- Randall K. Nichols & Panos C. Lekkas
In the computing industry, talk of wireless security is usually limited to a few specific topics: encryption, wireless LANs, WAP or maybe even Bluetooth. These are the subjects you'd expect to see covered by a book titled Wireless Security. This book, however, takes a far more comprehensive approach. Written more for telecommunications professionals than network admins, this book covers a broad range of wireless security topics, including cellphone networks, speech cryptology, satellite communication links and voice over IP. It even includes details on how to design more secure communications hardware using application-specific integrated circuits (ASICs) and field-programmable gate arrays (FPGAs).
Wireless Security reads a lot like a college textbook, which is both a good and a bad thing. It's very detailed, with each chapter containing an extensive list of footnotes and citations. The authors take the time to explain the background of most subjects, so a reader encountering a technology for the first time can easily follow the discussion.
Most chapters in Wireless Security start with an overview of the particular technology, including design goals and strengths and weaknesses. The first chapter describes the properties of wireless communication in detail, including explanations of cellular structure, Code Division Multiple Access (CDMA), Time Division Multiple Access (TDMA) and spread spectrum communications. The second chapter is a detailed introduction to information warfare as applied to wireless communication. Together, these chapters provide a foundation for understanding the rest of the book.
While highly detailed, the book seems as though it was rushed to print, and it could have benefited greatly from more editing. It contains many typos, factual errors, missing tables, indexing errors and confusing sentences. For instance, a description of offensive information warfare says, "Techniques are the technical means of capturing and affecting information of humans -- their computers, communications and supporting infrastructures -- are described as techniques." One of the more glaring errors can be found early in the book, where WEP is defined as "Wireless Equivalent Privacy" (it's Wired Equivalent Privacy).
A more serious problem is that Wireless Security lacks focus. The chapter on cellular telephone systems, for example, discusses everything from wireless LANs to Columbian drug smuggling planes intercepting U.S. military air-to-air communications to the merits of various room-bugging microphones. The chapter on satellite communications spends too much time explaining the different types of satellite orbits, identifying existing satellites, discussing the European Union's Safe Harbor program and explaining digital rights management. Nearly every chapter suffers from this problem. Probably 20 percent of this book could have been cut which would have improved its flow and made it easier to read.
Despite its flaws, Wireless Security is a valuable reference for telecommunications professionals. It's hard to find information about the security of all these topics in one place, which makes this book a valuable addition to any security architect's bookshelf. However, this isn't the book to buy if you just want to secure a wireless LAN. It's for those who need the big picture of the security characteristics of today's wireless technologies.
About the Author: David J. Bianco, GSEC, is a book reviewer for Information Security and a systems admin for Thomas Jefferson National Accelerator Facility in Newport News, Va.