Apple Plays Cat And Mouse With In-App Purchase Hacker
from the what-if-I-change-this-setting dept
Piracy has been considered the bane of game developers for as long as games have existed. Over the years, many methods of fighting piracy or turning those who play for free into paying customers have come and gone. Some methods focused deterring pirates while others instead focused on maximizing profits. One of these profit maximizing endeavors, which recently gained traction with game developers, is the use of micro-transactions -- or as they are often called in the mobile world, "in-app purchases." This method of revenue generation was quickly accepted by many game developers, as it provided a way to distribute the game for free to as many people as possible with the prospect that enough of those free users would then buy in-game items with real money.Because of this model of doing business, mobile phone producers (mainly Apple) have developed APIs that allow game developers to easily tie their in-game stores to Apple's payment processing and authentication services. While this method is not without its issues, it has been accepted as a relatively secure method of monetizing a game. That is, until one hacker named Alexey V. Borodin figured out a relatively simple way to spoof the purchases of in game items. Using this exploit, Alexey claims that as many as 30,000 transactions have been made since instructions went live.
In a follow up article, The Next Web reports that Apple has begun efforts to prevent the spread of this exploit. These efforts include blocking the IP address of the server Alexey was using, requesting the server be taken down by the Russian hosting company which owned it, sending take down notices to Youtube over videos providing instructions, and getting PayPal involved in shutting down the account Alexey was using to generate donations (a whopping $6.78 was raised according to that report). Apple also included the following statement:
The security of the App Store is incredibly important to us and the developer community. We take reports of fraudulent activity very seriously and we are investigating.Even with all these attempts at taking down Alexey's service, it still remains up and running for all willing iPhone users to take advantage of; that is, if those users are willing to risk their privacy and iTunes accounts to use it, something Alexey claims is not an issue.
While this exploit is very troubling on many levels, it really highlights the folly of relying on security through obscurity. Apple had the chance to secure its APIs long before this exploit happened. It has an opportunity to do so now. In fact, Alexy states that he is more than willing to talk about the issue with Apple. Unfortunately, Apple has not contacted him. While I can understand Apple's unwillingness to work directly with someone who openly exploits its services, it would be prudent to use all available options to end this exploit.
One would hope that game developers who feel threatened by this exploit will pressure Apple to fix the security issues in its APIs as well as provide some kind of training in best practices in securing in-app purchases. Of course game developers should also be doing their part to use all available tools to protect the integrity of their games as well -- something all software developers should do from the beginning.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: hack, hacker, in app purchases, microtransactions
Companies: apple
Reader Comments
Subscribe: RSS
View by: Time | Thread
I don't like the way things are heading now. You are being FORCED to be online even if the game can be played offline. Suppose you want to play the game or use the app 10 years from now and the company doesn't exist anymore or doesn't support the piece of software anymore? And the extras you bought online, even if you have the installation files how are you supposed to keep them for posterior use? Oh well.
More on topic, at least Apple didn't let their users information go out in the wild and no customer was affected, only the developers. As more and more of our lives are online, this security issue will get more and more central in the discussions. What amazes me is that the companies should be clear and transparent when there's data being compromised and most of them tend to leave the customers, developers or not, in the shadows and refuse to acknowledge the problem till there's a good amount of irreversible damage. This culture has to change.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
This one goes too far.
[ link to this | view in thread ]
[ link to this | view in thread ]
Steam
I am very glad that Apple is so secure about Apple ID's, your credit card numbers, and they NEVER sell your personal information to advertisers.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Saw this coming
See also: Samsung.
[ link to this | view in thread ]
Re: What happens 10 years from now?
I asked myself that about OSX. I used to play the mostly obscure games on what is considered by today "Classic Mac". My games included Marathon (Bungie), Glider Pro (Casedy and Greene), Warcraft (it ran perfectly on Quadra 605). I have to emulate a lot of old Mac stuff now to get the titles I really want to play.
[ link to this | view in thread ]
Re: Saw this coming
The server he was using was Russian....most of the scams I've seen where there is a "Free Game" exploit on Steam had turned out to be Russian and if you participated, your Steam Account got hijacked.
Samsung vs Apple has absolutely nothing to do with it. Apple kept their user clients safe, and are now working on an API to secure the exploit.
Oh, and by the way, what's stopping Alexy from selling your personal information to spammers? That's exactly what's happening to independent developers who work hard to deliver apps to the iTunes store.
So now that I have you back on subject, quit trolling unless you have something relavent to the article to joke about.
[ link to this | view in thread ]
[ link to this | view in thread ]
How come.....
[ link to this | view in thread ]
Re: Re: Saw this coming
"what's stopping Alexy from selling your personal information to spammers?"
What's stopping Apple from selling your personal information to spammers? I guess I fail to see the point here.
And Apple doesn't sell your info to advertisers? While sort of true, they are more than happy to harvest your info and sell iAds to developers. Same difference.
As for the Samsung comment, Apple doesn't like competing in a straight-forward manner against Samsung (hence patent suits and injunctions), just like it doesn't want to take a straight-forward approach to this dude who is taking advantage of their security flaws.
[ link to this | view in thread ]
Re: Steam
I guess you've NEVER heard about people having charges made to their Apple ID's and credit cards associated with said IDs that they weren't aware of, right?
I only ask it in the form of a question, but I mean it as a general and factual statement. There are tons of reports of people having their Apple accounts hacked and then having trouble getting Apple to even admit there's a problem, which isn't to say Apple representatives weren't helpful in reversing the charges or crediting their accounts (just that Apple isn't acknowledging that there very much is a problem on their end). Which suffice it to say there is, but like all things just because most people don't know about it doesn't mean it isn't happening. The whole "see no evil" quote comes to mind.
In fact, let's just play a game. Let's Google (gasp!) the words "apple account hacked" and then let's see how recent some of the things that will show up are, shall we?
Hmm. That's curious. The first 6 entries all have dates that are within the past 2 months and it's worth noting that the first 6 entries ALL are being discussed on Apple discussion boards.
A further search will turn up even more related events. Suffice it to say Apple's security isn't up to snuff. And that's not me taking a shot at Apple, that's me stating a fact. The simple thing would be for Apple to review their security and perhaps advise people to be more cautious with their accounts, I'd hate to see another "You're holding it wrong" fiasco. Despite that not having been said, it still went around the web quick, fast and in a hurry and did nothing to help their reputation.
[ link to this | view in thread ]
Re:
Not something that I want as a customer. Even though at the moment it appears to only be affecting the developers, what’s to say that there isn't something in there that allows the device to be exploited?
And as a developer myself, I would definitely want to change an app with the problem, especially if this was my main source of revenue.
[ link to this | view in thread ]
Re: Re:
Actually I think that's his point, these takedowns have nothing to do with copyright so what right exactly do they have to get them taken down? If they are using the DMCA to get it taken down they obviously have no valid copyright claim to do it by and are abusing the process.
If they are just asking Youtube to get the videos taken down because they want them disappeared and Youtube is taking them down then this really reflects badly on Youtube more than it does Apple. This is a valid security issue that Apple needs to fix, not just try to hide so taking these videos down is the wrong solution.
[ link to this | view in thread ]
Re: Re: Steam
[ link to this | view in thread ]
This is a developer problem
[ link to this | view in thread ]
Re: Re: Re: Saw this coming
This isn't about competition with Samsung. It's about someone hacking developer Accounts to get free games.
[ link to this | view in thread ]
Re: How come.....
[ link to this | view in thread ]
Re: Re: Steam
Links and comparison please...I could use a laugh at your efforts to discredit something you have no clue about....
[ link to this | view in thread ]
Re: Re: How come.....
[ link to this | view in thread ]
Re: Re: Re: Steam
I did however point out that Apple is not necessarily securing people's Apple IDs or credit card information as well as you might believe or as well as you might try and lead others to believe. I then stated that this is something that has been going on for years now, there are tons and tons of discussion boards filled with people who have had issues arise where someone had hacked their account, and despite this going on for years Apple has still done nothing about it for the most part.
Also, wtf. Someone's angry, and it isn't me. Perhaps you should take the time to cool off and realize that people are going to take apart piece by piece things you say when you say things that aren't correct. Is it my fault you tend to state things that aren't correct? No. It is your fault. It is however my duty to correct your incorrect statements, as to prevent others from believing something that is false. That's what we should all do though, correct false statements. If you have a problem with being corrected then perhaps you should go out of your way to make sure you have all the information needed before you say something.
And it might seem like a personal attack on you me doing this, but that's because you're one of the few stating things on Apple and Android articles on a regular basis and doing so with not so up to date or accurate information. (See previous point about getting all the facts and things correct before clicking "Submit".)
And no, I am very much not a troll. If I was a troll I'd just write, "You're wrong, iSheep. Apple sucks." Then I'd disappear from the comments. I don't do that though.
Seriously, don't like being corrected then perhaps you should stop posting or at least stop posting incorrect things. But by all means, be happy all you want. But as someone who knows plenty of people who use Apple products, I don't want them believing statements made by guys like you saying, "Apple and Apple products are SOOOOO secure and nothing bad could ever breach Apple's walled gardens." Shit like that leads to more work for guys like me. And I for one won't have it.
[ link to this | view in thread ]
Re: Re: Re: Steam
I'm not trying to discredit anything, I'm just pointing out Apple IDs and linked credit cards are not as secure as someone else, Wally, made them out to be. I honestly have no clue because I don't have a legit Apple ID. I made a throwaway account using a throwaway email account one time to get subscribed to a free podcast I wanted that I could at the time only get through iTunes. I DO NOT have a linked credit card to any account anywhere I use online though. If I do, it's a pre-paid card and I add money to it when I need to, the rest of the time it's inactive or only has one cent on it.
Seriously, you guys get all butthurt whenever anyone points out that Apple has problems or has failed in some way. That's your problem not mine. As I said, do the search yourself and read. The information's there, it's not my job to spoon feed it to you.
[ link to this | view in thread ]
Re: Re: Steam
-Anonymous Coward With A Unique Writing Style
You hear that Ninja, two anonymous people, and Sad Mac? It appears that we the "Apple Fanboy Spies" have been caught. I guess we should definitely cover our tracks with something better than to totally unrelated dates and articles from the past two months...especially if the comments are unrelated to ANY Apple discussion boards.
This is the result of me reading your statement word for word. I would've taken the statement as constructive criticism, but the quotation above provides enough information to prove that you're nucking futz.
[ link to this | view in thread ]
Re: Re: Re: Steam
https://discussions.apple.com/message/185 80124#18580124
https://discussions.apple.com/message/18537761#18537761
https://discussions.app le.com/message/18909301#18909301
https://discussions.apple.com/message/18077328#18077328
That' s just a quick handful of links. So you're claiming that those discussions ARE NOT taking place on Apple Support Community boards, is that correct?
Yeah, I'm fucking nuts. /s
You're the one refusing to believe what is clearly being pointed to. I even told you how to find the info and a real quick summary of what is being discussed.
Now, that information is unrelated as it pertains to this article. But it is NOT unrelated to my pointing out that Apple IDs and credit cards aren't being as secured as YOU said they were. I responded to a comment you made. It's up to you to prove that Apple is securing them. Seriously, don't shoot the messenger. Man, you guys seriously have anger issues when someone points out Apple might not be doing as great a job as you think they are.
Here if it makes you feel better. Unrelated info. I'm glad Google is upping the security in Jelly Bean to prevent hackers from installing malware on people's phones. I take care of my stuff and am quite security conscious, but others aren't. If this helps them, more power to Google and the end users. Problems should be fixed and that's been done. Yay for everyone! There. Happy now?
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: Re: Re: Saw this coming
[ link to this | view in thread ]
Re: Re: How come.....
Umm not quite.
The same IP address on the same article equals the same avatar.
Wally = Sad Mac
[ link to this | view in thread ]
Re: Re:
Likewise, when we purchase operating systems, apps, etc... there is a reasonable, implied, expectation that our transactions will be secure and we should be able to expect a reasonable degree of security in the process. How Apple or the T.V. manufacturer manages to deliver what they deliver, all the technical details, is their problem, not mine. Just fix it, OK.
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Re: How come.....
[ link to this | view in thread ]
Re: Re: Re: How come.....
[ link to this | view in thread ]
Re: Re: Re: How come.....
[ link to this | view in thread ]
Re: Re: Re: Steam
Hmmm. We might have a new debate tactic here.
"You effectively rebutted everything I said, so fuck off!"
What do want to call it? Any ideas?
[ link to this | view in thread ]
Re: Re: Re: Steam
Didn't I warn you about the snowflake ID yesterday...stop trying to pretend you are two people.
[ link to this | view in thread ]
Re: Re: Re: Re: Steam
The Sad Wally Effect?
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Saw this coming
The word "Samsung" is nowhere to be found in the article. The subject of Apple's anticompetitive nature isn't even mentioned or brought up.
[ link to this | view in thread ]
Re: Re: Re: Re: How come.....
LOL. Funny.
What are the odds that someone who is piggybacking your WiFi connection without authorization would be commenting on the exact same Techdirt article at the exact same time as you?
Slim to none and slim left town.
[ link to this | view in thread ]
Re: Re: Re: Re: Steam
Anonymous Coward With A Unique Writing Style,
Those links you provided have absolutely no similarities to comments on here. Yeah it is being discussed but that doesn't mean the comments there are coppied and rewritten here.
""Hmm. That's curious. The first 6 entries all have dates that are within the past 2 months and it's worth noting that the first 6 entries ALL are being discussed on Apple discussion boards."
Think out of the box on that and look what it looks like through other people's eyes before you post. I had interperated "entries" as comments.
[ link to this | view in thread ]
Re: Re: Re: Re: How come.....
Wow, what are the chances, an Anonymous Coward just happens to have the same avatar as Wally and Sad Mac. Must be random.
[ link to this | view in thread ]
Re: Re: Re: Steam
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Steam
K. Let me put this really simply. You stated Apple makes sure Apple IDs and credit cards are secure. I said basically, "Nuh uh, and there's proof." Which I then presented. You threw a shit fit. You/Sad Mac then went off your rails a bit more.
So you interpreted "entries" to mean "comments", despite the fact that I said this (?):
"In fact, let's just play a game. Let's Google (gasp!) the words "apple account hacked" and then let's see how recent some of the things that will show up are, shall we?
Hmm. That's curious. The first 6 entries all have dates that are within the past 2 months and it's worth noting that the first 6 entries ALL are being discussed on Apple discussion boards."
I don't know how you interpreted it incorrectly, but again, that's not my problem. Either way, you stated something that wasn't factually true. I then stated something to correct you, presented proof and you flipped out. Like I said, don't like it... that's fine, but don't get upset when people correct you because that's how life is. People will tell you things you don't want to hear. And stop taking things so personally. I'll correct anyone and I myself have been corrected on this. I usually even say, "Hey, if I'm off on something feel free to correct me." I then thank people who do correct me, I do not flip out like you did.
Now that this has all been cleared up, I look forward to doing this again. But try out what I said, stop stating things as fact before you have all relevant information at hand (and your personal experience, as great and important as it can be, DOES NOT translate to making what you've experience an automatic fact for the rest of the world). That's your problem and I've pointed it out before. I'm not trying to be mean or a jerk.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
Hmm, I've never considered using my digital purchases as a part of ass-play before. Thanks! You've opened my eyes to a whole new world of possibilities!
[ link to this | view in thread ]
Re: Re: Re: Steam
Indeed you do! I might suggest, however, that if the comments of others on the internet detracts from your ability to be happy, then perhaps the internet isn't for you. It's a rough-and-tumble place.
Happiness is a choice. It comes from how you relate with the things your encounter in your life, not from what those things actually are. I've known people living hellish lives who were fundamentally happy, and I've known people living blessed and gilded lives who were absolutely miserable.
[ link to this | view in thread ]
Re: Re: Re: Re: Re: How come.....
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: How come.....
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Re: How come.....
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Steam
I think that when you said "the first 6 entries," he thought you meant "the first 6 comments on this TD post." He just had a simple reading comprehension failure.
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Saw this coming
Maybe that's true, maybe not, but I see no reason to assume that it is. Apple is no angel.
[ link to this | view in thread ]
Re: How come.....
[ link to this | view in thread ]
Re: Re: Re: Re: Re: How come.....
[ link to this | view in thread ]
Re: Re: Re: Re: How come.....
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: How come.....
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re: Steam
They'll have to learn to change that strategy. It's not a workable strategy when your platform is a dominant player by usage volume.
[ link to this | view in thread ]
Re: Re: Re: Re: Steam
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: Re: Saw this coming
Selling info to a third party very is different to using it yourself to deliver adverts for a third party. Very, very different.
The two are crucially different.
When you give information to a party, you know they've got your information. You might choose to give them info A, C, and Z and from this, they can't work out anything about you that you don't want them to.
You might give some other party information C, D, K, and M, and from this it's impossible to work out anything about you that you don't want them to.
However if information A, C, D, K and Z are correlated, it might be possible to work out things about you that you don't want known, and this might be an information that you'd never have given to any single party.
This has huge privacy implications and it's really important that people understand that correlating information given to different parties can form a new set of information that when altogether violates privacy.
Not understandiing this often creates a barrier, not only to protecting one's own privacy, but to recognizing and taking privacy concerns seriously, (which is a barrier to getting broader, legal based protections, because it's hard to get people to see that there is a privacy issue).
People tend to think if you give information casually, there's no problem when that information is correlated, but correlating information makes it more the sum of the fragmented parts. It's crucial that people understand this both to protect their own privacy and so that they can be the kind of informed citizens we need people to be if privacy is to be sufficiently protected legally.
Correlation takes harmless sets of information and associates them in ways that can violate the privacy of the end user.
It's really important to draw a line between using information customers to provide an advert service to other parties, all while sheilding the information itself from the advert buyer, and handing over the information itself to third parties.
The two are very distinct because of the implications of correlating information into a single set.
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Saw this coming
I know the above article isn't about Samsung. I was however point out that Apple is lawyering this situation and pointing out that they love lawyering everything they do. I pointed out that the Samsung is a prominent situation in which they lawyer the shit out of shit.
Good god.
[ link to this | view in thread ]
Re: Re: Re: Re: Steam
[ link to this | view in thread ]
Re: I think you would appreciate that for once, the takedown notices ... [are] in the interest of ... Apple's customers
Remember, DMCA takedowns have to be submitted “under penalty of perjury”. Do you know what “perjury” means? It’s a legal term for “lying”.
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Re: Steam
[ link to this | view in thread ]
Re: Re: Re: Steam
Flashback Virus was an interesting case though. I recall Apple being in a huge flurrie of denial about it. A lot of the statistics showed that of the some odd 300,000 computers affected, 90% of them had Windows partitions and got it that way from booting between the two OS's. The users with the partitions assumed that since all these years Apple hadn't gotten viruses on their systems, they wouldn't need an antivirus (oh the arrogance of iSheep). Of course Apple does completely fail at acknowledging security issues. Anyone remember hearing about a PDF exploit that could be used to make iDevices a carrier? Took Apple a full 6 months to update iOS to correct it.
There have been many viruses and WORMs throughout the history of the old MacOS days (pre-OS8).
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Re: Saw this coming
[ link to this | view in thread ]
Re: Re: Re: Re: Saw this coming
The big huge red flag that I saw in this whole exploit is that the servers were in Russia, one of the largest providers of SPAM messages in the world. A similar situation happened on Steam where hackers had offered a free game by logging in using that website (which looked almost exactly like Valve Software's Steam Forum login page). Some of the offers were along the lines of "Get Half-Life 2 completely free" and it had provided instructions on how to exploit the payment system. They provided a link. Several people on my friends list had their accounts hijacked and just for security (and blind curiosity) I went to the website. I didn't log in, but man alive did I see a lot of errors....spelling errors...very obvious spelling errors.
[ link to this | view in thread ]
Re: Charges
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Re: Re: Saw this coming
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Re: Re: Steam
"In fact, let's just play a game. Let's Google (gasp!) the words "apple account hacked" and then let's see how recent some of the things that will show up are, shall we?
Hmm. That's curious. The first 6 entries all have dates that are within the past 2 months and it's worth noting that the first 6 entries ALL are being discussed on Apple discussion boards."
I quite clearly stated, hey let's do a Google search. I then quite clearly stated the words I was and did end up using in the search. I then said let's see what I find/found. I then stated that first 6 entries all had dates and they were all taking place on Apple discussion boards. Now, this is insanely easy to follow.
Why would you assume the 6 entries refer to Techdirt, when I quite clearly said they were on Apple discussion boards? It was a reading fail on your part, possibly brought on by a quick and irrational surge of anger/"stop being a meanie"-ness on your part.
I often go out of my way to be very specific and clear in what I'm saying to avoid having others twist my words around or read things into them that aren't there.
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Steam
[ link to this | view in thread ]
Re: Re: Re: Re: Steam
Uninformed User: AWESOME ^_^ A FREE GAME ^_^
"Legit Apple Website": Sign in here using your Apple ID
Uninformed User: *signs in using Apple ID login information*
Uninformed User (1 week later): HALP! MY ACCOUNT HAS BEEN HACKED :-(
Other reasons include pisspoor passwords, the occasional (and extremely rare) Apple server D-base hacked, not deactivating a device before transferring to a new computer to allow your iDevice onto a new one.
Now I am willing to bet, that the scenario depicted above is the most likely candidate for why users get their accounts hacked.
As for those dates on the commentaries, how many correlate with the length of time Alexy's exploit video was up?
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Steam
"I often go out of my way to be very specific and clear in what I'm saying to avoid having others twist my words around or read things into them that aren't there."
1. Nobody is here to twist your words. That thought is a bit paranoid. But if they are, they are likely trolling.
2. Tons of written information = clutter =/= (does not equal) simple and clear. Try to be specific and short at the same time.
3. Someone will always read too far between the lines. It's human nature. Just quickly write what you mean and explain what you said is "as is".
Now would you please calm down?
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Saw this coming
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Saw this coming
But the exploit is teaching people how to do something completely illegal. Developers, who work very very hard to create this content, are loosing their money. Apple's hosting fee is 7% of the profit, so they have little to loose.
Also, unlike Jailbreaking and rooting, the exploit requires you to use a server to log into your Apple ID account. That server is in Russia. Alexy set up the server himself. That's not something very many cautious people would risk doing.
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Re: Re: How come.....
[ link to this | view in thread ]
Re: Re: Re: Re: Re: How come.....
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: How come.....
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]