Saturday, June 29, 2013

What is Erlang on Xen good for?

The tradeoffs are severe and at this point it is not interesting enough to risk a project.

  • EOX is providing the real guest OS even though it's not a complete or real OS
  • The filesystem is only a fraction of traditional services
  • I'm not sure whether or not filesystem snapshotting is possible
  • You're stuck with erlang
  • they are even using BEAM files
  • there is still a host OS
  • it's not open source yet
  • it's a commercial project first and foremost
you should checkout first. At least you'll have more choices before getting locked in.

"Truley Elastic"

"With Erlang on Xen, in less than 100 milliseconds after the launch a new node starts to run the application code." -- erlang on xen
One cannot argue that EOX (erlang on xen) launches the application quickly and it's certainly faster than launching an entire guest OS. But surely there are a number of technical reasons why and possibly related to the number of sacrifices that were made in order to get the response time to that level.

Linux containers in the form of is achieving numbers that are even better and that are not limited to erlang and EVM languages. Additionally your apps do not give up the filesystem which you are used to.

UPDATE: The equivalent hello world running on a rackspace server took 20ms. (2013-06-30)

"Hard to break in" -- erlang on zen

"Erlang on Xen drastically limits options of a malicious attacker". 
Well, this from the maybe factory. Actually the supporting justification is that the instance does not open any ports that the application running in the VM does not open.  Also, since it's erlang and it's compiled in their special sandbox it's also reasonable to assume that code injection is not likely too unless it's a passthru to a backend DB.

But there are a few problems with their claims. (a) erlang on xen does not run on bare metal. The system still requires a host OS. And that host OS is still vulnerable. (b) While any other system might be connected to the web... it is very likely protected by a firewall in all but the basic rackspace, peer1, linode, etc... cloud installations.

So frankly erlang on xen is no more or less secure.

I new that buying an iPhone 5 was the wrong thing to do

I have been very unhappy with Apple for a very long time. Sadly and coincidentally this began around the time that Steve Jobs was reported ill for the second time. My Airport Express had to be replaced, my MacBook's battery swelled and had to be replaced, my MacBook Air was behaving strangely and my iPhone was also on the fritz.

About 6 months ago I did some very basic math.  For $1000 (one thousand) I can buy a Nexus 7, Nexus 10 and a Nexus 4. And optionally swapping one for a Samsung ChromeBook. And one can not come anywhere near that with Apple.

Last weekend I decided to upgrade our iPhones. Partly because my wife's phone had been seriously problematic and mostly because Best Buy had a great trade-in program. As it turns out my wife's phone had a corrupt backup which could not be repaired.  That meant a complete restore, however, the only reliable way to keep her notes and other important docs sync'd was to backup to the iCloud. And that's where the fun began.

Her phone wanted to backup 6.2GB to iCloud but she only had 5GB(free). Clearly something is very wrong. Apple gave me no way to manage this properly.

I am so very done with Apple.

Resolving iPhone settings badge issues

The iPhone settings badge is triggered by one of three possible causes. 1) The iPhone operating system requires an upgrade. 2) The cellular provider has a pending upgrade. 3) Or there is a corrupt parameter in the operating system or one of the other features on the phone.

The first two were easily remedied by traditional methods, however, the third is just disturbing. 

The corrective action for the third problem is a) backup your photos to iPhoto. b) backup everything else to iCloud. c) restore factory settings. d) restore from iCloud.  

The reason this sucks as a solution is because apple could have published this solution instead of forcing me to visit a Genius Bar. What an amazing waste of time and justification for my desire to convert to android. 

Startup roadmap

At what point does a startup stop building new products and shift to incremental changes? And at what point do they swing back? Is it ever too late?

ClosureScript and JavaScript

One complaint that the ClosureScript domain makes of JavaScript is the hoisting of variables. I do not disagree that it can be complicated and that there are other deep challenges. However, ClosureScript has its own warts. a) it compiles or translates to JavaScript so one needs to know both regardless. b) ClosureScript has its own idioms which are no less bothersome. At the end of the day there are more people that are effective with JavaScript than ClosureScript. 

Friday, June 28, 2013

Transcribing your every phone call

As I become more comfortable with voice dictation on my iPhone I wonder whether it would be useful to Transcribe every phone call or technical discussion for the purpose of having an accurate record of the discussion.

Thursday, June 27, 2013

GOLANG switch fallthrough behavior

GO implements the switch instruction as a hodgepodge of different languages. For example:

switch test_variable {case 'A':   . . .default:  . . .}
and then there is:

switch  {case test_variable == 'A':   . . .default:  . . .}
Both of the above are identical. I suppose that under the hood there may be an optimization or two.

When comparing the execution to the C model. When GO reaches the end of the case or default block the code continues execution with the command immediately following the end of the switch. C, on the other hand, requires a "break" command in order to get the same behavior.

A nearly opposite is also true. If one omits the "break" statement then the C executable will continue to the next case or break statement until either a break, continue or the end of the switch is reached. By comparison the GO switch statement implements a "fallthrough" statement which tells the GO program to continue to the next case or default statement. One strange side effect is that if there is a test with the next case statement it is ignored.

Here is an interesting example.

One considerable advantage of continuous deployment

As your years of experience advance the cost of the minutia portion of your day-to-day operations gets more and more expensive for the organization. Continuous deployment allows you to offset the cost and allows you to concentrate on your main function of developing code and product. When implemented properly it allows the decision-makers to perform the task of deploying or promoting to production without requiring the expensive developers just to babysit that operation. Clearly a Devops team would augment or perform the actual function for the promotion of the code.

Wednesday, June 26, 2013

Garbageman and postal workers

Garbageman and postal workers traverse just about every road every city in United States. This in itself is an amazing feat. Why doesn't Google outfit these machines trucks with their cameras in order to collect Street view data.

The cost of a complete cloud development environment

You can certainly build a custom development environment but if you want to implement a standardized development to deployment structure using off the shelf tools is a viable solution.

The following image describes the many stacks that CodeEnvy supports. Many of the elements are free and free-as-in-beer. But the truth is that you're going to get to a point where these services are going to cost some real money.
Languages - FREE
Frameworks - FREE
PaaS - varies greatly, none offer "private hobbyist" options.
Repository - public is FREE, private is not (about $12/yr per project for GitHub)
Continuous Integration - Jenkins is FREE to use but requires a server. Could cost $7/mo
Agile - ???
IDE - CodeEnvy is going to charge $149/yr

The current state of the Cloud development environment is just too expensive and too much of an unknown. The better alternative is going to be a hybrid of a desktop environment with a simple cloud server and some basic tools that let you perform some basic continuous deployment. So now I'm on the hunt.

How do cloud IDEs work in the enterprise or private consultancy?

If the decision is "yours" to make then how do you make the decision or present to the decision makers all the information that would be necessary?

In recent months there have been a number of topic blooms discussing the T&C and Privacy information of services like DropBox, Box, Google Drive and so on... The questions I ask are 1) just how secure are these IDEs? 2) what are the licensing issues for my code? 3) what rights am I giving up? Since many of these IDEs are commercial then what insurance and assurance do I have?

This line of reasoning begs one overarching question:  What is the highest rated IP stored on GitHub or Bitbucket; and the online IDEs?

Tuesday, June 25, 2013

Continuous Deployment

Where are the simple CI/CD solutions? Seems that every language should have one. 

Lua and JavaScript

Choosing between Lua and JavaScript is a constant struggle. Both languages provide a number of features/functions that make them strong contenders for mindshare and actual deployment. Each have plenty of warts too.

For Lua, I like that it has a small footprint, it's fast, cross platform and embeddable. And finally I like that it's used by Adobe and many game developers.

JavaScript, on the other hand. Has tremendous mindshare, executables are reaching for JVM speeds, Dart translations are performing better than native JavaScript, number of libraries.

GOLANG concat two arrays of strings

You have two arrays of strings, 'a' and 'b'... and you want to concatenate them. Easy enough see here.
// assign the values
a := strings.Split("a,b,c", ",")
b := strings.Split("c,d,f", ",")

This will result in:
a = ["a", "b", "c"]
b = ["c", "d", "f"]

Now to concatenate the two arrays:
c := append(a, b...)

That's all there is to it. GO will return:
c = ["a", "b", "c", "c", "d", "f"]

Notice that "c" is duplicated because it's in both arrays. Merging without duplicates is a different task.

Monday, June 24, 2013

social fitness could be hazardous to your health insurance

If you're capturing you fitness levels and other health metrics with devices like Jawbone's UP, Nike FuelBand, or any number of similar devices; and then you are posting the results online (or not if there is a backdoor). Then there is a possibility that your health insurance company may deny coverage based on your voluntary and very public disclosure.

Getting to Zero Downtime

Minimizing Disruptions triggered an immediate reaction; "inconceivable" (Princess Bride). What I'm reacting to is the realization that removing 100% of all possible disruptions is impossible. From the power grid to the first instruction of the first application or service there is a deep stack that we assume is always there and functioning.

As I further consider erlang's mantra of "no defensive code" I realize that everything from the moment the power is turned on, network ready, through to the launching of the application; none of it has a "defensive state". And so I recant my position on erlang's mantra. Now I will "start with nothing and add it as needed (as observed in the fractal dimension) as a defensive layer rather than defensive state".

As for minimizing disruptions as it applies to deploying applications and new features. That simply depends on the complexity of what is being deployed. (yet another fractal dimension).

Sunday, June 23, 2013

Minimum Storage - SSD - MacBook Air

This is a quick post. My MBA came with 64GB of SSD space. This is not enough to do basic programming tasks after a year. Specially without a virtual filesystem in the cloud. With just a few iPhoto imports, some music, a movie or two, and a couple of iPhone backups and the drive is full before the first year is over. If I were not already conscious of the challenge I would have filled it up months ago. DaisyDisk save me for sure.

Nuclear PDP 11

Recent posts indicate the end of life for the PDP 11 which controls most nuclear reactors is being extended. What is amazing is that most smartphones contain more power and computational capability Then the original PDP 11. The idea that it is possible to control the machine the size of a nuclear reactor with something as small as a smartphone is both compelling and daunting. 

The supermoon

Wouldn't it be interesting if we had a picture of the Supermoon at the exact same time from each of the 50 states? Weather permitting, of course. 

NSA versus the web

I'm not sure how I feel about the government listening to my calls or even recording them for a future that will permit listening or listening my robot. However, in my opinion this is completely different from the topic of monitoring the CDR (call data records) of the calls being made.

First of all. Who owns the communication infrastructure? Well, I think that used to be the government. And if not directly that own it by granting licensing for spectrum, right of way, and in some cases funding for R&D that lead to the ventures. The same is/was true for the postal network.

Secondly, we voluntarily give buckets of information to the various commercial companies. Search, smartphone telemetry, any website you access, cookies, advertisers, photos with GPS. The bigger advertisers know more about you than you realize. And then there is concept of six degrees -- added to LinkedIn, Facebook, Google and so on... Not much privacy there.

Third. The Call Data Record, by my definition, is no different than the envelope in the traditional mail system. In most cases you know where the envelope originated and where it's going. And which post office it entered into the system. The amazing thing is that the CDR is almost identical to the envelope in that the "from" address can be faked just as easily.

Fourth. The legal definition of privacy is wishy washy and originally framed before the invention of super telephoto lenses and laser microphones. In the past, however, these tools cost so much that they were only available to the elite few that could afford it. Now with the six figure paydays for the paparazzi and the creation of a retail market the prices are dropping.

Finally, the NSA, FBI and CIA have probably been tripping over the various boundaries since their inception. But what does that really mean?

So what is privacy and is it really eroding? The only absolute privacy is achieved by keeping your thoughts to yourself. Even though communication with your legal spouse and legal representative is supposed to be protected... if it's overheard it may be used against you in the court of public opinion.

The real problem that we all struggle with is twofold. (a) foreign terrorists and (b) domestic terrorists. What tools should law enforcement have in order protect law abiding citizens foreign and domestic?

iCloud what's it all about

Having just purchased my new iPhone 5 decided that I wanted to give iCloud a second look since I'm a big Google drive user and it's general-purpose virtual drive approach to storing my data is very appealing. Also noting that Apple released a beta version of iCloud for iWork. What I discovered immediately is that the data is partitioned by application therefore you're locked in to accessing your data via the application that created it. In some cases this could be considered a feature I consider this a bug. From what I can tell it's just not possible to use iCloud storage for general-purpose files. Dropbox Google Drive sugar sync these vendors are still years ahead of iCloud. 

Saturday, June 22, 2013

Size still matters

After 60 some years of modernization current computers still crash when they run out of disk space. One would think with the explosion of data in today's society and personal computing software would be more resilient  The current cost of cloud storage will not offset the cost of system failure network failure and running out of disc space. 

Jobs - the movie

I saw the trailer today looks pretty good. My guess that is the a lot of apple aficionados are going to be disappointed whether it's factual or fiction or just plain entertaining nobody is going to be completely satisfied. Either way it's a must see movie for me this summer. 

From the 'its not free dept.'

'Current AT&T customers who are upgrading to iPhone will pay a $36 upgrade fee and new AT&T customers will pay the standard $36 activation fee.'  --

The Best Buy free upgrade

The Best Buy free upgrade is not as free as one would think initially. There are plenty of accessories to purchase in order to move from an iPhone 4 to an iPhone 5. 

The base price of your iPhone will be based on your carriers eligibility for an upgrade.  For me that was $150. Once Best Buy gives you $150 in a trade allowance the net cost is zero, however, AT&T charges $36 for the upgrade processing fee and you probably need an extra power cable or two and if you need a new case and even a screen protector it adds up very quickly. 

Free is not so free. But it is somewhat cheaper. Especially if you are in the market. 

Friday, June 21, 2013

GOLANG - method chaining

I built a sample method call chain example in GO. It was simple to implement after I squeezed out the bugs and syntax errors. But it works. I think the only thing it's missing is some basic protection on entry and exit.

Wednesday, June 19, 2013

"Fail Fast and Noisily, Fail Politely"

I believe that there is a deeper implication than documented in Joe Armstrongs PragProg book. To me it means that there is a perimeter of code that layers the inner function, behavior or action. This layer acts to validate incoming data per the requirements and handle the exceptions from the inner layer(s). All of which masks the intent that the closer to the center of the innermost layer the more reliable the task or operation is.

For example... 

This function does not require much error checking... or does it. The only bac thing that can happen might be an arithmetic overflow. But if the layer above restricted the range of numeric values then this would be perfectly fine.

add(A, B) -> A + B.

However, in this case the consequences are much more serious. In many systems and languages a divide by zero will cause a processor fault and that is a completely different error although it may bubble up the callstack in the same way that the previous arithmetic overflow does

divide(A, B) -> A / B.

In other examples...
  • When reading or writing from a file... everything from file integrity, lock escalation, file deleted while your operating on it...
  • Contacting a remote system and the timeout expires, the DNS fails to resolve or the shared secret is wrong...
  • Or when a complex set of codependent operations like a crypto function which depends on series of public and private keys to complete the operation; should any of the data malfunction...
In conclusion, "Fail Fast and Noisily, Fail Politely", is an understatement. The authors should probably provide some proper idiomatic examples... Good Luck.

speed kills

Erlang is the incarnation of "speed kills" as it professes that crashing software is ok and that defensive programming is not to be avoided.

Erlang/Elixir - let it crash

The biggest problem with erlang's let it crash philosophy is that it's going to leave things in an unreproducible and nondeterminate state as there is an impedance mismatch between most storage engines and the EVM(beam) itself.

Some interesting facts:

  • Joe Armstrong - says that erlang is not appropriate for solving all problems
  • If you're going to use hot-plugging to suggest you have zero downtime then you'd be wrong. Crashing during a module hotplug is still a crash.
  • most erlang programmers do not completely grok OTP and that's where the power of the EVM is really located
As I started to read the Elixer book from PragProg I realized that while erlang is a BCB (bell curve baby) the chances that I'll write another application with it is slim and none. Business owners do not want the expense and risk. I'm starting to get comfortable with the fact that NodeJS and GO are the probable future for the next 5 to 10 years.

Monday, June 17, 2013

My latest Apple shopping list

2x 15" MacBook Pro w/Retina (max ram and SSD)
1x 13" MacBook Air w/12 hour Battery (max ram and SSD)
The latest Airport express and 3TB drive for TimeMachine
2x iPhone 5 or 6
1x iPad w/Retina

That's only about seven thousand bucks. WTF was I thinking.

Sunday, June 16, 2013

Hot plug versus blue/green deploy

The real dissonance appears with the right fractal dimension but its in this sweet spot that making decisions is easiest. 

Friday, June 14, 2013

Effective Dating Code and JavaScript

The idea that data might have an effective date is nothing new, however, using effective dating on code fragments is interesting but when you add zero downtime with complete code and data synchronicity it is something completely different; possibly evolutionary.

I had initially thought of using C, C#, Java, perl, Ruby, Python, Go, erlang, and elixir. As I went back and forth I skimming away the many fractal dimensions and with every generation I found myself back where I started.

First of all there are two major strategies and a potential hybrid.

The first approach is a router with a synchronized clock which routes transactions to an green/blue server instances. Blue/green is a typical model and in most cases is implemented in an HA scenario... but the key point is that a) the code is staged in advance; b) the switch is instantaneous; c) the system is always known to be in a particular state and transactions are always reproducible (audit-able).

The second approach is effectively a hot-plug type deployment. While erlang and elixir "can" support the glue/green approach most EVM geeks prefer hot-plugging. The only problem with the EVM release manager is that is deploys a module at a time and therefore getting a transaction guarantee (reproducible) is just not possible and this is a big deal is most businesses including gaming.

And then I recently saw a zero downtime solution for Go where the new application assumes the active port numbers as the replacement server takes over for the primary.  The differences here are a) there is no router but the transaction seem to move from the primary to the secondary in a deliberate fashion allowing transactions in flight to complete rather than all at once; b) the loading of the replacement might not be triggered by the effective date; and c) there is some latency from the startup to actual assumption of duties.

Of course there are other complications when comparing compiled versus scripted code. The scripted code is almost ready to execute once the code is assembled and the compiled code requires at least one compile/link step. And then there is the library management requirement when trying to deploy fragments versus small change sets.

Finally all of the above is fine when you are connecting to loosely coupled databases through REST or some sort of IPC/RPC... but when there are DB schema revision requirements everything could go belly up as the two schemas need to coexist. And then there is the librarian and the necessary regression testing.

As for the actual payoff.  Who knows. But for certain if having the continuous deployment, effective delivery, zero downtime in your toolbox then you can decide whether or not to deploy every VCS commit automatically or wait for a librarian to collect, regression test and commit.

I have POC code for the first EDC system.  My JavaScript code exists in the DB with the actual client data and when the code is updated I can automatically update/deploy when ready or then the effective date passes. It's nearly instantaneous.

And I'm working on a Go version now. I see some code for zero downtime integration so I'm looking forward to testing that... but the last piece that will make that possible is some sort of ORM that would manage the schema. Which is hot-plug in the ACID sort of way.

All of the above, however, requires new discipline.

Monday, June 10, 2013

WWDC felt like a double

The highlights were the AI car demo and the 12hr battery on the MBR. But that was about it. 

They changed the cat theme to I don't know what but the name is a popular surfer location in California. The presentation was less than smooth. 

The design of the iOS 7 logo is kinda weak. 

Everything else was just par for apple. Not stellar. 

Sunday, June 9, 2013

Blogger app for iPhone needs to tweet

Another cool app for #Apple

It sure would be great if #Apple's newsstand app would do RSS feeds too!

Chromium Security on OSX

It would have been nice if Chromium was recognized by Apple as an Apple developer instead of prompting me to reduce the security settings in order to get the first run.

Stuck between two ecosystems

The Google and Apple worlds are so compelling that it's just too difficult to get one solution by merging the two.

A new view on double secret encryption

There was a time when I thought that encrypting my entire harddrive and then encrypting a folder was a stupid thing to do.  The compression experts have made it clear that double compression does not work so I was already biased.

Encrypting the entire harddrive makes perfect sense because with few or any exceptions the harddrive is linked to the CPU an therefore cannot be removed from the computer and connected to a USB without a lot of low-level knowledge... even is at all possible.

And so for the most part, most operating systems, are not likely to leak any confidential data into the swap or sleep partitions as non- encrypted systems commonly do.

But the advantage of encrypting a folder with "Espionage" or "DocWallet" has the added benefit that your sysadmin and the people you share your computer with are not likely to be able to access these doubly encrypted folders.

As a side note... If your concerned about PRISM-like attempts to hack your data then I have no idea if this is the right vector. There are so many ways to gain access to personal data in a computer, from a hackers perspective, that all of these methods are just providing a false sense of security.

iOS google plus pushes not syncs

Now that I have two copies of my pictures and my videos I have to curate two picture archives and possibly a 3rd when I consider iPhoto. 

Monday, June 3, 2013

"Sometimes self-organizing teams don’t"

then what?

The new formula for learning things and impact on project planning

I just watched a TEDxCSU video. It has forced me to think about how I estimate projects and deliverable dates. As the presenter describes it in order to learn a new task or skill:

  • 10,000 hours to be an expert (5yrs working fulltime)
  • 20 hours to be good enough (45 minutes a day will take a month)
(he is careful to say that 20 hours is qualified with all barriers removed)

For me the number are interesting when planning a new project or assignment and presumably the numbers shift based on complementary skills and knowledge. And you have to ask yourself how much do you need to know in order to be that expert. And what about relearning so you can make changes.

(how is pairing going to effect these numbers)

For me that even the smallest assignments are going to take anywhere from 8 to 16 hours just to get back up to speed before the actual work begins. Except in the rarest cases when the assignment dovetails with the last assignment.

This past weekend I started working with the Amazon ItemSearch APIs. After 4 hours I have just barely enough information to know that I do not know enough but I'm starting to develop a table of contents for the things I need to be effective. After watching this video and making the connections It's gonna take me another 16 hours to get where I need to be.

"where is NodeJS malware"

The author of this article did not have comments turned on so I will respond here. The challenge ahead of open source programmers is the same FUD that has always been there. When you incorporate a 3rd party library you have to perform a risk assessment and decide for yourself, employer or client whether the risk is acceptable.

In recent weeks I have started to perform code reviews of the projects I want to integrate with and then I fork their code so that I'm working from my version of the code.  This has several side effects.

The first side effect of forking code is that I do not need to follow the main project and review every commit. Therefore it's unlikely that any malware will enter into my ecosystem.

And secondly. If I make changes to the code I can use them immediately instead of waiting for them to make it into the main project via a pull request.

The only real side effect is that I am now programmer and reviewer/librarian. Which I kinda was anyway.

futures and promises look and behave like elixir's "amazing" pipe operator.

Here is the Elixir version (snapped from pragprog):

And here is the Dart version:

And then there is no surprise that the JavaScript (functionality provided by 'Q', 'Deferred', 'Promises' and a number of other libraries) version is nearly identical to the Dart version.

It's a fantastic structure as it makes the code so much more compartmentalized and easy to grok.

Sunday, June 2, 2013

System Architecture by Fractal Construction

In recent days I've had various conversations that lead me back to this point "System Architecture by Fractal Construction". And to clarify what I mean I'll take some hints from wikipedia's description.

Proper system architecture is implemented by using a fractal dimension construction technique. For example when you look at the Unix filesystem from the root directory you'll see:

├── bin
├── dev
├── etc
├── home
├── sbin
├── tmp
├── usr
└── var

But then in my home directory you'll find a similar structure:

├── bin
├── etc
├── tmp
├── usr
└── var

And then you'll find the same thing in you applications too (those that were not part of the base distro might be located in /usr/local/Cellar/<appname> or the like.

What makes the "fractal dimension" awesome is that it also applies to application design and architecture. Think about the "design of the UNIX operating system". What's amazing is that there are many more layers; many of which are immutable or so rarely updated that it's never talked about.

There are several layers in the CPU, on the BUS, in the PIC, and then in the BIOS and Bootstrap. Some brands like Apple offer programmable firmware and while they do not update it regularly it is not uncommon.

The point is that one's view and perception of a system is based on your proximity, however, that does not imply truth or total understanding. In my case I'm trying to design a zero downtime framework. While it's difficult and possible on many levels it is very possible. The design part that makes it easier is that when the downtime dimension is factored into each component's design. The core that is rarely updated is partitioned from the business logic that is updated frequently. 

(This applies to front-end, back-end, workers, data access layers... etc. It's all just concentric circles.)

Tweetbot sayz what?

What can those debs really get out of it? Specially with no recurring revenue. Not that would make more sales. 

Multi user tablets

Apple did not deploy multiuser iPads because its hard. And harder based on their design. And a less captive feature. 

Google, trying to enter the market needed a differentiator. But their design was also more conducive to multi user. 

The next coming months will determine which tablet I buy for myself. 

Saturday, June 1, 2013

another bad day for open source

One of the hallmarks of a good open source project is just how complicated it is to install, configure and maintain. Happily gitlab and the ...