|
Powered by
|
|
Section: All | News & Politics | Geek Stuff | Devel | Non-existent Life | Random | Food! | Life |
Mon, December 27, 2004
Digital Fortress
I decided to take a break from coding and indulge myself in mindless entertainment. Since I botched my Netflix cycle, watching a movie was unfortunately not an option... So I decided to buy myself a cheap (well, if you call $8 cheap) paperback instead. I've been wanting to read Davinci Code, but since it's only out in hard cover edition and I can't afford to waste $25 on leisure reading, I got Digital Fortress instead, also by Dan Brown.
Read on for review (spoiler warning). [Updated 12/28]
Show Rest of Post
First, a brief summary: The NSA has built a massively parallel (3 million procs) supercomputer for deciphering any encrypted data in a matter of minutes. A disgruntled ex-employee (who happens to be Japanese and born crippled due to radiation from the A-bombs) supposedly comes up with an unbreakable encryption scheme, encrypts the algorithm using it, releases it on the internet, and tries to blackmail the NSA. In the mean time, the Deputy Director who oversees the cryptography department and the supercomputer, schemes to take advantage of the situation...
The book probably would've been really good if the author's lack of technical knowledge/research hadn't been so obvious. Alternatively, if you don't know anything about computers or cryptography (and thus the author's lack of knowledge isn't apparent to you), it would also probably seem like a great book.
Here's a list of things I found "wrong":
- He repeatedly confuses bits and characters (i.e. bytes). In one occasion he talks about a 64-bit key having 64 characters. Such an elementary mistake, but with potentially profound consequences particularly in cryptography...
- The supercomputer they build has 3 million processors. The biggest clusters nowadays have, what, thousands? Tens of thousands? But 3 million? The cooling/energy requirements of that I think border on the impossible (I mean, a Pentium today uses what, like 80 Watts? So 3 million would use 240 Mega Watts... even with a PPC it would be tens of mega watts). And they used freon for cooling. Freon? Liquid nitrogen I can understand, but I doubt freon would do the job.
- An exmple ciphertext he gives is the wrong kind of gibberish. Normally ciphertext will be encoded in something like Base64, and without it, it'll use pretty much the entire ASCII range (i.e. not printable). In Dan Brown's world, ciphertext is encoded in some odd character set that includes a mirrored letter 'E' (i.e. "there exists" symbol in math or eyot in Cyrillic).
- His description of public key cryptography shows his lack of understanding on the difference between symmetric and asymmetric encryption algorithms.
- In his world, it's possible to attach "tracers" to email messages, which send back information about the destination account upon delivery then miraculously self destruct. Since it activates on delivery (i.e. doesn't need to hit the other person's MUA, so it's not like an Outlook worm or anything), it must be exploiting the user's MTA/MDA. I guess it's theoretically possible if the recipient's MTA/MDA had a vulnerability that allowed a buffer overflow attack to be executed by a well-formed message, but it seems rather implausible...
- Apparently he doesn't know about checksums, so in his world, you can download a file, modify it, upload it back to the internet, and nobody will notice. Okay, so their supercomputer can probably find hash collisions so it might be possible to modify the file without changing the checksum, but if that's the plan, he doesn't talk about it (and it would seem like something he would've wanted to mention since MD5 collisions weren't discovered for another 6 years after he wrote the book, and if he'd said the NSA was capable of finding them in 1998, we would've been impressed).
- Brown singles out the EFF as being a fanatical, almost militant, organization set out to prevent the intelligence community from doing its job. Firstly, I think it was unfair to single out the EFF, secondly, I think his portrayal grossly misrepresents the EFF's positions and strategies, and thirdly, I think Brown gives the intelligence community (and, by extension, the government) too much confidence. True, the deputy director of the NSA does turn out to be corrupt, but he was corrupted by love and over-zealous ambitions to serve his organization and country. Other than characters who pose the question (and are mostly vilified for it), he doesn't make an attempt analyze the true value/consequences of the government being able to crack all communication.
So, in conclusion, fun book, but don't expect the technology to be very believable. And a note to techno-thriller writers: do your god damn research!
Update 12/38: Cleaned up some typos and wording issues, minor formatting changes, and added one item to the list.
| |
Posted Mon, December 27, 2004 11:18 by dirvish
You should submit that to slashdot as a book review. That's great! I was just looking at the book on the shelf in B&N last week, but decided not to get it.
[moderate]