Slashdot Mirror
IEEE Launches Anti-malware Services To Improve Security
New submitter Aryeh Goretsky writes: The IEEE Standards Assocation has launched an Anti-Malware Support Service to help the computer security industry respond more quickly to malware. The first two services available are a Clean file Metadata Exchange (PDF), to help prevent false positives in anti-malware software, and a Taggant System (PDF) to help prevent software packers from being abused. Official announcement is available at the offical website."
I can't get the linked PDF to load
This probably isn't the same thing, but it explains what they're trying to do and why
https://media.blackhat.com/bh-us-11/Kennedy/BH_US_11_KennedyMuttik_IEEE_Slides.pdf
[Fuck Beta]
o0t!
It seems like all the really good anti-malware stuff only supports Windows.
Official announcement is officially available at the official website* - FTFY
Sigger than your average
#cyberoam cyberoam güvenlik te üstün koruma hizmei ile dünyada ve türkiyede lider firmalarndandr. kaynak:http://www.cyberoam.web.tr
My head is defective. I always see "IEEE" and transform it into "Internet Explorer Enterprise Edition". Makes me cringe every time.
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
By "prevention is the best medicine" & "what you can't touch you can't be burnt by" (it blocks sources of malicious content w/ absolutely current data from the security community):
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?o...
(Details of benefits in link)
Summary:
---
A.) Hosts do more than:
1.) AdBlock ("souled-out" 2 Google/Crippled by default)
2.) Ghostery (Advertiser owned) - "Fox guards henhouse"
3.) Request Policy -> http://yro.slashdot.org/commen...
B.) Hosts add reliability vs. downed/redirected dns (& overcome redirects on sites, /. beta as an example).
C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity/room 4 breakdown,
D.) Hosts files yield more:
1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed or Kaminsky redirect vulnerable dns, 99% = unpatched vs. it & worst @ isp level + weak vs Fastflux + dynamic dns botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).
---
* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) by filtering the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).
* Addons = more complex + slow browsers in message passing (use a few concurrently & see) & are nullified by native browser methods - how Clarityray is destroying Adblock.
* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption too + hugely excessive cpu use (4++gb extra in FireFox https://blog.mozilla.org/nneth...)
Work w/ a native kernelmode part - hosts files (An integrated part of the ip stack)
APK
P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"
...apk
CMX Consumer and/or Taggant SSV (price US $8,000.00)
Access to CMX for 1 year
Access to Taggant System IEEE Public Root Key, and blacklist for one year
http://standards.ieee.org/deve...
Most TI vendors at least offer some free feeds to suggest they have valuable content before asking you to pay up. Adoption of this new service isn't going to very good if no one can try it out/use it for free. *shrug*
<script>alert("I never liked JavaScript, really; it just seemed a bad idea.");</script>
I use a technique (packed .exe files & testing size (or CRC32) @ app startup vs. viral infestation) that creating UNPACKERS will fuck up (was modded up for it here on /. YEARS ago in fact) -> CODING FOR DEFCON (my compressed/packed exe + sizecheck @ startup technique): 2005 -> http://it.slashdot.org/comment...
Thus, I KNOW it's UTTER BULLSHIT to create antivirus rules based on packed executables as well (& yes, I've been 'flagged' falsely for it, & had the likes of Norton/Symantec, McAfee, Comodo, ClamAV, ArcaVir + others per the JOTTI & VirusTotal online tests RESCIND & REVERSE their findings also...)
Yes - You CAN do that technique using non-packed exe's - HOWEVER - packed .exe files are HARDER to disassemble (acting as security itself).
* Just goes to show you that the "experts" aren't as "expert" as they *may* think themselves to be, if "lil' ole' me" can knock them onto their asses for b.s. rules (so they can show more 'findings' than their competitors albeit on bullshit grounds)!
APK
P.S.=> Especially considering that SYMANTEC even ADMITTED RECENTLY their antivirus products ARE ONLY "55% EFFECTIVE" no less... Which makes sense:
MOST of where you'll be infected nowadays COMES FROM THE WEB!
I have something better, that's NOT "reactive" technology & thus, inferior, acting "after the fact" when you've been infected/infested & you already HAVE it natively!
I stop it, BEFORE it can occur -> http://it.slashdot.org/comment..., & it uses the most efficient mechanism you already have vs. redundant inefficient "so-called 'competition'" in browser addons + even secures vs. DNS redirect security faults!
(By not bolting on more, which Mr. Spafford (Morris Worm disassembler) even recommends - Don't bolt on "more" with more complexity & bugs in it since it's not proven - shore up & SECURE using what you have http://it.slashdot.org/comment... )
... apk
The Six Dumbest Ideas in Computer Security
That extends to our esteemed article submitter as well (ESET = Aryeh Goretsky)...
Now THAT?
That should he choose to take it, would be an INTERESTING (& possibly challenging for me) "something to see" here!
Don't you ALL agree? Wouldn't be some "1st" for me either, but one that would give me a possible "run for my money"...
* :)
(HOWEVER - I don't *think* he's dumb enough to take a challenge like that, especially since I use nothing but FACT & TRUTH to back me (as well as valid results)).
Plus, I admittedly respect his ware (for an antivirus that is, since it's my fav. of the lot & I've been a licensed user of his stuff - a credit to his design, as I don't pick shitware to use, ever... being a coder myself since 1983 (professionally since 1994), I can spot good stuff...)
Still - challenge stands, even to "Mr. G"... why am I being so bold to do this? OFFENSE, is the BEST DEFENSE (& taking on Goliaths & winning IS MY MIDDLE NAME, lol)... that's a compliment to him, by the way. Where'd I learn that premise? Being a lettering NCAA athlete for a national champ in the sport of Lacrosse on the collegiate level + 1st learning the game @ a national decades long champ @ the highschool level, West Genesee). It's a great philosophy, but challenging to live up to "backing up your bluster" but when you overcome the opposition, fairly? There is NOTHING like it.
APK
P.S.=> Nice to see a fellow "do-gooder" submitting @ /. too by the way, IF You read this Aryeh Goretsky (assuming you're a member of the slavic tribes as well, on a side note - as am I) - we're the BEST! apk
"Prevention is the best medicine" & "What you can't touch, can't hurt you" (or talk back to C&C servers as in botnets) -> http://it.slashdot.org/comment...
* I'll take on ANY 'comers'/naysayers on that account, gladly... &, I'll win - so "bring it on" boys - I've already FLOORED the "big boys" in the security world on it as well -> http://it.slashdot.org/comment...
albeit, on different grounds (that actually FIT this article's premise no less).
(I always do - & the past oh, 3-4 months now, even THEY have stopped trying... as I've absolutely TOTALLY floored them all here using FACTS (there's no disputing truth), + my "so-called 'competition'" in browser addons that don't do a FRACTION of what custom host files for added speed, security, reliability, & anonymity (more efficiently by FAR as well) & also shoring up DNS redirect security issues as well (bonus) via the single file native to your system already resulting cross-platform output of my program produces - hosts...).
LASTLY (to the downmodding weasels vainly & effetely *trying* to "hide this" befpre via technically unjustifiable downmods here http://it.slashdot.org/comment... , since they're clearly unable to dispute AND VALIDLY DISPROVE my points or take my challenge?):
My points are clearly inviolate & you downmodded them here before since you can't take me on, mano-a-mano, like the weasels you are: No biggie - I'll just post & REPOST it again, just as I have now, simply exhausting you of those moderations points you abuse, & then it gets out anyhow & others see it... lol, you FAIL, trolls (& you KNOW it)...
APK
P.S.=> They don't call me "the 'Lord of HOSTS'" for nothing (just kidding on that one though)... apk
That extends to our esteemed article submitter as well (ESET = Aryeh Goretsky)...
Now THAT?
That should he choose to take it, would be an INTERESTING (& possibly challenging for me) "something to see" here!
Don't you ALL agree? Wouldn't be some "1st" for me either, but one that would give me a possible "run for my money"...
* :)
(HOWEVER - I honestly don't *think* he's dumb enough to take a challenge like that, especially since I use nothing but FACT & TRUTH to back me (as well as valid results)).
Plus, I admittedly respect his ware (for an antivirus that is, since it's my fav. of the lot & I've been a licensed user of his stuff - a credit to his design, as I don't pick shitware to use, ever... being a coder myself since 1983 (professionally since 1994), I can spot good stuff...)
Still - challenge stands, even to "Mr. G"... why am I being so bold to do this? OFFENSE, is the BEST DEFENSE (& taking on Goliaths & winning IS MY MIDDLE NAME, lol)... that's a compliment to him, by the way. Where'd I learn that premise? Being a lettering NCAA athlete for a national champ in the sport of Lacrosse on the collegiate level + 1st learning the game @ a national decades long champ @ the highschool level, West Genesee). It's a great philosophy, but challenging to live up to "backing up your bluster" but when you overcome the opposition, fairly? There is NOTHING like it.
APK
P.S.=> Nice to see a fellow "do-gooder" submitting @ /. too by the way, IF You read this Aryeh Goretsky (assuming you're a member of the slavic tribes as well, on a side note - as am I) - we're the BEST! apk
Evidently it's not good. All you've done was run from a challenge trying to hide it here http://it.slashdot.org/comment... using unjustifiable downmods to try hide it without disproving its technical points validly
Proactively blocking known sources of infection (for more speed, security, reliability, + anonymity, more efficiently than addons & shores up DNS redirect issues):
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?o...
(Details of benefits in link)
Summary:
---
A.) Hosts do more than:
1.) AdBlock ("souled-out" 2 Google/Crippled by default)
2.) Ghostery (Advertiser owned) - "Fox guards henhouse"
3.) Request Policy -> http://yro.slashdot.org/commen...
B.) Hosts add reliability vs. downed/redirected dns (& overcome redirects on sites, /. beta as an example).
C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity/room 4 breakdown,
D.) Hosts files yield more:
1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed or Kaminsky redirect vulnerable dns, 99% = unpatched vs. it & worst @ isp level + weak vs Fastflux + dynamic dns botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).
---
* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).
* Addons = more complex + slow browsers in message passing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray is destroying Adblock.
* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption too + hugely excessive cpu use (4++gb extra in FireFox https://blog.mozilla.org/nneth...)
Work w/ a native kernelmode part - hosts files (An integrated part of the ip stack)
APK
P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"
...apk
Network operating systems such as Linux take a different approach from the Windows line of disk operating systems. You CAN get some Windows-style anti-malware stuff for Linux or Mac, but it's main use is to scan emails on the server in order to protect the Windows clients. To protect the Linux/BSD/Mac systems, we take the opposite approach. Not anti-malware, loading up another 75,000 virus signatures to try in vain to identify the bad stuff, but a pro-goodware approach, identifying the 20 or so programs that are supposed to be running. An excellent example of this is Tripwire http://sourceforge.net/project... . One primary function of Tripwire is that is does a scan of your system before anything bad happens, hopefully when you first set up the system, and it catalogs which files are supposed to be there. Then when it does it's nightly run it doesn't try to figure out if any of the files are malware, it looks for anything that has changed from the day before. My computer should be the same today as it was yesterday, except for some emails and logs, so any new files are suspect. Any new programs running is definitely suspect. The first few days that you run Tripwire or another IDS it'll catch some things that legitimately change from day to day. You set it not to alert you to that stuff that's normal. I'd leave it where it still tells you about new programs that show up - though installing software is "normal", I don't install new stuff every day so I don't mind being alerted to the fact.
An IDS like Tripwire is just one example of the different approach. Another example, which Windows is starting to emulate now, is that normally on Linux nothing is allowed to come in from the network except what you specifically allow. Some think that works better than intensively scrutinizing everything that comes in and trying to identify the bad stuff.
http://it.slashdot.org/comment... and http://it.slashdot.org/comment... for the heck of it, please comment on them...
* Again, per my subject-line above - thanks!
(I wasn't sure if you'd comment in this, you have though, so... there we are!)
APK
P.S.=> This isn't for confrontation with you directly, OR to "offend you" - FAR from it in fact (as I was impressed with your AntiVirus work with ESET, my favorite in 32 + 64 bit in fact, for antivirus programs, that is - they're just not that effective anymore (malware makers in general are more clever now, & the threats are MORE 'webbound' than say, traditional exe bound nowadays, what with Symantec/Norton ADMITTING LITERALLY to being only "55% effective" nowadays too, for example -> http://it.slashdot.org/story/1... ) - it's to see your thoughts on what I wrote... apk
YOUR thoughts on this are especially appreciated -> http://it.slashdot.org/comment...
* :)
(In addition to my points in my other 2 links I posted to you...)
Thank-You!
Sincerely,
APK
P.S.=> It's important to me to get your "point-of-view" on my points in the link above, MOST of all... apk
While I'm admittedly not an expert in cryptography or trusted computing schemes in general, I don't see how this differs on a technical level from numerous other code-signing schemes with a central certificate authority (CA) (and its chain of delegations) blessing "good" code and revoking such blessings. Well known examples include Securicode / Windows Driver Signing, the anti-consumer bits of UEFI, etc. Can anyone shed some further light on how this is different?
As with other such systems, it assumes the existence of a benevolent authority that cannot be hacked, the cooperation of all packer vendors, the cooperation of all packer *users* (who are not malware authors)... and all packer users who *are* malware authors never hearing of it.
The only main difference I can see (and its potential downfall for its purpose) is that end-users don't pay for certificates. While that's great for end-users (driver signature enforcement in x64 Windows versions is pretty close to extortion IMO), this seems to break down for any packers that are not a licensed commercial product where an explicit, one-on-one packer-vendor to packer-user relationship exists. This excludes any freeware and open-source packers*, where any schmuck can just download and run it (and even modify it) without key exchanges or other communication with its author.
Conversely, if any old schmuck can obtain a fresh signature at any time ("it's free!"), what's to stop any old schmuck from doing exactly that? The stipulations that the system is free to both end-users and packer vendors, bankrolled entirely by A/V vendors out of the goodness of their hearts, suggests any background-checking that occurs as a condition of generating a signature can't be very exhaustive.
* While the IEEE materials refer to the proof-of-concept running on "a modified version of UPX", a well-known F/OSS packer, this almost certainly has to do with the ability to quickly bodge this feature in due to easy source code access, and very little to do with whether the actual author of UPX is complicit in or aware of the system, or whether this scenario can possibly work in the real-world for open-source packers with anonymous downloads.
Caveat Emptor is not a business model.
"Another example, which Windows is starting to emulate now, is that normally on Linux nothing is allowed to come in from the network except what you specifically allow" - by raymorris (2726007) on Wednesday July 02, 2014 @02:53PM (#47370929)
Whitelisting on Windows7's doable & for a LONG time now http://lifehacker.com/5442636/... not "just starting to be emulated" like you said - it's been doable since Windows7's inception (over 5++ yrs. now).
APK
P.S.=> Also, get a set of BALLS for once instead of being an evasive coward (downmodding my posts confronting you like you did in 2013, yes, on hosts files efficacy) & disprove my points on hosts validly, here -> http://it.slashdot.org/comment...
OR,
Do I have to post the literally DOZEN times you evaded it & downmodded it as well?
(Also - please: DO NOT EVEN *TRY* TO FEED ME A LINE THAT "I can't downmod a post I posted in already", or I will shoot you down on THAT also with EXACTLY how it's done here with sockpuppets, or downmod/logout, & state cookie manipulations here too)... apk
Is a technically unjustifiable downmod "the best you got", blowhard raymorris? Apparently so.
Additionally: Don't even *try* to tell us "You can't downmod in a post you've already posted in" bullshit either - that's EASILY done using sockpuppet alternate accounts here (I've busted quite a few idiots here doing it, you're just another deceitful worm that does also), or downmodding, logging out of your registered 'luser' account here, & playing with the state saving cookie for it.
Child's play & that's about "your speed" as well as the upper limits of your skillset in computing.
Long and short of it, as to MY estimation of you:
You're a do-nothing big talker raymorris that just "blew it again" spouting erroneous bullshit here (and you KNOW it - hence your 'downmod' to hide it, yet not disproving my points on hosts files, which I have confronted you a DOZEN++ times on and you can't despite your "big talk" you can't backup... you're a coward, and a blowhard WORM)!
I also notice you've never achieved anything of note in the art & science of computing that I know of - why? You're at most, a MENIAL is why.
You've GOT no creativity, no talent, & certainly NO BALLS -> http://it.slashdot.org/comment...
("Run, Forrest: RUN!!!")
APK
P.S.=> You've blown it this time on saying "Windows is just starting" to do whitelisting? Bullshit. It's been possible & around since Windows XP you know-nothing big talking "ne'er-do-well" DOLT - all you've GOT is your effete little downmods - no big deal! Keep it up, blow them all, & I will just come over the top of you AND POST IT AGAIN, exposing you... coward! apk
Been around since Windows XP, raymorris (Applocker & software restriction policies areas in registry etc.) -> http://windowsitpro.com/window...
You bullshit spouting wannabe fake...
APK
P.S.=> Still/again - get a set of BALLS raymorris & disprove my points on hosts files validly -> http://it.slashdot.org/comment... since you DOWNMODDED & EVADED IT A DOZEN TIMES BEFORE after shooting your mouth off about hosts files here which I quoted and confronted you on 12++ times now http://slashdot.org/comments.p... & you downmodded it and ran like the little cowardly BITCH fake you clearly are.
OR
Do I have to post the literally DOZEN times you evaded it & downmodded it as well?
(Also - please: DO NOT EVEN *TRY* TO FEED ME A LINE THAT "I can't downmod a post I posted in already", or I will shoot you down on THAT also with EXACTLY how it's done here with sockpuppets, or downmod/logout, & state cookie manipulations here too)... apk
http://it.slashdot.org/comment...
??
Thanks!
Sincerely,
APK
P.S.=> Personally (& I have a LOT of backing on this account from quite a few "industry luminaries"), I am QUITE CERTAIN that it's "the way of the future" using something from the distant past, since threats are mostly "webbound" (delivered via the web), & it does more than ANY SINGLE BROWSER ADDON there is under the sun (by far & FAR more efficiently in RAM usage, CPU use, and messagepassing overheads) + also shores up DNS redirect security issues with total end user control) offering more speed, security, reliability, & even anonymity... let's hear YOUR thoughts on it: Should interest you, as even Symantec has ADMITTED their antivirus product is ONLY "55% effective" recently -> http://it.slashdot.org/story/1...
They're advertisers you work for: It's why you ran from disproving MY points on hosts http://it.slashdot.org/comment...
You also made large technical blunders so your resume is pure bullshit obviously and you know nothing.
Makes sense you *TRY* to put hosts down though - you can't do a DAMNED THING against them!
Hosts files are a huge threat to scumbags like you is why you attempt to put them down and fail (running like a scared weasel you are since you can't validly do so).
APK
P.S.=> "Cat's outta the bag on you", scumbag weasel that you are (advertiser)... apk
N/m
Now that the TRUTH of him is out -> http://slashdot.org/comments.p...
* Like I said, raymorris - "Cat's outta the bag" on you now, & it explains ALL OF THIS (your technical errors, your use of "jump on the bandwagon" puny 'marketing mind manipulation tactics' what-with YOU stating what you did here (nobody wants to read about hosts - when the TRUTH is, YOU DON'T WANT OTHERS READING ABOUT THEM SINCE YOU ARE AN ADVERTISER -> http://slashdot.org/comments.p... & guess what?
FACT: YOU FAIL & ARE "BUSTED" IN YOUR TRUE MOTIVATIONS Mr. ADVERISTER... lol!
(I also KNOW you see my posts now - you just "conveniently ignored them" & YES, you've been downmodding them (as EVERYONE KNOWS you advertizers use sockpuppets galore too, shall I post material on THAT also? I can you know... lol!))
You're pitiful man...
APK
P.S.=> See here, for PROOF of that last sentence above from me http://it.slashdot.org/comment...
(Showing your technical errors, your use of marketing tactics ala jump on the bandwagon -> , & yes - YOU ARE RUNNING FROM DISPROVING MY POINTS ON HOSTS FILES VALUE TO USERS -> http://it.slashdot.org/comment... in more speed, security, reliability, & anonymity - done more efficiently by far as well, + doing more than ANY SINGLE BROWSER ADDON THERE IS, & can't be stopped by native browser methods or ClarityRay either - so YOU FEAR THEM, that much is clearly obvious... )
... apk
Clickbank + vertis your employers, do spam and steal bandwidth and infect users with malicious code (advertisers have done that, maybe not them specifically on that point, admittedly, but they have and that is fact)!
Especially since that "spam" accusation's the best you've got to being busted in your true motives for putting down hosts and evading a fair challenge put to you to disprove my FACTS on hosts files superiority over all other competing methods validly -> http://it.slashdot.org/comment... and failing badly!
You've avoided validly disproving facts on hosts files REPEATEDLY in fact (which you advertisers are helpless against unlike browser addons) http://it.slashdot.org/comment...
LMAO - after you tried marketing jump on the bandwagon (no one wants to read about hosts) failing tactics and downmodded challenges to you to disprove those facts on hosts a dozen times http://slashdot.org/comments.p...
You fail man... badly!
APK
P.S.=> You steal our bandwidth, infect us, + get in our faces unwantedly, & expect success? Your model in advertising was DOOMED from the START on those grounds along!
Fact... you people are NOT very smart (bottom-line)!
I.E., an OLD business rule:
"You can't sell folks what they DO NOT WANT, period"
So... get THAT straight (yes, I have a Bachelors of Business degree with MIS concentration, I know what I speak of here, evidently BETTER THAN YOU DO along with CS degree past Associates 60cr hr & into 90/120 of the Bachelors now) - get that thru your heads: It is WHY Google is diversifying into say, ROBOTICS now (they know it too) buying Boston Dynamics... they're smart - you're not, & that IS that... apk
Where it didn't apply to the topic @ hand, raymorris? It's NOT spam if it applies to the topic (& I am not selling anything either - it's free & works). Answer that. Clue: YOU, fail (badly)... on all accounts noted!
Especially since you cannot validly technically disprove my points on hosts files adding security, speed, reliability, & even anonymity here -> http://it.slashdot.org/comment...
* "Eat your words", Mr. Redirector/Advertiser... & "Run, Forrest: RUN!!!", lmao!
APK
P.S.=> I don't expect you to answer - you're afraid to, like every advertiser is AFRAID of hosts since you can't detect for them via native browser methods & just like you were after you "shot your mouth off" on hosts, using classic predictable MARKETER/ADVERTISER "jump on the bandwagon" tactics -> http://slashdot.org/comments.p... & you RAN when I confronted you NICELY on it a dozen++ times after YOU downmodded it out of site using either sockpuppets, or logging out of your account after downmodding & altering the state-saving cookie child's play CRAP admen are KNOWN for (which yes, you "projected" in that link you DO do)...
OR
Do I have to post the literally DOZEN times you evaded it & downmodded it as well?
(Also - please: DO NOT EVEN *TRY* TO FEED ME A LINE THAT "I can't downmod a post I posted in already", or I will shoot you down on THAT also with EXACTLY how it's done here with sockpuppets, or downmod/logout, & state cookie manipulations here too)... apk