top of page
Search

How to separate the wheat from the chaff

  • Writer: RFERL Watch
    RFERL Watch
  • Jul 14, 2024
  • 21 min read

A grain of wheat is solid and contains life. Whoever has quality grain he or she has a secured future. When a man sows it, he has bread, when he plants it, he reaps a harvest. Grain is a symbol of wealth and life. Grains of wheat represent wise thoughts, kind words, good deeds, rightly used time. Chaff stands against the wheat in the gospel. Chaff is the empty husks from the grain. Chaff is nicely wrapped nothing. Emptiness. It brings nothingness and deepens nothingness. Chaff is everything we do superficially and formally. Chaff are vain thoughts, empty words, gestures without inner content.


Chaff is prayer without silence, decision without thinking, judgment without seeking the truth, giving advice and reason without education and wisdom .



How many chaff were flying over the "Hagibor" plains at the end of 2019, and how many of them are still flying there five years later? So let's try to uncover a few of those forgotten grains and "separate" them properly in the spirit of the previous prayer.


This whole agrarian process broke out "ex post" on 16/12/2019, i.e. after three weeks of intensive investigation by various IT companies, trying to find connections with the botched security incident on the Radio ГА / ГА postal system, which was allegedly carried out by the "Russian hackers" from the group STRONTIUM (aka APT28), controlled this time via the keyboard of their "scoot" by Čuk and Gek from the local GRU. That last time (still in the role of a useful idiot) during the initiative investigation of its causes, I still tried to save the "ass" of my department and thus also its superior #RC ("Remotely Controlled"). And actually my former "alma mater".


The background and reasons were published in one of the previous articles here .


So, sometime in these "pre-covid days" of December, when, coincidentally, the Benešov's Hospital, after a similar security incident on their IT infrastructure, was trying to publicly take such measures so that something similar would never happen again in the future, Radio ГА / ГA tried, understandably in the spirit of its long-standing traditions and the noblest moral principles, to hide and look for the right inner enemy.


It was logical to look at the managerial pressure of the IT director in the person of #RC ("Remotely Controlled") and the personnel and technical equipment of his department, for which he was, in a way, responsible to his employer in the form of Radio ГА / ГA. Not. With the increasing results of the investigation of the invited "anointed heads of IT", another benefit was impressed here, for which all others, interested in this ordeal, were rightly deprived.


It was above all the correct colour of his passport , the traditional Anglo-Saxon collegiality of "being together in good and bad" and, last but not least, his close relations with the local elite and its fan club . Above all, however, to the person #KF ("Kristína Fšecko").


Undoubtedly, the exemplary brownness of his nose also played a role then, and thanks to his unreserved admiration for it, it finally brought its long-praised fruit.

So how was it sown?


For many years, no one held the position of head of IT security here, and according to that, things looked like this in the field of computer security. In addition, this deplorable state of affairs was described in great detail by the commission from the OIG (from the USA) in 2017-2018 in its audit report, and it writes here with great hope about the need to fill this position (you can find more information here , including their official report published here).


The first attempts to fill this position also began in these pivotal years, when a very skilled Czech specialist joined the company, but after a few months he voluntarily left to work in Switzerland, where he began to build his career as a security specialist.


It was just a shame that the company was not able to keep such a quality expert here. That money again?

He was succeeded by a Romanian specialist who, after several months of imitating work and after smoking several cartons of cigarettes on the local terrace, was "left" after an alleged cryptocurrency mining affair at his workplace. During working hours of course.


And so, in 2018, #JS ("Joints Smoker") appeared. He worked here until 2020 and with whom I had the opportunity to work successfully until my last days. It's an open secret that my former direct supervisor #RC ("Remotely Controlled") also allegedly unsuccessfully applied for the position before his arrival, causing quite a bit of conflict and backbiting between them, which also amused other colleagues in the department.



In 2013 and 2014, as part of the ongoing reorganisation changes in Radio ГA / ГA, a discussion was opened on the topic of replacing the existing and tested information system, which everyone was obliged to call "legacy", with an incompatible system on the Microsoft platform, more precisely named O365, which #RC ( "Remotely Controlled"), without any professional arguments, advocated. He argued only that it was the wish of "top management" and that it would bring huge financial savings. He refused a substantive discussion on this topic, just as he did not come up with any strategic plans "how to implement it all" in the current conditions. His idea was that it would be done for a minimum of money and that it would happen somehow "by itself" and figuratively "by next week" thanks to me. Without training, only with crossed fingers and with faith and desire - "you can do it, you can do it!"


I pointed out to him the security risks associated with this process and that it is not a very good idea to expose our data, considering the area of our business, to the Internet, moreover using the cheapest E1 license models (for charity and small and medium-sized businesses) .


His only criterion was again the price, which he bragged about every time, how he figuratively painted it to the entire IT world with this hussar piece of his.

So I started performing, in addition to my regular function and for which I had signed a 15-year-old employment contract, in parallel and without an official designation, the function of global administrator of O365.


I never signed an employment contract for this position, and I ended up doing it for 5 years, until my resignation, without specified job duties, responsibilities and without proper training signed by me .


So how was it harvested?


A serious security problem at Radio ГA / ГA was specified that the O365 system was used there in the "core security scheme" and my supervisor, although he knew about these vulnerabilities in the system, still did not act. Although he boasted on the LinkedIN portal at the time about all possible security certificates and that he was the right person in the right place .


The criminal charges against him, which swiftly followed my discovery of the "stalking" through my computer, probably caused his final "bye bye" to the country from which he left more than 25 years ago. By the way, he continues to publish these alleged certificates of his on the website of his current breadwinner.


Now I don't want to use a lot of complicated "IT" expressions, describing the deplorable state of our environment at the time, and thereby additionally warm up my "kulajdička soup". I will rather focus on the essence of things that had an impact on the earliness and quality of the harvest at that time.

One of the things that the charity license model O365 wasn't prepared for the other day was its toothless anti-phishing protection. All of you who have sent an email at least once in your life know this term. Isn't it? Don't despair. I also couldn't believe my ears the other day, when during one of the hearings of our already 5-year court marathon, judge #JH ("Dr. Hustá") reprimanded us flamingly "Urválek speech" with a conceptual expression like "bushing" or "pushing".


It is not above being judicially competent and independent, I wanted to shout to the world at that time.


This issue was pretty much covered in one of my first posts here .


As is well known, "man in the middle" may not only be a ticklish sexual idea.

Like many times when I informed my superior or when I needed something from him for my work, he was not interested in solving problems this time either. The only exceptions were those things that the management could learn about, or it was an item from the #KF wish collection (“Kristína Fšetko”).


Since on October 7, 2019, from his point of view, a banal incident occurred, which, according to him, I have handled dozens of in the past, and since it occurred while testing other software from Barracuda Networks, i.e. outside of production, he did not consider necessary to waste his precious time with me on this matter and thus interrupt the viewing of one of the serial parts on NETFLIX. Subsequently, after a few weeks, it became clear that as a result of the aforementioned security incident, the account of the global administrator was stolen and data was extracted from the mailboxes of several dozen employees. And what was the worst - including those from the management!


However, I was no longer admitted to the conclusions and details of the "alleged" investigation report, nor was I allowed to comment later in court on the untruths stated in it. Instead, in the spirit of their highest moral traditions, the existence of which they widely feed the eyes and ears of their Internet followers and donors, they covered it up with my statement - for deterrence .


Of course, the traditional all-embracing good was not missing here, with the scope from I don't see to I don't see and the signature "peace to the world"

Such as the local tradition.


When these misconducts, for which he had direct managerial responsibility #RC ("Remotely Controlled"), appeared in the resulting Microsoft investigation report dated 12/13/2019, I was not allowed to access it.


Here, too, the legal department headed by #LA ("Dr. Leklá Andělka"), who used American taxpayers' money, approached their contracted law firm #MV ("Mgr. Prasátko"), so that they would then jointly "hand in hand" throw all his responsibility to me. And in the end, when I started to protest, together with their long-time experienced judge of the local court of first instance, #JH ("Dr. Hustá"), they arranged to talk me out of my senile imprudence.


And so, were it not for the last 5 years of litigation, where I am trying to invalidate this termination and reach a court settlement with severance according to merit and as is customary in this region, I would never have learned about certain facts of this security incident.


So how was it stocked?


This stage of harvesting began very awkwardly in mid-December 2019.

 

After the warm friendly relations between me and #RC ("Remotely Controlled") were suddenly broken at our joint workplace , he personally informed me on 16.12.2019 that HR Manager #MS ("Mr. Sushi "), which will tell me what will happen to me next.


They say I should only go to work, read my mail at most and wait. Still just waiting.

When still nothing happened, on the afternoon of 17/12/2019 I personally visited #MS ("Mr. Sushi") and asked him if #RC ("Remotely Controlled") had been informed and if I should really just wait.


I told him that I don't think it's very economical for this company, which according to my superior still doesn't have money for licenses or training, for an IT specialist to just sit at the computer for the next day, while pending requests are piling up, other security issues are piling up incidents , the mail system does not work properly, reports and requests for the removal of errors are still delivered to my mail and thanks to the blocking set by #RC ("Remotely Controlled") I can't do anything with them anyway !


When I told him, he closed his office door carefully behind me and then started yelling at me.

#MS ("Mr. Sushi")

I have to kick you out for the loss of trust!

#I

Can you please tell me how you came to this conclusion and what leads you to it? And above all, value your words!

#MS ("Mr. Sushi")

I don't know! (he added more amicably)

#I

It makes me quite uneasy when someone like you and with the powers you have wants to fire me, moreover, for a loss of trust and doesn't even know the reason?!

#MS ("Mr. Sushi")

Because you clicked! (cut off)

#I

Sir, I am paid to click here!

#MS ("Mr. Sushi")

But you clicked wrong!

I understood that there was no point in discussing the details of "my clicking" with him, so we parted ways.


They say I have to wait for their next decision.

The decision came late in the afternoon, when he and #RC ("Remotely Controlled") tried to hand me the well-known document with "obstacles on the employer's side" with the words - sign it or...!


I remembered a similar story from 2014 and one of our previous posts here – “How do we do it? According to the template!'


There was a stage of covering the grains with several handfuls of chaff, a little dust and some dirt were added. Then everything was just properly mixed and ordered - DON'T SNEEZE!


So how was the grain chaffed?


Like Cinderella - after all "by hand" and with the help of helper doves.


The affidavit of #RC ("Remotely Controlled"), which at the time of its alleged writing on 4/6/2020, when he was no longer an employee of Radio ГA / ГA, played a pivotal role in the court's decision to dismiss both of my lawsuits . In this pamphlet he described the whole hacking incident and commented on his trouble with my computer, not forgetting to throw everything back at me. In his second part, which was apparently created "ex post" and according to what has been proven here - "you help us and we will help you" - he tried to develop his criminal prosecution organised by me. In this statement of his he states in one of his parts that


" I used Mr. XY's computer on various occasions and only in the period from January 31, 2019 to February 14, 2020... ".


If this statement of his is true, which he confirms with the sentence at the end


" By signing this declaration, I confirm and confirm that the above statement is true ",


he actually admits that he has been using this computer of mine for more than a year .


I would like to state here that the incident that occurred on 7/10/2019 took place during this period and it is possible that his activities from 31/1/2019 to 7/10/2019, or from 7/10/2019 to 14/02/2020, could have had an impact on its progress, or on its investigation.


According to an extract from activity records in the O365 administrator console, #RC ("Remotely Controlled") searched my mailbox several times with his administrator account and tried to find incriminating information for me. That is, he was the only one in the company who had a special security license "Azure AD Premium P1", which allowed him to make interventions with the highest level of security in the "tenant" of Radio ГA / ГA.


About this oath and the existence of several versions of it, it was written in detail in the article "An American oath of honor" .


It is necessary to emphasise on this occasion that this sworn statement of his had a key influence on the reasons for my termination of employment pursuant to §52, letter G.


According to all judgments, based on which I have so far all lawsuits with Radio ГA / ГA lost, the court emphasises the importance of this statement of his as pivotal in describing the events as they allegedly occurred.

In addition, the second similar statement of the "IT security officer" #JS ("Joints Smoker"), is presented only in electronic form in MS Word format, and even without a signature.


For the court panel "16 C", which traditionally judges the cases of all employees of Radio ГA / ГA, this was again sufficient and understandable.


When looking at the files at the Criminal Department of the Police of the Czech Republic, we found that the legal representation of Radio ГA / ГA , represented by the same lawyer, provided the police investigator with an altered text of the Czech translation of the officially verified sworn statement #RC ("Remotely Controlled"), in which they changed the text so that it shows that he only accessed my computer from January 31, 2020 to February 14, 2020, i.e. only for 2 weeks .


The effort was to impress upon the investigator that he had only been here for a few days after I exposed his attempt to steal my computer identity. Most likely, the legal department did not count on the fact that I would be personally interested in the progress of the investigation of the security incident reported by me directly to the Police of the Czech Republic and that I would appear in person to inspect the criminal files .


According to the answer of the employee of the translation company, the English original was translated into Czech, and therefore also for the needs of the court and the criminal court, with the correct dates in both copies.

Although #RC ("Remotely Controlled"), as a long-time IT worker, with the highest security privileges, allowing him to remotely connect to any company computer directly from his office at any time , decided to get into the computer of mine right in my former office.


On Friday 1/31/2020, in the late afternoon, he ordered the domain administrator to reset the password on my computer and tell him it. On Sunday, February 2, 2020, in the morning , when no one was in the office, he logged into my former computer using the password he had obtained and started reading my private correspondence both in the company O365 and in private mail with my identity. I discovered this by accident during my unexpected visit to the office on 2/17/2020.


After his accusation and the filing of a criminal complaint, the legal department of Radio ГА / ГА began to traditionally downplay this entire crime, and what's more, began to excuse him.


According to known notes.


Although he allegedly held CISM (Certified Information Security Manager), CISA (Certfied Information Systems Auditor) and CRISC (Certified in Risk and Information Systems Control) certifications and held ISO 20000 certification, which he published extensively publicly on his LinkedIn profile, the court believed that , that he did not know how to install standard administration software on his computer , in addition, according to fully and detailed documentation to which he had access as my superior.


On the contrary, after I published this information to the police of the Czech Republic, he deleted all confirmations of certifications from the LinkedIN portal from his profile. Today, he is posting them again on his current employer's website, so it is quite likely that he is the real owner of these certificates.


But who knows? Maybe it was only issued by his keyboard, enhanced by "Photoshop" and published by his home printer.

During the somewhat tepid police investigation into illegal #RC ("Remotely Controlled") activities, I kept trying to assist them in obtaining evidence from IT113's physical computer disk.


According to the investigative report of the criminal police, it was established that he actually accessed my private mail in the domain " seznam.cz ", but unfortunately it was not established whether it was successful or not .


According to all investigative reports I later came across, the computer was first stored in an IT warehouse for police use, while another report states that #JS ("Joints Smoker") and his IT crew had been going crazy on it before.


Even though he was scolded several times by all those involved, he finally arrived with the reputation of an unkissed virgin in the hands of the criminal investigators of the Police of the Czech Republic, so that in the end they did not find anything serious.

I had a hunch from the beginning that it was the rarest DELL computer called IT113 in Central Europe at the time.


By searching, I discovered that Radio ГA / ГA filed a criminal complaint against an unknown perpetrator at the District Police Department of Prague 10 Strašnice after the incident, where his representatives appeared to give an explanation. In their statement, they state the date of the incident as 25/11/2019 , i.e. one day before I personally officially reported it and blocked the hacker account. This statement of explanation was delivered to the inquest in person by #JS ("Joints Smoker") and it is strange that it did not appear in the court files and did not appear here at our request .


In the end, our request was simply rejected by the court in view of speed and economy.


In this submission, and also in the reasons for my statement below, it is stated that I allegedly opened a link (here is finally the mythical click in the submission of #MS ("Mr.Sushi")) to the website " Office365account.azurewebsites.net " and which allegedly caused the launch of a cyber attack.




When I found out that the account was most likely hacked, I asked the network department to block this suspicious link for all of Radio ГA / ГA, thus preventing a similar attack from this address on any other employee of the company. With a little taste, this report #IM-9769 of mine can still be found in the central report database today.



From the first days of the investigation of this security incident, it was clear that this Internet domain is registered by the Microsoft company , that is, that it is a legal domain and according to the international database of domain owners " who.is " it was registered on 24.1.2012 by the company "MarkMonitor, Inc." , which is dedicated to the security of Internet domains and is part of the leader in web services technologies of the company "Newfold Digital" ( https://who.is/whois/azurewebsites.net ).


It is still available for purchase by a "broker" for approx. 110 Euros plus 20% commission.


It is therefore logical to assume that I considered the mentioned domain to be verified and safe at the time of clicking.

It is strange that this information , which was known from the first day of the investigation to #RC ("Remotely Controlled"), to another colleague of mine in the administrator role too, and was subsequently confirmed by the forensic investigators of Microsoft , does not appear in this explanation given to the police, nor in the justification of my statement, nor in the internal investigation report of Radio ГA / ГA, if one was ever created for this purpose.


On the contrary, the fact that this attack occurred immediately after the double leak of credentials from a certain "sloppy patronising" local American journalist , which occurred only 28 minutes before the phishing attack, must not be discussed , even during court proceedings .


During the investigation, specialists from Microsoft confirmed to me that the whole incident was the result of the lack of compliance with the necessary security standards in the O365 system , starting from the use of a cheap licensing model, through the use of only "basic" authentication (so that managers can use quick and simple login), to the inconsistent requirement multi-factor authentication and unsupported communication protocols (again with exceptions for "equal" between "equal" users).


On 11/12/2019, I tried to definitively remove these security holes (after consultation and under the cover of the present specialists from Microsoft), which was immediately banned by #RC ("Remotely Controlled").


In fact, I don't understand it to this day, and the only explanation for me is that he was determined to throw it all on me for good from that day forward.


However, neither my nor anyone else's guilt is mentioned by name in this summary document.

As Microsoft's investigative report stated, the malicious software "stealth.worm.exe" was installed in the above domain , which obtained login data and especially verification codes for two-factor authentication by the "man in the middle" method between July and November 2019. .


As it was a Microsoft domain where this application was hosted from 2/10/2019, this application was finally neutralized by their specialists during their investigations in Prague from 9/12/2019 to 13/12/2019, as they themselves state in their report.


Unfortunately, in the course of a later investigation, it was found that a "man-in-the-middle" attack was also used against my account at this time, when the MFA "token" was stolen during communication with the O365 administration interface and later misused and to bypass security.


By using the lowest license model O365 E1 and I didn't have any other computer with "Conditional Access" security enabled, which I asked my supervisor #RC ("Remotely Controlled") under request number SQN: 191217 to no avail and for which there is still an unconfirmed request for them (this is access from precisely defined IP addresses), there may not have been a successful breach of security .


 

According to the report, this "US attack" took place from Estonian IP addresses. However, I admit that it could also have been masking of IP addresses by the attacker.


But I can't rule out the fact that Čuk and Gek, while splashing in the waves of the Estonian Baltic Sea, also engaged in other non-resting pleasures, i.e. "hacking" Radio ГA / ГA .

The uncovering of the grain continued in other "non-IT guy" fields, where all misconduct and violations of the law should also have remained undiscovered. The following paragraph in particular should be confirmation for many of you that "stalking" behaviour by your supervisors in your workplace is not legal, but rather illegal .


After all, as will be mentioned below, the "Aspenians" really had no problem with complying with laws and regulations.


According to the results of the investigation of the "Labor Inspectorate" , to which I contacted with a request for an inspection, this inspection body states in its conclusions that Radio ГА / ГА violated my privacy as an employee without a serious reason, based on the special nature of the activity , when it allowed me to a supervisor accessed my work computer and worked under my administrator account.


The control body also stated that the controlled person did not fulfill the obligation to inform me directly about the interference with my personal rights , thereby failing to fulfill the obligation according to § 316, paragraphs 2 and 3 of the Labor Code.


At the same time, it was established that by not discussing my resignation with the trade union, Radio ГA / ГA committed a violation of §61, paragraph 1 of the Labor Code . For more information, see the article "Brotherhood of Big Brother" .


On February 9, 2021, I received a statement from Radio ГA / ГA on my request to his work in the period from 1/12/2004 to 31/3/2020. Job duties and completed training are summarized here.


According to the list of job duties received, there are no O365 global administrator duties or any special O365 training .

On the same day, February 9, 2021, I received, again at my own request, a "Confirmation for the needs of the labor office" about the amount of the average monthly salary for the period of employment at Radio ГA / ГA.


In the part concerning the reason for the termination of the employment relationship, the official reason for my termination was not indicated , i.e. that "as an employee, I would have violated the obligation arising from the legal regulations relating to the work performed by him in a particularly rude manner (§ 55) " and no other was specified here either reason. At the same time, it is important to state that the instructions for this confirmation included a warning that the provision of data that would not correspond to the facts and as a result of which the employment office would provide funds illegally or in a higher amount, can be assessed as damage caused to the Czech Republic with legal consequences for the processor confirmation, i.e. for Radio ГA / ГA .



On 10.1.2021 I requested Radio ГA / ГA on the deletion of personal data for reasons of revocation of consent to the processing of my personal data.


In his reply dated 24/03/2021 , I was told and confirmed that as the administrator of personal data he did so after my termination of the employment relationship and, in fact, that he does not understand why I am asking such an obvious thing. However, by asking the administrator of the PostSignum certificates, which is the Czech Post, I found out that Radio ГA / ГA accessed this system several times from 6/4/2020 to 29/1/2021 with my former identity in the highest role "authorized person" and communicated using her with state administration bodies .


Upon my discovery, I had the administrator of the PostSignum system immediately block this former account of mine, informed the "Office for the Protection of Personal Data" on 11/17/2021 and filed another criminal complaint against the unknown offender.

The legal department of Radio ГA / ГA, as the guarantor of compliance with the rules in the handling of personal data, in its explanation submitted to the "Office for the Protection of Personal Data", as well as to the District Department of the Economic Criminal Police in Prague 10, once again trivialized the whole incident and from breach of its obligations she indirectly blamed me again .


Again, like a true "aspenáci", they only received an agreement from the administrative authorities and a promise that they won't do it again...


Although I have confirmation that I passed the documentation on to colleagues, I have been accused of not doing so. They did not accept at all that to this day I have not signed the exit sheet, all the access cards to the backup data center have not been taken from me and that the process of ending the working relationship between me and Radio ГА / ГA was , to put it mildly, non-standard .


In conclusion, one beautiful example of professional competence and thus the impartiality of the court in one of my cases, when Judge #JH (“Dr. Hustá”) included the following sentence in her court decision:


"... the plaintiff mainly finds discrimination in the different approach of competitive struggle and lobbying between Barracuda Networks and Microsoft ".


In fact, the first time I read this wisdom of hers, I just rolled my eyes and, using the words from the legendary movie "Sun, Hay, ..." shouted, "God, do you see that?!"

In order to get some argumentative ammunition for my defense of the procedures that I am at the barricade in defense of Radio ГA / ГA that day 7/10/2019 used, I approached the Barracuda Networks company in August 2021 with my request to at least certify in writing that I did all the activities according to the documentation and according to the procedures approved by them.


"In connection with the upcoming court proceedings, together with the lawyer, we are trying to put together some expert opinions in addition to other evidence. Since it seems that the culmination of my entire case could also be seen as a competitive battle between Microsoft (pursued wholeheartedly by my boss and USAGM) and Barracuda Networks (pursued by me and the head of IT security and his supervisor), I would greatly appreciate some expert opinion from you that in identifying and eliminating a phishing attack against them and in dealing with its consequences, I followed the described procedure correctly and according to the procedures recommended by Barracuda. After all, I didn't have any other option, since this tool for these activities requires a precise procedure through the "wizard", which I finally went through and in good faith considered it to be the maximum.

 

Do you think you could look at the attached document and at least write that I acted correctly in the given situation, or if more could have been done? The elderly judge is not an IT specialist, she does not understand many things, and the opposing party is counting on that..."


The next day I received a "politically correct" reply, in which the sender offered me only a "toothless" confirmation that I was their long-time and experienced customer, and with which everyone was always satisfied.



As if I didn't have enough praise, awards and rewards for those 15 years?

Thanking them "for the gifts", I finally declined their kind-hearted offer, reeking of AI for miles. I believe he wouldn't help me clear my name anyway.


So how has the grain been handled (so far)?


For the fifth year, the grain has been sieved, mixed and genetically improved. And so it gets smaller and smaller, smellier and, thanks to the passing of time, more mouldy. That it would be an interest?


Only the chaff remains immortal.

 

It is said that when a person grinds grain, he has bread, when he plants it, he reaps a harvest, as the Bible says.


Bread hasn't been made yet, but quality grain for flour is not available, it is said that there is chaff in it, even some dirt - it is a well-known fact, but with Cinderella and her pigeons - there is no spleen there yet...


How many grains of truth will THEIR gift of God contain in the end?



Comments

bottom of page