REVIEW: "The Teeth of the Tiger", Tom Clancy

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, May 28, 2004.

  1. BKTTHTGR.RVW 20040306

    "The Teeth of the Tiger", Tom Clancy, 2003, 0-399-15079-X,
    %A Tom Clancy
    %C 10 Alcorn Ave, Suite 300, Toronto, Ontario, M4V 3B2
    %D 2003
    %G 0-399-15079-X
    %I Penguin Putnam
    %O U$27.95/C$40.00 416-925-2249 Fax: 416-925-0068
    %P 431 p.
    %T "The Teeth of the Tiger"

    It is interesting to note, reading the reviews on Amazon, that even
    die-hard Clancy fans are starting to lose faith. Clancy has moved
    from curmudgeon to outright maverick in this work. The plot doesn't
    just depend on bending the rules, but by going completely outside them
    and playing God. (In which regard, I'm fairly sure that quite a few
    Catholics would take issue with the assertion that as long as you
    *think* you are doing the right thing, God can't say anything about
    it.) The "good guys" luck out a lot, but are extremely sloppy, and
    any group that did operate in this manner would tend to kill a lot of
    innocent people. Despite crises of conscience (very brief ones), none
    of the characters in this tale are attractive or sympathetic: they all
    seem to be pretty thin. But that isn't what we are here to talk

    Clancy demonstrated in "The Bear and the Dragon" (cf. BKBRDRGN.RVW)
    that he didn't understand cryptography, and he proves his lack of
    comprehension again here. Sun makes good workstations, but they
    aren't supercomputers. Single pass DES (Data Encryption Standard) has
    fallen to brute force attacks, but serious users have plenty of
    algorithms to choose from that haven't. Clancy has moved the myth of
    the NSA providing encryption standards with backdoors built into it
    slightly out of the house, but it's still a myth. (Yes, the NSA does
    have smart people, but the one time they did really try it, with the
    Clipper/SKIPJACK key escrow system, it failed. Ironically, the
    failure didn't lie in their ability not to get caught, since they were
    completely open about it, but in a weakness that meant the escrowing
    system could be broken.) As far as getting everyone to buy into a
    proprietary, unreviewed encryption system and use it pretty much
    universally for several years without anybody twigging as to what was
    going on, forget it. There are a number of players in the crypto
    market, everybody serious enough to study the field knows not to buy
    snake oil, and anyone following the security field at all knows that
    backdoors get found every day.

    Just because you use the same accounting system as someone else
    doesn't mean that you can read all their files. (In fact, if you are
    breaking in to someone's system, it is often easier to grab the data
    files themselves and process them with your own tools.) There is no
    discussion about getting access to files on remote systems at all:
    Clancy just seems to assume that it can be done. Admittedly, he is
    assuming a backdoor into Echelon, and assuming that Echelon can, in
    fact, collect all the transmission of voice and data anywhere in the
    world. (We'll leave that tall order for the moment, since it isn't
    inherently impossible, however unlikely.) The data under
    investigation, however, isn't in transit: it resides on a bank

    This book has annoying errors in technology, flat characters, a shaky
    premise, and very little of the old Clancy flair.

    copyright Robert M. Slade, 2004 BKTTHTGR.RVW 20040306


    ============= for back issues:
    [Base URL] site
    or mirror
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Security Educ.:
    Review mailing list: send mail to
    Rob Slade, doting grandpa of Ryan and Trevor, May 28, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.