Embed Size (px)
Citation preview
Peer-to-Peer Peril: How Peer-to-Peer File Sharing Impacts Vendor Risk and Security Benchmarking
IntroductionPeer-to-peer (P2P) file sharing often conjures images of people downloading movies and music in the comfort of their own home to bypass paying for this media. In the late eighties and early nineties, websites such as Kazaa, Napster and Limewire emerged as popular channels for con-sumers to access media content. More recently, file sharing has been in the news due to the temporary shut down of Pirate Bay, reportedly raided by Swedish police after the United States threatened sanctions through the World Trade Organization1.
While this activity is often looked at with a consumer-centric lens, it can have serious effects for businesses as well. Out of the over 30,700 companies* that BitSight rates for security performance, we have observed file sharing activity on 23% of companies using the BitTorrent** protocol. Much of this activity is likely against corporate policies; although there are no pub-lished metrics on what percent of companies prohibit P2P file sharing, many companies have explicit rules against it. This is not to say that file sharing itself is illegal. It is important to note that sharing files over peer-to-peer networks is not illegal - only the sharing of copyrighted content2. For many companies, peer-to-peer file sharing is a result of shadow IT - where employees are downloading copyrighted business applications such as Microsoft or Adobe products.
IT and Legal departments are likely well-versed in the potential consequences of illegal shar-ing of copyrighted material - namely legal issues - yet many companies may be unaware of the security risks posed by this activity. After analyzing hundreds of torrented files from the BitTorrent protocol, BitSight researchers found that 43% of torrented applications contained malicious soft-ware. This finding demonstrates that businesses should ensure that policies and technologies are in place to mitigate the risks from this activity. The report will outline additional industry level metrics and provide recommendations that can help risk and security professionals mitigate this threat to corporate and vendor networks.
*BitSight currently has over 37,000 companies in our total inventory.**BitTorrent is a protocol that enables users to share files across a network. These files could be any content, but they are often movies, applications, or other copyrighted files. The BitTorrent protocol au-thors have upgraded the protocol to make file sharing more distributed and so harder to stop through legal or law enforcement actions. Despite these changes, copyright enforcement agencies have found copyright files served from corporate networks and have requested that companies remove shared files through serving take down notices.
43% of torrented applications contained malicious software
1
About BitSightBitSight is the worldwide leader in providing objective, accurate and actionable Security Ratings to businesses around the world. BitSight Security Ratings are a measurement of an organiza-tion’s security performance. Much like credit ratings, BitSight Security Ratings are generated through the analysis of externally observable data. Leading companies, including the top private equity firms, largest banks, major insurers and more are leveraging these ratings to mitigate third party risks, benchmark security performance, underwrite cyber insurance, perform M&A due diligence and manage portfolio cyber risk. BitSight is the only security ratings company that pro-vides customers with in-depth information on potentially harmful file sharing activity.
Key Findings
1
2
3
4
5
File Sharing is a common problem for many organizationsOut of the 30,700 companies that BitSight rates on security performance, 23% percent of them have evidence of some file sharing activity on their networks.
Torrented files are a major malware risk for businesses BitSight researchers found that 43% of application files and 39% of games contained malicious software.
Industries such as Government, Education and Utilities are poor performersMore than a quarter of companies in these industries have observed peer-to-peer file sharing activity in the last six months.
There is a correlation between botnet activity and file sharing activityBitSight researchers found that companies with more file sharing activity were likely to have more compromised machines due to botnet infections.
Companies with file sharing have lower BitSight Security RatingsWithin every industry analyzed for this study, there was a major gap in the rat-ings between companies that had file sharing activity and those that did not.
2
Study Overview: File sharing is a prevalent problem on corporate networks today. Out of the 30,700 entities rated by BitSight, 23% percentage of organizations had some observed file sharing activity. Many or-ganizations explicitly ban this activity, yet there is evidence that in some industries over a quarter of companies are currently sharing files over the BitTorrent protocol. While some of these files are likely legitimate, many of them are labeled as movies, games and other copyrighted material.
Due to the high percentage of companies using the BitTorrent protocol, BitSight researchers analyzed the correlation between botnet infections and peer-to-peer file sharing activity. The high malware infection rates suggest that companies with file sharing activity are more vulner-able to botnet infections on their networks. There has been previous research that reinforces this finding, such as a paper from the Vienna University of Technology titled, “Vanity, Cracks and Malware: Insights into the Anti-Copy Protection Ecosystem.” In this paper, researchers Markus Kammerstetter, Christian Platzer and Gilbert Wondracek performed an analysis of file sharing download links and noted, “Our results indicate that a majority of these programs aim to infect the target machine with one or more types of malware”3.
BitSight researchers took a sample of files from two popular categories of downloads: applica-tions and games. The reason for analyzing these categories is because they contain executable files that are more susceptible to being infected with malware. Running these files through mul-tiple file scanners and accounting for false positives, BitSight determined that 43% of applica-tions and 39% of games were carrying malicious code. This indicates that a significant number of files shared over the BitTorrent protocol contain potentially harmful software. After uncovering the high rate of infections within these files, BitSight researchers probed into another question: Do companies with file sharing activity have more compromised machines due to botnet infections?
Applications
Games
0% 10% 20% 30%Percentage of p2p Downloads with Malware
40% 50%
43.3%
38.7%
3
Figure 1. The percentage of peer-to-peer file downloads containing malware.
Clear Correlation between File Sharing and Botnet Infections
Percentage of P2P Downloads with Malware
An analysis of companies rated by BitSight demonstrated that, in fact, there was a clear cor-relation between file sharing over the BitTorrent protocol and botnet infections. While we can-not demonstrate that malicious software from downloaded files caused these observed botnet infections, we can definitively say that companies with more peer-to-peer file sharing activity are more likely to have an increased number of botnet infections. This has major implications for se-curity and risk professionals: if a company or important third party has increased peer-to-peer file sharing activity, this could indicate more serious security issues such as botnet infections.
�
�
� �
�
��
�
�
�
�
�
�
�
� �
�
��
�
�
�
�
��
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�� �
�
�
�
� ��
�
�
�
� ��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
���
� ��
�
�
�
�
�
�
�
�
� ��
�
�
�
�
�
�
�
�
�
��
���
�
�
�
�
�
�
��
�
�
�
�
���
�
�
�
�
�
�
���
�
�
�
�
�
�� �
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
� ��
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
� ��
� ��
�
�
�
�
�
� �
�
�
�
�
�
� ��
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
��
�
�
�
�
�
�
�
�
�
�� �
�
�
�� ��
��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�� � �
��
�
�
�
�
�
�
�
��
��
�
��
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
��
�
��
��
� �
�
�
�
�
�
�
�
��
�
�
��
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
��
�
�
�
�� �
�
��
�
�
�
�
���
��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�����
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
��
�
�
�
�
�
�
�
���
��
�
�
� � ���
� �
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
� �
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
��
�
�
�
� � �
�
�
�
�
�
� �
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
��
�
�
�
�
�
��
�
��
�
�
� � �
�
�
��
�
�
�
�
�
�
�� �
�
�
�
�
�
�
�
�
�
�
�
��
��
��
�
��
�
�
�
�
�
�
�� ��
�
��
�
�
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
�� ��
��
�
�
�
�
�
�
�
��
�
��
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
� � �
�
�
�
��
�
�
�
�
�� ��
��
�
�
�
�
��
��
�
�
�
�
��
�
�
�
�
�
�
��
�
�
��
�
�
�
�
��
�
��
�
�
�
��� ��
�
�
�
��
�
�
�
�
��
�
��
�
��
�
�
�
�
�
�
�
�
�
�
��
�
��
�
�
�
�
�
�
�
��
�
�
�
�
��� ��
�
��
��
��
��
�
�
�
�
�
� �
�
�
�� �
�� �
�
�
�
�
�
�
�
�
�
�
�
�
� ��
�
�
�
�
�
�
��
�
�
�
��
��
�
�
�
�
�
��
��
�
��
�� ��
��
� �
�
�
�
�
�
�
�
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
� ��
�
�
�
��
�
�
�
�
�
� �
�
�
�
�
��
�
�
� �
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
���
�
�
�
�
�
�
� �
�
�
�
�
�� � �
�
�
�
�
�
�
�
�
�
���
� ��
�
�
�
�
�
�
�
��
�
�
�
� �
�
�
�
�
�
�
�
� ��
�
��
�
�
�
�
�
�
�
�
�
�
�
�
� �
��
�
�
�
�
� �
��
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
�
�� ��
�
�
�
�
�
�
�
�
����
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
��
�
��
��
�
��
�
�
�
�
���
� ��
�
�
�
�
�
�
�
��
�
��
�
�
��
�
�
�
�
�
���
�
�
�
�
� �
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��� � ��
�
�
�
�
��
�
��
� ��
�
�
�
��
�
�
�
�
���
�
�
�
�� �
��
�
�
�
��
�
�
�
�
�
��
�
��
� ��
�
��
���
�
�
� ��
��
� �
�
�
��
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
� �
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
� �
� �
�
�
�
�
�
�
�
�
��
�� �
��
��
�
�
�
�
�
�
�
�
� �
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�� � ��
�
�
�
�
�
�
��
�
�
��
�
�
�
��
�
�
� �
�
�
�
�
�
�
�
��
��
�
�
�
��
�
�
�
��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
� ��
�
�
�
�
� ��
��
��
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� � �� �
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
��
�
�
�
�
�
�
�
��
�
��
�
�
�
�
��
�
�
�
�
�
�
�
��
� �
�
�
��
�
��
�
� �
�
�
�
��
�
�
�
�� �
�
�
�
�
��
�
�
��
�
�
��
��
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
� �
�
�
�
�
��
�
�
�
�
�
��
�
�� �� ��
�
�
� �
��
�
�
�
�
�
���
�
�
�
� �
�
�
�
�
�
�
��
�
�
�
��
�
���
��
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
� �
�
�
�
�� �
��
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
� �
�
�
�
� �
�
�
�
� �
�
�
�
�
��
�
�
�
�
�
�
�
��
�
�
�
�
� �
�
� ��
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
���
�
��
�
���
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
� �
�
�
�
���
�
�
�
��
�
�
��
��
�
�
�
�
�
��
�
�
�
��
�
�
��
��
�
�
� �
��
� �
�
�
�
�
�
�
�
�
� �
�
�
��
�
�� �
� �
�
�
�
�� �
�
�
�
� � ��
�
�
�
��
�
�
�
�
�
�
��
�
�
� ��
�
�
�
�
��
�
�
�
� �
� � � ���
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
�
�
�
�
��
�
��
�
�
�
���
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
��
�
� � ���� �
��
� �� �
�
�
�� �
�
�
�
�
�
�
�
�
�
��
�
�
�
�
� �
�
�
� �
�
�
�
�
�
��
�
�
��
�
��
��
�
� �
�
�
��
�
�
�
�
�
�
��
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�� ��
�
�
�
�
�
�
� �
�
��
��
�
��
�
��
�
�� ���
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
��
���
�
�
�
��
�
�
��
�
� �
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
���
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
��
�
�
�
�
���
�
�
��
�
�
�
�
���
���
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�� �
�
�
� �
�
��
�
�
��
�
�
�
��
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
��
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
��
�
��
� � �
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�� �
�
�
��
�
�
�
�
�
��
�
�
�
��
�
�
��
�
��
�
�
��
��
�
��
�
�
��
�
�
�
�
�
�
�
�� �
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
� ��
�
��
��
��
�
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
�
�� ��
�
��
�
��
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
��
�
�
��
�
�
��
�
�
�
�
�
�
�
��
�
� �
�
�
�
�
�
��
�
�
�
�
�
�
�
��
�
�
� �
�� ��
��
�
��
�
��
�
��
�
�
�
�
�
�
�
�� �
�
�
� �
�
�
�
�
�
�
��
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
��
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
��
�
�
��
���
��
�
�
��
�
�
�
�
�
��
�
� �
� �
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
��
�
�
� ��
��
�
�
�
�
� �
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
�
�
�
� ��
�
�
�
���
�
�
�
�
�
��
�
� �
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
� �
��
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
��
���
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
� ��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
���
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
��
�
�
�
�
�� �
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�
�
��
�
��
���
���
��
�
�
��
�
�
�
��
�
�
�
�
�
�
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
����
��
�
�
�
�
�
�
��
�
��
��
�
� �
�
�
���
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
� ��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
��
�
�
�
��
�
� �
�
� �
�
�
�
��
�
��
�
�
�
�
����
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
��
�
� �
�
�
�
�
�
�
�
�
�
�
� ��
�
��
�
�
�
��
�
�
�� �
��
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
���
���
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�� �
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
��
�
��
�
�
�
�
�
�
��
��
�
�
�
��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
���
�
�
�
�
�
�
�
� �
� ��
�
�
�
�� �
�
�
�
�
�
�
�
��
��
�
�
�
�
�
�
�� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
�
�
� �
�
�
�
�
�
�
��
�
�
�
�
� �
�
�
�
�
�
��
�
�
�
���
�
�
�
�
� �
�
�
�
��
��
�
�
�
�
�
�
��
� ��
�
�
�� ��
�
�
�
� ��
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
� ��
�
�
�
�
�
�
�
� ��
��
��
� �
��
�
� �
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
� ��
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
���
�
�
�
�
�
�
�
��
� ��
�
�
� ��
�
� �
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
��� �
��
� �
�
�
�
�
�� �
�
�
�
�
�
�
�
� ��
�
�
�� �
�
�
�
�
�
�
�
�
� �
�
��� �
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�� � ��
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
� �
�
�
�
�
�
� �
�
�
�
�
�
����
�
�
�
�
� �
�
�
�
�
�� �
�
�
�
��
�
��
�
�
�
�
�
�
�
�
�
�
��
�
� � �
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
���
�
�
���
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�� � ���
� �
�
��
��
�
�
�
��
��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�� �
�
��
��
�
�
�
��
� �
�
�
�
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� ��
�
�
��
��
�
�
�
�
��
�
�
�
�
� � ��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
��
�
� �
�
�
�
�
��
�
�
�
��
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
��
�
� �
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� ��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
���� �
�
�
�
�
�
�
��
�
�
�
�
�
��
��
�
�
�
�
��
�
� �
�
��
�
� ��
� �
�
�
�
�
�
�
�
��
� �
�
� ��
�
�
�
�
� �� �
�
��
���
�
�
�
�
��
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
��
�� �
��
�
�� �
��
�
�
�
�
�
�
�� �
�
�
��
�
�
�
� �
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
� � �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
� �
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
� ��
�
�
�
�
�
�
�
�
��
��
�
�
�
��
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
��
�
��
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� � �
�
�
�
�
��
���
�
�
�
�
�
��
�
�
�
��
�
�
�
�
�
�
�
��� �
�
�
�
�
�� �
��
�
�
�
�
�
� �
�
�
�
��
��
��
��
� � ��
� �
� �
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
��
�
�
�
�
�
����
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
����
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�
� �
��
�
�
��
�
�
�
�
�
��
��
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
��
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
��
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�
��
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
��
�
� �
�
�
��
�
�
�
�
�� �
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
��
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
�
��
��
�
���
�
�
�
��
�
�
�
�
�
�
�
��
�
� �
� �
�
�
�
�
�
�
��
�
�
�
�
�
� �
�
�
�
�
��
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
� �
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
� �
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
��
�
���
�
�
�
�
�
�
�
� ��
�
�
�
�
�
�
�
���
�
�
�
�
�
� ��
��
�
��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
��
��
� �
�
��
�
��
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�� �
�
�
�
�
�� �
�
�
�
�� �
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
� �
���
�
�
�
�
�
�
�
��
�
�
���
�� �
�
�
�
�
� �
�
�
�
�
��
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
��� �
��
�
�
�
�
�
��
���
��
� �
�
�
�
�
��
��
�
�
��
�
�
� �
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
��
��
�
�
� ��
� �
�
�
�
��� � ��
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
���
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
��
�
� �
�
�
�
�
� ��
�
�
�
�
�
��
��
����
��
�� � ��
�
�
��
� ��
�
�
�
��
��
�
�
�� � ��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
��
�
�
�
�
���
�
�
�
�
�
�
�
���
�
�
�
�
�
�
�
�
��
�
��
��
��
�
�
�
�
�
��
�
��
�
�
�
�
�
�
��
��
��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
��
� ��
�
��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
����
��
�
�
� �
�
�
�
�
� � ��� �
��
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
�
�
�� �
� �
�
�
�
�
�
� �
�
�
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
� �
� ��
�
�
��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
��
�
�
�� �
�
�
��
��
� �
�� ���
�
�
�
�
��
��
�
�
�
�
��
�
�
��
�
�
�
�
�
�
�
�
�
��
��
�
�
�� �
�
��
�
�
�
�
�
�
��
�
�
���
��
�
�
��
�
���
��
��
�
�� �
��
�
�
���
��
�
�
�
�
�
�� � ��
�
�
���
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
��
���
�
�
�
�
�
�
�
�
�
�
�
�
� ���
� �� � �
�
�
��
��
�
�
�
�
�
�
�
���
�
�
�
�
��
�� ���
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�� �
�
�
�
�
�
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
���� �
�
��
�
�
�
�
�
� � ���
��
�
�
�
�
�
�
�
�
�
�
�
� �
���
��
�
�
�
� �
��
�
�
�
��
�
�
���
�
��
�
�
�
�
�
�
��
�
�
��
��
�� �� � �
�
�� �
�
�
�
���
�
� �
��
��
�
��
� �
�
�
�
�
��� �
�
�
���
�
�
�
�
� �
�
�� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
�
���
�
�
�
�
��
��
�
� ��
�
�
�
�� � ���
�
�
��
�
�
� ��
��
���
�
�
�
��
�
��
��
��
�
�
��
�
�
�
�
�
�
�
�
�
��
�
��
�
�
�
�
�
�
��
�
�
�
�
��
�
���
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
� �
�
�
�
�
�
�
�
�� ��
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�� � � ��
�
�
�
�
�
� �
� �
�
��
� ��
�
�
��
� �
���
��
�
�
�
�
�
�
�
�
�
��
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
���
��
�
�
�
�
�
�
�
��
�
��
�
��
�
�
�
�
�
�
�
� � �
�
�
�
���
�
�
�
�
�
��
�
�
�
�
�
�
��
��
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
��
�
�
��
�
�
�
�
�
�
��
��
�
��
�
�
�
�
�
�
�
�
�
��
�
�� �
�
�
�
�
�
�
��
��
� ��
�
�
�
�
�
�
�
�
�
��
� � �
�
�
�
��
�
�
�
�
��
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
��
�
�
��
� �
�
�
�
�
�
��
�
�
�
�
��
�
��
���
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
��
�
�
�
�
�
�
�
�
�
�
�
��
�� �
�
�
��
��
�
�
�
�
�
�
��
���
�
�
�
�
��
��
�
�
�
�
�
�
�� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� ��
�
�
�
�� � � �
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
� �� ��
�
�
�
�
�
�
��
��
�
�
�
�
�
��
�
�
�
�
��
�
�
�
���
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
��
��
�
�� ��
��
�
��
���
�
�
�
�
�
�
�
��
� �
� � ��
�
� �
�
�
��
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��� ��
�
��
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
� ���� �
�
�
�
�
�
�
�
�
�
�
��
�
��� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
��
�
�
��
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
� � ���
�
��
�
�
�
���
�
�
�
�
�
��
�
�
�
�
�
�
�
�
��
�
��
�
�
�
��
�
��
�
�
� ��
��
�
�
�
��
�
�
�
�
�
� �
�
�
���
�
�
�
��
�
�
��
�� �
�
�
��
��
�
�
��
�
� ��
��
�
�
�
��
�
�
�
�
�
�
�
�
�
���
��
�
�
�
�
�
�
�
�
�� � �
��
�
�
�
�
�
�
�
�
�� �
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
��
�
��
�
�
�
�
�
�
�
���
�
�
�
�
� �
�
�
�
�
�
�
�
�� ��
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�� �
�
�
�
�
�
�
�
�
��
�
��
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
��
�
�
�
�
�
�
� �
�
�
�
�
��
�
��
�
�
�
� �
�
�
�
�
�
�
��
�
��
�
�
�
���
�
�
�
�
�
��
�
�
���
�
�
�
�
�
�
�
�
�
�
��
�
�
��
�
��
���
�
�
�
�
�
�
�
�
��
��
��
� �
��
�
��
�
�
�� ��
��
�
�
�
�
�
�
�
��
� �
�
�
�
�
��
��
��
�
�
��
�
���
��
�
�
��
��
�
�
�
�
�
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
�
�
� ���
�
�
��
��
�
�
�
�
� ��
�
�
�
�
�
�
� ��
� � �
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
�
� �
���
�
��
��
��
�
��
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
� �
�
�
�
�
��
�
� ��
���
�
�
�
�
����
� �
�
�
�
�
�
�
�� �
��
��� �
�
�
�
�
�
�
�
��
��
�
�
�
��
�
��
��� �
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
� �
��
�
�
�
�
�
�
�
�� �
�
�
�
�
�
�
�
�
�
��
�
�
��
�
�
�
�
�
� �
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�� �
�
��
�
�
�
�� �
�
�
�
�
�
��
�
��
�
�
� ��
�
�
��
�
�� � �
�
�
�
��
�
�
�
�
�
�
�
��
�
�
�
��
�
�� �
�
��
��
�
�
�
��
���
�
��
� ��
�
�
�
� �
�
�
����
� �
�
�
�
�
��
�
� �
�
�
�
� ��
�
��
�
�
��
�
�
��
�
�
��
�
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�� ��
�
�
��
�
�
� ��� �
�
�
�
�
�
��
�
���
��
� ��
�
�
��
��
�
�
�
�
�
�
��
���
�
�
�
��� � ��
�
��� ��
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
��� � ��
�
�
�
���� ��
�
�
�
�
�
��
�
�
�
�
��
��
��
�
��
�
�
�
�
��
�
�
�
�
� �
�
�
� �
�
�
� �� �
�
�� � �
�
��
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
� �
�� ���
�
���
���
��
�
�
�
��
�
�
�
��
� �
��
�
�
�
�
�
�
�
���
�
�
�
�
�
��
�
�
�
�
�
�
���
�
�
�
�
�
��
�
�
�
�
�
�
��
��
� �
��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�� ����
�
�
�
�
��
�
�
�
�
�� ����
�
�
�
���
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
� � ��
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�� �
�
�
���
�
�
�� �
�
��
��
�
�
�
�
�
�
��
�
�
�
�
�
�
�� �
�
��
�
�
�
�
�
���
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
� ��
�
�
�
�
�
��
� �
�
�
�
�
�
�
�
�
��
�
�
��� �
�
�
�
�
�
��
�
�
��
�
� ��
��
�
�
�
�
�
�� �
��
�
� ��
�
�
�
� � �
� �
�
�
��
��
�
�
�
�
�
�
�
��
�
��
�
��
�
�
�
��
�
��
�
��� ��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
��
�
��� �� � �
���
�
�
�
�
�
�
�
�
�
��
�
� ��
�
�
� �
� �
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
��
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
�
�
��
�
�
�
�
�
�
�
�
� ��
�
�
�
��
�
��
� �
�
�
�
���
�
��
��
�� �
�
�
�
�
�
�
�
�
�
�� � ��
��� ��
�
�
�
�� �
�
�
�
��
�
�
�
��
�
�
�
�
�
� �
�
�
�
�
��
�
�
��
�
�
�
�
�
�
��
�
� �
� �
�
�
�
��
�
�
�
�
��
�
�
�
�
�
�
� ��
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
� ��
� ��
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
�
��
�
�
�� �
�
�
�
�
��
�
�
�
��
�
�� ��
�
�
� �
�
�
�
�
� � �
� �
�
�
� �
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
��
�
�
��
�
�
�
�
�
��
�
�
��
�
�
� �
�
�
�
�
�
�
�
��
��
�
�
�
�
��
��
�
��
�
�
�
�
�
�
��
�
�
� �
�
�
� �
�
�
�
� �
��
�
��
�
�
�
�
�
�
�
�
��
� �� ��
�
�
�
�
�
��
�
�
���
�
�
�
��
��
��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��� ��
�
�
�
�
��
�
�
�
��
�
��
� �
�
�
�
�
�
��
�
�
�
��
�
�
�
�
��
�
�
��
�
�
�
�
���� �
��
�
�
�
�
���
�
�
�
�
�
�
�
�
�
��
�
��
� ��
�
����
��
��
��
�
�
�
�
�
����
��
�� �
�
� �
��
���
���
�
�
�
�
�
�
��
�
�
�
�
�
�
��
�
��
�
�
�
��
���
�
�
�
��
�
�
�
�
� �
�
��
�
��
�
� ���
�
�
�
�
�
��
�
��
�
�
�
�
�
�
��
�
�
�
�
��
��
��
�
�
�
�
�
���
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�� ��
�
�
�
�
���
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
� �
��
�
�
��
� ��
�
�
�
�
�
�
�
�� �
��
�
��
�
� �
�
�
�
� �
�
�
��
� �
�
��
�
�
�
��
�
��
�
�
��
���
�
�
�
�
�
��
�
�
�
�
�
�
�
�
� �
� �
�
�
�
� �
��
�
� �
�
�� ��
�
�
�
��
�
�
�
�
�
�
��� ���
�
�
�
�
��
�
�
�
� �
��
�
�
� �
�
���
��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
��
��
�
�
�
�
�
��
�
��
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
��
�
� �
� �
��
�
�
�
�
�
�
��
�
� �
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
�
��
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
��� � ��
�
�
�
�
�
��
�
�
��
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�� ��
�
�
�
�
��� ���
��
�
�
�
��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
���
�
�
�
�
�
��
�
�
� �
�
��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
� �
�
�
��
�
�
�
�
�
�
�
�
��
�
��
�
�
�
�
�
�
�
�
����
�
�
�
��� ��
�
�
��
��
���
�
�
�
�
�
�
���
�
�
�
�
�
�
�
�
�
���
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� ��
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
��
�
�
�
�
� ����
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
�
�
�
��
�
��
�
�
�
�
�
��
�
��
�
� ��
�
�
�
�
�
�� �
�
�
�� �
���
��
��
�
�
��
��
�
�
�
� ��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
��
��
�
�
�
�
�
��
�
�
�
� �
�
�
��
�
�
��
�
�
�
���
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
���
� ��
�
��
�
��
�
�
�
���
��
�
�
�
�� �
��
��
�
�
��
� ��
�
�
�
�
��
�
�
����
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
���
�
�
�
�� � �
��
�
�
� �
���
�
�
�
��
�
�
�
�
��
�
�
�
�
��
��
�
�
�
�
�
�
��
��
�
�
�
��
��
�
�
�
�
��
�
��
�
��
�
�
�
��
�
�
��
�
� �
�
��
�� ��
�
�
��
�
��
�
�
��
�
�
�
��
�
�
�
� �
�
�
� ��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
� �
�
�
�
�
�
���
�
�
�
�
�
�
�
��
�
�
�
��
��
�
�
�
�
�
���� ��
�
�
� ���
��
� �
�
��
��
�
� �
�
�
�
��
��
��
��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
��
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�� �
�
��
�
�
�
��
���
��
��
�
�
�
�
�
�
�
�
�
�
�
� �
�
��
�
�
�
�
�
�
� �
��
�
�
�
�
�
�
�
�
�
�
��
�
� ��
��
��
��
�
�
�
�
�
�
�
�
�
� �
�
�
��
�
�
�
�
�
�
��
�
��
� ��
�
� ��
����
�
�
�
�
�
��
�
�
��
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
���
�
�
�
��
�
�
�
�
��
����
��
��
�
�
��
��
��
��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
���
� ��
�
�
�
� �� �
�
�
�
�
�
�
�
�
�
� ��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
� ��
�
�
�
�
�
�
�
�
�
�
�
�
�
���
�
��
�
�
��
�
�
�
�
�
�� �
���
�
�
�
�
�
��
�
�
��
�
�
�
�
�
�
�
�
�
�
��
�
�
��� �
�
�
�
�
�
�
�
�
�
�
�
�
�
��� �
��
��
� ��
�
�
�
�
��
�
�
�
�
�
�
��
�
�
��
�
�
�
���
�
�
�
��
� �
��
�
�
�
�
����
��
��
�
�
�
�
�
�
��
��
�
�
�
�
��
��
�
�
�
�
���
�
� �
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
� ��
�
�
�
�
�
�
�
�
�
�
�� �
��
�
��
�
�
�
�
�
���
�
��
�
�
� ���
���
�
��
� �� �
��
��
�
�
�
�
�
��
�
��
��
�
��
�
�
�
�� �� ��
�
�
��
��
�
�
�
�� �
�
�
�
�
�
�
�
�
� �� �
� �
��
��
��
��
�
�
��
��
�
�
��
��
�
�
�
�� �
�
�
�
� � ��
�
��
�
�
�
��
��
�
�
�
�
�
� ��
�
�
�
��
� �
�
� �
�
� ��
�
��
�
�
�
�
��
� � ��
��
�
�
�
�
�
�
� �
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�� �
�
�
�
�� �
�
�
�
� ���
��
�
�
�
�
��
�
�
�
�
�
� �
�
�
�
�
�
�
�� �
��
�
�
��
�
��
�
�
�
�
�
� �
� � �
�
�
�
�
�
�
��
�
���
��
�
�
�
�
�
�
�
��
��
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�
��
�
�
��
�
��
�
�
�
��
���
�
��
�
��
��
��
��
�
�
��
�
�
�
�
��
�
�
�
��
�
�
�
��
�
��
�
��
�
� ��
�
���
�
�
�
�
�
�
�
�
�
�
�
��
� �
��
��
�
��
�
�
��
��
�
�
�
�
�
�
�
�
�
��
�
�
�
� �
�
�
�
�
��
� ����
�� �
��
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
�
�
�
��
�
�
� ���
�
��
�
��
� �
�
�
�
�
�
��
��
�
�
�
� �
�
�
��� �� �
��
�
�
�
�
�
�
��
��
�
��
�
��
�
�
�
�
�
�
�
��
�
��
�
�
�� �
�
� � ��
�
�
��
�
�
�
�
�
�
�
�
�
��
�
�
�
�
� �
�
�
�
�� � �� �
�
��
� �
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
� �
�
�
�
�
�
�
�
� �
���
�
�
�
�
�
�
�
�
��
�
�
�
�
�� �
��
�
�
�
��
�
�
�
�
�� �
��
� ��
�
��
�� � �
��
�
���
�
�
�
�
�
�
�
�
�
�� ��
��
�
���
�
�
�
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�
�
�
�
��
��
���
��
���
�
� ��
�
�
��
�
�
�
�
��
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� � � ��
�
�
��
� ��
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
��
��
�
��
�
�
�
� ��
�
�
�
�
�
�
�
��
���
�
�
�
�
�
�
��
��
� �
�
�
�
�
�
�
�
�
����
�
�
�
��
� � ��
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
���
�
�
�
�
�
��
�
�
��
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
��
��
�
� �
�
�
�
�
��
�
��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
���
�
�
�
�
�
�
�
��
�
�
�
�
� �
�
�
�
�
�
�
��
�
�
�� � ��
�
�
��
�
��
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� ��
�
�
�
�� � � � �
�
�
� �
�
�
�
�
��
��
�
��
��
�
��
�
�
�
�
�
�
�
� �
�
�
�
�
�
�
�� ��
�
�
��
���
��
�
��
�
�
��
�
�
�
�
�
�
�
�
� �
�� �
��
�
�
�
�
�
�
�
�
�
����
��
�
�
�� �
�
�
�
�
�
�
�
�
�
�
��
� ��
��
����
��
����
��
�
� ��
��
�
�
�� �
�
�
��� � �
�
�
�
��
�
�
�
���
� �
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
���
�
�
�
�
�
�
�
�
�
�
�
��
���
�
�
�
�
���
�
� �� ��
�
�
� �
��
�
�
�
�
� �
� �
� �
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
�
�
�
� ���� �
��
�
� ���� �
�
�
��
�
�
��
�
�
�
�
�
�
�
��
�
��
�
�
�
�
�
�� �
��
�
�
�
�
�
�
� �
�
�
�
�
� ��
�
�
�
�
�
�
�
�
�
�
��
�
�
�
���
� ��
�
��
��
�
�
�
�
�
�
�
�
�
�
�
�
��
��
�
�
��
��
�
�
�
�
��
�
�
�
�
��
�
� �
�
��
�
� �
�
��
�
�
�� �
�
��
� �
�
�
�
��
�
�
�
���
� �
��
�
�
�
�
�
�
��� �
��
�
�
�
�
��
�
�
��
�
��
� ��
�
�
�
�
��
�
�
� �
���
��
�
�
�
�
�
��
� ��
��
�
�
� �
�� �
� �
�
� �
�
�
�
�
�
�
�
�
�
�
� �
�
� �
��
� �
�
�
�
�
��
�
�
��
�
�
�
�
��
�
�
�
�
�
�
�
�
�
��
�
�
�
�� � ��
�
�
� �� �
�
�
��� � �
�
�
�
�
��
�
���
�
��
�
�
�
�
�
�
�
� �
�
��
���
�
�
�
�
��
�
�
�
��� �
�
�
�
�
�
�
� �
�
�
�
�
�
�
��
�
�
�
�
��
� ��
�
��
��
��
�
��
� ��
�
�
�
�
��
�
�
�
�
� �
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�� ��
�
�
�
�
��
�
�
�
��
�
��
�� ��
�
�
�
��
�
�
���
���
�
�
�
�
�
�
� �
�
�
�
�
�
�
� � ��
���
���
�
�
�
� �
�
� �
�
�
�
�
�
�
� ��
�
�
�
��
��
��
�
�
�
� �
�
�
�
��
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�� ��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
��
��
�
�� �
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� � �
��
�
�
�
�
� �� �
�
�
�
�
�
�
�
�
��
�
�
��
�
��
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
��
� �
�
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
� �� �
�
�
��
�
��
�
�
�
�
�
��
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
���
��
�
�
�
�
�
�
�
� �
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
��
�
�
�
��� � �
�
���
�
�
�
�
�
��
� �
�
�
�
�
�
� ��
�
�
�� �
��
�� ��
�
�
�
�
� �
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
��
���
�
�
�
�� �
�
�
�
�
�
�
�
�� �
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�� �
� �
�
�
��
�
�
�
�
� �
�
�
�
��
� ���
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
� ��
�
�
�
�
� �
�
��
�
��
��
�
�
�
�
�
�� �
��
�
��
� ��
�
��
�
�
�
�
� �
�
�
�
�
�
�
�� � ���
�
�
�
�
�
�
�
�� �
��
�
�
�
�
�
�
�
� �
��
� � ��
��
�
�
�
�
�
� �
�
�
��
��
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
� � ��� � �
�
�
�
�
�
�
�
�
�
�
� �
�
�
� ��
�
�
�
�
��
�� �
�
��
�
��
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�� �
�
� �
�
�
�
�
��
�
�
�
�
�
�� �
�
�
�
�
�
�
�
� �
�
�
� �
�
� �
� ��
�
�
�
� ��
� �
��
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
��
�
�
�
��
�
��
�
�
�
�� �
�
�
�
��
�
�
�
��
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
� �
�
�
�
��
�
�
�
�
�
�
�
�
� �
�
�
�
�
�
� ��
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
��
�
��
��
�
�
� ��
�
�
�
�
�
��
�
�
�
��
�� ��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
��
�
�
�
�
�
�
�
�
� �
��
� �
��
�
�
�
��
�
� �
�
�
�
�
���
�
�
� �
�
�
�
�� �
��
�
� �
��
�
�
� �
��
�
��
�
�
�
�
��
�
�
�
�
��
�
��
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�
��
�
��
�
�
� �
�
�
�
�
�
��
��
��
�
�
��
��
�
�
�
�
�
��
�
�
�
�
��
�
�
�����
�
�
�
�
�
��
��
�
�
�
�
�
��
�
�
�
�
�
�
� ��
�
���
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�
�
�
�
�
��
� �
�
�
�� �
�
�
�
�
�
�
�
�
�
��
�
�
�
�
��
�� �
�
��
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
� ��
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
��
���
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
��
�
�
� ���
�
��� �
��
�����
�
�
�
�
��
��
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
� � �
�
�
� ��
�
�
�
�
�
��
� � � ��
����
�
�
�
�
�
�� � � �
�
�
�
�
�
�
��
�
�
�
�
�
�
�
���
�
� �
�
�
�
��
�
�
��
�
�
��
�� ��
�
�
�
�
��
��
��
��
�
���
�
�
�
�
�
�
�
�
�
�
�
�
�
� �
�
�
�
�� �
�
�
�
�
�
�
�
�
��
�
�
�
�
��
��
�
�
� ��
�
�
�
�
�
�
�
�
���
�
�
�
�
�
�
�
�
�
� �
��
�
�
�
�
�
�
��
�
���
�
�
�
��
��
�
��
�
�
��
�
�
�
�
�
��
�
�
�
�
�
��
� ��
�
�
�
�
�
�
�
�
��
�
�
�
��
�
�
�
�
�
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
�
�
�
�
� �
�
�
�
� �
�
�
�
�
�
�
��
�
�
�
�
�
���
�
�
�
�
� �
�
�
� � ���
�
��
���
�
�
�
�
�
��
��� �
�
�
�
�
�
���
�
�
�
�
�� �
�
�
��
�
�
�
�
�
��
�
�
�
�
�
�
��
�
�
�
�
�
�
�
�
�
�
�
�
��
�
�
� �
�
�
�
�
�
�
��
�
�
�� ��
�� � �
��
��
��
��
�
�
�
� ��
�
� �
�
�
��
�
��
��
��
�
�
�
�
�
�
��
�
�
�
�
�
�
�� �
� ��
��
�
�
�
�
�
��
��
�
� �
�
�
��
� �
�
�
� ���
�
�
�
�
�
�
�
�
�
�� � ��
�
�� � ��
���
� ��
�
�
��
�
�
�
�
�
�
�
�
�
� �
��
�
�
�
�
�
�
� �
�
�
�
�
�
0.00001
0.001
0.1
10
1,000
0.00001 0.001 0.1 10 1,000Monthly count of P2P file sharing per employee
Mon
thly
cou
nt o
f Bot
net i
nfec
tions
per
em
ploy
ee
4
Figure 2. Monthly count of botnet infections to monthly count of peer-to-peer file sharing per employee at analyzed companies.
TOP TORRENTED GAMES TOP TORRENTED APPLICATIONS
1
2
3
4
5
1
2
3
4
5
Grand Theft Auto V
The Sims 4
Mortal Kombat X
FIFA 15
The Witcher 3
Abode Photoshop
Microsoft Office
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows 10
In addition to analyzing malware, BitSight researchers looked at the top torrented games and ap-plications from the 766 analyzed files. When it comes to applications, employees are engaging in “shadow IT” where they are downloading unauthorized programs for work. Also, employees are downloading games while on corporate networks.
Industry Level View of File Sharing
There are significant differences between industry sectors when it comes to file sharing activity. BitSight has identified ten key industries to focus on for this report: Media/Entertainment, Educa-tion, Government, Retail, Energy/Utilities, Manufacturing, Tourism/Hospitality, Legal, Healthcare and Finance. In Figures 3 and 4 readers can see how these industries stack up to one another when it comes to the number of average shared files and the proportion of companies with file sharing activity. The reason we focus on these industries is simple: they are a diverse set of key sectors in the global economy. We have previously released industry level reports that look at overall security performance in some of these sectors. The following section also calls out six of these industries for a closer look at their performance in preventing file sharing.
Finance
Legal
Retail
Healthcare/Wellness
Manufacturing
Media/Entertainment
Energy/Utilities
Government/Politics
Tourism/Hospitality
Education
0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% 55% 60%Proportion of industry with BitTorrent Activity
79.5
28.4
14.8k
135.1
323.4
28.0k
2.8k
3.2k
312.7
1.2k
Legal
Finance
Healthcare/Wellness
Tourism/Hospitality
Manufacturing
Education
Energy/Utilities
Government/Politics
Retail
Media/Entertainment
0k 5k 10k 15k 20k 25k 30kShares per Company
5
Figure 4. The total number of shares for all the companies in each industry divided by the num-ber of companies in each industry over a 6 month period.
Figure 3. Percentage of companies within each industry with any file sharing activity over the last six months.
Room for Improvement in Government and Education
Proportion of Industry with P2P file sharing activity
FINANCE
Industry Security Rating: 716Percent wth File Sharing: 12.5%Avg. Torrents per entity: 79.53
RETAIL
Industry Security Rating: 684Percent wth File Sharing: 22.19%
Avg. Torrents per entity: 14835.28
HEALTHCARE
Industry Security Rating: 634Percent wth File Sharing: 22.36%
Avg. Torrents per entity: 135.12
6
Finance is the top performer of these industries when it comes to preventing file sharing on their corporate networks. When it comes to both propor-tion of entities and average peer-to-peer shares per entity, Finance is diligent in addressing these issues. Due to strong regulations and a culture of security, it makes sense that Finance is the top performer in preventing file sharing. Historically, Finance has had the highest Security Ratings of any industry in our analysis.
When people bring up data breaches, it is often retailers that are the most mentioned companies. After major breaches at retailers like Target and Home Depot, many are skeptical of these compa-nies’ ability to defend themselves against attacks. When it comes to file sharing over the BitTorrent pro-tocol, there is room for improvement; 22% of these companies have file sharing activity present on their networks. When looking at the average number of shares, Retail is one of the worst offenders with 14.8k shares per entity.
Healthcare is a “middle of the pack” performer in file sharing. They have a lower than average num-ber of shares, with only 135 per entity and only 22% of companies in the industry with this activity, only slightly higher than retail. There is still work to be done to bring down the percentage of entities with this activity. Nevertheless, for an industry with a host of issues, as highlighted in our “Is Healthcare the Next Retail?” report, this industry is not the worst offender for torrenting files.
ENERGY/UTILITIES
Industry Security Rating: 652Percent wth File Sharing: 25.38%Avg. Torrents per entity: 2808.70
GOVERNMENT
Industry Security Rating: 688Percent wth File Sharing: 32.85%Avg. Torrents per entity: 3150.46
EDUCATION
Industry Security Rating: 554Percent wth File Sharing: 58.24%Avg. Torrents per entity: 1243.70
7
The Energy/Utility sector experiences file sharing in around 25% of companies, yet the most surpris-ing metric here is the average shares per entity at a high 2.8k. For a highly regulated industry that has to comply with various standards, this was a sur-prising find. In our most recent Insights report, we found that the Energy/Utilities industry was at risk of a breach due to performance metrics gathered by BitSight.
Around 32% of government entities have some form of file sharing activity present on their networks. In addi-tion, the average number of shares per entity is 3.15k. These numbers make this sector, which the federal government as well as local and state municipalities, a poor performer. Government agencies, such as the Federal Trade Commission, have published reports on the dangers of corporate file sharing5. In 2009, there was a bill (H.R. 4098) that attempted to prohibit file sharing by employees of the federal government - yet this bill never made it beyond the House of Rep-resentatives to become law6. Clearly there is work to be done by government organizations to prevent this activity.
Downloading copyrighted media has proven to be a major issue for network administrators in higher educa-tion. While in many instances universities are not lia-ble, there are still legal risks. The Copyright Clearance Center notes that, “universities operating the computer networks over which P2P file sharing occurs may face claims of contributory or vicarious liability arising from the conduct of their students”7. Around 58% of organi-zations in the Education sector have some file sharing observed on their network. Yet, when it comes to shares per entity, the figure is 1.2k. While this is still higher than most industries, it falls below Energy/Utilities and Gov-ernment. Perhaps few students are able to bypass cam-pus restrictions in order to participate in this activity.
File Sharing and Security RatingsBitSight is the only security ratings provider that provides customers with an objective view of peer-to-peer file sharing activity on the their network and the networks of third parties. Currently, BitSight provides this information as a beta risk vector in the product. This means that it is not used in the algorithm that calculates the headline Security Rating for a company*.
After identifying the strong correlation between botnet activity and file sharing activity, BitSight’s Data Science team wanted to look at the relationship between BitSight Security Ratings and file sharing activity (Figure 5). This analysis highlighted a similar finding: in every industry analyzed for this report, there was a significant difference in median Security Ratings for companies with file sharing activity and those without.
*BitSight Security Ratings are calculated using a proprietary algorithm that includes event and diligence factors. The BitSight data science team updates the algorithm on an annual basis to add in beta risk vectors into the rating. Currently, file sharing is not included in the BitSight rating algorithm, although it may be included in the future.
EntitiesWith P2P
File Sharing
EntitiesWithout P2PFile Sharing
Education
Healthcare/Wellness
Tourism/Hospitality
Manufacturing
Energy/Utilities
Government/Politics
Legal
Media/Entertainment
Retail
Finance
400 450 500 550 600 650 700 750BitSight Security Rating
8
Figure 5. Median Security Ratings by industry for companies with peer-to-peer file sharing and those without.
Recommendations for BusinessesIt is clear that the consequences of file sharing on corporate networks go beyond the legal ramifications of downloading copyrighted material. This behavior can also pose a serious secu-rity threat by introducing malicious software to a corporate network. BitSight recommends that security and risk professionals take the following steps to mitigate these risks.
Have a clear policy around file sharing on the corporate network - and enforce it.Many companies explicitly prohibit file sharing activity. Yet the key question for security and risk professionals to ask is: do employees know about this policy? Periodic training and regular updates are key steps to make sure that employees - both veteran and new - are up-to-date on policies and procedures surrounding these issues. If file sharing is allowed for legitimate purposes, ensure that there are policies in place to prevent unauthorized sharing of material.
Configure your firewall to prevent file sharing.If file sharing is not an authorized activity, companies can make adjustments to firewalls to block the sharing of files over these networks. This may be useful for companies that do not use file sharing for legitimate purposes.
Verify file sharing activity with a continuous monitoring tool.Beyond creating policies, companies should actively monitor their networks for evidence of file sharing activity. BitSight provides users with outside-in monitoring of a company’s net-work meaning no information is needed from the rated company, giving security and risk professionals the ability to identify unauthorized file sharing activity on a company network. With User Behavior Forensics, BitSight users are also able to view file names (except for movies) and the source IP addresses. This gives security and risk professionals the ability to verify both authorized and unauthorized file sharing activity on a network.
Look at file sharing activity on the networks of third party vendors and acquisition targets - especially those with access to sensitive company information. Many third party risk teams conduct questionnaires on different security policies and prac-tices at an organization. Beyond asking vendors to actively prevent this behavior, third party risk teams should also invest in verification tools to ensure that vendors are adhering to their stated policies. For companies looking to acquire other companies, there should be a re-view of file sharing activity on the network of the target acquisition.
For more recommendations on steps to prevent file sharing, we recommend the FTC Guidelines that can be found here: https://www.ftc.gov/tips-advice/business-center/guidance/peer-peer-file-sharing-guide-business
9
ConclusionsAs businesses continue to manage the growing threat of cyber data loss, the findings of this re-port are relevant for stakeholders across the enterprise. Beyond the well-publicized legal conse-quences of file sharing activity, this user behavior poses a serious and pressing security issue for many companies. Security and risk professionals can leverage the recommendations within this report across a wide variety of use cases, including:
Benchmarking Security Performance: Understand file sharing activity within a corporate network and reconcile this with internal policies and procedures. Compare a company to industry averages when it comes to file sharing activity. Report these findings to upper level management.
Managing Vendor Risks: Question vendors about file sharing policies and procedures. Verify effectiveness of policies and procedures by using an outside-in view of security per-formance.
Conducting M&A Due Diligence: Look at historical file sharing activity on a potential acqui-sition’s network. Enable them to identify problem areas and address issues before security issues arise - and before a deal is struck.
Underwriting Cyber Insurance: Understand steps an applicant has taken to limit file shar-ing activities and reduce risk. Monitor insureds for changes in volume of files or suspicious downloads such as applications or games.
To learn more about BitSight, you can visit our website at www.bitsighttech.com
ABOUT BITSIGHT TECHNOLOGIESBitSight Technologies is a private company based in Cambridge, MA. Founded in 2011, BitSight Technologies provides businesses with daily security ratings that objectively measure a company’s security performance to transform the way they manage risk.
For more information contact us at:
BitSight Technologies125 CambridgePark Drive
Suite 204 Cambridge, MA 02140
www.bitsighttech.com | [email protected]
MethodologyThe data on peer-to-peer file sharing is collected from index nodes advertising files for down-load from a set of peers. BitSight collects the peer information on a daily basis and uses an internally generated and curated list of public IP mappings for tens of thousands of entities. In order to test for the presence of malware, we collected 497 of the top applications and 269 of the top games and tested for the presence of malware using a well known malware identifica-tion tool. We initially found 221 applications and 131 games labelled as malware, but trimmed that back to 215 and 104 respectively after analyzing the range of responses for likely false positive labels.
Sources1. The Pirate Bay shutdown: The whole story (so far). (n.d.). Retrieved November 17, 2015, from http://www.engadget.com/2014/12/16/pirate-bay-shutdown-explainer/
2. Retrieved November 17, 2015, from https://www.sans.org/reading-room/whitepapers/policyis-sues/peer-to-peer-file-sharing-networks-security-risks-510
3. Retrieved December 2, 2015, from http://www.syssec-project.eu/m/page-media/3/kammerstet-ter-ccs12.pdf
4. Peer-to-Peer File Sharing: A Guide for Business. (n.d.). Retrieved November 21, 2015, from https://www.ftc.gov/tips-advice/business-center/guidance/peer-peer-file-sharing-guide-business
5. Secure Federal File Sharing Act (2010 - H.R. 4098). (n.d.). Retrieved December 2, 2015, from https://www.govtrack.us/congress/bills/111/hr4098
6. The Campus Guide to Copyright Compliance. (n.d.). Retrieved December 2, 2015, from https://copyright.com/Services/copyrightoncampus/other/index.html
7. Vikram Kumar-SAV to SEP. (n.d.). Retrieved November 18, 2015, from http://www.symantec.com/connect/articles/what-do-p2p-applications-do-and-how-block-peer-peer-applications-p2p-using-symantec-endpoin
![out - UNNOCS | Indonesian electronics for Dummies · r.]o.iio..... ri 1. 111. 100 47k *470k . 5,6k . 22k 18k ... 1.2k 100 220 22k a 10k b biook 390„f25v tape ... mag phono tape](https://img.pdfslide.net/doc/110x75/5b31af9c7f8b9aed688b6b7c/out-unnocs-indonesian-electronics-for-dummies-roiio-ri-1-111-100.jpg)
