Interesting. Potentially useful. Love it when people create new products. Very scary to put yourself out there like that. Especially in the security space.<p>From reading the site and URB's comments on this page, LogDog appears to be a host intrusion detection (HID) package that works first in "learning mode" to establish a baseline set of acceptable or normal behaviours for any given user then eventually moves into notification mode in which it signals to the user that unusual activity has taken place.<p>Unusual, in this context, means anything outside the thresholds established during learning mode. Presumably, learning mode continues over time and the system becomes more refined.<p>So far, so good.<p>What's not so good:<p>1. The basic premise is "trust us, we know what to look for, but won't tell you because we don't want the bad guys to know". This is security through obscurity and I'm afraid I can characterize this only as "charmingly naive". A) The bad guys already know, guaranteed. B) Unless you are truly expert in this area (see below), you don't and are only guessing. I don't want to harsh anyone's mellow, but you need to be able to back up your claims - especially when you claim your product will make someone's life more secure. We will consider believing your claims after we have read the research papers you are going to publish, the papers that provide enough information for thems of us who know this area to guess at your bona fides but not so much as to reveal all your secrets.<p>2. All data sent to servers is anonymized. So you say. I will take you at your word. But it means nothing, unless you have done the extremely hard work necessary to show that the data you maintain cannot in any way be used to establish identity after the fact, whether it be by patterns of behaviour or other means. This is an area of active security research and active attacks, and is not for the faint of heart. I invite you to research super cookies, click profiling, etc., etc.<p>3. Re #2: Your servers are now known to attackers who want that juicy high value data that they can probably do more with than you - unless you are as large and as well funded (they are both). Please describe, at least at a high level, how you are protecting this high value asset you have created. If you cannot, we cannot expect our data to be safe. Regardless of claims of anonymization. Convince us you understand defense in depth, prevent-detect-respond-recover, etc.<p>4. No offense, but this is a security product from someone with no documented (as far as we can tell) expertise or experience in this area. Everyone who has ever developed a security product from scratch has gotten the first release wrong. Every single time. This stuff is complex and complicated, it takes tremendous experience in the field to design a tool properly, let alone implement one, experience gained either from starting from scratch and surviving to release 4 or 5 or from working on other products developed by experts/survivors.<p>URB, you may find comments herein and on this page to be assertive, even aggressive. None of us will apologize for this. You are making BOLD claims and providing no reasons for anyone to believe you know what you are doing. You need to do that work before the security community will accept this product.<p>Try to get hold of Bruce Schneier or another well-known, respected commenter in the field. If you can convince a few such people by giving them a privileged, behind the scenes view (they won't sign your NDA, there is nothing for them in that), that will a) provide real marketing bumpf and b) go a long way to silencing many critics.<p>But note that you still need to address 2 and 3, even if you convince the best of the best of 1 and 4. Good luck, those are hard problems to solve.