REVIEW: "The Teeth of the Tiger", Tom Clancy

BKTTHTGR.RVW 20040306

"The Teeth of the Tiger", Tom Clancy, 2003, 0-399-15079-X,
U$27.95/C$40.00
%A Tom Clancy
%C 10 Alcorn Ave, Suite 300, Toronto, Ontario, M4V 3B2
%D 2003
%G 0-399-15079-X
%I Penguin Putnam
%O U$27.95/C$40.00 416-925-2249 Fax: 416-925-0068
%O http://www.amazon.com/exec/obidos/AS...bsladesinterne
http://www.amazon.co.uk/exec/obidos/...bsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASI...bsladesin03-20
%P 431 p.
%T "The Teeth of the Tiger"

It is interesting to note, reading the reviews on Amazon, that even
die-hard Clancy fans are starting to lose faith. Clancy has moved
from curmudgeon to outright maverick in this work. The plot doesn't
just depend on bending the rules, but by going completely outside them
and playing God. (In which regard, I'm fairly sure that quite a few
Catholics would take issue with the assertion that as long as you
*think* you are doing the right thing, God can't say anything about
it.) The "good guys" luck out a lot, but are extremely sloppy, and
any group that did operate in this manner would tend to kill a lot of
innocent people. Despite crises of conscience (very brief ones), none
of the characters in this tale are attractive or sympathetic: they all
seem to be pretty thin. But that isn't what we are here to talk
about.

Clancy demonstrated in "The Bear and the Dragon" (cf. BKBRDRGN.RVW)
that he didn't understand cryptography, and he proves his lack of
comprehension again here. Sun makes good workstations, but they
aren't supercomputers. Single pass DES (Data Encryption Standard) has
fallen to brute force attacks, but serious users have plenty of
algorithms to choose from that haven't. Clancy has moved the myth of
the NSA providing encryption standards with backdoors built into it
slightly out of the house, but it's still a myth. (Yes, the NSA does
have smart people, but the one time they did really try it, with the
Clipper/SKIPJACK key escrow system, it failed. Ironically, the
failure didn't lie in their ability not to get caught, since they were
completely open about it, but in a weakness that meant the escrowing
system could be broken.) As far as getting everyone to buy into a
proprietary, unreviewed encryption system and use it pretty much
universally for several years without anybody twigging as to what was
going on, forget it. There are a number of players in the crypto
market, everybody serious enough to study the field knows not to buy
snake oil, and anyone following the security field at all knows that
backdoors get found every day.

Just because you use the same accounting system as someone else
doesn't mean that you can read all their files. (In fact, if you are
breaking in to someone's system, it is often easier to grab the data
files themselves and process them with your own tools.) There is no
discussion about getting access to files on remote systems at all:
Clancy just seems to assume that it can be done. Admittedly, he is
assuming a backdoor into Echelon, and assuming that Echelon can, in
fact, collect all the transmission of voice and data anywhere in the
world. (We'll leave that tall order for the moment, since it isn't
inherently impossible, however unlikely.) The data under
investigation, however, isn't in transit: it resides on a bank
computer.

This book has annoying errors in technology, flat characters, a shaky
premise, and very little of the old Clancy flair.

copyright Robert M. Slade, 2004 BKTTHTGR.RVW 20040306

--
======================

============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
or mirror http://sun.soci.niu.edu/~rslade/
CISSP refs: [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
Security Educ.: http://groups.yahoo.com/group/comseced/
Review mailing list: send mail to techbooks-
or techbooks-

Rob Slade, doting grandpa of Ryan and Trevor