Scott Hanselman

A while back I installed some crazy open source network adapter virtualization software. Don't ask. It was a bad idea and I happily clicked Yes Yes Yes, Oh Yes, I Know, Hurt Me, Warning, Sure, Absolutely, Next, Next, Finish without a thought.

Later, things started acting wonky so I uninstalled it. Unfortunately, their uninstaller didn't so much "uninstall" the program as it "uninstalled the uninstaller then left everything around chilling." This left my system in a really weird state with half-connected phantom network adapters and I was getting some weird hangs. Each time I uninstalled these 7 (!) phantom network adapters, they'd be back on a reboot. Clearing removing them with the Device Manager UI wasn't working  for me.

At this point it was either time for a repave of the machine (basically a complete reinstall since I got it into a bad state) or running around in the registry and deleting these phantom adapters. Since I'm supposed to be technical, and since I was ready to reinstall it wouldn't hurt if I messed up the system, I fired up regedit.exe. I ran it as Administrator so I could have (I thought) the ability to delete anything.

I searched for the brand of the adapter I was wanting to delete, and when I started deleting stuff I was getting smacked with
"Access Denied." What?!? I'm the all powerful Administrator! sudo make me a sandwich!

Administrator isn't all powerful. There are other, deeper users like SYSTEM that have access to things Administrator (rightfully) doesn't. Considering that I am trying to removing low level network stuff it was good that I was being stopped.

That said, what's the best way to motivate an engineer? Tell him something  isn't possible. I hate getting Access Denied. Deny this, I say! So I turned to the SysInternals Tools, specifically PsExec.

If there was one tool that really "takes the safety off the gun," it's PsExec. You can hurt yourself and your system with PsExec in ways where you'll not realize until it's too late. There aren't enough words with big enough fonts and scary enough evocative stock photography to fully express how dangerous this tool is.

That said, here's cheerfully how to use it! Woohoo!

psexec -s -i regedit.exe

This has to be run as an Administrator. It This line says, "run this command as the SYSTEM account and let the process interact with the desktop." If I look at the Task Manager after running this command, check out regedit.exe:

At this point, I was able to delete basically anything in the registry. One other way I could possibly delete keys that I couldn't as regular Administrator would be to launch Windows into Safe Mode and try editing from there.

Other awesome things you can do with PsExec include running processes remotely (which is kind what it's doing when I run it as SYSTEM, just all on on machine.) with a Service that gets automatically installed remotely and then runs the processes.

Here's how they do it (it's not a secret):

PsExec allows redirects of the input and output of a remotely started executable through the use of SMB and the hidden $ADMIN share on the remote system. With this share, PsExec uses the Windows Service control Manager API to start the PsExecsvc service on the remote system which creates a named pipe that PsExec communicates with. This named pipe is what allows for input/output redirection back to the system that launched PsExec.

For example:

psexec.exe \\REMOTECOMPUTER –i –u DOMAIN\username –p Password –d yourexe.exe

It's useful to remotely execute things, but it's even more useful to "terminal" (not quite like ssh) into systems like this:

psexec \\remotecomputer cmd.exe

Which means you can run commands on that remote computer as if you were there, in a SSHy way.

C:\>hostname
HANSELMANLAPTOP
C:\>psexec \\REMOTECOMPUTER -u DOMAIN\Administrator cmd.exe
C:\>hostname
REMOTECOMPUTER

Powerful but really useful stuff for when you really don't feel like RDP'ing (Remote Desktop'ing) into a machine to simply run a command.

Be careful out there!

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

About   Newsletter

Hosting By

I got a haircut today. And I hired a designer to redo my blog theme. Both of these things put a pep in my step. I feel SO much better now.

I hear that there's supposed to be some kind of unicorn out there called a "devigner" that is both an amazing designer AND an amazing coder. I can only assume these mystery people are also pretty, well dressed, socially adept, and good at Halo. All I know is that I'm NOT that person.

When you meet a designer who really "gets" you, you've found a gem. I explained the feeling, the texture, the style, and the elements of what I wanted to designer Jeremy Kratz. Jeremy also designed Stack Overflow, in fact, although I only learned of that after I hired him. Isn't that an amazing coincidence? Funny how these things work out.

Of course, if you are reading this post via RSS, you don't care and that's fine. If you are actually here on the site, you'll see that the new design has a light CSS media query and some specific widths and min-width's set to make the site look better on your mobile device or tablets, as well as low-resolution screens. Basically any browser that supports CSS media queries will have the right bar removed when resized to under 1024 pixels wide, while still looking pretty nice at sizes as small as about 700 wide.

Here's how you do a CSS media query. This is basic, certainly, but it's a clean way to get a good looking site on a large monitor, tablet, and most smart phones.

@media screen and (max-width:1024px)
{
  #bars
  {
  padding-right: 0;
  }
  
  #mainbar
  {
    border-right: 0;
    margin-right: 0;
    padding-right: 0;
  }
  #sidebar
  {
    display: none;
 }
}

There's a new navigation bar and search at the top with quick access to podcasts and videos both here and on Channel 9. Also check out the newly styled Calendar View if you want to see posts by month or year. There's also the ridiculous Archive of every post I've ever done by category. Comments are styled more cleanly and are easier to follow now as well. In the upper corner is the Feed, Twitter, Facebook, and Google+.

There's no way I could have done this. I'd been messing about here and there with my blog over the last few years trying to update it, remove some things, make it fresher. I was fooling myself into thinking that skills with CSS were design skills. I was fooling myself that having good taste and style meant I could design myself out of a web paper sack. Just because you like nice shoes doesn't mean you'd make a good shoe designer.

I was even thinking I'd have to move off of DasBlog onto something like WordPress. I wasn't sure if DasBlog (which is pretty long in the tooth right now) could handle it. The thing is, though, that this has been a pretty high traffic few weeks and DasBlog has pushed a million page views on this single little box since the first if July. It has survived two Slashdottings, a FireBalling, and being on the home page of HackerNews three times in that period. At the same time, I've watched sad little WordPress blogs get decimated when they got similar traffic, tipping over easily.

The fact is, I like DasBlog. It's got no database, it's fast as hell, and it's more flexible than I give it credit for. I was thrilled that Jeremy was able to create a new DasBlog-specific theme and I was able to drop it in and get it working in 5 minutes. I'm still tinkering here and there, but it's done and it's lovely.

This new site design looks great in every awesome browser like Opera, IE9, Chrome, FireFox, and even all the way back to IE7. It looks like a steaming pile of ass in IE6. As it should.

Coincidentally there's new other designs coming on some sites that I'm either directly involved in or orbiting in an advisory capacity, so expect to see some dramatic changes on sites like http://www.asp.net and mini-sites like http://microsoft.com/net over the next few days and weeks.

Thanks, Dear Reader. Now, go hug your friendly neighborhood designer. They are better at this than you.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

About   Newsletter

Hosting By

Browser version numbers continue to march on. IE9 is here, IE10 is coming, Firefox 5 and 6 are here with 7 and 8 in the wings, Opera's on 11, and Chrome is on, I dunno, somewhere between 14 and 50. Regardless, we'll all be on version 99 before The Singularity.

There is a bug in the browser definition files that shipped with .NET 2.0 and .NET 4, namely that they contain definitions for a certain range of browser versions. But the versions for some browsers (like IE 10) aren't within those ranges any more. Therefore, ASP.NET sees them as unknown browsers and defaults to a down-level definition, which has certain inconveniences, like that it does not support features like JavaScript.

If you want to see this for yourself, create a new, blank Web site (e.g. in Visual Studio 2010), add a control that requires JavaScript for postback (good example: <asp:LinkButton>), and then run the site using IE9 (where it works) and IE10 (where it won't). View the page source and compare the HTML and JavaScript sent to each browser.

A similar bug affects Firefox versions 5 and above, where support for using JavaScript to reposition the scrollbar in the browser is not detected. This basically breaks the MaintainScrollbackPositionOnPostBack property for Web Forms pages.

These "misdetection" bugs affect Web Forms pages in both ASP.NET 2 and ASP.NET 4. If you are using ASP.NET Web Pages, or if you're using ASP.NET MVC or ASP.NET Web Pages and are not using the Browser object to detect JavaScript support, you will not be affected.

Fixes

There are two ways to fix this: one is a machine-wide fix, the other is a way to fix individual sites.

Machine-wide fixes

We're releasing a hotfix that will fix these, which you'll be able to get to via some KB articles. These KBs with fixes are live and are the best way to update your system. The fixes solve the browser-detection issue forever for all sites on a machine. These will be rolled up into future versions of the framework and will eventually also be on Windows Update.

• .NET 4 - http://support.microsoft.com/kb/2600088
• .NET 2.0
• http://support.microsoft.com/kb/2600100 for Win7 SP1/Windows Server 2008 R2 SP1, Windows Vista/Server 2008, Windows XP/Server 2003
• http://support.microsoft.com/kb/2608565 for Win7/Windows Server 2008 R2 RTM

What the fixes do is update the ie.browser and firefox.browser files in \Windows\Microsoft.NET\Framework\<version>\Config\Browsers with new and future-proofed versions of these browser definitions. Nothing else is affected.

Site-only fixes

If you don't have access to the whole machine and/or just want to update a single project, use NuGet to install the App_BrowsersUpdate package. Your site structure in Solution Explorer will then look like the image at right. Note that NuGet uses .NET 4, so for systems that have only .NET 2, you'll need to get the ZIP file and put the new browser files in App_Browsers manually.

• .NET 4 Browser Update NuGet Package - http://nuget.org/List/Packages/App_BrowsersUpdate
  • install-package App_BrowsersUpdate
• .NET 2.0 Browser Update NuGet Package - http://nuget.org/List/Packages/App_BrowsersUpdate.net20
  • install-package App_BrowsersUpdate.net20
  • Note that NuGet is VS2010 specific so if you don't have nuget.exe and .NET 4, you can also copy the .NET 2 updated browser files into ~\App_Browsers manually from this zip file.

Updating the whole machine is the preferred way to fix this.

Summary

• ASP.NET might not recognize the most current versions of some browsers, and will consequently treat them as down-level browsers. (Basically: no JavaScript.)
• The fix is to get updated browser-definition files.
• You can install a machine-wide fix or just fix individual projects.
  • Hotfixes are availble with download links.
    • .NET 4 - http://support.microsoft.com/kb/2600088
    • .NET 2.0 - http://support.microsoft.com/kb/2600100
  • The files will also be part of the next batch of .NET 4 fixes, which are anticipated to ship around January 2012 via Windows Update.
  • The next version of the .NET framework will include all the updated files.

If you're interested in more detail than you need, I’ve uploaded the updated versions of firefox.browser and ie.browser files that are expected to ship with the next version of ASP.NET. The files and source is up at my BitBucket repo if you are interested in the details.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

About   Newsletter

Hosting By

pho·ny also pho·ney (fō'nē) adj. pho·ni·er, pho·ni·est
1.
  a. Not genuine or real; counterfeit: a phony credit card.
  b. False; spurious: a phony name.
2. Not honest or truthful; deceptive: a phony excuse.
3.
  a. Insincere or hypocritical.
  b. Giving a false impression of truth or authenticity; specious.[0]

Along with my regular job at Microsoft I also mentor a number of developers and program managers. I spoke to a young man recently who is extremely thoughtful and talented and he confessed he was having a crisis of confidence. He was getting stuck on things he didn't think he should be getting stuck on, not moving projects forward, and it was starting to seep into his regular life.

He said:

"Deep down know I’m ok. Programming since 13, graduated top of CS degree, got into Microsoft – but [I feel like I'm] an imposter."

I told him, straight up, You Are Not Alone.

For example, I've got 30 domains and I've only done something awesome with 3 of them. Sometimes when I log into my DNS manager I just see 27 failures. I think to myself, there's 27 potential businesses, 27 potential cool open source projects just languishing. If you knew anything you'd have made those happen. What a phony.

I hit Zero Email a week ago, now I'm at 122 today in my Inbox and it's stressing me out. And I teach people how to manage their inboxes. What a phony.

When I was 21 I was untouchable. I thought I was a gift to the world and you couldn't tell me anything. The older I get the more I realize that I'm just never going to get it all, and I don't think as fast as I used to. What a phony.

I try to learn a new language each year and be a Polyglot Programmer but I can feel F# leaking out of my head as I type this and I still can't get my head around really poetic idiomatic Ruby. What a phony.

I used to speak Spanish really well and I still study Zulu with my wife but I spoke to a native Spanish speaker today and realize I'm lucky if I can order a burrito. I've all but forgotten my years of Amharic. My Arabic, Hindi and Chinese have atrophied into catch phrases at this point. What a phony. (Clarification: This one is not intended as a humblebrag. I was a linguist and languages were part of my identity and I'm losing that and it makes me sad.)

But here's the thing. We all feel like phonies sometimes. We are all phonies. That's how we grow. We get into situations that are just a little more than we can handle, or we get in a little over our heads. Then we can handle them, and we aren't phonies, and we move on to the next challenge.

The idea of the Imposter Syndrome is not a new one.

Despite external evidence of their competence, those with the syndrome remain convinced that they are frauds and do not deserve the success they have achieved. Proof of success is dismissed as luck, timing, or as a result of deceiving others into thinking they are more intelligent and competent than they believe themselves to be.

The opposite of this is even more interesting, the Dunning-Kruger effect. You may have had a manager or two with this issue. ;)

The Dunning–Kruger effect is a cognitive bias in which unskilled people make poor decisions and reach erroneous conclusions, but their incompetence denies them the metacognitive ability to recognize their mistakes.

It's a great read for a Wikipedia article, but here's the best line and the one you should remember.

...people with true ability tended to underestimate their relative competence.

I got an email from a podcast listener a few years ago. I remembered it when writing this post, found it in the archives and I'm including some of it here with emphasis mine.

I am a regular listener to your podcast and have great respect for you.  With that in mind, I was quite shocked to hear you say on a recent podcast, "Everyone is lucky to have a job" and apply that you include yourself in this sentiment.

I have heard developers much lesser than your stature indicate a much more healthy (and accurate) attitude that they feel they are good enough that they can get a job whenever they want and so it's not worth letting their current job cause them stress.  Do you seriously think that you would have a hard time getting a job or for that matter starting your own business?  If you do, you have a self-image problem that you should seriously get help with. 

But it's actually not you I'm really concerned about... it's your influence on your listeners.  If they hear that you are worried about their job, they may be influenced to feel that surely they should be worried. 

I really appreciated what this listener said and emailed him so. Perhaps my attitude is a Western Cultural thing, or a uniquely American one. I'd be interested in what you think, Dear Non-US Reader. I maintain that most of us feel this way sometimes. Perhaps we're unable to admit it. When I see programmers with blog titles like "I'm a freaking ninja" or "bad ass world's greatest programmer" I honestly wonder if they are delusional or psychotic. Maybe they just aren't very humble.

I stand by my original statement that I feel like a phony sometimes. Sometimes I joke, "Hey, it's a good day, my badge still works" or I answer "How are you?" with "I'm still working." I do that because it's true. I'm happy to have a job, while I could certainly work somewhere else. Do I need to work at Microsoft? Of course not. I could probably work anywhere if I put my mind to it, even the IT department at Little Debbie Snack Cakes. I use insecurity as a motivator to achieve and continue teaching.

I asked some friends if they felt this way and here's some of what they said.

• Totally! Not. I've worked hard to develop and hone my craft, I try to be innovative, and deliver results.
  
• Plenty of times! Most recently I started a new job where I've been doing a lot of work in a language I'm rusty in and all the "Woot I've been doing 10 years worth of X language" doesn't mean jack. Very eye opening, very humbling, very refreshing
  
• Quite often actually, especially on sites like stack overflow. It can be pretty intimidating and demotivating at times. Getting started in open source as well. I usually get over it and just tell myself that I just haven't encountered a particular topic before so I'm not an expert at it yet. I then dive in and learn all I can about it.
  
• I always feel like a phony just biding my time until I'm found out. It definitely motivates me to excel further, hoping to outrun that sensation that I'm going to be called out for something I can't do
  
• Phony? I don't. If anything, I wish I was doing more stuff on a grander scale. But I'm content with where I am now (entrepreneurship and teaching).
  
• I think you are only a phony when you reflect your past work and don't feel comfortable about your own efforts and achievements.
  
• Hell, no. I work my ass off. I own up to what I don't know, admit my mistakes, give credit freely to other when it's due and spend a lot of time always trying to learn more. I never feel like a phony.
  
• Quite often. I don't truly think I'm a phony, but certainly there are crises of confidence that happen... particularly when I get stuck on something and start thrashing.

There are some folks who totally have self-confidence. Of the comment sample above, there are three "I don't feel like a phony" comments. But check this out: two of those folks aren't in IT. Perhaps IT people are more likely to have low self-confidence?

The important thing is to recognize this: If you are reading this or any blog, writing a blog of your own, or working in IT, you are probably in the top 1% of the wealth in the world. It may not feel like it, but you are very fortunate and likely very skilled. There are a thousand reasons why you are where you are and your self-confidence and ability are just one factor. It's OK to feel like a phony sometimes. It's healthy if it's moves you forward.

I'll leave you with this wonderful comment from Dave Ward:

I think the more you know, the more you realize just how much you don't know. So paradoxically, the deeper down the rabbit hole you go, the more you might tend to fixate on the growing collection of unlearned peripheral concepts that you become conscious of along the way.

That can manifest itself as feelings of fraudulence when people are calling you a "guru" or "expert" while you're internally overwhelmed by the ever-expanding volumes of things you're learning that you don't know.

However, I think it's important to tamp those insecurities down and continue on with confidence enough to continue learning. After all, you've got the advantage of having this long list of things you know you don't know, whereas most people haven't even taken the time to uncover that treasure map yet. What's more, no one else has it all figured out either. We're all just fumbling around in the adjacent possible, grasping at whatever good ideas and understanding we can manage to wrap our heads around.

Tell me your stories in the comments.

And remember, "Fake it til' you make it."

[0] http://www.thefreedictionary.com/phony

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

About   Newsletter

Hosting By

Alternative Title: "What good fraud detection looks like"

My recent 'screed' called "Welcome to the Cloud - "Your Apple ID has been disabled" got a number of people talking. Yes, Gruber's DF called it a 'screed' which is a common enough term on his site I suppose. Sure, it was a rant, I'll accept that.

MG Siegler from TechCrunch had these comments, some very valid. Emphasis mine.

But what Hanselman, who happens to work for Microsoft, seems most upset about is that Apple sent him a email warning him of strange activity on his account, but worded it in a way he didn’t like. And then they locked down his account with wording he didn’t like. And they made him go through iTunes to double-check his activity.

And he doesn’t like that Apple knows what device he has, but let the download happen anyway. I mean, people buy new devices all the time. What’s the proposed solution here? The perpetrators clearly had the correct Apple ID and password. I’m not sure what you can do to protect against that. Kill the cloud?

I honestly don't how my Apple ID account was compromised. I had a high-entropy generated site-specific password. I've scanned all my systems for trojans, keyloggers and rootkits. However, that's not the point, nor was it the point of the post (although it was a bit of a rant on my part, admittedly.) The point isn't even Apple-specific, although they are an excellent example.

This security related user interaction could just as easily been on Xbox Live, Amazon Kindle, DropBox, or any of a hundred other Cloud services. Regardless of how the fraud occurred, what happens next is a user interaction point that is an opportunity to make things right for the customer.

Before I worked for Microsoft, I was the Chief Architect at an Online Banking vendor. At our high point, 25% of the retail online banking in the US ran through the system I worked on. We worked half the top ten banks in the country, as well as banks overseas. We worked with anti-fraud systems and the FBI. We designed a number of interesting systems around keeping users safe and informed.

For example, in one system, if your account password is compromised the bad guys could be able log into and see your account balances. However, there was a scale of 'risky operations' from seeing your account numbers (hidden by default) to transferring money internally (risky) to transferring money overseas (very risky) that would throw up gauntlets. Using Bayesian algorithms we would assign a user's session and their activities a risk value. When those values passed a threshold, we get challenge them for more information. The user isn't bothered when they do the stuff they always do from the computers they always use. But if you're suddenly on a new browser from a new system in a new country doing something you've never done before, we'll challenge you. This kind of adaptive real-time fraud detection with security gates is will have to become the norm in user interactions with Cloud Services.

MG Siegler calls me out here:

Apple sent him a email warning him of strange activity on his account, but worded it in a way he didn’t like.

Here is the email and what it made me feel. Then I'll propose a solution.

Your Apple ID was just used to purchase 明珠三国OL from the App Store on a computer or device that had not previously been associated with that Apple ID.
If you made this purchase, you can disregard this email. This email was sent as a safeguard designed to protect you against unauthorized purchases.
If you did not make this purchase, we recommend that you go to iforgot.apple.com to change your password, then see Apple ID: Tips for protecting the security of your account for further assistance.

I read this as:

• We know what devices you have, and a new device we've never seen before has bought something.
• If it was you, don't worry, this email was FYI.
• If it wasn't you, you should go to iforgot.apple.com and change your password and protect your account.
• Whatever happened was probably your fault and you should be more careful with these tips.

It may very well be my fault, but this user interaction isn't designed to comfort me or to make me feel safer. It succeeding in upsetting me and making me feel not only out of control but also helpless.

Here's a email I would have loved to have received

Congrats on your new iPhone/iPad! We noticed you've made your first purchase, as your Apple ID was just used to buy 明珠三国OL from the App Store on a computer or device that had not previously been associated with that Apple ID.
Ordinarily we wouldn't bother you but we noticed a few things about your recent purchase.

• You've never purchased an app in Chinese. Your last 492 app purchases have been English.
• This purchase was from the China Unicom carrier, while your other 3 devices are on AT&T.
• This purchase originated from a location in Shanghai, while your previous app purchases have originated from Oregon.
• This application included In-App purchases over $20 and you've set your in-App purchase threshold at $10.

We realize this may be inconvenient, but in instances like these, it's best to be extra careful. We need to associate your new device with your Apple ID. This is a one-time operation. If you made this purchase, please click here to confirm. This email was sent as a safeguard designed to protect you against unauthorized purchases on new devices.
If you did not make this purchase, click here and let us know. The security of your account is important to us and we always recommend you

protect the security of your account.

MG Siegler says:

And he doesn’t like that Apple knows what device he has, but let the download happen anyway. I mean, people buy new devices all the time.

I have, according to iTunes, 492 applications. They have all been purchased on either my iPad or my iPhone. I purchase new apps all the time. In fact, the ratio of my app purchases to my device purchases is 492:2. I realize MG says "people buy new devices all the time" but I would argue that a single confirmation email on the first application purchased on a new device would greatly reduce cases of fraud like this (assuming you don't have a @me email account that the bad guys own.)

This is a single example of an Apple interaction, but I would expect nothing less from my Xbox, from my Kindle, or from my Bank. In fact, I get notifications from Gmail that make me feel better about my interaction with them, not worse. Recently I logged into my Google Apps account and a small red banner was at the top that said "You are forwarding email to foo@foo.com. Why is this notice here?"

I saw this Gmail notice and said to myself, "rock on." I didn't realize I was forwarding emails with certain keywords to another account. This could be an attack vector for bad guys to siphon information out of a compromised email account. And the "why is this notice here?" link is subtle brilliance. Inform the customer and answer common questions.

Gmail also has a "notify me of suspicious activity" setting. I receive this when I am overseas or after coming back. Also brilliant. You don't usually go to Poland, so here's how to protect yourself.

I expect my cloud services to let me know in a way that escalates appropriately with the threat when something that doesn't' match my patterns happens.

The meta-points are

• The Cloud(s) and all its services are protected only by our passwords and the most basic of fraud systems.
• Cloud services are totally centralized, which makes them a big target, but they have activity information about what we're doing online that isn't being utilized to keep us safe.
• We, the Users, need to demand better, more secure interactions from the cloud vendors that we put our trust in.
• It sucks to lose access to your cloud data.

What are your thoughts, Dear Reader?

Thanks to Matt Sherman for the Alternative Title! ;)

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

About   Newsletter

Hosting By