Re: [qubes-users] using two whonix-gw instances
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/1/19 2:59 AM, tetrahe...@danwin1210.me wrote: > > A 2nd sys-whonix gateway for this situation would seem to reduce the > vulnerability. Or maybe I am just being paranoid? I agree and decided to go with two gateways for the following reason: running two gateways is like having two PC's on the local network each running Tor ... in this way Virtualization/Qubes is responsible so an accidental misconfiguration / bug in Whonix is less likely to result in a compromise I'll still have it on my todo list to read through both the Whonix and the TOR design. But until then, I'll go ahead with the two gateways. /Sven -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl2TjlsACgkQ2m4We49U H7ZVHhAAo4lVq0o0wYkmfrcLUlOIQMb9Yaxg9RwKswy17aSDOqmsxBIT/+1leQQJ thxC/mlxzuzi7zTcqEJmQEU0iV+YWMzUdT55Wr2KV+6mTD+CGmus4Qx9uEYBLEvl iP/F0ABgvfgQGLGryOSfSd/jWeOdSEgiBOkf0Y7xIrN/A3jp2zaxZV4TdY91YAJQ /qnYqoq88z0xiQg8UT3NdIA2XvLDtDZ3aZX4UEyhAFgihBTpDQKybtgJhlM0Rqjd Abbn9YXj0Odcl8oBDv2Yk03jKPcD9z18upkLuZzpi+cPVfhARSa0CljiFvwAzbkf HzJTYM/uE6hnvLFMws4PAZYwawQ/MoSfuLuN2G4MkUJm0h2+GsMLQ0+2fdPufWZg mjX4vIQZPaK+eV/SxslmMgzzpkOXTcKhz9MAF6lU1d2QYKcAFQq30NNacAT65q7H KRNz7nNH8640lie0oQWZrUJ7HzSIFodVHS9P37V7DIGsQX5VPD30N5ezObsyowi/ piL4GEVtwUA0/kCxtW4kR8as08g06/tMXxxDF6vXFL7tAqmog14tr+vWxSii0eN8 LGSpwMDzGnLgrhnUwJOmX1uYenOkRYLjaH2DRVajZE4jKtQmUW31MG4jDPePF2HO QEofFXZ7WyH1rFeFhdGZbQIVl71mevw039xJXjHShi6Wx8ILQVA= =zW2c -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b7807df8-e1c4-eee9-cfc1-b51176e88566%40svensemmler.org.
Re: [qubes-users] using two whonix-gw instances
On Thu, Sep 26, 2019 at 10:09:04AM -0500, Sven Semmler wrote: My understanding is that TOR actually runs in the gateway and the the workstation(s) enable typical Qubes style compartmentalization. Meaning that if app-anon-1 is compromised, the sys-whonix and a potential app-anon-2 are not. When I create a second sys-whonix-id I can see via the Tor control panel that it uses a different Onion circuits than the first instance. Would it be recommended to use a separate sys-whonix gateway for applications where one needs to expose the Tor ControlPort to AppVMs? While the ControlPort would be protected by a password (this is mandatory for non-local access) it seems conceivable that either: a) the AppVM that has legitimate access (and the password) to the ControlPort might get compromised, or b) another AppVM (without legit access or the password) might be used to exploit a vulnerability in the exposed ControlPort A 2nd sys-whonix gateway for this situation would seem to reduce the vulnerability. Or maybe I am just being paranoid? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20191001025926.GA1477%40danwin1210.me.
Re: [qubes-users] using two whonix-gw instances
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 9/25/19 8:31 PM, Claudia wrote: > One way to find out for sure. Open /etc/torrc (or ~/.config/tor/torrc, or > other torrc location), and look for stream isolation flags. Make sure you > understand exactly what each one means. Thank you! /Sven -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl2SX7YACgkQ2m4We49U H7aR/w//f8Qt8tMoYewLLIMsWZY2gY/95uZ04wdBLH7Ymg2SCbEE/n17MGU6E6Hc 0gfsuh4Yd7/Qh3GCx6mt7D+IR/ozOuIFby1y703pH2j31eYRy8m2n5G23/I9jtD0 iIChj1BJDpHsH2SSOdAwvHLPFXxKOgsETMdXBTeL6owVlW31AOip9EpJEjf2oYIC HVuBKx9dYDhwjty+TJVL75o5uhsqMaeC2awUg1yV048mWKhFkdseDI8BN7sjTWK1 DOzX67Y8Na4DSdi8KsnThGyvQFCgk4eYjQqZdHdA53M1rCVQvg5dJ6ym487mxDt0 6urozSZtLyuE19xQFyPTsBs1aXw3gKBzKpOh8dFJ3QO8oy8uihJ7QqdbxLDDIvAV NPFkfwlBU62vbe/oMrRwMZY7dUqLqWXEWxA1Pc0In+81TtX9laQKbzVB9mXPopf0 4KUbklpmVoU2uYTaetae7BuJFdi/8Lh0TgMszOT3qQl3m6jh03DYdpGENczbw30t 5QMV6pSgqBckPLjd++4U+8eELBeGD8illyWVeomSqi2yK+ftIfduXhLZnG7OMKKL h0puSitk9H/b8ez30ED8oGvA5kA75Y0ZtuySDjTPHIThXuP8uzj28EHSQ7jkDWso 29rDTBfngv+Hrc232I8mN4RyA5DeZx9pdhGcmK/y5prvcFUQHik= =KPtn -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c418f75e-da1a-988f-14d5-4fa9ea4f0c24%40svensemmler.org.
Re: [qubes-users] using two whonix-gw instances
tetrahedra via qubes-users: On Wed, Sep 25, 2019 at 11:32:20PM +, 'awokd' via qubes-users wrote: Sven Semmler: On 9/25/19 5:26 PM, 'Jackie' via qubes-users wrote: even different applications within the same vm, will use different tor circuits. I know this is true of apps that come with whonix-ws, but is it the case for apps added later like Signal? I think you'd still be OK if Signal was the only thing added, but don't know about something like Signal and Discord in the same AppVM. I'm fairly sure the answer is "no, stream isolation is only automatic for apps which are wrapped by `uwt` or which otherwise take steps to be isolated, and this just happens to be the case for most whonix-default apps"... I think the OP was talking about isolation between VMs, not isolation of apps within the same VM. This is kind of how Qubes is designed in the first place. A random untrusted app, like a browser, could easily be exploited, and coredump/ptrace/what-have-you another app in the same VM and thereby break Tor isolation that way. Network- and machine-level isolation are different things, but the underlying concepts (e.g. compartmentalization) are kind of the same. But nevertheless, in regards to the quote at hand... Yes, the preinstalled applications are preconfigured for stream isolation, either internally or by uwt. User installed apps, unless specifically configured, will use the TransPort & DNSPort and will be isolated only as specified by the TransPort & DNSPort isolation flags (whonix appears to just use Tor defaults, so effectively none). For foreground applications (as opposed to services), it's easy to use torsocks with IsolatePID=1 to isolate a process. You can also enable torsocks globally (and thus isolate background processes as well), but I've never tried it on Whonix (and there must be some reason they're not doing this by default). https://www.whonix.org/wiki/Stream_Isolation - This free account was provided by VFEmail.net - report spam to ab...@vfemail.net ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands! $24.95 ONETIME Lifetime accounts with Privacy Features! 15GB disk! No bandwidth quotas! Commercial and Bulk Mail Options! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2c317f8d-b37b-9a15-2eb8-71cf36220b6f%40vfemail.net.
Re: [qubes-users] using two whonix-gw instances
'Jackie' via qubes-users: Sven Semmler: In addition to my fairly standard dvm based on whonix-ws connected to sys-whonix based on whonix-ws I have now done the following: 1) cloned sys-whonix to sys-whonix-id 2) created app-signal based on whonix-ws 3) installed signal in whonix-ws 4) connected both app-email-private and app-signal to sys-whonix-id The idea being: 1) sys-whonix and the instances of whonix-ws connected to it are for truly anonymous browsing. I have never nor will I ever type in anything even remotely identifying into those qubes. 2) sys-whonix-id is used more like a VPN in that the endpoint of the connection (my email provider or my phone in case of signal) knows very well who I am ... not anonymous at all. However no one in between my PC and those end points should be able to tell. Here is my assumption I would like to check against the members of this group: while both instances (since cloned) will use the same entry guards, the resulting TOR circuits will be different and there is no way the traffic on the one connection can be correlated to the other - right? /Sven Hi, I'm certainly no expert, but i'm not sure having two sys-whonix vms is necessary here. Whonix vms have stream isolation so different whonix appvms, or even different applications within the same vm, will use different tor circuits. Of course it's possible that just coincidentally two applications in the same or different vms could happen to use the same exit node for a period of time, but that would also be possible if they use separate sys-whonix proxy vms. But i might be missing something here, so somebody please correct me if so. One way to find out for sure. Open /etc/torrc (or ~/.config/tor/torrc, or other torrc location), and look for stream isolation flags. Make sure you understand exactly what each one means. IsolateClientAddr Don’t share circuits with streams from a different client address. (On by default and strongly recommended when supported; you can disable it with NoIsolateClientAddr. Unsupported and force-disabled when using Unix domain sockets.) IsolateSOCKSAuth Don’t share circuits with streams for which different SOCKS authentication was provided. (For HTTPTunnelPort connections, this option looks at the Proxy-Authorization and X-Tor-Stream-Isolation headers. On by default; you can disable it with NoIsolateSOCKSAuth.) IsolateClientProtocol Don’t share circuits with streams using a different protocol. (SOCKS 4, SOCKS 5, TransPort connections, NATDPort connections, and DNSPort requests are all considered to be different protocols.) IsolateDestPort Don’t share circuits with streams targeting a different destination port. IsolateDestAddr Don’t share circuits with streams targeting a different destination address. https://www.torproject.org/docs/tor-manual.html.en Since IsolateClientAddr is on by default, and since every whonix-ws has a different address, one can assume that circuits will never be shared between different VMs. So a single gateway should sufficiently isolate traffic from different VMs. Important note: Applications accessing the same Tor instance, via any SOCKS address/port, can discover information about the remote destinations of other applications on the same Tor instance. So the reason to use two separate Tor instances (whonix-gw VMs) is only if you're worried about untrusted or exploitable applications which could discover where other applications (even on different workstation VMs connected to the same gateway) are visiting. But it has nothing to do with external traffic analysis or stream isolation or anything like that. This is the same reason it's not recommended to expose your Tor SOCKS port to the local network or anywhere else. Anyone who can access it can find out what sites you're visiting. For example, if you have two whonix-ws VMs using the same whonix-gw, a browser in VM1 could be exploited and discover what sites you are visiting in VM2. So, in theory, you are right for using two different whonix-gw VMs, one for anonymous work and one for non-anonymous work. However, I would imagine that the Qubes and Whonix developers know about this and have done everything right. I just don't know enough about Qubes/Whonix in particular. As far as entry guards... Yes, I believe the cloned VM will use the same guards, at least initially. However I don't think guard selection is deterministic, so after a while (usually a month) the two VMs will select a new, different set of guards. Generally you want to use as few guards as possible, so you want to use the same ones in as many places as possible. To be precise, you want to always use the same guard to connect to a given location (to the best extent that is practical, anyway). So if whonix-gw1 and whonix-gw2 are both connecting to google.com using different guards, the likelihood of being deanonymized by a
Re: [qubes-users] using two whonix-gw instances
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 My understanding is that TOR actually runs in the gateway and the the workstation(s) enable typical Qubes style compartmentalization. Meaning that if app-anon-1 is compromised, the sys-whonix and a potential app-anon-2 are not. When I create a second sys-whonix-id I can see via the Tor control panel that it uses a different Onion circuits than the first instance. Patrick pointed me to the Whonix forum and to the Tor project for answers. I'll report back here once I got clarification. /Sven -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl2M1TIACgkQ2m4We49U H7ZK5w/8Dtbj/qPRGiyUkcay+KrK7Vw/VWlf5uEGsxLFnjyU/rVzZ+hFq6G1Y4Vy 2xwnmi9oygMuPpzTfDBw8pXS+mrqEIaIyzw6rEYgqZDAIcb2JBJiQ967EqIWuwWD pqo8q5t8mlh2YQ+JNKF/IQi0lzoxyZnxeT8uKaVC/7oYvpFWz8DsbRFybjUfc4YI tVj7J4RHOu5kzszTNBTMM0Dp0oFH+U4vIH/maIwB9ufhcQyLtXkDUKWVuQ2/Q+UO nTSd52wvjcYE+eHbplDE6jqJNqsXoMEGfbr8NwgkUyeohtwlX/mNo9vosih+SGO5 abklDdwZPrKwigo5BQ7tH1GroXfjZKWbhEW28d22UVvM1FaSqHAwBDm0uO+E+J25 LCLClOcdYRYf7/Qh6d2UkaPcp1bWKdLNbUYjwvKlm19bJBxCWQJn4lCPV0/GQiiV vddzRw340zIsFi1qAfrYMlKN7Xl0oHmqQPKM9FnDHBCsem7NkCItWTrbYvpizEXO t/V+EKCBpPy0/e0z3JlkzDWij2PMh8gZ/eytchQ+664sWX+2pqCs67/lNLE2RlEn lPQ4Y9J+wqsRhDg/4sflO/KDeBIVwUwrhuqvVuKu9237zUh3N8GsCbVtx3tSApFR jyFtaSj09u0l3rsd/0Ph5wN7nS9brA8Q8dL+Rqv+hog65YY1Z8E= =doZL -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e4e51178-c9a2-e67a-a3ce-49c101d84586%40svensemmler.org.
Re: [qubes-users] using two whonix-gw instances
On Wed, Sep 25, 2019 at 11:32:20PM +, 'awokd' via qubes-users wrote: Sven Semmler: On 9/25/19 5:26 PM, 'Jackie' via qubes-users wrote: even different applications within the same vm, will use different tor circuits. I know this is true of apps that come with whonix-ws, but is it the case for apps added later like Signal? I think you'd still be OK if Signal was the only thing added, but don't know about something like Signal and Discord in the same AppVM. I'm fairly sure the answer is "no, stream isolation is only automatic for apps which are wrapped by `uwt` or which otherwise take steps to be isolated, and this just happens to be the case for most whonix-default apps"... -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190926092207.GA1787%40danwin1210.me.
Re: [qubes-users] using two whonix-gw instances
Sven Semmler: On 9/25/19 5:26 PM, 'Jackie' via qubes-users wrote: even different applications within the same vm, will use different tor circuits. I know this is true of apps that come with whonix-ws, but is it the case for apps added later like Signal? I think you'd still be OK if Signal was the only thing added, but don't know about something like Signal and Discord in the same AppVM. Oh wow... that sounds great. I just discovered there is actually a whonix-users group ... I will post my question there too. Please follow up here too if you get more clarification. -- - don't top post Mailing list etiquette: - trim quoted reply to only relevant portions - when possible, copy and paste text instead of screenshots -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ea4dbc74-aa29-dfc0-fda6-4b5dbe7db372%40danwin1210.me.
Re: [qubes-users] using two whonix-gw instances
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 9/25/19 5:26 PM, 'Jackie' via qubes-users wrote: > Whonix vms have stream isolation so different whonix appvms, or even > different applications within the same vm, will use different tor circuits. Oh wow... that sounds great. I just discovered there is actually a whonix-users group ... I will post my question there too. Thank you! /Sven -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl2L8yoACgkQ2m4We49U H7Y+/hAAyxvND+NBLI2HGfCM5CItI2nolO1XMsVB7XQ/a/Dko6Om3zUAhLfVPggJ UKnNhl5bfdRtjM6RWNb9k2xoX+NRMdxVyX8A0tXBWu4sR/toZEKSCh9EXF8ituxo ud9G/kTvDJmkh/MSOK8gU7BpNwRQOnxAObc0OPEzfodSWBMzzY4uZl4fvH03keh9 ctvu6xewXsR1cOvVwggR98gTr3prWNPXSe2J9wsK+yzzGEq9NEVYCFBe+5e4frGf /U3AcDA/z4r8NyTWWxM3RgS2YqQdPs/jwaOmPp5YxuNlr9LbuzwQsGU7LnN5xioA 1c7xPHZ6b7pVV5fj4g0GNA70FLFb2LV3qS1YSPz931Wiy/m8Tt6Yaxlp5VLk9zV4 hhF5E+9rcmsON3fK74Ae2U6MRFsxD6cCzuimWAxr6ZYZPdYlL9iQurcvelhscjAe mjsQPTRLmwxn8zNVgC7579VZn4rWH8wqPUeQv4/+7eG4rQpY+PmQ17uJSo8zHFU9 9p/Ha2dSa46bA0U7KDfr3Kos9JqA17mgf43ozETafiShR/o+IMy+rPudA6D2Mqku Eo4dWn6Y8p4L67ytgI1b/iEZeQZEg1QWW0IrcWQXxzyO/yji7UnctzORa10V3cZd iXIx/5e1Z/8W7zj+F4TBLC1XWClajKp8vlLpFniZ25pd5XFzClA= =a4uj -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fd38deb5-4057-631f-c333-8f679e2ed8d4%40svensemmler.org.
Re: [qubes-users] using two whonix-gw instances
Sven Semmler: In addition to my fairly standard dvm based on whonix-ws connected to sys-whonix based on whonix-ws I have now done the following: 1) cloned sys-whonix to sys-whonix-id 2) created app-signal based on whonix-ws 3) installed signal in whonix-ws 4) connected both app-email-private and app-signal to sys-whonix-id The idea being: 1) sys-whonix and the instances of whonix-ws connected to it are for truly anonymous browsing. I have never nor will I ever type in anything even remotely identifying into those qubes. 2) sys-whonix-id is used more like a VPN in that the endpoint of the connection (my email provider or my phone in case of signal) knows very well who I am ... not anonymous at all. However no one in between my PC and those end points should be able to tell. Here is my assumption I would like to check against the members of this group: while both instances (since cloned) will use the same entry guards, the resulting TOR circuits will be different and there is no way the traffic on the one connection can be correlated to the other - right? /Sven Hi, I'm certainly no expert, but i'm not sure having two sys-whonix vms is necessary here. Whonix vms have stream isolation so different whonix appvms, or even different applications within the same vm, will use different tor circuits. Of course it's possible that just coincidentally two applications in the same or different vms could happen to use the same exit node for a period of time, but that would also be possible if they use separate sys-whonix proxy vms. But i might be missing something here, so somebody please correct me if so. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4e3a67aa-aa89-952f-daaf-7a91ae6993ae%40danwin1210.me.
[qubes-users] using two whonix-gw instances
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 In addition to my fairly standard dvm based on whonix-ws connected to sys-whonix based on whonix-ws I have now done the following: 1) cloned sys-whonix to sys-whonix-id 2) created app-signal based on whonix-ws 3) installed signal in whonix-ws 4) connected both app-email-private and app-signal to sys-whonix-id The idea being: 1) sys-whonix and the instances of whonix-ws connected to it are for truly anonymous browsing. I have never nor will I ever type in anything even remotely identifying into those qubes. 2) sys-whonix-id is used more like a VPN in that the endpoint of the connection (my email provider or my phone in case of signal) knows very well who I am ... not anonymous at all. However no one in between my PC and those end points should be able to tell. Here is my assumption I would like to check against the members of this group: while both instances (since cloned) will use the same entry guards, the resulting TOR circuits will be different and there is no way the traffic on the one connection can be correlated to the other - right? /Sven -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl2L5bAACgkQ2m4We49U H7aWew/+PBWpr9Y7dJ8TaQIKb6gE/YmaCGACNt7z1JREYQXtSKmYa2ktQtwOSDJf vxKCECnJhfKAm6IsgFUiACtYcPM/3Cfj002N4dXXmzas6RrXl4i7MFTBi91P+wvJ wU/sGAO2Lvb9PqfTanQZzaEmLk/ulECSpRRpeS8X1b92XOuFNnLJWJnQvdCacyre qgwdX8L0mLTx71Q5uckWJpJZgu97qh7tZke3/OlBGKCG5J1WYKKKHb9uvzTwDmET ZY1GYfI3rSLuHZz0jeIx+5R39GLJuVfkQwj6nHF0pz8uQSSo05+DUrF0J9bIV0uu wYzNGvJjNcrhPAvD38viAO7Q7uPK+MgeYBZpHkQ+nL/uzGrdQr00RICnVdH+n8Zy D7aMBK9IvObFhDA76nEIaC1A2WarOaNb4QOR2xkMgl0ba06JcWVogSu3llFd8VuB 4bhxlPK3mitwNb25nsKV3dkMZ8ieV/H3r3Qjm0GgtzQGrppSLsYEnozqHp4vDhkY dHk1T5xbA36zewXY9BBeAYUtAfV36+dCXoLaWIdXDxXd1dC1nVgQOtYyRQ7QSvZ9 u+LDEshgDjdGZ7qN7u+zS5SJjJmHNhjr465eTq1znoh2gaMvPbruh0UUzXyAnCpm zlEyYPT/b9bRmgsMiwPp8eutIzYNRadNDd1khaynosIup63waeg= =Jmzb -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1f900152-275c-1503-aaa1-59d462d33a54%40svensemmler.org.
