Hacker News from Y Combinator

Syndicate content
Links for the intellectually curious, ranked by readers. // via fulltextrssfeed.com
Updated: 1 week 2 days ago

Apple Confirms “Back Doors”; Downplays Their Severity

23 July 2014 - 1:00pm

Apple responded to allegations of hidden services running on iOS devices with this knowledge base article. In it, they outlined three of the big services that I outlined in my talk. So again, Apple has, in a traditional sense, admitted to having back doors on the device specifically for their own use. Perhaps people misunderstand the term “back door” due to the stigma Hollywood has given them, but I have never accused these “hidden access methods” as being intended for anything malicious, and I’ve made repeated statements that I haven’t accused Apple of working with NSA. That doesn’t mean, however that the government can’t take advantage of back doors to access the same information. What does concern me is that Apple appears to be completely misleading about some of these (especially file relay), and not addressing the issues I raised on others.

Lets start with pcapd; I mentioned in my talk that pcapd has many legitimate uses such as these, and I have no qualms with Apple using pcapd to troubleshoot issues on users’ devices. Using a packet capture has been documented for developers for a couple of years, but had no explanation for being on every device that wasn’t in developer mode. The problem I have with its implementation, however. In iOS, pcapd is available on every iOS device out there, and can be activated on any device without the user’s knowledge.  You also don’t have to be enrolled in an enterprise policy, and you don’t have to be in developer mode.  What makes this service dangerous is that it can be activated wirelessly, and does not ask the user for permission to activate it… so it can be employed for snooping by third parties in a privileged position.

Now lets talk about file relay. Apple is being completely misleading by claiming that file relay is only for copying diagnostic data. If, by diagnostic data, you mean the user’s complete photo album, their SMS, Notes, Address Book, GeoLocation data, screenshots of the last thing they were looking at, and a ton of other personal data – then sure… but this data is far too personal in nature to ever be needed for diagnostics. In fact, diagnostics is almost the complete opposite of this kind of data. And once again, the user is never prompted to give their permission to dump all of this data, or notified in any way on-screen. Apple insists AppleCare gets your consent, but this must be a verbal consent, as it is certainly not a technological consent. What’s more, if this service really were just for diagnostic use, you’d think that it would respect backup encryption, so that everything coming off the phone is encrypted with the user’s backup password. When I take my laptop to Apple for repairs, I have to provide the password. But Apple apparently has admitted to the mechanics behind file relay, which skip around backup encryption, to get to much the same data. In addition to this, it can be dumped wirelessly, without the user’s knowledge. So why does this need to be the case? It doesn’t. File relay is far too sloppy with personal data, and serves up a lot more than “diagnostics” data.

Lastly, house arrest. I make no qualms with this either, and in fact iTunes and Xcode do use this service to access the documents inside a user’s sandbox, as I mentioned in my talk. As I mentioned in my talk also,  however, it can also be used to access the stateful information on the device that should never come off the phone – Library, Caches, Preferences, etc. This is where most of the personal data from every application is stored, including OAuth tokens (which is just as good as having the password to your accounts), private conversations, friends lists, and other highly personal data. The interface is wide open to access all of this – far beyond just the “Documents” folder that iTunes needs to access new Pages files. This is not a back door, rather a privileged access that’s available here that really doesn’t need to be there (or at least could be engineered differently).

The last thing I’ll mention is this claim that your data is respected with data-protection encryption. The pairing record that is used to access all of this data is sent an escrow bag, which contains a backup copy of your key bag keys for unlocking data protection encryption. So again, we’re back to the fact that with any valid pairing, you have access to all of this personal data – whether it was Apple’s intention or not.

I give Apple credit for acknowledging these services, and at least trying to give an answer to people who want to know why these services are there – prior to this, there was no documentation about file relay whatsoever, or its 44 data services to copy off personal data. They appear to be misleading about its capabilities, however, in downplaying them, and this concerns me. I wonder if the higher ups at Apple really are aware of how much non-diagnostic personal information it copies out, wirelessly, bypassing backup encryption. All the while that Apple is downplaying it, I suspect they’ll also quietly fix many of the issues I’ve raised in future versions. At least I hope so. It would be wildly irresponsible for Apple not to address these issues, especially now that the public knows about them.

Lastly, please remember my talk was titled “iOS Back Doors, Attack Points, and Surveillance Mechanisms”, NOT “iOS Back Doors Written for NSA”. I have outlined some services I believe are back doors (such as file relay), and Apple has all but confirmed this by stating that their purpose is for Apple to access your data (thank you, Apple, for acknowledging that). I have also outlined many things in my talk that are not back doors, but are attack points and (enterprise) surveillance mechanisms that could be taken advantage of. The pcapd and house arrest services certainly make tasty attack points for an attacker, and should be fixed to limit their risk. Back doors aren’t secrets, but they can be dangerous if misused. As I’ve stated before, DON’T PANIC. I have never suggested this was a conspiracy. As usual, the media has completely derailed the intention of my talk.

Respected in his community as an iOS forensics expert, Jonathan is a noted security researcher, penetration tester, and scientist. Author of many books ranging from machine learning to iPhone hacking and software development, Jonathan frequently trains many federal and state law enforcement agencies in digital forensic techniques and assists law enforcement and the military in high profile cases. Jonathan is also inventor on several US patent applications, father of DSPAM and other language classification technology, and an App Store developer. All opinions expressed on this website are the author's own. Follow Jonathan on Twitter: @JZdziarski

A brand new Foursquare, with a brand new logo and look

23 July 2014 - 1:00pm

Everyone explores the world differently – guided by their own unique tastes, their friends, and the people they trust. Local search has never been good at this. It doesn’t get you, and, as a result, everyone gets the same one-size-fits-all results. Why should two very different people get the same recommendations when they visit Paris? Or the same list of places when they’re looking for a bar?  We’re about to change that. In a couple weeks, we’re rolling out a brand new version of Foursquare that’s all about you.  Tell us what you like, and we’ll be on the lookout for great places that match your tastes, wherever you are.

This means a few changes.

  • First, starting tomorrow, we’re moving all check-ins to our new app, Swarm. Don’t worry; all your past check-ins, all your friends, all your photos, they’re all automatically in Swarm.Over three-quarters of you are already on the new app. (Thank you! And keep sending us feedback; we’re hustling on making improvements every day – get a preview of what’s next here) For everyone still using Foursquare to check in, you’ll need to download Swarm to keep checking in.
  • Second, if you build a totally new app, you need a totally new logo. Our logo is changing from the check-in checkmark to something representing the new Foursquare. We designed it to be a mix of map pin and superhero emblem. We’ve always thought of Foursquare as giving you superpowers to explore your city, and our new logo reflects that vision. It’s coming soon to a homescreen near you.

  • Finally, we wanted to give everyone a peek at what’s coming. Here’s what you see when you open the new Foursquare. No two people view the world exactly the same, so no two people will have the same experience with the app. Once you teach Foursquare a couple things about you – add tastes, follow experts, or even just walk around for a few days – the app will be 100% yours.

If you use both Swarm and Foursquare, they work seamlessly together. On the left, a venue page for a person who only uses Foursquare. On the right, there is a check-in button if you have Swarm installed.

This is the beginning of the ‘personalized local search’ future we’ve been talking about since we started Foursquare. It’s been built with the help of our amazing 50,000,000-strong community, with all your tips, check-ins, photos, and the smarts we layered on top of that. Those of you have been with us since the beginning, your check-ins and history will continue to help shape your recommendations. For those of you giving us a try for the first time – you still get all the benefits of a better way to explore any neighborhood, no check-ins required.

We can’t wait to get this in your hands. If you use Foursquare to check in, download Swarm today. And, if you’ve been waiting for real local search, not just the yellow pages on your phone, stay tuned. The all new Foursquare will be here really soon.

Sense – Wake up when it's right for you

23 July 2014 - 1:00pm

Sense includes an ambient light sensor, high sensitivity microphone, temperature sensor, humidity sensor, high quality speaker, proximity sensor, particulate sensor, WiFi and Bluetooth Low Energy.

Hemingway App now available

23 July 2014 - 1:00pm
Hemingway App makes your writing bold and clear

The Hemingway Editor for Mac and PC highlights common errors. Use it to catch wordy sentences, adverbs, passive voice, and dull, complicated words.

Use it anywhere, no internet connection required

Use Hemingway Editor wherever you write—on the train, at the beach, or in a coffee shop with spotty Wi-Fi. As long as you have your computer, you'll have Hemingway.

List of Web Business Models

23 July 2014 - 1:00pm
Business models based on the compiled list at http://news.ycombinator.com/item?id=4924647. I find the link very hard to browse, so I made a simple version in Markdown instead.

Something went wrong with that request. Please try again.

Why I'm Productive in Clojure

23 July 2014 - 1:00pm

18 Aug, 2013

I find that I often get excited about learning a new language, but after I use it for a while it will inevitably lose its lustre. Eventually it becomes just another language in my tool box.

One exception to this rule is Clojure. I still enjoy using the language as much as I did when I first learned it. The reason for this is that it strikes the right balance between power and simplicity.

The Balance of Power

Some languages are simple but they're also verbose. You've probably heard people say that verbosity really doesn't matter. These people will go to great length to point out that all languages are Turing complete and that in certain languages you simply have to write a bit more code.

I think that's missing the point however. The question is not whether something can be expressed in principle. It's how well the language maps to the problem being solved. One language will let you think in terms of your problem domain, while another will force you to translate the problem to its constructs.

The latter is often tedious and rarely enjoyable. You end up writing a lot of boilerplate code and constantly repeating yourself. I hope you'll agree that there is a certain amount of irony involved in having to write repetitive code.

Other languages aren't verbose and they provide many different tools for solving problems. Unfortunately, working in such languages is often akin to trying to decide on a particular set of screwdrivers at a hardware megastore.

You end up comparing this brand against that, checking the number of bits that comes with each set, seeing which one's on sale today, and soon you forget why you wanted a screwdriver in the first place.

The more features there are the more things you have to keep in your head to work with the language effectively. With many languages I find myself constantly expending mental overhead thinking about all the different features and how they interact with one another.

What matters to me in a language is whether I can use it without thinking about it. When the language is lacking in expressiveness I'm acutely aware that I'm writing code that I shouldn't be. On the other hand when the language has too many features I often feel overwhelmed or I get distracted playing with them.

To make an analogy with math, it's nicer to have a general formula that you can derive others from than having to memorize a whole bunch of formulas for specific problems.

This is where Clojure comes in. With it I can always easily derive a solution to a particular problem from a small set of general patterns. The number of things I have to keep in my head is not overbearing.

All you need to become productive is to learn a few simple concepts and a bit of syntax. However, the number of ways that these concepts can be combined to solve all manner of problems appears to be inexhaustible. I've been writing Clojure for years and I discover new ways to combine the things I already know every single day.

Macros are a good example of this. The fact that you can transform the language using itself allows tackling a wide range of problems that would otherwise require a range of specific tools and language features.

Interactive Development

When I'm solving a problem in Clojure I inevitably want to write an elegant solution that expresses the gist of it cleanly and clearly. This is largely due to the fact that the development process is interactive.

When I work with the REPL I can fumble around looking for a solution and make sense of it through experimentation. Once I've internalized the problem I can quickly write a clean solution using my newly gained understanding.

The REPL also helps keep me engaged in trying to find the solution. Being able to try things and get immediate feedback is enjoyable. Even when your code doesn't do what you want you can see the progression and that is often enough of a motivator to keep going.

Another important feature of the REPL is that it encourages refactoring. I'm much more likely to refactor code when I can easily test it without disrupting my workflow.

Finishing Things

Interactivity alone isn't enough however. All the feedback in the world wouldn't make one bit of difference if you couldn't actually solve your problem in a reasonable amount of time.

I find that I have a sharp falloff curve when it comes to staying engaged in a project. You've probably noticed this phenomenon yourself. When you start a project you're excited and you enjoy seeing it take shape.

However, after working on a project for some amount of time the excitement wanes. Eventually, you might even dread having to touch the code again. I find that it's critical to get the core functionality working before I hit this stage.

Once the project solves a particular problem that I have I'll start using it. At this point I get to reap the benefits of having spent the effort on it. This also lets me identify the functionality that I'm missing through usage. There is a lot more incentive to add features to a project that you're actually using.

Most recently I found this to be the case working on Selmer. I was able to implement the base parser in just a couple of days, while cesarbp implemented the logic for the filters.

It took a couple of more days to get the template inheritance logic working. All of a sudden we had a usable library in under a week of effort. I'm already actively using it for actual work and new features are added piecemeal as the need comes up.

Here's the GitHub activity graph for Selmer:

As you can see there's a big initial spike with a very sharp falloff. A similar patten can be seen in my other projects such as clj-pdf and with Luminus:

As the project matures bugs are inevitably found or new features are added, these correspond the occasional spikes in the activity. However, if the initial phase of the project can't be completed in a timely fashion then nothing else can happen.

In my experience, if you can't get something interesting working in a few days the likelihood of actually finishing the project starts rapidly approaching zero.

With Clojure you can get things done fast, fast enough that you get something working while the initial spark of excitement is still present. I would hazard to guess that this is the reason why Clojure has so many great libraries despite being a young language.

tags clojure

July 20, 1969: One Giant Leap For Mankind (2013)

21 July 2014 - 1:00am

[image-47]

July 1969. It's a little over eight years since the flights of Gagarin and Shepard, followed quickly by President Kennedy's challenge to put a man on the moon before the decade is out.

[image-62][image-78][image-94][image-110]

It is only seven months since NASA's made a bold decision to send Apollo 8 all the way to the moon on the first manned flight of the massive Saturn V rocket.

Now, on the morning of July 16, Apollo 11 astronauts Neil Armstrong, Buzz Aldrin and Michael Collins sit atop another Saturn V at Launch Complex 39A at the Kennedy Space Center. The three-stage 363-foot rocket will use its 7.5 million pounds of thrust to propel them into space and into history.

At 9:32 a.m. EDT, the engines fire and Apollo 11 clears the tower. About 12 minutes later, the crew is in Earth orbit. (› Play Audio)

After one and a half orbits, Apollo 11 gets a "go" for what mission controllers call "Translunar Injection" - in other words, it's time to head for the moon. Three days later the crew is in lunar orbit. A day after that, Armstrong and Aldrin climb into the lunar module Eagle and begin the descent, while Collins orbits in the command module Columbia. (› View Flash Feature)

Collins later writes that Eagle is "the weirdest looking contraption I have ever seen in the sky," but it will prove its worth.

When it comes time to set Eagle down in the Sea of Tranquility, Armstrong improvises, manually piloting the ship past an area littered with boulders. During the final seconds of descent, Eagle's computer is sounding alarms.

It turns out to be a simple case of the computer trying to do too many things at once, but as Aldrin will later point out, "unfortunately it came up when we did not want to be trying to solve these particular problems."

When the lunar module lands at 4:18 p.m EDT, only 30 seconds of fuel remain. Armstrong radios "Houston, Tranquility Base here. The Eagle has landed." Mission control erupts in celebration as the tension breaks, and a controller tells the crew "You got a bunch of guys about to turn blue, we're breathing again." (› Play Audio)

Armstrong will later confirm that landing was his biggest concern, saying "the unknowns were rampant," and "there were just a thousand things to worry about."

At 10:56 p.m. EDT Armstrong is ready to plant the first human foot on another world. With more than half a billion people watching on television, he climbs down the ladder and proclaims: "That's one small step for a man, one giant leap for mankind." (› Play Audio)

Aldrin joins him shortly, and offers a simple but powerful description of the lunar surface: "magnificent desolation." They explore the surface for two and a half hours, collecting samples and taking photographs.

They leave behind an American flag, a patch honoring the fallen Apollo 1 crew, and a plaque on one of Eagle's legs. It reads, "Here men from the planet Earth first set foot upon the moon. July 1969 A.D. We came in peace for all mankind."

Armstrong and Aldrin blast off and dock with Collins in Columbia. Collins later says that "for the first time," he "really felt that we were going to carry this thing off."

The crew splashes down off Hawaii on July 24. Kennedy's challenge has been met. Men from Earth have walked on the moon and returned safely home.

In an interview years later, Armstrong praises the "hundreds of thousands" of people behind the project. "Every guy that's setting up the tests, cranking the torque wrench, and so on, is saying, man or woman, 'If anything goes wrong here, it's not going to be my fault.'" (› Read 2001 Interview, 172 Kb PDF)

In a post-flight press conference, Armstrong calls the flight "a beginning of a new age," while Collins talks about future journeys to Mars.

Over the next three and a half years, 10 astronauts will follow in their footsteps. Gene Cernan, commander of the last Apollo mission leaves the lunar surface with these words: "We leave as we came and, god willing, as we shall return, with peace, and hope for all mankind."

The bootprints of Apollo are waiting for company.

Apollo 11 Commander Neil Armstrong working at an equipment storage area on the lunar module. This is one of the few photos that show Armstrong during the moonwalk. Click image to enlarge.

Image Token: 

[image-62]

Smoke and flames signal the opening of a historic journey as the Saturn V clears the launch pad. Click image to enlarge.

Image Token: 

[image-78]

Buzz Aldrin climbs down the Eagle's ladder to the surface. Click image to enlarge.

Image Token: 

[image-94]

Crater 308 stands out in sharp relief in this photo from lunar orbit. Click image to enlarge.

Image Token: 

[image-110]

Calling All Hackers: Help Us Build an Open Wireless Router

21 July 2014 - 1:00am

EFF is releasing an experimental hacker alpha release of wireless router software specifically designed to support secure, shareable Open Wireless networks. We will be officially launching the Open Wireless Router today at the HOPE X (Hackers on Planet Earth) conference in New York City, aiming to bring aboard members of the hacker community. This release is a work in progress and is intended only for developers and people willing to deal with the bleeding edge.

The software aims to do several things that existing routers don't do well—or don't do at all. We are beginning a journey that we hope will attract supporters and fellow travelers to help reach the following goals:

  • Allow small business and home users to easily enable an open network, so guests and passersby can get an Internet connection if they need one, while keeping a password-locked WPA2 network for themselves and their friends or coworkers.
  • Let you share a bounded portion of your bandwidth on the open network, so guest users cannot slow down your Internet connection or use a large portion of your monthly quota.
  • Provide state-of-the-art network queuing, so most users can expect an improved Internet experience—especially with latency-sensitive applications—compared to what commonly available consumer grade routers are delivering today.
  • Offer a minimalist, secure, and elegant Web user interface to set up and configure the router. Advanced, non-minimalist administrative options are accessible by SSH.
  • Advance the state of the art in consumer Wi-Fi router security and begin turning back the growing tide of attacks against them. Most or all existing router software is full of XSS and CSRF vulnerabilities, and we want to change that.
  • Include a secure software auto-update mechanism. In addition to using HTTPS, firmware signatures and metadata are fetched via Tor to make targeted update attacks very difficult.

We are offering this hacker alpha release to engage enthusiastic technical users who would like to help us test, develop, improve, and harden the Open Wireless Router. Currently the software runs on one specific model of hardware (the Netgear WNDR3800) and is based on the CeroWRT project. If you have a WNDR3800 router, you can get the developer preview image here and learn how to flash it here. If you'd like to hack on the code base, you can find code and instructions on building it at Github.

This Open Wireless Router prototype is made possible by the generous contribution of project resources and developers from ThoughtWorks, which came about through their exemplary social impact program. We are also very grateful for assistance from Dave Täht of CeroWRT and the Wi-Fi router hackers at Independent Security Evaluators (ISE).

California's job growth defies predictions after tax increases

21 July 2014 - 1:00am

Dire predictions about jobs being destroyed spread across California in 2012 as voters debated whether to enact the sales and, for those near the top of the income ladder, stiff income tax increases in Proposition 30. Million-dollar-plus earners face a 3 percentage-point increase on each additional dollar.

“It hurts small business and kills jobs,” warned the Sacramento Taxpayers Association, the National Federation of Independent Business/California, and Joel Fox, president of the Small Business Action Committee.

So what happened after voters approved the tax increases, which took effect at the start of 2013?

Last year California added 410,418 jobs, an increase of 2.8 percent over 2012, significantly better than the 1.8 percent national increase in jobs.

California is home to 12 percent of Americans, but last year it accounted for 17.5 percent of new jobs, Bureau of Labor Statistics data shows.

America has more than 3,100 counties and what demographers call county equivalents. Eleven California counties, including Sacramento, accounted for almost 1 in every 7 new jobs in the U.S. last year.

The Central Valley is home to nine of the nation’s 335 largest counties. The data show that all nine counties enjoyed better job growth overall than the rest of America. Sacramento County experienced a 2.7 percent increase, 50 percent better than the national average, as 15,425 jobs were added last year.

Only three California counties lost jobs, a total of 126 fewer positions in sparsely populated Amador, Mariposa and Trinity counties.

These results may surprise those who have heard that tax increases are job killers. Taxes can do that – if what is being taxed directly applies to job creation. For example, a 10 percent increase in payroll taxes (Social Security, Medicare and state disability) would probably hamper job growth, said David Neumark, chancellor’s professor of economics and director of the Center for Economics & Public Policy at the University of California, Irvine.

Neumark said he asks his students, “Does raising income tax rates reduce hiring?”

“The answer is no. What firms care about when deciding how many workers to hire is the marginal product of workers and the marginal cost of those workers. So if you are an employer and your personal income tax rate is increased, that does not raise the marginal cost of your workers, but it may encourage you to work a little less hard,” Neumark noted, applying standard economic theory.

Some research into tax rates indicates that high rates have the opposite effect: People may work harder, trying to make more money to achieve a desired after-tax income and may slough off if tax rates are lowered. This is known to be the case for people who have a savings target for money to leave their children and are subject to estate taxes – they save more to leave the after-tax sum they prefer, but save less when the tax is lowered or no longer applies to them.

The empirical evidence also shows that the best-paying jobs tend to be clustered in states (and countries) with high taxes. The same tends to be true of wealth creators, including the most money-motivated among scientists, and existing wealth holders not actively engaged in business.

Manhattan, home to the highest taxes in America, is also home to many centimillionaires and billionaires drawn by the proximity of other dealmakers, as well as taxpayer-supported amenities such as museums and performing arts halls.

Overall, Manhattan produces far more in taxes than it gets back in federal tax revenues, making it a major profit center from the point of view of Washington and Albany. And its population is at a record high.

Neumark noted that there is one group of million-dollar-plus income Californians who could easily leave – retirees.

“If you have a California business, it’s pretty hard to leave or to move the business, and costly, too,” Neumark said.

Only one in 500 American taxpayers, about 300,000, reports a total income of more than $1 million, and 82 percent of them earn a salary, IRS data shows.

Another factor is what economists call aggregate demand: the total capacity to pay for goods and services. When the economy collapsed in 2008, it hit hard at construction as property values plummeted, but mortgage debt did not, and at retail, where many young people get started working.

How taxes are spent is also crucial to the effect on jobs. Increasing taxes can, in some cases, encourage job growth.

Highly skilled and educated workers tend to place a high value on commonwealth amenities, such as quality public schools and colleges; extensive parks; honest and reliable law enforcement; as well as fast-responding ambulance and fire suppression services.

Daniel Wilson, a Federal Reserve Bank economist in San Francisco, has been studying the job migration patterns of so-called star scientists, especially those who hold many patents.

His preliminary data show a tendency for such star scientists to move to Washington state, which has no income tax, but not to Texas, which also does not tax incomes. That seems to indicate a preference among such high performers for public amenities and, perhaps, the climate and outdoor options of the West Coast.

Wilson noted that New York, New Jersey and Massachusetts, all high-tax states, also attract star scientists, lending more credence to the idea that commonwealth amenities are valuable to such workers.

The economic revival in California also partly reflects a tendency for otherwise sound economies, when they are at peaks or troughs, to move toward the average performance of all states with sound economies. California fell harder than average so it is rebounding more.

California has a more volatile economy than most of the country. Aerospace, for example, took a big hit after the Berlin Wall came down, and the state has repeatedly experienced other ups and downs larger than the changes in the national economy.

But as long as the California economy remains vibrant – as long as it does not fall into a pattern of fundamental decline the way Michigan has, for example – the temporary tax increases voters approved in 2012 are unlikely to damage economic growth even if they are made permanent.

Spending more money on university-based research and making it easier for star students to get college and graduate degrees by lowering or eliminating tuition could spur the California economy by attracting and retaining more smart and ambitious young people whose success is likely to generate future growth. Creating barriers for them, such as tuition hikes, would create a long-term drag on the economy.

So next time someone tries to tell you that raising income taxes will destroy jobs, tell them the evidence just does not support that claim.

David Cay Johnston, a California native who won a 2001 Pulitzer Prize for his coverage of tax policy, teaches the tax, property and regulatory law of the ancient world at Syracuse University College of Law. He recently completed two years as president of the 5,000-member Investigative Reporters and Editors association.

Read more articles by David Cay Johnston

Level-Up Your Machine Learning

21 July 2014 - 1:00am

Since launching Metacademy, I've had a number of people ask ,

What should I do if I want to get 'better' at machine learning, but I don't know what I want to learn?

Excellent question! My answer: consistently work your way through textbooks.

I then watch as they grimace in the same way an out-of-shape person grimaces when a healthy friend responds with, "Oh, I watch what I eat and consistently exercise." Progress requires consistent discipline, motivation, and an ability to work through challenges on your own. But you already know this.

But why textbooks? Because they're one of the few learning mediums where you'll really own the knowledge. You can take a course, a MOOC, join a reading group, whatever you want. But with textbooks, it's an intimate bond. You'll spill brain-juice on every page; you'll inadvertently memorize the chapter titles, the examples, and the exercises; you'll scribble in the margins and dog-ear commonly referenced areas and look for applications of the topics you learn -- the textbook itself becomes a part of your knowledge (the above image shows my nearest textbook). Successful learners don't just read textbooks. Learn to use textbooks in this way, and you can master many subjects -- certainly machine learning.

In this brief roadmap, I list a few excellent textbooks for advancing your machine learning knowledge and capabilities. I picked these texts after consulting with fellow graduates students, postdocs, and professors at UC Berkeley -- my own experience played a role as well. This list is purposefully sparse. Having 20 textbooks thrown at you is useless.

Also, if you want alternative learning resources, Metacademy is at your disposal as are all of these textbooks.

My sister, an artist and writer by trade, asked me how she could understand the basics of data science in a nontrivial way. After reading several introductory and pop books in this area, I recommended Data Smart. My sister was able to work through it, and in fact, the next time I saw her we had a delightful conversation about logistic regression =).

Expectations: You'll understand some common machine learning algorithms at a high-level, and you'll be able to implement some simple algorithms in Excel (and a bit in R if you get through the entire book).

Necessary Background: basic Excel familiarity -- this book is a great starting point if you don’t have a CS/math-based background. Plus, it's not nearly as dry as a typical textbook.

Key Chapters: It's a short read, and every chapter is fairly illuminating -- though, you can skip the worksheet examples, and chapters 8 and 10 if you're interested in a basic overview.

Capstone Project: Using this dataset see if you can predict the MPG of the car given all of its other attributes. This will test your ability to manipulate data for a desired machine learning task, and also your ability to apply the correct machine learning technique to a somewhat vague problem.

This is an example-laden book for simultaneously learning practical machine learning techniques and the R programming language. I'm a long time Scipy user, but after finishing the first few chapters (and remembering that R packages are so damn simple), I've mostly been turning to R for quick analyses.

Expectations: You'll be able to recognize when fundamental machine learning algorithms apply to certain problems and implement functioning machine learning code in R

Necessary Background: No real prerequisites, though the following will help (these can be learned/reviewed as you go):

  • some programming experience [in R]
  • some algebra
  • basic calculus
  • a little bit of probability theory

Key Chapters: It's a short book, and I recommend all of the chapters -- be sure to actually think through the examples (and type them into R). If you're looking to shave off some time, you can safely skip chapters 8 and 12.

Capstone Project: Using this dataset see if you can predict the food ratings given all of the other attributes. Use three different machine learning techniques for this task, and justify your top choice. Also, build a classifier that predicts whether a review is "good" or "bad" -- you should use reasonable "good/bad" thresholds. This will test your data munging capabilities, your strategy for analyzing a larger dataset, your knowledge of machine learning techniques, and your ability to write analysis code in R.

This stage separates those with a surface-level understanding from those with rigorous, in-depth, knowledge. It starts getting mathy at this stage, but if you plan on making machine learning a substantial part of your career, you'll have to cross this bridge. PRML is the classic bridge. Use it. Read it. Love it. But keep in mind that a Bayesian perspective isn't the only story (Bishop strongly tends towards the Bayesian approach to machine learning).

Expectations Be able to recognize, implement, debug, and interpret the output of most off-the-shelf machine learning methods. Also, you should have an intuition about which advanced ML concepts to investigate for a given problem. Practicing data scientists should at least be at this level.

Necessary Background: you should be comfortable with off-the-shelf clustering and classification algorithms linear algebra: understand matrix algebra and determinants some multivariate and vector calculus experience -- know what a Jacobian is some machine learning implementation experience in R, Matlab, the SciPy stack, or Julia.

Key Chapters: Know and love chapters 1-12.1. Chapters 12.2 - 14 can be consulted as you need them.

Capstone Project: Implement the Online Variational Bayes Algorithm for Latent Dirichlet Allocation and analyze a large corpus of your choosing. Verify that your LDA implementation is correct. This will test your ability to understand and interpret cutting-edge machine learning algorithms, approximate and online inference techniques, as well as your implementation chops, your data munging abilities, and your ability to define an interesting application from a vaguely defined problem.

Note PRML spends quite a bit of time on Bayesian machine learning methods. If you're unfamiliar with Bayesian statistics, I recommend studying the first 5 chapters of Doing Bayesian Data Analysis

There's a number of subjects you may want to study in depth at the master level: convex optimization, [measure-theoretic] probability theory, discrete optimization, linear algebra, differential geometry, or maybe computational neurology. But if you're at this level, you probably have a good sense of what areas you'd like to improve, so I'll stick with the single book recommendation. Probabilistic Graphical Models: Principles and Techniques is a classic, monstrous tomb that should be within arms length of any ML researcher worth his/her salt =). PGMs pervade machine learning, and with a strong understanding of this content, you'll be able to dive into most machine learning specialties without too much pain.

Expectations: You'll be able to construct probabilistic models for novel problems, determine a reasonable inference technique, and evaluate your methodology. You'll also have a much deeper understanding of how various models relate, e.g. how deep belief networks can be viewed as factor graphs.

Necessary Background: you should be comfortable with most off-the-shelf ML algorithms linear algebra -- know how to interpret eigenvalues multivariate and vector calculus experience some machine learning implementation experience in R, Matlab, the SciPy stack, or Julia.

Key Chapters: Chapters 1-8 cover similar content as Bishop's Pattern Recognition and Machine learning Ch. 2 and 8, but at a much deeper level. Chapters 9-13 contain key content, and Ch. 19 on partially observed data is really helpful. Read Ch. 14 and Ch. 15 when/if they are relevant to your goals.

Capstone Project: At this point, you should be able to define and pursue your own machine learning projects. Perhaps plunge into the world of "big data".

If you've achieved master status, you'll have a strong enough ML background to pursue any ML-related specialization at a novel level: e.g. maybe you're interested in pursuing novel deep learning applications or characterizations? Maybe you should become a Metacademdy contributor?

Tesla Model S overheats tackling Nürburgring

21 July 2014 - 1:00am

Steve Saleen may beg to differ, but the Tesla Model S’s potential as a rewarding track-day car is limited. It’s too heavy, has inert steering feel, and is severely hindered by a lack of mechanical grip, relying instead on complex electrical systems to keep it on the straight and narrow.

Those, at least, are the views of racing driver and Touring Car veteran Robb Holland, who was recently offered the wheel of the electric sedan at the infamous Nürburgring, colloquially known as ‘The Green Hell’.

That Iain Litchfield, the almost equally infamous tuner of Japanese exotica, had suggested there was a ‘a car’ he wanted Holland to take around the circuit had the American racer envisioning something along the lines of a 750hp Nissan GT-R. The Tesla, he writes on Jalopnik, came as an unwanted surprise, although things soon changed.

“Now, I have had the pleasure of driving a huge number of cars, both on the Nürburgring and off, but this would be my first time in a Model S or any fully electric car. And I have to admit I was pretty impressed,” Holland writes.

“Yes, it was heavy. Yes, it had almost no mechanical grip. And yes, the steering was as numb as my jaw after a trip to the dentist. However, considering that the Model S is a brand new car, from a car company that didn’t exist 10 years ago, using technology that had (at the time of founding of the company) never been successfully mass produced on any large scale, I am suitably impressed.”

As for the all important lap time? The Model S went into reduced power mode about a third of the way into the 14-mile lap, something Holland attributes to overheating the battery-pack after asking too much of it. If everything stays cool, however, he reckons a time of around nine minutes is possible, which would put the Tesla alongside some impressive machinery.

More intriguing, though, is the prospect of what Mr. Litchfield intends to do to the Model S. He is, after all, responsible for this.

For even more Tesla Model S news visit our friends at:

Richard is a London-based automotive journalist specialising in future mobility and sustainable design. Having fallen for cars because of the virtues of a particular German flat-six, it's what we'll all be driving next that now interests Richard most. Dream garage: Alfa Romeo GT 1300 Junior and a Detroit Electric SP:01.

Love People, Not Pleasure

21 July 2014 - 1:00am

HTTP/1.1 302 Found Date: Sun, 20 Jul 2014 20:10:29 GMT Server: Apache Set-Cookie: NYT-S=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=www.stg.nytimes.com Set-Cookie: NYT-S=0MMw9EkBXPJavDXrmvxADeHC2C7QTwQLQ9deFz9JchiAIUFL2BEX5FWcV.Ynx4rkFI; expires=Tue, 19-Aug-2014 20:10:29 GMT; path=/; domain=.nytimes.com Location: http://www.nytimes.com/2014/07/20/opinion/sunday/arthur-c-brooks-love-people-not-pleasure.html?_r=0 Content-Length: 0 Cneonction: close Content-Type: text/html; charset=UTF-8 HTTP/1.1 200 OK Server: Apache Cache-Control: no-cache Channels: NytNow Content-Type: text/html; charset=utf-8 Content-Length: 71859 Accept-Ranges: bytes Date: Sun, 20 Jul 2014 20:10:29 GMT X-Varnish: 2010767454 2010759862 Age: 136 Via: 1.1 varnish X-Cache: HIT X-API-Version: 5-5 X-PageType: article Connection: close

Sections Home Search Skip to content Skip to navigation View mobile version SundayReview|Love People, Not Pleasure http://nyti.ms/1rnCr3I See next articles See previous articles SundayReview | Contributing Op-Ed Writer |​​NYT Now Photo

Credit Andrew DeGraff Continue reading the main story Continue reading the main story Continue reading the main story Share This Page Continue reading the main story Continue reading the main story

ABD AL-RAHMAN III was an emir and caliph of Córdoba in 10th-century Spain. He was an absolute ruler who lived in complete luxury. Here’s how he assessed his life:

“I have now reigned above 50 years in victory or peace; beloved by my subjects, dreaded by my enemies, and respected by my allies. Riches and honors, power and pleasure, have waited on my call, nor does any earthly blessing appear to have been wanting to my felicity.”

Fame, riches and pleasure beyond imagination. Sound great? He went on to write:

“I have diligently numbered the days of pure and genuine happiness which have fallen to my lot: They amount to 14.”

Abd al-Rahman’s problem wasn’t happiness, as he believed — it was unhappiness. If that sounds like a distinction without a difference, you probably have the same problem as the great emir. But with a little knowledge, you can avoid the misery that befell him.

What is unhappiness? Your intuition might be that it is simply the opposite of happiness, just as darkness is the absence of light. That is not correct. Happiness and unhappiness are certainly related, but they are not actually opposites. Images of the brain show that parts of the left cerebral cortex are more active than the right when we are experiencing happiness, while the right side becomes more active when we are unhappy.

Photo

Credit Andrew DeGraff

As strange as it seems, being happier than average does not mean that one can’t also be unhappier than average. One test for both happiness and unhappiness is the Positive Affectivity and Negative Affectivity Schedule test. I took the test myself. I found that, for happiness, I am at the top for people my age, sex, occupation and education group. But I get a pretty high score for unhappiness as well. I am a cheerful melancholic.

So when people say, “I am an unhappy person,” they are really doing sums, whether they realize it or not. They are saying, “My unhappiness is x, my happiness is y, and x > y.” The real questions are why, and what you can do to make y > x.

If you ask an unhappy person why he is unhappy, he’ll almost always blame circumstance. In many cases, of course, this is justified. Some people are oppressed or poor or have physical ailments that make life a chore. Research unsurprisingly suggests that racism causes unhappiness in children, and many academic studies trace a clear link between unhappiness and poverty. Another common source of unhappiness is loneliness, from which about 20 percent of Americans suffer enough to make it a major source of unhappiness in their lives.

THERE are also smaller circumstantial sources of unhappiness. The Princeton psychologist Daniel Kahneman and his colleagues measured the “negative affect” (bad moods) that ordinary daily activities and interactions kick up. They found that the No. 1 unhappiness-provoking event in a typical day is spending time with one’s boss (which, as a boss, made me unhappy to learn).

Circumstances are certainly important. No doubt Abd al-Rahman could point to a few in his life. But paradoxically, a better explanation for his unhappiness may have been his own search for well-being. And the same might go for you.

Continue reading the main story

Have you ever known an alcoholic? They generally drink to relieve craving or anxiety — in other words, to attenuate a source of unhappiness. Yet it is the drink that ultimately prolongs their suffering. The same principle was at work for Abd al-Rahman in his pursuit of fame, wealth and pleasure.

Consider fame. In 2009, researchers from the University of Rochester conducted a study tracking the success of 147 recent graduates in reaching their stated goals after graduation. Some had “intrinsic” goals, such as deep, enduring relationships. Others had “extrinsic” goals, such as achieving reputation or fame. The scholars found that intrinsic goals were associated with happier lives. But the people who pursued extrinsic goals experienced more negative emotions, such as shame and fear. They even suffered more physical maladies.

This is one of the cruelest ironies in life. I work in Washington, right in the middle of intensely public political battles. Bar none, the unhappiest people I have ever met are those most dedicated to their own self-aggrandizement — the pundits, the TV loudmouths, the media know-it-alls. They build themselves up and promote their images, but feel awful most of the time.

That’s the paradox of fame. Just like drugs and alcohol, once you become addicted, you can’t live without it. But you can’t live with it, either. Celebrities have described fame like being “an animal in a cage; a toy in a shop window; a Barbie doll; a public facade; a clay figure; or, that guy on TV,” according to research by the psychologist Donna Rockwell. Yet they can’t give it up.

That impulse to fame by everyday people has generated some astonishing innovations. One is the advent of reality television, in which ordinary people become actors in their day-to-day lives for others to watch. Why? “To be noticed, to be wanted, to be loved, to walk into a place and have others care about what you’re doing, even what you had for lunch that day: that’s what people want, in my opinion,” said one 26-year-old participant in an early hit reality show called “Big Brother.”

And then there’s social media. Today, each of us can build a personal little fan base, thanks to Facebook, YouTube, Twitter and the like. We can broadcast the details of our lives to friends and strangers in an astonishingly efficient way. That’s good for staying in touch with friends, but it also puts a minor form of fame-seeking within each person’s reach. And several studies show that it can make us unhappy.

It makes sense. What do you post to Facebook? Pictures of yourself yelling at your kids, or having a hard time at work? No, you post smiling photos of a hiking trip with friends. You build a fake life — or at least an incomplete one — and share it. Furthermore, you consume almost exclusively the fake lives of your social media “friends.” Unless you are extraordinarily self-aware, how could it not make you feel worse to spend part of your time pretending to be happier than you are, and the other part of your time seeing how much happier others seem to be than you?

Continue reading the main story

Some look for relief from unhappiness in money and material things. This scenario is a little more complicated than fame. The evidence does suggest that money relieves suffering in cases of true material need. (This is a strong argument, in my view, for many safety-net policies for the indigent.) But when money becomes an end in itself, it can bring misery, too.

Continue reading the main story

For decades, psychologists have been compiling a vast literature on the relationships between different aspirations and well-being. Whether they examine young adults or people of all ages, the bulk of the studies point toward the same important conclusion: People who rate materialistic goals like wealth as top personal priorities are significantly likelier to be more anxious, more depressed and more frequent drug users, and even to have more physical ailments than those who set their sights on more intrinsic values.

No one sums up the moral snares of materialism more famously than St. Paul in his First Letter to Timothy: “For the love of money is the root of all evil: which while some coveted after, they have erred from the faith, and pierced themselves through with many sorrows.” Or as the Dalai Lama pithily suggests, it is better to want what you have than to have what you want.

SO fame and money are out. How about pleasures of the flesh? Take the canonical hedonistic pleasure: lust. From Hollywood to college campuses, many assume that sex is always great, and sexual variety is even better.

This assumption actually has a name: the “Coolidge Effect,” named after the 30th president of the United States. The story (probably apocryphal) begins with Silent Cal and Mrs. Coolidge touring a poultry farm. The first lady noticed that there were very few roosters, and asked how so many eggs could be fertilized. The farmer told her that the virile roosters did their jobs over and over again each day. “Perhaps you could point that out to Mr. Coolidge,” she told him. The president, hearing the remark, asked whether the rooster serviced the same hen each time. No, the farmer told him — there were many hens for each rooster. “Perhaps you could point that out to Mrs. Coolidge,” said the president.

The president obviously figured these must be happy roosters. And notwithstanding the moral implications, the same principle should work for us. Right?

Wrong. In 2004, two economists looked into whether more sexual variety led to greater well-being. They looked at data from about 16,000 adult Americans who were asked confidentially how many sex partners they had had in the preceding year, and about their happiness. Across men and women alike, the data show that the optimal number of partners is one.

This might seem totally counterintuitive. After all, we are unambiguously driven to accumulate material goods, to seek fame, to look for pleasure. How can it be that these very things can give us unhappiness instead of happiness? There are two explanations, one biological and the other philosophical.

From an evolutionary perspective, it makes sense that we are wired to seek fame, wealth and sexual variety. These things make us more likely to pass on our DNA. Had your cave-man ancestors not acquired some version of these things (a fine reputation for being a great rock sharpener; multiple animal skins), they might not have found enough mating partners to create your lineage.

Continue reading the main story

But here’s where the evolutionary cables have crossed: We assume that things we are attracted to will relieve our suffering and raise our happiness. My brain says, “Get famous.” It also says, “Unhappiness is lousy.” I conflate the two, getting, “Get famous and you’ll be less unhappy.”

But that is Mother Nature’s cruel hoax. She doesn’t really care either way whether you are unhappy — she just wants you to want to pass on your genetic material. If you conflate intergenerational survival with well-being, that’s your problem, not nature’s. And matters are hardly helped by nature’s useful idiots in society, who propagate a popular piece of life-ruining advice: “If it feels good, do it.” Unless you share the same existential goals as protozoa, this is often flat-out wrong.

More philosophically, the problem stems from dissatisfaction — the sense that nothing has full flavor, and we want more. We can’t quite pin down what it is that we seek. Without a great deal of reflection and spiritual hard work, the likely candidates seem to be material things, physical pleasures or favor among friends and strangers.

We look for these things to fill an inner emptiness. They may bring a brief satisfaction, but it never lasts, and it is never enough. And so we crave more. This paradox has a word in Sanskrit: upadana, which refers to the cycle of craving and grasping. As the Dhammapada (the Buddha’s path of wisdom) puts it: “The craving of one given to heedless living grows like a creeper. Like the monkey seeking fruits in the forest, he leaps from life to life... Whoever is overcome by this wretched and sticky craving, his sorrows grow like grass after the rains.”

This search for fame, the lust for material things and the objectification of others — that is, the cycle of grasping and craving — follows a formula that is elegant, simple and deadly:

Love things, use people.

This was Abd al-Rahman’s formula as he sleepwalked through life. It is the worldly snake oil peddled by the culture makers from Hollywood to Madison Avenue. But you know in your heart that it is morally disordered and a likely road to misery. You want to be free of the sticky cravings of unhappiness and find a formula for happiness instead. How? Simply invert the deadly formula and render it virtuous:

Love people, use things.

Easier said than done, I realize. It requires the courage to repudiate pride and the strength to love others — family, friends, colleagues, acquaintances, God and even strangers and enemies. Only deny love to things that actually are objects. The practice that achieves this is charity. Few things are as liberating as giving away to others that which we hold dear.

This also requires a condemnation of materialism. This is manifestly not an argument for any specific economic system. Anyone who has spent time in a socialist country must concede that materialism and selfishness are as bad under collectivism, or worse, as when markets are free. No political ideology is immune to materialism.

Finally, it requires a deep skepticism of our own basic desires. Of course you are driven to seek admiration, splendor and physical license. But giving in to these impulses will bring unhappiness. You have a responsibility to yourself to stay in the battle. The day you declare a truce is the day you become unhappier. Declaring war on these destructive impulses is not about asceticism or Puritanism. It is about being a prudent person who seeks to avoid unnecessary suffering.

Abd al-Rahman never got his happiness sums right. He never knew the right formula. Fortunately, we do.

A contributing opinion writer and the president of the American Enterprise Institute.

A version of this op-ed appears in print on July 20, 2014, on page SR1 of the New York edition with the headline: Love People, Not Pleasure.

More on nytimes.com Site Index

New Super-Black, Light-Absorbing Material Looks Like a Hole in Reality

19 July 2014 - 7:00pm

A British company has produced a "strange, alien" material so black that it absorbs all but 0.035 per cent of visual light, setting a new world record. To stare at the "super black" coating made of carbon nanotubes – each 10,000 times thinner than a human hair – is an odd experience. It is so dark that the human eye cannot understand what it is seeing. Shapes and contours are lost, leaving nothing but an apparent abyss.

If it was used to make one of Chanel's little black dresses, the wearer's head and limbs might appear to float incorporeally around a dress-shaped hole.

Actual applications are more serious, enabling astronomical cameras, telescopes and infrared scanning systems to function more effectively. Then there are the military uses that the material's maker, Surrey NanoSystems, is not allowed to discuss.

The nanotube material, named Vantablack, has been grown on sheets of aluminium foil by the Newhaven-based company. While the sheets may be crumpled into miniature hills and valleys, this landscape disappears on areas covered by it.

"You expect to see the hills and all you can see … it's like black, like a hole, like there's nothing there. It just looks so strange," said Ben Jensen, the firm's chief technical officer.

A sample of the new material. Image credit: Surrey Nanosystems Asked about the prospect of a little black dress, he said it would be "very expensive" – the cost of the material is one of the things he was unable to reveal.

"You would lose all features of the dress. It would just be something black passing through," he said.

Vantablack, which was described in the journal Optics Express and will be launched at the Farnborough International Airshow this week, works by packing together a field of nanotubes, like incredibly thin drinking straws. These are so tiny that light particles cannot get into them, although they can pass into the gaps between. Once there, however, all but a tiny remnant of the light bounces around until it is absorbed.

Vantablack's practical uses include calibrating cameras used to take photographs of the oldest objects in the universe. This has to be done by pointing the camera at something as black as possible.

It also has "virtually undetectable levels of outgassing and particle fallout", which can contaminate the most sensitive imaging systems. The material conducts heat seven and a half times more effectively than copper and has 10 times the tensile strength of steel.

Stephen Westland, professor of colour science and technology at Leeds University, said traditional black was actually a colour of light and scientists were now pushing it to something out of this world.

"Many people think black is the absence of light. I totally disagree with that. Unless you are looking at a black hole, nobody has actually seen something which has no light," he said. "These new materials, they are pretty much as black as we can get, almost as close to a black hole as we could imagine."

MiniLock – File encryption software that does more with less

19 July 2014 - 7:00pm
README

HTTP/1.1 200 OK Server: GitHub.com Date: Sat, 19 Jul 2014 22:09:11 GMT Content-Type: text/html; charset=utf-8 Content-Length: 27411 Last-Modified: Sat, 19 Jul 2014 21:18:50 GMT Expires: Sat, 19 Jul 2014 22:19:11 GMT Cache-Control: max-age=600 Vary: Accept-Encoding Accept-Ranges: bytes

File encryption software that does more with less. Links Pre-Release Software

miniLock is currently audited, peer-reviewed software. However, before a general release, we would like to allow a feedback period. We encourage further review of the software before a release is made for general public use. We hope to provide a public release by August 2014. Our first release platform will be Google Chrome and Chrome OS.

miniLock’s audit documents will be released as soon as the auditing team finishes their editing process (by the third week of July 2014). miniLock also ships with a Unit Test Kit located in test.

0. Overview

miniLock is a small, portable file encryption software. The idea behind its design is that a passphrase, memorized by the user, can act as a complete, portable basis for a persistent public key identity and provide a full substitute for other key pair models, such as having the key pair stored on disk media (the PGP approach).

Advancements in elliptic curve cryptography, specifically in systems such as curve25519, allow us to generate key pairs where the lengths of both public and private keys are relatively very small. This means that public keys become far easier to share (miniLock public keys, called miniLock IDs, fit inside less than half a tweet). This also means that a human-memorizable passphrase of adequate entropy can be used as the basis for deriving a private key.

When first opened, miniLock asks the user for their passphrase which it then uses to derive the user’s private and public keys. Via this model, the user can establish their key pair on any computer that has miniLock installed using only this passphrase, without having to manage key files or identities and so on. Thanks to the small key sizes present in curve25519, we are guaranteed small, easily tweetable public keys and private keys that can be derived from passphrases. miniLock also contains checks to ensure the passphrases entered by the user are of sufficient entropy. miniLock will refuse weak passphrases completely and instead suggest stronger passphrases for use by the user.

miniLock then allows the user to encrypt files to other miniLock users via their miniLock IDs and decrypt files sent to them. miniLock’s encryption format supports encrypting a single file to multiple recipients with a negligible increase in file size. Another feature is that analyzing a miniLock-encrypted file does not yield the miniLock IDs of the recipients, only of the sender.

miniLock file encryption provides both confidentiality and integrity. miniLock uses the TweetNaCL cryptography library, ported to JavaScript, entirely due to its focus on simplicity, auditability and small size. Similarly, miniLock is designed to be as simple, portable, auditable and usable as possible. miniLock also uses scrypt for memory-hard key derivation.

1. User Flow

This section outlines an example user flow in order to help demonstrate how miniLock is supposed to help people.

Alice wants to send a scan of her passport to Bob. Sending it over email would compromise personal information, so Alice decided to first encrypt the scan using miniLock.

Bob opens miniLock and enters his passphrase. miniLock displays his miniLock ID, which is tied to his passphrase and is persistent. He sends Alice his miniLock ID, which looks something like this: O8uUe9I+qIi12pHtEvOOgtD9sYNi4N1QOqBS9N8w51M=

Alice drags and drops her passport scan into miniLock and enters Bob’s miniLock ID as the recipient. She clicks the encrypt button and sends the resulting .minilock file to Bob. Once Bob drags the encrypted file into miniLock, it automatically detects it as a miniLock-encrypted file destined to Bob, and decrypts and saves the passport scan on his computer.

2. Key Derivation

miniLock uses the zxcvbn library in order to impose a strict limit on the amount of detected entropy present in entered passphrases. miniLock will not allow passphrases that fall below the threshold of 100 bits of entropy: if a passphrase of lower entropy is detected, miniLock will refuse it and will not allow access to encryption or decryption functions.

Users are encouraged to use passphrases which are easier to remember but harder to guess. If a user fails to enter a sufficiently entropic passphrase, miniLock will use a built-in dictionary of the 58,110 most common words in the English language to suggest a seven-word passphrase. This gives us a passphrase with approximately 111 bits of entropy, since 581107 ~= 2111.

Once we obtain a suitable passphrase, we hash it using SHA-512 and then derive the user’s 32-byte private key by applying scrypt onto the obtained hash using the following parameters:

  • N = 217
  • r = 8,
  • p = 1,
  • L = 32

The key derivation salt is constant and is composed of the following 16 bytes:

0x6d, 0x69, 0x6e, 0x69 0x4c, 0x6f, 0x63, 0x6b 0x53, 0x63, 0x72, 0x79 0x70, 0x74, 0x2e, 0x2e

Once we obtain our 32-byte private key, the public key is derived for use with the TweetNaCL curve25519-xsalsa20-poly1305 construction.

The user’s miniLock ID is a Base64 representation of their public key, meant to be easily communicable via email or instant messaging.

3. File format

miniLock saves encrypted files as binary blobs with the following format:

Bytes signaling beginning of header Header bytes Bytes signaling ending of header Ciphertext bytes

The beginning of the header is signaled with the following 16 bytes:

0x6d, 0x69, 0x6e, 0x69, 0x4c, 0x6f, 0x63, 0x6b, 0x46, 0x69, 0x6c, 0x65, 0x59, 0x65, 0x73, 0x2e

The end of the header is signaled with the following 16 bytes:

0x6d, 0x69, 0x6e, 0x69, 0x4c, 0x6f, 0x63, 0x6b, 0x45, 0x6e, 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x2e

The header itself is a stringified JSON object which contains information necessary for the recipients to decrypt the file. The JSON object has the following format:

{ senderID: Sender's miniLock ID, fileInfo: { (One copy of the below object for every recipient.) Unique nonce for decrypting this object (Base64): { fileKey: Key for file decryption (Base64), fileName: The file's original filename (String), fileNonce: Nonce for file decryption (Base64), } (Encrypted with shared secret derived from the sender’s private key and recipient's public key. Stored as Base64 string.) } }

Note that in the above header, fileName is padded with the 0x00 byte until it reaches 256 bytes in length. This is done in order to prevent the discovery of the fileName length purely by analyzing an encrypted miniLock file’s header.

4. File encryption

We begin by appending the bytes signalling the beginning of the header to the final encrypted file.

A random 32-byte fileKey and a random 24-byte fileNonce are generated and used to symmetrically encrypt the plaintext bytes using TweetNaCL’s xsalsa20-poly1305 construction.

fileKey, fileNonce and fileName (the file’s intended name upon decryption) are then stored within the JSON header as described in §3. The name of the fileInfo property in which they are stored is a 24-byte nonce, which is used to then encrypt the underlying object asymetrically according to the recipient’s public key(s) using TweetNaCL’s curve25519-xsalsa20-poly1305 construction. This is done once for every recipient. For n recipients, we will obtain n properties of fileInfo with nonces as the property name and a Base64-encrypted object as the property value.

TweetNaCL’s curve25519-xsalsa20-poly1305 construction provides authenticated encryption, guaranteeing both confidentiality and ciphertext integrity.

Finally, we append the bytes signalling the end of the header, followed by the ciphertext bytes.

5. File decryption

In order to decrypt the file, the recipient needs the fileKey and the fileNonce, which are within the fileInfo section of the header. They also will need the senderID property of the header in order to derive the shared secret which can be used to decrypt their copies of the fileKey and fileNonce contained within fileInfo.

If there are multiple properties within fileInfo, the recipient must iterate through every property until she obtains an authenticated decryption of the underlying object. Once a successful authenticated decryption of a fileInfo property occurs, the recipient can then use the obtained fileKey and fileNonce to perform an authenticated decryption of the ciphertext bytes. The recipient then proceeds to remove the padding of 0x00 bytes from fileName in order to obtain the intended file name. The recipient is now capable of saving the decrypted file.

If the authenticated asymmetric decryption of the header object fails, or the authenticated symmetric decryption of the file ciphertext fails, we return an error to the user and halt decryption. No partial data is returned.

6. Key Identity Authentication

In PGP, public keys can be substantially larger than miniLock IDs, therefore necessitating the generation of key fingerprints which can then be used for out-of-band key identity authentication. With miniLock, users are able to authenticate out-of-band directly using the miniLock ID, due to its small length (approximately 44 Base64-encoded characters). Therefore, no specialized key identity authentication mechanism is required.

7. Caveats

miniLock is not intended to protect against malicious files being sent and received. It is the user’s responsibility to vet the safety of the files they send or receive over miniLock. miniLock cannot protect against malware being sent over it.

8. Thanks

Sincere thanks are presented to Dr. Matthew D. Green and Meredith L. Patterson, who gave feedback on an early draft of this document.

Sincere thanks are presented to Dr. Mario Heiderich and his team at Cure53 for their work on performing a full audit of the miniLock codebase. We also sincerely thank the Open Technology Fund for funding the audit.

Sincere thanks are presented to Dmitry Chestnykh for his work on porting TweetNaCL to JavaScript and his general cooperation with the miniLock project.

9. Credits

miniLock

TweetNaCL

TweetNaCL-JS

scrypt

README

HTTP/1.1 200 OK Server: GitHub.com Date: Sat, 19 Jul 2014 22:09:11 GMT Content-Type: text/html; charset=utf-8 Content-Length: 27411 Last-Modified: Sat, 19 Jul 2014 21:18:50 GMT Expires: Sat, 19 Jul 2014 22:19:11 GMT Cache-Control: max-age=600 Vary: Accept-Encoding Accept-Ranges: bytes

File encryption software that does more with less. Links Pre-Release Software

miniLock is currently audited, peer-reviewed software. However, before a general release, we would like to allow a feedback period. We encourage further review of the software before a release is made for general public use. We hope to provide a public release by August 2014. Our first release platform will be Google Chrome and Chrome OS.

miniLock’s audit documents will be released as soon as the auditing team finishes their editing process (by the third week of July 2014). miniLock also ships with a Unit Test Kit located in test.

0. Overview

miniLock is a small, portable file encryption software. The idea behind its design is that a passphrase, memorized by the user, can act as a complete, portable basis for a persistent public key identity and provide a full substitute for other key pair models, such as having the key pair stored on disk media (the PGP approach).

Advancements in elliptic curve cryptography, specifically in systems such as curve25519, allow us to generate key pairs where the lengths of both public and private keys are relatively very small. This means that public keys become far easier to share (miniLock public keys, called miniLock IDs, fit inside less than half a tweet). This also means that a human-memorizable passphrase of adequate entropy can be used as the basis for deriving a private key.

When first opened, miniLock asks the user for their passphrase which it then uses to derive the user’s private and public keys. Via this model, the user can establish their key pair on any computer that has miniLock installed using only this passphrase, without having to manage key files or identities and so on. Thanks to the small key sizes present in curve25519, we are guaranteed small, easily tweetable public keys and private keys that can be derived from passphrases. miniLock also contains checks to ensure the passphrases entered by the user are of sufficient entropy. miniLock will refuse weak passphrases completely and instead suggest stronger passphrases for use by the user.

miniLock then allows the user to encrypt files to other miniLock users via their miniLock IDs and decrypt files sent to them. miniLock’s encryption format supports encrypting a single file to multiple recipients with a negligible increase in file size. Another feature is that analyzing a miniLock-encrypted file does not yield the miniLock IDs of the recipients, only of the sender.

miniLock file encryption provides both confidentiality and integrity. miniLock uses the TweetNaCL cryptography library, ported to JavaScript, entirely due to its focus on simplicity, auditability and small size. Similarly, miniLock is designed to be as simple, portable, auditable and usable as possible. miniLock also uses scrypt for memory-hard key derivation.

1. User Flow

This section outlines an example user flow in order to help demonstrate how miniLock is supposed to help people.

Alice wants to send a scan of her passport to Bob. Sending it over email would compromise personal information, so Alice decided to first encrypt the scan using miniLock.

Bob opens miniLock and enters his passphrase. miniLock displays his miniLock ID, which is tied to his passphrase and is persistent. He sends Alice his miniLock ID, which looks something like this: O8uUe9I+qIi12pHtEvOOgtD9sYNi4N1QOqBS9N8w51M=

Alice drags and drops her passport scan into miniLock and enters Bob’s miniLock ID as the recipient. She clicks the encrypt button and sends the resulting .minilock file to Bob. Once Bob drags the encrypted file into miniLock, it automatically detects it as a miniLock-encrypted file destined to Bob, and decrypts and saves the passport scan on his computer.

2. Key Derivation

miniLock uses the zxcvbn library in order to impose a strict limit on the amount of detected entropy present in entered passphrases. miniLock will not allow passphrases that fall below the threshold of 100 bits of entropy: if a passphrase of lower entropy is detected, miniLock will refuse it and will not allow access to encryption or decryption functions.

Users are encouraged to use passphrases which are easier to remember but harder to guess. If a user fails to enter a sufficiently entropic passphrase, miniLock will use a built-in dictionary of the 58,110 most common words in the English language to suggest a seven-word passphrase. This gives us a passphrase with approximately 111 bits of entropy, since 581107 ~= 2111.

Once we obtain a suitable passphrase, we hash it using SHA-512 and then derive the user’s 32-byte private key by applying scrypt onto the obtained hash using the following parameters:

  • N = 217
  • r = 8,
  • p = 1,
  • L = 32

The key derivation salt is constant and is composed of the following 16 bytes:

0x6d, 0x69, 0x6e, 0x69 0x4c, 0x6f, 0x63, 0x6b 0x53, 0x63, 0x72, 0x79 0x70, 0x74, 0x2e, 0x2e

Once we obtain our 32-byte private key, the public key is derived for use with the TweetNaCL curve25519-xsalsa20-poly1305 construction.

The user’s miniLock ID is a Base64 representation of their public key, meant to be easily communicable via email or instant messaging.

3. File format

miniLock saves encrypted files as binary blobs with the following format:

Bytes signaling beginning of header Header bytes Bytes signaling ending of header Ciphertext bytes

The beginning of the header is signaled with the following 16 bytes:

0x6d, 0x69, 0x6e, 0x69, 0x4c, 0x6f, 0x63, 0x6b, 0x46, 0x69, 0x6c, 0x65, 0x59, 0x65, 0x73, 0x2e

The end of the header is signaled with the following 16 bytes:

0x6d, 0x69, 0x6e, 0x69, 0x4c, 0x6f, 0x63, 0x6b, 0x45, 0x6e, 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x2e

The header itself is a stringified JSON object which contains information necessary for the recipients to decrypt the file. The JSON object has the following format:

{ senderID: Sender's miniLock ID, fileInfo: { (One copy of the below object for every recipient.) Unique nonce for decrypting this object (Base64): { fileKey: Key for file decryption (Base64), fileName: The file's original filename (String), fileNonce: Nonce for file decryption (Base64), } (Encrypted with shared secret derived from the sender’s private key and recipient's public key. Stored as Base64 string.) } }

Note that in the above header, fileName is padded with the 0x00 byte until it reaches 256 bytes in length. This is done in order to prevent the discovery of the fileName length purely by analyzing an encrypted miniLock file’s header.

4. File encryption

We begin by appending the bytes signalling the beginning of the header to the final encrypted file.

A random 32-byte fileKey and a random 24-byte fileNonce are generated and used to symmetrically encrypt the plaintext bytes using TweetNaCL’s xsalsa20-poly1305 construction.

fileKey, fileNonce and fileName (the file’s intended name upon decryption) are then stored within the JSON header as described in §3. The name of the fileInfo property in which they are stored is a 24-byte nonce, which is used to then encrypt the underlying object asymetrically according to the recipient’s public key(s) using TweetNaCL’s curve25519-xsalsa20-poly1305 construction. This is done once for every recipient. For n recipients, we will obtain n properties of fileInfo with nonces as the property name and a Base64-encrypted object as the property value.

TweetNaCL’s curve25519-xsalsa20-poly1305 construction provides authenticated encryption, guaranteeing both confidentiality and ciphertext integrity.

Finally, we append the bytes signalling the end of the header, followed by the ciphertext bytes.

5. File decryption

In order to decrypt the file, the recipient needs the fileKey and the fileNonce, which are within the fileInfo section of the header. They also will need the senderID property of the header in order to derive the shared secret which can be used to decrypt their copies of the fileKey and fileNonce contained within fileInfo.

If there are multiple properties within fileInfo, the recipient must iterate through every property until she obtains an authenticated decryption of the underlying object. Once a successful authenticated decryption of a fileInfo property occurs, the recipient can then use the obtained fileKey and fileNonce to perform an authenticated decryption of the ciphertext bytes. The recipient then proceeds to remove the padding of 0x00 bytes from fileName in order to obtain the intended file name. The recipient is now capable of saving the decrypted file.

If the authenticated asymmetric decryption of the header object fails, or the authenticated symmetric decryption of the file ciphertext fails, we return an error to the user and halt decryption. No partial data is returned.

6. Key Identity Authentication

In PGP, public keys can be substantially larger than miniLock IDs, therefore necessitating the generation of key fingerprints which can then be used for out-of-band key identity authentication. With miniLock, users are able to authenticate out-of-band directly using the miniLock ID, due to its small length (approximately 44 Base64-encoded characters). Therefore, no specialized key identity authentication mechanism is required.

7. Caveats

miniLock is not intended to protect against malicious files being sent and received. It is the user’s responsibility to vet the safety of the files they send or receive over miniLock. miniLock cannot protect against malware being sent over it.

8. Thanks

Sincere thanks are presented to Dr. Matthew D. Green and Meredith L. Patterson, who gave feedback on an early draft of this document.

Sincere thanks are presented to Dr. Mario Heiderich and his team at Cure53 for their work on performing a full audit of the miniLock codebase. We also sincerely thank the Open Technology Fund for funding the audit.

Sincere thanks are presented to Dmitry Chestnykh for his work on porting TweetNaCL to JavaScript and his general cooperation with the miniLock project.

9. Credits

miniLock

TweetNaCL

TweetNaCL-JS

scrypt

How Turbans Helped Some Blacks Go Incognito in the Jim Crow Era

19 July 2014 - 7:00pm

There's a weekly trial on the Internet about who may be stealing culture from whom. Earlier this week, the defendants were Iggy Azalea and white gay men. A while back, it was Macklemore and the Harlem Shakers.

Now, we have come across a story from the Jim Crow era about cultural mimicry between people of color.

i i

hide captionSouth Asian scholar Chandra Dharma Sena Gooneratne wore a turban to avoid anti-black discrimination in the American South.

Courtesy of South Asian American Digital Archive

South Asian scholar Chandra Dharma Sena Gooneratne wore a turban to avoid anti-black discrimination in the American South.

Courtesy of South Asian American Digital Archive

In mid-20th century America, the turban was a tool that people of color used for "confounding the color lines," writes Manan Desai, board member of the South Asian American Digital Archive.

At the time, ideas of race in America were quite literally black and white. In some places, if you could pass yourself off as something other than black, you could circumvent some amount of discrimination. People of color — both foreigners and African-Americans — employed this to their advantage. Some did it just to get by in a racist society, some to make a political statement, and others — performers and businessmen — to gain access to fame and money they wouldn't have otherwise had.

'A Turban Makes Anyone An Indian'

Chandra Dharma Sena Gooneratne was getting a doctorate at the University of Chicago in the '20s. Originally from Ceylon (now Sri Lanka), he traveled around America lecturing on the need to abolish the caste system and on India's push for independence from the British, among other topics.

In a recent article about Gooneratne, Desai notes that visiting scholars from Asia and Africa, like Gooneratne, were startled to encounter anti-black discrimination. But some of these people, who were lugging around colonial baggage from their own countries, found a way around racism.

Gooneratne, for one, used his turban while traveling in the Jim Crow South to avoid harassment, and advised others to do the same, Desai writes.

"Any Asiatic can evade the whole issue of color in America by winding a few yards of linen around his head," Desai quotes Gooneratne as saying. "A turban makes anyone an Indian."

Pause. Let's take care of a couple of housekeeping details: A turban isn't exclusively Indian. It has variations in the Middle East, East Asia and North Africa. But it was seen as a "racial marker" for Indians, Desai notes, and led to acts of violence against Sikh communities in North America in the 19th century. South Asians weren't immune to racial prejudice.

hide captionA newspaper photo of the Rev. Jesse Routté after his "turban trick" in Alabama.

ProQuest Historical Newspapers Archive

The 'Turban Trick': A Political Statement

I spoke with Paul Kramer, a historian and professor at Vanderbilt University, who found that the turban was also used by African-Americans. They sometimes added robes, accents and carefully cultivated personas to bypass segregation laws and other kinds of discrimination.

hide captionThe New York Times picked up the story about Routté's Alabama trip.

ProQuest Historical Newspaper Database

He's written about about a black Lutheran minister, the Rev. Jesse Routté, who pulled off what Kramer calls the "turban trick."

Routté had traveled to Alabama in a turban and robes, put on an accent, and quickly realized that it was quite easy to fool everyone there into thinking he was a foreign dignitary — and to be received as one.

"Then it kind of goes viral in 1940s terms," says Kramer, "where the press picks it up, it becomes this colorful story that people are talking about." When an article appeared in The New York Times, he says, people started pulling up examples of other cases.

"He's not the first person to pull this off," says Kramer, "so it's not entirely a novelty."

But Kramer says Routté is the sole representative of the first category of African-American turban wearers — those who did it to make a political statement.

Routté's experiment began after he traveled to Mobile, Ala., in 1943 for a family engagement. He wasn't happy with how he was treated.

"I was Jim Crowed here, Jim Crowed there, Jim Crowed all over the place," he later told reporters. "And I didn't like being Jim Crowed."

So he went back in 1947, with a plan.

Before he boarded the train to Alabama, he put on his spangled turban and velvet robes. When the train reached North Carolina during lunchtime, Routté walked over to the diner car where the only vacant seat was occupied by two white couples.

One of the men said, "Well, what have we got here?" to which Routté replied in his best Swedish accent (he had been the only black student at a Swedish Lutheran college in Illinois), "We have here an apostle of goodwill and love" — leaving them gaping.

And that confusion seemed to work for Routté on the rest of his trip. He dropped in on police officials, the chamber of commerce, merchants — and was treated like royalty.

At a fancy restaurant he asked the staff what would happen if a "Negro gentleman comes in here and sits down to eat." The reply: "No negro would dare to come in here to eat."

"I just stroked my chin and ordered my dessert," he said.

After he returned to New York, Routté said he felt like "a paratrooper behind enemy lines."

His son Luther Routté is now 74. Both of his parents — prominent in activist communities in Harlem and Long Island — were always doing "social experiments," trying to find solutions to the prejudice they saw in the world. And this experiment exploded the myth that blacks were innately inferior and warranted inferior treatment, he says.

"He didn't change his color. He just changed his costume, and they treated him like a human," says Luther Routté, who has been a Lutheran pastor for 25 years. It "shows you the kind of myopia that accompanies the whole premise of apartheid or segregation."

Through the "turban trick," Routté basically transformed himself from a threat to a guest — black to invisible.

"Foreigners have a kind of exemption" to Jim Crow laws, Kramer says. "They're not going to understand the rules; they're not going to obey the rules."

Maharajas, Rajas And Pandit

The second category Kramer mentions is performers who took on an "exotic" persona — "something that identifies them as foreign and mysterious within American popular culture." These guys had some sort of personal gain in mind.

hide captionA KTTV poster about Korla Pandit says that he was born in New Delhi.

Courtesy of korlapandit.com

There was the Harlem nightclub owner Dicky Wells who called himself the "Maharajah of Hattan" and used to embark on cruises with white patrons to Nassau and Cuba. Joseph Downing, from Illinois, anointed himself "Prince Jovedah de Rajah," a financial adviser to white bankers who used to frequent the most posh hotels in Miami and Palm Beach.

And then there was Korla Pandit.

Pandit was a musician and television personality, regarded by many as a precursor to Liberace. On TV, Pandit would play the Hammond organ while smoke swirled around him. He'd gaze mysteriously into the camera, locking the viewer in a hypnotic embrace.

Newspapers exalted his musical ancestry as the son of a French opera singer and an Indian father hailing from the far-off New Delhi. In Hollywood, he released records, was offered his own TV show and enjoyed a significant fan following. He was the father of the "kitschy, post-war musical genre 'Exotica,' " Desai writes in his upcoming article about Pandit in the Journal of Popular Culture.

There was just one small thing: Korla Pandit wasn't Indian.

He was born John Roland Redd, son of an African-American minister from Missouri. When he moved to California in 1949 and started work at a radio station, it was under the name Juan Rolando.

hide captionAn old magazine cover with Korla Pandit and his family.

Courtesy of korlapandit.com

Freek Kinkelaar, who runs Korla Pandit's website, had never met Pandit, who died a few months before Kinkelaar was able to get in touch with him. Now, Kinkelaar is working with filmmakers to make a documentary about the musician.

Redd, in his Mexican persona as Juan, married a white woman named Beryl in 1944 in Mexico. But soon, Kinkelaar says, in light of reports of aggression against Mexicans, Beryl helped Redd transform from Juan into Pandit — "Indian, perhaps not white, but white enough for the larger audience."

Being "white enough" had its privileges.

"A privilege, if you want to call it that, was also the gaining of a large, predominantly female audience," Kinkelaar says, which he wouldn't have had if he were perceived to be African-American or Hispanic. He was also the first black man to have his own TV show, writes journalist R.J. Smith in Los Angeles Magazine.

And he worked his audience well — with his signature dreamy gaze, his gnomic idioms and his back story that became more and more fantastic, Korla Pandit wove a heady persona, supplementing it with all the tropes and motifs that characterize "exotica" — dancing courtesans and elephants all laced into the imagery.

"Quite dramatically, exotica took its listeners into primitive destinations, far away from the confines of the suburban homes and the living rooms that housed both their record players and television sets," writes Desai. But although he avoided one set of color lines, he stepped into "new ones drawn at the beginning of the Cold War."

How much Pandit actually knew about his adopted identity is anyone's guess.

"I am convinced Korla knew, like most Americans, almost zero about people from India," Kinkelaar says. " 'Exotica' was known as a term; it offered possibilities to Korla and his career; he took them by both hands and nearly drowned."

Pandit did submerge himself in his new identity, so much so that even his license plate read "I AM KP," says Kinkelaar. Even on Pandit's death certificate, which his son signed off on, the race box read "white," signaling the ambiguity with which even his own family regarded his race. (Ironically, in 1923, a U.S. Supreme Court decision restricted South Asian access to citizenship precisely "on the ground that Indians were, in fact, not white," writes Desai.)

Still, for many African-Americans, not being perceived as black was enough at the time — especially those in Kramer's last and most elusive category, but one he thinks was most common.

These were African-Americans who took on this "foreign" avatar not to make a point about segregation, and not to become famous TV personalities, but to avoid everyday discrimination.

The turban made them incognito. "The whole point," says Kramer, "was to kind of wage a whole guerrilla war that would go unseen."

By putting on the turban, they stepped over the color lines put in place by Jim Crow, and walked right into what was then a racial unknown.

Sana'a

19 July 2014 - 7:00pm
07.03.2014

Sana'a

The scariest thing I'll see in Yemen looms up at me before the plane has even landed. I have dozed my way from Abu Dhabi across most of the Arabian Penninsula, including the Empty Quarter, that vast uninhabitable sandbox in the interior were they didn't even bother to put in borders until fifteen years ago. That just looked like storybook desert, although there was an appalling lot of it.

But now the plane is well into its descent to Sana’a, the flaps are coming down, and all I can see below is bare rock from which every trace of sand has been scraped clean by an angry and pitiless wind. At last I understand why it took three billion years for creatures to come out of the sea and colonize the land. One glimpse of these rocks is enough to send anyone flopping back into the ocean, tail tucked between not-yet-evolved legs. Enormous stone fingers point upwards, reaching nearly as high as the plane. Between them are deep scars where water in some inconceivably distant past rushed to get the hell out of this forlorn place. There isn’t the smallest trace of life, let alone human settlement. It is the most pitiless, hostile, and frankly malevolent landscape I have ever seen.

The plane crosses a high ridge and at last, thank God, there are some dark dots of vegetation. Fearless people are irrigating this bit of Lovecraftian madness. The dots turn into rows, then clumps, and soon in places I can see the white scar of a road. The mountains subside into a broad, flat, dun-colored plateau. As the plane dips a wing to begin its final approach, I notice that the monochrome ground becomes boxy and pixellated out towards the horizon, where thousands and thousands of tiny cubes seem to rise out of the desert, as if the Yemeni landscape had a bug in its loader.

The cubes are houses, hundreds of thousands of them, all the same color as the ground. That is my first view of the city of Sana’a.


Sana’a is so strange and marvelous. If Yemen weren't in permanent crisis, the city would be awash in archaeologists, one of whom might even settle the question of how long people have lived here. Like Damascus or Jericho, Sana’a has a credible claim to be the oldest continuously inhabited city in the world. But what truly makes this place unique isn't its age, but its astonishing buildings. Old Sana’a looks like a gingerbread tribute to Manhattan.

While everyone else was content to build mud huts, tents, old caves or other basic dwellings, industrious Yemenis put up skyscrapers using only stone, mud, and lime. Confined by its protective wall from growing outwards, the city instead grew up, a forest of tower houses from five to nine stories high. These beautiful dwellings still stand, an ancient urban landscape where only the satellite dishes and metal water tanks tip you off that you are no longer in the Middle Ages.

It's hard to believe it when you're gasping for breath in a stairwell, but the tower houses of Sana’a are also quite practical. They allowed for a high population density within the city walls, permitted extended families to share a dwelling, and were handy in the real-life tower defense game against the hill tribes whose fondest activity for the past two thousand years has been plundering this lovely city.

Just as odd as the architecture is the city's climate. Tucked into the southwest corner of the Arabian Penninsula, near the mouth of the Red Sea, Sana’a is surrounded by some of the world's hotter deserts. By all rights, it should be a sweltering furnace like Riyadh or Khartoum. But because the plateau it sits on is over two and a half kilometers above sea level, the climate in Sana’a is positively mild. Northern Yemen may be the only place in Arabia where you can wear a sweater in June and live to write about it.

As the landing gear come down, I start to see details down in the streets. The pixel squares resolve into individual houses with chaotically unfinished roofs. Every rooftop has a low wall around it and has been capped off with a little cone of rubble. In between the houses there are long, stalled strings of cars, stretching out for kilometers. “Army checkpoints,” I think, but then I see that each thread of cars ends at a gas station. There are goats in the road, too. With their more flexible fuel requirements, they go where they please.

Right before the runway threshold, the plane passes a graveyard of Hind helicopters, rusted-out jet engines, and other airplane parts. The edge of the runway is lined with still functional helicopters, along with a row of big open hangars, each one sheltering a MiG fighter jet. It is terrifically windy. A vast Yemeni flag snaps in the breeze. Looking out at the barren landscape and tiny terminal, a single question wafts into my mind.

“What the hell am I doing here?”

I've struggled for weeks to come up with a convincing irrationale for my visit, something more persuasive than the truth ("I really want to go"). The best I can do is steal an argument from my tour agency and stress that all the recent kidnappings have happened to Westerners who live in Yemen and have an established routine, not tourists who are tumbling through. I can cite the impressively thorough report on abductions in Yemen as proof that no tourist has been kidnapped since 2010, when two Americans were briefly detained. I can even picture the flipboard at the Yemen Ministry of Tourism:

[1382] days since last tourist abduction. Welcome to Yemen!

But it's possible tourists don't get kidnapped for the same reason there aren't many car accidents on the Moon. The few Westerners who come here tend to confine their visit to the old city, or the unequivocally safe (and remote) island of Soqotra. And there's no rule that prevents the bad people from changing their tactics if they get tired of staking out diplomats and English teachers. Given their scarcity, tourists in Yemen are about as inconspicuous as the Second Coming.

Kidnapping in Yemen used to be more fun. A disaffected tribe with a grievance would grab you for a week, play cards and chew qat, and then return you once the government had made whatever concession they were after. Lately, though, the kidnappers have been selling their victims to the local branch of al-Qaeda. Yemeni al-Qaeda is not particularly stabby, but they are serious about getting good value for abductees, and willing to wait as long as it takes to collect a solid ransom. They've kept some people for years. And they are probably no fun at all to play cards with.

The less vivid, but more likely risk is of just being in the wrong place when something bad happens. Maybe an American drone pilot will be having a rough morning in Nevada. Or maybe I'll be passing a government building as someone is detonating something to make a point. I promise myself to limit my time in the capital, try not to look too American (except from above), and avoid particularly risky spots like the Bab al-Yemen.

As my departure date approaches, I start to wake up with that hollow feeling that the body uses to tell the brain it's doing something stupid. The trip is getting uncomfortably real. Plane tickets are bought for actual money. My visa comes through, removing my best hope for weaseling out without chickening out. And then one bright morning I find myself in Abu Dhabi, overcrowded travel hub to the world, standing at the gate in a line full of grandfathers wearing headscarves. There aren't many of us foreigners on this flight, just an older Filipino man and a young Chinese couple. A woman behind me asks me if she's in the right line for Sana’a. It's the only time on this trip I'll be addressed by a Yemeni woman whose face I can see.

Sana’a International is not a sprawling, perfumes-and-Cinnabon kind of airport. My tour company has told me to look for a visa window as I enter the terminal, promising me it's easy to find. They weren't kidding. The arrivals hall is a single room, with passport booths at the far end and two holes in the wall on the left. The first hole is a currency desk, where a man in a synthetic suit sits quietly with an open briefcase of money in his lap. There is an exchange rate board hanging up, but all the numbers on it read 00.

The Chinese guy approaches me and quietly asks if this is a scam. I'm equally confused, but I figure if they're scamming us already we may as well just empty our pockets. He goes off to confer with his partner while I trade two hundred euro for a small mountain of very dirty green thousand-rial notes. I can see a figure on the baggage claim side of the window waving to get my attention, motioning for me to move to the visa window. My ride is waiting for me!

Showing my ignorance, I attempt to stand in line at the visa hole. Queuing is not done in Yemen; it demonstrates passivity and a shameful lack of seriousness about the task at hand. The correct approach is to press forward and assert your claim as loudly as you can; it's up to other people to shout you down. Friendly hands propel me forward and I shove my passport into the window.

A big fellow in the visa line asks me where I'm from. He's wearing an embroidered skullcap and the Abe-Lincoln-style beard of a devout Salafist.

“I'm American,” I tell him.

“Oh,” he says, visibly surprised.

“Where are you from?”

“Pakistan.”

I shake his hand heartily and introduce myself, and it's only a few minutes later that it occurs to me to wonder what a devout Pakistani dude might be doing in Yemen.

(And some days later, when I've had time to learn that Yemen is full of ancient mosques, and that scholars from all over the world come here to study, I will feel like an ass for assuming that this guy was anything but a religious student. I mention both reactions here to illustrate how useless my gut instincts are before I've even technically entered the country.)

I watch my passport circulate until it emerges from the wall. Yemen has never developed the fetish for bureaucracy that dogs so much of the Arab world. I notice on my visa that they got tired of writing out my name and just stopped halfway through. The border guards stamp me in and release me into the custody of my contact and driver, who have been waiting patiently in the terminal. Five minutes later, I've been bundled into the back of a Land Cruiser and we are heading downtown.


There are about a dozen military checkpoints between the airport and central Sana’a, but getting through them is a breeze. Usually there are three soldiers; one of them pokes his head in the car and Ali the driver says 'guest' or 'tourist'. Another verifies that the back seat is not piled with RPGs; the third dozes in the shade of a nearby armored vehicle. Ali has the checkpoints timed perfectly; he can roll through most of them without stopping.

I never do figure out the Yemen camouflage scheme. Each checkpoint seems to have its own look. Most popular is a 'leopard' camo (bright yellow background with dark shapes), but the visually arresting purple and fuschia combo comes in a strong second. Very occasionally an iconoclast soldier dresses in colors that might be found in nature. The armored vehicles at the checkpoints are similarly festive. Not many of them look ready to swing into immediate action. One APC still has the cover on its gun barrel, hanging off limply like a burlap condom.

In between the checkpoints is a broad road full of traffic, noise, and blowing dust. Pedestrians position themselves like pit crews, ready to ask for alms or sell trinkets whenever the cars slow down. Women in full niqab go from car to car, carrying ill children. Small kids run over trying to sell a box of tissues or a pitiful flower. The traffic never really stops or even forms into recognizable lanes; people just squeeze in and around obstructions as necessary. Whenever we pass a truly epic tangle of cars, it inevitably marks a gas station. None of the pumps are working.

The transition to Old Sana’a is abrupt and astonishing. The ramshackle cinder block buildings turn into iced gingerbread houses, and suddenly I'm in the middle of the pictures that I have admired for so long online. Central casting has even provided a camel; he stands meditating across the street from the hotel.

At the hotel gate I'm introduced to Fouad, my guide, and I have to bodily push him back into the courtyard to avoid breaking the Slavic taboo against shaking hands over a threshold. It's rude and awkward, but I'm in a place where I can't afford to take chances.

The Felix Arabia is the only hotel that is still open in the Old City, and today I will be its only guest. They have graciously put me on the fourth floor, where I'll have views of the entire city, and Fouad waits for me to make the long climb upstairs. I can really feel the altitude; my legs start to wobble after the second flight of stairs, and I have to stop at all the landings to catch my breath.

Fouad is a slight guy around my age, with wide-set eyes and a wispy moustache. He's dressed in a coat and slacks rather than the thawb-and-dagger outfit that most men here seem to favor. Almost as soon as we start walking, he turns to me and asks:

"Tehuzzin?"

"What does that mean?"

"This is an important phrase. It means, do you chew qat?"

"Well of course! When in Yemen!"

We settle on a plan. Fouad will show me the city, we'll have lunch, come back to the hotel, chew some qat, and then take a walk again in the evening when the light is at its prettiest.

Walking around Sana’a as a white dude gives me an inkling of that it's like to be famous. As we follow the narrow streets, I see my own pie-eyed reaction to the architecture reflected in the faces of passing children, who are just as surprised to see a foreigner as I am to see a six-hundred-year-old skyscraper. Adults are more circumspect, but it's obvious that I am attracting attention. Fouad is an excellent minder. He keeps me moving, unobtrusively but efficiently, through little street after little street. A lot of people come up to welcome me to Yemen. Kids and a few adults ask me to take their picture.

It's not any individual building that makes Sana’a so incredible, but rather the cumulative effect. The towers are full of curious details.

From the outside, the buildings look like confectionery. The icing is decorative white trim made from lime. There are some ornamental and structural features that I see again and again. Many houses have a sort of carved stone cage affixed at some of the windows that serves as a cooling station for meat or water. It’s set up so that the breeze will blow through and chill whatever's inside. There is a lot of strategic draught management in Yemeni architecture. While the city can get hot, it is also nearly always windy, and this is fully exploited to keep structures cool.

There are also highly decorated, carved wooden boxes mounted onto some of the higher windows. These were—are—a way for unveiled women to look out into the street without raining shame down upon their household.

(The veiling thing is seriously creeping me out. I've been in Yemen's capital city for hours and I have yet to see a woman's face. They move like black ghosts through the streets of Sana’a, and the niqab works as intended—it's really easy to forget that they're even there. On this one issue I've hit the limits of cultural sensitivity. Carry an AK-47, chew qat, wake me up at four with an ear-splitting call to prayer, I don't care. But this veiling business has got to go.)

Many of the houses have a white vertical gutter coming down from an upper floor, mercifully no longer used, which once served as a sanitation system. The city used to be a far more pungent place. Human waste would be collected, dried, and used to stoke fires in the large Turkish baths, thick hemispherical structures that look like vast bread ovens placed in the landscape.

Near the hotel we pass a large walled garden, about a city block in size. It is divided into numerous small lots. Fouad explains that each tower house got its own allotment of land, to use as a vegetable garden or to grow herbs to sell. The practice is falling into disuse as families move out of the Old City. The ground belongs to the nearby mosque (in a perpetual endowment called a waqf) and the garden is irrigated by water from the ritual ablutions required before prayer. It's a small example of how self-sufficient the city used to be, before half the country tried to move here.

"So what do you think of Sana’a so far?" Fouad asks me.

“It's incredible. I've never seen anything like it. But I am just a little bit afraid.”

He stops and looks at me seriously and says:

“Don’t worry. Don’t worry at all. We are together. If something happens to you today, it will happen to me. If you die, I will die with you!”

I would also have accepted “there's nothing to worry about”, but I'm touched by how seriously he answers me. Life is very difficult for people here right now. There are no jobs, no fuel, and no sign that things might get better. The tourist sector is dead. Walking me around Sana’a today is the first paid work Fouad has had in three weeks. He has more pressing problems to deal with than the vague anxieties of a pampered visitor. But he's looking at me with real concern.

One thing Arab and Slavic cultures share is a belief in the comforts of fatalism. Sometimes it's nice to sink into the inevitable like an overstuffed armchair.

"It's all written up there," I suggest, pointing melodramatically at the sky.

He brightens.

"That's exactly right. Maybe we die today, maybe we live another fifty years. It is already written. Insha'allah."

“Insha'allah”

And he takes me by the arm to go buy some qat.

The qat seller is a gentleman sitting cross-legged with a big black sack on his lap. He opens it to reveal individual bags of leaves, the kind of vaguely salad-like baby greens you would expect to pay twenty dollars for at Whole Foods. Part of the ritual of buying qat is a minute botanical examination of the plant. The seller lets the qat out of the bag long enough for Fouad to reject half a dozen packets. After some back and forth, the price settles at two thousand rials (four bucks) for two bags of young leaves.

Physiologically qat is a stimulant, but in Yemeni culture it plays a social role akin to alcohol. Qat is what you buy for your guests at a wedding. Qat is what you blow your paycheck on. Qat is what keeps you out late with your good-for-nothing friends. You can chew qat alone, but the best way to enjoy it is with a group of other men, seated together in a mufraj (the Yemeni lounge and chillout room). Ideally you set aside a block of four or five hours in the afternoon to get nice and lit. People who can rarely afford qat might stay up all night to chew it, minds racing. Habitual users usually start their session after lunch and spit out the wad before bedtime. You're not supposed to chew qat on an empty stomach, and since you can't really eat (nor do you feel hungry) once there is a big lump of the stuff in your cheek, it's normal to wait to chew until after the big meal of the day.

We take our new stash to a restaurant, a big tiled room with one wall open to the street. Women are selling fresh-baked bread in the doorway, and Fouad buys us two disks the size of manhole covers, thin and still very hot. Yemeni bread is unbelievably tasty for the first hour after baking; after that it turns into a regular kind of chewy pita. A cookpot the size of my first apartment simmers away on a platform by the entrance.

The restaurant is dark, dirty, and minimally furnished. There’s a jerry can of water at each table, but Fouad warns me not to drink it. It is for Yemeni stomachs only. While he's off finding me bottled water, the waiter brings over a little boiling iron cauldron of saltah, the Yemeni national dish. There's a yellow foam on top that looks like melted cheese.

Saltah is a meat stew. The yellow foam is whipped fenugreek (hilbeh), a bitter and mucilaginous herb that people tell me is an acquired taste. It is supposed to do wonders for the digestion. The server brings us several bowls of room-temperature broth that we can pour into the cauldron to moderate the boiling.

The protocol in Yemen is to eat with your right hand. The bread serves as a heat shield for the fingers, and you depth-charge your way in and try to grab pieces of meat without scalding yourself or your neighbors. Maybe we eat the fenugreek layer first, or maybe I adjust to the taste and start to like it, but by the end the meal is delicious.

On my way out, my path is blocked by some other diners, who are calling out to me. It takes me a second to process what's going on.

"Please take our picture. Welcome to Yemen!"

This kind of thing happens everywhere. I can't overstress how welcoming the men in this city are to visitors. Yemenis love their country, and they show great affection to those who make the effort to come see it.

After lunch, a man's fancies naturally turn to tea. Fouad asks me if I want to sit and drink at a tea stand, or take the stuff to go in a plastic cup. We're very close to the Bab al-Yemen, the main gate where the Old Town connects to the heart of the road network in the new city, the one place in Sana’a that I don't care to linger. So I suggest we drink on the run. Like an idiot, though, I reach for an actual glass of tea instead of the plastic cup that has been poured for me.

It's a beautiful day. It feels frankly foolish to be worried here, like some hayseed in New York City terrified he'll be mugged the second he sets foot in Times Square. The mood on the street is the opposite of tense. People are strolling comfortably along the broad plaza, and the Bab al-Yemen itself is lovely, a striped layer cake of colored stone. I sit, grin, and silently burn my mouth in my haste to get through that damned cup of tea.

The hotel has a mufraj right off of the reception desk and for the moment, we have the space to ourselves. Fouad shows me how to relax in the Yemeni fashion: you lie on your side, with your elbow on a bolster, and place one foot on top of the other so that one knee points upwards in a kind of jaunty Tom Selleck pose. It's important not to point the soles of your feet at people. Yemeni men have all kinds of techniques (which I mercifully don't have to master) to avoid upskirt situations while sitting or reclining.

The qat lesson is easier than the sitting lesson. You chew the leaves and softer stems down to a pulp, then push that mass into your cheek. The thicker stems go in the trash. You let the chewed-up leaves sit in your cheek and work their magic.

The hotel manager walks in on us and chastises Fouad for letting me eat qat out of a plastic bag. This is no way to introduce a stranger to qat! He takes my stash and brings it back a minute later, washed and neatly arranged in a cloth.

Qat is no taste sensation. You can enjoy a similar experience at home by sprinkling Sanka on a houseplant. There's a definite astringency to the leaves that makes me pucker my mouth and have to take many tiny sips of water. But it's also not particularly vile, nowhere near as bad as tobacco.

"How do you like it?" Fouad asks.

"It's not as good as the fenugreek," I tell him. He clicks his tongue impatiently and tells me to wait an hour. "You'll be flying like a bird!"

Some of the other hotel staff are starting to arrive, each man with his own bag of qat in his hand or tucked into his shirt. One thing I quickly come to love about Yemen is the absence of small talk. People may eventually ask you where you're from, what you do, and even what you think about the weather, but not before they've tried you out in some real conversation.

Topics under discussion today include the World Cup, the economically devastating expulsion of Yemeni workers from Saudi Arabia in 1991 (when Yemen's president rashly backed Saddam Hussein), the wisdom of the adage ‘give praise in public, criticize in private’, and whether or not it's an insult to praise the beauty of a foreign man's wife in his presence. This last point is raised by the desk clerk, who has learned to say “your wife is very beautiful” in five languages and argues passionately that there's nothing unseemly about stating facts.

The conversation ebbs and flows. These guys spend every afternoon together, there is no time pressure. People ebb and flow too; sometimes a man will come in and just sit for a while without speaking, then leave the room. Women chew qat as well, but they do it in their own world, which I will never get to see.

At one point when it's just me and Fouad again, he says:

“You know how you've been saying today you're Polish and American?”

“Yes?”

“Maybe as you travel outside Sana’a, don’t talk about living in America. Maybe it’s better to just say you’re Polish.”

“Is it dangerous to say I’m American?”

“No, no, it’s fine. There’s no danger. Just for some people, maybe it’s better if you say Poland.”

“Thanks, Fouad.”

“No problem.”

The afternoon light has turned Sana’a into a different city, and I'm on the right drug to appreciate it. The slanting rays bring out all kinds of detail in the buildings, and the qat is making me feel chatty. Only the difficulty of Arabic grammar keeps me from talking Fouad's ear off. Every man we pass is boasting a golf-ball sized lump of qat in his cheek, and it's comforting to know that in this small way, I fit in.

Most of the men I see on the street are wearing either a thawb or a shirt with sarong-like skirt that wraps around the hips. They also wear a Western-style suit jacket, which gives them a curiously elegant and formal look. Nearly every man wears a jambiyah, the curved ceremonial knife so emblematic of the country, positioned right at navel height. The women, as I've said, are uniformly veiled in black.

Fouad takes me into a tower house that has been restored and set up as a kind of museum. On the ground floor are the three things every tower house required: a grain store, a mill wheel, and a well. The second floor has a kitchen. The third floor has a film crew. They are shooting a period soap opera and are very unhappy with our presence. Ramadan is coming up, the biggest month for television in the Arab world, and they are on a tight schedule. We negotiate passage to the upper floors with the promise that we'll be quiet and leave almost immediately.

Before the days of television crews, the lower residential floors were reserved for womens' quarters, the men lived above them (of course), and the top room in the tower was set aside for an opulent mufraj, with cushion-lined walls, elegant teapots and panoramic views of the city. In between some landings there are cubbyholes that look big enough to hold a large dog. This is where servants would curl up to sleep.

There are some clever details to these houses. The windows are set low to the floor to keep the sun from heating up the rooms too much at midday. Above them are beautiful semicircles of stained glass, called moon windows. Many of the windowpanes in the stairwells are made from alabaster instead of glass, preserving privacy while letting in a beautiful white light.

There's even a neat system for storage. "Closets" and pantries are recesses in the wall up near the ceiling. To get to them, you pull out sliding planks mounted into the walls that form a little temporary staircase.

From the roof, the city is breathtaking. I mean that literally. I am gasping from the altitude, and it doesn't help that the steps in these houses are so exceptionally steep. I enjoy the view in every direction while Fouad points out the highlights. The gigantic, kitschy mosque in the distance was built by Yemen's former strongman Saleh, to make sure the country would always remember him. It's rumored to be full of weapons, and there's even said to be a tunnel connecting it to the presidential palace. Saleh's old buddies refuse to let the army come inside. Closer in is the Ministry of Defense, where fifty-six people died in a bomb attack in December. And just over this nearby rooftop is the American embassy, which was attacked by a mob in late 2012. At this point Fouad has to take a call, and I am relieved to have him stop pointing things out.

Sana’a is a city full of problems, but the biggest problem is hiding under our feet. That well in the basement is never going to draw water again. Sana'a is on the point of running completely dry.

There are no rivers in Yemen. Sana’a used to get by with wells, but back then Sana'a was a much smaller city. In modern times, the population has exploded, from sixty thousand residents in the nineteen forties to estimates of over two million today (the country is too broken for an actual census). The days when you could sink a well from your basement are long gone.

In the seventies, you might hit water after drilling a few dozen meters. Today there are wells going dry that are over a kilometer deep. The water table is dropping by two meters a year. The city is drinking fossil water deposited thousands of years ago, and what's worse, using it for agriculture. Part of the urgency in my trip is the worry that there won't be a city to visit for much longer.

In a less broken country, the water crisis would dominate every facet of public life. In Yemen, public life is a joke. The government is so corrupt and paralyzed by crisis that it can't perform the most basic tasks. The city's wells are completely unmonitored; no one even knows how many there are. Private owners will keep drilling for as long as they can, but at some point even the deepest wells are going to run dry. And then something awful will happen.

Old Sana’a may survive as some kind of a museum exhibit, but in a matter of years (not decades) the rest of this vast city will have to move or die. The situation is so dire that the previous government seriously considered moving the capital to the stifling Red Sea coast, or somehow piping desalinated water over the three kilometer high mountains that separate the capital from the coast, at inconceivable expense.

It's hard to look at a city this old and imagine it could just go away. But the numbers don't add up. There isn't enough water here for two million people. There certainly isn't enough water for two million people and agriculture. But how do you tell a desperately poor farmer to stop growing qat? And who is going to make him listen?


The streets have grown livelier now that the sun is not so high. The market is filling up with silent black ghosts. Most of them have toddlers in tow. Fouad takes me through the pungent spice market to the large Souq al-Milh (salt market) where everything is on sale, from men's decorative daggers to textiles to cookware. This is technically the most touristed spot in Yemen, yet there's not a single t-shirt store or even postcard stand in the place.

Having just come from Morocco, I'm used to mild commercial harrasment and the kind of instant street friendships that end with one party bringing home a carpet. So Sana’a really puts me off my stride. Merchants who yell out 'hello' really just want to say hello. If I stop and engage them, they ask me where I'm from, welcome me to Yemen, and send me on my way. A lot of people insist I take their picture with no expectation that they'll ever get to see it themselves. It's a upside down world for a tourist.

Watching Fouad teaches me how to move through public spaces. You never stop to let people through; you just adjust your pace and path to squeeze by as necessary. People in tight spaces will flow like a liquid, and it turns out that if everyone presses forward, the system works. The only way to screw up is by being unpredictable in your movements, or trying to apologize. People who need to get through more urgently will yell or honk as they're coming up behind you. Tomorrow I'll learn that this system applies also to driving, and works just as well. For now it's enough to experience it on foot.

We stop in at the Great Mosque, the only place that I don't feel fully welcome. I am only allowed to step onto the threshold. Fouad urges me to take a picture, though I would prefer not to. Someone bumps my knees with the shoes they're carrying in their hand; I can't tell if it's a passive-aggressive gesture or not, but I'm happy to move on. The Great Mosque is more impressive for its antiquity than its appearance; like many of the earliest mosques, it is very plain and somewhat blocky. This one was built while Mohammed was still alive. I look up with apprehension at the massive loudspeakers on the minaret, pointed directly at my hotel room.

We stop at this great little cafe—you've probably never heard of it—that used to be a caravansarai. The building is an old courtyard where merchants coming in from the city would tie up their camels and rest. Now a man in the doorway makes the most delicious coffee I have ever had, a kind of Yemeni frappucino with evaported milk, cinnamon, cardamom, sesame, and a whole lot of sugar. And here is a pair of European tourists, the only sighting of the day! Russians! For whatever reason, only the former Warsaw Pact and Italy are still visiting Yemen. Even the Germans, normally hard to rattle, have moved on.

Like a gentleman, Fouad gets me back to the hotel before nightfall, and I have the chance to survey the place. There is a Russian book on the table—Mohammed, Prophet of God. A sign in the bathroom reminds me in English that I am in a "traditional Moslemic society" and should take care not to parade naked in front of the low windows where half of Sana’a can see me.

My last appointment of the day is down in the courtyard, with Tina Zorman, who along with her husband runs the tour operator Eternal Yemen. The days when you could travel in Yemen by yourself are gone, and now every foreigner needs an itinerary, a driver, and a security escort, all approved by the Ministry of Tourism. Tina is coming to brief me about my itinerary and answer my questions before sending me out into the countryside.

I have been looking forward to our conversation, hoping a fellow Slav might help me get my bearings and give me a culturally reassuring point of reference. But Tina is a Slovenian woman with an Arab soul. As if to demonstrate the verbal effects of qat, she monologues for over an hour before we get anywhere near the topic of my upcoming trip. I realize that if I want to be a part of this conversation, I will to have to fight my way in.

The itinerary is pretty much fixed; a standard loop through the small triangle of Yemen where tourists are still allowed to go. I have already met my driver, Ali, who I will come to recognize as a prince among men. The security situation is safe, Tina assures me, but she likes to wait until the last minute to submit the itinerary and request the permit. "It's better not to give too much notice." That means we won't find out until tomorrow morning how many soldiers are coming on the trip.

I know from reading a blog post by Wandering Earl (a guy who looks like he would drink your last beer out of the hostel fridge) that American citizens get a military escort in Yemen. Unfortunately, a few weeks before my arrival the Tourism Ministry expanded this policy to cover all visitors. Even Polish citizens are no longer safe from the protection of the Yemeni armed forces.

When I was planning my trip, traveling with soldiers sounded like it might be a fun, wacky thing to write about. But now, on the eve of my departure, it just sounds like a hassle. It's hard to keep a low profile with a squad of soldiers by your side. Tina is even less happy about it than I am. She will have to feed this private army and supply them with qat and a place to sleep.

(A week later, when I find myself surrounded not just by soldiers, but by an entire company of tanks, with a Hind helicopter buzzing over our heads for protection, I'll think wistfully back on this moment. The government of Yemen cannot guarantee your safety, but it makes sure you'll go down swinging.)

The power goes out halfway through our talk, and we're left sitting in dark for a while, until the hotel can spin up its generator. “You're going to want to buy some batteries and a flashlight. This happens pretty much every day.”

That evening I wait up in my room for the generator powered lights to go off. Blackouts are so common in Sana’a that the hotel has installed an entire parallel lighting system that runs off the generators. Unfortunately, there's no way to switch these lights off. I feel very conspicuous, silhouetted in my turret against the night sky while I can't make out anything of what's happening in the streets below. The situation perfectly captures what it feels like to visit Yemen. Outside the city is dark, except for the far-off flashing neon of a modern casino hotel. There are invisible people down in the streets yelling at each other, and from time to time I can hear the sound of running footsteps. A red tracer bullet drifts up over the Presidential mosque, a few miles away. As best I can tell, this is just a normal evening in Sana’a.

Eight more days to go!

Ars editor learns feds have his old IP addresses, full credit card numbers

19 July 2014 - 7:00pm

In May 2014, I reported on my efforts to learn what the feds know about me whenever I enter and exit the country. In particular, I wanted my Passenger Name Records (PNR), data created by airlines, hotels, and cruise ships whenever travel is booked.

Further Reading But instead of providing what I had requested, the United States Customs and Border Protection (CBP) turned over only basic information about my travel going back to 1994. So I appealed—and without explanation, the government recently turned over the actual PNRs I had requested the first time.

The 76 new pages of data, covering 2005 through 2013, show that CBP retains massive amounts of data on us when we travel internationally. My own PNRs include not just every mailing address, e-mail, and phone number I've ever used; some of them also contain:

  • The IP address that I used to buy the ticket
  • My credit card number (in full)
  • The language I used
  • Notes on my phone calls to airlines, even for something as minor as a seat change

The breadth of long-term data retention illustrates yet another way that the federal government enforces its post-September 11 "collect it all" mentality.

Parsing PNRs

Parts of my PNRs, such as travel itineraries, were easy to understand. Others were nearly impossible to parse, so I enlisted the help of Edward Hasbrouck, a travel writer who has extensively researched (and even filed lawsuits over) PNRs. He told me that PNRs like mine are created for domestic flights, too, but that it's only for international travel that data is routinely given to CBP.

I was most surprised to see my credit card details—full card number and expiration date—published unredacted and in the clear. Fortunately, that credit card number has long expired, but I was nonetheless appalled to see it out there. American Airlines, which had created that particular PNR in 2005, did not immediately respond to my request for comment on how or why such detailed personal information would show up here. (In other instances, the majority of the number was X’d out.)

Line 4 reveals my long-expired (and since-changed) credit card number.

Cyrus Farivar

As I looked through the logs, I also saw notes, presumably made by call center staff, recording each time I had tried to make a change by phone. Hasbrouck said that this is typical and that it's one of the downsides of global outsourcing—the people I’m talking to probably have no idea that everything they write down will be kept in American government records for years.

“There’s no sense on the airline call center staff that they may or may not be aware that anything they put in may be in your permanent file with the Department of Homeland Security,” Hasbrouck said. “There’s no training in data minimization. They are empowered to put things in people’s files with the government. I think that’s pretty disturbing.”

Travel sites (such as Travelocity) and airlines (such as American) all recorded the basic information one might expect, like payment and contact details, but only some of them kept detailed records of calls. It turns out that whatever the site chooses to put into its PNR will almost certainly be handed over to CBP and will remain in your file for years.

Cyrus Farivar

PNRs can also include personal information about someone's travel, such as whether they request special meals (possibly revealing religion) or if they need special accommodations (possibly revealing a health condition). The fact that PNRs can be so revealing is part of the longstanding hangups between such data sharing between the United States and the European Union.

Just metadata?

Travel sites like Travelocity also pass information to the federal government. In July 2007, I booked a flight on Travelocity on American Airlines from Oakland to Dallas Fort Worth to London Gatwick and back. The site recorded a huge amount of information on me: name, address, phone, e-mail address, credit card number (again, in the clear), what seats I asked for, the language I used on the site, whether I was traveling with anyone else (I wasn’t), whether any traveling companions were adults or children, and whether I preferred to be contacted by e-mail.

Line 42 reveals the number of children in my party. Line 48 reveals my language preference.

Cyrus Farivar

Hasbrouck pointed out that the more information the airlines choose to retain, the more of an opportunity the government has to build a profile on me. “They have seat assignments [and] could probably search who is seated next to you for social network analysis,” he said. “You have no way of knowing when you’re using this website which information they are storing.”

“This is not to catch people under suspicion; this is for the purpose of finding new suspects,” Hasbrouck added.

I asked Travelocity about its practices and received a statement from Keith Nowak, a company spokesman.

Further Reading "As the ticketing agents to the airlines, travel agencies like Travelocity routinely provide ticketing and other relevant passenger data to the airlines to help facilitate passenger flight requests," he said, declining to answer further specific questions. "Once this data has been transferred, the airlines use the data for appropriate operational purposes, and the airlines determine how and when the data may be shared with other parties. As a partner in this process, Travelocity consistently complies with all relevant data privacy and data security requirements."

He declined to respond to how or why my credit card number was transmitted in the clear.

Fred Cate, a law professor at Indiana University, said that my story raises a lot of questions about what the government is doing.

“Why isn’t the government complying with even the most basic cybersecurity standards?” Cate said. “Storing and transmitting credit card numbers without encryption has been found by the Federal Trade Commission to be so obviously dangerous as to be ‘unfair’ to the public. Why do transportation security officials not comply with even these most basic standards?”

The goal of PNR collection, according to CBP, is "to enable CBP to make accurate, comprehensive decisions about which passengers require additional inspection at the port of entry based on law enforcement and other information."

This information is retained for quite some time in government databases. CBP publicly states that PNR data is typically kept for five years before being moved to “dormant, non-operational status.” But in my case, my earliest PNR goes back to March 2005. A CBP spokesperson was unable to explain this discrepancy.

“No wonder the government can’t find needles in the haystack—it keeps storing irrelevant hay," Cate told me. "Even if the data were fresh and properly secured, how is collecting all of this aiding in the fight against terrorism? This is a really important issue because it exposes a basic and common fallacy in the government’s thinking: that more data equates with better security. But that wasn’t true on 9/11, and it still isn’t true today. This suggests that US transportation security officials are inefficient, incompetent, on using the data for other, undisclosed purposes. None of those are very encouraging options."

"No wonder they didn’t want you to know what they had about you,” he added.

Giving up

What does this all mean in terms of how I book international travel? Frankly, not much, since I have no real choices. Like everyone else, I'm at the mercy of the websites that I entrust with my data.

Sure, I could (and do) routinely obscure my IP address with a VPN, but that doesn't do a whole lot when authorities already have more personal information about me. My VPN may help thwart an IP logging and searching algorithm—but Hasbrouck wondered if it might actually make me stand out more.

Further Reading I could also employ a Julian Assange-like tactic, only buying last-minute tickets at an airport and in person. But that’s a lot harder when traveling with others, and it's almost always significantly more expensive. Traveling is difficult enough already without adding more stress to the equation.

Seeing these travel records captured and stored for years on end reminded me of the other all-encompassing, blanket surveillance tools that I’ve been reporting on over the last few years, including license plate readers, fake cell towers (stingrays), and telecom metadata.

We now live in a world where it’s increasingly difficult to prevent the authorities from capturing information on one’s movements or communications. Is it "just metadata"? Yes, much of the time. But despite what the government wants you to believe, metadata can be exceptionally revealing.

Identifying backdoors, attack points, and surveillance mechanisms in iOS devices

19 July 2014 - 7:00pm

%PDF-1.3 %Äåòåë§ó ÐÄÆ 4 0 obj << /Length 5 0 R /Filter /FlateDecode >> stream xWÛNG}ï¯èÇ% í¾_Þ‚!RÀŽ³+Eñ 8àã$ÊßûT_jzñ‚¢°–w¦¦§êÔ©SÕ½ò½|.*l²õBkme2EüÉàµüüAþ*?ÉW‡F^>J­R²Á«lJԩЕwÆ%'/w!…æå^¦PcDɶ»ÅFññçäÝòî°‰;y#¯¿“¦~fï>ËÉ/î¶Îí^úÜ)eÛÝb¹MÅd«ùîrú2‰‰¯ Wo«+­¨Z¨ÊÊÓU¶.8-A©O*ª² •o¬x§ŒSÆlÓ°!;ç="©ñîdk3ÞÿAÙ>Êsé¼…`Lµ]-¯šœ×@â ‰%RS„N®¡L]…‘ròš@㳿m¢¨¦J7彸¼¯+œ³øgð¾Ñ.!}Ô9gç*i”Ñ§ðkÈ¿Sf–§òü—WòAlÇÙºuMˆ®É¼×1$“kB&¹½Kt j6„ˆbð‰ÝµìÆë‹ù¦"­-P5¡ÐÒÕ¤‘›cKÉ*4ƒËÝ x]@Œt¥5ù¸GÕñÀÙD_á-R®^‡ÅÒâà^ƒ€&Ë^ ËˆC ‚„‹ (îœæ°¯B”fTÅFJãkÉÑ"°×AY€¤g«"ÒÅ¢þêbQKŠÊo.f•®G@»Ö{Ê®+ôðñ4Ë>ÐbqN9'¨ENj› þѳGJšDg’Ö¨{rG“’Ü÷ÁœIÊ'i¢Ï¡(Fë¤Psi,æ„›5ÑF¢DÀº]]rIP‡hžš¥=Ö¹¿ùkn\sÂÉÖÂ¥Àµ Xk •6„l€u¬meÉèeg—;xõsh—°ñhµÑ•¢£Fús*H4cÝÀJh¼s„u"Æ»Q[»0È«:JJ×_¶¬;ÖˆÙAÒPdlý¢®9TFÍÝ º¨9®L Rȶ®•5‹“ü1ÍÓ:.ÇäË6ÅåòNøXS,—)ßEW17‚F©é’Æ8ý*î"vK î¥Å,õhpiœc« r1ÚiŠJƒ]-NºFBgÑXì4ŠÔ•ö4½h)ií±¯/…ö­¹Ád¨Ž+·-š«ñƒª²î­•EÙ¨ÎÖç‚>±[ërðÙÕâÎa7•$˜=ªóg Uft¨FÆÔˆ&eá°I´â€Y³¥ÃÆÙÌŠ×{;üñ+c]ÇYe8üÙ†“dÍq;Pb…ñÑEÔdYô儤;¡9\aÖ®¤ôðÄ;“WaÖÉ1(žV-•X¼qŦ¨\YÆÆõŸ3:™2e=MŒÔÍUàt‹YJ§[ÈÆL7¨ ]‰ó®pFÀÊÒa飚N؍ŽuäLâ×:q„ÄæÝÐÖ¡LzÀ„Æœ‹rs/_m6´—o®åêäÝÛƒÍOoåÙÑÙñÁ/ë7ÇrOn>Ê7õdþm(‡]–N9Jn…Ê8wjWBaâûg¢ýÀ1Ä®t(ÆœNڎa-öÕ➄5¡s¹:;ÚCr«³ãú…œê÷›ú³©Ãwõî¹^ÈÍÉóÙb?Ù.tZW°×aÛ™ãËüA;<…tˬÜw»¡b늼0·Dx†Â¯ÙvÄÑ5·,6~ÄÑøµ-Þaå|­ endstream endobj 5 0 obj 1595 endobj 2 0 obj << /Type /Page /Parent 3 0 R /Resources 6 0 R /Contents 4 0 R /MediaBox [0 0 792 612] >> endobj 6 0 obj << /ProcSet [ /PDF /Text ] /ColorSpace << /Cs2 8 0 R /Cs1 7 0 R >> /Font << /TT1 9 0 R /TT2 10 0 R >> >> endobj 11 0 obj << /Length 12 0 R /N 3 /Alternate /DeviceRGB /Filter /FlateDecode >> stream x–wTSهϽ7½Ð" %ôz Ò;HQ‰I€P†„&vDF)VdTÀG‡"cEƒ‚b× òPÆÁQDEåÝŒk ï­5óÞšýÇYßÙç·×Ùgï}׺Pü‚ÂtX€4¡XîëÁ\ËÄ÷XÀáffGøDÔü½=™™¨HƳöî.€d»Û,¿P&sÖÿ‘"7C$ EÕ6<~&å”S³Å2ÿÊô•)2†12¡ ¢¬"ãįlö§æ+»É˜—&ä¡Yμ4žŒ»PÞš%ᣌ¡\˜%àg£|e½TIšå÷(ÓÓøœL0™_Ìç&¡l‰2Eî‰ò”Ä9¼r‹ù9hžx¦g䊉Ib¦×˜iåèÈfúñ³Sùb1+”ÃMáˆxLÏô´Ž0€¯o–E%Ym™h‘í­ííYÖæhù¿Ùß~Sý=ÈzûUñ&ìϞAŒžYßlì¬/½ö$Z›³¾•U´m@åá¬Oï ò´Þœó†l^’Äâ'‹ììlsŸk.+è7ûŸ‚oÊ¿†9÷™ËîûV;¦?#I3eE妧¦KDÌÌ—Ïdý÷ÿãÀ9iÍÉÃ,œŸÀñ…èUQè” „‰h»…<X.d „Õá6'~khu_}…9P¸IÈo=C#$n?z}ë[1 Ⱦ¼h­‘¯s2zþçú\ŠnáLA"Sæödr%¢,£ß„lÁt  4.0,` €3pÞ „€H–.Hi@²A>Ø A1ØvƒjpԁzÐN‚6p\WÀ p€G@ †ÁK0ށi‚ð¢Aª¤™BÖZyCAP8ÅC‰’@ùÐ&¨*ƒª¡CP=ô#tº]ƒú Ð 4ý}„˜Óa ض€Ù°;GÂËàDxœÀÛáJ¸>·Âáð,…_“@ÈÑFXñDBX$!k‘"¤©Eš¤¹H‘q䇡a˜Æã‡YŒábVaÖbJ0Õ˜c˜VLæ6f3ù‚¥bÕ±¦X'¬?v 6›-ÄV``[°—±Øaì;ÇÀâp~¸\2n5®·×Œ»€ëà á&ñx¼*Þï‚Ásðb|!¾ ߏƿ' Zk‚!– $l$Tçý„Â4Q¨Ot"†yÄ\b)±ŽØA¼I&N“I†$R$)™´TIj"]&=&½!“É:dGrY@^O®$Ÿ _%’?P”(&OJEBÙN9J¹@y@yC¥R ¨nÔXª˜ºZO½D}J}/G“3—ó—ãÉ­“«‘k•ë—{%O”×—w—_.Ÿ'_!Jþ¦ü¸QÁ@ÁS£°V¡Fá´Â=…IEš¢•bˆbšb‰bƒâ5ÅQ%¼’’·O©@é°Ò%¥!BÓ¥yÒ¸´M´:ÚeÚ0G7¤ûÓ“éÅôè½ô e%e[å(ååå³ÊRÂ0`ø3R¥Œ“Œ»Œó4æ¹ÏãÏÛ6¯i^ÿ¼)•ù*n*|•"•f••ªLUoÕ՝ªmªOÔ0j&jajÙjûÕ.«Ï§ÏwžÏ_4ÿäü‡ê°º‰z¸újõÃê=ê“š¾U—4Æ5šnšÉšåšç4Ç´hZµZåZçµ^0•™îÌTf%³‹9¡­®í§-Ñ>¤Ý«=­c¨³Xg£N³Î]’.[7A·\·SwBOK/X/_¯Qï¡>QŸ­Ÿ¤¿G¿[ÊÀÐ Ú`‹A›Á¨¡Š¡¿aža£ác#ª‘«Ñ*£Z£;Æ8c¶qŠñ>ã[&°‰I’IÉMSØÔÞT`ºÏ´Ïkæh&4«5»Ç¢°ÜYY¬FÖ 9Ã<È|£y›ù+=‹X‹Ý_,í,S-ë,Y)YXm´ê°úÃÚÄšk]c}džjãc³Î¦Ýæµ­©-ßv¿í};š]°Ý»N»Ïöö"û&û1=‡x‡½÷Øtv(»„}Õëèá¸ÎñŒã'{'±ÓI§ßYÎ)ΠΣðÔ-rÑqá¸r‘.d.Œ_xp¡ÔUÛ•ãZëúÌM׍çvÄmÄÝØ=Ùý¸û+K‘G‹Ç”§“çÏ^ˆ—¯W‘W¯·’÷bïjï§>:>‰>>¾v¾«}/øaýývúÝó×ðçú×ûO8¬ è ¤FV>2 uÃÁÁ»‚/Ò_$\ÔBüCv…< 5]ús.,4¬&ìy¸Ux~xw-bEDCÄ»HÈÒÈG‹KwFÉGÅEÕGME{E—EK—X,Y³äFŒZŒ ¦={$vr©÷ÒÝK‡ãìâ ãî.3\–³ìÚrµå©ËÏ®_ÁYq*ßÿ‰Â©åL®ô_¹wåד»‡û’çÆ+çñ]øeü‘—„²„ÑD—Ä]‰cI®IIãOAµàu²_òä©””£)3©Ñ©Íi„´ø´ÓB%aŠ°+]3='½/Ã4£0CºÊiÕîU¢@Ñ‘L(sYf»˜ŽþLõHŒ$›%ƒY³j²ÞgGeŸÊQÌæôäšänËÉóÉû~5f5wug¾vþ†üÁ5îk­…Ö®\Û¹Nw]Áºáõ¾ëm mHÙðËFˍeßnŠÞÔQ Q°¾`h³ïæÆB¹BQá½-Î[lÅllíÝf³­jÛ—"^ÑõbËâŠâO%Ü’ëßY}WùÝÌö„í½¥ö¥ûwàvwÜÝéºóX™bY^ÙЮà]­åÌò¢ò·»Wì¾Va[q`id´2¨²½J¯jGÕ§ê¤êšæ½ê{·íÚÇÛ׿ßmӍÅ>¼È÷Pk­AmÅaÜá¬ÃÏë¢êº¿g_DíHñ‘ÏG…G¥ÇuÕ;Ô×7¨7”6’ƱãqÇoýàõC{«éP3£¹ø8!9ñâÇøïž<ÙyŠ}ªé'ýŸö¶ÐZŠZ¡ÖÜÖ‰¶¤6i{L{ßé€ÓÎ-?›ÿ|ôŒö™š³ÊgKÏ‘Îœ›9Ÿw~òBÆ…ñ‹‰‡:Wt>º´äҝ®°®Þˁ—¯^ñ¹r©Û½ûüU—«g®9];}}½í†ýÖ»ž–_ì~iéµïm½ép³ý–㭎¾}çú]û/Þöº}åŽÿ‹úî.¾{ÿ^Ü=é}ÞýÑ©^?Ìz8ýhýcìã¢' O*žª?­ýÕø×f©½ôì ×`ϳˆg†¸C/ÿ•ù¯OÃÏ©Ï+F´FêG­GÏŒùŒÝz±ôÅðËŒ—Óã…¿)þ¶÷•Ñ«Ÿ~wû½gbÉÄðkÑë™?JÞ¨¾9úÖömçdèäÓwi獵ŠÞ«¾?öý¡ûcôÇ‘éìOøO•Ÿ?w| üòx&mfæß÷„óû endstream endobj 12 0 obj 2612 endobj 8 0 obj [ /ICCBased 11 0 R ] endobj 13 0 obj << /Length 14 0 R /N 3 /Alternate /DeviceRGB /Filter /FlateDecode >> stream x…UßoÛT>‰oR¤? XG‡ŠÅ¯US[¹­ÆI“¥íJ¥éØ*$ä:7‰©Û鶪O{7ü@ÙH§kk?ì<Ê»øÎí¾kktüqóÝ‹mÇ6°nƶÂøد±-ümR;`zŠ–¡Êðv x#=\Ó% ëoàYÐÚRÚ±£¥êùÐ#&Á?È>ÌÒ¹áЪþ¢þ©n¨_¨Ôß;j„;¦$}*}+ý(}'}/ýLŠtYº"ý$]•¾‘.9»ï½Ÿ%Ø{¯_aÝŠ]hÕkŸ5'SNÊ{äå”ü¼ü²<°¹_“§ä½ðì öÍý½t ³jMµ{-ñ4%×ÆTÅ„«tYÛŸ“¦R6ÈÆØô#§v\œå–Šx:žŠ'H‰ï‹OÄÇâ3·ž¼ø^ø&°¦õþ“0::àm,L%È3â:qVEô t›ÐÍ]~ߢI«vÖ6ÊWÙ¯ª¯) |ʸ2]ÕG‡Í4Ïå(6w¸½Â‹£$¾ƒ"ŽèAÞû¾EvÝmî[D‡ÿÂ;ëVh[¨}íõ¿Ú†ðN|æ3¢‹õº½âç£Hä‘S:°ßûéKâÝt·Ñx€÷UÏ'D;7ÿ®7;_"ÿÑeó?Yqx endstream endobj 14 0 obj 1047 endobj 7 0 obj [ /ICCBased 13 0 R ] endobj 16 0 obj << /Length 17 0 R /Filter /FlateDecode >> stream x½YMs·½Ï¯@nËTi<øÌ%•”«’”B¦tpù`ST¸iGbUþf\ù?y  °;Ë%åJLvØt¿î~Ýh,?˜Wæƒñó8%—\~˜¦É™d×qŏ‰a2oÌkó½ùâåƒ5×fSr1¬ž»ÎSZå)xë“®›º˜bÑroRÌ6fCÙ]“‰}üxs×öªl¸3·æí¯Í¿½ö°˜N/þ:Ðx¨ÝÐBO £SAY§(Ìóè–˜zu*Sh§”†¥†´SJ™úÖ):Yö7… º€=T÷ªLÜ— N£ä 9ÃÓœ$eAžç£Ÿ‚Ò¸xaBrãšRŒ¬?ú$*ƒ6ÊàÓ<¹h!ãÞN–­®ÑEóiẊ^^Âh£N˜…BK æò%è8e6¤%…Iðá÷Å¡ˆŒ³S\×áú¾¬™c²KÖ:Eðx{ïͲxo'ñ”Â; ç’¼¼;P04ñ­¹D‘XóÎØ |m„Ñd§¾¶7Ÿ…8 $Â| °1Í>uxí§%,‚­@ @"¤^ñyLÎJ’šlAåB‘ñ‹Cy¦Å y•ñk©ó&A§uDÂ#eCpˆSÖ®šš¤Ú3ØÇUH `TSˆ® ¢=•`QQ֐«¦&Qÿ®}}ZÇh;Ǭ&[â¸Ì)ÀÄ<®n^LX=j×Ææ¸Jq<ŽÎ‚v*3ÁºqF,LPMMÒ9ÎUsA„44Mó4ÚùÀžJÄqE¥²†\55I³Wšß¼z¡7ŸÀ€¯Ì×Ïæ]ÓXc‘+ŦiBÝ.ÆÙɇ€(¾@TmC2v†û Hg§)Â ëÐ2zÈœÝ<ÆÙ ¦ Ã-h7a]ÖՇ谮¼žÄ„lH³è+j|QòŠ¬˜KŠÀ%(Ì°ü¸@˜‘æÞîb\ÚS[)pÖ?º^¥Ç1¢š†FŸpJMXW°fˆ~]'äb¥+Ðàè"ë:—ƒ÷H±"]ÅaŸfÔ’+@¥>뚌Q"ê©e íU€s«ÌëÞ`a¦ó³*–uH1>º>r¢¬cˆuÈ4>¦L튧šÚ) ~ˆ>¥JçoãT ÔÕ^ÚØüŒf¿¡°¹¾*ƒ½fàÞ¸ -uol²3R-dõ$-H£õ.¤†GÓÊ È.¸u”,$¿‚Ys¨¹ãÖ×!o°ã”¢¨IU±—LWs@q´Y(0l\XVT 8S׉l‰a± tšõyœ_q-íŸ3N9À/@3>$dA—˜éôyœt•xà¯Vhl 4JV'Óújý‹¤®ª03U[†),¤Í Ò÷ؤ´6Y§>Ô §ækQ››‰Æ¤š—fÂÚÏ ×¬1ÖuÐWSŠ\4}̙څ>æ¶ÃG¨‚Y¹BoÉ( ´cve>=ÅàŒþ€F-“‹5hîHFªìP[Âßß\tsY€‡6‹H â«{óÅÕhl®ÞbØؽ¾ÀÜÌîö‡™P¬Ùí.Ì7æê+ó»+ój8oÈò˜fŒ[C;s1\½ËŸ€.ó4€8Õè„œq.º‡c'þtóñŸpiwóûo{ôOÛš…QÕ8°N¢7Š¾¿“€2Ù¯[f—B”Ûɉ€É,b1F"3âžCÏÅ8Š_}záJñ*äÔ»_]Ðf»µûÐƶLnglËÁ|¶µ¸mÍ NwPÌŽ#…’fò$ÆTu³ÕAÒ¨îFñxF/°ÅÞ&‘¯……ÈãÇ÷7åáMù0åC’+¯ñ'ú§3ŸÜ!¢\ÖÇkYìÞ܀Nšñ3žjPk6qˆ/+b<©ÅöâÀ/ÇÿNÜËu÷­Ô\º¿ò§xšWÜ×\©‚ïò !»êø(K}KÙûÃŀ,ù^ÞÀÜF«šÕÿR³\É~ð6+ë•Ð‹[Bà6JÔ‚‚»+°‡]oêT\mÑÐpB9œw³ cŒëZåêpÐÉÞ©Å}5ev•‚Ø {/Bû{Јё5""zÝôs±š.v†ƒ·Ñ"„>LÉþÏ%2fwI}¡&VÄ#ŸmA´¿â̯7Ùm@bŠþzЂŽë¿~9³iA@XÛ߶5“Gí¯kA€P[Âù„ÖyºÛ©›ÅÔp²ï4?Û)øe7ÓÅdë¹8ì”CL“üv“SJöh$™`dNÂB€.ï/T7W‘ÂÊ,â’ʤ¡7‰ôŸjô/ò‰ÆÀ=º4Еcƪ¡ƒ|hå",.¸z£er]Ø<ìhA%÷÷ºøoyqi]g{Ÿ¥lúmë‡SÍ¿5#¨‰Õ0Vtf÷^*…JqI÷(XÂ'.k`‡õÒYMé¨òËzü]#ÃÆsOcŠäØ3Sô€ÆV3õ“†¦Z¨V/ñè%ÌÅQ5ÿ;I¶üKô‘ÎÐó»ÈoYgŒúž×„pÍ–NšNfš¤óûy§ò)¦±GqZPÊ¢2¿¹CêQDh•„Cë6\|«Šöjgb™ÐÖVáÚ)ùŠ‹·±c™ƒWÂ:ì>iIT@ï8xxÜå?cð *õ²‹l->,#Â=:÷Q JXÓtHé¡+¶A¸Ö)†4Ñ¡Q?ifƒh¯êkܺs…-H7Q=!0Ÿôø·£_mõ(ˆîT:խлŸ{rø&¢%ót·ªCG¹z=wî‘ɺ\ûFŠe=³Ž,N=uð:?õPçóŠÿVh^»Áå±9™X4€{F[M(Ý8ÏÒàfEK?è+%Ã+4ÎÍ%òÉfjWKÇø½Yÿ Z»;þÛx±ü´ñCY“O´ñ«zÇÓj281=‰Jqt} '*®s]Ÿª_Sp·òuÀÊRË•][R2m”ú$-wjå”7íIü\»§ˆ¨þWÉ°{b>Õ¨Q'—qÿªˆ"ZÕèë&ÄŠ³…kåŸ2¼T1ù.Íf;ÆXó£Øøâø¶Ø}O¨kËÞNYïrsèÕî@à endstream endobj 17 0 obj 2473 endobj 15 0 obj << /Type /Page /Parent 3 0 R /Resources 18 0 R /Contents 16 0 R /MediaBox [0 0 792 612] >> endobj 18 0 obj << /ProcSet [ /PDF /Text ] /ColorSpace << /Cs2 8 0 R /Cs1 7 0 R >> /Font << /TT2 10 0 R /TT6 22 0 R /TT4 20 0 R >> >> endobj 24 0 obj << /Length 25 0 R /Filter /FlateDecode >> stream x½XK“G¾÷¯(.Ä,Ú]¯®î£}QÆì>ÀHbGì Ë2ü{¾¬ªüªfzöe´ÚÞì¬|~ù¨þh¾1ŸÇ)¹äòÃ4MÎ$»Ž+þ™&óÃ[ógóÁ|ñê“5‡OfSr1¬ž»ÎSZå)xë“>š¸˜b‘rgRÌ:fCÚm£‰~üó涝UÚpknÌ»_›zéa1\üu"ñTþº …žÒŒNi 0Ï£[bêÅ)MM»$4,5¤PÒÔ·NèÐѲ¿)‘ÐìKU¬âY¥‰ûÄi”¼!gxš“¤,ÈÓâ|ô“ApC/HHn\SŠq€ÖàGa‰Ò 4ø4O.ZÐx¶£e­ktÑ|ó»‚¡W×PD©äDÐÅsý pœ2Ò’Â$öáçÅ)‰Œ³S\×ápWxæ˜ì’¥N8^Þ;³,ÞÛIuöÚ1NKXĶb‚ԀT!õŠˆÏcrV’Ôh*‚Œ_Ê3-È\Ư¥Î ŸÖ ¤ Á!NYºJj”ªÏ๐ŒQI!ºbõ)çhiÍr•Ô(êß¡ÀקuŒ¶sÁj´%ŽËœTÌãêæÅ„Õ£vmlŽ+eÇãè,`§4¬gÄ•Ô(ãäšÓ ¤¡Iš§ÑÎ'ú”"Ž«UJk–«¤FiúJó›W"ôæ3ðÚ|ûdÜ5‰5¹Rlš&Ôíbœ|ˆâDÕ¦1$cg¸tvšÒ(Ø°-¡ÍÙÙÍcœ j 2Ü‚vÖeM@Q}ˆ|åõ$*ä@šE^ã‹`€WhE]R\‚Àl–³¥¹·»‡öÔ8ÅœuAÁ®é1†”@Րè¦Ô¾bk6ѯë„\¬tò]„¯s9x«¥«8ìÓŒZrÅP©ÏÊ“m”AD9Õ@᡾jàÜÛU Ì|j>`¡¦ó³ >¤(]¹j¢ð1ÄÊ'4ME')S½â©¦¶³P?DžB¥ó·aª„âj/mh~B³ß@Ø`¯¸3nBËFÝ›ìŒTX½HGPcÔ ÞÔðÈb[Ya²n%ɯ@ÖêCî¸õuÈì8å‚(bRì%ÓU,q´'Y(f.²Ø¸°¬¨`¦ò m‰a±€t14Ëó˜_q-õÂ>fL9˜_Íö!!ºÄL? ÏcÒET≿²X¡±©¡Q²:yLÈ«õ/”ÊUÍÌ8TiÙLA!uV#}o›)­MøÔ‡z@âÔ|-bs3јTõÒLXûÙÈ5ËcŒ•òjJ‘‹&9S½ÇÜvöê‡Ø¬X¡·D”ÆÒ €± »² _Þb0£?¢QËæb š;€•*;Ô–à÷7{ƒn.øeçcmEgÃû;óÅ~›ý;,»ã×W²™X³»6ùÉ™Iß_ xçÍîm~Ìî‡+¬9 üE~ãЏzæøA(8ü·LÅ]ÿ»0 »Où¡?FÁwU N}gö¯ÍW{lEýy5R”,³K!ÊUàBdð[ìlƒAMì~øѧÁ% ¡Da÷‹«aÿ¾hl—võØh–%éÍ2/hÆ`Ç,YfÓ@ÕH`€é(¹›Ÿèb*þ%€Û®\«š Íô°»þ§æꯚ†÷ÿAIL(Ó÷}õ®œZf™tž¢@ ÛÜ›Œ.@FÁ¤ Æû1Um1»Ê;™T¨‡©øH'Iúµ .vX½Í6¡jÓçìtsfËþ‚‹Êý«uL .Ø9Ϋncä¹?­Òht=3ì4L!ÌÂÆ-õFcòf“JªÑÄU “¬Bn„ÈA£ÆÌéaýMì©G{¤5-`-Ö6{J%[’!P¿kØv±ôw¾ë§ˆMØSýpÈT\[Ê¢†mu§´¦ó½:xÉw™ªðý÷Z,×wøÞÀ}¡‘ø€­dÖ!´æF²ß÷÷ †øGMÃékvhرQ°ÖÙøÀP‘™Qú)ä¡d‘XÔÇŠëa÷ÀÐê:!&”5d_¨t‡KÒ“+ýË?J¸°ˆ|­ÞýAˆ9 Êî‚e_Y_×¥M–z–ñ8¯Ýöþó.jvL †ìYço®¸L›]øƏod Ÿk¸¤[^U·È9ü…!øˆ°Ø ò§¾*»GåÃ=å&ÿQ¼ÃÏIÌü…öèÒà®ö\Ïú:ÿI.]îÛW‘z_ºg‹(ªuÜœ©>kauüêË s¶.>(ìXË U€ÓuÏÎÂ]„ÝP¢Š¥ÀÓŠo ë°ãŠCSnXôÜ (*UUk×$+=Q×Xt´ªâ†ñ•öQG{û1,i6;y¸H¤ˆY¦s»§Hi5ý «œ.žÖeçêP·¸1†_)É§NòòÃÆ å04¤Ðfã«óH·K™FZ!å`Çå¿“P¡òÒ8>¨|å`8ÉqüIfr¿´C샵)Ü›ÑÍ– ]úA G¨Z«©Å(%SæfÞ….úh+³øÖæéY+; ÛO/§]ô‹`QýÿX{MÏX_Ö.Jhik¨åÒ̤1Cš=ž½·zP½‘GOSœjfâÛ‡j¨(Äۍž?~¬ë +ž*(šßê*ø¯ˆ#yX1d&…NðU©·î´1â¸q˜‡Ù‘´j7w3°¶øæ?:~”¶ endstream endobj 25 0 obj 2354 endobj 23 0 obj > endobj 26 0 obj > /Font > >> endobj 28 0 obj > stream x½YMs$5½×¯ÐÞÚë¢ôUR]™ ˆØ˜ ìÀõÌàÌîÝÿ³/%å“Úݶ{öÀø0eUêå×ËTªüÞ|eÞ¿ÎKrÉ•‡eYœIv›7ü31,æ··ækó³ùäÕƒ57f™Sr1lž²ÝÖ%mò¼õÉO7.¦XQîMŠEÇj¸v××D?þys×÷êÚtgnÍ»¿[~FôÍ€‹ß±ðÛízJ3® @a]g—cátMM;réÊ5õm†µâo A†€½`©À*îÕ5q_‚¸Ì’7äOk’”yÊÎG¿7¤9{aBró–RŒ´?ûKt h\ƒOëâ¢Å÷kEë]4¦lþY9ôê Jƒ(uÂœ(ÊQ1W¯@Ç¥°!å±?—‡Kd\ýœâ¶M7÷UfÉ悺Dðx{ïMÎÞÛE˜µ†öP:n{Ê;/¥ *LjÀ^2ÝÔÁg{…jf–ÁÆ…¼¡JÀ™&'k9†lAéjhÁó8¿bž-õÂ>Vœr0¿ZìCB2ºÄJ?€çqÒETⁿ2X¡±©¡Q²ºxœþÀkõ/+Mª™Yx¨hÅLa!u6#ýh›)­MäÔ‡¶AâÔ}­°¥™hLšzi&¬ýbäVðc•^K)rÑñ˜3ÕtsÀvCn=¬Kür}o>¹¾Íõ;»¯/0·³»ý^¬Ùý~!“Š3;S¦Ýµ¼ñÙ?”%µw†ït÷JüÔp)ùÅÅTß™ë/ÍgטÆQ—k.¯.…(CÉ ‡åˆ·m:ƒÃ#%¦g4XT]i½ý$QFÕZêùd©·Oç«”IúI•÷R‡"Bhn]î‰&3•*˜Al\åB,3nÄxÂÅ÷uwŽëÎÕÖ#Cio=ÝëÎÞÏ[é3÷Ç­…•xˬ1Ûÿ•í¨ZM#%˜r®¨5±@ë›iGQÒ(M|[²ë³ù(uÜñj¨¦Œ“Bç61CU„ie?$šðÄ“ˆŒzt4 óÌ׆³î×rV ékó¡nå؞ö‘S©TÊJ ìÜ1»Ð{‹-Ãø‚;9®¦m‚™N ÚU«†ÏO0UuãôcÕ}~-x¢»”AÕ,ӣʱôÐĘ́£v‘ ségzÿ»µM¬ï¿ª‹ž‰Î°Æ6¦ó˜J\¡Œr€xõðzþ°Uót3 ¹§¹)dGíÁà6|wYY€ìûÖy 﫦'z\­ ñätoúqû‹ÚE-ÉÀùsn7çÏ9:0ÐZl\PYøœr˜-å÷P–"ÌÀ»âá8Éöï§Ó|¥öéh1ŸZyÚí;6-adù®í›úèL2P­rŠ:Ž£ ¡|Ðr³¾5œ€O÷ùcKÏ1+ÚE~Ûâ04qñz±mUÕEÛ:tòì¶uÅkÒ”3LȞUÅ­vÍ;71õGt'X㊢×õi§›H-‘¤(_ñêÖF3³ã)©öÜÍöL4 MvÚQ¥¬°ŒÑˆO4ºý‡Ö´â÷º£áÀé”ïŒæïl;ˆåÃÉK·³owœY=š¥®¼Q«ø†Ý„N±-1êEÚîé™;¬îaÀuAÓoúÌîðíÅ?䘶[åªÞuè4tBžèGçó¥~ÄNHÙ?ùÀÏ;¦=3G‘¥½êH‹ç´ëß µ\úêñK¾* endstream endobj 29 0 obj 2384 endobj 27 0 obj > endobj 30 0 obj > /Font > >> endobj 34 0 obj > stream xÅYMs·¼ï¯@n.i½øZìVVU’réUùàòA¢$“6)Y¢dÅ3©üŸô˜÷ñ‘J\b™ž™ž°ú`¾7ŒŸÇ)¹äòÃ4MÎ$»Ž+þ™&óñùÁ¼3ߞßZsqk¦1%Ã:ái±ëùáö¢™‹)+7&Åìc6»ncâÿ¼¹nkul¸6—æí7ÆæŸÞzXLgXúÉ ¹!‹&$7®)Å8Àkð£@¢c°Æ1Ä4O.ZŒqm7–½®ÑEóeXÌ_‡Î_Ài§N˜…BK æÅ9è8e6¤%…Iðáçéág?¦¸®ÃÅM™3Çd—luŠàñ öÞ˜eñÞN)¯98ǐäåõ¡ _šhk~1vB?¡C49¨Ÿ€íõW!h‰0ìCL³O^;Æi ‹`+¤¤PéWd|“³R¤6¶ saÈøÅ¡=ÓbˆAÁ§uDÁ#Ç†à§l]-µ‘êÏ`g¡h€QK!º‚Šþt눊c ¹Zj#ßE¡¯Oëm8’ÕÆ–8.s p1«›VÞµ±®#ƒGgA;3ÁºqF.LPKm¤œ³æ4‚ih–æi´ó?‘À•Ž5äj©4EüæÕ£ ½ùšwÍbÍE }»g'²øYµiÉØáƒB ¦4 7¬ƒd õsvvógƒž‚ ·@nº¬ ,ªÑa^y=‰Yf±WÌøb䕱â.)—`0Ãòã‚ÁŒ4k»‹qq§6Sà¬~t½ImD t ‹>a—š0¯`ÍýºN¨ÅÊP`/ ÐEæu!ïQbEºJÀ>Íè%W€JÖ9£lD´SÊú«çW˜ç)þ¼ÀÂMg5,ó˜â|t}æ*D™Çëfìr€_€f|(È•˜ìyìtx¯¬ l 4JU'ÝöjÿËHUafªµSXHŸ¤ï± H‘6™§1Ô’§k1›ÅDsRÝ‹˜°÷3È5ÛcŽuìÕ’¢Ík¦~aµíð‘‡`V®0Z2Jsk…À8 »r>~ŠÁýB-'k î(ŽT1Ø1 ·„¿Þ¨¹LÀ/‹´-eOñÇþÆ|»ßƒÆfÿ‡Ýg8·³»|)Öì>ÉIÅ™)Ãn/o@QäL ‹n™] QÎ-Gr"§‹rb‡S'‚øѧ§ØKJS²ûÓ™ÙÿRI»‡TÏ@ó8ϲ!ñŒ]Ë‚šZHjr@!‚`–«ÏÃ!–£,,]XΡ&§`¹noCcÀî™ùôòúWóòÕûÏŸÌÛÏïòMøÙÌiïfçrÅގµˆ=.8¸h>PíF·B9›‹Æë×™K ±2ó¸=¤žÄ:åpK¸–ä½|¯Ôü’Ð õÝ°ãÈ›ü ½Äeºê®Î`Ûý^ÛckD×r {슽ʇúnØõvZ5þ,¸@B6°à¤mgmÖ—¢Ì̎+Pú¡ù›*¿i^˜©U6ÿG‰‰c!ÐÛ¼‰ÿ¬Z Na’5æawÉ—Du¹Å9ô±Ág2:¦l×Ð,ap¹RÂZxºQ3-Z% fMS„’É%ô ½X¨ ŠS™oãyGKWw P£*cËQ©VTàq.+:/K‹[±Ã硈ы€žÒ/Ç=r–븜q—”ä¯Ð2 C\ ª¶'Ó+u‚ùê•ŠÌ›Ldè—kœÛzùG/2D®K^kWpí©ªGu£ÆþØ£«®Ñ0Ð'‡í3äÃ@2‹ã¶(™ñøØ„Œ„!s›cv«"¼[•¶o(eB¨Ã5‹ÝV°Ãå¿K8}‘h†‹Þçta‡¢¨rµ¢Ñl‘¹WÉÏ*ÄÕÜ°c&™tŽp9h †ä&*Btd‘b 5 Ÿêy=ò«ÅP.[ºSW¦¼k5I:-†¨Ãƒb˜]žÔß;bX™vùûö!†}è÷Šaâ&†Ï„k=X2’Ž¥bÁU×rŠÔqÛãl®ç×+5¹è¥lü@¡Ü¥.!¨1|Eæ¨Jv|ÞêÈ*’§§È*ׇ#jI—l“'M‚JB4Få÷V-O6A2w¤Ø˜*Î`ë21ìK¨½¢(*œlZQL|Li ÕXu\1?«†“CÔLÍw¯ñ‰ãƒÖ14µ§qÐg°2[T„GR)ï†7´î x$éÆñéY—1jHε$ßÐHÝ“‡NÑ;µþMl5}­òGÍá¾£&>!42œVW=jž¼1?B]{—Ãq—_¥®å›IUW4÷cš=|¸ç¨¹Q×ïêN΂±ç7{ju’¯¸”Q[0/ØODÜâ–3r~^sE‡eË{u]íw Ô¾ÎÐξ¢Yžc·f™*&†¸ûÉ­oŽ)f¨GùÂÖ˜r\1™¢# 4€êxØiksÆ#DFh‰êÚîîÿÉz¿ÿ“dw×êßĬ)mêCh:—%d|Ì>Íp³ß„•Yg8{ûJK](0쮸‹r5=‘°Ë…»lל«_КµŸsµ:Ü¢ðÁ“¦7­¤9 O@æÜ{;qP2^bÎ?ËwaÇ«?F²!”ÕàƒîFû¯bßì6™R?šZei rå8§ÍÈ$qŠÖŠoˆš#WZGŽl=)Æq¿ƒß´ˆ$x`j-}°Bçu±KB­Nžúõ¢¡[áÿúÕ¥¸üÿu9½Ñô¡¯.›­ðeØýtá”ûËz—7hû 붼ÙЏGB²ãŠßJØDAåU;äßFöy«ªÍ›ó‡¶Úî+±öÜ«LbÈ5žÐÓgw¥ýnÝ6ðo™‹Ý¸µõÄ‘mÎÊÿ4êM»± os›c‹¤ù"jÍŠþî{R„¹û`¢9Pú[ÇU¸±lm1:JŠQÎÙ36Èÿ`HŒ ÉUƒ—Ôóxwri[ ÍñC ñ28†ÂÉ7Utï†Ý]_5Ëš²v¢„•Vîïÿ ÄÀ endstream endobj 35 0 obj 2701 endobj 33 0 obj > endobj 36 0 obj > /Font > >> endobj 38 0 obj > stream x­YËr·ÝÏW »¡Ž¯&;EåJ•+©Ä%Vya{aÓ’I‡”"ɉ’ügþ'§ôîƒ"„\ܹ}~ž>è™yg¾4ïŒß–5¹äÊź®Î$»/;þL«yÿÊ|eÞ˜g/>XsýÁ¬KJ.†}ÅU¶û¶¦]®‚·>ùéÃuWS¬ZîMŠÅÆf(»ë2±?oîú^•MwæƼþÌØò?jÙzñí@ã¡.|»™ …‘ҍAeƒ¢°m‹Ë1êT¦®SrKé ”2mP: ²o A4 {ÄSU¯¸We¾$q]¤n¨®¶$%r•~5HnHKö‚„ä–=¥'X ~ñž¨Ú(CLÛꢅŒ{Y±ºGÍÇ)›?V½x £AŒ:ANå(Ž˜—/ǵ !åVñÿ—‡"&2n~Iqߧëûºf‹Éæ¢uÀñôÞ›œ½·«DJá…[I~¼;P0uñy‰&±æ'cWDðµ8DS‚ú¾ýð‹

$¢¬2~¯}Þ%(øº/(x¤l y*ÚUS—4{û¸ %@CÀÕ¢«^ўJ°^QÖ=WM]¢ñ]Wøú´/с#Y]–ã’·`b[v·evÞµ±®’I‹³€ÊL°nِTS—sÕ–!M]Ó¶.v;°§ \½RY÷\5uI·WÉoÛ=šÐ›@Àæë'ã®kl¹(bÓº¢o³qvõ! ‹—ȪMKHÆnè캦E°a(©‡ÌÙÍmKÜz :\Ý„=ï (jÑa]ýy²!m¢¯ªñU1À+²j.©.AaqË/Ââiávcv §¾RÜÙ3~q£Jc@ 4 >á”Z±®úZ\ôû¾¢;C¾€@³¬BÞ£Äêé.û´¡—\uTú³­)>ÊAD=ÍAYC{ÍÁmô«9XÖ©ÿeƒ…™!ΦXÖ1!ÕøâÆÌ5eS¬ëD¦¥ô±djW"ÕÒþ‡èS¨ñvLÕ´@]ãҎæ'ý „ÍõýÔìµ÷Æ­ lô½±Én(µ€Õ;€t±5Žô»€YL+;\vÁí‹T!ùÈÚB»(ŒÛ~eƒ]ÖÒUMjŠ½Tº™ƒ'p .ö  ÕÍ,ƒyG—3mÈrÙÒÕÑ¢ÏãüŠy±´ÿ|ØpÊÁýêhñÉ`‰q@ŸÇIщñÊ`bSG£Tuõ8ý¡¯õ¿HÚªæfÁ¡j+n i³9éGßÄI¡6Y§1´ ’§kU[ÈDsÒÌ™°÷‹“{ÑÇë:èk%E-º>ÖLíBk;øGhâ³b…ÑQšh«Æ$ìê$|~ŠÁýD-“‹5 w#Uv è-Áïï®Ø\àÃâhp@ ¹Ä—«{óìê 06W¯1lÌ/.d0±f~U.‚™ß\`’qfþ¹Ü4¿7ówò‰•wºåö_m)÷þP÷˜Ùèõ¿½˜ª¡#ý†úߪ^€–oÍÕæó+ŒHãÝŠ"3åGóæRˆ2·œÉ‰Lrb‡©ƒ þõêi©) SIÉü«sõSµØïHú}H³,)z’e9ÏXÆ)ƒ%o¦;€’š9P >Ë­ÏBL5¾¤cô•{¬nBË>ÍÏ[-ÿZrŽâò‚ÉgQYËEÀ­”)EX>ªQQó±XQÝ)FšÞŽ´Ó% Œf¦~zußBQçªÁ©äÊÛ?©ß/)£)ú÷÷æðíu]=hâ€Ù‹’qW†^¹b|µ›¢Ž%ÁãÔLэ„æ´öN]1Íßk@¬Ú?‹a„ÔBý-03ÿM¿¿@+\ÂÝêˏeéÀ·êõ“0¸™U£W„™f÷­pûwâ‡jx¡^1’”iRé úI.y´£Ñù¬é¤ü10 &h’LÎör{¼qB&ÒØhšÔ¥¦;•¼c“s´4WŽ\2F©tb§“¡‰XÞst"‡Ñ#t‚l=‰NúÁ§iB•ÅŸØ'øº`9ì9Ûú™ifÆFÈÒÀóǨ÷\®tE¾zµÖg˜ÈÌ8›žB,ha¢“a@•Ó/˜•zŒÕŠÆ4«Æ®æ ¥}â°Á_hH¤ÖK柦¹Xù‹j¸‹KŽi} ;êkÛ§~ʨTLÆ¥b–šüZi•Ç#a6üÔ²Æ]š$¥°9”ã‰4£Å“¥vÈx»‘HŒØÁ\]›Þµç‹üêÍtͯ߂"ñyý (>!–Ÿ¬ž™¹Žx’nqu9t·~ ONeÌû_†.š–øØôO6ð?Æ“L]´T†;¶UŸ¹Nyr´}%½æ ˆ+öÊ u«gµvìƒ×ï·Tô±‡AàöύynhP(¼E=4õ¼ÿ¬ƒ¹!ö×E¬p±VÓÜ«TV©ûªã>3³ÎntHC~UhfÜÍÍô•äDbè»ÅÕº[Z¨"ë;º€[êæ´vl½Û³O¯5†J•u(PÛD4ŒpÔÆZrj:ÕûVJæ€ ã„E p÷ó¶‰KxAj~N½jßÌJLÊ…ôŠ—¦1UMs;„ SáFtdª€fÅk¡“;•ùǷȠޏ=XÀ“ã-ȃ{õ§¿¹€Ûªñ¿=:Œ9ëÌœÞQŽÿ¾©¬¦5Ú#Óÿ ¿Må­LÏk'ñƒ ŸÌoOG˜™ÿ-hD²± §?+¹xã‰Xç¬Ï•“

Ä,/@’¨¦R^­òÓ¬{7Â[A¬†÷šùèŽ}êÏítê R…9‘wy"iFd‚Z×ÒYªaÚÔ2½Õ[|fér> endobj 40 0 obj > /Font > >> endobj 42 0 obj > stream xÅYMsÜƽãWLªrX¥$ó…*'G¥ƒ]Nb[¬òÁåCJæ:$eQr”üͤòòzfúÍ,±ZQq%–=ݯ»_÷4°oÌ×æñó8%—\¾™¦É™d×qÅ?Ãdî^šoÍ­yúì­5oÍ4¦äbX'Ü-v§´Ê]ðÖ'?¼½hêbŠEˍI1Û˜ ×®ÛšØÇ?o®Û^]®Í•yõ;cóÿ^{XL§huxí§%,‚­@ @"¤^ñyLÎJ’ÚÚ‚Ê…"ã‡òL‹A ²”ñk©ó¶‚„O누G® Á!NY»jj+՞Á>J!(€QM!º‚ŠötûˆŠk ¹jj+êßE¡¯Oëmç8‚ÕÖ–8.s 01«›VÚµ±9®+ƒ8GgA;]3ÁºqF,LPMm¥sœRsA„44Mó4ÚùÀž®ˆãŠJ×rÕÔVš½ÒüæÕ£½y|a¾{0ïšÆ‹\)6Mêv1ÎN>Dñ ¢jÓ’±3Ü…@:;MinX‡–ÐcÍÙÙÍcœ j :Ü‚vÖeM`Q½‰råñ$&dCšE_Qã‹bWÖŠ¹¤\‚Âˏ3ÒÜÛ]Œ‹C{j’g]Pð£ëUzC J ihô §Ô¹‚5Côë:!+]¾G‘ë\Þ#ÅŠt‡}šQK®•ú¬2£DÔSŠíU€s«ÌrŠ?o°0ÓùY‹RŒ®\…(r±ÊÉš¦¢ÓÇ”©]ñTSÛá#ÔѧTéümœ*aºÚK›Ðì767Ce°×Ü7¡e£îMvFª…¬Þ¤£©qÔ Þ…ÔðÈbZYÙ·Ž’…äW0kõ&wÜú8ä vœrA5©*ö’éjH Žö æ"ƒËŠ*gªœ¬-1,”.@³>ó+.£¥]àóaÆ)øhƇ„,è3ý€>“.¢ü•Á MFÉêäqúC_­Y©Rfæ¡jË0……´YAú›€”Ö&rêCÝ qj¾µ¹™hLªyi&¬ýrÍúc•ƒ¾šRä¢écÎÔ.ô1·>r@ýÌÊzKFiL ­“°+“ðñ)gô4j™\¬AsG0RÅ`ǀÚþþá¬Î4ÑœálðYÁ%Ìæ þ8»1OÏÎÀhsö sÇîËó÷ÐýÌΔËs¹»ÛWåÏ×årwQ®/Ëå¦^oß•¿ëÞ¯îªx/=ìÞ¡zì÷æìóüP?ì#æ22bÍ-³K!ÊXrÄe9ämÏà2^*0"92í'&Ru7ww¿ydÎ~,–Û‹G}ݦñS è惤!`üÂÑ"@†wTŒÄý’÷ìÀi—‹ÁÁ•Ôââ0ÎåWªÞÛ–Üo!šÞì$]˜ŽÍî,àús^pÃnw_DÒ$— !§Öî\DúaLÖ«OîIôÌN•éú­ì„¡I¾¢ä¡W¾Ædíº×eó„ZˆR¤¶›“Ææd­Ti™hk“á=ZæöÏÔ%úFÛtÿ²/¥Æe>O›ñˆ“ -)㛞ðXœ‹ög²‚ÿ¬Éј1ˆ¤Íf3q·ç0äÐ`/x»EOÃ!åpTÖ›˜á­+ê¬WŠJ-Ðd—¦B*rèŠÈ™m„S„†V.·Q.{rp»kO•…®30”‰c/ÿU÷›I4iÃrÌK{à Qœ,µîïXøS~ïœ'Nù‡[³îÎøΆt‚û¦öffmÛ¬”1ÌsÏsòJ3ª²äõnùËA`ÏSŠ-&T! H{¶Åt¬)åZà»Nq¨˜~’ÿDH4zSLo´¸‡z©N‘CÝ\FÚL÷ín#Ô5þ9å|zoŽæqt–)ºDÌr¬N:©2ŒÇ^áѧv~uI¨#mi°¶ô £·¿St‚Öë­f®ü^žÇ‘ ‹ˆÖµ…ñ e‚*;p®Ý2}ƒwψRMjoÔHP”ªŽ X79M|?û’l=¡×õ¦K…‰“é!PEÎBí9&ÙÀp¤24õ@Žåa‹gîÀ—杁ÔÈncÏ@6ãè«4á~㸠 ;ÆW4T¨ýGEõªõ³ñz$K»”™ð>zî¹õW>÷ €ÿß¹wàðÃϽo%àà_›ä5'$4g2͉](q´g’TCR°¬2†…Õpp#í_‘iäp{§PJÕ¦8´7oB!s•Êm7=n,GègõÈ# Þ°ýr3!7_)´Å¥áävÖ¾>i SSõy²ç¹¹ã?óÓùÛ·¯/_šë×Í‹//?LÿIGÕǩݽ‡³hÚ(P«OCÏ9b3‰nd#Õfžn|¤%ÉMõçRSh:Ì%ø6¹Ä”“ uÓ©·3†›T/-*Hõ’” c¬eú¬› ŽCÚùüÄÛ0Õ¨¬" F])̬>f3ª‡1ÃÃ=´;§Ù_Gó‹ |ánçCë‡_´?¯ç¿ëUAwªáîÛ ÃCü÷…qÌl[£ïümvÑH1{tòHæ ÒûŽ.Œ0[6o˜å-Vµ®„ Æ|“'bØÿ™mk1/ £°¾|l™:2Û ÷œ~§·øÈÇyö×øzUœü¨pïþ—}½êíuGÌÞéù«Œ¶›MÅUbëdów„±JRãý¦ÚIY¥N€òT7oߊè°c•S?©Gµ„Çî´Öïí”Õ"¦¨b¡Ú«­ÿU¿f‰8G©N]Û'p «µì†]ëlõRQ5²­Kv¢¯X»I¡GßjìÈw‹cùYlÓ 7G»¢û¤ÌüVâ…_­\QÿêóTãxÿªÏ_zÃðÑ—¢½ä¹6>9B×kmJŒ?>€•[‚iz«Ín* T„}V#¨$&ž˜äÆ6õOk›“Jêÿ»ˆ`îê:ü½7kFs¿á+ôžf~¦gÃÝ°eóË£ÐÅ[hxÕí.dôi»‹¶Ôgøø¥‘ 0Re4ý‡AZ•S 7•sÑúú?¬f endstream endobj 43 0 obj 2833 endobj 41 0 obj > endobj 44 0 obj > /Font > >> endobj 46 0 obj > stream xµZËrǼÏW´oK0š™ž§n4Å‹B R8| x AÒX ÉLZ¿i‡ÿÇYݝٽ;ÖS×Z’ò،ʅ"ççå9́RÎ/±ÎóÞ,5>h¬ê;Ä)h§¦Y}’Ö-H¥õn¤†G-v+ w}·Ô–…É/`Öا‡ÐqÓë>Lhë&DT3%ÅÞ2Ì u»—…s¶M×ϪœIr66ýÜ‚ÒhÐç±~ sÝÊ.ðù~Ä*øhÀ‡„Ìè£ü€>•n@%îùk+46,«Çê}©þm$I%˜‡Ô`e3ô%6i­ÍäèCš`qʾFµ¡™0&ɼ5Õ~¹}Š1å /¥¹Èú”3Ú…>å¶À'ÐÃL®È[1Š1¶H`ì„»¸>¾‹Áý Úv.­CsG°¥ú¶îQ[Æß¿œ§=Mëα6ø ‹téaî±?;Å/ç×î»ós0ڝ¿Ç¾cóôãÇ«wOÐÿÜÆýôæ‹{~óþÃîâÝ“ÊF®Ó››;÷r÷£AîöÖ=q¯Ýùîù9v1†(ìóŽÀ³¹M{)Àë"¦ðqŠà€!Ù>$Bz3Ö.7ÿz‚í`Ü…ÁmvožT ¨¸¹#xЫ­ÉBä&Íù‡}BPƒŽÞ¤Í .J¼:an÷!‰^ÛgŸu¼$0êºM‚·‡°¨á-u"tÁ%ûÉ~\ Ê¡ßM|çiàL:ú"im‘?Laç­9îQÊpœÿ™qLWã¯ôü+ý‘ˆØ¿B¦»ÊFºì,H9üÃò=†¨F¶Ri€@kúp>(ŽD(_…|ÇGSŸÍ,ðÅAmc¾JXsÔ+œEÀÂy)0_Â$8X Ó”å'uÄ(°úÄ YPõpVgÂ/3²Á–¹Íµù”¸Èl~^…èÄ…ýMÑ. †G¬P Ž¹Ú-±Ú£ ©Pí~Í9Q;¦¦ø¸®##ij“µˆ¼R%z ©tQ3©‹Ý(–{µÙ±()PÔbˆû‚š£EÉfµî€›‘ô{-G„*„’þцŒÞÛ ™uª"üøYåþL?dœÓV¬ð†’ æïF gHÅW“?XAò­_J؆X«Çñ`ûâÌ™)‹àç­¡±'8VTSµZ‡qבmfC­ïq)Ñ/P²¿Úq®6u®×Ø[ÎÔ£à9†ÊF¶Uo ÈUB€1V`xH ç0¿'D1õxs)ûQ}´‡¾Å>vÀ5Û¡‡ìÕæŸ!‘nC’0¡;r€ÕÁ¬/þŽeßAÁu¾)9‘ƒ‰ä¬¸X™V!ÒSP̤1âÿ¦Hú… YfÅØáPá;Ÿ°aÇhóá6XEqõtŒm¸Ó*V{û€Z•Yz¨PAÉ¢Pý×d¡©X¤—j‰Eà¶aß…9R¢9”=´|L”­äüÚ3µŠ{,šÕúÐàq«v|CWÐgÿ˜ ýÈef@Þ­Üqñ¿¯Ü‡!5é\¸5­û¡ÇY…PªÃãj>„µC àÈ0+9n܇ÜE†…=Œp"R8CAu“ÝÈ]š“v)”,*9l{DC¥ìz.íÓ…â2™ f*¤iºI·ø™PVZJ šAˆU2ÜxÍ82¯’ÁÕ«¨ª_7ÿ5‚Jƒã(¹¼“Sr“vôFÚV™Ô†šsEJÊi±Ä¹†“ê†Å6›énæO‰´|³êÕæ©)9²¾ÚÕx˜ƒR´P¸´¾Èµrýþ´Ðe´ØÈ1ÿr«:”q“$͈¾®xïuŒdøVS'¼¨íïËòÂZá‚CÞ¤8Ÿøi\!¬mÁœxk$_-òC¢R#ËŠDz(®T4‹ô’Çl¶À… Ê›†µU©$T­4?ÁS¨×kî18}"¢„äÍÎ`a©Ð¥ˆË¼àJ”(õæ"«d5a*Q˜üðr×¥ý¼Ýá~7voˎ*Ä¥$–ì€3åz,gä¯jH¯ŠˆÖ®ryz™"».h’Uœ¾¤87BÙV˜e‹zockY÷u·ÐèÜ+gDzâ;´YmÄ)ábD·Â%¯¤XÂES¯5Kz¨Yjd\"ä¼8ç>ÔÏ­¤[»|óþŸVHðóŽbòÐ6H1H«Í%É†ddž"̽$Š}‘å½G¯îï‰,&ÞÞm9- EO*å^Ä@Â+·'‘µöÍÊÿqSqr°‚çS®èH"‰–éM¥ÛlUžÊA”¾?̵ÉvòǾʸ(ê|·ÝâOÅ/F¤ðŽ:úÄ(°‚ÖcGV? ì:VŒDZØ¢òZ‘“œ¢˜1BGv'‡û+Eœ“¤Ÿ©~½ÕÉwq[ÎìSå‹z("˜‡ :Ï •P­Ôq 9«hÎù/ÿÎ!žû endstream endobj 47 0 obj 3187 endobj 45 0 obj > endobj 48 0 obj > /Font > >> endobj 52 0 obj > stream x•WËn\7Ý߯àr\À²ÞmÝ,´hÐE…;µk;~¤Aþ¾‡’(ݱ6±û/uxHJš{zG÷ä¢ÒÉ&[´Ö–’)ªà‡‚×ôpAÐ-œ>Ú=’V)Ùà‹ÆS6%êTøÉ;ã’[w.¤ÐPö”BiØn¦ããÇÑÍ\+¶å†®èò2õwî3­pñéñŸ® ŒLÄ°­€|ŒÊæÖpbj¯úÜKº6Émº¬l5ßä=#¬ ö?L¬ÆZ±qú\D­¸oèžbâ–y~ÊÖ§ ÅõIeÇJHV•”BXÕ;嘈 hÆœ¢¶ÁÀ6Ö®l5j 6З%Ó¯MC§gê9¨eå–PL„ÎN!G]Րròšùá÷øÐ4 ¢S)”²ìöÍ'†drEÕ:.PïžrvÎhÎto†1ŸøåÍÀ2ÍWt†!1ô‘ŒFï‰å¨&õÜþú.Æ#áãk„)º´âkTÐÙgæÖ(ðð $Ñ­“bm‹-¥‡Íšh£ ‘0SÀ°Û/¹$¨¨?¿öZs^"ã5׀!^¶µpIØÀJË©ceZ÷vB¶Øž¦'Ó)¯ìÒá‚Pü D—pJiø5®•¢+E£e¤»OåÈÑÀéÙgÄëãšW'Xý„]`f•gf¿Q\Ùuå:Eö%?¶I+Vx£e—3•Ö®ø HŒ'RYå;5Õʸ¾—N5ÃfÿB´Û/]ÁN:°'«±ecîÉ$Ñj«³©25ŽÌ;‹ÜV ([o‹â.$W ¬èûCÝqûk_¥ë@4˜Ôwº‡Êt¡ÑÌ|±±>L 4ÓýØ–ƒÏ’nD+žÃù²2#.ø9qʁ~#Zù¡!»DyÏᤘă|ùb…Mˆîªv8ý×çŸ-Ý«Ó¬:´J“U8bv’n͍IòÖÆ~’C_Àuš¹6غ™HMzxÞLÆìW’¥â‹ðzKÑ‹‰7z&q7z»â74 y0gÑÊÈv(Jj´&`Ü„m» ¿~‹Á}šo.†°¹£¸Ro”Çl±~ÜvsvÀ?çÈ::ƇížN¶[Ș¶—¸ll®;⛉¡ÍÕ'K„»,Ý°lΞä՝x?°£Íy÷ý»¾€á¢>ø±š6oäÕíÑÂ{ßf÷äk5àÍ'q¯GÄ[ŽŸÁj0ÿ‡ß â-ääÅõxóEåmßÒ›-½[øK  ]M=ÆŒ/}8¶Ø;\M‡ [[Ôš9ÖŠ­¶’¿ÔZx©¶)˜Ucÿ+.×Nò²‡yá²¢Šî úåó9ÿóqJz÷/]¦ endstream endobj 53 0 obj 1400 endobj 50 0 obj > endobj 54 0 obj > /Font > /XObject > >> endobj 55 0 obj > stream xì½ Ø[U™ï?FÅÑQÇ9ÀxÞ9ÃOð"ÊAªÇŽ”8L™Æ΀%½Tj3-ãC P§h·*XfšW:¹´¦–FÐðaÆ6"„b¬“zÌÅ!3DjN_Ãkp"cæ½×Z{וּ³“ì$;y²Ÿü÷õ\OöÇÚkÝë·öÇúïu¯µÚm, `M V.¤±p(0–`(O投¦õö÷¶ª¥|2¥¸ý~¿ˆ> Gc‰L®X­½}C¦r>s=UÄH@@@@`ihK³Õ&K•|*èóô]üñLq¨8ô+ùdÀÛ7nÇ§r¥¥$iæ3×F¡cf™€ñ¤l ù¨œåLÁ6GàÚp#"‘4â²ñ'vbi”ãÁAJÃ"¾p¡6Œ iV†ˆœ¥ÈV‡‰ßN§f>s=}ÎHF$0Ò£rÄ´pš»àÚpWyÁZ%F ‘𪃚:âõAùk–3òÆÉþ@0bî`V"Ç›È×Ȅ×A#FyÅëõù|^¯UÜO4?Ðj[‰÷Ô(„¸dYá&ìe¦g|æ³™k³•Øy&0ô£ržaÍYÞqmÌY#» ³EÀüîß.S/$d…Á×Él±!7Œ´šå|:$7÷ðp‘LyPÖk1óY¾h2[‘ºÆ´šJ1ÉrÊ—uXZ˜Í̆™†’t”/ß“9‚þÛ3šëþFã(́á•sgγ‹kcÎ/d@`q ¨ã¾XŸŽF1i2þh¦wøf>2…d+}r[N)á½ÁDŸášÕB4 ¢•d%Õ'‘5˝\ëíBþ‚sZf6s=*œK˜ÀÊ%LY³"€kÊ ö€À”4³±p8¡…ý$r=»Ò7òr[©ˆpº4ÐÆj.¦ÊoºÒCx4 š4'ø½U’‘l+Ÿ’_œsˆÙX©óþDZ›ŒóZfFsmd+ ‚€íG%€Í\sWäÈ0€€ ´Ò!ÉÇŠ ™cZ.k&9Ó£KN£—T/Sµ‰±tøpÕLX²ÊXu¬]fB¹n–RÅš†²NmˆÂáÉàp;Ü&n/AØ 6 È~VT¡÷†36OÁ q¥É%š³èߢ¸ZM¶©Å¶íÍ’1×ºò8¦e&”kY"ù¢yÛF@˜#¸M樰‘U¹&ÐJuzÖ4áºç{«¬ô„ñźÅL1Þqa›‘êw>Ö1)žÍHÓ2ʵ\IóÇ s}ñ"ó Ѓn“`°@@–jFv/Mh”U9/šû¸å¶ÿD»ÀØ+9×4íN³$µ-9¨eäXË5*iöÊ¡æšn“¹.~d@@`n(*ÃãM61e£Ðiä /µÙK­ µËÐñžCL {3)‰Œ [Ö*Jö;¦e&”kTÒ¦t™ 7ÀmâæÒƒí `“@]™ó¥GÏ}q™F•Õ.û‚Ü÷ŸfíŒÚîýo#ñ!ƒÔóÒðkbœê¦þm2Ð\Çï£1Ëw Á¦ŽÛoŠßö¦“÷%:å+Ó*›çÈ* 쁹!Ð(%cbaóRš³­Å

I`@f”@Aêáîëê'ÞT†JöDEÅ~¤¬4¥Æªl„ºFu.Ñd1æŎ§ åª^•)á!O*%$÷2£jBZ†ê-åºQÚ’ÌÍÛ±‚•*i–ãÖª¢sº?’¶:“!–/$æ•×n7Êِ4ú‹EšŒµ^ÊMG;étÖÂÉÁc4Ê©Ì:çŠ5ªñ›w±m_NÍI³o$ì„pÚF%ÜîÕ6Nròþx‰q´#^»ó´,mÉÐZJ¿Ýçë{|±LI:kˆ¯å¢z$ì7ih9:i½%MPK§Ý¯U¾Æü‰"Uó"Š|•¡u_ªd.±qn9õîGeÇüñî#ŠÇéòí˜fkmTûkÙˆTÞl÷/jò­JJo”²jä{D.©>Ï¢ÿíœÁrŠ}®r¤ÎêúÚ¨ÑjUÓLOwTƒjEž“ÚŸœæ»Õ°+ à,¹;Lw³K))ë‹ñº±(r€jµÝuÔjÔò={F{¡H"-Ul~fR='W|;íŠñŽù˜q+Éµìü/¿Ô,×»µL«šë#”H|‘’ÕûO¾¥¦©úªÅ`hC¦}dÒJ ¦@¢ûRé”o½Ðq¨3ØSæ6#ñE²„ÇX395Ý=šS¤Ü[¨™ß,Eì–µv$dm ›1¨Ä«éÖöFrýáåd›‚)ãr“S”²×gÕ—Q¿Ps›È©w?*EŽÆ¿(9¡qË·?讣cÙ¯¶2Sš2åú¿'`®TsÈû]™Î,§ØëÚ1GªkD¯ïÊðþì£Q¯¡ø•® ¡t/mÔue`€Ì0þaù(y}ñÏí£fF‘ë~¢2z³u%ÅG5¥šQÁÕ‹óZyJP©ÕVŒwVËP†¹n’‹—?‹Òá †´Ý⇂™¿W×r¦ïú¾`,[,×êF½VÊ§ÍŸí½µ†ÈPÊ—J $s¥HSôBÑŒQ.Jí_P,“/VkÔ9ƒ–F9—0Õ¯{ŽÑ,*ÌJÊduµœ™Ú˜ñ\.—=A …\¾h8M5Ëò÷afm(–.‘5Ôy¤ªR!’·#×øɨ5} Ü«|¡T®P,äÓÉxÐTœO·zeeÖ*wyÔ™|¥Z«Õª•r‰ó"R\þ¸"* 3ˆØÀWG2úܾ͢üE–œrŠâªbÿ½X"•Íf’1YÇÃòµ:Îm"§n]_uâ>’o¥qË—•ñ0ËØöçåB©ÖÊÅ•7¢¶âŒyÈ%ÕÿÊtÊ`9EËkcŒ5¤'¥' ù”šˆ6äÁjøMµnkÈ?}*uSœØ×èÿ–ÒgYµŒ7”îrÀçКå˜R=5ê$æ•`܎ãýÑ,Ê_øÕF¨‰j²ÑÑ\Ù©¹®Œ!çñ&òÕõbZv ñx»Z(ÔKE.¬@2Wê„UW%¥[SwŠ¡D^QE­Z:brÁdɲP†¼MµnU_uæ>"S»³é©|-sÝ{§ö·”Ïê#TMXö$XTJqÜ{Ä`+Ó!ƒ•"³º6ÆÊ‘òÀrÂm˜P]û²ÌZ8ZÏKޞR+¹Z8Ø—ûÝaù¨³ZFî:Ñ…¬UÊ&¦OóÚËHý ÄÇ«XÊ)×¢RŠf7˜Ikfˆc¹–iºËTÎ3­«Î`ÞTï¾Õ¬ôì7[½T´bêÓ¿¦U+æŠÖß……•´\·ÒÑÍ’ôßoêÿÂ#©HíÖ5+5ûþ^*å‰SÉkÅÄÐþ¦#É™Q{ÃVž"Š3‰§»ÞRMKn__Ä4,ƒ9Oµb¾¤:xšÍàeާijr³IϏöÊfÓÕkJ1ªwÿ7ÙZ0÷A³–ŸCÝ&”„œºÉ0:ª–ìè÷‘)!u´ò5A´éýÊSÔԐ'™ÐÊÈw¦úaDµd”[R.)íIDo/ë¾~l*²A×Æð9RnU‹¢Pô[úøÉ÷`&©”° .! ?ö»ÂòQæc6z%ŽšäÖmšb¦G»ŒÄ­^)¦±`U0‘–"bÕTsξP"Åx«zõI :~®‡©¤)cn÷®{›[iÉq‹%“s¢^*ì…ˆ÷òÙ–Ïë½Þ”ç$²xƒ·åI‹,?W²úgç+½è¬¦W“{íôú€ÏNiut“µ{¤o-g’3¡6ùçI+½†»ø(}R¼Öµ}#*Ë“K\ýî±–„µ¬¤°Ìß–•}}æ–5ïét|“r2ÌmÂN“SïzT:v™"ª£•¯”Q;«ŽÙ_VºXö¸®”Ç)] òÓց{D.)ö$êû,Û`†WN±ëÚ?GJ³N÷õ`($Ñi‹îê‚Ôn+~}}>[Ù¹b@f‡@߇°R¤7‚úÒ2ª“ÉpÂõ€(¤âÖ£õ«‚Ú´QívèvJQ^¾“Õ2“G͵ýJš:”ÉÓ£cˆ±ÖT˜ Ȟ!ò…ÄjÞÛF\WÔBéîñ¡fÓZ7É#‡»:ºªÙ –úšÔñgS»À÷=I9èTr*j¿Ywëi*>“¦š¿¢iPA«†=ž^¿ªvJ\ñbò†-RPFì⬤hÊ‘ÉÊjFÒDž®ê%­^?JW SdbSNÝ¡ƒ÷¥%'Dí £”¯ezïtÒ~Óð)ŠNÑ,¨Êˆ©:Ú‘{D8èÊÏ`‘%9EÓµáHŽ:ÖL§|D’J(S’ZÍý[Õá-s{_"8 3L ÏC˜¬VÇ1ëù…ÐNþLÃ;[cf'švµ˜VzR°z³ù¡m+")PNv/óX=äEËH•kû•4eô-e49A\òÄ“Gþ”/$*ù”¡V‰N£ŠEïuÙå¾W‹’ÜÜÖ]c—A‘ͱd2ÑkIJϐϏu_¯¹s*9u·ó˜n…’œZóWzû(fØ+qµ/Lw-]î,Ü5Ì‚’¢š#=ÓƯÚ4HÊŸþE ‚©þiÄ"¯È©›Â;xQŠrB΁ºM²ý¬;ƒzÀÁ¿ŽÚßLIh³³.³¥_gv%S£Þ’ ÀÁWæX¸rŠ¦kÑ©3(ÈäæNšW¦.éDyܲSnÅ7h,A‘/üWèó&û•O»Ô;8jýõÛNN•×¥ÇÓý‘ÜN$Z˜fIò¶fbÆÒ7Øf„ê7I69¦éd¥`<_/>

Wæ8w›mº6cæ£@É‘iVå¤ÔeOš¡,P$ÔµN‹¤*$•ÏPÓ>ׁ€ÀlŸ´¦‡03\î’@Ùž=vfRýLêñ¦Fû´m¤£¼©eÆ) ^ñõrû1ÃR·JN‰§w•^¾L%"¡íS[VÍ7oÙ4ÃtšzVLýA®Q[~7VÏíYÉ)* ÁV”d>ò•l2ØØ”SWÃ;yQrrB¦‚3Œ¡Ùþ>ÁäSz¬;l¿Ü¹Œn&SëÀn„ƒïD#„rKÚØ¡!õ†Ö`‰œ¢zm¨¥iØ;xEÉ¥"–ˆu㥎NÚKP.MÉÇ@ywX|(Ð#Ä/€¸@Ÿ‡0ÏŒü`¤ç¯¹7®Ý+>ZÒJn75œ\󡖹ÿ–ÒÐ0ø ÓbºS'Ûɵ\É1½XUŠ—ÍnG½.y?yt›¾Åªév¶ªÅL$(ËÄn¾Ú-ÓnKÎál4 SÓLI—Øj¾HÙf:?Çì,ñŒåØŝ\õXs*9%«ZºH_¾Lu]9KÕÐ#Ên9û%ÞVêTžÎÜŠ2•öKiÊ)šr$…ÒVûd_„ô½M´åÔÕðNÞG”˜œPŸlÊö÷ ¦YßïÇaû))ed ÅyUéÆΘǡTò>ê-)GbóÊÙ`ÁUNQ½6ÔÒ5G”J=' #i´3J­0†s‚ü¥Âèà/{Ûz‚ƒÞéw½à€Ì>aa©òz¢ªóåÙ̍2¤ë½hÑí×fTF0ÕÿÍò³¼¶ÏŠòïY“îsÀx­ôIĹCvr-WrL/VÕE¨ö iœ§à’OQ.$;I«šõQ1^Zdê–Z¦]ÏÊa¾,ÿž"½X;Þz2d½µ]q?薐"ø .% ?iÕ´ž¡ºìÞL•Ðð•>eŠBv÷Õ“ú·ž“go]ËÄ”*s§–ewÍí+ýÐæ'Øɵ\ɱ.S=mc0Oʬ½ÎPª–‘4ËàIO”ýRß3_o0Keó¥JµÑ­:J“™¥–‘û½šã“¶ý1ë~^²ÍDÿaÌdëG\w*99ž>•Xù20S’êݲÓ?Ÿ²ý/3Sò-)Gb*©î¼ë{F4XœÞ'EùÐÈ9â©X葎ã™7Úiâ’{¥ ¯4zú¬¦âÒ1à@\H@~Òöxì+óšQ Ѧ3’CùâJç[}#5Û_Q¾¤ÙèàÙ+æF½6`©7Jò§d?S®I'õê›Û+Á±öÛɵ\ÉéQ¦š JÿhOÉ d{ՁµåÞô6.¤NDŠGÉãD¶ná”6XËt^å’r1­†“ÊgҎ¦VC]ɁÇ_—Ë…zx|ÝȨûTb•äTÁÒRfßóõš!´–e3ú_f]ñ(ŽF1Öû¨"µÕôü.!§Ø'ãÁºà[ìpÖ~‘€Ô'Ýxæ+ånÙTªdjÔ{Dh*)‹Ìë»F3XœÝ'EGr$R©¤:w‰7D#3×"úõK”üeÀO³ÂµJ‰ÎSÑ¡÷¯Ž ¿ °øúsûC±BµïU¥ZâHs¡n¼Õ¯CÉɨûTbåË +˜òZêJlev}²ý/³îdï}ª†µj^bìUÒz=\äûQ§Ò °F_éŽ-2;öË©›Â;x‘}rB]gmŸ`z¯9k¿–Ž2í)÷‰ª¦R¦‘,­‡:tâ‘šJª7Rò¿e´²5zUˆÕ"QZˆl}±¤î8jÃl9’œŒºO%V¾ºƒÉÞ>6ghªUkrÖe3]f]Œä ¹f:þ¢–ŸëÅùrŠÝ9’ÒP&å¤o/– O2;öË©w…wì>¢\È õɦlŸ`–>«NÚ¯'ÓHJ_›"¹ZUjÝîӍeü{DØURºu¿#L1õOqüéÆÊ3Ò™{2²¥kèi¼ú`2—–æ0wQÝü‚€ÀìèÿîØ)»àŠÇ'É™þUúV%f|6ÒNñçä1X¥Ø g¡P\tjì³Z«Ém2T¢È*ºû”jƒcZ¦ã¼çl®k»'^¡ú¾Tѯç"+$o8Ý£T«jišG´³{!kYËô¨gR(“kb_-ãMZM/>°XYi ʾ?š•«ë¦ZµbÄG}å{:­™Â[l:‘œŒºO%V¹º.띏º¬à}Ñ~£¤7+IVRº†ÉfScÔ¨HŸG|€> „:¼  œ"™/Xêàf† I^zŒÚ¤ðt›%rêÝùuê>2%4zùšØ ÚtÐ~#)¹uÀI&: §æ§‡q [ûé_RJZêƈº6ÆÏ‘a¦œµÎà(ÁTWósgéåMö2TÉ«êD‹9Š&3¹b©\eK¥TÈÆÃÝ1;0UÍÀrRª Ni™ÉåZr0à(}±dšf¢úõjžiX§f©Ó§TcïñüT:•$ä]…ãw+Ø¡.¤¼ÙõÐŒÄÒÙ\.›IÄ"†™–>fm¹‹«nw_¯/‰§KªFÓËÝÔÌÇ¢Fân#TE¼‰ž‹íßq““Q£eèÆKšd,µÏ#‰Tš|,ô›Š^™¿O6cà£Ã ŽÒŠ—›µ3˜q®œ¢QÎT°I*ªl&éÊ=Ó¤¡öŒx´•!o9uëü:q‘mrB㕯9Ƕ²_N%+y7EfY÷–Ï¢¯[jË;;Õþ-)´.)51yk4ƒm¤8VŽ$Ë]Ïjë»F%FGwÊ=Z2« °èlÌÍfÈ%˜0V@#³¨‡ØH%˜ï®U«ö:²5-Ӟ\®M->Ý ½9SÓC³U+ìÝçˆ=ÞPʲum¸IéfÛ+)¾_—_í24\¶ëÅÞ72:I—¬.‰zÒÔòÔ;žþ~hV‘wï+9õØuÝFÚÔÌÙ;ão¤,yàÉf[cD”éÿ(Ý@·«Œ‚®“¢~Uô1–ù"™~ rææàîȔۤ“zŸÏ>cßG”a9¡±ËW8xà ûåTEi- pÏqêäéæù–”{eŽf°½GÏ‘LF@›íõiEi¶èƒÃϧ §Œu˜Q…XG™¨ã:ö1¸‘Õým´·Sï$eý-¼+úf­hÕ Ó3j_(1@!u%1òŽFAîT¢|9Nqâ„rmò~W!úc)Ë‘Øš¹„âü¥žE[ÞXÆR°¬{!Õò²#\WR"›‘­éc­YNÛ«Òš#¥¬sQLGDègJŽ‰ç‘“SüUz;)mßYJ™“,ù¢)6t²¼[âò¹úzEþlß]Äz0íW®1zhðµBªþî3·íP·‰íüŽu‘mŽ—¯‘_{+ãÚ¯¦R•ïbv+ö辤ž¥mvØ.)Ë4G1Ø~Š£åH6´žÊO4Ë1úxxeRÚaÉË)b@fœ@5ŸŽÇl‰ÇÓ&ç󾦬„““R¾lù ¿_¼äŸŸKÅ;ÞPòSÛX÷‡†2µ_z65Ê) S"žÌ8VÕSŸD®©Ë‰á¬Eä|þ@8š oÀ¾_ªÛ­z%C’Ò§Tê}þ`,•«õ=s„©YÉ…eI,ùü¡H,S(‹¤*t)h×&¹(JMĭˆ‹F:­‡ƒ5í²öÊ`¥Ñ¤î!1Sö™Z,Y(;^ì#&׬ä:—>7õ,Ó‚ÑOº âÓ¯à@@@@`¦ T‹Ùh( U»WÙü‰ù *¿‹VŽB¬»T©âP)Z&˜ê;wëP#0€€€€,*V£R.æhrUš]5)þ¥2Ù|©RC¥wQ†'ÞjTË¥|Ž&¿M§R©t&WéîÛ´øVš@«Õ:|øp‹C¾ÿýïÿæ7¿ºp€€€€€ÀöìÙãÁâ(x`ÈB@pX‚èÙ¡ÐÕW_ý³Ÿýl ^âȀ€À¸ë®»^ùÊW>‰Å ?üáI¥Óé(X˜‹LàôÓO?ñÄߊe¾ œyæ™ôTüú׿¾È—#’X¢HËœp K4sÓÎV£Ñ€–™6t¤7«HËlܸñ,óMàرcôTÜ·o߬^§°@@ÀÝ e,?ha"*·€–™o£åZÆí72ì'-ã`AË8Q¹´´˜-óâ‹/>ôÐCn¿§`?€€@7h™nN\z e efGËА,>ŸoéÝeȀ€´Œƒ×´Œƒ0•Û @Ë@Ë̎–¹ôÒK©ÛÎSO=åöÛ öƒ€˜@˘€Œ³ -3=œ»Ä@Ë@Ë̈–ùÅ/~ñŠW¼‚´ÌM7Ý´Äî2d@@ZÆÁkZÆA˜ˆÊí e efDË|éK_zÉK^BZæþà0—±Û,°@LFÔ2­J"Šeʦ؜ÛlVJ…|>—+”š6#mÕ‹ž–B©Þ2Ó¬ðcy:$EWÍ%Âሼ„#ÑL¡j:Ùþ&´Œ}V¹ä Xk™ãGw,„,–жýǞyæxéþ­|~É=

Ï×Ä¡BÌ/ÒY Äó–©Ü -3Ìk-óTveçV3­m}ò™gžÊnÓö®ß«ÖµïY¯Ù–¥€RHS4ž•‡˜Öé,Ùm,MqVg/Ö¦B`ѵÌO©8¢eZµb:•J&ÓUáÜÕªå’1zƒËV*[² ^Î%“©B­#êÅ,ÛSíì!;›¥{éøbZÛI»Î‡7]m–si Ÿ¯èáë%J4•)þ²œ¢3¼áŒžÍFœ   óNãšKŠ­]N1Ýã)°Ð21!l´“[I¦„üù¾ÚIOÈü-c&‚í¥Gàáƒíÿ±¬½°¡¸ý›ßôÉ_?-³ò6³™^–´Œgë½%}÷3¥{·Ò)­]†«ž•·2ÂôZ1i™#÷ïݽ;ß“šçØÑC;¶’·ZhaëŽ{)dÿžøîý¥ãF”ÇíÝß½÷¨Y'°bM`qµM+sÒI'éû%g³/ùË}®[XªþéŸþ鵯}íkælyýë_ÿÈ#¸´L—-[FÏí—¾ô¥ôIêâ‹/¾ï¾û^xá…î¼8 ej9Ö¼A‰“2¢h%áûø?Œº Tx‰7j¸o5“ü´„Ú!FhPºb˜ªµžäë…¸h°‰ð- qº7škײ¬1%¨‹sZå0Ûö“FiãÌ‚PÖˆMh%œylj˜ãšØâA꽍ë ãÛ+Ð2¶Q! k –9ãMí3ÿ€ý?ï´¿ðùöӝ»UÎU_-³£—&ZfåÚµ+èÎ]¿GÂÁlåB¨Ó¢…BË0ýtxï{&xÎØÍûã”î7šønj Š“8zê6–¼gÇ#º™OÝÏw¬?b]aÇޞWËд2Z¹ê?ôN|÷»ß-_¨X˜Ô?úu¯{ï‘9/ÿ>ýéOÓÃoïÞ½.-âSO=Ux{DûßøÆ«¯¾úG?ú‘œ£q´Œ?Qj×ó£+œ*ñh[i®d‚ñ,ë€ß¬Ä¸` ¦Êí†Öê=bÓÕÛ_4£Š\°Ä‹v‘z>Fñ³¾9u¡f‰b%a¹ó‰Ók žŠÇŒÅ¢î%æ‹d™°ªeØV(md¹ž²ý J@hÚ‡ùUYñ“"/ÆIvW eì’B8÷Z†„Œø¢æ¯.jý+&ß³~Z挕¦Nû¼o~ÇÇl펽;˜KÙj½í„{¦­ß}oœí•ÛeÎX¹VêýOÑl3uü§J¶h—ÙñÈSG5!³rÿQ.’4‡·ñûR°'ÙÃûòœ±·ôÌÑýLò¬Øz¿¨£Ý˞k«m覞uúy=°¸Z†¦•‘̨ł‰fÜû‚å 02Ò2ozÓ›ÎÓòío›zKCËèÏoMÔȾg#k¦üA!"ƀfÍ"ÛïjM$tÁ5rÌá+l¶Iæ0a!bªÖu%@jH]t¿/)޶µi“¬Ôß›Ñ|ÚÚyÑÍ…bÔBŒKPáÒÊË­f­”¢Çã‹Sº–ÑÏ1~ñŠp–Sm¸-3¸ž€IËEó–ÿ«ý–ÿÚ~Ûµ?s•á{ÖOË÷š´²õ~Þ£Ÿ{Ž­Þqè—ÜͬĕŽG‰›Ûe¤ÄêŠû»Üׄ–ñ¬£¬½WwÓʎGq„/À|Û4™â 1Çx²gì ȍQËÓʘ.R7˜hÆõ"d†'-3ŽKË1ÞT¢{Ž=ò̱{WнºvÅ°›µÆ¬Ìæ©¿Ö³fýž§Ž=õ¤±f5îNfôÐÏE5O0?õ”á‹8%’Ó% k½ahÞÁŸ©—Rñ³$•-d™´#°u·QØF9¡iÍ@;té‡Ú©dû—~í2ƒúþ¯Ü–}æ™c;˜„X›=šåîfq’ B}È>f+o£qy£­_ÍäÉŠ…{Å p?6ÏŠõÛ¶òeaaë¶Û¶m»mÿaîíÆG‡¦±Ä°ëw[ v™Ë~ç„n¾jˆÛá]g´ãwØðö I/ÒËõåœsΡÌô-öûÓŸþ´×‰Ø °$ @ËL¡X…–yôÑGIKî/C¯oúE¦HȬZµêÀ¿þõ¯E*#kR¾(óãJs5ãÊ¢¡‰ÉE«šŒEcÉ\“§—cs½xƒ!Öª#wð7²\Ëq)¡ë”¶î™&Y¨ÿ?h,1Þ¤"ƈÍ+L°.6¼m¥žÂÉN#K9É̍dÙøBË(}ÿIqFn>fF9beÉèö1æ=omßñ¹vå_Œ÷×2Í'¼&¬µË0-óÌ‘=ÌEôŒ3˜ íe]Z,´iU‰îìÓ΢!žâ#B{vbjåÞû&DÝcôåøáý[iÎÎ#ܺã‡Ù„6+Vs´â^´Ê蔆úÅÇŒÚõœÐ2Æ¥H+Û·o?ñÄå=X˜7Ð2S(qgµŒÇŒ^Å¢çã[ÞòúHEï SFÆÑ2ZãE='ZJ’lD²zŒwh‰¤‹Lδj)>A%€/ڐËdV¯qEGÌhYÎ0iC⃍Ð,ŠF R > ¼Lƒ‰¡ÏëC£ù˜ñ+l´Ëˆ³ÄØ4\ÙmnݽO=¿³ÅÂëçvöNfmúc2;«el^!#j›±w~b^1ße÷awqwùÁzG Xk™!jÁ‹ôÉû·Ñ‡>ÁâãR e½«€Àèìi™Ì¦³èÁÖÎŒª.2»˜[ÀYîå»wm`[v±-±N›¦å¬5·˜â1Êçªi8¿-3úåb}f3x¹ŸW(c=Q¸õyîÙ-㞲‚¥'àj-óÔ¡+ÎXÁ{Ó ×ÿX* Zfâw°GÀ¦–Y`2eÅ.“yp×l÷&±{÷&¶%´ŒXg4fî½—œ}îÝ}ë¦e\Øœµag·>‘Ïí>êìh{—†ýP Ñs%I®iöOvEHhWŒœWk™cìà/¢4¨ÙXUù¹?Zf:·RH`¢Zf“*~LÞÄåÌ sûÎÁƒ&-³wç­7Ý´eË-»„÷Úƒûv/¬¿b y­­_Øq÷.m²wo¿eËMÛd ¡“Ý}ëM[nºuŸÉÎ8®¯@˼*ÀDZÆ›óLÀÕZfî%ˆc eæù!€¼ƒÀL˜¨–m4º† ßoZÅ>‰uí7´káIÞzÿn¶ì¦»Ù恝›øfçߪ-»nož…»ué’ÙÉüàRHÀ¦–Ù4’™…fYà~h;E›ŽÔí2wgöiBfÅö}¼ÅE¸±yÎÚ²“pïÝ·0CRHÀ¦–á¾a+´î+†@Øw+õY¶úVÑgEÖ/òºœVôý¦A´ý¤FزlMRï£i±Ÿ«ËXsLöÖÕ¬ÿÍ…~p'SAgm2·÷ÈiëëÐ2¯ 0€–1ÁæÖóåŠ+ÖoØ´aæíI¦†2»6pvرžVVß””Òê¹ -3SW +Œ–qE1ÁÈ逖qL¸9"h™éÜnH@` {Z†´k÷0‰…Ý\h\° uQ‘õ‹Xß´[iÙ«õ…Ym4»zC;w÷ƒ³»™³µ¶ðsïæÎmk¨{Œ¾d“Û×_±a»PCÙ$s8;뮀ÎÚa§UæàA¡eN>ùäÿ>­å”SN!3)݁Åá`€;w¾â¯ø'ìÛ·Jpÿþý¢—X¶lÙ;ßùÎ,óM`óæÍôTÜ»wï—ñûÞюß1DxA·oß~â‰'Úˆ K–€M-“Ù¥ &vÅ-¤7ȽëÞLFÐrË^Í!¬[ˬٲãî»w³e×Λ6ðêêÒÕñŸâ“Ï}dÀšG2{wÞrË­ò²}ÇîŠÇ™" Ó‰%3•Ó.íV=Ÿ“Xð…â™û¾™Ù£¯gr5~¼Y-&cÑp( G©\M’­Z1 i E’YrOë, ‰ƒ­Z.ðè¢ñd¡ªµp-È•ËéX„’ Eb9ݩ̬e(†dŒg"šRí$Ok­Z–‚…Bd\4‘áyi•sIjþñxƒ‰TºPö6òé8¢%K•õÆŸV½”J¦ŠÕZ>…be¶UÉgbÂôH,“/s

ZfKyîAZƨÏÏóÊŒk™Z.Â*Úþh‘µ¬4I® |ñF»Õ¬æ¨Fïd­æ/;ë-&9. ¢Y._ZõdUùEªí×¢¼öJ鶠xm>@Nb½"Àt“/œ­•,ߌæ)]˳¬i¤ULsk=aJXÒ2­4·:ÏÖɸf%ÆP0U6ÝšB‰ø5­ÑÈF™b!ñBYeŠÄ­4›”½R‚O­4U¦ÁZo´¦'JGÃÉl¹Zo7‹\ôEsK³–gùõŘ­•4­Ù4kHjäBlùLÙ5Ød?6A`LÐ2c´sz¹\¦;ÿÑGµØ©0èûïIŠZÆA˜ˆÊí eæYÂyŸm-Ó`ýDRˆ…jäXSS cÛI»ùpÞ@¬PÎeµB._fú‡s` Ž…¤N:‚“!B@ùcLgñ…\Ñ’n:YÞ¬—Â$åx‹Ë´L«’‡b󗟾Yê`³R*äó¹\Ár@J«¨Zõ"…§¥Pbgii5ªEYQ÷6֎6ë5óÒ0ÞCRvV¡eìPB˜9!`­e~J|jEäS>ã/¼Î—øÂÇG;ÝÕö~$ü±™o]gÔ‡±â^3®ex½êØÝ™Š­k®P\¿ø¸¦ZF[§˜z$"4Z³-þ“–iX|¼ØuÀ*çèc”Uò©P@quÓµ“S’¬ÐÔM,_7ÚeZå”0@ÿ¯§àeí#ÊÒ(H^_Þ@(š- ­!i™n¡A’Š·ÔPÓH4’ëDܬâá BÂÏ4oÜñ’æ2 Ó2ClœŒp‚´ŒÄá2-Ó(Г·ól¹!‹¦jýÑìñExÃ~‘4Š)åM@MÛÜ¿—ΩddÏgŠ”¾’ñïOt¬ÉraZ¸Ãp¿´zƒ–éEû琀µ–y,È>{w/ËßYøž&g לFÇc{Ü[‡å×2¼¹„:øG¢|aÝÔãñX,Y¡/Z=µL”L‹×ŽD“éL”o2-ÃÇÓšrô{ž,Z¢áƒÞ˜V õ~%P8Oe3qR#Š–ÑßW¥h©1d…‘(Å­å!J¿,‰LI7Aþm2ÉH( O(ÍÖÄ8f,k"×3I…´s,‡ÞLµ%2Øi'ªeDŠ§‹Å|",ªK!6¢J-+¶¡D†ÅÅ!îúK±4K¼5ŸF‡‰‰WY”Þف©;}¾Z¦ìžGÖZæûAîË¿¢üØuï-4×¾uyøVy¢ºM…·Îo`·,´Œ!\½2ãZ&Î^/jÃG*&ØK@~ÇÉ뢶Ï{…ˆ»Ä{è²ÂÎ7|wO–žéPòu¼±*ÌQM×2ìv‰²þøbéxjí2šúð'$g„*±Kæ(òRÉ&Bá„îõÕªæìN¥-Ó®q¥,u¢kð=B9Ñ–¸ &Kz*ÅÈ}ÌDÆc©qêšë½È@ëÑâœ!-ãǾ±8«e>ðÐðŒOã2šÈ•´

R³TèjòÑ¿Õù‹‚\š›å\šÂçÙ'3¾ÔK”h*Sü%od—Þ þv’wšðV¶üå%±âhJ@£E:ú´Ìèìp¦K|çñý›^Øûà‹¿zþ7ýMî§eοPv*k E–S¥Êù‡MTo7i™JrMjûÅÉ/›GYÃM%ùÑèºä™‹®©–ù¨§, `Ì¿Ä…è £u¨·HH|»£Â˜@hTbX5ï¡oôýç#A·Š)1R›Ô²£eÚZ;Q$]dú£UKñ€þDÉt‡–“ÌÅ,˜È™R/2ÑÄ.pÑ…Ÿ·Âxüm,‚‚è¶Ï{ßH‰²¸+i–Ý`œGجe¢üC…7Jr©žgSyÒÉÃò䃺Tx¯E/ž…#>1yj‡˜rŠµ±ð†oÍdñNëø[\3®e¬ÇMóùTŒÍÉæ¢LÙi2Çt*WäoyÎhÕÒñHˆÍL¥Y [íz&Nîɼ— ù¦UóÆ´—9ÞÚ¢ßë=¢áβ 6¹&õ—If)ýj.I=wèZ§×V¦Pc~üx$a˜×ª‘[B†BÆ¢§Y,“"L8OIóõ´Å/ Ã4Ïg0ï8EÐXjÔO(–Ðö´ª”Á` ÀlŠ&ÁtL‰RœÍJž¦Þ¤.:äƒAç¶ê…X„(ŠAÞÚµR.™ %™/× ì%Íäžd‰Èt?ƒµÐø'@Ë8Aq@Ò2ì¥Î——¿üåô{ÒI'ɾgãh¦YüA!"ú€fÕktÆÑ— û>š£7}üaƒDCLwHq†h…1ðâ45Q3”–iÿìyrÎ -ã9Ÿàñœ;$$I8q>mž”þg£©åº8ÛsZþ1’9ï§5Ÿhˆyìãìû jq›$:pƒ–qñý8³¦‹·v˜ ,À—f‘¡&|*fÖj¶Ä @ËL¡€…–¹à‚.sbyÍk^CïsËEˆá{FbN8á„Qr§µ¿h)ðiÂX4º¯‘²&1DK}+ ®JZÜCŒ·×¨Éwk™&ÆÐGBQ!}.0-Mî•)V›MjIŠ¶í¤pàñ7õZµRÈhŸzy»O«œÏ¤³Üǘ‡Ñ\|µaöU³llýû¿7Nxóíþäã‘ðK’À…Y[ŒåßïžÇá{6”–i~ƒÝ²¾Ou|Ì´'Èòå ñæÊ…íV?[œBZF“BžUj¾áfÁèH‰Y @ZæU§Þö+Ÿ²;üoÇþK·w‡ßþOŠSGr'ÈöíÛOXç?úYFÓ".Œ]sqåûLìd×±À©¯N3³S²‡Œæ¬,&Ò2'üñ]ï^ûSû·Cíìw|å/¶›Â¿=Ð:cµô·ýX¡e†æ@ðZ!ìxQø" ó¸j¤(@`¤eÞøÆ7ê£ÖNõwaaáú믟j’tL[Œ zAŠxDÅ@âq1>€4­s»*†^I–še6Èé#é¶ø”4j»|Ì:$±¶D Xú˜‰Ž3ïþxë®{^|¶aËÇLJ¦)ï}œ=¨ßñ~Öß_ëû¿ÿºö¹ãy¥²ýá8ºù´W.âÄâö£›üe¾§±Ÿu’ñ}䝬çB¿ÿ¢vÑò8¯68åcv{òEh™%úPA¶@`J¾øÅ/Òûa—‡zhJˆNFÖ2¤bh€~ðƒ4€ñóÏ?/'5¦–Ñú°ÔsšOH¦MžÌVX“K³šãBÇ“ªhŸÔ´!—ÙÅä7ºÊ&µÅ¼ÃT±É3A¤ ’é‰0¿[Íç–ÆZi6Џž H&†>óøÂþ‘ú×Tó¼_ë˜#Oóbå3 Vʹ‡ SF|hªþ¤xwÊV£$|‚ºë…j– »‘€¬eÞÈûþŸzQëú¿¡ôÔ0}ÿÏY‘Ûÿ©âþO÷³_¸P…LF’M£Y£5˧Ð`eMʳ6>³|„&HÖ†8ë6Õãwš”,‘õÞ -Ó› Ž,Bː;ó%»ù’½ð‚Yň¬Z÷—yìã¯é¦ô~ÄÏ ó†*\s ‰&™–i]Ýd¼l¸æM1ÖÙŸ-z—™“Rßc—‰ÅnoQj»™‘*ýÜš-³Dî|d@`ïyÏ{®¼òÊ1"˜ÓSÏ=÷\Ù—¬…ѵ£2ç/ç·0ô‘³ƒ{gäš‹‹ÚgÚ‰u>h³wÝÚ¹3˜qh™^7Hýlš ewNã„V5 Åô±CÝ¶Wš© w@¶ãB@; eìPêcšG¦;€Ø3º–éãÀýÂOL›ïr`h7€–qSiÁÖ‘¼ø¢u+LwdÖZFóÓÔ‡³uï̺Sè#IRj©q6~Ä6h™î[£Ïž2ïpjÌ5`²Q ¯¾˜2é€uÈ{ÅX Réq.vƒŒ@ZfhöO™®–i¦i®JîʘkìÛÒÙsΊ¼êu6¹*:b¶IZÆþm[ä/HÞ9”›“NçJ•R.Éœ CrœÖ¢2k™Íô̼¤ƒÁH,U®Ë Ò¡C% •Z¹Ëæ©K+[Ä

-c—ÂÍh™é‡LZÆî½^Ë’ññiÚè”FQ›I-”bÍ1ÍJF›ø€f´L‰7åPOþ*kni’ÌwŒf£¦Ñ8E+"Js»µê¥X€kcö´V‰56íZ‰p £€–…šís el£Zf0#„˜Ð23¨,¦o´ŒÍ;¾Á§öǵýBËx¥¾3µl„ěӭ£e|2¡ã)ÖH0Íã/4Ä¡@Áðçnäù‘¸¾C„d´a˜4h™‰†–q/´Œƒ0•Û @ËL_8Ì`ŠÐ26odM¼Dr"¼ØôÇ‹ÆéÍrŠTJ0Yêh1V€7*w‘Ñ:Ý6m±2tA`N@ËL´ wïÞÍp³þ/ñ¦×GO|í¬[Éíûæ7¿9Ñ"Cä à ¯};nXW

E®^(”WÌCMM/Y>¨ …âC—É1™Ö¹¦ž£H0&ó—%‚‚À eƀ7øÔ_þò—_ûÚ×¾2óËÿ¹ð¼»tÕÌ›ùúüøŸÿùŸƒ¹#,uËN9õüÓ/ºí£IüÍ3Ï~äÿ¡º4=º‡¸ÞçTË´Ë)¦KâEÖ__s9‹eréX(F"É\YgXϧSÙ¢ÞK¦UMÇ#Á@ ¤€ÉR]n½j³©-©l¹’g£„Òbܲ-E#Ú^ØàCa#€#pÚòÓ¯ïš ÜhüÏ»fëšï=n1tóñ;V^CGï¼úY+-ðܾµ·¯Zv&œÉãY¾lÍæÕßoÉ_µ7xî5»®~Îò(vŽOZf¾È=€#-ƒë€€–Áu®"`©e¿êv¡>Ìÿ—}îÛÛ%rdÓ?jaÎû¦¹F½íß®=C;¸|ÙyçœlD¶ñÀJ$tâÁµéðæO>cŽ„«§}«.¢£×^e}Ôò슴Œ«îZ 0Ð2ÁêºH¡e\Wd0x¾ Xk™;I;,¿à¡#Ÿ}þÈÍϹùÙ‡¯~h-#›UA‘¸ày㞭Éæñ-G®}o£9W>۞{xá‰=kn?‡‡í¥V|x ïut¨J;[€–™ïÇr À@Ëà:` ep€€«ôÑ2ï[uX®÷~{Í•$(.¹ôG7YE»–mÜ|îyô»aÝÓÆ¡£÷ЏçJUà¼ðã¿ÇeËEû¸ðyüªÏñ`Ú¿^jŤe¾ýÉoÞ±fÏç×>Â[mŽ„l[y#ù¹mXù{6ç6¿æ¡‡;­Hϸ|ïç×ôðp³ð3·Y[’+Ð2®ºka,€ÀD@ËL«ë"…–q]‘Áàù&ÐOË|øˆToöŽsY“ʵWuúŶn4„ÏsþíÛ᧿½ðôÁðñƒá§óŠCÚ÷­îçE&bÛ¶éÙƒš¹(æ£Ü|˜5yÎûü'Y“P~Ó=ïc›gîÚòÂÁu7ÒÚ9+¿'ªî/¿†6W)ê¦CZÆUw-Œ˜h™‰`u]¤Ð2®+2lIàW¿j§Síý_]ò×üñ©W¿{ƒé[ý㼿Uþ»–‹îä­!,ü–‡–Óá·ý£h‹Ýó/Yó„ˆJoIÑÛYnüž)*S7søŽbbõmqÔskë!¿µ=[´áÎ4…²ºãööm1†Àúã?ÖdÎ5¼!æ9Mv ¤FnÊû|nBËX>°@`®@ËÌUq÷Ì,´LO48à*Ü×>ãMmï[ò¿>ýM_þ“‹Mx¡eŒF :zôægö|˜ 5æ9ùö‡¹-)´cÕ9W^rΕ¢ó¾Go¸êc«á¶íé]—î¹cÍÞ;ÖîÝ|Îyt–©kŒ--C§Ñrò5÷ë½`4#ö³ÿÌQ–å¬9æù]Ü)nÛÕÏÿøæï±öše;¥F¥N“„)ïó¹ -ãªÇŒ˜h™‰`u]¤Ð2®+2lI “fZæ׿¶y—–QÚe®Ýø܏·ñ‘Ó¨S?ï‰sߥLË/c—±¦–£W?´ù‚Û¼Ëÿ6Þ‹‡zý0ÔéË£d þfœ´Ì>äeh9Ý$-Þ8§yG¶—hê8ޞ›ŽØH?Ú·~ï%¢!æœ{Ž~ö…Äy瑈ذ®#"˜ŽÐÆa–»¨P¨5wn|šN9ºíÙû?¹—wÕ§#i>µè#ãñðT¶|“õÙñ\™àSØ ¼„mzDÛ™ôÕ•¢‹ ef¯1Æ´L7EÔ2—_~ùoýÖo½œ//}éK©øÄ:ýÕ«^uìر¥ô\A^@f™´Ì,—Îôl»Zfz°‘Ò Ì¹–¹êv® Ìÿ–¿mç·iü1m|cÓä˜Ô,r|3×;Z_˜›´ásÔ>²áÖ˜bêû¿oÕyl§:§Qå֎~RŒ$ðÌVíò•ÌÓlŸp3“ÒY%9¶¹Z4y6Óhh‚éM`µÌC=$•^gõ%/yÉ{ßûÞ Þãˆ@TÐ2*yÝ"-smh^3|/!ó­e~|ã»ÖÞ³ëòow®½ç«›ô©0o~:±vï®õOPk‹I ·á‚ÏÝyÕ¿g±•mOð–š+ïÓ‡PŽJÌùþEÔ2/¾øâÉ'[t¾"-³gϞ%ôLAV@f´Ì¬—Ðtì»üh™éF*“%0çZf©TòóŸd L]ƒ(2jÎUŒÈþ"jº‘¯»î:ò(ë4ÉðµN8á?þã?&{›#v@ËH0æx•´Ìu;ÇùGÖ— h—Ë™Ç7þã9'ŸÇ{Ó ×ÿ`í¶¸ZæÉ'Ÿ4 ’6W\qÅRyš î -ãŽrš´•—ZfÒŒÿ4@˸\ËÙÄGZóœwí:ÕëÌåùšP+Òâjº£ÿäOþDtü7DÍw¿ûÝiÜéH@tÐ2:‰ùþeZfÓ|#@î—hÔùç‰À¢k™»îº‹:ÈBæÿð—Äs™ph7•Öälý›ÕÐ2“£‹˜§GZfžjòjìpQ´‹®eþýßÿý•¯|¥Ð2ä`vóÍ7OïfGJ À @ËàB`þú/Û[Ð.ƒkÁý e eæ‰À¢kzd\vÙebj ùÉO~âþ‡r à2Ð2.+° ™KZæúÍŠÑ‚Àô@ËÌSMÞE (2u´Œ˜hÓÊLï)‡”@TÐ2*yÝZ{1´Ì¼–ýÒÊ7´´Ì¹™aZ™¥õ0En@À5 e\ST5”´Ì WO4DÓ -3O5ù 5v¸(ÚYÐ2t_ÓD3¿ýÛ¿ie¦ñˆC ] eºÌ厏ý´Ì\ü’ËôÜh™Óÿøô7½á¿ýÉ›}ø›gï8õ=Ô òõ¯}ˆ;ù}ïhÇï0…¿=ùâ«[¦ö7i¢™uëÖُ à haº8*Ò2[ÿÎÅöÃtæFËüýßÿ=MJˆ‚ÁàOúÓ!Ð2”úñãLJ°AA@À9Ð2αtsLC˸¹ü`»N`n´Œžaü‚À&£e†4ÁA@À1Ð2Ž¡tuDûÆϸ:0h\ П´L>8 à6Ð2n+±ÉØË´ÌÂd¢F¬ 0EÐ2S„¤\IZÆ•Å£Az€–é‰f®¬¹Zf® |ÉfZfÉ-2æh‡@"!-3#±Èf–¹éšE¶ÉƒÀø eÆgˆ–6h™¥]¾ÈÌh™ù+s«ÿ´Œìshמ2h™)Gr &-3aÀ.‰ž´L$ì[a&ô&-Ó› Ž€#-ƒë@`i€–YZå9jn.[-3*;œ7K ef©4`Ë,€–™ÅRM £€–ÝR:“´ÌÍ×.¥!/sJZfNÙ¶MZÆ6*phWÓčüè…Ð2‡Œ¦@Zf ‘„« @˸ºø`/ýsh™þ„pÔ eÜQN°rñ@Ë,{¤ 0 Ð2“ ê¾8™–Ùâ>³a1˜@˘€`L eL@° àrÐ2./@‡Ì¿d%´ŒC(Í¢€–YTüHÜ e\PH0@`Ð2CÀZÂAIËÜrýβ6/ e楤‘ÏQ @ËŒJçÌ&h™Ù,—i[õ‘BËL›9Ò›h™IPEœK‰´ÌR*Mä@ Ý†–ÁUÀ¬þ³ögo p=h×!20aÐ2ŒèA¦LZfÊÀg49Ò2ŸÛ:£¶Á,°OZÆ>+„œOÐ2óYîÈ5,]Ð2K·l‡ÉÙ_~Zf^;« efµd`׬€–™•’€ ΀–q†£Ûc!-½Ñ홀ý О-sçw®Åk×^qÅǎâÞ‡–‚‚¸€´Œ i &^-3ÊHbòæFËœvúòÿzÊÞõ¾Sñ7ÏÞé[æñx¾þõ¯qkMFË4›Í!l@PpŽ´Œs,Ýi™[ors`;pó¤e®üÌŠÿõëñ7Ï~иŽ´Ì¾}û†¸ÿ' e~ö³Ÿ]wÝuC؀  àhçXº9¦‹/€–qsùÁv´ÔÍù…^ÐïCü‚€Àô@ËLõ,§Ä´Ld– „m `‹´ÌýéO¿üå/'Ðô¿^¯¾I@%-ã(N×FFZæ6h×7@˸YË|÷;šÙ|ßUE‘‘ÆÂÝÿðN.Hξ§Á:h¬¿¶ß{ÁCõ-‡¶ðhýÚG«Ÿ¾uá4æ¢þյ߭þý=ú³kz€Å¶|á²GëÚÎ:k»YJ‹Þ.óë_ÿúu¯{ƒïñ¼ô¥/ݹs§q/b@¦CZf:œg=ÿùÐ2³^F°Ïh×Õÿnó{Y•x³Ñ£åå†[ÿŠïxÉ¡e.ºð°œÓo¬yJ;ð&zοsýR/¦¼,º–Ù¿?+¾›ÙYgeç6Ep´Œƒ0]i™ÿûºØ~˜‚´ŒT™7Õ{g|³X ,§*ñ™|·+ÅŸýí½?¸ê»¢U¥Ÿ–Y)k™ÃBËl‡–QŸŽú˜}èCzÙË^¦‰þóãÿXM[ 0YÐ2“åë–Ø/òA˸¥¬`g?Ð2]B`Æ%ŒaÞáÇx3Š$=­üíCåÍ•ÿö;•Íô÷¨âc滇•>MGï}쯯ºè$Vþt@óLã e¬ïç´M+C~e²¡.3ŸùÌg¬ÓÅ^˜h™Épu[¬¤e¶os›Ñ°º@˸W˘›Q6˵dç!sD»Œzˆoý•Ÿ)}a eºn¾Ã9-CÓʘ´ÄïýÞïa¢kòØ 0Ð2“áê¶XW-ã¶2ƒ½V eÜ«eÌí2[î¹ï’[¿zÉí_½ìÖí¬ûÿù²–9óìm_½ìvvô’ÛïþËÛï[÷è¯!CÍ=Ð2VwHÛÁqÌhZê#Ó-+1ÑŒ5yì˜h™Épu[¬«ÞÛ¾ý· {A ‹´ŒkµL±|«ŸéûNWŠG%÷3­¿Ì‡ÐÌpW+Ð2]·ßáP»Œ˜V¦[ÈPK &š±&½ “!-3®n‹•i™ÏºÍhØ] eÕðMþYÚÜ|Õ™¬j|Õ¦-¯ã˜)í2¦q̬r -Óu{ðišV¦[Ȉ=¯xÅ+0ÑŒ5|ì˜h™ @ua”¾ZÆ…Å“»@ËXÕêgI°˜=ÁdÛ¾sß»EeøÊ»ÉgŒæ‚¹áÑòúð:Þ¯ßäc-ÃzÇdþ×ý×éõ÷ÿÝßý]}‹ý>÷Üs]7'v€€ÀD@ËL«ë"%-sÇç\g53h7k/wo?»ûkÿ…¾óiÖËÏ®c§¾î q¦2ü²,ˆŒõÏ­¤€ÚYîÆÒS.¢–‘o=àÄO”÷`@¦FZfj¨g:¡½Zf¦ÆÙ$-ãþJûáòºmŸ}÷%ëΦ¿+·^¸ûÌå,óÀe»ðwL§üjá+÷]öÅ>!¿lèy¥XýÄ¿zÙÝGù›îÇ"gÍX‡–±ù`@0%LZf îY#-‹AA`6 @Ë,ÑJ»Q{ÇŠLZf6ŸC° @`š e¦I{vÓúsh™Ù-X6hh™y"-3ÄÃAA–(h™%Z°Cf‹´ÌŽ[‡£É‘–ùâm3jÌûæF˼浿Ý=v1öÌ'H$bÿiCËAA\@ZÆ…4?ø§Ð2SÀŒ$&N`n´ÌŸöæKƒoà‰ø›gßø—O‘|Û·oßw´Ì°@À e\PHS0Zf ‘Ä̍–9íôåW~fÅ|vxG® è/3…‡ ’˜qÐ23^@S2ïÏÞ…v™)¡F2%-3O=ߍ*ýÜ®@ËLôq‚ÈÿöÞ¾êÌ÷W·»½Ûöÿÿü÷í’þ»} t7ÜF¥M릋)QHºx¯‰Ùà¤@ŒÙ€cݐ7‘„U‚•:WD]›„ 6ØKT-ñšU0ØD°IŒcâ8µ•µ‹]\WÅÞš]-±8D÷yɍdI¶%4£yÎG{4s^gf|¾~žs)@ hBbMt“â•–9ücÅK¡H¥ –!–Ñ“Ä2J¿Q(R€P¿Ä2êï£lÔðûˈe²¡3•¡´Ä2zÉëÖ#5œXFé7 åO êW€XFý}”®úNøѺlDeŠ*@,C,£'ˆe}Pæ¤)  ˆe4ÑMŠWXæ'/… ”V€XFO#yÉ:SJ+@,C,£'ˆe”~£Pþ¤) ~ˆeÔßGÙ¨!°ŒëálDeŠ*@,£§‘¼nÍ1RÉe}Pæ¤)  ˆe4ÑMŠW2ÞîiŠJW€X†XFO ËdüB’¤€æ –Ñ\—)Ra`™ÇêÉ™2%²©±ŒžFò’yB·Ä2Ù|»PY¤) NˆeÔÙ/Ù®Õ ß"–ɶæTž ËËèIb%Þ"”')@ hKbmõ—RµE–iP*sÊ—ÈšÄ2zÉëÖ#5œX&k¯*ˆ T«±Œj»&«[A,“U½©0¥ –!–Ñ“Ä2J½I(_R€ÐŽÄ2Úé+%kjZ~ü% ¼I¬(@,£§‘¼džÐí±LV^+T)@ ¨ZbUwOÖ*,ó‡²VD (¥±±Œž –QêMBù’¤€v –ÑN_)YÓåß$–QR_Ê;[ Ëèi$¯[sŒÔpb™l½Y¨R€P¯Ä2êí›lÖXæÈálHe‘Š(@,C,£'ˆeyP¦¤) )ˆe4Õ]ŠUöúoË(&.eœEˆeô4’—̺= –ÉâË…Š"H•*@,£ÒŽÉrµ€ež »L–E§âP€X†XFO Ë(ð¡,IR@c Ëh¬Ãªî÷®!–QHZÊ6« Ëèi$¯[sŒÔpb™¬¾^¨0R€P¥Ä2ªì–¬Wê{_7>šõR5YàØØØ…´…BŠt?±±Œž –Qä5B™’¤€¦ –ÑTw)VYd™Ÿ(–{þdì÷û 2¡€ÙlVä¶ –ÑÓH^2Oèö€XF‘×eJ šR€XFSÝ¥Xe¯3ËÌEÜ×_ò?ö”=uº’>)+ðõï|qýúõs|Þqˆeˆeô¤±Ì¼_”€ òNb™¼ëÒ”,ÓäJ)¥¾q–91¸E·ÿÎH˾ÿçÄ2i>9‹¯^´ñïŠ2Ò”‰v –Ió9¢ä¤) ËäA'f  EKˆeæ"#±LFF}Ä2s¹Ù’Ç!–ÉÈ­¨õLˆe’?&t• ô ±Œzyö6Ëüãc³GÓ}b™ŒŒýˆeÒ’ˆe2r+j=b™ô%ʁ ´®±ŒÖ{03õ¿ökÄ2sQ’Xc?b™¹ÜlÉãËdäVÔz&Ä2ɺJ zP€XF½ež||öhºA,“‘±±LúO±LFnE­gB,“þ£D9¤€Ö –Ñzf¦þùUb™¹(I,“‘±±Ì\n¶äqˆe2r+j=b™ä ]%H=(@,£‡^ž½ßýjøè?ÌM÷1ˆe22ö#–IÿI"–ÉÈ­¨õLˆeÒ”(R€ÐºÄ2ZïÁÌÔXÆ}$3Yåu.)±ÌÞ£GVm´^÷ÐÙû¢NÁmvë2Û‰mQ'?ºïàë ò!ÿùùS§o“[ß5½wF›·¸b[I{pD~õ캍VÓ»ô¹n‹½ø±ó;åùȏ1þ¶ëóï•ŸÌÎ1±LúO‰‚,sqç¡Ã×.á[¢.XQi:t6á]”&»¥T?utU…Ux¬äEŒÞµ±27Œ¼òcb™ô%ʁ ´®±ŒÖ{03õÿn±Ì\”L‰eöدçÃÂ¥m:„Ï”¹Ð`(¬3GÎ|´ïüàÍ5…yJq„Ä_…ÖÛz¥Be‘ež˜=šîc¤Æ2ŽÕˆ°ðÀ]‘KмbË4Ú¯¢ŒÇ™µ…Ç?~Ø(ž¿®=D{X΋[Ëð8Ol;ÜóÚ{{z§¬ÇO”ð±ha]e¤\q Èã˨ë¦þàƒðôô\ª¤Ë´Å;­ÐºîUñ6;yª„Ý{‹[d7äÌÛ)ᙋ›à>_qXí,ƒÒõ%çñé¨>yÞ|ÜÏ­¨{eç÷ LÝÛrÚ|rª:acŇ+kˆeæò°PR€Èoˆeò»çÚºeWËÌE«4YÆ„ Š>]3Y&¸ G×/Û¹ ‰fËÇËVDL9qXÆ~6Ê9í¼ÙÅÜv#bÅ°ÌÉÓåÝò×̆sûNž¾m§¼ÝL¶£åÂàmêÞǎÝrèô½‘L‚xæà !Iäül#:²Ë$¼ÙN¿þ˯…´‡þfÂ8ì‚B,Ó~tÜ{öÁ¨áúcÛàœÁ~~Ïkþ»:º®e\¼‡?Ú÷Úù;ñÌ(ž9?jv¸®bÛÒu•×=ôsžîl

¾v=u&>èù¸ lN“­««»âŠ+â^¢“¤)@ (­±ŒÒ k#`™Ÿ6j£ª9­eê,sû--'L0ê0\¿êU>ž™Á2¯¾€JŽlɇdÄ2 ïb`™‚χ—|®6¡ççÔoãFVˆe¸ça¡õ–ö÷"Àòæ”õÔèÎׂûN[ wâHï}èv¼?ƒ{{oÁ#Y(‰°·JW6*ƒ3Ä2qŸ:I ºR€XFWݝ°±ßYL,“PÙ…ÔYÝW˜¿ŠÁ°îèêOÅø˜íaÃBàmcã½+¾'üo–s‡}pï)/þÛÜ°ºä5þÍ…eö?‚^CÑm0[ž§cpÏ)d7Ž""½zŠ1×êUÇñßï{[Ø?êÁý¦÷#‹`àÊPEÇÀJ¨*»4Ë1±ŒìžŠ>ä, Ã?_ûB>›ÿ6ìëˆñ=SˆeäH²èzãÆ%‡N™O½'Z"¦*ÁaÌ`y–]‚x~ùwÁCÈÂûÞãÀreËTõùÑ» É"û½«>ª>ÄL··¿‡©¸gÛ¢m7ƒY°wøNüÊ Š¾Á¤T%ø/‚‹;·#Y2Ú:jÇã/0KâEëC•øÕqj(¦2žÚôêTõ@p§ |Ì–¬:Ü;p1òXEŸß×{kÁþ- ×ÆcÌwîâN;+·]éÄÌùtqçCÌÌj‹6˜F·b–ç%Idb™è燾‘¤€ –Ñc¯Ïlsá_„=d—™©Kì™tX]PFËÙz¤ÄØe¸Õãö›¹-†ÿ{œñ"ÜÁ†C ªÂ#´½v€¢æË$²¿lÄøQC&Î2†Õ|U¥G…ÿó‘Ø‚C£Rd¡ðR{õÎ}æÅ7ù8öúbFURä9ËÄÞXÒ÷–áDÃÍ4`h‚ä7Ø/ø-ÄÁÿJ4åà}Ë¿Ît•¸C¢þ7ßc²ÛòÕóåãžiÕ­2¥€ùEFã¥#°CYBžl;ÎGX\7Qœm·Ež©©Jl–Ë“/xLhˆ° ‡B«ËH¤€n –Ñm×G5X柚¢ÎЗx ¼þâ0`91È+ÑhÕЏq+‰¡ò¶‹[àŸ¼Ò:fmÌz™— ûýRÁ}E$Ñ×¾ ¢pqnÊ™ËÌü·°À2,/ÃiI=Œð¬ÜÁÜÌpÆ ‹®§ W™ƒÙº£1kJó‘ç,?‹V~eýçÿg¸¸(óŸï]ƒ¯Í|ÎJÔvfžË¿)Xd$ÓŒüà«ŠWÿf%üç¡àê?ßøwE‰ïºYº`ö„÷¾:ºí©ë¶Ü[Nátø×N#ϲI[ÕÜ’Èí¯æ†uÉ•ëÖµqkŽŒÙ8°(ìb†%7s4PÄð…¼iQk»9}\¼¯ñˆiÅõb)¬(û7Œ²Õäùð«¼&òó–é=‹^Ѐ­ÿ†åÊ“cU¹5G6ÍM^ÿt‰e⽧é)@ èKb}õw¢Ö~{±L"mäç_?sÆ0é°Ì›íäkÞÚ¼·ÁÿvE–N²ÑVÔîÁ%g‰“n¶¡ÛLr–ávœaÂK4dñ3n3í[ì«l‡Klu·œds­82^Ša™7?ºw##…`äk”ñ8°ØòŸ'…¹0Ëd+9ã@!Ïó{ß¼ÈÖO§°=k¢à=~¬d灛ùŽœ|`VX¹Ç±¢Gœ¼Ä¹“YÂÛv¦Ì—„ùÖŸ…÷ý]øg}RBeX†OÔ’,ðn9φî"wScÖ1?4æëqö6¾nãaqˆ‹ÖÆ襆àÀXFð1csÄdSøwÂ:c°d™èc&ñEÄ|îa‘€–Evn’\yY¢eZÑÆ6Ï Ë øÏ*3~'ÚR‘ìb«J,#Ý´t@ ¤€ Ë(¡ªöòüÖŸËÌ¥×2Â20¬’ö‘á¨ÒhE7ž-/ð--„qšèK†ó¬g°ŒðÏ^Hc—Ùxô®¶ÁMÇÏo:~¶ò`þ;_y)†2äyò‰|N7÷v[´í¶‚nuû ô)’M»¾w£¸”|Õè˜Ì“%–Ix³ÉY¦É€SÙÝ·†Ÿ&üa(&‰",w&³»®¿î©aÅaâòu¬Ç¹ô¬Æ¥ ,|CØ+ ò­W÷­‹b™E†­‚­d‹wâÌÅû²;θ‰A€ä_cX6ÄaÂÂÜ6Á'§PÓù!rõÉS7sŸI¶FL恻VŸÂYcò«ò󻌸:ÇÛ)¾°À½¸t€Á°ñ¬£.OŽõ$–‰¹ué+)@ ™U€X&³zj57`™cOjµòY¬wj,ƒK¼âŒi£8æ¨Ã—·å³†£7Çd,pßN6†„ÿ$·Ô!ìD#Iõc|ØÉg² ã™0¯U² ,µ$/GçiåÓdánžlM'–ƒ8efÁAÄE­… SÙ„Y‹fäŸgˆe޳ˈ¾d‰b*Ä20%JbUÙMdX´m´Šä' “ß%ËI¾ÂÜÒ×_)Ü6à‡†‹•1W4ÌËK%ÃRÆâM%fý*¶&3_'™MËÂ{)ùWéÆãà f%üæ“¿øl²˜KðŠˆÉrXƒËöó»„5™qÙùù=ò5™_=…ë3cX">w·ßÌW”%ÇzòT’U+És‘Â%š/“è¡ó¤) ˆeôÓ×ÉZ ,Ä2É®¥Ä2Õm/ÜvèöhـÿµÁÊCÞÛÏß÷&ì'è]÷Ø©mÒ°PÒ¼zþ®ƒló¾×ü•‡ŽÝÆI–Fq¸¤m£÷¶C^Øԏ ™†!ÃòÇND>¸Þ¬,¾¬tb ›åyŒo‚ú:Á÷.ÜóÔ±â X…`Û²-u·Äìô÷[´y‘õN©žó= –Ix¯ï ï³Ê}ÉÅTŠeG´œ¸yc¥±ävø,…e™žlÛÊûú©8€gþZ‘,8[`º KµóȝҞ•°ß¥½®Ø~ä6¾W怸Å$ì_i?v—Äø°[+˜‚?DâU©PÆ2«‹[ÎBÑË`ÿMy¹`÷9tØT[¾®:ˆÏ—õ±Ã«¶À™_'ÏÞ)Ëœå6[[Ûên†½2£j";Ïˆì1ì®´Y—òöÂ^™RÝ¢’ƒžð€C*¶è|Ÿ”YãË$z@èÙ.X&ýG‰r H­+@,£õÌLý—~…Xf.JêœeŽY¶ˆ¯p½LÁ|G¤Ä2s¹Ù’ÇÉËì=d5.b®'bw,šïm‰ø ̒q'yf›GÒ©3±LòÇ„®’¤€ –ÑC/ÏÞÆo^nvÏM÷1tÎ2mlm^œ.l¬™â¨X&ý')G,³Çq;΁u›eÓgR¼ ÒËi÷

±LúOIŽX&Ý®ÏÔ-DùpˆeÒ”(R€ÐºÄ2ZïÁÌÔÿÄ2s’XcHb™9ÝmI#ËdäVÔz&Ä2IŸºH ºP€XFÝ

ežþ§Ù£é>±LFÆ~Ä2é?IÄ2¹µž ±Lúå@ ZW€XFë=˜™ú}!±Ì\”$–ÉÈ؏Xf.7[ò8Ä2¹µž ±LòÇ„®’¤€ –ÑC/ÏÞƯ9ü/d—™]'b™ŒŒýˆef¿Õf‹A,“‘[Që™ËÌö ÐuR€Èˆeò¿çÒBd™§æQçq8ËÜ\qMŶeôIYÏùÖ¯_¯È½ÔÞ.ø|ø£É\M™ËhC2Rb5=”TR€ÈÄ2¹Ñ]m¥¿D,3—>yï½÷¾ûÝe×|ÃHŸtøÆ7¾þ“Ÿüd.‚Ï;±ÌG´ŒŽ –™÷+‚¤@Þ)@,“w]šRƒ€e¼ÇRJI‰H5)@,C,£'ˆeÔôö¡º¤@n –ɍîj+uɉeÔÖ'TŸT –ÑÓH>#nZšÎ„X&•·¥!HüR€X&¿ú3ÕÖËoN51¥#T£±±Œž –QÍ«‡*B 9S€X&gÒ«ªà¯}XFUB•IQb=ä5mRÉHå‰eR|QP2R€È#ˆeò¨3Óh °Ì3ÿœFzJJ ¨Cbb=)@,£Ž÷Õ‚ r©±L.ÕWOÙ_ýSbõôÕ$uˆeô4’ψiCәˤþ® ”¤)/ ËäKO¦×Ø’£µ%½,(5) ˆeˆeô¤±Œ ^:TR€È±Ä29î•,óìÓ*©UƒH]b=ä5mRÉHå‰eRWPJR€Èˆeò¥'Ók±LzúQjµ(@,C,£'ˆeÔòæ¡z¤@î –Éöj*Yæ_ÔT!ª)’Ä2zÉgÄ´¡éLˆeRzMP"R€È+ˆeòª;Sn±LÊÒQBU)@,C,£'ˆeTõú¡Ê¤@N –ɉìª+X¦Í«ºZQ…Hù*@,£§‘¼¦M*©šÎ„Xf/ŠJ yª±Lžvì|šÅYæ9b™ùˆFqÕ©±±Œž –Qç{ˆjE ÙT€X&›j«´¬K—Ð.C,£Òî¡jÍGb=ä5mRÉHå‰eæóv ¸¤)Ÿ Ëäg¿Î«Uœežf^‰(2) Fˆeˆeô¤±ŒßBT'R€È®Ä2ÙÕ[•¥MO£]†XF•C•šŸÄ2zÉgÄ´¡éLˆeæ÷~ Ø¤) Ëäc¯Î³Mœe`HÐºÄ2Ä2zR€XFëo,ª?)@ ¤¯±Lúj>‡>B»±Œæ;’ÆÛnf¸¥ó=,¾zÑÆ¿+Ò´M*Ÿ¾Ä2ùþ SûHR`vˆef×(ïcp–éx6ïJ ̈eôd•HŸ´ž±Lþ¿Ó¨…¤)0›Ä2³)¤ƒëÿýßø¯lbtuþ7Q7,ó…/~þÿàÚU_¡žøî W†'Ÿ|rö ß»Ž‰ÐóqAÙtÌɹ­««»âŠ+æŸb’¤)Aˆe2(¦V³úïË´iµþToR@R@7,óGôGŸþô§ÿ'Ý+,S[[+=³Ë̮ŠH-)@,£¥ÞR¨®œe^8¡Pö”-)=tÃ2W_}õöíÛ')è[±±1`™§Ÿ~z±ÌÍ뻽Ä2Š¾N(sR€Ð„Ä2šè&e+ºˆvbeU¦Ü³¢±Œ¾Çözk=±LV^+T)@ ¨ZbUwOv*ÇYæäóÙ)J!T€XFo£y}·—XFÁ— eM Q€XF#¥d5/2»±Œ’SÞYR€XFßc{½µžX&K/*† T¬±ŒŠ;'[Uû¯ÿB³—Ú³U•C (¦±ŒÞFóún/±Œb¯Ê˜ 4£±ŒfºJ¹Šr–ñu(WåL dIb}íõÖzb™,½X¨R€P±Ä2*îœlUíƒÐ.C,“-½© –Qr4ï÷5Z,VY€/ŽæÎA%ËT"ï@‡Ën¶ÔöŽÅfl³TXšg^ˆ¨–ïÄ2 ¾L(kR€ÐˆÄ2é(%«I,£¤º”wV –Qr”ísÃÎŒ3C‘Å=2‡r{ÝVƒ¡ ¡s.qçÝü¢Œ¹Í†²VöÛPЁ_äç'G|xÅÚ14¿¼s›X&«¯*Œ T©±Œ*»%»•úà?É.“]Å©4Å –Qr\ÝY[C}´[Œ ŒŒu6× Š³–Ü݀Ék;g˜CfM™c ÀaEµ¬ì@§¯³×Ïr•ŸŸŒôû:|ý#˜•,ˆe{•PƤ) ˆe4ÓUÊU”³ÌË/(WåL dIb%‡Ðœej}Q†•±ÞF†3ÅÌ́ŏ vºv‹Ùl¶XÛüŒ†º½`Paoðv2ŽøÛk­,ž½ÖåŒÊVlG ·£ÙÝÖíïïàQí Í~jÄ-Ò†º]ƒþ—ÃlÞïýW”]PÑÐèö B¢¶ææ6 ÐÛu~r¤ßënî– êvÙ-,µîH³û;܍Þî‘¡ÞÆZ»Å­¬í”’ˆõÎÎob™,½X¨R€P±Ä2*îœlUí?ƒh—!–É–ÞTŽ‚ Ë(9†æ,ãðŸ`5V ¤ðó# ø%*Xû''}vnÀÁßd ×¿4tÆäq „Äs7ã£Dea2ŸC–æëWʾX;.8°.EotDêÄ\Ëx*;ó1ëu‹%‹±ŠìýˆQq«TäÍÎ̃e~1>ÞŒÞ ß»Žyz>.(›Ž99÷¯uuuW\qÅÜãSLR€ 2¨±LÅÔjVœeN½¨ÕúS½IIb™°Ìd'ss0h³âÈßî|A눫¿²92cmlº½ × à3S`¢ §—~/NT)²ÏtTAß0eµhË 6”a†öd¸ì¯ðV·þ/|Pˆe¤×¤@^(@,“ݘ^#‚ÿæˆeÒS‘R«Bb%ÇÐ ì2“Âb™¼éP=7„XF%~s©Þ ¦¿v`î…yñ#>œÝÂÀxºÙ2ÎÑ,•¡Zæ°Õ,m³Ùï‚tQì 4€AÌÝÒÚe#BIËâ,ÃËe9¥Â2EÖ¶ˆŒ~/V¹v¨Q]æä#‡K¾Ÿ_ä,#{c^4÷?FúJ R€XFC¥TU9Ëtù”ÊŸò%²¦±Ldðù#Î2W[ww'_G£C0¯ðµ¿&Ѐ)öPz ¿­»šñexr«·_œ}_Ð؍þf#ƒ>+3ßÙeì TŸƒƒA؎æþ³ÅprJÒ²f²z¦Ê:pµ19Œ05á|d¾Ìäd¯¢ÃŠkm|ƒ~¾M¨éKžk© ³Ë—ýÝaÛöð7®ÄÙ1_ûB´Y³*ˆe´ÑOŠÖR`™—-„2'²¡±Œ’CçØ$ÒÝ,Þ¶N?›ñ)6àw×ZÍöÆ6`Ž¡æZ;La–š‘wƒÃá€í*!~¯·÷¡„ù2.Ü›e°Íe…xxIˀó™¯Ù {oB¦ ²\—ðw»›{‡$×4@ØÚ o€½2ûaÿMo'[l-ê|ÀßéntãJË,@{–Š2°W¦pvr2*9ÄôBªA麬ú Æaé1ûeøPmØ´”A ›AÃçþKdÄ221è 4¦±ŒÆ:L‰ê¾ÿ[f—!–QB\Ê3» Ë(ø1KˆeC§IR@ Ëh “”®"g™Ó¯(]åO (®±L¾×G\®G¶|keªí™Ë$}öˆe’ÊCIR@Õ Ë¨º{²S¹ßþú˜ËdGm*EQˆeRS:-*@,£èë„2'HM(@,£‰nR¶’œeÎt*[ åN dAb-ŽÈ©Î©*@,“…— A *W€XF唍êýÛ$Úeˆe²¡5•¡°Ä2©ŽŠ) –Qø…BÙ“¤€ –Ñ@')]EÎ2Ýd—QZhÊ_yˆe´8"§:§ª±Œòï* Ô®±ŒÚ{(õ›œ@»±L¤¦"”V€X&ÕQ1¥Ó¢Ä2J¿Q(R€P¿Ä2êï#ÅkÈYæµ.Å¢H¥ –Ñ∜ꜪÄ2J¿Q(R€P¿Ä2êï#Åk8ñÚeˆeš P^b™TGÅ”N‹ Ë(ÿN¡HR@í ˨½‡²P¿‰ß0–y5EQ¤€² ËhqDNuNUbeß'”;)@ hAb-ô’Âuä,“xKh…‹§ìIÌ) –ù“?ù“…®  o–/_þ‰O|âСCi>B´WfšRrR€È¡Ä29_-E¿@»±ŒZúƒê‘†ºa™Ï~ö³ñQFAß ¬Y³Æ`0ìÚµ+g“ˤ) %'H*@,“CñÕR4g™³gÔRª)²zb™íÛ·§êš”ýtc^‡¹ÂêQ¨ä@ƒÅìh½ÂåÎ(/Ë'¸±LÊ/JH y ±LtbºMøͯÑ.C,“®Ž”^ Ëdh0Ýë¶ ™‚‘Ú"ƒ¡È1”¡êÅf3âcÙûbÏO*\îŒò²|‚XF/ª)@ äXb™w€Šç,ÓÛ­†ºPH´ –ÉÐ`º»¡œ—j;Ç2”ßHC1°Lm¦Ð(¶Vc>ÌÞ‡e”-7¶ÙþN,“Öë‚“¤@^(@,“ݘ^#ãh—!–IOEJ­ tÏ2cƒ¾»Ål®¨¨°¸¼Üç*Ðíu»½þ€4Òt67º›T~¯ËÁ˜í Ík!®Ùlmèè…±L±£³»ÍÌÖZ7–.†±ÁN—ëm¶XÛü²K““#î«Õjw4øúý½¾6oGo¤)ôÍ2#Ý.$Y(²{-пË`hè a¤ƒ0÷ú­ŒYd),Ëgœ-@cÇX³•¥ˆÄ+r÷cn#>Gä\ü#k?‚cŠØ>F:# ±WÖ~/`q‰ 3|Õä,ãoC“’ÁPÖàƒ¶£]&6åj`dõ&–IãeAIIR O –É“ŽL§œeÎõ¤“¥%T¡€¾Y¦ ‰£ÀՍ„ê4ã¾xaГ_Eö> l¶ÀײÚNN"Åö6v~ÄkÇq¿µ&µŒµ1„°· Â%&7Û;Ñ^2æsñŒÑal¤³/ŠÁ|ð7Tp*óöÆ]̺ã@b˜¢ÈìB›N`Ç,bE·1 ²{¾†\,>U§“¹ºA]œÀä(cùÏôUc,SÜÐ=9ÔÁÙÅÒØÍÅY&n¹\ Mÿ$–QÅk‡*A 9U€X&§ò«£ðqf—!–QGoP-ÒR@×,3ÖX\anð¡Ñ$àïíhóÏð3UX-Œ¹ðK:`1«JA™|·ÐxðûÚ:€Bà°³#É0âK£þ±Z†âŽe̍‚¥¿1ÇêÜÒø¤‡àh„%1GœÃÆt°ÕüÍ®Æf4 C¼²TeÜ|ƒÅ°TÅ3æÝðWpÖ±F4KV®Ôíˤõº Ä¤) ËäE7¦×eΦ—¥&T €®YŒÜJÒënp˜Ë¤é-̓l¾ 3Á×vúÛì0à77J[±Œùš]V37h ˜Ýhd™!†"³ÕÎί­u8\à÷Å}̘ …Î\Τ¯±™DÍsÄI9H%C5 Š-V»ËÝlg_1“\Ìe…ñãÕ„,S`¶p8“@Œeâ—‹Öz –Iï}A©IR –ɇ^L³ œeúzÓ̆’“¹W@×,3æ…µÄj…I10½Äkç~bh™ô¢ûWQ£–¢6v®ßÛ`¶4ˆ¾cÁŽ4˜Ý]Äœê–(ö1'0>øï„uÊì ½óeƒE"(Á¦ÈÎÖEô·1ž3\‚`ÒË–(²4úÇcCÂjjÜ.3Öë¨(³Ô¶aåùܾ¿ÌPŸþïÂuÛø|™xåjœbxõ‰eÒ}cPzR€Ð¾Ä2Úïô[ÀYæËäü•C Hœ+@,“ó.È}Æ~‰vb™Ü÷Õ môÍ204ìl†É/,àF—²ý1ÑÍŒ¹_UD\¶àÜP·Ën.«°ÀN•–Z_dKÜ¡Òáp¸}Üm¤£Ñ;pÂ6—W§˜/Û•ÒÍÖjF.`_›{¥4qÏÊf¶0Z »ÍÝÜÖÙÝá¶âFžf»‹»¹1šøݵV3Ûk³± –'j®µÃÔf©#ÞƍÞÞþl‚ٍ¸êhv»½h— øÛÜîŽ~i‘vÉííKZ.+\Ó?æÈ2—.]~±çã»?Nô€ô|\P6èê¬çëêꮸâŠY£QR€ ”P€XF U5–绣È2ý¯k¬ÚT]R`¦ºg™$#ó¡Üײ˜;b%‰§¢Kch•)–°Ç߆M(ÒR”UsV–ùùèåêŸ\úÊêé?¸~ú†ÿVˆef¾Kè)@ hEb­ô”‚õä,sᜂEPÖ¤@v –‰7vél(*à^g¬ÿx±ÔxŽoX8cuØ­VfV2€{›dQc³Y§D,ó~ðò‘ã¯æOVàOø¬0Ëdç5D¥¤@V –ɪÜê,ì—#h—!–QgïP­æ¥±L¼‘ôXw˜3Рá6µŒKçÆ:„ÿЀ‚¢ŠFŸ8ÙGõÍn­bX†û’UT_~ù£åÓ¸\ b™y½E(2)@ hKbmõ—"µå,ó³>E2§LIl*@,“ݱt¶JÀ }–T£­€Ä2àKö€èK&b8ÂH??˜>zâ㸟;¸Dóe²ù¢¢²HR ƒ ËdPL­f5úÚeˆe´ÚTo™:a™ÆG/üÙ‚íÛ·Glé›îà,³áž—l¿$1K¢ƒ?¼~úŠ• ?½5¡šì‹HsÿãëBgIR + äË|ôÑGÿM!e†Þ–ù¨ïlÊPÂK—.eåy¥BfS ïYæÃPx÷6x`÷üÿH,£;t™Ñ`É.Æ/}ùÁüø«eQsdä\“d¾ÌlÏÕ,׉efˆ.“¤€’ äË´¶¶2Wpú‘¢þ©OÂШð÷/Åô”Ì`øÔ§>õî»ï*ù¤RÞsS ¿Yfôá¿YþÖŸ‡}Ÿýìg‰efíuwBÎ2ü ¹|ùòé—ï9pés«¦Á³f$œ!–™ÛK„b‘¤€ÆÈ–yüñÇa$ùÏRUàùGËœ

˨¥3ó’e‚ÿ¾ï|H¸;>f,ä„eºÊàV¯íĝ*S©åj¬¡–d«M½©U]•©’°ŒôHJ¾g«îI}FŒ”[Üò1‹+$Hì(@,“U]Ê;CÄ2ét±L:êe8mþ±Ì¹žð ßÿåWÁ¯L®Ub–is9ÌÌö†æ~n½ls»Ûºû»Û\V‹Ùl¶º¼ÝâØ|¨­¾ù;Ý– ss/C„¡n—Ý‚yTXjÝ>žÇP·7®4*ì ÞNaaä±ÁλÕb±Xí mÝQ«%úÜV^km[ï7±ørs9ìXA‹µ¡±Í/ÔE^î½m®"¨DAEC£Û78Ößánôvu7XÍfG³Þg.,Ãoð=û×_^–ßBüÕ? WޞøMŒZñY&Ðoǁ¾

PÀ'Yf°¯¾'õ}SRõü-èÁÖŠÛóÍ?]&ƒÁTÉqþY¨?±ŒŠúH‹,¾d¶íøþøÿ„/]š£˜ñXf²ƒÁL±Õ0Ökgóâk;G8¡ÀƒÌg֏ô6³ùþnX#€ù˜I,3õqÒ,TÖKˆÁýŒK€Ypòg «·­=þfæ Váeë>êÏÌNchìŒt³É ̸ªòXGfY`i†DQ9`bé`s}`F?œ ô·5pW3¢èT|ZPY‡òã>fÄ2Ä2s|n()@ ä¡Ä2ÊuªßSÁM¶– qƒ²Ñ.ôë0Jû¢Ls®ÂôÀF©K–ñ¿1à K,#ŒÓ—²-)Ø56¹È.3ç>¦ˆé) 9–ù—ߌ3ý;ÚæÕò¸,39Öm‰šn‚.g`8‘X†½„Åvf¦aSûa’‹“þ6q綢D/kà&–ÈÚÎVŒïãnf²LË_µ€—sTäRq3àÄä ut1¾Š¤ŽŠ:FdkJc¹¶Æ^®í|ƒ­ÉŒqôÈÇl^O E&H¼T€XF¹nö QÃåI†•ÔށàÔp—ÇÓÒ7¡š©žÇ3¡ñ¾&'xvUUUÙf ûšl¡±ÊÙÒêç¹NOtyêmjœ-¾)¯ÑžÖŸ?8å÷8Á?ÌVï隘ðÕ£·˜Åéé‘bb¥þՏÿŽ°’‡2õ]Ñ ¯ÄÄm™D–)­ðwA-¡èW+k!4>à©ÇvZl5M-]21àb°§µ©¦¦ÆYßÔ7:1Ü×å뎒’å †d—QC/uÐËÀLÿ5«p‚Ì@ÿ|5ŒÏ20 ø›ì¸Û¤6ÄÜÍ8Ë;šÛܳÅn·Z]m½âàw›÷¾ä'Gú;–Š2°W¦lbýH‡»ÁápÀ.•Ü–x)61:ÖÜ]k…zCŠÆ6X˜l¨¹ÖSg˜¥&:ÕHo#LÍq4à^™>o£» M4ºÄ2ó}p(>)@ äŸÄ2Êõ)wÙ2Ùó Y&ސ^d™È:fñbÑ9í)@,3ÿG‡R¤@¾)@,£\Ê‘Äh*·9]­]}ãS"C{pvŠÁ&ŒÞùW£à¡«PÄèñãˆzŠ‹©/8ï‚$Æ_p†AÓ­Œdª\>Ì24Zb†ª0â0Ï.øR^?´Sã*@,“ÚãC©HR Ÿ –Q´7ÁùÊiá$Cx!TÕw1ž4À!:b ãíh )oò–0‹ÁÒäCû àÌÄpOW–>ôØâK„8’D¦Õ»BÊ=!eL>Á¨BG/ƒ M9ø×Òák8ÌYæí·¸]¢J¡^n—IVb¢¶]X´%âbÇV˜h÷´po7`³)Þj6[‡§*çæ¬2g¥R•Î»!–Á>RIÐˬúNØ~_ʲËlڴ靹…Á“/6,ÞýÓ×æbiF·ÞzÞ°»vÑÜÿ”Ÿ$JH šW€X&]8šîio©)L5]ˆS=è6VZËšM33c;£©¾DC £ÉVßâçÖœ²Œ ㇧‡[Øe釸b:bqkH©ÈÉ¿†Á"ƒv™Ë˜ZGÁ¦„.p€Fb&ÉKLÔ^´M€*Ôzý߸…ezÂ×T#[à ËC– ù±ìÒ& ¶KÙeP@ IÐ Ë|ô>t'ŽÇoÌè/Â!iøÌg>ƒRÀ`°Z­IoÅ/Қ̊KL¤@bˆek“Þ•éQ—¥¼¼¦-+²0ЄãtS=›&3ÍíFçøBJÔè=8ÜÚToÙ|ÂÚa¶¿Œe‚œwL5Nàw½ËUßÔ–äðsæù¿Ãªõs»Œ³‹›z¦˜I =œ)’–p·-¬¬¨y.ãN .¤qR±.ð´¶;ç!˹r+Ì^%–‘ÝHt_­°Ôì2÷V…/_ŽÓû6‡où~ø]qöXœá«®ºê¦›nú)}+ÐØØ:Ž;ïÉÞ9b™ìiM%‘¤ÀˆefH’¡ÓÃl:KyÌòË!Æ Ü¶%ñ©1UÌÍÒʇ.!ŸËfs‰kLOùœèMÆ23aÀß$N¿ÌÆaM0X²Lô1›³]†³ÌÐÏÅ5™E{È„›‘ªüÕ? oÙþͯ£šôñÇáï,Æ/|ó+á矉º$ûrõÕWoß¾=î :©ø|™§Ÿ~ZvkäàX&¢S‘¤) *@,#*‘ùß>óû2ÙzFÀ,üv6ÁÝÀ}̠Ȑ_ZËKšÀÂö—4˜ZýÜ>êb³ú%–1ÚZYv‚]£¦uábz¢Å†PŠ3nb,/É¿†a—L8EX&2g”Íâ«PË0Ø—’”ˆêÅoœ`فÌTœûÔƧÀ˜œ0».Œv5q'¹úŒècËàÖÖ†ÿ¶?«—ãÍ|ç-Â×»Öáí­ÚÐùRø{ׄ¿¾0üÀÎðà¡špM>{w†Cg¶€XF?À’¤¥Ä23 :C zS€XFÁ pšañÈØ‹–(|œ ÛÁ Ñ*Ù;Fù e€&áòc¸¡ó1c•Ã‚¡af­ˆd£}'[“9XÉLâìþä_%–y»-åìd4!Ê",D€V’d%òè3Û¹L^E4¯°é3A¾uô5±Ú°ø³ÐrÙu“+BYbýÔð›æþç¸Îž‰Œü%à`à˜mâIŽ+ñb4ûþ2l׆ëÈ5K¾iÑ×¾þë"Ü*:Ë$áëç±LôcAßHR@ Ë(ÜëÁ¾ö&[U9U°,s×@ôÖ“áp›(‚fYN L·ÁPålòMˆœû]ºêë]M­|¯LX¯Øã´Á†š°×¤«E˜èÙŒö´·F¶Îœöwµ·´v‰™Lû}­²«À28pz{j¶ØlˆÞ±V{no…Ð>̍K JäuŸÑ(ºµ½kÀßÓZƒÂ6‘J‚-©ÕUcÁ>-]°ÔÙT»Ë Sg˜¥òøZš ´ø†G{p–‘%vò‘L°\ËäR}(¦œ˜–FÿÎÀŠÇªs\·9M8×Þ¿'¼â[qhóõ/‡›Ýò̈eô,IZJ,#(è˜ ô©±LŽû=4€£tcM,ád³ZœeRÚ°/ªškK¨­2¥öLtÕ£Á†-àU¢:¾Ëä¾ÕFÙ2$œ¹`Ú ÿþ>N¢‘ês°½2üÞ b™$#|ý\"–ÑÖóMµ%H% –QBÕ¹åjµ•™'•¥=Ù‚EsË-Xo2»LZ,“ᶌ¶°…¥5õΚ¤=6gGæš—Fs3ž”X&ã’Î;ñ_ÆÿÃÜÍ…Žgã4D"0Ѐêg¸*;±Œ~€%IK‰e4÷ˆS…IR ã Ëd\Ò9g6·¯ásùçœ.ã9Ëüb(Œ3Þ–PO“0ã1ÆTÕÒ'Û£&Š*‘”XF UççúÒðW¿¯}!|ôæIÎ채¡æ¼ð8>fà2ÇM6K¾~âð—¾ôÅ믿ÞAAß üð‡?„7¤Ûå˜ý»˜Ö1˾æT")@ H ËHRè÷àŸáØ)-–QH¼é„iq²B…¤-±LÚf"ï±(ï,ÿOý6ùf7ï}] —ëŒáÕ¦ðÝ·†­[Ãý0ü‡ÂÿòOáS/¢]fì—ÿïg~ÿ|êwÿè>K=+ð‡ÿn™zß}÷e÷6-X&VúN YT€X&‹b«µ(¾ì;éØeÔÚ´¬Ô‹X&+2ÏVÈ„¯¹RðźçÎÙ¨ï:,¹vá\ø—#áþsÖÊý?Ÿý}[eQxÐN=+:w?°Ì®]»f½a@,£¨¼”9)@ $W€X&¹>º¸ÊYf$²¡¥.Z¹FËdNËôrÚ½-þWÜ/Ëב^^jOM,£g„‘ÚN,£ö•êG Ê+@,£¼Æª/a ‡Ä2©v±LªÊe:´ÑŒú·•I»éÄ2Òx^ÏÄ2i?I”)@ h^bÍwaú à,3ú‹ôsÒgÄ2jéwi£­l+“†pÄ2zF©íÄ2iŠU…XFÏ#µ]‹,3êsUYêý¡˜gcº§ÉV•öñ3ŸuYʝ­~(rz¼ËVekŽ-^V›éO­¾=QŒ©Q_OOWWϨJw7™ ö9aå·šž$å°šãÖ$Øbƒœ¤`ô$É'I=é)@ dRb™Lª©Ñ¼`X`X –BJ èe._¾üÉO~RúNé+°fÍš”n7!‘ÖXæ~ßîeU›o *³ˆôKSå²z×Ö\£p¹ 5gÎÙje¦ºÊ›ü3nþ ÇäJËÖ‘(óPæ],3íëé &Ù¶ŒQ¼šŒ¶Z؃_ÕÚçïi©aÇ¥]D33ú’NYV€X&Ë‚«±8Î2±nZ¨“NXþpÿðo\ÝLÐ'}V\½ú¦›nJçîVše†!ç‚&¯m¤#6W¡ÁPxãÔœGéó+÷lþã}wÕŒT —«Ps札æXf¼Ýo’ÖQŽS]-®ššg}SßèpSyËŒö´:mjê=í=Bã}-O{ßxäÁ ··xZÚûBì”Þ‡y3– G}­íþ Vé Ÿ§Þf±TUYœMíü˜nÐra™©®V(ÖÓóË7ÉÅʇšª -ñ¸,RA:"H,(@,“‘Õ^Dÿëh—!–IµŸôÃ2?úÁOß:p‰>é+ðWKÊTÎ2þýF§¹¼÷Ï ƒY¦i°L‰Rv™sU8üŒÇ2Ê–;gèȐŒ±âkeB€ ÁÁl¼ú,&”r»L¨½FîÊ‘L­£¡éѽF‚™q’‘±¦‹½¼#™‡†[ñö¥Œe‚}õpÚ >fÓ£5±‘llœe¦2ÅŠžÝP_ Õ[VS}+–.²@èåMžÝ+¡–JSS݆ Ù¥ð ­ç‘ÒšÍ&çîÒ¾w 7oðy¶N‹ …¢YfºsSkÝZóÖñ³”+U@£c™ âg ?šaÀªQïŸ ß—«Š#²ÌDsß*uL€½%Ôçaö4”0Ê0Z„™û^$+O$ó©zFB–¦p%›ò·rfXfÀÅÖ÷Mq¨)ur úœ‹Í£a¥”6…Â!¯Uyø‘…üˆÀ3þP„° &y™¥ô—“‘S€X&cRj7£ó½h—!–Iµ‰eôF"é·W!– >»ÆVò`ÚQ1=Èü¬†¦gE#ËÙ»ÙXoÙèK cY’"ÿ9{ߎÒ#;îoß¼P:ö¾ˆ¹›oŒ>?ó›iŠ1EìÅ¥}Œt‚^>Ø”_6 ´²£ (&,šá«&g™Î l”l(ß_mG†Š B¹åyµµÅ2R

ÎÌd6”(­È,¶ÞT†h0‚OȼÔ8×XZùLÏHæ!¤fÇð?lM€–¬pº‹Œå§o€ã“`ýáWL‚[X`. ‘¿È.#*B¿IÜ(@,“ÝUUj³ËˤÚ)Ä2z#‘ôÛ«ËÜß²Ç_–ýãgÐh2ݹµçɪ)0‹œ«b¦Š"fì¸ßƒü± õå8ËKnß-ôÚº°«ïÉ»‡ÁIlÐ>PI†@|iØ¿‹{ÎÚ9ËXê†ÚGësjŽni|ÒM}3À‘%Y6,ù¹cÐÁV˜ð®÷ÔÝBCÌÓ¬¼²TFn¾AÖ8ËR­˜1ï†7pÅÒrffª‰,h–¬\-ÂKLµÄ2Ì#ËÈ}º’²N½±Ô8YÀµ\®úzÏhÞÑÀ,pgÛǧZEJû¸eG–9·ËÌÎ2øÂõµ{j,å412X¦Ôbã\ìÀ2x¶Æ¦ã!ÈC4_FÔƒ~“¹R€X&WÊ«¨\Î2ãc*ª’¦ªB,“þØ^o9(Ã2ö)F)8„°h¡m÷Z?`„vf"izþ°%¸¤ØÙ*Ù¿¦”ß±ÒçEC|D–‘0³”†|øÅ°Pb—¸ÜYˆy‹¹Ð› ³M°óìê®z\ÙŒQ ÌÙÙo*-ä6–7b”5|n3VoE©lÅf߉g—á~e#|˜¿£0ÉhÒæö£dkײÉ)öa'Z1ªößÍ—8žòâ2hœ8ËÔ±L_°ói/Æ;ÖŒ#Sú$ã)¨6.A`÷±eL•k'Î=:³©†[p¸]æÜÖúµF[õ¬mqÚª Ø`Þý¨¿§½Õ'9{ZêaË*‹6Ë·±äɧ'ü­-->iÓLØòrFæS~ŸÓRUy×·OLôµ¥Ãš­-­lµçðô”ßã´”C¨†Í%Voz8ª&áñ>_kk+¬q†¥ý.[Uyyy•ÅæñùEw³¨fÑR€È²Ä2Y\Å½þÚeˆeRí›y±ÌÇœj9¹Lwùòe½&Ú+ó™›×ãà†·×>7(£€ÓæùyCÁ£ÌHñ¾£À`¸ŠÃØ>`‡¯6«æC}áà+û?ìßÿ|^ßûÎÃË(ñœ÷÷"]õàKû>x½z²gßû={ßþPðD;Hbî¸ôúöG!˳LT3£(†×D–±>ÂVƒ*.äÿLâ`‚ƒöÐóŠÍÎ'…¹ùáÎ þnpE3‚Ç-ÏG/¶¼=‘…‘…l äÑœŒ; îÉ&}¨f‹¡áUa]h¡þkE ›>c“Ïò‘EÀù8á³›øN7²óècÆ&ûÜÍ*³’CCŒâBmÃl ƒ=w?(³k×®\¾ÂẺº+®¸"·u ÒIR@· Ëè¶ë# ç,'AF.ÐÑœ˜Ë\ºtéĉkÖ¬Ù´iÓœ2UY¤9²ŒÁ°þ™ˆ›Ù‡‡¯]"Aã°Œ2ÛŸÞ'öc`‡wô£-†›98˹‰©ö3cÍU2ÓÏ¥·÷úG·.ß^qíî7»Ÿ¶qƒÎ;¯w¾çÔìÇ3oè=Ã2Õoü¨x÷ºÂë wÛ+zå|ÔoëÿÑMV]»½bù>ÇúWNGZ 5™ÄBWíÛyÓO[ßv€±)‚lb=e”§ËÀàvÜ»&¿”—Àg©s¿|L°†le–F\¶péæ͞ËÊ×Õï(ªª,é{A†}p‡ÊúÝ7¶6óÕl=u7ZÖ.­‚m.w¯è÷ÊÄ])oek5c*¶Iåúai'M¼ºž-Œö€ÿÉ[ÛŸÜä÷ÜZÃ÷åtn@៻Z«M܈seË“°¦µ½zeÍœÃk2pdmÓþÒ¦ºŠáïÆ&Üq+Ú•.X{\·¶ÙÄW`ëzä֞…5À9 /=R1z.i¹R4{@,£²7%U‡ r ±LDW[‘½Ýh—!–Iµ_’³Ì›o¾yß}÷ýñÿ1Õßu×]©–“Ët³±˜NÖÛoÚmÜi¼À¸cQáƒ;#{†*Oô˜,2Wí~&20æç,"ãÿ—*Ѹ³hùIÌ6Ë0×5ÇÛl¸ÎÅ~:¶O¾µ÷$3;ì~IÌù• »1Ûâ3r»Lÿ®ã܉É`)l@¬ÌëÛŸˆÊ¿ìs{w``’E‰.±\.Žr,#ÐA¼Áù”çF¨_)wÄŠ!IÚ]º¿—_[Ìg÷@&žÄ&˜´Ô‘×”œX&—¯E*› Ô¡±Œ:ú!§µà,ó›_ç´.<.>úè7¾ñ zýîïþ.ã~ò“ŸÜ°aƒ›:–9¶ë$P®=ÎÝÌN›÷Á·­•ý?·±ªP …÷Ä̸gËׁíƒ}n*à1—

ÖOãk”{›dQ–T(HL•ˆe´ø:¥:“¤@f –ɬžšÌíì´ËˤÚyr–é0k×®ý½ßû½ßùßùÄ'>ƒc1ä5ˬ~fÿûÖ3Ÿ±;¬~NF&pTåÀße>i¢]F~]ËÐÍç?ÿùïÿû«Ä°’…Ä°B&–‹áz1Àá:1‰áZþRßÃ2¾#†B1|›…o‰a©¾É˜“x¸F|ÑÒÄsÿÁÇlõӎK¯T ›ÙVóä[6‡å7X@dóýE–)xô•ýn16˘FÄ™w¶~N4*9Meûn¸J°(ñ¬‘eøÒjQeB+äsmÄ®–ù„áp?¤ 7^ûm ¼Ó¨í0h]&餑OÐtnÄ2:ÿëCÍ'HPÆE7nÔ´?þø§?ýiM7!Ç•ç,3ñ›WC³Ås–ioo¯©©ùò—¿ƒÌ$,ó•¯|¥BwŠáoY÷3`N w³P)xTyÀUL«ªÌbøßb€…x¸‡…ÍbØÂÂV1lÃv,b¸W;XØ)X% ¡]³°&ª_ACÆòç^º}½ª6¼‹Ë,ÇÚeÄI+¶çØCE…4%?>p'.a¾LÔ„9&

fµlÚ‹da¶€³åøƒl%¸Ÿ>·ºjÕƒ?ªxn'óFK‡e€¦þǧ~oëí…š‡SåÓW ßY7š©j€?°~r½¥Üh45Á>/ £í5S=­z“!9)R g ËäLzõüÚ«h—!–IµGä>fÇ«¯¾ ò™Ï|†ÍàT†k1ÀW –TËÉeº9Ì—YÍ\˸›™a˜3ÜíJŽ'òc䈎õhÇø¦Ãsÿ•Yj š°š}Ëû"Ë$rßšÄýk07Áüñ–Õ ß%fÌv¸I¶!õù˜¥?f¦Ô©@~³Ì°WòhÇ]\Äý1 ÆX†ïƒYîñçòÝJe“¤@Ú Ë¤-¡ö3Xæ=í·$7-ˆa^‰‹/z°eÌiœNÂ"|n·{ûÏlï‡Ï‰ígì×.ÇÜ0Gœ/åÐ%b‹”ÜûfâÆ—¯Ûz·2ëIa±„'ïT!daØZ 6#L+±Ì[Þ®À+Kö˜ùÿwøêdh]æ×Ô½j9$»ay3[p ð0¯pîæþO¿¸Þh0öœ±O¿\a[»Ô¶ãÖ ljIèùõ–’e­Òôù»Ú«‹Ä )ÊåË2_Øêª\fÃ¥’eŸ;–Õ?²uÜSZµv¥ÖL¾`©_+ËMVPdð?3ŸÍ+[›s4sg.ŽÛ Xqz.z&HQc..XjjŽðÕ°“ùÅå3Ë„Êá¹²´²ý(CM8å«´'”Þ‹lFê®Ø¤ÈÔŶÁœq‘N¤€6 –ÑF?)ZË׺˜]†X&E•ã²Œ”×ØØØßÿýß_uUyÉ2O߃ù%Âä÷}ÌÍÌXxàÃçØ‚ÉäÇ"ƒp“,ŒÆ,±aõa†'Àh(rs`HÂÁä•Ê}±IÙ÷²7x„§oâÛzFöÁy}ËAˆ²“QÉi3cøÜröÍ7ŒPDæÎJ¿–c««{×I'¤ƒÄ•„š(9÷ßÖ´Â`(Y;°ð+¡FòQq°¹ÎÔ7Ãþ•0HÞå‚È 5›MU+`dZÙv™á³U8~œ`Iä¾ÝsÛ˲ 8È)ä–`ԝ Ÿòý›æ>Â=‹}º’”¢Òž½ò©7÷œ{ æôL @‚Š%)m{jvØI˜m³Ì@¢LZa¦‡»ZªpcT“ÓÓîŸ@ž ÷59m8ÛÚQ;]Â|™`•^1»·Â—{+Ly]„Ýj î}ãðúç:ªÙšÏ`¦±žÙ³|ãM׬¿éš°WfÄÛÍ8|ó¾Šå»«–?ø°ùíÁ“ßüàÖb7³Ô€Á蝇ù›ËlÚþΉ{žK^IåX†·›žÅ-/ƒ^Ä–J£b~’³?.ß½·›dŸašhL;îƯçeL»ñxú‘Æ| xƆ©Î!ˈd”`È-äSÅ‹€ŸÁ+%Í>V—’L³¥Ø\^i+Ïe±VH©øALÚÐY[辏ç„wmÏÄ`(¯\3zÎ|viÚŒŒ‹XœÜšcmݽŒOM%E>Éenðþ®êeÔÁµéý˜´ç¶:W[žåM†Ÿ‹ÄAîBgPaV¥}®Òr¡-K}/FØ0‰žÐ®™•GÑÎm¶=OVÔ¯]Èjf¨©‹Ø¤â‹6h¨^I*‰/?È[–a`brv ¯¿i\nß8HW

Thanks, HN: You helped discover a disease and save lives

18 July 2014 - 7:00am

Matt Might and Cristina Casanova met in the spring of 2002, as twenty-year-old undergraduates at the Georgia Institute of Technology. Cristina was an industrial-design major with an interest in philosophy; Matt was a shy computer geek obsessed with “Star Trek.” At first, Cristina took no notice of him, but the two soon became friends, and that fall they began dating. Within a year, they were married.

The couple had their first child, a son, on December 9, 2007, not long after Matt completed his Ph.D. in computer science and Cristina earned her M.B.A. They named him Bertrand, in honor of the British philosopher and mathematician Bertrand Russell. After a few blissful weeks, the new parents began to worry. Matt and Cristina described Bertrand to friends as being “jiggly”; his body appeared always to be in motion, as if he were lying on a bed of Jell-O. He also seemed to be in near-constant distress, and Matt’s efforts to comfort him “just enraged him,” Matt says. “I felt like a failure as a father.” When the Mights raised their concerns with Bertrand’s doctor, they were assured that his development was within normal variations. Not until Bertrand’s six-month checkup did his pediatrician agree that there was cause for concern.

By then, Matt had a new job, as an assistant professor at the University of Utah’s School of Computing. It took two months to get Bertrand on the schedule of a developmental specialist in Salt Lake City, and the first available appointment fell on the same day as a mandatory faculty retreat. That afternoon, when Matt was able to check his phone, he saw that Cristina had left several messages. “I didn’t listen to them,” he told me in an e-mail. “I didn’t have to. The number of them told me this was really bad.”

Bertrand had brain damage—or, at least, that was the diagnosis until an MRI revealed that his brain was perfectly normal. After a new round of lab work was done, Bertrand’s doctors concluded that he likely had a rare, inherited movement disorder called ataxia-telangiectasia. A subsequent genetic screen ruled out that diagnosis. When Bertrand was fifteen months old, the Mights were told that urine screening suggested that he suffered from one of a suite of rare, often fatal diseases known as inborn errors of metabolism. During the next three months, additional tests ruled out most of those ailments as well.

As Matt tried to get a foothold in his new job, Cristina struggled to care for a wheelchair-bound child whose condition seemed to worsen by the day. When Bertrand was hospitalized, she would stay by his bedside, often neglecting to eat; the constant stress contributed to osteoarthritis so severe that her doctor told her she’d need to have her right knee replaced. In April of 2009, the Mights flew to Duke University, in Durham, North Carolina, to meet with a range of specialists, including a geneticist named Vandana Shashi, whose clinical practice focusses on children with birth defects, intellectual disabilities, and developmental delays. After five days of tests and consultations, the Duke team told the Mights that there was widespread damage to Bertrand’s nervous system and that some of his odd behavior—wringing his hands, grinding his teeth, staring into space—was likely due to the fact that his brain appeared to be suffering from spikes of seizure-like activity.

When Bertrand was a newborn, Matt joked to friends that he would be so relaxed as a parent that he wouldn’t care which technical field his son chose to pursue for his Ph.D. In May of 2009, the Mights closed Bertrand’s college savings accounts so that they could use the money for medical care. That fall, Bertrand was rushed to the emergency room after suffering a series of life-threatening seizures. When the technicians tried to start an I.V., they found Bertrand’s veins so scarred from months of blood draws that they were unable to insert a needle. Later that evening, when Cristina was alone with Matt, she broke down in tears. “What have we done to our child?” she said. “How many things can we put him through?” As one obscure genetic condition after another was ruled out, the Mights began to wonder whether they would ever learn the cause of their son’s agony. What if Bertrand was suffering from a disorder that was not just extremely rare but entirely unknown to science?

In September of 2012, I visited the Mights in Salt Lake City, where they lived in a two-story brick Craftsman bungalow. Matt wore a striped Brooks Brothers polo shirt and jeans; with a neatly trimmed beard and shoulder-length brownish-blond hair, he brought to mind Björn Borg of the late nineteen-seventies. Cristina, who is five feet ten, with porcelain skin and long black hair, greeted me with a hug and a wry smile.

In early 2010, the couple had decided to try to have a second child. This was a gamble: if Bertrand’s condition was indeed new to science, there was a chance that it was caused by a spontaneous, or de novo, mutation in the egg or sperm cell, and was not in Matt’s or Cristina’s DNA. On the other hand, if the condition had a genetic history, the Mights could pass it on to other children. That summer, Cristina learned that she was pregnant, and on April 14, 2011, she gave birth to a girl, Victoria. Within minutes of the delivery, Matt and Cristina knew that their daughter was healthy; she moved with a fluidity that Bertrand never had. When I arrived at the Mights’ house, Victoria was bouncing around and grabbing at her mother’s sleeve. “Victoria, you need to wait for Mommy to say hello,” Cristina said. To me, she added, “I had no idea how easy we had it with Bertrand.”

Bertrand, who was four at the time, was on the floor in the playroom, around the corner from the kitchen. He had round cheeks and a mop of brown hair. As with many children with genetic disorders, he also had some mild facial abnormalities: his eyelids drooped, and his nose was smaller than is typical, with an indentation on the bridge and slightly upturned nostrils. Two years earlier, the Mights had noticed that Bertrand didn’t produce tears; every time he blinked it was as if sandpaper were scraping against his corneas. To keep the resulting scar tissue from causing permanent blindness, Matt and Cristina put medicated drops and lubricating ointment in Bertrand’s eyes every few hours, which made the skin around his eyes look as if it had been rubbed with Vaseline. Because Bertrand doesn’t reflexively align his head with his body, his face was often pointed away from where he was trying to look, and he ground his teeth with such force that it sounded as though he were chewing on rocks. Yet the Mights told me that, for all of his medical issues and his many hospitalizations, he seemed oddly immune to more ordinary ailments, such as colds and allergies.

I had brought each of the kids a small plush doll; when I placed Curious George on Bertrand’s stomach, Victoria grabbed hold of Harry the Dirty Dog. When Cristina went to get something in the kitchen, she warned me not to let Victoria bite her brother. “She doesn’t understand that Bertrand just can’t interact with her the way everybody else can,” she said. “So she gets frustrated and does everything she can to get his attention.” Later, when I was lying on the floor with Bertrand and Victoria teetered into view, he seemed to flinch.

That evening, over pizza in their dining room, the Mights told me about a pattern they had noticed when Bertrand was a year old. At first, they said, he seemed to represent a challenging problem for each new specialist to solve. But, as one conjecture after another was proved wrong, the specialists lost interest; many then insisted that the cause of Bertrand’s illness lay in someone else’s area of expertise. “There was a lot of finger-pointing,” Cristina said. “It was really frustrating for us—our child hot-potatoed back and forth, nothing getting done, nothing being found out, nobody even telling us what the next step should be.”

Then, in the summer of 2010, Vandana Shashi, the Duke geneticist, contacted the Mights about a new research project that was exploring whether genetic sequencing could be used to diagnose unknown conditions. There was a chance, Shashi said, that by looking for places where Bertrand’s genome differed from Matt’s and Cristina’s, Shashi and her colleagues would be able to pinpoint the cause of Bertrand’s problems. The Mights enrolled Bertrand in the study.

Genetic testing has been a part of regular medical practice since the nineteen-seventies; it enables doctors to search for mutations that cause known disorders, such as Tay-Sachs disease and sickle-cell anemia. Genetic sequencing, which entered the popular lexicon with the launch of the Human Genome Project, in 1990, allows for the opposite type of search: comparing the entire genomes of people who suffer from an unknown disorder, to see if they have genetic mutations in common. Sequencing also allows researchers to compare people who share genetic mutations, to see if they also share any previously unidentified disorders.

For years, sequencing was too expensive for common use—in 2001, the cost of sequencing a single human genome was around a hundred million dollars. But by 2010, with the advent of new technologies, that figure had dropped by more than ninety-nine per cent, to roughly fifty thousand dollars. To reduce costs further, the Duke researchers, including Shashi and a geneticist named David Goldstein, planned to sequence only the exome—the less than two per cent of the genome that codes for proteins and gives rise to the vast majority of known genetic disorders. In a handful of isolated cases, exome sequencing had been successfully used by doctors desperate to identify the causes of mysterious, life-threatening conditions. If the technique could be shown to be more broadly effective, the Duke team might help usher in a new approach to disease discovery.

For their study, Shashi, Goldstein, and their colleagues assembled a dozen test subjects, all suffering from various undiagnosed disorders. There were nine children, two teen-agers, and one adult; their symptoms included everything from spine abnormalities to severe intellectual disabilities. The researchers began by sequencing each patient and both biological parents—what’s known as a parent-child trio. There are between thirty and fifty million base pairs in the human exome; the average child’s exome differs from each of his parents’ in roughly fifteen thousand spots. The researchers could dismiss most of those variations—either they corresponded to already known conditions, or they occurred frequently enough in the general population to rule out their being the cause of a rare disease, or they were involved in biological processes that were unrelated to the patient’s symptoms. That left a short list of about a dozen genes for each patient.

The next step was to search through databases to see if any of those candidate genes were already associated with a rare disorder; if so, the patient was probably suffering from an unusual form of a known disease. In three of the twelve subjects, that’s exactly what the researchers found. Two others had de-novo mutations on the same gene, which meant that the Duke team had likely discovered the genetic basis of a new disorder. As a diagnostic tool, sequencing seemed to work. In several of the remaining cases, the technique helped identify genetic mutations that accounted for some, but not all, of a patient’s symptoms; in others it simply determined that none of the identified candidate genes were involved in the patient’s illness.

Then there was Bertrand. The Duke team thought it was likely that mutations on one of his candidate genes, known as NGLY1, were responsible for his problems. Normally, NGLY1 produces an enzyme that plays a crucial role in recycling cellular waste, by removing sugar molecules from damaged proteins, effectively decommissioning them. Diseases that affect the way proteins and sugar molecules interact, known as congenital disorders of glycosylation, or CDGs, are extremely rare—there are fewer than five hundred cases in the United States. Since the NGLY1 gene operates in cells throughout the body, its malfunction could conceivably cause problems in a wide range of biological systems.

In September of 2011, Goldstein sent an e-mail to Hudson Freeze, a glycobiologist at Sanford-Burnham Medical Research Institute, in La Jolla, California, and the foremost authority on CDGs. Goldstein told Freeze that he believed he’d found a child suffering from a glycosylation disorder that had never before been seen. That November, Goldstein shipped Freeze a supply of Bertrand’s cells. Freeze was unable to find evidence of a functioning NGLY1 gene. He soon reported back: Goldstein’s hypothesis—that Bertrand suffered from a new glycosylation disorder caused by NGLY1 mutations—was almost certainly correct.

On May 3, 2012, nearly two years after the sequencing study began, the Mights met with the Duke team in an examination room of a children’s hospital in Durham. Shashi explained that Bertrand’s condition was probably not caused by a de-novo mutation, as the Mights had thought; rather, Matt and Cristina each had a different NGLY1 mutation, and Bertrand had inherited both. Matt and Cristina had only to look at their daughter playing on the floor to realize how lucky they’d been: Victoria had had a twenty-five-per-cent chance of being born with the same disorder as Bertrand. (Later testing showed that she had not inherited either parent’s NGLY1 mutation.)

Goldstein, who was meeting the Mights for the first time, spoke next. He explained that, until other patients with the same condition were found, there was a chance, however remote, that Bertrand’s disorder was caused by something else. Moreover, without additional cases, there was virtually no possibility of getting a pharmaceutical company to investigate the disorder, no chance of drug trials, no way even to persuade the F.D.A. to allow Bertrand to try off-label drugs that might be beneficial. The Duke researchers estimated that there might be between ten and fifty other patients in the country with Bertrand’s condition, which would make it one of the rarest diseases in the world. “That’s basically what they left us with—‘You need more patients,’ ” Matt told me. “And I said, ‘All right, we’ll get more.’ ”

As recently as a decade ago, researchers could spend years trying to find a second case of a newly discovered disease. When a paper describing two or more cases finally appeared in one of hundreds of medical journals, it still had to be read and remembered by clinicians in order for awareness of the disorder to spread. Genetic sequencing has dramatically sped up the process, theoretically enabling a child like Bertrand to receive a tentative diagnosis in just weeks or months.

But a number of factors prevent sequencing from reaching its full diagnostic potential. As a matter of protocol, researchers typically avoid sharing test results with subjects until the research is published; the Mights didn’t learn that NGLY1 was the likely cause of Bertrand’s condition until months after the Duke team reached that conclusion.

Researchers also hesitate to share data with potential competitors, both to protect their funding and to insure that they get credit for their work. In their attempt to confirm Bertrand’s condition, the Duke team searched for NGLY1 mutations in everyone who had been sequenced at Duke, and also combed through an exome database maintained by the National Heart, Lung, and Blood Institute. This gave them access to the genetic data of more than six thousand people—a small fraction of those around the country who have been sequenced. Isaac Kohane, a pediatric endocrinologist at Boston Children’s Hospital, told me that many researchers believe, incorrectly, that patient-privacy laws prohibit sharing useful information.

“If you want to be charitable, you can say there’s just a lack of awareness” about what kind of sharing is permissible, Kohane said. “If you want to be uncharitable, you can say that researchers use that concern about privacy as a shield by which they can actually hide their more selfish motivations.”

If a team hunting for a new disease were to find a second case with the help of researchers from a competing lab, it could claim to have “solved” a new disease. But it would also have to share credit with competitors who may have done nothing more than grant access to existing data. When I asked Shashi if she could imagine a scenario that would result in one research team’s publishing a paper with data from a different research group working on a similar project, she said, “Not that I can think of.”

David Goldstein added, “It’s not an overstatement to say that there are inherent conflicts of interest at work.” Daniel MacArthur, a genetics researcher at Massachusetts General Hospital, is even more blunt. “It’s an enormous deal,” he told me. “And it’s a big criticism of all of us, but it’s a criticism we all need to hear. The current academic publication system does patients an enormous disservice.”

The National Institutes of Health is taking steps to promote the sharing of genomic data about rare diseases. In January, the agency awarded nine million dollars to researchers at Harvard Medical School to coördinate a nationwide network of centers for rare diseases. Each center will mirror the type of work being done by the N.I.H.’s Undiagnosed Diseases Program, in Bethesda, Maryland, and each will be required to share its data with the others. Kohane, who develops software to make it easier for institutions to share information, will organize the initiative. “It’s creating an ecosystem that I think represents the medicine of the future,” he said.

The Mights couldn’t wait for the culture of scientific research to change: they had been told that Bertrand could have as little as a few months left to live. The same day that they learned about NGLY1, they began plotting ways to find more patients on their own. Several years earlier, Matt had written a blog post, called “The Illustrated Guide to a Ph.D.,” that became a worldwide phenomenon; it was eventually translated into dozens of languages, including Serbian, Urdu, and Vietnamese. The popularity of the post, combined with Matt’s rising profile among computer programmers, meant that almost anything he put online was quickly re-posted to Hacker News, the main social news site for computer scientists and entrepreneurs. He decided to use his online presence to create what he referred to as a “Google dragnet” for new patients.

For the next three weeks, Matt worked on an essay that described Bertrand’s medical history in clinical detail. Matt called the result, which was more than five thousand words long, “Hunting Down My Son’s Killer,” and on May 29, 2012, he posted it to his personal Web site. It began: “I found my son’s killer. It took three years. But we did it. I should clarify one point: my son is very much alive. Yet, my wife Cristina and I have been found responsible for his death.”

Half an hour after Matt hit “publish,” Twitter began to light up. By the end of the day, “Hunting Down My Son’s Killer” was the top story on Reddit. The next morning, an editor from Gizmodo, a tech blog owned by Gawker Media, asked Matt for permission to republish the essay. In less than twenty-four hours, the post had gone viral. The more it was shared and linked to, the higher it rose in search engines’ rankings, and the easier it would be for parents of other children to find.

Eight days later, the co-founder of a commercial genetic-testing company in San Francisco e-mailed the piece to a friend, Matt Wilsey. The Wilseys are one of the most prominent families in San Francisco, famous both for their philanthropic generosity and for the complicated marital life of Alfred Wilsey, Matt’s grandfather, who died in 2002. Matt Wilsey, who is thirty-six, graduated from Stanford in 2000. After working on George W. Bush’s election campaign and spending five months as an aide in the Pentagon, he returned to Northern California to work as a tech entrepreneur. In the fall of 2007, he married a former classmate at Stanford. Two years later, Matt and Kristen Wilsey had their first child, a girl they named Grace.

Last fall, I met Matt Wilsey at the annual conference of the Society of Glycobiology, in St. Petersburg, Florida. He has a wide smile and black hair that is flecked with gray. Over lunch at an outdoor café, he told me that Grace’s problems began before she was born: she was delivered by emergency Cesarean section after her heartbeat dipped dangerously low. Almost immediately after Grace’s birth, he and Kristen began to worry. “She just seemed out of it,” Matt said. Within days, Grace was admitted to the neonatal I.C.U. Her doctors collected a number of samples, including cerebrospinal fluid from a lumbar puncture. Three weeks later, when she was discharged from intensive care, the Wilseys still did not know what was causing their daughter’s problems.

In the months to come, the Wilseys received one piece of bad news after another. They were told that Grace was not growing sufficiently, that she had low muscle tone, and that there were signs that she was suffering from developmental delays. “It was a continuous grief process,” Kristen told me last December. When Grace was around six months old, the Wilseys met Gregory Enns, the director of the biochemical-genetics program at Stanford’s Lucile Packard Children’s Hospital. Before long, Enns, whose research focusses on mitochondrial disorders, was functioning as Grace’s de-facto pediatrician. (Mitochondria are the so-called “power plants” within cells that generate most of the body’s energy.)

During the next two years, Matt Wilsey used his networking skills to set up meetings with specialists at institutions around the country, including Baylor College of Medicine, in Houston; the Broad Institute of M.I.T. and Harvard; Johns Hopkins; Columbia; and the University of California, San Francisco. “We’d talk to one great doctor and say, ‘Who’s the best liver person in the country?’ ” he told me. “And then that would lead us to one person and then that person would lead us to two more. That’s just kind of how we did it.”

When the Wilseys first read Matt Might’s blog post, it didn’t occur to them that Grace and Bertrand might be suffering from the same disease. “Their phenotypes were too different,” Matt Wilsey said. Grace could crawl and pull herself up to a standing position, while, at age four, Bertrand wasn’t even able to roll over. She also had a vocabulary of more than two dozen words, and was able to follow one-step directions, while Bertrand could only make indistinguishable grunts. The most striking difference, Kristen said, had to do with Bertrand’s seizures. “At the time, we didn’t think Grace was having seizures,” she said. “And so we thought, Oh, no, no—she’s completely different from Bertrand. So we just ruled it out.” (Later testing showed some abnormal activity in Grace’s brain.)

By the spring of 2012, Grace’s genome had already been sequenced twice: once at Baylor and once at Stanford. As it happened, Stanford geneticists had identified NGLY1 as a candidate gene, but they set it aside because Enns believed that Grace was suffering from an unidentified mitochondrial disorder. By the time Grace turned three, that October, the Wilseys had consulted more than a hundred researchers around the world, yet they were still without a diagnosis. Around this time, Kristen said, “I told Matt, ‘I don’t want to do this anymore. I’m just exhausted.’ ”

Matt asked Kristen if they could make one final trip to Baylor, and in February of 2013 the Wilseys took Grace back to Houston. They were introduced there to a young geneticist named Matthew Bainbridge. When he looked through Grace’s genome, he ignored mitochondrial genes entirely—“I figured Stanford had that covered,” he told me—and soon narrowed his search to three genes: one known to cause intellectual disability, one associated with a movement disorder, and NGLY1. “NGLY1 stuck out, because I’d never seen it before,” Bainbridge said. When he searched a Baylor database of more than seven thousand people, he found that a handful of them had a single NGLY1 mutation, but none had two.

Bainbridge next looked online for information about the gene. He quickly found “Hunting Down My Son’s Killer.” After reading about one of Bertrand’s more unusual symptoms, Bainbridge e-mailed the Wilseys a question: Did Grace produce tears? Kristen replied almost immediately: Grace could produce tears but not very often. Then, four and a half hours later, Kristen wrote back, “After thinking about it this afternoon, it is actually very rare that Grace will make a tear. I have only seen it a handful of times in her three years.” As soon as Bainbridge read that, he told me, he thought, “Oh, we fucking got it.”

On March 19, 2013, Bainbridge sent the Mights an e-mail. He told them that he believed he had identified a second case of Bertrand’s disorder, and that Matt’s blog post had been instrumental in his finding it. The next day, the Mights received an e-mail from Matt Wilsey. “I wanted to connect with you directly as you have heard about my daughter, Grace,” Wilsey wrote. “We are so thankful to find you.”

As it happened, Grace Wilsey was not the first new NGLY1 case that the Mights had uncovered. On June 3, 2012, five days after “Hunting Down My Son’s Killer” was published, Joseph Gleeson, a neurogeneticist at the University of California, San Diego, e-mailed Hudson Freeze, the Sanford-Burnham glycobiologist that the Duke team had consulted on Bertrand’s case, to ask him if he’d seen the post. Gleeson told Freeze about Murat Günel, a Yale neurosurgeon and geneticist who had sequenced a pair of severely disabled siblings from Turkey, each of whom had two NGLY1 mutations. In August, Freeze confirmed that the siblings were suffering from the same condition as Bertrand.

Then, the following March, nine days before the Mights learned of Grace Wilsey, they were contacted by a researcher working with an Israeli medical geneticist named Tzipora Falik-Zaccai, who said that their group had also identified siblings with NGLY1 mutations. In May, the Mights received an e-mail from Pam Stinchcomb, a woman in Georgia who had just learned that two of her daughters had NGLY1 mutations: Jordan, sixteen, who had been thought to have cerebral palsy, and Jessie, who was two. Later that month, the Mights heard from a doctor in Delaware with a twenty-year-old patient in whom sequencing had just revealed two NGLY1 mutations.

The most remarkable discovery came in June. Cristina Might received an e-mail from a German woman who was living in India with her husband and their severely disabled two-year-old son. (She asked that her name be withheld.) The woman had been looking online for information about how better to control her son’s seizures when she came upon a blog post that Cristina Might had written about Bertrand when he was two. Within weeks, the woman had sent her son’s cells to Freeze, who confirmed that the boy was, in all likelihood, an NGLY1 patient—the first person to be identified before he had even been sequenced. Freeze told me that if someone had predicted a year earlier that the Mights would identify new patients through blog posts alone, “I’d have said, ‘Ah, come on, you can’t do that.’ ”

Thirteen months after Bertrand Might became the first NGLY1 patient in the world, the Mights had helped identify nine more cases. “There were more kids—it wasn’t just our son,” Cristina told me one afternoon in her kitchen. “There are parents like us, who have been lost and confused and jerked around.” Matt nodded. “Even if Bertrand dies, there are kids out there that are just like him,” he said.

Last November, the Mights moved to a new home, in Federal Heights, an upscale Salt Lake City neighborhood at the foot of the Wasatch Range. Bertrand was about to turn six, and soon it would be difficult to carry him up and down stairs. The new house had several amenities for a family with a handicapped child, including an entrance at street level, wider hallways, and an elevator.

I visited the Mights three days after they moved. When I arrived, Cristina told me that she was two months pregnant. (Six weeks later, prenatal testing showed that the fetus had not inherited either parent’s NGLY1 mutation.) Most of the family’s possessions were still in boxes, but a small alcove off the kitchen had been set up as Bertrand’s playroom, where, six days a week, he would spend up to three hours with a physical therapist. The room resembled an infant’s nursery, with a stock of diapers, changing pads, and an assortment of soft toys. Bertrand seemed different from the way he’d been during my last visit, fourteen months earlier. He had become much more expressive: he furrowed his eyebrows and scrunched his nose and, when he was pleased, grinned broadly and let out what the Mights called a “happy hoot.” He was also much more coördinated, and, with considerable effort, he could roll over and push himself up to a sitting position. To everyone’s surprise, he had even learned to communicate preferences between objects by pointing or leaning toward the one he wanted to play with.

The Mights attribute their son’s improvement to several factors. Because his diagnosis revealed that Bertrand was not suffering from a seizure disorder, he was no longer on a severely restrictive diet or receiving painful, sometimes dangerous treatments such as steroids. Two over-the-counter supplements seemed to be helping, as well. The first was a highly concentrated cocoa extract. “It sounds like a scam, except there’s research showing that cocoa actually improves cells’ energy production,” Matt told me. The second was N-acetylcysteine, or NAC, an amino acid that helps produce a naturally occurring antioxidant. Bertrand hadn’t been admitted to the hospital since he’d had his tonsils removed, nearly a year and a half earlier—a stark contrast to 2010 and 2011, when he’d been rushed to the hospital more than a dozen times.

In the past year, the Mights and the Wilseys have formed a coalition dedicated to researching their children’s condition. Patient-advocacy groups have been around for decades, but it’s extremely unusual for one or two families to single-handedly direct an international research agenda. It helps that both the Mights and the Wilseys have family money. (Matt Might’s father is the president and C.E.O. of Cable One, the cable-television division of the former Washington Post Company.) Since 2012, the Mights have devoted more than a hundred thousand dollars a year to NGLY1-related research in Hudson Freeze’s lab, while the Wilseys have spent two million dollars funding researchers around the world.

Still, one of the Mights’ and the Wilseys’ biggest accomplishments to date required no money at all: they successfully pushed for the clinicians and researchers with whom they were working to collaborate on a single, all-encompassing clinical report on the disease. The paper, written by Gregory Enns, contained contributions from thirty-three authors, including Matthew Bainbridge, Hudson Freeze, David Goldstein, and Vandana Shashi. Eighteen departments from eleven institutions in the U.S., Canada, Germany, and the U.K. were represented. After the paper was all but completed, one of the challenges in getting it published was agreeing on the order in which the authors’ names would appear.

Neither Murat Günel, at Yale, nor Tzipora Falik-Zaccai, in Israel, joined in the publication. Günel had been invited but his research team had already submitted a paper elsewhere. (It was later rejected.) Freeze told me that Falik-Zaccai had stopped responding to his e-mails, and that when he inquired about the specific NGLY1 mutations of Falik-Zaccai’s patients she had all but told him that he would find out what he wanted to know when he read about it in a journal. (When I contacted Falik-Zaccai, in March, she denied this account and said that she would be delighted to work with the other researchers.)

The Might and Wilsey collaboration has also prompted the N.I.H. to study the condition. This past spring, the agency began inviting NGLY1 patients to come to Bethesda for a week of tests and examinations. Bertrand was the first child to take part, and his participation has already yielded a potentially important insight. As Bertrand and the other NGLY1 patients illustrated, the inability to get rid of malfunctioning glycoproteins has devastating consequences, especially for developing infants. But Sergio Rosenzweig, an N.I.H. immunologist who met with Bertrand, thinks it might confer one advantage, as well.

Rosenzweig recently published a paper describing two siblings who rarely got viral infections, despite being severely lacking in antibodies. Rosenzweig and his colleagues discovered that the siblings suffer from an ultra-rare congenital disorder of glycosylation known as CDG-IIb. The puzzle began to make sense. Since CDG-IIb patients have trouble making glycoproteins, it is possible that the siblings had some protection from a class of viruses that are known to depend on those molecules to spread within the body. (There have been only two other known CDG-IIb patients. One is now deceased and the other does not seem to be able to ward off infection.)

When Rosenzweig learned that Bertrand rarely caught colds, he couldn’t hide his excitement: perhaps Bertrand was able to avoid infections because viruses got stuck after attaching themselves to his defective glycoproteins. Rosenzweig is quick to emphasize that until he can test other NGLY1 patients he won’t know if his hypothesis warrants further exploration. But if it bears out, he says, it could point to a way to treat acute infections ranging from influenza to Ebola hemorrhagic fever.

“We try to help these patients with rare diseases,” he told me. “Sometimes we are able to, and sometimes we’re not—but these children are teaching us a lot we didn’t know about ourselves. And we can use what they are teaching us to help other people.”

On a Thursday night this past February, the families of five NGLY1 patients met at the restaurant of the Estancia La Jolla Hotel and Spa, outside San Diego. They were in town for the annual Rare Disease Symposium at Sanford-Burnham, which Freeze had organized. This year’s meeting was devoted entirely to NGLY1. Kristen Wilsey and Grace were the first to arrive at dinner. A few minutes later, the German woman, her husband, and their son, all of whom had travelled from India, entered. Next came the Mights, followed by Kaylee Mayes, a four-year-old from Washington state who had received a diagnosis of NGLY1 disorder the previous month, and her parents, Kelsey and Daniel. Pam and Tony Stinchcomb and their youngest daughter, Jessie, arrived last. (The Stinchcombs’ older daughter, Jordan, was too sick to travel.) The trip from Atlanta was just the second time that Tony Stinchcomb had been on a plane. “I’m not much into flying,” Tony, a large, affable man with a gray goatee, told me. “But this seemed worth it.”

That night marked the first time that two unrelated NGLY1 children were in the same room at the same time. For several hours, over ahi sliders, fish tacos, and empanadas, the families shared stories about what it had been like to care for children who were severely ill for reasons their doctors didn’t understand. Just before everyone went back to their hotel rooms for the night, the German woman, fighting back tears, told me, “It feels like we’ve come home, but to a home we didn’t know we had.”

The next morning, five researchers presented their work on NGLY1 to around ninety people, a group that included the families, a handful of their friends, and scientists from as far away as Japan. Both Matt Might’s and Matt Wilsey’s parents were there, as were Michael Gambello, an Emory University geneticist who had sequenced the Stinchcombs, and Gregory Enns. Cristina Might, who was five and a half months pregnant at the time, looked on from the front row. (In June, she gave birth to a healthy boy.) Bertrand, who was the most severely disabled of all the children there, sat nearby in his wheelchair, humming to himself, as Kaylee amused herself on the floor.

That afternoon, Matt Might gave a talk titled “Accelerating Rare Disease.” After describing the effects of his blog post, he told the crowd that it was inevitable that parents of children with other newly discovered diseases would form proactive communities, much as he, Cristina, and the Wilseys had done. Vandana Shashi believes that such communities represent a new paradigm for conducting medical research. “It’s kind of a shift in the scientific world that we have to recognize—that, in this day of social media, dedicated, educated, and well-informed families have the ability to make a huge impact,” she told me. “Gone are the days when we could just say, ‘We’re a cloistered community of researchers, and we alone know how to do this.’ ” ♦

Anatomy of a system call, part 1

18 July 2014 - 7:00am

July 9, 2014

This article was contributed by David Drysdale

System calls are the primary mechanism by which user-space programs interact with the Linux kernel. Given their importance, it's not surprising to discover that the kernel includes a wide variety of mechanisms to ensure that system calls can be implemented generically across architectures, and can be made available to user space in an efficient and consistent way.

I've been working on getting FreeBSD's Capsicum security framework onto Linux and, as this involves the addition of several new system calls (including the slightly unusual execveat() system call), I found myself investigating the details of their implementation. As a result, this is the first of a pair of articles that explore the details of the kernel's implementation of system calls (or syscalls). In this article we'll focus on the mainstream case: the mechanics of a normal syscall (read()), together with the machinery that allows x86_64 user programs to invoke it. The second article will move off the mainstream case to cover more unusual syscalls, and other syscall invocation mechanisms.

System calls differ from regular function calls because the code being called is in the kernel. Special instructions are needed to make the processor perform a transition to ring 0 (privileged mode). In addition, the kernel code being invoked is identified by a syscall number, rather than by a function address.

Defining a syscall with SYSCALL_DEFINEn()

The read() system call provides a good initial example to explore the kernel's syscall machinery. It's implemented in fs/read_write.c, as a short function that passes most of the work to vfs_read(). From an invocation standpoint the most interesting aspect of this code is way the function is defined using the SYSCALL_DEFINE3() macro. Indeed, from the code, it's not even immediately clear what the function is called.

SYSCALL_DEFINE3(read, unsigned int, fd, char __user *, buf, size_t, count) { struct fd f = fdget_pos(fd); ssize_t ret = -EBADF; /* ... */

These SYSCALL_DEFINEn() macros are the standard way for kernel code to define a system call, where the n suffix indicates the argument count. The definition of these macros (in include/linux/syscalls.h) gives two distinct outputs for each system call.

SYSCALL_METADATA(_read, 3, unsigned int, fd, char __user *, buf, size_t, count) __SYSCALL_DEFINEx(3, _read, unsigned int, fd, char __user *, buf, size_t, count) { struct fd f = fdget_pos(fd); ssize_t ret = -EBADF; /* ... */

The first of these, SYSCALL_METADATA(), builds a collection of metadata about the system call for tracing purposes. It's only expanded when CONFIG_FTRACE_SYSCALLS is defined for the kernel build, and its expansion gives boilerplate definitions of data that describes the syscall and its parameters. (A separate page describes these definitions in more detail.)

The __SYSCALL_DEFINEx() part is more interesting, as it holds the system call implementation. Once the various layers of macros and GCC type extensions are expanded, the resulting code includes some interesting features:

asmlinkage long sys_read(unsigned int fd, char __user * buf, size_t count) __attribute__((alias(__stringify(SyS_read)))); static inline long SYSC_read(unsigned int fd, char __user * buf, size_t count); asmlinkage long SyS_read(long int fd, long int buf, long int count); asmlinkage long SyS_read(long int fd, long int buf, long int count) { long ret = SYSC_read((unsigned int) fd, (char __user *) buf, (size_t) count); asmlinkage_protect(3, ret, fd, buf, count); return ret; } static inline long SYSC_read(unsigned int fd, char __user * buf, size_t count) { struct fd f = fdget_pos(fd); ssize_t ret = -EBADF; /* ... */

First, we notice that the system call implementation actually has the name SYSC_read(), but is static and so is inaccessible outside this module. Instead, a wrapper function, called SyS_read() and aliased as sys_read(), is visible externally. Looking closely at those aliases, we notice a difference in their parameter types — sys_read() expects the explicitly declared types (e.g. char __user * for the second argument), whereas SyS_read() just expects a bunch of (long) integers. Digging into the history of this, it turns out that the long version ensures that 32-bit values are correctly sign-extended for some 64-bit kernel platforms, preventing a historical vulnerability.

The last things we notice with the SyS_read() wrapper are the asmlinkage directive and asmlinkage_protect() call. The Kernel Newbies FAQ helpfully explains that asmlinkage means the function should expect its arguments on the stack rather than in registers, and the generic definition of asmlinkage_protect() explains that it's used to prevent the compiler from assuming that it can safely reuse those areas of the stack.

To accompany the definition of sys_read() (the variant with accurate types), there's also a declaration in include/linux/syscalls.h, and this allows other kernel code to call into the system call implementation directly (which happens in half a dozen places). Calling system calls directly from elsewhere in the kernel is generally discouraged and is not often seen.

Syscall table entries

Hunting for callers of sys_read() also points the way toward how user space reaches this function. For "generic" architectures that don't provide an override of their own, the include/uapi/asm-generic/unistd.h file includes an entry referencing sys_read:

#define __NR_read 63 __SYSCALL(__NR_read, sys_read)

This defines the generic syscall number __NR_read (63) for read(), and uses the __SYSCALL() macro to associate that number with sys_read(), in an architecture-specific way. For example, arm64 uses the asm-generic/unistd.h header file to fill out a table that maps syscall numbers to implementation function pointers.

However, we're going to concentrate on the x86_64 architecture, which does not use this generic table. Instead, x86_64 defines its own mappings in arch/x86/syscalls/syscall_64.tbl, which has an entry for sys_read():

0 common read sys_read

This indicates that read() on x86_64 has syscall number 0 (not 63), and has a common implementation for both of the ABIs for x86_64, namely sys_read(). (The different ABIs will be discussed in the second part of this series.) The syscalltbl.sh script generates arch/x86/include/generated/asm/syscalls_64.h from the syscall_64.tbl table, specifically generating an invocation of the __SYSCALL_COMMON() macro for sys_read(). This header file is used, in turn, to populate the syscall table, sys_call_table, which is the key data structure that maps syscall numbers to sys_name() functions.

x86_64 syscall invocation

Now we will look at how user-space programs invoke the system call. This is inherently architecture-specific, so for the rest of this article we'll concentrate on the x86_64 architecture (other x86 architectures will be examined in the second article of the series). The invocation process also involves a few steps, so a clickable diagram, seen at left, may help with the navigation.

In the previous section, we discovered a table of system call function pointers; the table for x86_64 looks something like the following (using a GCC extension for array initialization that ensures any missing entries point to sys_ni_syscall()):

asmlinkage const sys_call_ptr_t sys_call_table[__NR_syscall_max+1] = { [0 ... __NR_syscall_max] = &sys_ni_syscall, [0] = sys_read, [1] = sys_write, /*... */ };

For 64-bit code, this table is accessed from arch/x86/kernel/entry_64.S, from the system_call assembly entry point; it uses the RAX register to pick the relevant entry in the array and then calls it. Earlier in the function, the SAVE_ARGS macro pushes various registers onto the stack, to match the asmlinkage directive we saw earlier.

Moving outwards, the system_call entry point is itself referenced in syscall_init(), a function that is called early in the kernel's startup sequence:

void syscall_init(void) { /* * LSTAR and STAR live in a bit strange symbiosis. * They both write to the same internal register. STAR allows to * set CS/DS but only a 32bit target. LSTAR sets the 64bit rip. */ wrmsrl(MSR_STAR, ((u64)__USER32_CS)<<48 | ((u64)__KERNEL_CS)<<32); wrmsrl(MSR_LSTAR, system_call); wrmsrl(MSR_CSTAR, ignore_sysret); /* ... */

The wrmsrl instruction writes a value to a model-specific register; in this case, the address of the general system_call syscall handling function is written to register MSR_LSTAR (0xc0000082), which is the x86_64 model-specific register for handling the SYSCALL instruction.

And this gives us all we need to join the dots from user space to the kernel code. The standard ABI for how x86_64 user programs invoke a system call is to put the system call number (0 for read) into the RAX register, and the other parameters into specific registers (RDI, RSI, RDX for the first 3 parameters), then issue the SYSCALL instruction. This instruction causes the processor to transition to ring 0 and invoke the code referenced by the MSR_LSTAR model-specific register — namely system_call. The system_call code pushes the registers onto the kernel stack, and calls the function pointer at entry RAX in the sys_call_table table — namely sys_read(), which is a thin, asmlinkage wrapper for the real implementation in SYSC_read().

Now that we've seen the standard implementation of system calls on the most common platform, we're in a better position to understand what's going on with other architectures, and with less-common cases. That will be the subject of the second article in the series.

(Log in to post comments)