Hacking Exposed: Mobile Security Secrets and Solutions

Neil Bergman et al

Published by

McGraw Hill





Reviewed by

Nick Dunn, Senior Security Consultant NCC Group


7 out of 10

The rapid growth of mobile technology and increase in smartphone adoption has resulted in significant changes to the information security landscape over the past few years and this addition to the Hacking Exposed series attempts to cover the current knowledge gap in this new area.

The book has a broad coverage, starting with excellent chapters on the mobile risk ecosystem and potential attacks against the cellular network.

Later chapters cover mobile malware, mobile web applications and secure development for mobile devices. In addition there are more specific and more focussed chapters covering Android and iOS, but unfortunately no other platforms.

There is some excellent information provided and some interesting ground covered, although at 256 pages the book feels more like a high-level introduction. The chapters covering the mobile web, iOS and Android stand out from the others in this respect and provide the type of technical detail that would be useful for performing a security audit or assessment.

The absence of Windows and BlackBerry coverage is unfortunate from a security professional’s point of view. BlackBerry’s traditional use as the corporate device of choice and the increasing popularity of the Windows Phone 8 means that code and applications for the devices are frequently encountered during security assessments and some information on coding for these devices and testing against them would have been welcome and made the book feel more complete.

Overall the book stands up well as an introduction to the subject and the short chapters and accessible writing style mean that the reader can absorb most of the key information needed within a short space of time. The concentration on iOS and Android mean that it is not suitable for people working exclusively with Windows or BlackBerry platforms, and that supplemental books would be needed for anyone working across multiple platforms.

Further information: McGraw Hill

January 2014