The first thing that jumps out is Sweden has a national identity system, BankID. The APIs appear to be protected using those credentials. With that in mind I have two questions:
1. Who owns the data?
2. Should public funds be used for the creation of private APIs that manage the data?
The answer to (1) has consequences for (2).
I think many HN readers, including myself, and certainly these parents would argue that the data is the property of the parents. If you see the data as being the property of the parents then you would see the APIs as being the means for retrieving and manipulating your data - data that's protected by this national BankID identification.
It appears the school system believes the data is their data, and not the parents' data. Therefore retrieving the data through any other means than the "official" app is a potential data breach.
So who is right? Think about the data we manage on behalf of our customers, for example. Who owns that data? What rights do our customers have in accessing and managing that data?
This is a really interesting case and hopefully will force the answer to these questions.
(I am Christian Landgren, cofounder of the project)
You are right, the city believes they have ownership of the data, mainly because they fail to understand that they aren’t showing data in an app, but rather publishing data in an API. In Swedish law, once you have released data from a government, the receiver have the right to do whatever they want with the that data (as long as it isn’t violating any other laws).
The city in this case is responsible to check that the data is safe to share publicly and once they have- the data is not theirs. This is regulated in the constitutional law regulating free speech which goes back to year 1766.
This means that they can’t really apply the same logic as a private company can when publishing data in their api. A private company can still keep license over what can be done with the data they publish. A city can not do that because of these constitutional laws.
I feel like focusing on who owns the data is unnecessary.
If there is an API that grants access to data by passing in a valid auth token, then it doesn’t matter if it’s called from a SPA app or postman or curl.
As long as you are using the public API and haven’t forged an auth token then it doesn’t matter how you call the public API.
> In some cases, people’s personal information could be accessed from Google searches.
SEO providers should take a note here.
> It warned parents to stop using the app and alleged that it might be illegally accessing people’s personal information
If your API allows data extraction, it probably isn't a fault of any client. Perhaps they meant that creators could steal credentials. A problem with any software.
I think this digital child managing system sounds moderately dystopian to be honest. I would have hated to give my parents access to anything like this. Kids will of course learn from how their parents behave...
An open API is a must in my opinion, but the rest of the App should be open source too.
That said, I don't really see the Swedish strategy as a model for other countries to follow. You don't need to give children chromebooks to learn. These are skills they have already mastered far better than their parents. They will learn about domain specific apps and there are indeed some really good ones, but such platform can also limit creativity because they are essentially sandpits. Depending on age that might be appropriate, but kids may have greater ambitions than their parents.
"I think this digital child managing system sounds moderately dystopian to be honest"
I disagree, I have 2 kids in elementary school and it is very useful to be able to look up what the kids have scheduled for the day to determine what to dress them in, see what's for lunch and if I need to pack them something if they won't like the available option. Most importantly though its very helpful to look up what homework / tests are due as the kids tend to not manage this so well themselves. It also allows me to check their grades. Its not so much a "child managing system" as a way for the parents to be empowered to ensure their kids are doing well and what is going on in their school lives. As a parent, my kids are my responsibility, any tool I can use to be better at that is a good thing.
> I think this digital child managing system sounds moderately dystopian to be honest.
I think you misunderstand the point of the system. It's much more mundane than that. The system just replaces paper notices going home with kids and getting lost in their book bags, looking phone numbers to report you child out sick, etc. It's not brave new world, it's simply replacing paper and phone tasks with an app.
> I think this digital child managing system sounds moderately dystopian to be honest.
A lot of the reactions and rebuttals to this comment are from HN childless people, whose perspective is their memory of being a child age 12-17, talking past HN people with children, whose perspective is about their kids age 5-12. At one end of the range you are educating about drugs and sex and good decisions, on the other end of the range you are worried about clean butts and walking across busy streets.
The method of CREATING an older child who can be an independent and functional adult is by "MICROMANAGING" early-on so they develop good habits (especially good habits of independence!). And I am a Montessori parent which is fairly radical compared to the normal US system.
This is all information that the parent would have anyway. Lunch isn't private information, the curriculum isn't private information, tests and homework as well isn't private, its just that it was all a shit ton of minutia that typically didn't get memorized by any individual.
Part of being a parent is helping your child navigate and learn about the world. Having this sort of information - what are the details about what this institution is offering on a daily basis - sounds invaluable.
> I think this digital child managing system sounds moderately dystopian to be honest. I would have hated to give my parents access to anything like this. Kids will of course learn from how their parents behave...
I don't really disagree but we are in an era where children's academic outcomes are based entirely on parental involvement. Scratch any surface of any under-performer lightly and the cry will go up "The schools can't be blamed for poor parenting!"
I think we rarely acknowledge that this is a recent development. Ask most Gen-Xers ( me ), ask boomers, ask greatest generationers if you know any. "How involved were your parents in your schoolwork?". You'll probably get a blank stare - "None?".
I suspect it started with the "Asians are going to beat us" panic from the 80s. They were killing us in math scores and if we weren't careful we'd all be working for them someday. In retrospect the danger was exaggerated.
Now, however, heavy parental involvement is required for kids to succeed. If the kids don't finish their homework - could it be that they are getting to much homework? Nah, it must be bad parents. If they can't pass the tests, could it be their teachers have not prepared them? Nope - the parents should have been spending their evenings going though flash cards.
It only exacerbates the difference between that haves and have nots. If you don't have a parent who can devote time every day to overseeing your education, you're out of luck.
Every edutech platform I've ever had to use (UK, with 3 kids going through school) is an abomination, the whole sector needs disrupting. My current nemesis is Iris Parentmail [0], a convoluted jumble of javascript that presents the user with a challenge - try to read the apparently important message the school has sent you before Parentmail crashes your browser. If the message is particularly long, then there's an end of level boss where you have to try to read the whole thing before the laptop gives you third degree burns. HNers, please, disrupt the hell out of this sector because it's nothing but chancers, consultants and chancer consultants.
Why aren't you equally as mad at the personnel at your child's school? It's one thing for a national or semi-national rollout of broken enterprise junk, it's another thing for your child's instructor to go along and demand that you use this broken system instead of providing reasonable affordances (e.g. low-tech, paper-based notices/forms that get sent home with your kid).
For that matter, how do your school systems handle the situation where no one in the household is able or willing to install the damn thing because e.g. you don't own an iOS or Android device, or you have no smartphone at all? Is there an actual legal requirement for you to contribute on an ongoing basis to the bottom-line of select tech companies like Apple and Google in order to participate in public life—as if it's on par with the necessity to pay for e.g. renewing your government-issued ID?
Ah the joy of public procurement in Sweden. It's basically an extremely long requirement gathering process where the company the can promise the most for the least amount of money wins. Only problem is that the people ordering this are not the users and they just want to cover their backs, meaning that behemoths usually win because they're more trustworthy.
I was in edu-tech world for a while in Sweden. The most frustrating thing is that even if you have a good product that your users enjoy you will fail because you can't sell it to individual schools. You have to sell it to all the schools in the entire county, which just means that some giant actor will swoop in promise the world for a dollar and then we have this.
The silliest part of the story is that Stockholm decided to build their own system, mostly because of dick-swinging reasons, because the actual needs of schoolchildren and parents across the country aren't that different!
It should be perfectly possible to have the same underlying system across the entire country.
And in a perfect world, there would be some kind of common API for all schools, and a competing app ecosystem where parents and teachers and children can pick the one they like the best.
> The platform is a complex system that’s made up of three different parts, containing 18 individual modules that are maintained by five external companies. The sprawling system is used by 600 preschools and 177 schools, with separate logins for every teacher, student, and parent. The only problem? It doesn’t work.
> The Skolplattform, which has cost more than 1 billion Swedish Krona, SEK, ($117 million), has failed to match its initial ambition.
So JIRA for Schools failed. It's a top down system, where people on top decide to solve problems for all people below, without really knowing how to solve it, or what the problem even is. And then contractors get involved.
People are willing to put up with this if you can press them, e.g. they are at work, they are in the army etc. so they have to put up with it, but it's not going to work for anything else. It attempts to solve everything for everyone, where it's questionable if most of these things are even worth solving. E.g. from the article, what is somebody's child doing in school, what do they need in gym class. You might just ask them, no? There are quarterly or so meetings with the teacher to discuss things, progress, problems? The problem is not that the menus are convoluted, but that maybe most of this stuff is not worth categorizing, not worth having an UI other than a piece of paper.
What is particularly insulting is the needless API/URL changes made in the official app in order to sabotage the efforts of the parents.
The Google Play listing should have had a "Mismanagement Count" prominently displayed that incremented every time this happened. The log, and the time spent, should be in court.
The parents decided to build this front end for free. They did not decide to play hide and seek with the interfaces, and for this they deserve compensation.
So an app for schoolkids is a really good idea. In France the app is built by the (semi-public) post office, it's called "kidscare". teachers can upload photos live, you can set who is allowed to pick up your kids, you can send a notification if your kid is sick etc... not the slickest or most stable app, but miles better than using whatsapp
Its difficult to evaluate the value of the info, if no one can find it because its buried in menus then yes it is useless but that doesn't mean it cant be useful, in general if its worth printing its worth putting on your website.
I don't get the point of non web apps because usually they are just a subset of the website.
Rather its that the goverment funded development resulted in a bad product. People reimplementing it in a their spare time resulted in an even better product.
Even before the open app came along, people found enormous security holes in the system, because they were essentially operating with security-by-obscurity. It was super embarrassing for the city, they had to close the system for days while fixing it.
The official system has a mobile app, where it takes effort to figure out the API, and a SPA web app, where it is absolutely trivial to see which endpoints it is hitting and how.
And the ridiculousness of the city's defense that it's not open is made greater by the fact that if they had made an open API from the start, security should have been baked in from the start, which means they would have avoided embarrassing security incidents along the way. They already have all the components needed for a proper, public API. They're so close, and yet they're insisting that it's private, and that it's illegal to access their private API.
> To do so, the city struck a deal with an external provider that will be able to set up licenses between Öppna Skolplattformen and the city. “With this solution, the City of Stockholm can guarantee that personal data is handled in a correct and secure way, while parents can take part in the market’s digital tools in their everyday lives”
Licensing does nothing to guarantee that your systems are secure, and the overall law is what enforces the correct handling of personal data by outside parties. But in this paper pusher's head, anything she cannot control through a contract must be a threat. And so she will spend public money wielding the police department against individuals actually building stuff, to force them into signing her safety blanket of a contract.
In 2021, it behooves us to remember that this type of gatekeeper used to be in control of nearly every technology organization - empty suits who knew nothing technical, thinking security is about checking off certifications and qualifications. It was a rare gem to find someone with a clue who held enough organizational pull to set policy.
I remember having a meeting with the head of the campus network at my university, who was concerned about me running Linux on my own machine. He just couldn't understand the point of Linux - he could never trust it because "there is no one to sue". As if suing Microsoft would have ever been a sensible path. But that was his worldview - how do you think he responded to security reports?
But the thing that we need to realize in 2021 is that it's not like these people just left and found honest jobs - their existence was eclipsed by the much larger technical-first community. They're still out there, controlling their little fiefdoms, reacting in the same destructive ways to stop themselves from looking "bad". And with the calcification of technology, they might even be poised for a comeback.
Open APIs is what we need because too many programs are badly designed. Unfortunately, the API may also be badly designed, but sometimes it is OK. Designing the open API may also avoid the data breach due to making less likely that the design is not designed in the way to cause such a breach, I should expect.
User interfaces seem bad enough that I think it might be better to design the API primarily and even only the API; you can then just use that. If it is simple enough, it can be used from command-line interfaces, and others, easily enough if a protocol is designed well enough to support such multiple uses in a simple way. (It can even make the form automatically too, with the user's display settings rather than using the form author's CSS or whatever.)
However, they also should not require schools to use such a app, especially to require one of their locked systems only. You can do education without it, too. That doesn't mean such a system is useless (you can use it if you find it useful), only that it is possible to work without it, too. They didn't used to have such a app in the school and shouldn't require it now either; it can be voluntary.
This is not a story about failure - it's common and unremarcable both in government and corporate.
This story is amazing because it shows society at it's best, people got together organised and resolved a common problem.
They did this without corporate or government power structures. We should remember importance of this third institution and cherish it, it gets little lime in the limelight, and it's the most precious of them all.
Government should learn from that self organized teams who work for passion build better software. Authoritarian dictators mandating a poor solution vs self lead, self organized, committed parents building a piece of software they will instantly dogfood.
I agree with the main point of your comment but calling the people trying to shut this down “authoritarian dictators” erodes the meaning of the phrase.
It would be interesting to know what contractor delivered the original $120m mess, and actively sabotaged open source efforts. The combination of large budget and terrible result suggest some of the very large contractors used to doing work for fortune 500 companies.
It isn’t only grass roots amateurs who fail at this. Once upon a time, there was a medium sized org in a galaxy sized company, that set out to make a Moodle/Blackboard-like, but for all ages, and “cool” (like they knew what that was). The designers were teachers, and the VP was a former god damned state superintendent of schools. Seems like they should have known better. When the time came to shop around for a test site, it quickly became apparent that the app was sort of inherently illegal, and even if it were not, there was no chance of it getting past the bureaucracy. The VP was fired, and the whole org was absorbed into other parts of the company.
It’s a government system. Of course it’s shit. When private systems are shit, they die. When gov systems are shit they attract more funding.
The simple dynamic of negative monetary feedback for shitness in private enterprise and positive monetary feedback for shitness in government determines this entirely.
In high school I reverse engineered my school grading system portal (Skyward) and made an app to help me prioritize assignments by their impact on my GPA. In the process I found that there were almost no permissions enforced. I made a typo in my user id number in a python test script and boom there was someone else's transcript! I set up a meeting with my principal and after much shade being thrown by the school district I proved to them it was a legit issue.
[+] [-] taylodl|4 years ago|reply
1. Who owns the data?
2. Should public funds be used for the creation of private APIs that manage the data?
The answer to (1) has consequences for (2).
I think many HN readers, including myself, and certainly these parents would argue that the data is the property of the parents. If you see the data as being the property of the parents then you would see the APIs as being the means for retrieving and manipulating your data - data that's protected by this national BankID identification.
It appears the school system believes the data is their data, and not the parents' data. Therefore retrieving the data through any other means than the "official" app is a potential data breach.
So who is right? Think about the data we manage on behalf of our customers, for example. Who owns that data? What rights do our customers have in accessing and managing that data?
This is a really interesting case and hopefully will force the answer to these questions.
[+] [-] urvader|4 years ago|reply
You are right, the city believes they have ownership of the data, mainly because they fail to understand that they aren’t showing data in an app, but rather publishing data in an API. In Swedish law, once you have released data from a government, the receiver have the right to do whatever they want with the that data (as long as it isn’t violating any other laws).
The city in this case is responsible to check that the data is safe to share publicly and once they have- the data is not theirs. This is regulated in the constitutional law regulating free speech which goes back to year 1766.
This means that they can’t really apply the same logic as a private company can when publishing data in their api. A private company can still keep license over what can be done with the data they publish. A city can not do that because of these constitutional laws.
[+] [-] kiklion|4 years ago|reply
If there is an API that grants access to data by passing in a valid auth token, then it doesn’t matter if it’s called from a SPA app or postman or curl.
As long as you are using the public API and haven’t forged an auth token then it doesn’t matter how you call the public API.
[+] [-] cerved|4 years ago|reply
[+] [-] datavirtue|4 years ago|reply
[+] [-] raxxorrax|4 years ago|reply
SEO providers should take a note here.
> It warned parents to stop using the app and alleged that it might be illegally accessing people’s personal information
If your API allows data extraction, it probably isn't a fault of any client. Perhaps they meant that creators could steal credentials. A problem with any software.
I think this digital child managing system sounds moderately dystopian to be honest. I would have hated to give my parents access to anything like this. Kids will of course learn from how their parents behave...
An open API is a must in my opinion, but the rest of the App should be open source too.
That said, I don't really see the Swedish strategy as a model for other countries to follow. You don't need to give children chromebooks to learn. These are skills they have already mastered far better than their parents. They will learn about domain specific apps and there are indeed some really good ones, but such platform can also limit creativity because they are essentially sandpits. Depending on age that might be appropriate, but kids may have greater ambitions than their parents.
[+] [-] wonderwonder|4 years ago|reply
[+] [-] JackFr|4 years ago|reply
I think you misunderstand the point of the system. It's much more mundane than that. The system just replaces paper notices going home with kids and getting lost in their book bags, looking phone numbers to report you child out sick, etc. It's not brave new world, it's simply replacing paper and phone tasks with an app.
[+] [-] beyondzero|4 years ago|reply
A lot of the reactions and rebuttals to this comment are from HN childless people, whose perspective is their memory of being a child age 12-17, talking past HN people with children, whose perspective is about their kids age 5-12. At one end of the range you are educating about drugs and sex and good decisions, on the other end of the range you are worried about clean butts and walking across busy streets.
The method of CREATING an older child who can be an independent and functional adult is by "MICROMANAGING" early-on so they develop good habits (especially good habits of independence!). And I am a Montessori parent which is fairly radical compared to the normal US system.
[+] [-] striking|4 years ago|reply
[+] [-] burnished|4 years ago|reply
Part of being a parent is helping your child navigate and learn about the world. Having this sort of information - what are the details about what this institution is offering on a daily basis - sounds invaluable.
[+] [-] nineplay|4 years ago|reply
I don't really disagree but we are in an era where children's academic outcomes are based entirely on parental involvement. Scratch any surface of any under-performer lightly and the cry will go up "The schools can't be blamed for poor parenting!"
I think we rarely acknowledge that this is a recent development. Ask most Gen-Xers ( me ), ask boomers, ask greatest generationers if you know any. "How involved were your parents in your schoolwork?". You'll probably get a blank stare - "None?".
I suspect it started with the "Asians are going to beat us" panic from the 80s. They were killing us in math scores and if we weren't careful we'd all be working for them someday. In retrospect the danger was exaggerated.
Now, however, heavy parental involvement is required for kids to succeed. If the kids don't finish their homework - could it be that they are getting to much homework? Nah, it must be bad parents. If they can't pass the tests, could it be their teachers have not prepared them? Nope - the parents should have been spending their evenings going though flash cards.
It only exacerbates the difference between that haves and have nots. If you don't have a parent who can devote time every day to overseeing your education, you're out of luck.
[+] [-] drcongo|4 years ago|reply
[0] https://www.iris.co.uk/education/engagement-suite/iris-paren...
[+] [-] pwdisswordfish8|4 years ago|reply
Why aren't you equally as mad at the personnel at your child's school? It's one thing for a national or semi-national rollout of broken enterprise junk, it's another thing for your child's instructor to go along and demand that you use this broken system instead of providing reasonable affordances (e.g. low-tech, paper-based notices/forms that get sent home with your kid).
For that matter, how do your school systems handle the situation where no one in the household is able or willing to install the damn thing because e.g. you don't own an iOS or Android device, or you have no smartphone at all? Is there an actual legal requirement for you to contribute on an ongoing basis to the bottom-line of select tech companies like Apple and Google in order to participate in public life—as if it's on par with the necessity to pay for e.g. renewing your government-issued ID?
[+] [-] sosborn|4 years ago|reply
[+] [-] ess3|4 years ago|reply
I was in edu-tech world for a while in Sweden. The most frustrating thing is that even if you have a good product that your users enjoy you will fail because you can't sell it to individual schools. You have to sell it to all the schools in the entire county, which just means that some giant actor will swoop in promise the world for a dollar and then we have this.
[+] [-] henrikschroder|4 years ago|reply
It should be perfectly possible to have the same underlying system across the entire country.
And in a perfect world, there would be some kind of common API for all schools, and a competing app ecosystem where parents and teachers and children can pick the one they like the best.
[+] [-] locallost|4 years ago|reply
So JIRA for Schools failed. It's a top down system, where people on top decide to solve problems for all people below, without really knowing how to solve it, or what the problem even is. And then contractors get involved.
People are willing to put up with this if you can press them, e.g. they are at work, they are in the army etc. so they have to put up with it, but it's not going to work for anything else. It attempts to solve everything for everyone, where it's questionable if most of these things are even worth solving. E.g. from the article, what is somebody's child doing in school, what do they need in gym class. You might just ask them, no? There are quarterly or so meetings with the teacher to discuss things, progress, problems? The problem is not that the menus are convoluted, but that maybe most of this stuff is not worth categorizing, not worth having an UI other than a piece of paper.
[+] [-] chasil|4 years ago|reply
The Google Play listing should have had a "Mismanagement Count" prominently displayed that incremented every time this happened. The log, and the time spent, should be in court.
The parents decided to build this front end for free. They did not decide to play hide and seek with the interfaces, and for this they deserve compensation.
[+] [-] namdnay|4 years ago|reply
[+] [-] dangerface|4 years ago|reply
I don't get the point of non web apps because usually they are just a subset of the website.
[+] [-] Entalpi|4 years ago|reply
[+] [-] JackFr|4 years ago|reply
Sure you do. You just don't know it yet.
[+] [-] tantalor|4 years ago|reply
JackFr's law: With sufficiently angered users of a private API, they will build an better, open API around it.
[+] [-] henrikschroder|4 years ago|reply
The official system has a mobile app, where it takes effort to figure out the API, and a SPA web app, where it is absolutely trivial to see which endpoints it is hitting and how.
And the ridiculousness of the city's defense that it's not open is made greater by the fact that if they had made an open API from the start, security should have been baked in from the start, which means they would have avoided embarrassing security incidents along the way. They already have all the components needed for a proper, public API. They're so close, and yet they're insisting that it's private, and that it's illegal to access their private API.
[+] [-] moffkalast|4 years ago|reply
[+] [-] petermcneeley|4 years ago|reply
[+] [-] abnry|4 years ago|reply
[+] [-] assbuttbuttass|4 years ago|reply
[+] [-] mindslight|4 years ago|reply
Licensing does nothing to guarantee that your systems are secure, and the overall law is what enforces the correct handling of personal data by outside parties. But in this paper pusher's head, anything she cannot control through a contract must be a threat. And so she will spend public money wielding the police department against individuals actually building stuff, to force them into signing her safety blanket of a contract.
In 2021, it behooves us to remember that this type of gatekeeper used to be in control of nearly every technology organization - empty suits who knew nothing technical, thinking security is about checking off certifications and qualifications. It was a rare gem to find someone with a clue who held enough organizational pull to set policy.
I remember having a meeting with the head of the campus network at my university, who was concerned about me running Linux on my own machine. He just couldn't understand the point of Linux - he could never trust it because "there is no one to sue". As if suing Microsoft would have ever been a sensible path. But that was his worldview - how do you think he responded to security reports?
But the thing that we need to realize in 2021 is that it's not like these people just left and found honest jobs - their existence was eclipsed by the much larger technical-first community. They're still out there, controlling their little fiefdoms, reacting in the same destructive ways to stop themselves from looking "bad". And with the calcification of technology, they might even be poised for a comeback.
[+] [-] tm-guimaraes|4 years ago|reply
Well, I guess enterprises can just "buy" linux from RedHat/Suse and get some corp to sue.
[+] [-] zzo38computer|4 years ago|reply
User interfaces seem bad enough that I think it might be better to design the API primarily and even only the API; you can then just use that. If it is simple enough, it can be used from command-line interfaces, and others, easily enough if a protocol is designed well enough to support such multiple uses in a simple way. (It can even make the form automatically too, with the user's display settings rather than using the form author's CSS or whatever.)
However, they also should not require schools to use such a app, especially to require one of their locked systems only. You can do education without it, too. That doesn't mean such a system is useless (you can use it if you find it useful), only that it is possible to work without it, too. They didn't used to have such a app in the school and shouldn't require it now either; it can be voluntary.
[+] [-] ClumsyPilot|4 years ago|reply
This story is amazing because it shows society at it's best, people got together organised and resolved a common problem.
They did this without corporate or government power structures. We should remember importance of this third institution and cherish it, it gets little lime in the limelight, and it's the most precious of them all.
[+] [-] literallyaduck|4 years ago|reply
[+] [-] enumjorge|4 years ago|reply
[+] [-] dylan604|4 years ago|reply
[+] [-] GhettoComputers|4 years ago|reply
Why are the defending their own poor quality program? Do they want Sweden to fail?
[+] [-] aenis|4 years ago|reply
Shame on those who work there.
[+] [-] kakoni|4 years ago|reply
[1] https://axbom.se/oppna-skolplattformen-stockholm/
[+] [-] yummybear|4 years ago|reply
[+] [-] psyc|4 years ago|reply
[+] [-] ed25519FUUU|4 years ago|reply
[+] [-] renewiltord|4 years ago|reply
The simple dynamic of negative monetary feedback for shitness in private enterprise and positive monetary feedback for shitness in government determines this entirely.
[+] [-] madmod|4 years ago|reply
[+] [-] teawrecks|4 years ago|reply
If that is possible, then your API is at fault. Period.
[+] [-] mvarrieur|4 years ago|reply