
Facebook can now read your texts - WestCoastJustin
http://tony.calileo.com/fb/
======
rodrodrod
This has been a thing for about a month and a bit now. A Facebook engineer
posted the following on Reddit[0], explaining the rationale behind the SMS
permission:

> As for the READ_SMS permission, we require that so we can automatically
> intercept login approvals SMS messages for people that have turned 2-factor
> authentication for their accounts, or for phone confirmation messages when
> you add a phone number to your Facebook account. Unfortunately, the Androids
> permissions system does not allow us to specify that we would like to be
> able to read only SMS messages from a specific number (plus that wouldn't
> scale well because the list of numbers varies per country, but that's a
> separate issue).

[0]
[http://www.reddit.com/r/WTF/comments/1t5z45/facebook_why_the...](http://www.reddit.com/r/WTF/comments/1t5z45/facebook_why_the_hell_do_you_think_its_okay_to/ce4y6x2)

~~~
furyg3
I feel like some sort of manual component to two-factor authentication is the
whole point (a clickable link, copy+paste, or remembering a 4 digit number).

Besides that, two factor is a bit of a joke in an app (on your phone) that
caches your password, and then sends a message (to your phone) which is
automatically read and accepted, before allowing you to login. What exactly
are we achieving here in terms of security? Every 30 days the app
authenticates itself with no user intervention.

It would be much more secure to just force a password login.

~~~
hueving
We are achieving the same security guarantee as before, just without the user
pain. All two factor provides in this case is proof that you have the phone
associated with your account. Why does it matter if the app does the legwork
for you?

~~~
grey-area
_We are achieving the same security guarantee as before, just without the user
pain._

I'd argue that a corporation other than the phone company being able to read
all your text messages is significant pain.

Given that FB seems to want to take over all communication between users
(contact list/blog/email/photos/messaging) FB being able to track and access
anything you do is the inevitable endpoint of such aspirations, but many
people are not comfortable with that, and the farther FB go down that road,
the more people they'll alienate.

------
kevinmchugh
At this point I'm running at least 2 versions behind on the facebook app. I
didn't install it last time it asked me to allow it to "Send emails to guests
[of events] without host's knowledge" among other things. I see now that they
also want to be able to connect and disconnect from WiFi.

The Facebook app is probably the fastest way to find a list of all permissions
in the Android system. "Draw over other apps", "Read battery statistics". I
don't know what part of facebook requires either of those options, and the
mobile version of their website offers me the minimal amount of functionality
I need.

The act of writing this comment has made me uninstall the damned thing. Just
reclaimed 17.61MB, and probably a fair amount of space in my mind since I'll
check Facebook less often.

I'm sure, as the author of the linked article asserts, most people blindly
accept the permissioning changes, but I hope this permission-creep starts to
cost them installs.

~~~
maxr0
"draw over other apps" is to implement chat heads (see
[http://www.piwai.info/chatheads-basics/](http://www.piwai.info/chatheads-
basics/))

~~~
SwellJoe
Which caused me to freak out when it first happened. I was furious. I had to
stop everything I was doing _immediately_ in order to figure out how to
disable it.

I can't possibly state emphatically enough how user-hostile that feature is.
It is so disruptive to my thought process...it's nearly as bad as that awful
focus-stealing thing that Windows does.

~~~
maxr0
I can understand it might have been unnerving but on the other hand the
feature was documented in the change log and in the list of new permissions
the app required (in the version chat heads were introduced). Personally I
find chat heads convenient and useful

~~~
SwellJoe
"Useful" for what purpose?

~~~
npizzolato
It makes it easier for me to carry on conversations while also doing other
things on my phone. If I'm reading something, and someone responds to a
message, I can quickly pop open the chat window and respond, then close it and
go back to what I was doing. I find that more convenient than going back to
the home screen and launching an app from there or the (rather slow) app
switching process.

Yes, sometimes it does get in the way of what I'm doing, and in those cases I
just swipe the chat head down to the bottom of the screen and it goes away.
And considering turning it off is one of the options in the first page of the
settings, I'm not really understanding why it would make you furious or think
this is user-hostile. Overall it's a pretty unimportant change that is easy to
disable if you don't like it.

~~~
SwellJoe
Notifications in the top bar achieve that purpose for me, without disrupting
what I'm currently doing.

------
simonsarris
Is there any recourse short of "don't use the app" that regular users have
against this sort of thing?

Is there no meaningful way to push back against Facebook for demanding this
permission?

~~~
zobzu
use cyanogenmod + privacy mode, you can disable what the app can do. for
example, you can disable that. app still works, it just gets an empty sms
list.

~~~
beedogs
Sure would be nice if someone would jailbreak the iPhone, so we could have
these sorts of options in our little walled-gardens too.

~~~
jmreid
Can't you already disable access to Contact, Calendar, Reminders, location,
etc per app on the iPhone?

~~~
comex
Yes. And of course no app can read your text messages in the first place
there.

~~~
JohnTHaller
Well, they could read all that other stuff by default with no warning
previously until all sorts of apps abused it. Then Apple had to add in the
prompts for things like reading Contacts. I'd imagine the Android devs are
working on similar since the list of permissions model is breaking down.

------
e40
The main reason I rooted my Android phone is to run AppOps 4.3/4.4. I can
revoke permissions from apps, just like the one in the linked article.

This should be a standard part of Android, in my opinion.

The app, for those curious (I have no affiliation with it):

[https://play.google.com/store/apps/details?id=com.colortiger...](https://play.google.com/store/apps/details?id=com.colortiger.appopsinstaller)

My favorite permissions to revoke are: Wake lock, Location, Read contacts. As
a result, I get almost 2 days on a full charge on my Nexus 5.

~~~
StavrosK
What does revoking the wake lock do, both to the app and the phone?

~~~
e40
The Wakelock allows the app to wake up when your phone is asleep. My twitter
client wants one, but I have notifications turned off. It might be that
because I have them turned off it doesn't invoke a Wakelock. But it might.
Basically, Wakelocks are the #1 cause of unnecessary battery drain.

~~~
StavrosK
I see, thanks. That's what I thought, but I thought that apps rely on push to
get notifications. I guess that would not be very scalable, so the client
wakes up once every X hours and polls.

------
billyjobob
At this point, if you care about your privacy, why would you even still have a
Facebook account?

I used to think I could be 'safe', that my advanced knowledge of privacy
settings and optimised usage patterns could somehow shield me from the
fundamental nature of these data monger corporations. But the truth is
concepts like cloud and social networking are fundamentally toxic to privacy
and freedom.

I'm now pretty close to the day I delete my Google account, and that provides
far more useful functionality than Facebook.

~~~
ksk
>At this point, if you care about your privacy, why would you even still have
a Facebook account?

You could have a Facebook/Google account under a different name. I have one
and its rather useful when websites have an option of logging in using
facebook/google accounts.

>I'm now pretty close to the day I delete my Google account, and that provides
far more useful functionality than Facebook.

What is this "far more useful" functionality ?

~~~
andor
_You could have a Facebook /Google account under a different name. I have one
and its rather useful when websites have an option of logging in using
facebook/google accounts._

You can easily be identified by your network of friends. The name of your
account doesn't matter.

~~~
ksk
Ah, I should clarify.. the account does not have any friends.

------
cwilson
The title of this thread should be modified with the addition of: "if you use
an Android phone."

~~~
snorkel
... but nonetheless it's an important example of the erosion of data privacy.
Just as users are getting accustomed to clicking past EULA's so to they click
past these permission request screens, and if they don't then the app keeps
nagging them ... the user just wants to use the app, so permission granted.

------
cstrat
This sucks because even if you don't have the application, you might be
texting someone who does... facebook can collect that data too and build
profiles of people who don't even have the app or even use facebook.

~~~
exodust
Good point. Wow, there really is no hope for private communication.

~~~
giantrobothead
Other than hand-delivered letters and face-to-face conversation in a secluded
space, but then again, how can you trust the person you're communicating with
to keep those communiques private?

Argh...paranoia...all consuming!

~~~
cstrat
that is a little different but point taken.

if facebook wanted to be nefarious with these newly granted permissions, they
have an extremely large pool of data to mine.

------
zrgiu_
Like others have said, on Android you can use App Ops, and if you're on 4.4.2,
App Ops X (
[https://play.google.com/store/apps/details?id=com.colortiger...](https://play.google.com/store/apps/details?id=com.colortiger.appopsinstaller)
disclaimer: I developed it). It still sucks that you're on an "open" platform
but you still have to root/jailbreak your phone to keep your privacy.

~~~
kissickas
Cool app, thanks. Is there a place where I can see an explanation for all of
these permissions? I have no idea what the difference between "location" and
"monitor location" is, for example.

~~~
reddit_clone
Total guess based on their names: Location probably refers to retrieving the
location of the device using an API.

Monitoring Location likely means continuously getting notification about
device location as you are moving around.

~~~
kissickas
That's what would make intuitive sense, but it also makes intuitive sense that
those would be one and the same, given the topic of the article we're
commenting on, so I'm still not sure about it.

------
foxylad
Access to all your texts is scary, but what about "Add or modify calendar
events and _send emails to guests without owner 's knowledge_ ...". I feel
dirty just reading that - I'm so glad I've broken my Facebook habit.

Facebook's value proposition is going downhill fast. All but the dumbest users
are now very careful about what they allow FB to know, if they stay at all. I
suggest that their hallowed social graph contains less and less reliable info
about the more valuable demographics.

~~~
dhimes
And record audio and video? Are they insane? Who the fuck would agree to this?

~~~
octo_t
how else would you expect them to be able to take photos / videos in app?

~~~
dhimes
I'll take it on my phone and upload it.

------
jblz
"Read your text messages (SMS or MMS) If you add a phone number to your
account, this allows us to confirm your phone number automatically by finding
the confirmation code that we send via text message."

That's a pretty crap feature to use to justify this.

[https://www.facebook.com/help/210676372433246](https://www.facebook.com/help/210676372433246)

~~~
jblz
Looks like Twitter is doing something similar. One of the commenters here
shows some decompiled code:

[http://android.stackexchange.com/questions/57726/twitter-
rec...](http://android.stackexchange.com/questions/57726/twitter-receivesms-
permission)

~~~
robotfelix
Yep, both Twitter and Facebook's apps seemed to start asking for this
permission around the same time - they seem to be oblivious to how scary "Read
your text messages" sounds to anyone vaguely concerned about privacy. I'm
holding off on updating for now.

------
eksith
Right now, the Twitter app is no better:

    
    
      - NEW: Receive text messages (SMS)
      - NEW: Read phone status and identity
    

Another reason I haven't updated yet.

------
dschiptsov
The whole idea behind these apps is in gaining access to user's data. This is
why in recent versions of Android user cannot control not just what an app
could do, but whether or not it should be started automatically.

The "strategy" is very straightforward - first to gain "popularity" offering a
reasonable service "for free" and then, after accumulation what they call
"user base" they just change the rules (permissions). The idea behind separate
"messenger" app is exactly to "hijack" user's messaging service by "forcing
itself to be" default messaging app.

I don't even want to talk what kind of spyware Skype is, using exactly the
same "strategy" of quietly "adding functionality" and having permissions to do
everything.

There is no other "working" way to monetize user's data, but collecting and
selling it.

The next level is just adding malware functions in "next version".)

------
depsypher
I switched to using the mobile web version of FB on my phone because of this
(and made a shortcut to it on the homescreen)... though really it's a losing
battle, the real solution is to dump FB altogether.

I will say that the app provides very little that the mobile web version
doesn't give you. I don't even notice the difference.

------
annnnd
I once talked to CTO of a quite popular app and he mentioned that he finds it
best to ask for all permissions you might need upfront (on first install),
even if you don't need them yet. Adding them in upgrades later results in lots
of customer support questions (and negative reviews).

It is also telling that OP is bothered by "read your messages" permission but
doesn't seem to mind "record audio, take pictures and videos" just below it.
Just because it is not new?

~~~
drakeandrews
The facebook app has its own camera app, if memory serves, that has some
facebook specific features.

------
kunjanshah
The best way to prevent this in this app, and many other apps is to use "App
Ops" in 4.4 or use CyanogenMod and enable privacy guard and then you can long
press on the app and prevent the app from reading SMS and many other things
while you are at it.

~~~
hamburglar
I wish Google would recognize that it would be beneficial to protect users
from this kind of thing by providing a decent management UI that didn't
require using CM. Of course, that goes against some of Google's own
interests...

------
gnud
This sort of crap is the reason I'm using Tinfoil for Facebook [1].

[1]:
[https://play.google.com/store/apps/details?id=com.danvelazco...](https://play.google.com/store/apps/details?id=com.danvelazco.fbwrapper&hl=en)

------
DonGateley
SMS is nothing. There are now many Android apps that demand the right to turn
on your microphone any time they want to without notifying you. If you carry
an Android phone and are not really careful about permissions you are carrying
a wire.

~~~
Nicholas_C
Which apps would those be?

~~~
DonGateley
I do not remember which apps specifically stated "without notifying the user",
however it was worded and I can't find any permission that specifically states
that now but I am pretty sure that with MODIFY_AUDIO_SETTINGS permission it
can be done by an app using the AudioRecord object:

[http://developer.android.com/reference/android/media/AudioRe...](http://developer.android.com/reference/android/media/AudioRecord.html)

To my chagrin I find 31 apps on my phone now that have that permission.

------
chrsstrm
Not just Facebook. There are many apps that are overstepping in terms of
permissions. I turned off auto-update long ago and removed many offenders, but
it seems every app these days is now requesting as many privileges as they can
get away with. The general population of users aren't reading the list of new
permissions on updates and no one is making these co's explain themselves as
to why they need listed permissions. I asked an engineer behind an app I
wanted to use that paired with a paid service I love why they needed access to
my contacts, considering my contact list wasn't part of the core service. I
told him read access to my contacts and full network access made me wary; what
would keep them from reading and storing all my contacts on their server? His
only response was that they promised not to do anything nefarious. I should
not have to root my phone to use apps while protecting my personal data.
Android User Profiles sounded very promising to keep private away from social,
but my experience testing this feature out on the Nexus 7 was terrible.

~~~
bricestacey
Apps do not autoupdate from the Play store if there are new permissions. You
have to manually update them. I am not sure if this is a recent change or not
as I started using Android with the Nexus 5.

~~~
topbanana
It's always done that

------
nikolak
1\. This has been a thing for quite a while now, there have been numerous
articles about this. This is nothing new, although it may have not rolled out
to all users.

2\. Facebook gives explanation of all the permissions they need, including
read SMS one, here:
[https://www.facebook.com/help/210676372433246](https://www.facebook.com/help/210676372433246)

3\. This is more android permission issue than specifically Facebook app one.
Facebook, in order to implement automatic confirmation, didn't really have a
choice.

And fwiw, I use the app daily and I've had this update for at least a month
and the read sms permission was never used according to various privacy tools
which allow you to see, disable and view usage history of app permissions.

Until facebook starts abusing this feature/permission I don't think it's
really an issue like most articles about this make it look like.

~~~
eruditely
Why not just disable the feature if you want to deny it? Seems like a pretty
shit feature if you ask me.

~~~
nikolak
I'm not sure what you're saying exactly.

Why facebook doesn't disable it? Because people use it.

Why don't users disable/deny it? Because you can't select which permissions
you want to grant to application upon installation, it's either all or
nothing, even though the permissions may never be used.

And it's not really a shitty feature, the auto confirmation is pretty good -
the permissions needed for it are shitty though, but they don't really have a
choice other than completely disabling that part of application and having
users enter the code manually.

------
blueskin_
...and this is why not to install the facebook app.

Try Tinfoil:
[https://play.google.com/store/apps/details?id=com.danvelazco...](https://play.google.com/store/apps/details?id=com.danvelazco.fbwrapper&hl=en_GB)

CyanogenMod with Privacy Guard also works, but facebook's app is stupid
bloatware anyway.

------
JohnTHaller
Don't forget that Google Hangouts now has access to all your texts, too, now.

~~~
victorhooi
Err, yes, but on any modern version of Android, Google Hangouts _is_ the SMS
app - so I thing that's a bit of a red herring, and completely unrelated.

~~~
yread
> Google Hangouts _is_ the SMS app

What do you mean by that? It asked me if I want it to handle my sms, I said
no. It asked me again when I updated to 4.4, I said no again. I can (and will)
keep saying no...

~~~
psbp
They removed the default messenger and combined it with hangouts so they can
have a ubiquitous chat service like imessage on iOS.

~~~
yread
but I have the default messenger on 4.4.2?

------
frozenjuice
I remember noticing this on a lot more than just facebook. The Android
permissions model seems to now be pointless as so many apps ask for pretty
much all of the permissions.

------
lucb1e
The only astounding thing is that people seem surprised.

Also it's a moot point regardless: Facebook can read all my messages to
friends on Facebook already, and all their messages to their friends, and
everything they publicly and privately share, including photos and videos, and
they have access to most e-mail accounts around the globe. My texts are a
relatively small deal in comparison.

------
pioul
Asking for SMS (read/send) permissions is a growing trend among mobile apps
(Facebook, Facebook Messenger, Twitter, Google Hangouts…).

Most of the time, they're here to make the app slightly more useful to the end
user. But at the same time, you're potentially saying "yes" to a company who
might, one day, use your most personal info for bleaker purposes.

It's thus something I've always been fighting against (at least at a personal
level): I've stuck to the older, non-requiring-SMS-permissions version of
these apps until I could upgrade to a version of Android with App Ops, then
Cyanogen.

If SMS permissions is where you draw the line regarding your privacy, either
run a version of Android with App Ops, or Cyanogen with Privacy Guard.

I find it sad that companies still think most users value simplicity over
privacy.

~~~
annnnd
I find it sad that most users value simplicity over privacy.

~~~
pioul
I believe most users _seem_ to value simplicity over privacy, but actually
_do_ care about privacy. What's sad is that they don't get vocal enough about
it until private information gets exposed.

------
lijman
Just delete facebook already.

------
itsbits
Heading should have been proper if it was 'Android allows apps to read your
text messages'.

------
uptown
I noticed they pushed an update to the iOS app too, but those permissions
weren't mentioned in the update log. Anyone know if they claim the same access
in iOS? There's no granular permissions in the iOS Privacy section to control
access to messages.

~~~
siglesias
iOS apps can't access messages.

~~~
uptown
Thanks. I wasn't sure about that.

------
mgulaid
[http://imgur.com/W09C9uO](http://imgur.com/W09C9uO)

Twitter is doing the same. It requests access to contacts list, SMS, phone
call, phone Identity. I noticed the same and stopped updating. Andiord should
enable users to control apps.

~~~
sitkack
It is a ridiculous and I would say blatant insult to users and their security
to not firewall off apps. I really, really don't understand it.

------
urza
I have about 10 apps that I refuse to update, because they want some new
permissions that I'm not willing to grant them. It is sometimes hard to find
apps that respect your privacy and don't request absurd permissions.

~~~
gulbrandr
You can control the permissions of each apps with AppOps [1]

[1]
[https://play.google.com/store/apps/details?id=fr.slvn.appops](https://play.google.com/store/apps/details?id=fr.slvn.appops)

~~~
Nicholas_C
What's New: v 1.4 \- No more support for 4.4.2. I cannot do anything about it
so far.

------
coloncapitald
Add Hangouts to the discussion. They incorporated SMS into the app, but the
implementation doesn't look complete/polished, let alone the app. So, it
doesn't provide me an alternative to the OEM provided messaging app, and at
the same time they are accessing my SMS messages.

I personally don't use Facebook on phone now, but I would recommend using a
third-party app for accessing Facebook on android. I have used Friendcaster,
Fast and Seesmic before and found them pretty decent.

~~~
nikolak
They're not accessing your messages unless you use it as default SMS
application.

------
codereflection
The RSA had a similar new permission recently, the ability to use your camera.
With the knowledge of the NSA's backdoor to RSA encryption, I'll continue to
refuse the update. I know that I'm being on the paranoid side, but I'd rather
be paranoid than blindly accept these kinds of new requests. Facebook is out
of control. They are trying to get their hands on as much of your personal
data as possible. That alone should be enough for us to quit.

------
DorianMarie
That's why Privacy Guard from CyanogenMod is so useful.

(Actually it's called AppOps and it's from Google but it's an hidden feature
on stock Android)

~~~
dclara
Looks like not many people knew it. If it's available on Android, FB should
ask user's permission instead of force them to accept. If it's for the sake of
a feature, when user declines, only need to disable that feature.

------
ziegeer
I only use Facebook via Firefox on Android
([https://play.google.com/store/apps/details?id=org.mozilla.fi...](https://play.google.com/store/apps/details?id=org.mozilla.firefox))
and it works great. Not wanting to grant intrusive permissions to the Facebook
app is my number one reason.

------
lost_name
Facebook had this permission a long while ago and apparently removed it at
some point. People complained about the same thing then, too.

Ref: [http://www.businessinsider.com/facebook-might-be-reading-
you...](http://www.businessinsider.com/facebook-might-be-reading-your-
texts-2012-2) from Feb. 2012

------
intrepid_karthi
It is not only with facebook. Vodafone also does the same but also with write
permission on your sms. [http://www.intrepidkarthi.com/2014/01/vodafone-is-
reading-sm...](http://www.intrepidkarthi.com/2014/01/vodafone-is-reading-
smsmms/)

------
cordite
Reminds me of apps within facebook that want access to post on your wall, and
then you uncheck that, but then the app goes "NNOOOOOOO!" and tries to get you
to check it just to use the app, even though it does not need such
permissions.

------
pwnna
Which is why Privacy Guard from CM is so important.

I have it enabled default for all newly installed app.

------
patja
What I find more insidious is the new FB app permissions that allow it to read
all of your private calendar data. Maybe no big deal for many people, but I
put a lot of stuff into my calendar entries that I consider pretty private
info.

------
Aissen
And Dropbox can read your contacts. Haven't updated yet, and probably won't.

Hello Owncloud !

------
cheriot
Ever since Facebook requested permission to paint over other apps, I've
refused to upgrade or uninstall just to contribute an infinitesimal amount to
the maintenance cost of their software.

------
elnate
Is it possible for another app to interface with facebooks chat or do they
prevent this? I remember there used to be chat apps for pc that could do MSN,
AIM, Yahoo and a bunch of others.

~~~
schneidmaster
You can just interface with Facebook chat using the Jabber protocol
[https://developers.facebook.com/docs/chat/](https://developers.facebook.com/docs/chat/)

------
blario
Gotta love Android. No recourse short of custom and/or rooting

------
sidcool
This is true only for Android phones? Should iOS users be wary?

~~~
supercoder
Nup, iOS is far more secure than android

~~~
exodust
Far more secure? Thanks for the information, I didn't know that, and didn't
know the topic here was about security.

------
Kiro
I don't mind. The Facebook chat has already replaced any texting I'm doing so
the only new stuff they will get access to are postal delivery notifications.

------
viach
Which leads me to question - can HN read my posts?

------
antihero
Who _can 't_ read my texts nowadays?

------
staticelf
This is why I do not use any Google, Facebook or Twitter apps on my android
devices. On my iPhone, I block all requests.

------
runn1ng
Everyone I know - me including - just clicks "yes" on the giant list with
every second application.

It's kind of sad.

------
tomkinson
Facebook and Zuck have waaayyyyy too bad a privacy track record to be
entrusted with this imo. I deleted the app.

------
webo
It's not just Facebook. A lot of Google apps also require read (even write)
SMS permissions.

------
blisterpeanuts
I just use the web app, when I use FB at all. The value/intrusiveness ratio is
pretty low.

------
urza
I dont use facebook or twitter apps, I am only using them in mobile chrome and
is good enough.

------
emehrkay
Thank God that I cannot uninstall the FaceBook app from my HTC One.

------
robmcm
Could this be one of the reasons web apps get traction on Android?

------
jonobird1
Does anyone know what they are using this feature for exactly?

~~~
uptown
It helps expand their social-graph beyond what you've shared on their
platform. It also gives them access to geolocation information for users that
haven't shared it previously, as photos shared over text messages may contain
geo-location coordinate information. It likely also gives them context about
where people are, what they're doing, who they're talking to the most, and
what they're communicating about so they can deliver more context-aware
advertising.

But if you ask them - they'll say it helps them deliver a better experience
for their users and helps connect people, and that's what people really want
... to be more-connected.

~~~
prottmann
More connected than what ? I am conencted with all of my friends and business
contacts, whats the next level of "more connected" ?

------
sarojt
This sucks I should start reading privacy spolicies

------
tomkinson
This WAS THE LAST STRAW!!!

I DELETED FACEBOOK!!!!!!!!!!!!!!!!!!!

------
crististm
Hey, where is the "Reject" button?

------
Eye_of_Mordor
Just use their web site.

------
therealpatriot
I'm a god fearing american citizen with nothing to hide

~~~
theandrewbailey
Let's test that. What's your Social Security Number?

~~~
qwerty_asdf
I just sent it to you in a text message. Didn't you get it?

