 |
“BULLETPROOF WIRELESS SECURITY : GSM, UMTS, 802.11, and Ad Hoc Security (Communications Engineering)” (Praphul Chandra)
I asked for a review copy of this book because I understood it to be a guide to implementing security. The problem is that “implementing” is a loaded term. I wanted a book on how to set up and configure security, and Chandra’s written a book about how to engineer products that implement these solutions. In that light, this is an interesting book because it covers GSM, UMTS, and 802.11 security. The writing style is clear and direct. However, there’s a problem: for a book billed as comprehensive, there’s not enough depth to actually help an implementer build an implementation of any of these protocols. For example, the first 60 pages or so explain some basic security concepts and algorithms, and the next 25 pages cover how security protocols are applied at various OSI layers. There’s a chapter dedicated to GSM and UMTS security, and one on 802.11a/b/g security that (IMHO) pulls some punches about how bad WEP is. In a book targeted at implementation engineers, it would have been helpful for Chandra to go deeper into the reasons why we got stuck with such a crappy security implementation. |
Overall, this book is probably most useful to those who need a quick survey-level introduction to wireless security because they’re working in the wireless industry. It’s pretty much useless for system administrators or developers (particularly because there’s only vestigial coverage of code security/quality issues) except for folks who have a general interest in the topic.
Paul's Down-Home Page 