Real 802.11 Security. Wi-Fi Protected Access and 802.11i
by Jon Edney and William Arbaugh
Addison-Wesley 2003
ISBN 0-321-13620-9. Index, Acronym list, Bibliography, three
appendices. $44.99. LoC TK5105.59.E36 2004. 451 pages.
Reviewed by Robert Bruen September 15, 2003
Wireless connectivity is certainly taking off in popularity for a host of reasons. We are reliving the period when the telegraph was starting to lose ground to the newly invented radio. The telegraph was the first wired internet and radio was the first wireless network. The problems that existing early in the twentieth century look a lot like the problems in the early twenty-first century. The security problems are the same, although it is always hoped that once a lesson is learned, it is not forgotten. The wired Internet has constant security problems which are dealt with every day in a constant battle. The wireless world seemed to have started out with pretend security that was compromised quickly and publicly.
Wireless telephones, which no expects to be secure, has begun to seriously integrate with wireless computing. In addition the telephones are adding features such as digital picture capture, email, instant messaging and a host of new ideas yet to come. The future of course is hard to predict, but it seems clear that combination mobile communication and computing devices will be part of any future we end up in.
It also seems that the lack of security has not slowed down the spread of wireless telephones, it will become a serious speed bump for wireless computing at some point. No one has missed the problems of open wireless networks and, say, Netstumbler on a laptop. Businesses that spend money on firewalls and anti-virus software will be unwilling to allow the convenience of wireless connectivity once they realize what is going on. The demand for good material on Wi-Fi security is is becoming louder. Fortunately, Edney and Arbaugh have offered us something that meets that demand.
Real 802.11 Security is just that. If you are new to wireless and wireless security, this is the book to start with. The authors cover the world of wireless, which is very different from the wired world, very well. They also explain in clear terms what went wrong with WEP. How attacks work in wireless is helpful and interesting. The book has an explanation as to why these details of attacks are included, but there was no need to explain. The methods need public scrutiny to prevent the past failures.
I consider this book the best source for wireless security and recommend it for anyone interested in wireless communication and computing. The books that will surely follow will have to meet the standards set by this one.