What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I've had concerns about these USB TRNG devices given that it's difficult to know whether these things are actually doing something use or harmful.

How about a DIY solution that seeds the entropy pool with noise from a $12 USB attached RTL-SDR device ?

RTL-SDR

RTL2832U + R820T Support DVB-T SDR+DAB+FM USB Digital TV Tuner Receiver US
http://www.ebay.com/itm/New-RTL2832...114592?hash=item46625f2a20:g:HhkAAOSwWiBY~vqA
Software

Articles regarding the use of rtl-entropy.

Hardware RNG Through an rtl-sdr Dongle
Cheap Entropy: Using your RTL-SDR as a hardware entropy source
 
Last edited:
I think some of the problems people have in creating an adequate RNG solution is really understanding ...

a) What entropy really is.

b) How Linux manages entropy in practice rather than what is documented.

c) How entropy is used.
Below is an interesting discussion on the realities of entropy.

Understanding And Managing Entropy Usage

 
Last edited:
How about a DIY solution that seeds the entropy pool with noise from a $25 USB attached RTL-SDR device ?
I paid $8 for one of these some time ago. Just compiled rtl-entropy and dependencies for Ubuntu. I'm able to continuously feed input to rngtest directly from rtl-entropy. Just like when running haveged, it's crazy fast.

rngtest
of 100,000 blocks got only 82 failures. Now I will try making it work on the RT-AC68U.

Here's what dmesg shows, when I plug in the SDR stick to Ubuntu.
Code:
[21380.316338] usb 1-1: new high-speed USB device number 2 using ehci-pci
[21380.649841] usb 1-1: New USB device found, idVendor=0bda, idProduct=2838
[21380.649845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[21380.649846] usb 1-1: Product: RTL2838UHIDIR
[21380.649847] usb 1-1: Manufacturer: Realtek
[21380.649849] usb 1-1: SerialNumber: 00000001
[21381.567423] usb 1-1: dvb_usb_v2: found a 'Realtek RTL2832U reference design' in warm state
[21382.590063] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[21382.590112] DVB: registering new adapter (Realtek RTL2832U reference design)
[21382.712490] i2c i2c-0: Added multiplexed i2c bus 1
[21382.712493] rtl2832 0-0010: Realtek RTL2832 successfully attached
[21382.712509] usb 1-1: DVB: registering adapter 0 frontend 0 (Realtek RTL2832 (DVB-T))...
[21382.777203] r820t 1-001a: creating new instance
[21382.789379] r820t 1-001a: Rafael Micro r820t successfully identified
[21382.815188] media: Linux media interface: v0.10
[21382.853891] Linux video capture interface: v2.00
[21382.917792] rtl2832_sdr rtl2832_sdr.0.auto: Registered as swradio0
[21382.917794] rtl2832_sdr rtl2832_sdr.0.auto: Realtek RTL2832 SDR attached
[21382.917795] rtl2832_sdr rtl2832_sdr.0.auto: SDR API is still slightly experimental and functionality changes may follow
[21382.932936] Registered IR keymap rc-empty
[21382.933291] input: Realtek RTL2832U reference design as /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/rc/rc0/input6
[21382.934102] rc rc0: Realtek RTL2832U reference design as /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/rc/rc0
[21382.936056] usb 1-1: dvb_usb_v2: schedule remote query interval to 200 msecs
[21382.955857] usb 1-1: dvb_usb_v2: 'Realtek RTL2832U reference design' successfully initialized and connected
[21382.956126] usbcore: registered new interface driver dvb_usb_rtl28xxu
[21383.022504] lirc_dev: IR Remote Control driver registered, major 244
[21383.064726] rc rc0: lirc_dev: driver ir-lirc-codec (dvb_usb_rtl28xxu) registered at minor = 0
[21383.064729] IR LIRC bridge handler initialized
 
Did you try feeding rngtest directly with /dev/ttyACM0? Remember to kill haveged before you run the tests.

Also also kill rngd for this test...

urandom doesn't look so bad...

Code:
pi@raspy2:~ $ sudo /etc/init.d/haveged stop
[ ok ] Stopping haveged (via systemctl): haveged.service.
pi@raspy2:~ $ sudo /etc/init.d/rng-tools stop
Stopping Hardware RNG entropy gatherer daemon: rngd.
pi@raspy2:~ $ sudo cat /dev/hwrng | rngtest -c 1024
rngtest 2-unofficial-mt.14
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 20480032
rngtest: FIPS 140-2 successes: 1023
rngtest: FIPS 140-2 failures: 1
rngtest: FIPS 140-2(2001-10-10) Monobit: 1
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 0
rngtest: FIPS 140-2(2001-10-10) Long run: 0
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=22.163; avg=1209.207; max=4882812.500)Kibits/s
rngtest: FIPS tests speed: (min=1.594; avg=9.721; max=9.950)Mibits/s
rngtest: Program run time: 19535508 microseconds

pi@raspy2:~ $ sudo cat /dev/urandom | rngtest -c 1024
rngtest 2-unofficial-mt.14
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 20480032
rngtest: FIPS 140-2 successes: 1024
rngtest: FIPS 140-2 failures: 0
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 0
rngtest: FIPS 140-2(2001-10-10) Long run: 0
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=312.680; avg=2115.145; max=4768.372)Mibits/s
rngtest: FIPS tests speed: (min=6.407; avg=9.634; max=9.893)Mibits/s
rngtest: Program run time: 2091464 microseconds
 
Here's what dmesg shows, when I plug in the SDR stick to Ubuntu.

Interesting - I was thinking an old tv tuner card... and then point it at a NTSC analog empty channel...

Code:
[ 3734.932826] usb 1-1.5: new high-speed USB device number 4 using dwc_otg
[ 3735.068435] usb 1-1.5: New USB device found, idVendor=2040, idProduct=6513
[ 3735.068456] usb 1-1.5: New USB device strings: Mfr=0, Product=1, SerialNumber=2
[ 3735.068467] usb 1-1.5: Product: WinTV HVR-980
[ 3735.068477] usb 1-1.5: SerialNumber: 
[ 3736.149146] media: Linux media interface: v0.10
[ 3736.174850] Linux video capture interface: v2.00
[ 3736.191991] em28xx: New device  WinTV HVR-980 @ 480 Mbps (2040:6513, interface 0, class 0)
[ 3736.192007] em28xx: Audio interface 0 found (Vendor Class)
[ 3736.192015] em28xx: Video interface 0 found: isoc
[ 3736.192022] em28xx: DVB interface 0 found: isoc
[ 3736.192272] em28xx: chip ID is em2882/3
[ 3736.458845] em2882/3 #0: EEPROM ID = 1a eb 67 95, EEPROM hash = 0x03ab27dd
[ 3736.458858] em2882/3 #0: EEPROM info:
[ 3736.458864] em2882/3 #0:     AC97 audio (5 sample rates)
[ 3736.458870] em2882/3 #0:     500mA max power
[ 3736.458879] em2882/3 #0:     Table at offset 0x24, strings=0x1e82, 0x186a, 0x0000
[ 3736.458890] em2882/3 #0: Identified as Hauppauge WinTV HVR 950 (card=16)
[ 3736.468569] tveeprom 3-0050: Hauppauge model 65201, rev A1C0, serial# 199***
[ 3736.468587] tveeprom 3-0050: tuner model is Xceive XC3028 (idx 120, type 71)
[ 3736.468599] tveeprom 3-0050: TV standards PAL(B/G) PAL(I) PAL(D/D1/K) ATSC/DVB Digital (eeprom 0xd4)
[ 3736.468609] tveeprom 3-0050: audio processor is None (idx 0)
[ 3736.468617] tveeprom 3-0050: has radio
[ 3736.468626] em2882/3 #0: analog set to isoc mode.
[ 3736.468632] em2882/3 #0: dvb set to isoc mode.
[ 3736.469208] usbcore: registered new interface driver em28xx
[ 3736.503837] em2882/3 #0: Registering V4L2 extension
[ 3736.521549] tvp5150 3-005c: tvp5150 (4.0) chip found @ 0xb8 (em2882/3 #0)
[ 3736.521564] tvp5150 3-005c: tvp5150am1 detected.
[ 3736.629562] tuner 3-0061: Tuner -1 found with type(s) Radio TV.
[ 3736.648342] xc2028 3-0061: creating new instance
[ 3736.648360] xc2028 3-0061: type set to XCeive xc2028/xc3028 tuner
[ 3736.648953] em2882/3 #0: Config register raw data: 0xd0
[ 3736.649591] usb 1-1.5[B]: Direct firmware load for xc3028-v27.fw failed with error -2[/B]
[ 3736.649606] xc2028 3-0061: Could not load firmware xc3028-v27.fw.
[ 3736.649931] em2882/3 #0[B]: AC97 vendor ID = 0xffffffff[/B]
[ 3736.650310] em2882/3 #0[B]: AC97 features = 0x6a90[/B]
[ 3736.650317] em2882/3 #0: Empia 202 AC97 audio processor detected
[ 3737.253093] em2882/3 #0: V4L2 video device registered as video0
[ 3737.253109] em2882/3 #0: V4L2 VBI device registered as vbi0
[ 3737.253124] em2882/3 #0: V4L2 extension successfully initialized
[ 3737.253133] em28xx: Registered (Em28xx v4l2 Extension) extension
[ 3737.269924] em2882/3 #0: Binding audio extension
[ 3737.269938] em28xx-audio.c: Copyright (C) 2006 Markus Rechberger
[ 3737.269943] em28xx-audio.c: Copyright (C) 2007-2014 Mauro Carvalho Chehab
[ 3737.270209] em2882/3 #0: Endpoint 0x83 high-speed on intf 0 alt 7 interval = 8, size 196
[ 3737.270219] em2882/3 #0: Number of URBs: 1, with 64 packets and 192 size
[ 3737.273760] em2882/3 #0: Audio extension successfully initialized
[ 3737.273783] em28xx: Registered (Em28xx Audio Extension) extension
[ 3737.307213] em2882/3 #0: Binding DVB extension
[ 3737.566459] xc2028 3-0061: attaching existing instance
[ 3737.566474] xc2028 3-0061: type set to XCeive xc2028/xc3028 tuner
[ 3737.566481] em2882/3 #0: em2882/3 #0/2: xc3028 attached
[ 3737.566488] DVB: registering new adapter (em2882/3 #0)
[ 3737.566508] usb 1-1.5: DVB: registering adapter 0 frontend 0 (LG Electronics LGDT3303 VSB/QAM Frontend)...
[ 3737.571193] em2882/3 #0: DVB extension successfully initialized
[ 3737.571212] em28xx: Registered (Em28xx dvb Extension) extension
[ 3737.587082] em2882/3 #0: Registering input extension
[ 3737.632931] Registered IR keymap rc-hauppauge
[ 3737.633588] input: em28xx IR (em2882/3 #0) as /devices/platform/soc/3f980000.usb/usb1/1-1/1-1.5/rc/rc0/input0
[ 3737.633715] rc rc0: em28xx IR (em2882/3 #0) as /devices/platform/soc/3f980000.usb/usb1/1-1/1-1.5/rc/rc0
[ 3737.636213] em2882/3 #0: Input extension successfully initalized
[ 3737.636222] em28xx: Registered (Em28xx Input Extension) extension
 
@Fitz Mutch Here you go, looks like it's up to spec
cat /dev/ttyACM0 | rngtest -c 1024
rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 20480032
rngtest: FIPS 140-2 successes: 1023
rngtest: FIPS 140-2 failures: 1
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 0
rngtest: FIPS 140-2(2001-10-10) Long run: 1
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=394.387; avg=402.849; max=3255208.333)Kibits/s
rngtest: FIPS tests speed: (min=22.360; avg=34.143; max=35.585)Mibits/s
rngtest: Program run time: 50224735 microseconds

Well the OneRNG is open source and everything, unfortunately I made my purchase before stumbling on OneRNG page.
 
Interesting - I was thinking an old tv tuner card... and then point it at a NTSC analog empty channel...

Didn't Intel implement their x86 RNG by using electronic noise to seed the CPU's engine? Thought I read something about that a long time ago (probably back to the Pentium 4 days).
 
Didn't Intel implement their x86 RNG by using electronic noise to seed the CPU's engine? Thought I read something about that a long time ago (probably back to the Pentium 4 days).
@RMerlin,

Are you referring to RdRand ?

As usual, there's speculation that it's not as secure as Intel states.​
 
Last edited:
@RMerlin,

Are you referring to RdRand ?

As usual, there's speculation that it's not as secure as Intel states.​

I don't remember what it was called, it was many years ago.
 
I recall something similar - long time ago... might have been SW related to SSE2 and icc (Intel's C-compiler)

Does this ring a bell?

https://software.intel.com/en-us/ar...r-generator-on-the-intel-pentiumr-4-processor

RDRAND is fairly new...

It was actually RDSEED Based on a quick Google search, that one relies on thermal noise.

https://en.wikipedia.org/wiki/RdRand

The RDSEED instruction was added to Intel Secure Key for seeding another pseudorandom number generator,[15] available in Broadwell CPUs. The entropy source for the RDSEED instruction runs asynchronously on a self-timed circuit and uses thermal noise within the silicon to output a random stream of bits at the rate of 3 GHz,[16] slower than the effective 6.4Gbit/s obtainable from RDRAND (both rates are shared between all cores and threads).[17] The RDSEED instruction is intended for seeding a software PRNG of arbitrary width, whereas the RDRAND is intended for applications that merely require high-quality random numbers. If cryptographic security is not required, a software PRNG such as Xorshift is usually faster.[18]
 
@Fitz Mutch,

Is it possible to get rtl-entropy to run on Asuswrt-Merlin ?

For those of us who don't have an installation of Linux, could you "make" it on the router ?

There's an Entware-NG package for "make", however Asuswrt-Merlin doesn't have ./configure.​
 
Is it possible to get rtl-entropy to run on Asuswrt-Merlin ?
I might be able to say in a couple days, if it will be useful on the router. Here's proof that it runs on Linux 3.2. This means a backport to Asuswrt is possible?

Here's everything I did so far, including setting up the development VM. I tested with the oldest supported Linux version because I want to backport to Asuswrt.

### For this test you need at least Debian Linux 7.1 ###
https://www.debian.org/releases/wheezy/debian-installer/

Enable the sudo command on fresh install of Debian Linux
Code:
# HOWTO: add a user to sudoers, if needed
su
echo "myusername   ALL=(ALL)   ALL" >>/etc/sudoers
exit

Install VMware Tools
Code:
sudo apt-get update && sudo apt-get dist-upgrade
sudo apt-get install build-essential linux-headers-$(uname -r)
cd
tar xzvf VMwareTools*
cd vmware-tools-distrib
sudo vmware-install.pl

Install development tools
Code:
sudo dpkg --add-architecture i386
sudo apt-get update
sudo apt-get install libelf-dev:i386 libelf1:i386
sudo apt-get install --no-install-recommends autoconf automake bash bison bzip2 diffutils file flex m4 g++ gawk groff-base libncurses-dev libtool libslang2 make patch perl pkg-config shtool subversion tar texinfo zlib1g zlib1g-dev git-core gettext libexpat1-dev libssl-dev cvs gperf unzip python libxml-parser-perl gcc-multilib gconf-editor libxml2-dev g++-4.4 g++-multilib gitk libncurses5 mtd-utils libncurses5-dev libstdc++6-4.4-dev libvorbis-dev g++-4.4-multilib git autopoint autogen sed build-essential intltool libglib2.0-dev xutils-dev libltdl-dev lib32z1-dev lib32stdc++6 libudev-dev cmake libcap-dev rng-tools dieharder

Broke the desktop, fixed it here
Code:
sudo apt-get install --no-install-recommends gdm3 gnome gnome-core gnome-packagekit libelf1 libglib2.0-bin packagekit packagekit-tools task-gnome-desktop

Compile and install rtl_entropy and its dependencies
Code:
cd
git clone https://github.com/libusb/libusb.git
cd libusb
./autogen.sh
./configure
make
sudo make install

cd
git clone git://git.osmocom.org/rtl-sdr.git
cd rtl-sdr/
autoreconf -i
./configure
make
sudo make install
sudo ldconfig

cd
git clone https://github.com/pwarren/rtl-entropy/
cd rtl-entropy
mkdir build
cd build
cmake ../
make
sudo make install

Plug in your DVB-T SDR stick and remember to connect the antenna. Mine was gotten on eBay for $8. free shipping ePacket from China. The description is "DVB-T+FM+DAB 820T2 & SDR"
Code:
#dmesg
[ 1500.381905] usb 1-1: new high-speed USB device number 2 using ehci_hcd
[ 1500.700917] usb 1-1: New USB device found, idVendor=0bda, idProduct=2838
[ 1500.700922] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1500.700925] usb 1-1: Product: RTL2838UHIDIR
[ 1500.700926] usb 1-1: Manufacturer: Realtek
[ 1500.700928] usb 1-1: SerialNumber: 00000001

Test your new hardware RNG :)
Code:
#sudo rtl_entropy -b -s 10000M -f 101.5M
#sudo caat /var/run/rtl_entropy.fifo | rngtest -c 10000
rngtest 2-unofficial-mt.14
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 200000032
rngtest: FIPS 140-2 successes: 9996
rngtest: FIPS 140-2 failures: 4
rngtest: FIPS 140-2(2001-10-10) Monobit: 1
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 0
rngtest: FIPS 140-2(2001-10-10) Long run: 3
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=22.275; avg=4669.761; max=9765625.000)Kibits/s
rngtest: FIPS tests speed: (min=50.193; avg=122.591; max=130.640)Mibits/s
rngtest: Program run time: 46512920 microseconds
 
Last edited:
Apparently, a Linux backport is unnecessary because rtl-entropy uses the libusb package.

If you're familiar with compiling AsusWRT firmware, here's a script to compile rtl-entropy and its dependencies to run on AsusWRT. Haven't tried this yet, but I think it will work.
https://github.com/blackfuel/rtlentropy-arm-asuswrt

If you use tomatoware, here's a script to compile within that environment. The tomatoware uses a more modern Buildroot compared to AsusWRT.
https://github.com/blackfuel/rtlentropy-arm-tomatoware

The Entware-ng repo already has packages for libusb and rtl-sdr. Just need the rtl-entropy package now. ;)

Lastly, remember to short the antenna jack on your DVB-T tuner stick with a 75 Ohm resistor and put everything in a metal box.
 
Last edited:
Instead of a metal box, can we repurpose the tin foil hat ?
hahaha.....

Or an aluminum soda can, or tin/steel soup can, for the "metal box"?
ha!
 
It was actually RDSEED Based on a quick Google search, that one relies on thermal noise.

RDSEED is really new... Broadwell and later...

Anyways - I think folks worry too much about entropy these days... was a good discussion thread.. but at the same time, caused concerns that weren't really needed..
 
Is it possible to get rtl-entropy to run on Asuswrt-Merlin?
Yes, it works with a kernel backport of random.c from Linux 3.16.43. Otherwise, the rngd program quits unexpectedly when I test it.

Results for rngtest + rngd
Code:
# rtl_entropy -b
# rngd -r /var/run/rtl_entropy.fifo -W2000
# cat /dev/random | rngtest -c 2048
rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 40960032
rngtest: FIPS 140-2 successes: 2048
rngtest: FIPS 140-2 failures: 0
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 0
rngtest: FIPS 140-2(2001-10-10) Long run: 0
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=28.186; avg=757.796; max=4882812.500)Kibits/s
rngtest: FIPS tests speed: (min=1.838; avg=59.461; max=71.170)Mibits/s
rngtest: Program run time: 53455396 microseconds

Results for rngtest direct
Code:
# rtl_entropy -b
# cat /var/run/rtl_entropy.fifo | rngtest -c 2048
rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 40960032
rngtest: FIPS 140-2 successes: 2047
rngtest: FIPS 140-2 failures: 1
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 1
rngtest: FIPS 140-2(2001-10-10) Long run: 0
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=28.712; avg=2897.074; max=6510416.667)Kibits/s
rngtest: FIPS tests speed: (min=1.840; avg=62.982; max=72.800)Mibits/s
rngtest: Program run time: 15748515 microseconds

How to apply the kernel patch
cd ~/asuswrt-merlin
patch -p2 -i ~/asuswrt-arm-entropy-backport-3.16.43.patch



Disclaimer: I'm the YouTube guy who shows you how to make high explsovies: Don't ever try any of this stuff at home. It is for educational and entertainment purposes only.
 

Attachments

  • asuswrt-arm-entropy-backport-3.16.43.patch.txt
    292.1 KB · Views: 580
Last edited:
Similar threads
Thread starter Title Forum Replies Date
H DHCP server change Pool Starting Address Asuswrt-Merlin 4

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top