Sure, anything can be secured, easily. For wireless, there's two reasonable choices. Maybe even three.
(1) You can run your entire net, including all endpoints and all the
gear in the middle, inside suitable RF shielding to prevent
anyone else from being able to interact with it. Build a Tempest
office building.
(2) You can treat the entire wireless infrastructure as completely
untrusted, and require everything that connects to it to be
seriously hardened, and allow only strongly encrypted traffic to
transit it. Every device that connects to the wireless net,
whether mobile or fixed, must be protected to the point where it
can't be attacked, with hardened services and packet filtering
and so forth. Allow only strongly encrypted protocols to transit
the wireless net. If you need to allow anything other than ssh
and TLS, you'll probably need to just wrap everything up in
IPSec. Consider how you're going to authenticate, too.
(3) Maybe, possibly, if you're long on faith, you can hold off and
hope that some future generation of wireless will have
competantly designed security. To do this, it'd have to have an
open design process, and I haven't heard of anything like that
happening, but hey, it doesn't hurt to fantasize.
-Bennett
msg06480/pgp00000.pgp
Description: PGP signature
