From 57b1ebd43c18795a2df3b3c6029c78e4eec31cf2 Mon Sep 17 00:00:00 2001 From: Mike A Date: Fri, 23 Feb 2024 14:38:39 +0100 Subject: [PATCH] feat(docs): Add network overview --- docs/getstarted/account.md | 5 ---- docs/technical/1-Network.md | 41 +++++++++++++++++++++++++- docs/technical/dependency_diagram.png | Bin 0 -> 33298 bytes 3 files changed, 40 insertions(+), 6 deletions(-) delete mode 100644 docs/getstarted/account.md create mode 100644 docs/technical/dependency_diagram.png diff --git a/docs/getstarted/account.md b/docs/getstarted/account.md deleted file mode 100644 index 2835f0b..0000000 --- a/docs/getstarted/account.md +++ /dev/null @@ -1,5 +0,0 @@ -# Logging in - -Some useful features of this library require an active login session with Apple in order to work correctly. -That's because the remote endpoints require authentication to actually retrieve data. -This page will guide you through the steps needed to log into an Apple account using FindMy.py. diff --git a/docs/technical/1-Network.md b/docs/technical/1-Network.md index 3c2ff43..1de4d8c 100644 --- a/docs/technical/1-Network.md +++ b/docs/technical/1-Network.md @@ -1,2 +1,41 @@ -# Overview of the Network +# The Network +This page aims to provide an overview of how the Find My-network works on a technical level. +It does this by explaining in detail what data the tags are broadcasting, how this is picked up +by surrounding iDevices, and how generated location reports can be retrieved. + +```{note} +While official AirTags (and compatible 3rd party tags) use the same principles as described +in this document, they also offer a key rotation feature. To learn more about +how this works, please check out the dedicated [AirTags](#10-AirTags) page. +``` + +## Overview + +Simply said, the FindMy-network works by having accessories such as AirTags broadcast a unique signal over bluetooth. +Any nearby iDevice, such as iPhones or iPads, are able to receive this signal. Once the device is aware of the nearby +accessory, it will upload its current location to Apple's servers, from where it can be retrieved by the owner of the accessory. + +Apple has put a lot of effort into making the network as private as possible. By utilizing encryption, +it is possible for finder devices to encrypt their location with a key that the accessory is broadcasting +before sending it to Apple. This public key allows encryption of certain data, but not decryption. In order +to download location reports for the accessory, we therefore need the private key corresponding to said public key. +These keys, together called a key pair, were generated and exchanged when the accessory was first paired and are now +stored on the owner's devices. By downloading the correct encrypted location reports and then locally decrypting +said reports using the private key, users are able to track their devices without Apple ever being able to read the location. + +![](https://github.com/seemoo-lab/openhaystack/raw/main/Resources/FindMyOverview.png) + +*An overview of the FindMy-network. Source: [SEEMOO-LAB](https://www.petsymposium.org/2021/files/papers/issue3/popets-2021-0045.pdf)*. + +Fetching (encrypted) location reports still requires an Apple account. It is worth noting however, that anyone can download +anyone else's location reports for any of their devices; however, due to the encryption scheme discussed above, +doing this would be rather useless as none of the retrieved reports could be decrypted. This scheme allows devices +to operate without being linked to a specific Apple account. The below dependency diagram visually explains how this entire +system hinges on the availability of the private key; without it, location reports could not be retrieved and decrypted. + + +![](dependency_diagram.png) + +*A dependency diagram of data in the network. An arrow pointing from A to B means that in order +to retrieve B, we first require A.* diff --git a/docs/technical/dependency_diagram.png b/docs/technical/dependency_diagram.png new file mode 100644 index 0000000000000000000000000000000000000000..506f5d0acb100aaab7dc75d4e40b795ae1c8b462 GIT binary patch literal 33298 zcmeFZ1z40@yD&^iBLk?kFr+jC(h>sFAzexgIdpf3)X*g$tw@L<-K`ESARQ740#YI< zUH>x*d%NE{`+Wa-&pG@5{_7fbp7pGCuY29K?i$1Is>l-HQsAPXpb*H*Nvorvpw0t- z%CIqk5w}tcBNP;dW!F2pu6CXlFk5pJMqa6(-xztgtsGoj8F{4{d3a159XZWlCYH`7 zb}pRu=B~gH@ZQeB3}yi{H~Tqs2jQvV7esmO$lc2<_Y}kDadccfAi;ulU zH8-_!09NvFL%4wt1Q?QmIh$KJ0Lx^4%=)>VxvPogPt+6?^^`Svd1dS@xpkm=wt^PA zkeff}xSKn>z#Qz)Pr%CwL1KeEo2!?j`Oi@^b9b1j`Oi@oQxn_sVPIS2Jg9@SnYr`N znLn2D-eKgv4ZJ{pc%{yX20YlC*qyJu3($e%d^zl#cy~->T=}>yEpH1+NxAE3s&m_D z{@C(YXcsW;JY}6t9Iccc%*<^8z-FF5cZb~MJwKG0*Uu3FUcR45S~_3sbG|KdKm+D| zag_5jTe`u_%w5i*os+@A!PXV#_{Tw02YY*S({oOqLo{)AcJTP)Gz$mY^V6NraRd(j z2k6KFjlUx)a#ROq=4$nGt{{)VPh61Wa^^5gtBai>{6at9*qK~RK0k?zm5G^y$ItbD z$CaOSyr8DDg98BX7pDFC`eKrurBjIn>zfz0jIAesmSE_)A**T4r==z(smsB0&UtqeTeowX|0I=*tJj4DJ3F}9oBhyUr0RKC!CcKX98CaG z=au#V1PmCna<#Jso{+CioK4RKMgVvMOogqKgRR3)!RIyOGZ!>N>Z*&YvxANKFK+~S zpuGJ2zrDF&D-SSYX5wP?+wMP+1GLfA{6d^BnEpGJeh}_ov+8$-$(lRZnY%iB0ZhAq zD0oihbM@fiJ13II@4|NTVvg0Xg2sEk(BxdeEq{ZJGy#7`2!J`~GW4(UM_S*%5w(BF zU&wzee=P(}%}q^zgsiFV@=##9e{bi z*k5x`n5!-@lbe$dc!7MmS-1fKy0jxtcgz0^Z*bX#a5D|EY;~Hn#=D+x?G-{_kP=`SJg7oATQNgpf3Yxij+c zTOz;Su{U-0a&!gmG#+l-zgO3v^MQ-tmnA=``ims}E+>EDPW~TPVx9}-{Oc+4x##!` z>Hj;G_*`v&sPJzJ{cl%d-v7Im7;>(~|Ghl_N%Q{_Bm8IiCy3nhU;CN=&`DF;ZG@&Ru%G3j=iS(nI*qy^8NrGB{czeO1Tdd>OlA71@`H1p3n|L1b>%WZVm8Rl-{3SC|%(CcSi5O2>uVd^w%+Z=W_Oo(Ubd`K;q$cbc5Q$ zO#hO`kN4ujIyZiQVUHSeF7^Mt*6*kF`7d#=ez;A4BF6n8iGRl0Ad`82X-jtVZ={p= zg2(?kOZFGDH0N^gi>0~y*EKMI>s|eo4a|9Y>%Z5){0}GIAb&RK`?vd7NPpx%u6F&1 zjQ$H_os0ATqK&s59f1-S5BF_TQ=o$NS5JiBym@|a{`JD03%~Xk-T=AK-_xSpCblrk zpS5*hu?Q=x!U}k2>^5{RThW;K#Ba`cYOuqhnmNBt|*&;nTZF6Tc6MK{M zX}{FVO!y#XJU~_aJU9REt+_xhDq!c%<;CMKl6DcQ{91AO-&gJA`FrR8;!6ITRL5Ue zGI;n+cz}L}{~5{nN2T!pDbe`hE&h|PjPqRDFa0mS`r$v`UUc02d~v=2+1m6oBYNpE zz5xmfEsDJKZB0+ZjZCbJD|c$!x!4u^g_iLj5m zlnEyykczR80VhFE!kBTn3h!uXq{YzkTfgg$lIq^d-oD=#mA#iQ&YCp}?6utN8psA1 zS?(3oIwbaX#&j<(bS5;hsg7DF)avg@XJ<~;XnnPP9l6&@49?cQ9EH^pl>J}K%Ms*7{+(MTnmq3k|d@@{rTy`;HGR?DdI{RU2Q&Og`BFw zMajQb-xpzAn$qfPAELsEL;3M}aGQ3!wAHLrRa_yocrv$pVyj%T=}jV2*i0R`{e^Z? z+1ph4NDR3LKR#`eXa<%lDI|^V^7Sf&9k^Tbox(*kgFCli&d%u-?8Su2iRVy@u*oz= zx*~=%ryCfTV#h;Y%nZ6U>^WY==1)Ec_V5mho>R$-QN|f@#cQ3m)FS%0TBTsEsTu-p zKV8mq^y*?HFbAH}thlQl@mp+0!PHlGWz_SXNXBm)2g(1$iB=cmH7@B>5Eh) z84R{QZVzuvM&u38$S?|lJ-Q+rLT&kC~(R6p>chwhP)i_B;v3z*Q z_o63!Lu9dM#YMgNHg(~i@21)P%79s(NpAZWxp<0PcN~fsbp|q1NDMqWaJHhKuT_|R zwQ=5U6IU;kvKde_(OcYfuvFB|S8^V&^DrM@HyUkK@1u~*L{;r>r94fTGo;}ZQoNQZ zBGby)S-TErMvz{nNopTxc^cf%rkuoR^XfRuvc_}DG5bnGeH#1vSwwJ%Wn2$oRlLg? zRTBJCFJr(c?$D=9Fh1A0PJT^&zyglZJx(vC;gcWo2`)T&8@`2Ww0r#C*}3yNi-#&+ zeZB0mAUKpv@(LmQea3*8eI@5BTy!4(JWB3o+(t3p!83IgOT90HUACT#-^it;a%649LaJuCM2d35Euwmd}(zno~x?hJ&u-am4LdPK@Og_9HSsF{wu(lXJf zASN!Fq$T0xTZ&>eCv~24rw=jCR%m&4(E#3fA($ZSvgU4%XsX~T+GvZHqUg>&TCM9= zY)Qgir@PzHWCttZs0vl(hS6>|h8HrA7bpnUZpt3I@_nqxWT!}a6#cE*b#lAalJZ&oF4@^&axq3qA?|o-elXdkjU%^k z+vA(N4y;RGZF6x467*CyrV9KyT`V;UM@8J3E6VkHyWqpD2+&<@7{BVSegzC&=yb2d z(*`k^Qrh)ejLWNHQzM~NU8s9u^6pi)tsF}N?-Wh1=b34kt-h;O#(ny?C|eyzzZ?ZW zvY!-`2a9=pEwk)9AgK4>NV`(3r}dJE=6%zB)|ol|ZOt1SUT&*);af`bq=g0=6<1k5 z=wXR-oOxqj<&bS=(fj7|CYkG1=Q*vVM@m*mvhEL`njtXTCidXV-7C#lqI7PeyQ1@r zX$YU#2_tamJ9{#bQC`NT?!=EvacHA#Ma3gWqEPIOxnch+aFJk$)RI!xdTp`3PXD4F zeMj~7DB-Pahm`N+Zx&|P}*(jYUI`6=)Hnprv7T6|%zU_3t zu$<`aDc23jTc)RI2WB1k-SHx|Rcr6mDEMt}gy3FHcpZZGzL%G?SlP@hmrBH4NxS48 zi;G3yqi? zr{PnGxWbaKB?XLu7tDM_0) z%!vj5;J!3IJfX0<=GT$eI11OHcJssGt%+K~cQC^vC z73Vcc$9&8+s$b{$)K|#9Sc&Sef-82*kl2v}bvK~jsX6H+J5Tl=)b#cA4y9R|rOP!g zOVHWBP3fMnF9k@l0*Wov>j%Le`ldJUL zB-@2v+T+Y}MQ=FIV1|QI;H;gbl8P)=Hijy`q1w8;#VEktcx{4#m|GQ?>lNx={p2Sy zjfdZp%!{<&Co!&>CrAv35}2Jn9%Op?)rr`V2}!~4MT4xF01YKG>b0rE!^53w1nx~Y zxMtBGmDuhNw_{AW63bm~&XlxWK|(tpmH@lk z;NOMMta_za8(7j#6~l@z<2+_+lSbT>G@yJpd8X$*b`yPY%*m|5Sr~oL)!garRD}LiRibyr3CGw4ECka`Tho%Cl!65fN>6yUc!xs;ZouDrmQ9CBT=_ zzN1_#tUO!L8%A}_7>*bshpU*r*^NU9nV5tCJX#=1>5n1p)h`eMaTMJkNR$9!--QRE zh(5Tp`sM5f0@XDuF=B`st^$2i^ZOdT;eWoy6Jd^$xtyEhij|W%QO3aloYo!xGZNN6 zTeE)VIp&H&yBFY| zk2bc~N?Q-_aGSKIYSRyh?q&Gye+(lgA_C_rBq^+!*3_#4qOew(kIsRJB;`s@<}m1a z3^C31*qp7f=%dgpGY)j!oV_1$mCYg@JXEYlXKCl6gFA(rF8=bGHZK)%H#drN-Iq5nT&j+ z`v!44lz3(@BYc;rUu+jt^m%rHKsGX);9>~^l&sR#N zTkK8I*>z~%(Kh#Z9gMR&`zDOAS6N^tcS^U_-)~3nwKKo%1T8?7yV)j=5T|)WmA_>| z6Bi%Yu);p`rbnC7Ll!yTiE508EQqd~ScKP$C+G{wMBIyeJjcCS5=)zR)08rWwPyYH z?jP*FchKUG3fMnbN_R+Z@jH6avNlz1lOW<@U#L+Kvuc_haO!oi-OIJOK3S<=ZLO75 z_J~D;Nv$>9U$Fl4tq56D2pRvN!_(`n$J>!lN+m^W>}Ob$ShW&V#ZNRj?>FRH$olN8 zGG_a3hx3GpQMySCUHQybeL9eG7+ef8O}mPUWOOn!I?j}^Sj ziDmcZ%DWklxtA?>54IP-F={8+b|w)7Fdd%wBr^5Bzh0upW0@R~!o{nFNy8L)m(dst z+<^k*T2vICzl(jF$}5ZGly%E1S0qa10Rojf!`d^GRf^}^tZMyjHMd~n;FIP*^UAy2Fq41UX5bxk5bT=zQ8 z#6t=05J4~sehb7=HUSkZ6MFoXci{Q^rg1pfifsK^>%n{^*N7pp671Qg1PxALupE6j zpoZybhbn@6nd(SljhEav2xkwz>bL7L=f_Maeq7d52O$x3SyJK~hU+PqEj{j*%Je^6 zVNT*ZJK39iK}hgDPXn&z@&39~Y63{=LD|zDktehja{*_~NO#UW`0;%Em8iWCC5rTN zT77H=`p4=dP;6W0MH6B2^e5cW&d2*sTK7^o?`wXzSLb*;>7(DPz%Da2oqM3w-W0CR zMl6lbIwkki^aLMLYfRJ`lhl-d35ushP`SMcDRhc*j@Kik**al^phE5F9u^uv{zT4rqN`6DEaP#0y(OXV9#$$eJ@JoZXo2; z%OF>wdwl|P&tX<@hC}kVJd$tYzZ%!G3xQP%#owUJ)I}A-Mu>2*^V8!|O=;saLn9lW z*}v4UR_9FxfN1!A>CY4ins>o1#}XL>aVKmWt|6+}FbG};(-s0Ua8JfoDbH9sY$dsN z)?4wVDQys9s;CxZ%8CKq$RskIVyNGyJ??`05kWTzH1ZTvlARZO3ga0$mAL4oI*ea; z!J~^wHI{TqWOk!jJe3MeSE6 z=UHFc!Z(Hwf@q+}5{4Z>EX)Vp+$I3a7=^%Qf+eG}qw^X=@JL_eiL$4gjPq5PD(RR~ zlb&3)plRlXKATf26#rHd2}Z~z-^Dz<_5ICfAQ>}{!?zYDaOYOrCnKZo)f7b;EXMvO!Ud!B28iZPVZ_YMb zzqoXnO5DFm|NR{h9c9N7GX|lI3)x4oPe;RzF`=m%J2u_D_Ro0FM3fwizw4A5itY%F z-QlLYIR=kU&DYE#2g^u6?_YYIHd$E`!SlWfMn7Dj8cPDjxSrn^f626gd|0s3azJ~H zpX>yRi)D9vDT)X>m~%%}$kbn27q%}E6(P#FAi8$obVP$Uc z#Kh)9o_8tYC*Ox3R$DWGC!~VqqPe{OrBWIV0sfV+Bkbihcb4 zHzi_%*V12<*+;PuMZKVX0J4gzDieF?hP}B5*I*rp0+|ZX_N4OJByHEQEX2^3m(|6zTIu;Mr6D?uO)oPD~0+& zpYZPiv`8Khe(-}97{b6Ab3<6{7C7)2Zjp^VQ$<8g1)^h(;9r*}laKId4KG{(DDf$n zjIxrprOQ|C8vi@GLP_;NF+zto#&ZOmwt`YL;el;H3^5{>ZhWtVXx_N3+8`AKE#@^{ zNS-PAghur6cy~WM;c8>P4tu3RwH^&IHg=#fwvzZYiG zm-L2TZ9^$~3GRUT(`r07gkfr2-&GkDpA~sh;vncHz+*I^$4Ll$CX3TDJ-l?YAh(q( zPy-q#a`rZNR#J`6k5xKdV`n%s1FdRn%EcIrlL1eb{S{(B>H$PKTJ+|`rx39lx+(pq zv658mT*6Q8Wd?pmp|VB8;ih+2!~eW~X6rXr73oWnpgc+r2je_QVhX&14ZL&r{P7Nv zS2;s=_;Q#W{!}%HgEnv<2(|lTurp6+0Drk03R?qQ)V!;CPQ=(~sJKp`Cs<{2K=kr* zAnh`(#60&-1L*}z z*`P0{syOA;18MFxlv1s34d{^X;boVQZnNS~SKB_Es&8Y28lF}p>%suiM0*PlikRDe z?Y0|m%Vx^iL#P%7K=hu1ZK?r~eaPJK0?rp(=jvXpJ0%Pd7Ip`gf$>n{fg}~iXH<4| z%QIQ<7rTq!7P!hT?g3akMT_@`?+={eCq3l?0>;{|1Qgl_y6A;|*qz(3ok z6Y!Y-evQW&04tN4E4f<5gH~T#je;qV7W4#!^{*l^U`=KIKVP#2??n+FkiP>Eow?k^ z02xcJlf6Smb^mP5kErbXeZRw=3auh^c<7x=zeTfw>?j=9LH1Y-$%iOMt#OWtMoB;n3dD)uAMA-g zvL>KZ$QJWEwq~cP;0h$7m+6`nKYK)oMOfv)sK-l;O$UUbw}Ty=27#~_!0aC2KKtG> z&1b*Ygn+W&q_INlOS_p2&JFua4}4O(qVMl3rNO==uhMxY4EId z)~grmLRu-_hONtfXbVK&wklAm@H`eg(u(1uL!~4#KC`5^w0aS76$t1pm7mR2UgJy< zYCQuFTlS9x2ULW~HOrFOyG0jItP?yoV(&$dBFnh|_pR7w(HFVp3HT|PD-ln)`ZdpWss zJN2g9i<{qVXXme`VE_>dlV6s<{#d}CvK9Y>YCvWH^hg=LQbblaoK>zDuLR@2n444U zP|mo)VNf#y56efpZ9LoL#Zwm$FeyQF8N)vLqXdwLksL1!{CvhPGS9=ZE;{RNz}W%E zrx8+DcyxoPAVmy_@mqrD|B2OW@Jp)0$VN?>+IdKZjYIvGjY z`*?+y(KMNTs6+}2Hu60F3ah4E#5E3UB9$~{Hq;C<5^{1Dz$bnrRB0hUlGHo2`3kEZ z!uAryiv}lG5{Ui%q!@I6P_-b`=YS@lCzegSD_PXXTva+)^M-+Ta;aY8lC9m9BehbHjH zkL1N1QDev)W19uW*YSL0{>7piH+uChobOeLZ zfy3sSkpF7cm9BJIPQwOvwZTE>)4l55mx4Aj$eJhxU;+DH<${j72?HFye_YN=`8aT< zdcD4&nk;a?Z=kiSZBIPTVb(`Sf26TbbZA*y{B5}&jzRew66ige)?vZkKRnLf=)Glo^lfyX) zQTVel?jf^tXZ=P;-DLI7yGq5N$mO%r(`vm>9d2hF4g2z#IgyzI`H2sDk-)f6I8TpC zk0G!ev#vBgZTNufdP*yER3f)L*Qkiw_P~qCY$$ER#DT3aPF)6|nP+Im!{bIhspwd_ zR*4qnl2m?MIqaLGQaN1r6L3AIS=v`;SF_Di#M&iX3l}DBfg{zqT!GVVV3cGCvDtLS zXiqu@5r&?fjZ`fkn6{QCM$KSP;J)M7&>hVRKOUq8ET! zr_wC`n{2E?xkcX@3H0$4?}^Byh-q4d{&R1F!l9a%;*51)$T4%)?)75=DfnY?z|@I_ zN`~Sml-ml)r*Qa82bHH+H*uPE7>JQGwo~#a49T0duQnG1g&Vo`XjSBX;?!eRi=K9D z^`LEd+B~ab;bRJ`6FMa){PKm6ZHMwkyo*JB&6z64=`&8FWI8@;g&N5a2EW-RV#DHK zxNKB&skCGiVYx*VThOw@y5XMf%b2ZWF#5vOMJoVC?L~Wl|7PgXo5*X4&*{Uo-p{-< zbYQM*F26ZVbryx?u^0BzqCY+}TiMa>EIWVS!LL-)w<=PuBP#qRajTp`&erz-M|MY%rk`J2C?lTRKqz^AFr5gHzBBVc^6`$N~3~<*eNm=r?>8 z1O?fTF)QLHp!7Y;kcnGTxaF9kH*cdcfYJa@VCh5#SQ{r<90*nh8Uliu0QL21RfG5O z=7MaDy#e+(!hoVo*@-`Ms1=zU4U|dvD#C%rgN)qk&WKHCgIdG5#9?wPyWsdOYS`kBXC- zSP%kG`>wG!0bPXYOo}DN2aGz&XbBt|F$~dHzTfaarD`YfbDuvJcV3?s5BJ|h92H$H z;q3Joa8dU8s3~xevT?F$vyRy0IP9g9iA}DXwzglcC4GffE2wU{NR-UgeMvV@nd_5q^+G8-VE6z9 zyc%B@F$=up&3!}Bk(wn_g{XyKGV-tfs!UXi-Egl1nFoQNDY<5q(HK5ZAt&!G29gBy zW*?Dyk40C?wO)Gz4e>m!fn~7^%0w&{-S}wI&2{6*FheBEn6}}~fGuztOCUEnj*J*> zT<#gO|EUQ-JD6i#U9&iQUU-bk^VR8}^XQ_A((I#;L zHvk;vmlpUuh|Uga$dF$1QWH=_w?Vv*v46Cl`i;R$GP#~^dJDMKsr@b30Jnx1>4tK$ z0*T7;?^}4CpZ41q#Prr`j$MS@cA(R|siK`8THPAb*Ev0kG`qBJDAyRCy2RLuxal71 zIIt*3GM&C5GEkvO);WDlA5!t@kt(HIyj$mPcVoJL64l4l#Yl^pAx#-tdnhgDL!Mrs zFRP6H2U0nA;Ju6NH@tW(;_q9=b_)%3-YptgDl31adTY z^@U}{$PLfHJ4b;wEs5}N%;sGjdvY^qdF`Ni{ygiRS(i@p)@7smj7z!M%u<|jjA0CK z;UuT{=>?^R39uvolpW^FUG+9PxyDOWLoIJPhMKIdo~`Wf1HO%{aZ@JXWI}*y+QDYe zM%Z}IoUH#iGlGazrK@dpSTkDe#ohy|R%fw3$&B7aHB(`q@zek$D5V6=KUoj%m?VTTu9?*u2Z&GF2=v&+uY8MiB;tR`C)Xt2RKB9bjZ$1Mwk$f z)B58fiR<67KP-N>QJ?+x&8ODwk$B9eY9)wLZ)bN{b}>)9CFT3dQ1|y_QS+nJXIo=% z5(@+yy+?0n00#*BpiU-}QBhYWeCv4b)P*^>n7Q)uNV^376!l-iD}4Ah$SI2yEccX@1?0S}r$F<=jCL>TVFekJn@TY{7dJ{Lv@h{F~I7K+K5K>z_@qot#Co#%W^XYWYvu4|pt7 z1}MbytrMpy%1unabxUne9ny%Vm-F-p^kpl!S$iK0X7WIL>AKTd(x@lkepD>z%KRJtUp6fC0m%oYkMi4Eu~bh%Cg>Z_*FFja}z7g zSI*#=CSUC=y@RA2wa&^V%7ueD0_Mvv3KxRYt6wa!u(nq$B~*9r_8vTE8)|XoSkW){ zejk$y@Q}9{=1% z%_)g+fQ+*_YlBhrQ1q%d0j_#xRR;2hR9d^wk=)pL3DlnzYk*S6;ZkJ7-TplnSxR=521;Q zpB>m)nkvh-zv+g^%QhF@hFBnCT-hk^pfSYZ20nj&!^`{~+jfVn19pCa*MSPHm1NZ3 zyX1ZYRv-5-N$_SO^%kg?UbA!cCdUU7ee9c7BNDsoQ}pINDe>D$J@S>>eYyS%hx)ef z2eB6h3=K_=%g^vEq%nChg|dq!HGv|mnx-xZH{16s)5^|v$pcO+7ZR6nFxXC&Xq;9Q zhqn%gdQZX>bd?@QQ9;y!wvYMVg(d-PjLS5;$6h_CCye(o(PXb6_Yn#hhkjg&}R_!*?B~xa|(j;os~93wZ^$+ za-T|$d#F6GAKkJ%EMBRSlwsaKdApgXk|_-H3*MWIYI~tol&d(-xjnpE&tIgsI%;y9 z*WdNUgZp&-3)pgepl6@g4`HtVu65es`S*>{qZTUa^HTX z*WH7=q8-_UWu8UuXxi=Bi;_{%khN>2i7UevR$-DsufUE0VZhzD*5SO|?152$CibXj z{~M|{e7a{Jk4RRiDoq=ay;7O4VLDU2Vanstf6xA{0)ZyBpa17~;FW!2*;F2%iVYiJ zr{+lC6553UOEX^ydeox%feL!gt*j*vl7jA>kjR_RCoCc$tEu9`TVs2W`j;PHx<6M* za5Fxh9OKJp>)7Xwj>A*}mC>EDlg!r|Q85u%3&hPf`=nd(&{We0BAY`(?ba3#1hQ*Q zcQiA}0&3i%S0W&%O7yv?BpAhTWT%9G#YrNM|1?ISUS)nb(>FB{;)yz^XWv)H6`A^u z-^Pq;xIzDZH<9@Yy}qRiuVIU<$L6m;y8C_ail?*#%&}hmY1UZSVfow;%-Th~I&?s>ZG8jS?O?Uy> z3bHj0heDypwoEjYB7v@e;jZa=S@V)j*hqI}UoRcY9QfpFCi9D}>S}hxe3SbUuOlY2_OYOIrQg5nGm*w2mgs zjwd@w?Tf?v_n(0pArEg>>siuTzaTEie~ALqNRJXv7w%vj9U>1%&f@EfLQE1B0(j8^ zTJ!LQpDoYn`U0N7n6$?+kPl-Nk+cje_#!c)9Jy7H{=9h|a=N}qSUW1?ajXWPxpq5k zsz?OHr^VKfAEGOu<}+z}JlRWQUljdiAINdR+=KfsE6)TzPrtUH`nPZ4ivRpAfHVhy zw2lXW^tFO~x1g#*K+u(`7ZR*jqQrr$bi$MJoK&DmA>t51U-K){md9IgMFE+(eEv0j zX=SYl%TP(%KN18l0+cQ4qwT!hpP9Rf)L#z$D(nWMt+4E~z1A~%Ad&g0<>6& zDL`Y)@Q|3%=2Os-0(;dL%j1yb)(mZf%q`MKmH7lyBw79~Zm zmRTwAZj!Fm%)mY#M}W}F8sP=58?yH(B=G}v>l{t!&e)Aw?xpeDv7%#Le#B=p);0Fh zAP=a%vG%@AV2oU!s#XkNXmDH0l?X)J9#Z7$PE-|R>2PsqJ*i>8-=L{qZJo#SW++dw zx5n^$U7@$+!j7WGakbp%og`mUv&@P~f0%@ja+` zaRh9z2vp@?^gWY_PJp&Y6t*rLpB`=Y?r$wDe(FwKtwc6G0H!;K=f2r$x`0D6m5_6n z6rm^svUkCH^hI|JwTR}yOru9imZ(ohZ<_||=FYfL%DADA@~qD$&=u^IlOgCNnY0D; zVlW+@3<5gkE6?&bD%bi1*Qwrl@l!Z+7W^An+Wp;=+fEPDcr8_SgfKidrm7X-wA=zS zu8G9B@Cl%`;8X3Kf1>!=u|_y62HwDJUof4K?^Z~|GSJr%pK~XYHSncYQSvd+-QwKK zQQMWToSy5n(7|dG{Pi}n`=KCfWxBpn;t3|H>>9<$omffC8w)KX1L{7H8)HXw=8Ll>dKjrQf8^lTq~0y9^ju;NRhhX zG9X%j*xH*5NO^DHsQhx0j<;R7XloKM^yUaSk+twO(qOVZrF4Gf6I*Nw9>ZH$L^J~S z8N}jJaIh|j+w4PGHMAYK-hD&Asc@wyiH!}l!?H^oGMWxCl{o5hEqgH=ber`Mb@}RrpMLMd7 zdz&;V)Kc*H9dKlO2+L=nPv-{FKnj=9EpUGtUy-r(_|a=`_WbVnJJ1(YJMAF^8jtf; zpiHO~ctuhDs~j<5(hevrr^>ulHr8nCq9b3d4jSnW691^%{)O z#gwoRg$*(A9eo{E74H_^o0bBu6IIi1{A*vZ-2_t5Z_h|?n5%jmhdcsNKD0JN9PMrD z=z$SJ!ovFI2pj?3+j0Ow2x0G@1WvUD7uw&Gk@5Zd;Wmp}PH@`8js`BC_lhZ;EZ|T< zXb-u@%wvU4CeC{Ws@dA)JQXHp#bwRbqpUmR`Kg37Vj0#lQ7qpjLvXvl%ruU=#ER}d zPE+Xg=3hmFh`TIBrEzxZZvof+rw~%ZyXbhPeN=0`p8X>9U*0_p()Un#jARGDhZ=li z=Z>YFI@6Oz`jNhL$ztTCvl7$#Ae+z541qHa53C1Tc@#c0T^bdkzs_&_ShG<5j(N}o z{L-se6c9rJNzBwoAbOuKK!;LVjo(7Fz=&{ZEl6sFw!!lywoTXjS_d7Q{;ntG^>~y| zY2S5K&3P?TcV`Gy_Vk}O1LzEoblred6MU5Rs#8x-3vCP7?q(jUbug;FjVB2&bSVxq z?IU;d{}eBa>?~qMx1Vcio_ZT1to>47%MSF07DF;-Ww#*PU!MS%+e$(^R@r>ER54HU z`q=Oc6XHWSpNG;xkT~Z)na#?FSkxGC(s{JfkBk|&w??&{8#n!`7yQJNuYYOYn>BkM zcALf`vn=d&wtKF{oYD-5SP?)HJ%I__e2^(7zK?Yj9@`4kA50W4<`=?no#q2WJ(wev!zSwB%7L)v8;G;`iXhP5 z=Rv7vSfBtq_h*E}S!wI(5EJ4QfgK_UJ4Pj)uktT+n+==k^1Rda7?VGEA7~5T@-L`V zDtND8CtYXJPEj~l=l_m7cZ?|i4t%SD0+U6zrLC>gQ|of{>j&71m}I(iEoFm*=rr_+ z2nk$t*(TCha;&!vAJT-~UKm?oDH2SS#|B>CWysy(6EvlbJh=onV$U=F5D`d$nW5{v z6=O4E36$-u^SeO`w%Q0<5=Hh2ya$J`vRTYU$Ud9!R@jux=-MKaom@*@K zpyg1D6ki=8aVJ0YHY-0R^c|e~P}f@i%T+1%0tSx|?_<4#c5WUh1Do7s&CoBCM}d=K z_+90XlJ7;4Nrt0}L9aprbwf)X8A<6`nw?i>v>m`Q?DV1BctQJ9WhOysU}?z*wR~}- z&t^|M;7L&$k>W-@?#Ft=T}%*S#7#~feI*V`o!6IpNgbPXG&`F)oNef?kjSXSmD9u| zzSZODow{%HFqHMBWK;|)<+9`Lk#}HYYl=z`z-UdnNODZugf~&RP~0O_ZpDWlb>RHZ z&%Yj0ySGX0mvs}+1*?G8_9oti>AW(gQ6v|9NidHCc`a|{vfQuy&Bk$-S7D+I4wF?9 zqVPcnhHrWcgQaJ-r^F?GGWwg;W^Bsb{O&KCtDHL4t{o zER3<{E+P14m)eR=oFNHAY$@_MkYtkbW#(JA?s0UQJPEzc#BpoOl=m2 zKp9OlC8-|KbG{5te8#DR^U(Fij(1;nUebe7XKN@Jm!NahDF z(@IX1g{fSU#1ql2>}>AJi8jA#+w;a-EckNfJ$=I<-e59427b1A$?3jBuZQ}11FPpQIyt#-*f~3Eni0m9p>1OsldL69Yqi0Bj&W(Lvjuc4R;YvTM>KyoQe4?2D>pUR2GOBx96K&COo!-5XOT1G_6a7ZUDuN5 zl;K8E{*u%Sv?#%e%vN+SBLbCmp@<+F2KZe|<%TF8LrpN#zWH9j!KsVQ!_W>7U zbj_s@2g0L2LP}~#AkF_!XDeaNEZSqe+#+L$s45ghx$(x8Y04twQe4>#$i($~cQf>H z8Ys;9SdZvis4{RR%hPE)EurQ=fPCP=v@cXvrYC8)1+~z0#XySSdQU$=G3K+Tf5^!p zp_1i-NErTvU?VM1kxVC zr>%7Mk=K=CwlTjsgiK?4;=@BXVI>miDgiZ}`}_jo)7(Wq!OhysQE!an?$cI25H&-5 zz6I|2O2ngTRxoRWnD`X-3e(oakD^kB#T?O<%S~@=hOnZUijJD~N$&O`pvdHrCac80 zgm+C7&E8DwE6yrbjFkscbC?iMsQ}F}NzkX?2>TP=?_Ur#@?#P6z?dW*h$o6@h;Nj z&{kDEVL`y&z%LV}KP*!TTj{u49~I@f&75dH-C3?Nq&A*2awZI>??~e^G;$`YMOWI;z<+%#KH3o;6M=J+=MssqMzVa$1dUJU- zJab#n`s&)?1Vf0a>J~31-RHYot69LMzYnQ>`9W>nR(|_C}!ymPYYVnv=^Z64f{vsXImZ)Sg zZOk!JVl?0{b15<2e|}d!+3D$a16%8BQCD!Fpg&??@U~11DXR^lTUpt(8F#q-Gk)0? zu1E-&3PilVj$pA9Kiz*e)fBQ$PL4hnt&x_7X$9w(#$FDgNADQWrBPV}jH<@)1S}e6 zWE=bt+caehXgwM6rjRDq3wE+Ct_3aZ>1xPe0zY;%<0#xn>$n26nYR{?<(0$mY`nUP zn@WRAxlDK|g`vmSB`*iI`J7GgMc>93Hox~%X?z^6;aBf}TT@Kw2m?ZnM^FSvVgGXa zDz|Ci<4$$#l25^cc{-fUMH?K52?3O?J4=x>`yD1Sf*hbZoMTiP_T_y_dKhAH+)g+| z5QrF#My(@hUh7{KmW=vdUP&QxuY8d0qqeu1xcKqcpeZHejP@uN{$l2Nq2jAhY9d*! z`DTkI%cy=T)DT!*@ZuA6={Cxg+8eslX2VN~c+#$LQ*nv{9zK!HG=2hFIZS+TM+3Ko zT81;@PQ+6#N!#h(eHR632K%s5z@p=1N=A8O9>W#cKJMF4qJ`@y#;F-gq37RDc&`vU z4xvRno_%v!T4~dy89$XEUyqv+3oM(@Araks_0%Glc)XM z#c7P*=oqgY`Z`IUw#2YSpW-GARFyC221CFkGltkgPqE9l@E5qOj6^ps9Z}LxvCW%v z16}#!6)cGBP>>vzV_fpf?_JJd#Dp%&s}3J8!7W@gz;zmSo0vdH?FboOFXm**VAU*U7wi^toPp^2FW#1;;OYL4QYE9$KHlVi(>~Km4~C2Vt;_EP>ns{eNwIx zglEHsY`>m*6r`ir)cX`{E2?r`(kvk21C9#B6;_)7=qYS>Wm65(u|%f^kn}aQbWNd&cOfe_aQ<25 z9Wh$)%N@cFzaN<e1qfxG2%8;5h##gGRr6Pe#*6mz%1NQ;5vLh z)d?g4#abLqm0df4#?4sl98jku(9`K(2OgEZfheTIU7;ik0B^L!l{WS7N0LCZ_%e6v z+908V5uh-i52FnK1eQ?-=vy&NAT*&KncZ^XlRt$0ZCD;Fx!!?2G-8n%_`FbI>+RjY z#Tn?oj3&x0>=Q;;(?|jmjSs2{fkfla%vuca%dVA#w!s-CBq9CZ!re%!Q-Hi%^YO=; zsn0RM&)MG7$!YkwVddmox2HY@t^JXE3h)`AGwS_AIa%bC7-6sXPyTkwt@$B4VE1N# z{TkJeiPkV-8UXu$CL@vTPr-=!VzGKzdS=H|=11Unk!=Lhdd0BXJFy+RtN7Bl0+J{WPj>P^y?VNcymEG6Jk%XKO8AHb`Lz#<0$2?`q zOy>DegeRGf$k2l_&%;xu%=3^!WeO={hRjjMQfA^^H^1k-o__zo*Y*DKboJM9pS}0J z&)$2jz1C-a>HjMb^4p9<$G-bF=V5+e=m%#~Pwtjnuc*P~c$ zf9Fjr%4Ry81St0ZiXxA#+9gql7Yv(--5TM8M8HPHGoP+v!pO6iS*sTN<69VMhpQgG z-l`~aQqvD#wPQe|63>~-Lj-rwz2?-I&EC+e_EQBEmHOOMPxexaH$?N2r6p>qE)(I2 zt9EVeJvv;i8O)KD(=7PBhtd5Il$YYdn6}2w+Wd@}({`*gNjOxNi0!}BO81}fuP$Ok zh9_tWL2id25%c@FGsy5t49gT6=nsncZdMM-#cby>k%%~q$fbWh2>LXVSh`;PEMGeFj~Cd?g(op+eYkOvq|#~PdUB03C%WP>I z&Q>#}x=z=)Do8`nTHdwziqp^1-@MuTME+#kiGVl)a3%PC?n#SRP24;SS6G`h#fwHR2Y ztlE(b;uvi9j#G=DRF!G!fG>u22Bp8KxyG1u(eHjG*5QChUBSYK0IEM?@B@j0vWOY^ zE%qL`+z|fXtPv!df@NlKlT=vFK?2tP5h~4NhOG+Wm?zZ6Pkw7Xd zRyH=9*^W3NrwzV3xAlkaE35WO*e(@bY^#}(^6`DCR~?wiz1f9+=9w=vl=dI;0+vQAG&=OSd1rYO5^Rf-hj*@8RM64+ z+mbB!rmwc`Yuu9Cw&fpMr4>PMpkiKrL&^xzzivibJROh!{{6PMetZ?%q4r7X8GOk2 zRO|Bc7k33kQCTmA%zRFIb#-kX1n($=Y6(H&vR{outK_TSDB>! z*(tjTE#aWsD<>%huK6@xduG8LLhEk5^fC`IYjeUjUq?awdGn&({gbS}9ADHrr79JP%X06#ESLE? z;KG7;PtI|(w{;&BjI0E2+>=aNj>w*x+p@b-Ds8>j=65oBk$f@U0nMLZnecsW>NoZi z0J*SBb-X?N**|q-ft%yldC9n3?0@D zLv>C&)cDQuH@nz0c^++zEk&q$V5zyQp%p4BlSP7TuG>7Yxro|eRsQ?Izw`0$a`->l z4FQ?Ns}Li%fy%gYk43%VDyM`S#U_RjHJH<;C2Sm4PZ5h_lJrypDS@ne>kGZbrjicB z1WTN&UCe~ddxOn4(S7b?miRT+yU+qxSp-UMssX`+!*qm!DW^Y(ggqVW|Ljo1#tFd3PkTD2r0A)5~BSJd1kA6QGR-=3ZyC`d?tJ_leDVzx7I zvlueUbU~|N5L!|6Uv>~YM+j*d4y2NOY5b++x!E#`!+k}C4=N~-*6J-X7PozUDl||2 zPnx&-X1*Mdu&q00^oH~BO?`N6T_rVfDga>pBTX+9_+67W*UCE+16q&u`mJ9zLT?mc?IH@4%t;u7E0z*(7#_IK7l6N0T*)?6k zR}HF#EHa{jfM7A(488Y@h_Rn)wO*Qa#eBfd(&!uVhs}u#Kf-%pz@qxm;0Z;2>i`xEz6>7J<{ZNtc94e}zd0?a z+fzE12nO<17RwVGolx0+*FrH^Pl!k3JWu1T{}6+{bx`UFjr}DLwSPwYRh1L^?#v0Q__W=x2;Uf@~DLhdy^XL_gpzm||w$0)AzqLRwXeGk}Ba(`*ltcRM3Z*~x&tCD6CXpH; zUp|LJHNQkkVIm(+8T1A{JqzrKqb7Z!&mDu_)5w|+l2h>6-}B-zD9tpfbCYj4*!OmT zWTV6TBD2Pu3;oa7zBTL?Upd(ODK%`wImnS+EB>Ov$gVJ@x@(iK>&&?1s<>Dn1aqL&}TpB{RJ!1K2n~o_&aiEZClCdXVg@iL3uU_HfWKpLMARA)y zKn_H{?pwUE3#D}zpb{}WIyp+9-(a)$wa0C-sD`xs6;dJymEXC3377BKB7De|)n=+_ z%}|g9F!P#AvV#^lqPaAfy_Ty!elBZcRuz(ivw{<@z41WKb(KQ5JlgRqb1T()V zS~DN5jg_&275d9=S^XtuW>8U|yCCw%ib+7Ch30CHB8ze`89gFi()%AZ66^QrrU;ty zw;oA;1g(I{V?ag}>eWggh2*4AJv1J9s8O^&aA z_nOiu5+P`NlmL6SBb;9N^Y^JY$O)|L0;hI==2R4@Gflk-Dd6!?Bi~#e)wk&Z%%gk{ zL{Wsiepmy;Lg#U9PQv}G=5Woe44;i*yC1JlUTBy6_9BK8-JK+y%V1t;TyuS}*tCGK z7W6dSKAQgV4F46Fh%AFLOC!q+OyP01h{H3I)!ZAMe$nE7@&)f5U`^jIu=-lFPS2AYwLz#ZNQoCnFU66&cq=QdwFzlOIfu=>e7n}eX`5&)$`lmw$mjN(%%yovL<#15tPpe za{^>mCqkeI&4I3pD#$Bjfoz5f&NYtDP#Z-9m)$=0=F$h(h_Mr%qs~7X4}NJ>J<#df z%Rx?W+)I+7o1ud59u`vRbO2kR3lY|wtDZ}VJM?|kiGx>Nr-N9X3%O+T1a(iM6~qi) z-t*ung&Vo%eUctwp=r>g;aOF=JGGgZztMn*v4}-l?9kB*_#tot-6lidRJ&tmEDzP@ zS3qw#Kt;t-1{V;pxjyqqy2E#KjFxL|i)=bFpn0G`Uv~_E17=~{@U@jOW1Ggr;8yd= zKys-}iqYNOwh?5*;Xq@-Iu&@a1P~EocRQ04C}@g8xAu$V_@T=KPmsrhsWZ?kxmi>W zq86|@c+w>Q&~vIt)DFIFc^+_YMB62dQ^-aQHS;=IaL^8&K2A%>>{L%uvNqq>iNG1K zM)Y+$6cob81`_95?>Pen)sJgx57p9xpJL$K<1^lNlkF=P%o+-b&bG%3hRUQ}sm2<{9k)`aVT>=m?gJ~}61r7Hp!|B_PfH0}){rk!+n=ex z<-|2O2!~TvF$676mN1k3$az1VO1b};*Po6#<7+D3H?b(X&Y@GfL z!^Dl&Sh2wpbalIJnKJf$`c=nY^ns*TKvik86TFy#pMrvdjyeotceCX~;aqj8nu|bL z)A@X@;h|%Pi$NZW#P2 zniE#GOGnR^Q(hKHYN1-|v;(EeDuw>L%i>i|&q3qH5e4Yanou+Ctd&lz>tB9bR|l;U zpkDaST$dJO`Np@2k`?)33Zqc}gZ*D|+!!U0E^>`aV@nCvwCbZ7Och*?2q2PrbN!ZD zk<~ATP4g3%JtM4Y+>L_h0*QuNykT%TGfyZMGnE(-yG%iVNu}Z9@TqFsrH9O?{NjjU zYP`hdU(AT@?Am}uMHr1M%FXE`xDOAi+yiQHaaP$0zPiFm@dFe7PSYUJc_3exRb#po zrDicB$~uEb@khO}#v)Jiy-U5M$i(1e+D{6O(cJ~7ph?&+48GgV0b&5fxA>jt9}Edq zil~7B$AIahl^Dau@HE?!{P02?oh>k^i9M6TU^U;jZ^81$BVkv?VY(*2CqaEH(8hR2f9MW?F>kVi0cS+59>$W8Cja002L{oU;!cBV@dBnQ&rfm497yz+ zVQIi9YZ8Oc2j_4Ups6Y#pcUB5P2ac;GiTGEr-cNF zY5#Ip)DZ{SD@0U`@8*jkCe&e}ky4W-@+82qS)gKsK&pQhX#5P|yy*5>X}Hn95u(Ga zALJ{pAk%-F9bD79Ae!<6c+0nN)nFod_b%e~&i8_nhVzN*zj>XG17NRhyHj~U%ShNv z)u{A1XoH+m0yYW6@50NCmpRoegc?70XP9|1xFI`rkd1%5P87mx^~%}93hXB2@3(2Y%R zmU3^Yg{&fhyX;dia-2iB8n_vWizGO+!>=EJJ6&oL+LKIr=6pMFT^(JQGK&Xv=!B*~ zsZ1wmeKP9|^43an=gwimwKG8M=Cc3(3o;fd6R6R@razR5CuWNRHw=K|ck}isyAKB- z&PnVH7a&V>@R{Q89f$yk0%nT~(SrkeP8p_7Hs#4N$468ZV7Ue&zh1sGr{wNlNyZ=& z3U`Z1W3d2;xQ!DMoNp!~O_h!4_5+Wl+4fRN$6ekbx=Ba#Vr6%P2@!+4b{B^lvjQRcl0Xlxt@Bjb+ literal 0 HcmV?d00001