How long did it take you to write "Wireless Security and Privacy: Best Practices and Design Techniques" and what was it like? Any major difficulties?

I am estimating it took us between 7-9 months to write the substance of the book. It was another 6 months for reviews, editorial changes, etc. Then another 4 months for the layout, proofing, and printing.

It was a lot more work than originally appeared when we were approached to write the book. It was also a lot of fun to see the book take shape and develop into the final product.

The hardest thing was taking all the material we wanted to cover, organizing it so it had some logical flow and could be understood, setting a deadline for not adding new information (after all technology is constantly changing) and culling out information so the book had a good balance between level of detail and breadth of coverage.

Warchalking, Wardriving, Warspamming - these are just some of the terms we see frequently in the news. Do you see these actions as a real problem or is it just the media making things bigger than they are?

Unfortunately, I believe the answer is both. The media does tend to highlight the sensational aspects that they wish to highlight while leaving out critical details or assumptions.


These actions can be a real problem if the purpose of such actions is to do damage to the network or company to which these actions grant access. Again, it comes back to "What are you concerned about?" By properly configuring and restricting wireless access you can eliminate, or at least minimize the potential damage these actions can have on you network.

What are your predictions for the future when it comes to wireless security?

I would like to say that those responsible for building wireless security into the devices would read our book, do the right thing, and design security in from the start. However, the real answer is that the consumers will dictate what will be the future of wireless security. The companies are going to try to produce what the consumer demands, at the lowest cost possible. Companies believe that the consumer is willing to accept reduced security for greater functionality. Unless pressed otherwise by consumers, security will not be the focus for these companies and will continue to be a problem for the foreseeable future.

My experience shows that security is not an end state, but a continual process. I am sure the security profile of wireless devices and networks will improve. However, the functionality of these systems will also increase, which will likely introduce new vulnerabilities or provide additional avenues for exploitation.

What are your future plans? Any exciting new projects?

My background and experience is a driving force encouraging me to assist concerned individuals and companies to overcome the security and technological challenges they face.