Thursday, May 18, 2017

Using astrology to protect from APTs

Probably when you saw the title, your reaction was WTF?! Using astrology for APT detection, that's totally crazy! But, the sad fact is that it isn't so crazy after all because large number of products that are offered on the market claim that they are protecting you from APTs in the same way astrology claims it can predict your future.

To elaborate a bit more this claim, the key question is how do you know it's true that protection works? We can rephrase this question into another one: What process did manufacturers use to prove, beyond reasonable doubt, that their products are capable of detecting APTs? Did they publish somewhere what/how they did it? Also, since nothing is perfect, its obvious that no solution will detect all the cases. In how many cases will the products detect APTs, and again, if they provide such numbers, how they came up to them? What is precision, and what is recall? Anyway, this is not published so it is something you have to go buy on trust, not on the numbers and experiments.

Even more, in astrology if things turn out to be different, then the person doing prediction changes story somehow, for example he/she didn't know some crucial information which made the prediction wrong, or they predict in such a way that no matter what happens, it will be true. In other words, you can never falsify the astrology and that is the main reason it isn't science. But the same reasoning goes for products that protect you from APTs, too. Either if they protect you or not you have no way of knowing weather that was a pure luck or in the case of detection if this was something deliberately designed into the product.

So, to conclude, I don't think that majority of products for APT protection are nothing more than application of astrology to cyber security!

