomplices, a former telegraph operator, was the person \",/*#__PURE__*/e(o,{href:\"https://www.economist.com/1843/2017/10/05/the-crooked-timber-of-humanity\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:'\"who observed the'})}),' telegraph tower outside Bordeaux with a telescope, and then passed on the news to the Blancs.\"']}),/*#__PURE__*/t(\"p\",{children:[\"It seems that \",/*#__PURE__*/e(o,{href:\"https://www.schneier.com/blog/archives/2018/05/1834_the_first_.html/#comment-321502\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"more than 100\"})}),\" messages were transmitted to the astute Blanc brothers up to 1836. However, in that year, everything came to light, but not for raising suspicions with the money obtained or the sending of those packages. \",/*#__PURE__*/e(o,{href:\"https://www.economist.com/1843/2017/10/05/the-crooked-timber-of-humanity\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"What happened was\"})}),\" that the operator in Tours got sick and revealed all to a friend, mistakenly believing that he could be his replacement. And although the Blanc brothers were later brought to trial, curiously, they could not be convicted because there was no law against abuse of information networks. After all, contrary to what would happen today, they got off scot-free from what we can qualify as the first cyberattack in history.\"]})]});export const richText8=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"Region? Europe and Eurasia. Type of conflict? Territorial dispute. Estimated number of casualties? More than 13,000. Estimated number of internally displaced people? 1.5 million. Conflict status? \",/*#__PURE__*/e(\"strong\",{children:\"Worsening\"}),\". This is the riveting preamble we find in the Global Conflict Tracker of the U.S. organization \",/*#__PURE__*/e(o,{href:\"https://www.cfr.org/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Council on Foreign Relations\"})}),\" when we try to get information about the current \",/*#__PURE__*/e(o,{href:\"https://www.cfr.org/global-conflict-tracker/conflict/conflict-ukraine\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"conflict\"})}),\" in Ukraine.\"]}),/*#__PURE__*/t(\"p\",{children:[\"In 2014, this conflict broke out after protests began over the Ukrainian president's refusal to integrate further into the European Union. Soon after, he had to flee the country. Apparently, \",/*#__PURE__*/e(o,{href:\"https://theprint.in/world/whats-nato-and-why-does-ukraine-want-to-join/818130/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Russia has not wanted\"})}),\" such integration to occur because it would reduce its influence over Ukraine. Moreover, if this nation joins \",/*#__PURE__*/e(o,{href:\"https://www.nato.int/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"NATO\"})}),\" (the North Atlantic Treaty Organization), the Russians might even see it as a threat.\"]}),/*#__PURE__*/t(\"p\",{children:[\"What's very worrying now is that \",/*#__PURE__*/e(o,{href:\"https://www.nytimes.com/interactive/2022/01/27/world/europe/russia-forces.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"thousands of Russian troops\"})}),\" are occupying the borders with Ukraine. Although they are not in an invasion process at the moment, this situation has caused \",/*#__PURE__*/e(o,{href:\"https://www.wsj.com/articles/u-s-orders-3-000-troops-to-bolster-european-allies-in-russia-ukraine-crisis-11643810404\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"the U.S. government\"})}),\" and its allies in Europe to move their groups of soldiers as well. Nevertheless, it's in cyberspace, which concerns us most here, where things are moving at a different pace.\"]})]});export const richText9=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"Renewed attacks on the Ukrainian government!\"}),/*#__PURE__*/t(\"p\",{children:[\"As Professor of Criminology \",/*#__PURE__*/e(o,{href:\"https://theconversation.com/ukraine-russia-the-first-shots-have-already-been-fired-in-cyberspace-176051\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Robert M. Dover said\"})}),' a few days ago, between Ukraine and Russia, \"the first shots have already been fired —in cyberspace.\" Of course, he\\'s referring to the most recent stage of the conflict. After all, there have already been fights between these two neighbors in Eastern Europe for quite some time. Likewise, cyberattacks have also been taking place in this confrontation for years. ',/*#__PURE__*/e(o,{href:\"https://theconversation.com/ukraine-russia-the-first-shots-have-already-been-fired-in-cyberspace-176051\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"For example\"})}),\", in 2015, Russian hackers took control of a Ukrainian \",/*#__PURE__*/e(o,{href:\"https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"power grid\"})}),\", disconnecting more than two thousand people from their heating during six hours in the middle of winter. Additionally, in this blog, \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/solarwinds-us-strike-back/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"I once mentioned\"})}),\" that a Russian intelligence agency was credited with attacking several systems and networks in \",/*#__PURE__*/e(o,{href:\"https://www.zdnet.com/article/uk-security-centre-urges-companies-to-boost-their-defences-after-cyberattacks-on-ukraine/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"the Ukrainian\"})}),\" government, financial and energy sectors in 2017. They used the renowned \",/*#__PURE__*/e(o,{href:\"https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"NotPetya\"})}),\" malware. This terrible attack \",/*#__PURE__*/e(o,{href:\"https://www.cfr.org/global-conflict-tracker/conflict/conflict-ukraine\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"spread to organizations around the world\"})}),\", provoking losses of several billion dollars. Both incidents \",/*#__PURE__*/e(o,{href:\"https://www.technologyreview.com/2022/01/21/1043980/how-a-russian-cyberwar-in-ukraine-could-ripple-out-globally/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"could be linked\"})}),\" to just the same hacking group: \",/*#__PURE__*/e(o,{href:\"https://en.wikipedia.org/wiki/Sandworm_(hacker_group)\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Sandworm\"})}),'. However, those \"first shots\" that Dover mentions correspond to assaults this new year.']}),/*#__PURE__*/t(\"p\",{children:[\"Between January 13 and 14, \",/*#__PURE__*/e(o,{href:\"https://ssu.gov.ua/en/novyny/sbu-rozsliduie-prychetnist-rosiiskykh-spetssluzhb-do-sohodnishnoi-kiberataky-na-orhany-derzhavnoi-vlady-ukrainy\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"according to\"})}),\" the Security Service of Ukraine (SSU), in a joint investigation with other state organizations, more than 70 government websites were attacked. \",/*#__PURE__*/e(o,{href:\"https://ssu.gov.ua/en/novyny/shchodo-aktak-na-saity-derzhavnykh-orhaniv\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"These included\"})}),\", for instance, the Ministry of Education and Science and the Ministry of Foreign Affairs websites. There was interference as well as the publication of provocative messages on some of the websites \",/*#__PURE__*/e(o,{href:\"https://fortune.com/2022/01/14/hackers-ukraine-government-websites-messages/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"threatening to upload\"})}),\" sensitive data to public networks and inviting people to expect the worst. However, it appears there was no leakage of data. Regardless, it was decided to temporarily suspend other web resources to prevent the spread of the attack. It was referred to as a supply chain attack, which allegedly began by \",/*#__PURE__*/e(o,{href:\"https://www.zdnet.com/article/ukraine-says-70-state-websites-were-defaced-10-were-subjected-to-unauthorized-interference/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"exploiting a security vulnerability\"})}),\" in a commercial company's content management system with privileged access to the affected websites. From that moment on, the SSU was already saying that there were \",/*#__PURE__*/e(o,{href:\"https://ssu.gov.ua/en/novyny/sbu-rozsliduie-prychetnist-rosiiskykh-spetssluzhb-do-sohodnishnoi-kiberataky-na-orhany-derzhavnoi-vlady-ukrainy\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:'\"certain signs'})}),' indicating [the] involvement of hacker groups associated with Russian special services in the incident.\"']}),/*#__PURE__*/t(\"p\",{children:[\"The seemingly \",/*#__PURE__*/e(o,{href:\"https://www.zdnet.com/article/ukraine-says-70-state-websites-were-defaced-10-were-subjected-to-unauthorized-interference/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"low magnitude of the impact\"})}),' of this incident made some people consider it exaggerated to speak of a Russian \"attack.\" But even so, ministers from different European nations, such as Belgium, Denmark, Poland and Romania, condemned what happened and offered their support to the Ukrainians. It was the next day when ',/*#__PURE__*/e(o,{href:\"https://blogs.microsoft.com/on-the-issues/2022/01/15/mstic-malware-cyberattacks-ukraine-government/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Microsoft itself\"})}),' brought to light the fact that it was not a petty assault. This renowned multinational corporation informed they had observed a \"destructive malware\" in some systems of the Ukrainian government and other organizations. As Serhii Demediuk, the Deputy Secretary of Ukraine\\'s National Security and Defense Council, commented later ',/*#__PURE__*/e(o,{href:\"https://therecord.media/a-top-ukrainian-security-official-on-defending-the-nation-against-cyber-attacks/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"to the Record\"})}),' in an interview, the defacing of those websites \"was a red herring to cover up for more destructive actions, which, in my opinion, we will feel in the near future.\"']}),/*#__PURE__*/e(\"h2\",{children:\"From NotPetya's to WhisperGate's damages\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"According to Microsoft's\"})}),\" report, this malware, \",/*#__PURE__*/e(o,{href:\"https://www.technologyreview.com/2022/01/21/1043980/how-a-russian-cyberwar-in-ukraine-could-ripple-out-globally/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"now called\"})}),\" WhisperGate, was designed to look like ransomware, but it didn't have a ransom recovery mechanism. So, if it was activated, its mission would be to render the infected systems non-functional. Since then, Microsoft began sharing information for organizations to guide their investigations and implement defenses. But how does WhisperGate work?\"]}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"WhisperGate acts\"})}),\" as a Master Boot Records (MBR) and content wiper. (The \",/*#__PURE__*/e(o,{href:\"https://www.sentinelone.com/blog/mbrlocker-wiper-malware-destructive-pranks-are-no-joke-for-victims/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"MBR\"})}),\" is a sector on the disk that contains the information necessary for the operating system to boot.) In the first stage, WhisperGate overwrites the MBR with a ransom note and eradicates any recovery options. In the second stage, a malicious file corrupter is downloaded, and it locates specific files on the system to overwrite their content \",/*#__PURE__*/e(o,{href:\"https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:'\"with a fixed'})}),' number of 0xCC bytes (total file size of 1 MB)\" and rename them \"with a seemingly random four-byte extension.\" (For a detailed, four-stage exposition, ',/*#__PURE__*/e(o,{href:\"https://blog.talosintelligence.com/2022/01/ukraine-campaign-delivers-defacement.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"follow this\"})}),\" link.)\"]}),/*#__PURE__*/t(\"p\",{children:[\"Now, there is a worldwide concern that something like what NotPetya perpetrated could happen again with WhisperGate. \",/*#__PURE__*/e(o,{href:\"https://www.technologyreview.com/2022/01/21/1043980/how-a-russian-cyberwar-in-ukraine-could-ripple-out-globally/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"It is said\"})}),\" that NotPetya was also a destructive malware masquerading as ransomware. However, it was more sophisticated than WhisperGate appears to be. Anyway, Russia may again seek to halt the functioning of infrastructure and entities essential to the economy, communication and welfare inside (and outside) Ukraine. \",/*#__PURE__*/e(o,{href:\"https://therecord.media/a-top-ukrainian-security-official-on-defending-the-nation-against-cyber-attacks/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"They might even\"})}),\" do so simultaneously with an invasion. And while some are still discussing whether the spread of the NotPetya issue was just a circumstantial matter or an intentional attack also targeting international businesses connected to Ukraine, countries such as the U.S. have already decided to be prepared.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Are we prepared to deal with a cyberwar?\"}),/*#__PURE__*/t(\"p\",{children:[\"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) \",/*#__PURE__*/e(o,{href:\"https://www.technologyreview.com/2022/01/21/1043980/how-a-russian-cyberwar-in-ukraine-could-ripple-out-globally/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"has already warned\"})}),\" critical infrastructure operators to be alert to these new cyber threats. From the position of Joe Biden's administration, the possibility of responding to the cyberattacks that the Russians will be launching against Ukraine using U.S. cyber power is being contemplated. Who knows, we could soon be talking about cyberwar even before an invasion and a military confrontation takes place. As O'Neill says in the MIT Technology Review, \",/*#__PURE__*/e(o,{href:\"https://www.technologyreview.com/2022/01/21/1043980/how-a-russian-cyberwar-in-ukraine-could-ripple-out-globally/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:'\"Unlike old-fashioned'})}),' war, cyberwar is not confined by borders and can more easily spiral out of control.\"']}),/*#__PURE__*/t(\"p\",{children:[\"Meanwhile, let's keep in mind \",/*#__PURE__*/e(o,{href:\"https://therecord.media/a-top-ukrainian-security-official-on-defending-the-nation-against-cyber-attacks/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Demediuk's\"})}),\" words:\"]}),/*#__PURE__*/e(\"blockquote\",{children:/*#__PURE__*/e(\"p\",{children:\"I believe that wherever modern electronic computing technologies are used, a high level of threat exists, regardless of the country and its economic well-being. If you do not pay due attention to cyber defense issues, then the vulnerability of such structures will be very high.\"})}),/*#__PURE__*/t(\"p\",{children:[\"And it would help you remember that \",/*#__PURE__*/e(o,{href:\"https://www.zdnet.com/article/uk-security-centre-urges-companies-to-boost-their-defences-after-cyberattacks-on-ukraine/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"recommendations such as\"})}),\" keeping software up to date with all available patches, enabling multi-factor authentication, reviewing backups and having cybersecurity crisis response plans should remain high on your priority list. Moreover, never forget to be aware of currently active threats.\"]}),/*#__PURE__*/t(\"p\",{children:[\"At Fluid Attacks, we recognize that you don't want your systems to look weak and insecure in cyberspace, where attacks can hit unimaginable spots at unexpected times. \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/contact-us/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Contact us\"})}),\" if you intend to \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/what-is-vulnerability-management/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"manage vulnerabilities\"})}),\" and prevent your systems from becoming victims at all costs.\"]})]});export const richText10=/*#__PURE__*/e(i.Fragment,{children:/*#__PURE__*/e(\"p\",{children:\"Cybersecurity researchers, much like archeologists, get to unearth ancient, sometimes terrifying stuff. This time, the huge discovery is a 12-year-old vulnerability that affects most major distributions of Linux. If exploited, this vulnerability allows any user complete control over the machine. Let's see what it's about.\"})});export const richText11=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"Gaining root privileges with PwnKit\"}),/*#__PURE__*/t(\"p\",{children:[\"The cybersecurity firm Qualys' Research Team \",/*#__PURE__*/e(o,{href:\"https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"discovered\"})}),\" the problem in the system utility \",/*#__PURE__*/e(o,{href:\"https://gitlab.freedesktop.org/polkit/polkit/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Polkit\"})}),', formerly called \"PolicyKit.\" On Linux, Polkit is used for controlling privileges on the system. Further, thanks to it, non-privileged processes can communicate with privileged processes. How does this work? Polkit can execute commands with elevated privileges using the command ',/*#__PURE__*/e(\"code\",{children:\"pkexec\"}),\", followed by the intended command. \",/*#__PURE__*/e(\"code\",{children:\"pkexec\"}),\" works as an alternative to \",/*#__PURE__*/e(\"code\",{children:\"sudo\"}),\", as it can be used by an authorized user to execute commands as another user.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Take a look at \",/*#__PURE__*/e(o,{href:\"https://linux.die.net/man/1/pkexec\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"this description\"})}),\" of \",/*#__PURE__*/e(\"code\",{children:\"pkexec\"}),': \"',/*#__PURE__*/e(\"code\",{children:\"pkexec\"}),' allows an authorized user to execute PROGRAM as another user. If username is not specified, then the program will be executed as the administrative super user, root.\"']}),/*#__PURE__*/t(\"p\",{children:['One may think: \"Hold on! Why is this even a thing?\" Well, sometimes ',/*#__PURE__*/e(\"code\",{children:\"pkexec\"}),\" is used when there's \",/*#__PURE__*/e(o,{href:\"https://allthings.how/use-pkexec-sudo-alternative-run-commands-root-linux/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"some error\"})}),\" with the \",/*#__PURE__*/e(\"code\",{children:\"sudo\"}),\" command or because \",/*#__PURE__*/e(o,{href:\"https://hackaday.com/2022/01/28/this-week-in-security-geopolitical-hacktivism-antivirus-mining-and-linux-malware/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"there are times\"})}),\" when users need to perform an everyday action that would not be possible without root privileges. Turns out, experimenting with this command's default behavior, it was possible to exploit a vulnerability granting experimenters \",/*#__PURE__*/e(o,{href:\"https://capec.mitre.org/data/definitions/233.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"root privileges\"})}),'. The vulnerability is 12 years old but has only just been disclosed on January 25. Researchers named it \"PwnKit\" (see what they did there?) and assigned it the identifier ',/*#__PURE__*/e(o,{href:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"CVE-2021-4034\"})}),\". Its severity is high with a CVSS score of \",/*#__PURE__*/e(o,{href:\"https://access.redhat.com/security/cve/CVE-2021-4034#cve-cvss-v3\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"7.8\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"A quite accessible description of the flaw was \",/*#__PURE__*/e(o,{href:\"https://hackaday.com/2022/01/28/this-week-in-security-geopolitical-hacktivism-antivirus-mining-and-linux-malware/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"described\"})}),\" by Jonathan Bennett in hacks website Hackaday.com. It goes a bit like this:\"]}),/*#__PURE__*/t(\"p\",{children:[\"When Linux launches a program, the latter has passed two parameters: \",/*#__PURE__*/e(\"code\",{children:\"argc\"}),\" and \",/*#__PURE__*/e(\"code\",{children:\"argv\"}),'. Respectively, they are the number of arguments and the list of arguments. \"This information is used to parse and handle command line options inside the program.\" The number of arguments is always at least one, and the list of arguments will always contain the name of the binary as executed. But it\\'s possible to launch binaries with another function, called ',/*#__PURE__*/e(\"code\",{children:\"execve()\"}),\". When using this function, the user may specify the list of arguments directly. If the list they pass to \",/*#__PURE__*/e(\"code\",{children:\"execve()\"}),\" is empty, then \",/*#__PURE__*/e(\"code\",{children:\"argv\"}),\" is \",/*#__PURE__*/e(\"code\",{children:\"NULL\"}),\". It turns out, \",/*#__PURE__*/e(\"code\",{children:\"pkexec\"}),\" \",/*#__PURE__*/e(o,{href:\"https://access.redhat.com/security/cve/CVE-2021-4034\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"doesn't handle\"})}),\" this well and, looking for an argument to read, ends up accessing the first environment variable, treating it as an argument and executing it as a command. This allows the user to inject uncontrolled text that can be treated as an argument to get them root privileges. Bennett explains how to do it via an error message:\"]}),/*#__PURE__*/e(\"blockquote\",{children:/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(\"code\",{children:\"pkexec\"}),\" will use the \",/*#__PURE__*/e(\"code\",{children:\"gconv\"}),\" shared library to print an error message, and it starts by looking for the \",/*#__PURE__*/e(\"code\",{children:\"gconv-modules\"}),\" configuration file. This file defines which specific library files to open. The environment variable \",/*#__PURE__*/e(\"code\",{children:\"GCONV_PATH\"}),\" can be used to specify an alternate config file, but this environment variable is blocked when running a setuid binary. Ah, but we have a way to inject an environment variable after this happens. That's the exploit. Prepare a \",/*#__PURE__*/e(\"code\",{children:\"payload.so\"}),\" that contains our arbitrary code, a fake \",/*#__PURE__*/e(\"code\",{children:\"gconv-modules\"}),\" file that points to the payload, and then use the NULL argv trick to inject the \",/*#__PURE__*/e(\"code\",{children:\"GCONV_PATH\"}),\" environment variable. Whoami? Root.\"]})}),/*#__PURE__*/t(\"p\",{children:[\"PwnKit might not look like much if you're on a single-user system. Yet, on multi-user systems, it would allow a malicious user to bypass restrictions, escalating \",/*#__PURE__*/e(\"strong\",{children:\"from no privileges to full root privileges\"}),\" and accessing data, making modifications, \",/*#__PURE__*/e(o,{href:\"https://askubuntu.com/questions/16178/why-is-it-bad-to-log-in-as-root\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"installing malware\"})}),\" and allowing it to break havoc, and whatnot.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Who's affected? More like, who's not?\"}),/*#__PURE__*/t(\"p\",{children:[\"According to the director of vulnerability and threat research at Qualys, Bharat Jogi, \",/*#__PURE__*/e(o,{href:\"https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"PwnKit affects all versions\"})}),\" of \",/*#__PURE__*/e(\"code\",{children:\"pkexec\"}),\" since its first version in May 2009. A huge number of devices could be compromised, as this program is installed by default on every major Linux distribution, including Ubuntu, Debian, Fedora and CentOS. Actually, the Qualys research group verified the vulnerability, created an exploit and obtained full root privileges on those four distributions. However, in a blog post, they mentioned that other distributions may be vulnerable.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Qualys Research Team did not share their exploit code but remarked that, because of how easy it is to exploit the vulnerability, they anticipate public exploits to become available after its disclosure. And that's what happened. The very day, someone published a \",/*#__PURE__*/e(o,{href:\"https://haxx.in/files/blasty-vs-pkexec.c\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Proof of Concept\"})}),\" in the wild.\"]}),/*#__PURE__*/e(\"p\",{children:\"Luckily, PwnKit cannot be exploited remotely. Indeed, the attacker would need to first get access to the system by a different means and, from there, start their remote attack. Another helpful bit of information is that it's possible to check for evidence of the exploitation of PwnKit as some of the exploits may leave traces in the logs. Jogi noted, though, that it's possible to exploit the vulnerability without leaving any traces.\"}),/*#__PURE__*/e(\"h2\",{children:\"Go get your patch!\"}),/*#__PURE__*/t(\"p\",{children:[\"The Qualys Research Team reported PwnKit to Red Hat Product Security on November 18, 2021, and open-source distributions project Openwall on January 11, 2022, so they could push out a patch. Shortly after, both \",/*#__PURE__*/e(o,{href:\"https://access.redhat.com/security/vulnerabilities/RHSB-2022-001\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Red Hat\"})}),\" and Ubuntu released patches (check for versions \",/*#__PURE__*/e(o,{href:\"https://ubuntu.com/security/notices/USN-5252-2\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"14.04 ESM and 16.04 ESM\"})}),\", and \",/*#__PURE__*/e(o,{href:\"https://ubuntu.com/security/notices/USN-5252-1\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"18.04 LTS, 20.04 LTS and 21.10\"})}),\").\"]}),/*#__PURE__*/t(\"p\",{children:[\"SANS Internet Storm Center handler Bojan Zdrnja \",/*#__PURE__*/e(o,{href:\"https://isc.sans.edu/forums/diary/Local+privilege+escalation+vulnerability+in+polkits+pkexec+CVE20214034/28272/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"advised\"})}),\" installing the available patches, especially on multi-user systems. Also, he and Jogi suggested \",/*#__PURE__*/e(o,{href:\"https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"removing the SUID bit\"})}),\" from the \",/*#__PURE__*/e(\"code\",{children:\"pkexec\"}),\" tool as temporary mitigation if no patches are available.\"]}),/*#__PURE__*/t(\"p\",{children:[\"As always, we at Fluid Attacks urge you to update your system with the latest patches. By the way, our own Research Team has kept busy too. \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/advisories/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Check out\"})}),\" what we've been up to!\"]})]});export const richText12=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"Let's start with a bit of a history lesson. A few decades ago, \",/*#__PURE__*/e(o,{href:\"https://hackernoon.com/how-git-changed-the-history-of-software-version-control-5f2c0a0850df\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"not all\"})}),\" software developers had access to the master version of a software solution project. In fact, only one of them had access to it and was responsible for sharing only what was necessary. For example, the specific part of code one project member needed to work on. Suffice to say, this wouldn't work too well if you were on a schedule and needed help from several pairs of extra hands. Anyways, in those days, teams who had no copies of previous versions of their projects risked losing everything in a fleeting moment.\"]}),/*#__PURE__*/t(\"p\",{children:[\"The issue of lack of documentation versioning was tackled with the birth of version control systems (VCS). They \",/*#__PURE__*/e(o,{href:\"https://bitbucket.org/product/version-control-software\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"are\"})}),' basically \"a software utility that tracks and manages changes to a filesystem.\" In the 1970s, Marc Rochkind ',/*#__PURE__*/e(o,{href:\"https://www.iiis.org/cds2011/cd2011imc/iceme_2011/paperspdf/fb394vz.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"created\"})}),\" the first VCS, the Source Code Control System (SCCS), in order to answer the question \\\"What changed?\\\" when something goes wrong in the development. This was a very important accomplishment because if someone messed up, they could just go back to a previous stable version of the code. That's a neat thing that couldn't be done without a VCS.\"]}),/*#__PURE__*/t(\"p\",{children:[\"The days before VCS were pretty slow. Today's fast-paced development makes it challenging to manage the different versions of systems. As teams need to go fast, they \",/*#__PURE__*/e(o,{href:\"https://bitbucket.org/product/version-control-software\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"need\"})}),\" to be able to distribute work and make changes to the same source code at the same time. Contrary to the old ways of developing software, VCS \",/*#__PURE__*/e(o,{href:\"https://about.gitlab.com/topics/version-control/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"offer\"})}),\" the benefit of continuous cooperative and highly communicative work between team members.\"]})]});export const richText13=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"It's best when everyone gets a clone!\"}),/*#__PURE__*/t(\"p\",{children:[\"When considering the \",/*#__PURE__*/e(o,{href:\"https://www.iiis.org/cds2011/cd2011imc/iceme_2011/paperspdf/fb394vz.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"kinds\"})}),\" of VCS that exist, we need to understand that they vary according to where the \",/*#__PURE__*/e(\"em\",{children:\"repository\"}),\" sits and where the developer… well, sits. (Repository is a filesystem that is being tracked for modifications.) The \",/*#__PURE__*/e(\"strong\",{children:\"local\"}),\" kind of VCS is relatively simple: The person works on the same machine where the repository is kept. What other kinds are there? Well, there is a kind that keeps the repository in a \",/*#__PURE__*/e(\"strong\",{children:\"shared folder\"}),\" and users from within a local area network can collaborate in it. However, it's safer to have a trusted server safeguard your repository, so, in the \",/*#__PURE__*/e(\"strong\",{children:\"client/server model\"}),\" kind of VCS, the repository sits on the server and clients can read and submit changes from their machines.\"]}),/*#__PURE__*/t(\"p\",{children:[\"The server model has been known as a centralized VCS. Developers \",/*#__PURE__*/e(\"em\",{children:\"commit\"}),\" changes to a central server that contains all the versioned files. (To commit \",/*#__PURE__*/e(o,{href:\"https://faun.pub/centralized-vs-distributed-version-control-systems-a135091299f0\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"means\"})}),\" to record the change in the central system.) Some centralized VCS \",/*#__PURE__*/e(o,{href:\"https://medium.com/polarsquad/devops-whats-it-all-about-part-2-tooling-git-the-master-of-version-control-systems-59e976c1881e\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"are\"})}),\" Subversion (SVN), CVS and Perforce. The \",/*#__PURE__*/e(o,{href:\"https://about.gitlab.com/blog/2020/11/19/move-to-distributed-vcs/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"disadvantages of this model\"})}),\" refer to velocity, workflow flexibility and safety. So, first off, commits are slow because they are done through a single network to the central repository. Further, if developers are not in the network, they can't commit. Lastly and critically, suppose the only copy of the repository becomes corrupted somehow: It'd be necessary to wait until the repository is fixed.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Luckily, there's a more efficient kind of VCS. Namely, the distributed one. This one allows collaboration without needing a central repository. Its benefits are clear: \",/*#__PURE__*/e(\"strong\",{children:\"velocity\"}),\", \",/*#__PURE__*/e(\"strong\",{children:\"code quality\"}),\" and \",/*#__PURE__*/e(\"strong\",{children:\"collaboration\"}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"The distributed VCS can be cloned. In this model, every developer has a clone as their local repository and every clone can be used as backup. It also offers flexibility for personal workflows because developers can commit to their local repositories while offline. Through their personal branches or transient branches created for making a change, developers can merge their work into the main repository and so they are able to go fast. When mentioning this category, \",/*#__PURE__*/e(o,{href:\"https://about.gitlab.com/topics/version-control/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Git\"})}),\" is what comes to mind. This free and open-source VCS has been used for software development projects, large or small. Some platforms that could host your Git repository are \",/*#__PURE__*/e(o,{href:\"https://about.gitlab.com/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"GitLab\"})}),\", \",/*#__PURE__*/e(o,{href:\"https://github.com/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"GitHub\"})}),\", \",/*#__PURE__*/e(o,{href:\"https://bitbucket.org/product\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Bitbucket\"})}),\", \",/*#__PURE__*/e(o,{href:\"https://azure.microsoft.com/en-us/services/devops/server/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Azure DevOps Server\"})}),\", among others. At Fluid Attacks, we use GitLab and can attest to its benefits, which include boosting productivity, accelerating delivery, enhancing traceability, simplifying audits and providing security.\"]}),/*#__PURE__*/t(\"p\",{children:[\"We know it's possible that you feel uneasy thinking about using a VCS or moving from your centralized VCS to Git. Indeed, \",/*#__PURE__*/e(o,{href:\"https://stackoverflow.com/questions/2539050/reasons-against-using-git-in-the-enterprise\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"some mentions\"})}),\" have been made about being afraid that moving to Git means having no regular support. However, it turns out that Git's \",/*#__PURE__*/e(o,{href:\"https://dev.to/t/git\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"community\"})}),\" is constantly there to help. Also, even though the change \",/*#__PURE__*/e(o,{href:\"https://blog.inf.ed.ac.uk/sapm/2014/02/14/if-you-are-not-using-a-version-control-system-start-doing-it-now/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"could\"})}),\" be complicated at first, it is worth the effort as your customer base increases and your team becomes bigger.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Security as an essential kind of peer review\"}),/*#__PURE__*/t(\"p\",{children:[\"When a developer is done with the intended change and wants to incorporate it into the main repository, then they make a \",/*#__PURE__*/e(\"em\",{children:\"merge request\"}),\". Basically, they're proposing a change and are asking their peers to review it. This is the essence of peer review. It works wonders not only because merge requests are saved in the repository, helping keep track of the changes to the project, but also because it encourages interactions between developers.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Now, we would like to propose that security is also a kind of peer review. When you integrate security into your pipeline, even if only with automated tools, you are trusting the work of people probably from outside your project to review your code for vulnerabilities. This is key. If you release your software solution and it's got commonly known vulnerabilities, \",/*#__PURE__*/e(\"strong\",{children:\"it won't stand a chance in the wild\"}),\". The best strategy is constantly reviewing for vulnerabilities while developing and before any changes are made to the main repository.\"]}),/*#__PURE__*/e(\"img\",{alt:\"Continuous Hacking\",className:\"framer-image\",height:\"474\",src:\"https://framerusercontent.com/images/9NWhyngcXlgCPwOnfszCHL4kLRU.png\",srcSet:\"https://framerusercontent.com/images/9NWhyngcXlgCPwOnfszCHL4kLRU.png?scale-down-to=512 512w,https://framerusercontent.com/images/9NWhyngcXlgCPwOnfszCHL4kLRU.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/9NWhyngcXlgCPwOnfszCHL4kLRU.png 1911w\",style:{aspectRatio:\"1911 / 948\"},width:\"955\"}),/*#__PURE__*/t(\"h6\",{children:[\"Fluid Attacks' \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/services/continuous-hacking/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Continuous Hacking\"})}),\" solution flowchart.\"]}),/*#__PURE__*/t(\"p\",{children:[\"At Fluid Attacks, we're all for it. We help our clients \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/solutions/devsecops/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"achieve DevSecOps\"})}),\", securing their projects as early in the software development lifecycle as possible (see image above). Everything begins when their management team logs into our \",/*#__PURE__*/e(o,{href:\"https://app.fluidattacks.com/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"platform\"})}),\". Once they provide the URL to their Git repository, it's all ready to start scanning with all the might of AI and automation. They get reports through the platform, which leads to their remediating the vulnerabilities, and so the cycle is constantly repeated. Through our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/plans/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"solutions\"})}),\", we enable our clients to \",/*#__PURE__*/e(\"strong\",{children:\"go fast without crashing\"}),\". What's more, clients of our Advanced plan can achieve better precision (less false positives and false negatives) as our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/certifications/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"highly certified\"})}),\" \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/solutions/ethical-hacking/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"ethical hackers\"})}),\" use \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/product/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"manual techniques\"})}),\" to test the security of their software. Want to learn more? \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/contact-us/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Contact us\"})}),\"!\"]})]});export const richText14=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/e(\"p\",{children:\"Imagine you just learned from a vulnerability report that your application's source code has been kept public since its deployment. There's more: Imagine it's been like this for a couple of years now and anyone anywhere could download files that are not intended to be public, such as authentication information. Is your heart racing now?\"}),/*#__PURE__*/t(\"p\",{children:[\"Problems like that arise when teams leave exposed \",/*#__PURE__*/e(\"code\",{children:/*#__PURE__*/e(o,{href:\"https://gaurav5430.medium.com/web-security-exposed-git-folder-in-production-51ad9484dee0\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\".git\"})})}),/*#__PURE__*/e(o,{href:\"https://gaurav5430.medium.com/web-security-exposed-git-folder-in-production-51ad9484dee0\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\" directories\"})}),\". About a year ago, an \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/what-is-ethical-hacking/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"ethical hacking\"})}),\" and security research team \",/*#__PURE__*/e(o,{href:\"https://www.bleepingcomputer.com/news/security/united-nations-data-breach-exposed-over-100k-unep-staff-records/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"gained access\"})}),\" to over 100,000 private records of United Nations Environment Programme (UNEP) employees. The contents that were publicly accessible included files exposing the administrator's database credentials, which granted access to UNEP's source code, as well as databases exposing project funding source records, UN staff demographic data and travel history. Plenty of other information was there for the prying eyes. It was suggested back then that \\\"threat actors likely already have the data.\\\"\"]}),/*#__PURE__*/t(\"p\",{children:[\"In this post, we will talk about a recently discovered four-year-old vulnerability that also involved compromised \",/*#__PURE__*/e(\"code\",{children:\".git\"}),\" directories.\"]})]});export const richText15=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"The NotLegit vulnerability\"}),/*#__PURE__*/t(\"p\",{children:[\"On September 12 last year, researchers at cloud security firm Wiz \",/*#__PURE__*/e(o,{href:\"https://blog.wiz.io/azure-app-service-source-code-leak/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"found\"})}),\" a security issue at \",/*#__PURE__*/e(o,{href:\"https://azure.microsoft.com/en-us/services/app-service/#overview\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Microsoft Azure App Service\"})}),\". The latter is a cloud computing-based platform for creating and deploying web and mobile applications for any device. One very worrying thing is that, according to the researchers, the vulnerability has existed since September 2017. Just like with the security issue that enabled access to UNEP's databases, the researchers say Azure's misconfiguration has probably been exploited in the wild for a while.\"]}),/*#__PURE__*/t(\"p\",{children:['Users can deploy source code and artifacts to Azure in multiple ways. For example, they may pull their source code from a Git-based repository hosting service (e.g., GitHub, Bitbucket). An alternative is using \"Local Git.\" This method lets users create a local Git repository within the Azure App Service container that lets them push their code to the server. Following deployment, anyone can access the application on the internet under the ',/*#__PURE__*/e(\"code\",{children:\".azurewebsites.net\"}),\" domain.\"]}),/*#__PURE__*/t(\"p\",{children:[\"The recently discovered security problem \",/*#__PURE__*/e(o,{href:\"https://msrc-blog.microsoft.com/2021/12/22/azure-app-service-linux-source-repository-exposure/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"affected\"})}),\" applications deployed using Local Git. More specifically, those written in PHP, Node, Python, Java or Ruby, which are not served in Microsoft's very own Internet Information Services (IIS) server. As \",/*#__PURE__*/e(o,{href:\"https://blog.wiz.io/azure-app-service-source-code-leak/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"described\"})}),\" by the researchers, the Local Git method created the Git repository within a publicly accessible directory, namely, \",/*#__PURE__*/e(\"code\",{children:\"/home/site/wwwroot.\"}),\" This vulnerability, which researchers named \",/*#__PURE__*/e(\"strong\",{children:\"NotLegit\"}),\" (don't ask us why!), reportedly, left hundreds of source code repositories exposed for anyone to see.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Time for the long-overdue fixes\"}),/*#__PURE__*/t(\"p\",{children:[\"As \",/*#__PURE__*/e(o,{href:\"https://blog.wiz.io/azure-app-service-source-code-leak/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"reported\"})}),\", Microsoft was aware of Local Git's behavior and had mitigated the risk of unauthorized access by adding a \",/*#__PURE__*/e(\"code\",{children:\"web.config\"}),\" file that placed restrictions. This file can only be handled by the ISS server, though. So, applications written in C# or ASP.NET were protected because they are deployed with this server. However, applications written in other languages are deployed with other servers like Nginx or Apache. These servers do not support \",/*#__PURE__*/e(\"code\",{children:\"web.config\"}),\" files. As there were no restrictions in place, anyone could access the source code and other sensitive information.\"]}),/*#__PURE__*/t(\"p\",{children:[\"The researchers at Wiz reported the issue to Microsoft on October 7. The Microsoft Security Response Center (MSRC) \",/*#__PURE__*/e(o,{href:\"https://msrc-blog.microsoft.com/2021/12/22/azure-app-service-linux-source-repository-exposure/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"explained\"})}),\" in a very recent post what caused the vulnerability. What happened is the applications served the \",/*#__PURE__*/e(\"code\",{children:\".git\"}),\" folder as static content that goes into the public content root folder. Static content \",/*#__PURE__*/e(o,{href:\"https://stackoverflow.com/a/37320839\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"is\"})}),\" all the data that doesn't have to be generated for each and every request and thus is served the same to every end-user. Microsoft fixed the problem for PHP applications on November 17. The fix disallows serving the \",/*#__PURE__*/e(\"code\",{children:\".git\"}),\" folder as static content.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Fixes for applications written in Node, Python, Java or Ruby require manual work from customers, though. It's the application code that controls the serving of static content. So, customers themselves need to look at the code and make sure the \",/*#__PURE__*/e(\"code\",{children:\".git\"}),\" folder is not served within the public folder.\"]}),/*#__PURE__*/t(\"p\",{children:[\"On December 7, Microsoft started sending emails notifying all vulnerable customers and advising them to take specific actions to protect their applications. It turns out, customers using Local Git from the start were not the only ones affected. Customers whose applications were deployed using other methods but had got files created or modified in the Azure App Service container \",/*#__PURE__*/e(o,{href:\"https://msrc-blog.microsoft.com/2021/12/22/azure-app-service-linux-source-repository-exposure/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"were also impacted\"})}),\".\"]}),/*#__PURE__*/e(\"h2\",{children:\"Do you know where your source code sits now?\"}),/*#__PURE__*/t(\"p\",{children:[\"As we hinted at the start of this post, teams may mistakenly publish the \",/*#__PURE__*/e(\"code\",{children:\".git\"}),\" folder to the internet. Of course, NotLegit was not enabled by admin error. Rather, it was the cloud service provider that mistakenly exposed the customers' \",/*#__PURE__*/e(\"code\",{children:\".git\"}),\" folders. \",/*#__PURE__*/e(o,{href:\"https://malware.guide/article/notlegit-vulnerability-azure-app-service-makes-source-code-public/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"It's been said\"})}),\" experts are urging users to check if their source code has been leaked. This should not be regarded as a serious matter by Azure's customers only. All teams should know if they are exposing things they want to keep private, so they need to ensure security is an \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/devsecops-concept/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"integral part\"})}),\" of development.\"]}),/*#__PURE__*/t(\"p\",{children:[\"We have stated \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/oss-security/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"elsewhere\"})}),\", however, that \",/*#__PURE__*/e(\"strong\",{children:\"a hidden source code isn't necessarily a secure one\"}),\". Indeed, the bigger issue isn't exactly that anyone can review your code, but rather that if your exposed code has any vulnerability, you're just moments away from being attacked.\"]}),/*#__PURE__*/t(\"p\",{children:[\"At Fluid Attacks, we perform comprehensive testing in search of vulnerabilities during the entire software development lifecycle. By using our services, you can find out, among many other things, whether you are inadvertently exposing your \",/*#__PURE__*/e(\"code\",{children:\".git\"}),\" folder and, in doing so, possibly compromising sensitive data. But most importantly, you can find out just \",/*#__PURE__*/e(\"strong\",{children:\"how secure your code is\"}),\" at each point in development. So, if it's actually supposed to be out there, you'll know it's fine. Take this step now and \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/contact-us/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"contact us\"})}),\"! If you're still on the fence, read about our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/secure-code-review/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"secure code review\"})}),\" \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/solutions/secure-code-review/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"solution\"})}),\".\"]})]});export const richText16=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"There's an important reason why open-source software (OSS) represents an \",/*#__PURE__*/e(o,{href:\"https://opensource.com/life/15/12/why-open-source\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"advantage\"})}),\" for rapid development: Developers can use code that's already been perfected by the open-source community without having to write their software from scratch. Further, OSS implementation with the cloud's offering of Software-as-a-Service \",/*#__PURE__*/e(o,{href:\"https://geeky.news/technology-trends-2022-a-good-year-for-open-source-and-the-cloud/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"has been identified\"})}),\" as an important reason for OSS success. However, the use of OSS is an opportunity for projects to inherit vulnerabilities already present in OSS code. Therefore, developers need to mitigate the risks as much as possible. That's why they need to evaluate and choose their open-source carefully.\"]}),/*#__PURE__*/t(\"p\",{children:[\"The question of what indicators can be used to assess OSS has been addressed scientifically. Researchers Yuhang Zhao and colleagues \",/*#__PURE__*/e(o,{href:\"https://doi.org/10.1186/s42400-021-00084-8\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"reviewed\"})}),\" 56 papers published between 1999 and 2020 that aimed to identify the indicators of OSS success. The authors define success as OSS meeting users' functional needs without causing problems such as security issues, license misusing issues and program crashes. In this post, we would like to share the five indicator categories the authors found across the reviewed studies. We argue that these are basic aspects by which development teams can guide their choice of OSS.\"]})]});export const richText17=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"Code\"}),/*#__PURE__*/e(\"p\",{children:\"Developers can base their choice of OSS partially on code qualities. Three key aspects can be identified:\"}),/*#__PURE__*/e(\"h3\",{children:\"Software vulnerabilities\"}),/*#__PURE__*/t(\"p\",{children:[\"To understand what a vulnerability is, we offer a combination of two separate \",/*#__PURE__*/e(o,{href:\"https://niccs.cisa.gov/about-niccs/cybersecurity-glossary\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"definitions\"})}),\" provided by the National Initiative for Cybersecurity Careers and Studies (NICCS):\"]}),/*#__PURE__*/e(\"blockquote\",{children:/*#__PURE__*/e(\"p\",{children:\"A characteristic of location or security posture or of design, security procedures, internal controls, or the implementation of any of these that renders an organization or asset (such as information or an information system) open to exploitation by a given threat or susceptible to a given hazard.\"})}),/*#__PURE__*/t(\"p\",{children:[\"Some very important things are at stake when \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/secure-code-review/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"addressing code vulnerabilities\"})}),\", including the system or its application data's access control, availability, confidentiality, integrity and monitoring mechanisms. There's always a possibility of finding vulnerabilities in any given software. Then, OSS choice becomes a matter of how likely a patch is to be released quickly. The current concern surrounding \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/log4shell/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"vulnerabilities in Log4j\"})}),\" highlights the importance of addressing these issues promptly with upgrades.\"]}),/*#__PURE__*/e(\"h3\",{children:\"Source risk\"}),/*#__PURE__*/t(\"p\",{children:[\"The risk of supply chain attacks is \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/cybersecurity-trends-2021/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"quite serious\"})}),\". We have mentioned while discussing the \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/owasp-top-10-2021/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"OWASP Top 10\"})}),\" that developers need to verify the integrity in the entire software build chain. This implies that they need their suppliers to think about security too. Also, they need to ensure their software components come from trusted sources and are digitally signed.\"]}),/*#__PURE__*/e(\"h3\",{children:\"Code reusability\"}),/*#__PURE__*/t(\"p\",{children:[\"It's important to ensure that the code is understandable and can be modified for other uses. The authors \",/*#__PURE__*/e(o,{href:\"https://doi.org/10.1186/s42400-021-00084-8\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"say\"})}),\" these factors are related to how long it takes to actually fix any vulnerabilities present.\"]}),/*#__PURE__*/e(\"h2\",{children:\"License\"}),/*#__PURE__*/t(\"p\",{children:[/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/look-inside-oss/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Open-source licenses\"})}),\" allow developers to use, modify and share software freely. Notably, licenses may differ in their requirements for redistribution rights. This means some licenses require developers to make their source code freely available, while others don't ask for this. Fulfilling license obligations is especially tricky when software includes other software with incompatible licenses. Because of this, developers need to check license compatibility across software components.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Popularity\"}),/*#__PURE__*/t(\"p\",{children:[\"The authors identify developers' liking, admiration and support as indicators of OSS success. Metrics commonly used to quantify user interest for a project are the number of downloads over its lifespan, hit number and number of subscribers. Further, \",/*#__PURE__*/e(o,{href:\"https://www.researchgate.net/publication/327566664\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"one study\"})}),\" surveyed 400 Stack Overflow users and found that they perceive a GitHub project's \",/*#__PURE__*/e(\"em\",{children:\"stars\"}),\" to be the most useful metric to assess its popularity. Later in the same study, a survey of 791 GitHub users from all over the world revealed that they star a project to show appreciation (e.g., because they liked the solution), bookmark for later retrieval or because they used or are currently using the project.\"]}),/*#__PURE__*/t(\"p\",{children:[\"The \",/*#__PURE__*/e(o,{href:\"https://doi.org/10.1186/s42400-021-00084-8\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"review\"})}),\" suggests that popularity has some ties to other indicators, such as license and sponsorship. So, more restrictive licenses are less popular and sponsored projects are more popular. Other aspects linked to popularity are project status and density. So, projects where users participate actively in discussions and bug reports are preferable. Also, it's been \",/*#__PURE__*/e(o,{href:\"https://faculty.fuqua.duke.edu/~moorman/Marketing-Strategy-Seminar-2015/Session%2010/Grewal,%20Lilien,%20and%20Mallapragada.pdf\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"suggested\"})}),\" that the users infer that more connected projects are of higher quality. By connected, it's meant that the target project has many contributors who also help in other projects.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Developers\"}),/*#__PURE__*/t(\"p\",{children:[\"OSS success is linked to the number of developers working on the project and role diversity. It's helpful to understand what attracts people to become contributors. For instance, \",/*#__PURE__*/e(o,{href:\"https://www.researchgate.net/publication/331993921\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"one study\"})}),\" observed 72 weeks of growth of newcomers in 450 OSS projects on GitHub. The properties that attracted more contributors were project popularity (number of \",/*#__PURE__*/e(\"em\",{children:\"stars\"}),\") and time to merge. This shows they're interested in good practices like giving timely review, feedback, and closing pull requests.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Regarding contributor engagement, \",/*#__PURE__*/e(o,{href:\"https://www.researchgate.net/publication/224209733\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"another study\"})}),\" surveyed 233 participants and found that their belief that they produce the intended effects and have control over the desired outcomes correlates with their perceived performance in terms of quality and quantity of contribution. Lastly, the \",/*#__PURE__*/e(o,{href:\"https://doi.org/10.1186/s42400-021-00084-8\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"review\"})}),\" found that social values such as altruism, reputation and ideology are important motivators for developers' engagement.\"]}),/*#__PURE__*/e(\"h2\",{children:\"Sponsorship\"}),/*#__PURE__*/t(\"p\",{children:[\"A final indicator refers to financial support. In the context of OSS, the common sponsors are enterprises and universities, which may enhance a project's publicity and innovation capacity. According to the \",/*#__PURE__*/e(o,{href:\"https://doi.org/10.1186/s42400-021-00084-8\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"review\"})}),', \"sponsorship improves the ability of OSS to deal with risks and the possibility of maintaining long-term support from developers.\" However, there could be cases in which corporate sponsors may place restrictions on the OSS community that could negatively impact innovation capacity.']}),/*#__PURE__*/e(\"h2\",{children:\"Time to choose!\"}),/*#__PURE__*/e(\"p\",{children:\"We just talked about the five broad indicators that developers should keep in mind when deciding for OSS. In short, these are some questions teams should know the answers to:\"}),/*#__PURE__*/t(\"ul\",{children:[/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"What are the characteristics of this OSS code?\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"What license obligations apply to their particular use of this OSS?\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"How many users like the solution implemented by this OSS and/or are using it?\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"How many people work on the OSS project and how readily do they respond to issues found?\"})}),/*#__PURE__*/e(\"li\",{\"data-preset-tag\":\"p\",children:/*#__PURE__*/e(\"p\",{children:\"Is the OSS project sponsored? If so, how does sponsorship affect innovation capability?\"})})]}),/*#__PURE__*/t(\"p\",{children:[\"At Fluid Attacks, we aim to find all the vulnerabilities in your team's software. Hesitate no more and \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/contact-us/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"contact us\"})}),\"!\"]})]});export const richText18=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/t(\"p\",{children:[\"The world is quaking since the disclosure of a zero-day vulnerability found in Apache's open-source library \",/*#__PURE__*/e(o,{href:\"https://logging.apache.org/log4j/2.x/manual/index.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Log4j\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"There are at least two reasons why this finding is a big deal. One is that Log4j is a logging tool used in \",/*#__PURE__*/e(o,{href:\"https://www.csoonline.com/article/3644472/apache-log4j-vulnerability-actively-exploited-impacting-millions-of-java-based-apps.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"potentially\"})}),\" millions of Java-based applications. People normally use open-source libraries as software components because pre-written code is handier and faster than writing everything from scratch. \",/*#__PURE__*/e(o,{href:\"https://www.wired.com/story/log4j-log4shell/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Logging\"})}),\" is a very important functionality to keep track of what happens in a given application. Log4j happens to be an extremely popular library to do that. However, lots of people \",/*#__PURE__*/e(\"strong\",{children:\"may not even know they use it\"}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"The other reason is that this actively exploited vulnerability enables attackers to trigger unexpected actions remotely. This known exploit is commonly referred to as \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/close-invisible-doors/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"remote code execution\"})}),\". As it poses a major security threat, this vulnerability, known as \",/*#__PURE__*/e(o,{href:\"https://www.lunasec.io/docs/blog/log4j-zero-day/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Log4Shell\"})}),\" or \",/*#__PURE__*/e(o,{href:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"CVE-2021-44228\"})}),\", has been rated critical with the highest possible \",/*#__PURE__*/e(o,{href:\"https://nvd.nist.gov/vuln/detail/CVE-2021-44228\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"CVSS score of 10\"})}),\".\"]}),/*#__PURE__*/e(\"p\",{children:\"After the discovery of Log4Shell on December 9, the Apache Software Foundation has promptly released fixes that have led to the discovery of two other vulnerabilities.\"}),/*#__PURE__*/t(\"p\",{children:[\"_____\",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),\"⚠️ \",/*#__PURE__*/e(\"strong\",{children:\" \"}),/*#__PURE__*/t(\"em\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Update, December 29, 2021:\"}),\" Apache has released \"]}),/*#__PURE__*/e(o,{href:\"https://logging.apache.org/log4j/2.x/security.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:/*#__PURE__*/e(\"em\",{children:\"Log4j 2.17.1\"})})}),/*#__PURE__*/e(\"em\",{children:\", fixing a new vulnerability known as \"}),/*#__PURE__*/e(o,{href:\"https://nvd.nist.gov/vuln/detail/CVE-2021-44832\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:/*#__PURE__*/e(\"em\",{children:\"CVE-2021-44832\"})})}),/*#__PURE__*/t(\"em\",{children:[\".\",/*#__PURE__*/t(\"strong\",{children:[/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{})]})]}),\"_____\"]})]});export const richText19=/*#__PURE__*/t(i.Fragment,{children:[/*#__PURE__*/e(\"h2\",{children:\"The bombshell zero-day exploit\"}),/*#__PURE__*/t(\"p\",{children:[\"Log4j2 versions up to and including 2.14.1 are \",/*#__PURE__*/e(o,{href:\"https://logging.apache.org/log4j/2.x/security.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"vulnerable\"})}),\" to Log4Shell. These versions have a lookup feature that is used for fetching resources, including accessing data and downloading stuff from websites or other Java-based applications. Since the beginning of this month, attackers \",/*#__PURE__*/e(o,{href:\"https://www.zdnet.com/article/log4j-flaw-attackers-are-making-thousands-of-attempts-to-exploit-this-severe-vulnerability/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"have been exploiting\"})}),\" this feature by logging a specially crafted string (i.e., a specific sequence of characters) into an interface that allows external input. When their malicious code is included in a log message, the attackers can get the application to execute various actions, like connecting to a remote server, performing \",/*#__PURE__*/e(o,{href:\"https://www.microsoft.com/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"data leakage\"})}),\" or installing malware. For example, threat actors are recently exploiting Log4Shell to \",/*#__PURE__*/e(o,{href:\"https://www.bleepingcomputer.com/news/security/log4j-vulnerability-now-used-to-install-dridex-banking-malware/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"infect Windows devices\"})}),\" with Dridex, a Trojan for stealing bank credentials. The attack chain is shown in Figure 1.\"]}),/*#__PURE__*/e(\"img\",{alt:\"log4j attack\",className:\"framer-image\",height:\"407\",src:\"https://framerusercontent.com/images/uSGZZudYiPt15GgZMa1wsI8ikk.png\",srcSet:\"https://framerusercontent.com/images/uSGZZudYiPt15GgZMa1wsI8ikk.png?scale-down-to=512 512w,https://framerusercontent.com/images/uSGZZudYiPt15GgZMa1wsI8ikk.png?scale-down-to=1024 1024w,https://framerusercontent.com/images/uSGZZudYiPt15GgZMa1wsI8ikk.png 1920w\",style:{aspectRatio:\"1920 / 814\"},width:\"960\"}),/*#__PURE__*/t(\"h6\",{children:[\"Figure 1. Attack chain and recommended mitigating measures (in all caps). Source: \",/*#__PURE__*/e(o,{href:\"https://www.govcert.ch/blog/zero-day-exploit-targeting-popular-java-library-log4j/assets/log4j_attack.png\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"govcert.ch\"})}),\".\"]}),/*#__PURE__*/t(\"p\",{children:[\"A myriad of well-known services is vulnerable to Log4Shell. To name a few: The security issue has been proven on the \",/*#__PURE__*/e(o,{href:\"https://www.lunasec.io/docs/blog/log4j-zero-day/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"iCloud\"})}),\" infrastructure by replacing an iPhone's name with the malicious string. It has also been discovered \",/*#__PURE__*/e(o,{href:\"https://news.ycombinator.com/item?id=29499773\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"on Steam\"})}),\" by only entering the malicious code in the search box. Even games are affected: Attackers could get their way in by typing the code in the chatbox in Minecraft Java Edition. The list goes on: \",/*#__PURE__*/e(o,{href:\"https://aws.amazon.com/security/security-bulletins/AWS-2021-006/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Amazon Web Services\"})}),\", \",/*#__PURE__*/e(o,{href:\"https://sec.okta.com/articles/2021/12/log4shell\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Okta\"})}),\", \",/*#__PURE__*/e(o,{href:\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Cisco\"})}),\", etc.\"]}),/*#__PURE__*/e(\"h2\",{children:\"A patch a day keeps the attackers away\"}),/*#__PURE__*/t(\"p\",{children:[\"This vulnerability asked for an urgent call to action. The Apache Software Foundation swiftly released Log4j version 2.15.0, where they disabled the message lookups feature by default. However, users of this version can still enable this feature in configuration. This gave way to another vulnerability, discovered on December 14. It is known as \",/*#__PURE__*/e(o,{href:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"CVE-2021-45046\"})}),\" and is rated critical with a CVSS score of 9.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Version 2.15.0 still left paths where message lookups could occur. With the possibility to send the exploit code with the request, threat actors could leak information and execute code remotely in some environments and locally in all environments. So, Apache released version 2.16.0. Unfortunately, this version does not protect from \",/*#__PURE__*/e(o,{href:\"http://cwe.mitre.org/data/definitions/674.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"uncontrolled recursion\"})}),\". That is, any attacker could make the application crash by entering malicious data that would cause excessive consumption of resources, such as allocated memory. This vulnerability, discovered on December 16, is known as \",/*#__PURE__*/e(o,{href:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"CVE-2021-45105\"})}),\" and has a high severity rating with a CVSS of 7.5.\"]}),/*#__PURE__*/t(\"p\",{children:[\"The risk of Denial of Service has already been addressed in the latest release, \",/*#__PURE__*/e(\"strong\",{children:\"Log4j 2.17.0\"}),\". For that, we have to thank Apache Software Foundation's efforts and security researchers that have worked inspecting every patch.\"]}),/*#__PURE__*/t(\"p\",{children:[\"_____\",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),\"⚠️ \",/*#__PURE__*/e(\"strong\",{children:\" \"}),/*#__PURE__*/t(\"em\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Update, December 29, 2021:\"}),\" Most Log4j versions up to 2.17.0 are vulnerable to a Remote Code Execution attack. Apache addressed this vulnerability (CVE-2021-44832) in version 2.17.1.\",/*#__PURE__*/t(\"strong\",{children:[/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{})]})]}),\"_____\"]}),/*#__PURE__*/t(\"p\",{children:[\"The global response to Log4Shell has been historical. \",/*#__PURE__*/e(o,{href:\"https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Many\"})}),\" organizations have already released their statements saying whether they are affected by it. Further, \",/*#__PURE__*/e(o,{href:\"https://www.govcert.ch/blog/zero-day-exploit-targeting-popular-java-library-log4j/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"many\"})}),\" vendors that use the open-source library have rushed to patch their products. Importantly, the US Cybersecurity & Infrastructure Security Agency (CISA) issued an \",/*#__PURE__*/e(o,{href:\"https://www.cisa.gov/emergency-directive-22-02\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"emergency directive\"})}),\" where it ordered federal agencies to update or apply mitigation measures (see Figure 1) by 5 p.m. EST on December 23.\"]}),/*#__PURE__*/t(\"p\",{children:[\"Right now, identification and remediation are key. This may pose a problem for some. As we hinted in the beginning of this post, many organizations don't know they use programs with Log4j. This may be because they don't maintain inventories of their software's components and subcomponents. Additionally, the latest events may increase the activity of threat actors. As independent security researcher Chris Frohoff \",/*#__PURE__*/e(o,{href:\"https://www.wired.com/story/log4j-log4shell/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"said\"})}),', \"What is almost certain is that for years people will be discovering the long tail of new vulnerable software as they think of new places to put exploit strings.\"']}),/*#__PURE__*/e(\"h2\",{children:\"Our clients stand strong!\"}),/*#__PURE__*/t(\"p\",{children:[\"At Fluid Attacks, we're prepared to overcome this challenge. Our clients using any of our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/plans/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Plans\"})}),\" can immediately find out if they use Log4j in their software. On our \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/platform/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"platform\"})}),\", which makes \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/blog/what-is-vulnerability-management/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"vulnerability management\"})}),' smoother, they can look for the vulnerability type \"011. Use of software with known vulnerabilities,\" under which any of Log4j\\'s high to critical vulnerabilities should appear. What should people do then? Well, teams that have Log4j2 in their software should ',/*#__PURE__*/e(\"strong\",{children:\"upgrade to \"}),/*#__PURE__*/e(o,{href:\"https://logging.apache.org/log4j/2.x/download.html\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!0,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:/*#__PURE__*/e(\"strong\",{children:\"version 2.17.0\"})})}),\" or the latest version, should a newer version be released.\"]}),/*#__PURE__*/t(\"p\",{children:[\"_____\",/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{}),\"⚠️ \",/*#__PURE__*/e(\"strong\",{children:\" \"}),/*#__PURE__*/t(\"em\",{children:[/*#__PURE__*/e(\"strong\",{children:\"Update, December 29, 2021:\"}),\" Teams are urged to upgrade to version 2.17.1.\",/*#__PURE__*/t(\"strong\",{children:[/*#__PURE__*/e(\"br\",{}),/*#__PURE__*/e(\"br\",{})]})]}),\"_____\"]}),/*#__PURE__*/t(\"p\",{children:[\"New vulnerabilities are being exploited daily. Want to learn how to be better prepared for these threats? \",/*#__PURE__*/e(o,{href:\"https://fluidattacks.com/contact-us/\",motionChild:!0,nodeId:\"WJBZI1Ghk\",openInNewTab:!1,relValues:[],scopeId:\"contentManagement\",smoothScroll:!1,children:/*#__PURE__*/e(n.a,{children:\"Get a demo\"})}),\"!\"]})]});export const richText20=/*#__PURE__*/e(i.Fragment,{children:/*#__PURE__*/e(\"p\",{children:\"As we step closer to the end of this year 2021, we would like to reflect on the major cybersecurity trends and explore what's in store for the years ahead.\"})});\nexport const __FramerMetadata__ = {\"exports\":{\"richText3\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText2\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText10\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText7\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText17\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText9\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText19\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText20\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText14\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText12\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText1\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText4\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText13\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText6\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText15\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText16\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText8\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText5\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText18\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"richText11\":{\"type\":\"variable\",\"annotations\":{\"framerContractVersion\":\"1\"}},\"__FramerMetadata__\":{\"type\":\"variable\"}}}"],"mappings":"iXACa,AADb,GAAkD,IAA8B,IAAuC,IAAwB,CAAa,EAAsB,EAAA,EAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,OAAoB,EAAEA,EAAE,CAAC,KAAK,+DAA+D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,kYAA+Y,EAAE,SAAS,CAAC,SAAS,sBAAuB,EAAC,CAAC,2YAA4Y,CAAC,EAAC,AAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wCAAqD,EAAE,KAAK,CAAC,SAAS,4DAA6D,EAAC,CAAC,uUAAoV,EAAED,EAAE,CAAC,KAAK,gEAAgE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,CAAC,UAAuB,EAAE,KAAK,CAAC,SAAS,WAAY,EAAC,AAAC,CAAC,EAAC,AAAC,EAAC,CAAC,IAAiB,EAAE,KAAK,CAAC,SAAS,qDAAsD,EAAC,CAAC,uFAAoG,EAAED,EAAE,CAAC,KAAK,2DAA2D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,8SAA+S,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kJAA+J,EAAE,SAAS,CAAC,SAAS,QAAS,EAAC,CAAC,qNAAkO,EAAED,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,uEAAoF,EAAED,EAAE,CAAC,KAAK,uDAAuD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,0OAAuP,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,gNAAkN,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,gBAAgB,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,iQAAiQ,MAAM,CAAC,YAAY,aAAc,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,yEAA0E,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oJAAiK,EAAE,SAAS,CAAC,SAAS,mBAAoB,EAAC,CAAC,0HAA2H,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,gDAAiD,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,mFAAoF,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,8BAA+B,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,0BAA2B,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,sBAAuB,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,yBAA0B,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uQAAoR,EAAED,EAAE,CAAC,KAAK,gDAAgD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,uGAAoH,EAAED,EAAE,CAAC,KAAK,2DAA2D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,iQAAkQ,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0GAAuH,EAAE,SAAS,CAAC,SAAS,YAAa,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,wDAAyD,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,+EAAgF,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,yEAA0E,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,uFAAwF,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,kFAAmF,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kIAA+I,EAAED,EAAE,CAAC,KAAK,gEAAgE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,6BAA8B,EAAC,AAAC,EAAC,CAAC,4UAA0V,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,yIAA0I,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mSAAgT,EAAE,SAAS,CAAC,SAAS,UAAW,EAAC,CAAC,gDAA6D,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,gIAAiI,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,gDAAiD,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0JAAuK,EAAED,EAAE,CAAC,KAAK,0CAA0C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,4HAA6H,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,2fAA4f,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gCAA6C,EAAED,EAAE,CAAC,KAAK,mFAAmF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,YAAyB,EAAED,EAAE,CAAC,KAAK,oFAAoF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,2FAAwG,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,QAAqB,EAAE,KAAK,CAAE,EAAC,CAAc,EAAE,KAAK,CAAE,EAAC,CAAC,MAAmB,EAAE,SAAS,CAAC,SAAS,GAAI,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,UAAW,EAAC,CAAC,yPAA0P,CAAC,EAAC,CAAc,EAAED,EAAE,CAAC,KAAK,0CAA0C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAsB,EAAE,KAAK,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,CAAc,EAAE,KAAK,CAAE,EAAC,CAAc,EAAE,KAAK,CAAE,EAAC,AAAC,CAAC,EAAC,AAAC,CAAC,EAAC,CAAC,OAAQ,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,wDAAwD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,ieAAke,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,eAA4B,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,6CAA0D,EAAE,KAAK,CAAC,SAAS,wDAA4D,EAAC,CAAC,qDAAkE,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAC,2VAA4V,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,6DAA0E,EAAED,EAAE,CAAC,KAAK,mEAAmE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,yBAA0B,EAAC,AAAC,EAAC,CAAC,+CAA4D,EAAE,KAAK,CAAC,SAAS,oBAAwB,EAAC,CAAC,6HAA0I,EAAED,EAAE,CAAC,KAAK,gDAAgD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,iOAAkO,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,kBAAmB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,gDAAgD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,uhBAAyhB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,usBAAwsB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gOAA6O,EAAED,EAAE,CAAC,KAAK,mEAAmE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,6bAAgc,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,aAAa,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,iQAAiQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,6BAA0C,EAAED,EAAE,CAAC,KAAK,qHAAqH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,6CAA8C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,iBAA8B,EAAED,EAAE,CAAC,KAAK,gFAAgF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,+yBAAkzB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,yCAAsD,EAAED,EAAE,CAAC,KAAK,sFAAsF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,wEAAqF,EAAED,EAAE,CAAC,KAAK,0HAA0H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,yeAAsf,EAAED,EAAE,CAAC,KAAK,0DAA0D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,wDAAwD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,iCAA8C,EAAED,EAAE,CAAC,KAAK,0HAA0H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,qEAAsE,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,0hBAA2hB,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,0BAA2B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0OAAuP,EAAED,EAAE,CAAC,KAAK,sBAAsB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,IAAiB,EAAED,EAAE,CAAC,KAAK,qBAAqB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,2JAAwK,EAAED,EAAE,CAAC,KAAK,gFAAgF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,uTAAwT,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,oSAAqS,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kGAA+G,EAAED,EAAE,CAAC,KAAK,oDAAoD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,yBAA0B,EAAC,AAAC,EAAC,CAAC,8bAA2c,EAAE,SAAS,CAAC,SAAS,UAAW,EAAC,CAAC,kBAA+B,EAAED,EAAE,CAAC,KAAK,kHAAkH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,0IAA2I,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,mGAAoG,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,sBAAuB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,unBAAwnB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,sIAAuI,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gCAA6C,EAAED,EAAE,CAAC,KAAK,0DAA0D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,sZAAuZ,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,yXAA0X,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kdAA+d,EAAED,EAAE,CAAC,KAAK,8DAA8D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,u1BAAw1B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,+GAA4H,EAAED,EAAE,CAAC,KAAK,8DAA8D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,8aAA+a,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,4BAA6B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,2DAAwE,EAAED,EAAE,CAAC,KAAK,gEAAgE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,iEAA8E,EAAED,EAAE,CAAC,KAAK,kDAAkD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,ySAA0S,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,KAAkB,EAAED,EAAE,CAAC,KAAK,6HAA6H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,4OAA6O,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sEAAmF,EAAED,EAAE,CAAC,KAAK,mFAAmF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,mHAAoH,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kKAA+K,EAAED,EAAE,CAAC,KAAK,8CAA8C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,gCAA6C,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,0CAA2C,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,mIAAgJ,EAAED,EAAE,CAAC,KAAK,iEAAiE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,kGAA+G,EAAED,EAAE,CAAC,KAAK,uEAAuE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,4CAA6C,EAAC,AAAC,EAAC,CAAC,qFAAkG,EAAED,EAAE,CAAC,KAAK,8GAA8G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gCAAiC,EAAC,AAAC,EAAC,CAAC,iHAA8H,EAAE,KAAK,CAAC,SAAS,MAAO,EAAC,CAAC,gCAA6C,EAAE,KAAK,CAAC,SAAS,MAAO,EAAC,CAAC,yKAA0K,CAAC,EAAC,AAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4GAAyH,EAAED,EAAE,CAAC,KAAK,2EAA2E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,CAAC,WAAwB,EAAE,KAAK,CAAC,SAAS,MAAO,EAAC,CAAC,0KAAuL,EAAE,SAAS,CAAC,SAAS,6BAA8B,EAAC,CAAC,kBAA+B,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,2BAA4B,EAAC,AAAC,EAAC,CAAC,+MAA4N,EAAED,EAAE,CAAC,KAAK,2EAA2E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAsB,EAAC,AAAC,EAAC,CAAC,2IAAyJ,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,iEAAkE,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,kDAAkD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qCAAsC,EAAC,AAAC,EAAC,CAAC,kBAA+B,EAAE,SAAS,CAAC,SAAS,WAAY,EAAC,CAAC,6UAA0V,EAAED,EAAE,CAAC,KAAK,8CAA8C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,mHAAgI,EAAED,EAAE,CAAC,KAAK,kDAAkD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,iNAAkN,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,mBAAmB,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,2DAAwE,EAAED,EAAE,CAAC,KAAK,gGAAgG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,IAAK,EAAC,AAAC,EAAC,CAAC,IAAiB,EAAED,EAAE,CAAC,KAAK,sIAAsI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,GAAI,EAAC,AAAC,EAAC,CAAC,0BAA2B,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oBAAiC,EAAED,EAAE,CAAC,KAAK,+DAA+D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,0ZAAua,EAAED,EAAE,CAAC,KAAK,kDAAkD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,8BAA2C,EAAED,EAAE,CAAC,KAAK,+DAA+D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,qUAAkV,EAAE,KAAK,CAAC,SAAS,MAAO,EAAC,CAAC,eAAgB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8bAA2c,EAAED,EAAE,CAAC,KAAK,+DAA+D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,qFAAkG,EAAED,EAAE,CAAC,KAAK,2EAA2E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,yGAA0G,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,+DAA+D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,6YAA0Z,EAAED,EAAE,CAAC,KAAK,2EAA2E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,iHAAqH,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,qBAAkC,EAAED,EAAE,CAAC,KAAK,wDAAwD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,iCAA8C,EAAED,EAAE,CAAC,KAAK,2EAA2E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,mZAAqZ,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gBAA6B,EAAED,EAAE,CAAC,KAAK,mHAAmH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,inBAAmnB,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,aAAa,UAAU,eAAe,OAAO,MAAM,IAAI,qEAAqE,OAAO,iQAAiQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,2DAAwE,EAAED,EAAE,CAAC,KAAK,wFAAwF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,IAAK,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,6gBAA8gB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4MAAyN,EAAED,EAAE,CAAC,KAAK,sFAAsF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,obAAic,EAAED,EAAE,CAAC,KAAK,2EAA2E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,iGAAkG,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,iBAA8B,EAAED,EAAE,CAAC,KAAK,sFAAsF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,iNAA8N,EAAED,EAAE,CAAC,KAAK,2EAA2E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,oaAAqa,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uMAAoN,EAAE,SAAS,CAAC,SAAS,WAAY,EAAC,CAAC,mGAAgH,EAAED,EAAE,CAAC,KAAK,uBAAuB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,8BAA+B,EAAC,AAAC,EAAC,CAAC,qDAAkE,EAAED,EAAE,CAAC,KAAK,wEAAwE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,cAAe,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kMAA+M,EAAED,EAAE,CAAC,KAAK,iFAAiF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,iHAA8H,EAAED,EAAE,CAAC,KAAK,wBAAwB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,wFAAyF,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oCAAiD,EAAED,EAAE,CAAC,KAAK,iFAAiF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,6BAA8B,EAAC,AAAC,EAAC,CAAC,kIAA+I,EAAED,EAAE,CAAC,KAAK,uHAAuH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,iLAAkL,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAuB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,8CAA+C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,+BAA4C,EAAED,EAAE,CAAC,KAAK,0GAA0G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,sBAAuB,EAAC,AAAC,EAAC,CAAC,+WAA6X,EAAED,EAAE,CAAC,KAAK,0GAA0G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,0DAAuE,EAAED,EAAE,CAAC,KAAK,uFAAuF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,0IAAuJ,EAAED,EAAE,CAAC,KAAK,2DAA2D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,mGAAgH,EAAED,EAAE,CAAC,KAAK,0HAA0H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,6EAA0F,EAAED,EAAE,CAAC,KAAK,0FAA0F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,kCAA+C,EAAED,EAAE,CAAC,KAAK,wEAAwE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,0CAA2C,EAAC,AAAC,EAAC,CAAC,iEAA8E,EAAED,EAAE,CAAC,KAAK,mHAAmH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,oCAAiD,EAAED,EAAE,CAAC,KAAK,wDAAwD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,0FAA2F,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8BAA2C,EAAED,EAAE,CAAC,KAAK,+IAA+I,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,oJAAiK,EAAED,EAAE,CAAC,KAAK,0EAA0E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,yMAAsN,EAAED,EAAE,CAAC,KAAK,+EAA+E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,kTAA+T,EAAED,EAAE,CAAC,KAAK,4HAA4H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qCAAsC,EAAC,AAAC,EAAC,CAAC,yKAAsL,EAAED,EAAE,CAAC,KAAK,+IAA+I,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,2GAA4G,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,iBAA8B,EAAED,EAAE,CAAC,KAAK,4HAA4H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,6BAA8B,EAAC,AAAC,EAAC,CAAC,kSAA+S,EAAED,EAAE,CAAC,KAAK,sGAAsG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,4UAA0V,EAAED,EAAE,CAAC,KAAK,2GAA2G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,uKAAwK,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,0CAA2C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,4GAA4G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,0BAA2B,EAAC,AAAC,EAAC,CAAC,0BAAuC,EAAED,EAAE,CAAC,KAAK,mHAAmH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,yVAA0V,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,4GAA4G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,2DAAwE,EAAED,EAAE,CAAC,KAAK,uGAAuG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAC,wVAAqW,EAAED,EAAE,CAAC,KAAK,4GAA4G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,2JAAwK,EAAED,EAAE,CAAC,KAAK,uFAAuF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,SAAU,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wHAAqI,EAAED,EAAE,CAAC,KAAK,mHAAmH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,uTAAoU,EAAED,EAAE,CAAC,KAAK,2GAA2G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,8SAA+S,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,0CAA2C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oEAAiF,EAAED,EAAE,CAAC,KAAK,mHAAmH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,sbAAmc,EAAED,EAAE,CAAC,KAAK,mHAAmH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,uFAAwF,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,iCAA8C,EAAED,EAAE,CAAC,KAAK,2GAA2G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,SAAU,CAAC,EAAC,CAAc,EAAE,aAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,wRAAyR,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uCAAoD,EAAED,EAAE,CAAC,KAAK,0HAA0H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,yBAA0B,EAAC,AAAC,EAAC,CAAC,2QAA4Q,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0KAAuL,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,qBAAkC,EAAED,EAAE,CAAC,KAAK,kEAAkE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,CAAC,+DAAgE,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,qUAAsU,EAAC,AAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,qCAAsC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gDAA6D,EAAED,EAAE,CAAC,KAAK,gKAAgK,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,sCAAmD,EAAED,EAAE,CAAC,KAAK,gDAAgD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,2RAAwS,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,uCAAoD,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,+BAA4C,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,gFAAiF,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kBAA+B,EAAED,EAAE,CAAC,KAAK,qCAAqC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,OAAoB,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,MAAmB,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,yKAA0K,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uEAAoF,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,yBAAsC,EAAED,EAAE,CAAC,KAAK,6EAA6E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,aAA0B,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,uBAAoC,EAAED,EAAE,CAAC,KAAK,oHAAoH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,uOAAoP,EAAED,EAAE,CAAC,KAAK,oDAAoD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,+KAA4L,EAAED,EAAE,CAAC,KAAK,+DAA+D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,+CAA4D,EAAED,EAAE,CAAC,KAAK,mEAAmE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kDAA+D,EAAED,EAAE,CAAC,KAAK,oHAAoH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,8EAA+E,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wEAAqF,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,QAAqB,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,4WAA0X,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,6GAA0H,EAAE,OAAO,CAAC,SAAS,UAAW,EAAC,CAAC,mBAAgC,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,OAAoB,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,mBAAgC,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,IAAiB,EAAED,EAAE,CAAC,KAAK,uDAAuD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,mUAAoU,CAAC,EAAC,CAAc,EAAE,aAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,CAAc,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,iBAA8B,EAAE,OAAO,CAAC,SAAS,OAAQ,EAAC,CAAC,+EAA4F,EAAE,OAAO,CAAC,SAAS,eAAgB,EAAC,CAAC,yGAAsH,EAAE,OAAO,CAAC,SAAS,YAAa,EAAC,CAAC,sOAAmP,EAAE,OAAO,CAAC,SAAS,YAAa,EAAC,CAAC,6CAA0D,EAAE,OAAO,CAAC,SAAS,eAAgB,EAAC,CAAC,oFAAiG,EAAE,OAAO,CAAC,SAAS,YAAa,EAAC,CAAC,sCAAuC,CAAC,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,qKAAkL,EAAE,SAAS,CAAC,SAAS,4CAA6C,EAAC,CAAC,8CAA2D,EAAED,EAAE,CAAC,KAAK,wEAAwE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,+CAAgD,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,uCAAwC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0FAAuG,EAAED,EAAE,CAAC,KAAK,gKAAgK,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,6BAA8B,EAAC,AAAC,EAAC,CAAC,OAAoB,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,obAAqb,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0QAAuR,EAAED,EAAE,CAAC,KAAK,2CAA2C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,eAAgB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,qbAAsb,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,oBAAqB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sNAAmO,EAAED,EAAE,CAAC,KAAK,mEAAmE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,oDAAiE,EAAED,EAAE,CAAC,KAAK,iDAAiD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,yBAA0B,EAAC,AAAC,EAAC,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,iDAAiD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gCAAiC,EAAC,AAAC,EAAC,CAAC,IAAK,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mDAAgE,EAAED,EAAE,CAAC,KAAK,kHAAkH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,oGAAiH,EAAED,EAAE,CAAC,KAAK,gKAAgK,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,aAA0B,EAAE,OAAO,CAAC,SAAS,QAAS,EAAC,CAAC,4DAA6D,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,+IAA4J,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,yBAA0B,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kEAA+E,EAAED,EAAE,CAAC,KAAK,8FAA8F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,ugBAAwgB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mHAAgI,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAC,gHAA6H,EAAED,EAAE,CAAC,KAAK,0EAA0E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,wVAA2V,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,yKAAsL,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,kJAA+J,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,4FAA6F,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,uCAAwC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wBAAqC,EAAED,EAAE,CAAC,KAAK,0EAA0E,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,mFAAgG,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAC,wHAAqI,EAAE,SAAS,CAAC,SAAS,OAAQ,EAAC,CAAC,0LAAuM,EAAE,SAAS,CAAC,SAAS,eAAgB,EAAC,CAAC,yJAAsK,EAAE,SAAS,CAAC,SAAS,qBAAsB,EAAC,CAAC,8GAA+G,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,oEAAiF,EAAE,KAAK,CAAC,SAAS,QAAS,EAAC,CAAC,kFAA+F,EAAED,EAAE,CAAC,KAAK,mFAAmF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,sEAAmF,EAAED,EAAE,CAAC,KAAK,gIAAgI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAC,4CAAyD,EAAED,EAAE,CAAC,KAAK,oEAAoE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,6BAA8B,EAAC,AAAC,EAAC,CAAC,qXAAsX,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,2KAAwL,EAAE,SAAS,CAAC,SAAS,UAAW,EAAC,CAAC,KAAkB,EAAE,SAAS,CAAC,SAAS,cAAe,EAAC,CAAC,QAAqB,EAAE,SAAS,CAAC,SAAS,eAAgB,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,ydAAse,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAC,iLAA8L,EAAED,EAAE,CAAC,KAAK,4BAA4B,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,KAAkB,EAAED,EAAE,CAAC,KAAK,sBAAsB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,KAAkB,EAAED,EAAE,CAAC,KAAK,gCAAgC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,KAAkB,EAAED,EAAE,CAAC,KAAK,4DAA4D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,gNAAiN,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,6HAA0I,EAAED,EAAE,CAAC,KAAK,0FAA0F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,2HAAwI,EAAED,EAAE,CAAC,KAAK,uBAAuB,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,8DAA2E,EAAED,EAAE,CAAC,KAAK,8GAA8G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,gHAAiH,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,8CAA+C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4HAAyI,EAAE,KAAK,CAAC,SAAS,eAAgB,EAAC,CAAC,sTAAuT,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,iXAA8X,EAAE,SAAS,CAAC,SAAS,qCAAsC,EAAC,CAAC,0IAA2I,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,qBAAqB,UAAU,eAAe,OAAO,MAAM,IAAI,uEAAuE,OAAO,uQAAuQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,kBAA+B,EAAED,EAAE,CAAC,KAAK,wDAAwD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,sBAAuB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,2DAAwE,EAAED,EAAE,CAAC,KAAK,gDAAgD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,sKAAmL,EAAED,EAAE,CAAC,KAAK,gCAAgC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,oRAAiS,EAAED,EAAE,CAAC,KAAK,kCAAkC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,8BAA2C,EAAE,SAAS,CAAC,SAAS,0BAA2B,EAAC,CAAC,8HAA2I,EAAED,EAAE,CAAC,KAAK,2CAA2C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,IAAiB,EAAED,EAAE,CAAC,KAAK,sDAAsD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,QAAqB,EAAED,EAAE,CAAC,KAAK,oCAAoC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,mBAAoB,EAAC,AAAC,EAAC,CAAC,gEAA6E,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,oVAAqV,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,qDAAkE,EAAE,OAAO,CAAC,SAAsB,EAAED,EAAE,CAAC,KAAK,2FAA2F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAED,EAAE,CAAC,KAAK,2FAA2F,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,0BAAuC,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iBAAkB,EAAC,AAAC,EAAC,CAAC,+BAA4C,EAAED,EAAE,CAAC,KAAK,kHAAkH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,0eAA6e,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,qHAAkI,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,eAAgB,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,4BAA6B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,qEAAkF,EAAED,EAAE,CAAC,KAAK,0DAA0D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,wBAAqC,EAAED,EAAE,CAAC,KAAK,mEAAmE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,6BAA8B,EAAC,AAAC,EAAC,CAAC,yZAA0Z,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8bAA2c,EAAE,OAAO,CAAC,SAAS,oBAAqB,EAAC,CAAC,UAAW,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4CAAyD,EAAED,EAAE,CAAC,KAAK,iGAAiG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,4MAAyN,EAAED,EAAE,CAAC,KAAK,0DAA0D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,wHAAqI,EAAE,OAAO,CAAC,SAAS,qBAAsB,EAAC,CAAC,gDAA6D,EAAE,SAAS,CAAC,SAAS,UAAW,EAAC,CAAC,wGAAyG,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,iCAAkC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,MAAmB,EAAED,EAAE,CAAC,KAAK,0DAA0D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,+GAA4H,EAAE,OAAO,CAAC,SAAS,YAAa,EAAC,CAAC,qUAAkV,EAAE,OAAO,CAAC,SAAS,YAAa,EAAC,CAAC,sHAAuH,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sHAAmI,EAAED,EAAE,CAAC,KAAK,iGAAiG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,sGAAmH,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,2FAAwG,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,IAAK,EAAC,AAAC,EAAC,CAAC,4NAAyO,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,4BAA6B,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uPAAoQ,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,iDAAkD,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gYAA6Y,EAAED,EAAE,CAAC,KAAK,iGAAiG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,8CAA+C,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4EAAyF,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,iKAA8K,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,aAA0B,EAAED,EAAE,CAAC,KAAK,mGAAmG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,0QAAuR,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,kBAAmB,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kBAA+B,EAAED,EAAE,CAAC,KAAK,8CAA8C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,mBAAgC,EAAE,SAAS,CAAC,SAAS,qDAAsD,EAAC,CAAC,sLAAuL,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mPAAgQ,EAAE,OAAO,CAAC,SAAS,MAAO,EAAC,CAAC,+GAA4H,EAAE,SAAS,CAAC,SAAS,yBAA0B,EAAC,CAAC,+HAA4I,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,kDAA+D,EAAED,EAAE,CAAC,KAAK,oDAAoD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,oBAAqB,EAAC,AAAC,EAAC,CAAC,IAAiB,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4EAAyF,EAAED,EAAE,CAAC,KAAK,oDAAoD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,kPAA+P,EAAED,EAAE,CAAC,KAAK,uFAAuF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,wSAAyS,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uIAAoJ,EAAED,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,qdAAsd,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,MAAO,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,2GAA4G,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,0BAA2B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,iFAA8F,EAAED,EAAE,CAAC,KAAK,4DAA4D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,qFAAsF,CAAC,EAAC,CAAc,EAAE,aAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,4SAA6S,EAAC,AAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,gDAA6D,EAAED,EAAE,CAAC,KAAK,oDAAoD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,iCAAkC,EAAC,AAAC,EAAC,CAAC,0UAAuV,EAAED,EAAE,CAAC,KAAK,2CAA2C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,0BAA2B,EAAC,AAAC,EAAC,CAAC,+EAAgF,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,aAAc,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,uCAAoD,EAAED,EAAE,CAAC,KAAK,2DAA2D,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,4CAAyD,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,oQAAqQ,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,kBAAmB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,4GAAyH,EAAED,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,KAAM,EAAC,AAAC,EAAC,CAAC,8FAA+F,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,SAAU,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAc,EAAED,EAAE,CAAC,KAAK,iDAAiD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,sBAAuB,EAAC,AAAC,EAAC,CAAC,sdAAud,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,6PAA0Q,EAAED,EAAE,CAAC,KAAK,qDAAqD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,sFAAmG,EAAE,KAAK,CAAC,SAAS,OAAQ,EAAC,CAAC,6TAA8T,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,OAAoB,EAAED,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,yWAAsX,EAAED,EAAE,CAAC,KAAK,kIAAkI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,mLAAoL,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,YAAa,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,sLAAmM,EAAED,EAAE,CAAC,KAAK,qDAAqD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,+JAA4K,EAAE,KAAK,CAAC,SAAS,OAAQ,EAAC,CAAC,sIAAuI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,qCAAkD,EAAED,EAAE,CAAC,KAAK,qDAAqD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,eAAgB,EAAC,AAAC,EAAC,CAAC,sPAAmQ,EAAED,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,0HAA2H,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,aAAc,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,iNAA8N,EAAED,EAAE,CAAC,KAAK,6CAA6C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,8RAA+R,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,iBAAkB,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,gLAAiL,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,gDAAiD,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,qEAAsE,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,+EAAgF,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,0FAA2F,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,kBAAkB,IAAI,SAAsB,EAAE,IAAI,CAAC,SAAS,yFAA0F,EAAC,AAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0GAAuH,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,+GAA4H,EAAED,EAAE,CAAC,KAAK,yDAAyD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,8GAA2H,EAAED,EAAE,CAAC,KAAK,qIAAqI,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,aAAc,EAAC,AAAC,EAAC,CAAC,+LAA4M,EAAED,EAAE,CAAC,KAAK,+CAA+C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,SAAU,EAAC,AAAC,EAAC,CAAC,iLAA8L,EAAE,SAAS,CAAC,SAAS,+BAAgC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,0KAAuL,EAAED,EAAE,CAAC,KAAK,uDAAuD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,uBAAwB,EAAC,AAAC,EAAC,CAAC,uEAAoF,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,WAAY,EAAC,AAAC,EAAC,CAAC,OAAoB,EAAED,EAAE,CAAC,KAAK,gEAAgE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,uDAAoE,EAAED,EAAE,CAAC,KAAK,kDAAkD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,kBAAmB,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,yKAA0K,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,QAAqB,EAAE,KAAK,CAAE,EAAC,CAAc,EAAE,KAAK,CAAE,EAAC,CAAC,MAAmB,EAAE,SAAS,CAAC,SAAS,GAAI,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,4BAA6B,EAAC,CAAC,uBAAwB,CAAC,EAAC,CAAc,EAAED,EAAE,CAAC,KAAK,qDAAqD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAsB,EAAE,KAAK,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,wCAAyC,EAAC,CAAc,EAAED,EAAE,CAAC,KAAK,kDAAkD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAsB,EAAE,KAAK,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,AAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,IAAiB,EAAE,SAAS,CAAC,SAAS,CAAc,EAAE,KAAK,CAAE,EAAC,CAAc,EAAE,KAAK,CAAE,EAAC,AAAC,CAAC,EAAC,AAAC,CAAC,EAAC,CAAC,OAAQ,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAS,CAAc,EAAE,KAAK,CAAC,SAAS,gCAAiC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,kDAA+D,EAAED,EAAE,CAAC,KAAK,qDAAqD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,wOAAqP,EAAED,EAAE,CAAC,KAAK,4HAA4H,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,sBAAuB,EAAC,AAAC,EAAC,CAAC,wTAAqU,EAAED,EAAE,CAAC,KAAK,4IAA4I,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,cAAe,EAAC,AAAC,EAAC,CAAC,2FAAwG,EAAED,EAAE,CAAC,KAAK,iHAAiH,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,CAAC,8FAA+F,CAAC,EAAC,CAAc,EAAE,MAAM,CAAC,IAAI,eAAe,UAAU,eAAe,OAAO,MAAM,IAAI,sEAAsE,OAAO,oQAAoQ,MAAM,CAAC,YAAY,YAAa,EAAC,MAAM,KAAM,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAC,qFAAkG,EAAED,EAAE,CAAC,KAAK,4GAA4G,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,wHAAqI,EAAED,EAAE,CAAC,KAAK,mDAAmD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,QAAS,EAAC,AAAC,EAAC,CAAC,wGAAqH,EAAED,EAAE,CAAC,KAAK,gDAAgD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,oMAAiN,EAAED,EAAE,CAAC,KAAK,mEAAmE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,KAAkB,EAAED,EAAE,CAAC,KAAK,kDAAkD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,KAAkB,EAAED,EAAE,CAAC,KAAK,uGAAuG,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,QAAS,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,wCAAyC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,6VAA0W,EAAED,EAAE,CAAC,KAAK,gEAAgE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,gDAAiD,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,iVAA8V,EAAED,EAAE,CAAC,KAAK,iDAAiD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,wBAAyB,EAAC,AAAC,EAAC,CAAC,iOAA8O,EAAED,EAAE,CAAC,KAAK,gEAAgE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,CAAC,qDAAsD,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,mFAAgG,EAAE,SAAS,CAAC,SAAS,cAAe,EAAC,CAAC,qIAAsI,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,QAAqB,EAAE,KAAK,CAAE,EAAC,CAAc,EAAE,KAAK,CAAE,EAAC,CAAC,MAAmB,EAAE,SAAS,CAAC,SAAS,GAAI,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,4BAA6B,EAAC,CAAC,8JAA2K,EAAE,SAAS,CAAC,SAAS,CAAc,EAAE,KAAK,CAAE,EAAC,CAAc,EAAE,KAAK,CAAE,EAAC,AAAC,CAAC,EAAC,AAAC,CAAC,EAAC,CAAC,OAAQ,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,yDAAsE,EAAED,EAAE,CAAC,KAAK,mEAAmE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,0GAAuH,EAAED,EAAE,CAAC,KAAK,qFAAqF,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,sKAAmL,EAAED,EAAE,CAAC,KAAK,iDAAiD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,qBAAsB,EAAC,AAAC,EAAC,CAAC,wHAAyH,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,maAAgb,EAAED,EAAE,CAAC,KAAK,+CAA+C,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,MAAO,EAAC,AAAC,EAAC,CAAC,sKAAuK,CAAC,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,2BAA4B,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,6FAA0G,EAAED,EAAE,CAAC,KAAK,kCAAkC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,OAAQ,EAAC,AAAC,EAAC,CAAC,yEAAsF,EAAED,EAAE,CAAC,KAAK,qCAAqC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,UAAW,EAAC,AAAC,EAAC,CAAC,iBAA8B,EAAED,EAAE,CAAC,KAAK,kEAAkE,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,0BAA2B,EAAC,AAAC,EAAC,CAAC,uQAAqR,EAAE,SAAS,CAAC,SAAS,aAAc,EAAC,CAAc,EAAED,EAAE,CAAC,KAAK,qDAAqD,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAsB,EAAE,SAAS,CAAC,SAAS,gBAAiB,EAAC,AAAC,EAAC,AAAC,EAAC,CAAC,6DAA8D,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,QAAqB,EAAE,KAAK,CAAE,EAAC,CAAc,EAAE,KAAK,CAAE,EAAC,CAAC,MAAmB,EAAE,SAAS,CAAC,SAAS,GAAI,EAAC,CAAc,EAAE,KAAK,CAAC,SAAS,CAAc,EAAE,SAAS,CAAC,SAAS,4BAA6B,EAAC,CAAC,iDAA8D,EAAE,SAAS,CAAC,SAAS,CAAc,EAAE,KAAK,CAAE,EAAC,CAAc,EAAE,KAAK,CAAE,EAAC,AAAC,CAAC,EAAC,AAAC,CAAC,EAAC,CAAC,OAAQ,CAAC,EAAC,CAAc,EAAE,IAAI,CAAC,SAAS,CAAC,6GAA0H,EAAED,EAAE,CAAC,KAAK,uCAAuC,aAAa,EAAE,OAAO,YAAY,cAAc,EAAE,UAAU,CAAE,EAAC,QAAQ,oBAAoB,cAAc,EAAE,SAAsB,EAAEC,EAAE,EAAE,CAAC,SAAS,YAAa,EAAC,AAAC,EAAC,CAAC,GAAI,CAAC,EAAC,AAAC,CAAC,EAAC,CAAc,EAAwB,EAAA,EAAa,CAAC,SAAsB,EAAE,IAAI,CAAC,SAAS,6JAA8J,EAAC,AAAC,EAAC,CACxkqI,EAAqB,CAAC,QAAU,CAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,SAAW,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,UAAY,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,WAAa,CAAC,KAAO,WAAW,YAAc,CAAC,sBAAwB,GAAI,CAAC,EAAC,mBAAqB,CAAC,KAAO,UAAW,CAAC,CAAC"}