Nintendo DS Wi-Fi uses obsolete WEP security
by Vladimir Cole 
{ Oct 16th 2005 at 12:24PM }
In these flickr images captured by "Apreche" at the Digital Life Show in NYC on Friday, we can
see the unlaunched interface for the Nintendo DS's Wi-Fi capabilities. Interesting features include:
-
Save settings for up to three connections
-
Auto-detection of available wi-fi networks
-
Support for primary and secondary DNS servers
-
Support for DHCP and static IP addresses
-
Support for WEP (but not WPA!) security
This last item is going to earn the system some real bronx cheers. According to security experts, WEP is an obsolete protocol for securing wireless data transmissions. Earlier this year, the FBI gave demonstrated that they could crack open a "WEP-protected network in 3 minutes using publicly available tools" (source).
So what's the big deal if someone's snooping on your Mario Kart race? There's probably not too much risk, as most hackers are going to be looking for the juicy stuff, like people signing in to their PayPal accounts or engaging in PictoChat cyber. This does expose the DS to man-in-the-middle and hijacking attacks, but does that mean that viruses and bricking trojans can be introduced to game devices via wireless attack?
Update: writes reader NYN, "The real problem in this I suppose is that you won't be able to go online with your DS if you have your wireless router configured with a WPA key." Exactly!
[Thanks, Anand, Crushed and others who mailed this in.]
Reader Comments (Page 1 of 2)
nyn @ Dec 18th 2005 9:07PM
The real problem in this i suppose is that you won't be able to go online with your DS if you have your wireless router configured with a WPA key.
delerious @ Dec 18th 2005 9:07PM
Oh well. Nintendo is issuing those WiFi Connection dongles with Mario Kart, so a router won't be a problem.
Nin10dude @ Dec 18th 2005 9:07PM
"Oh well. Nintendo is issuing those WiFi Connection dongles with Mario Kart, so a router won't be a problem."--delerious
Still, no one wants to have to buy all this...
Well, you could consider it the one time fee for online for your DS and Revolution... ;)
Andrew Hsieh @ Dec 18th 2005 9:07PM
"Well, you could consider it the one time fee for online for your DS and Revolution... ;)"
...for first-party titles, yeah.
scottus0 @ Dec 18th 2005 9:07PM
Since the wi-fi program is included in the game, do you think future games have WPA compatibility?
Brandon @ Dec 18th 2005 9:07PM
How can I tell is my wireless router has a WPA key
Anand @ Dec 18th 2005 9:07PM
BTW, a guy who goes by the name APRECHE took these pictures so please thank him.
I for one am pissed that the DS doesn't support WPA. I now have to change the security on my DS every time I need to play MKDS online.
Smiling Politely @ Dec 18th 2005 9:07PM
The best method for security is to do MAC address filtering and make your wireless network ID invisible. Both WEP and WPA are obsolete.
CowTipper @ Dec 18th 2005 9:07PM
Or you could be like me, live out in the country and leave your wifi unprotected becasue the closet person isnt close enough to steal your wifi :)
Elyscape @ Dec 18th 2005 9:07PM
The DS has 802.11b support. WPA requires 802.11g. The DS therefore is incapable of supporting WPA. The same applies to the PSP, I believe.
Elyscape @ Dec 18th 2005 9:07PM
Also, if I recall correctly, WPA is backwards compatible with WEP. Don't quote me on that, though, as I could be totally wrong.
Jay @ Dec 18th 2005 9:07PM
Or you could be like me or... hey! Yea i live in the country too in the money-filled hills of Saddleworth. Theres a pub next door and an ex-mayor on the other side... our house is sat in the middle of a few acres so unless my router suddenly has the ability to boost its signal through the metal panels in the outer walls then i'm sitting pretty.
WEP and WPA are pretty pointless though. like its been said; MAC filtering is the way to go. you dont need passwords or hidden networks there.
b @ Dec 18th 2005 9:07PM
Holy shit. I'm seriously considering on getting a DS, but this makes me wonder if it will work with my connection, let alone if it could become a brick.
azdruid @ Dec 18th 2005 9:07PM
In response to Smiling Politely, MAC filtering and turning off SSID broadcast are not surefire ways to hide networks. Packet sniffing software like NetStumbler and a lot of small Linux utilites can still catch the SSID, and since the allowed MAC addresses are still transmitted in wireless frames, they can be detected as well. Apparently it is quite possible to spoof the MAC of one's adapter.
Me? I'm going to wind up buying a dongle, because I will certainly not drop WPA for anything.
azdruid @ Dec 18th 2005 9:07PM
Elyscape, I fear WPA is not backwards compatible, and yes, WPA does indeed work fine on 802.11b.
Jago @ Dec 18th 2005 9:07PM
""Oh well. Nintendo is issuing those WiFi Connection dongles with Mario Kart, so a router won't be a problem."--delerious
Still, no one wants to have to buy all this..."
Dude what are talkin about? Not everyone has a wireless router at home and for a game this HUGE...you know damn well that people are gonna buy this dongle. They're doin alot more then Sony has ever done with the PSP. I think the majority of the PSP games out there don't even support the infrasturcture wifi mode on the PSP which is RETARDED. Of the 5 games I own, only MLB supports it and I've seen at most 4 people online. Games like Wipeout and Lumines should have supported infrastructure mode.
nojok3 @ Dec 18th 2005 9:07PM
nope, if you use WPA, everything needs to be able to use WPA, no exceptions
Stakker @ Dec 18th 2005 9:07PM
I have a WPA-protected network and I'm not going to compromise my security by downgrading to WEP. I also have a Mac, and the dongle only supports Windows (AFAIK). So, no Nintendo Wi-Fi for me :-(
The PSP does support WPA, but I've had trouble getting it to work properly because Airport Express doesn't like PSP.
Oh how I JUST LOVE this AMAZING techno-future we live in.
Mark @ Dec 18th 2005 9:07PM
I am thinking of snagging a DS this fall, but what would really seal the deal is if I can browse the web on the DS (email, google, stuff like that). Any idea if that will come out via homebrew, or by chance offically. Seems like DS would be eaten up by the 18-24 demographic if they ever did that.
delerious @ Dec 18th 2005 9:07PM
...but what would really seal the deal is if I can browse the web on the DS (email, google, stuff like that)...--Mark
Nintendo licensed a Palm OS to use for the DS possibly. It's called V-Pocket. It's not out yet, I don't expect it to come out soon. Plus, the DS doesn't have but 65k colors I do believe. That wouldn't support a lot of things, but I bet the DS would be great for IRC.
J @ Dec 18th 2005 9:07PM
Now if someone can hack the Dongle [i.e. create some software to alter its function] so that we can tunnel ALL the DS games, that would make it very worth it.
AndrewNeo @ Dec 18th 2005 9:07PM
Even if you could "hack" the dongle, you still won't be able to tunnel DS non-wifi games. We already have normal wifi cards (the specific Ralink chipset) that can communicate with the DS with Nintendo's propietary protocol and we still can't tunnel. All these dongles from Nintendo are are just access points in a USB thumb stick that will route to your LAN connection through your computer. I have a Zonet ZEW2501 that can do the exact same thing.
AndrewNeo @ Dec 18th 2005 9:07PM
Also, we're getting closer and closer (http://akkit.org/dswifi/) to having homebrew with real wifi support. Not sure about encryption, but it's good enough for a start.
Osiris @ Dec 18th 2005 9:07PM
What a fucking joke. Trust Nintendo to choose whats best for us.
I should be able to use my neighbours connection, he only uses WEP.
Now to crack his WEP encryption. Takes 3 minutes i heard.
Nintendo Gal @ Dec 18th 2005 9:07PM
Any security can be hacked, and I don't care what the hell it is. If you think you're secure with WPA I laugh because eventually it'll be as obsolete as people claim WEP/MAC filtering are.
kojo87 @ Dec 18th 2005 9:07PM
does anyone know how fast your internet connection has to be to use the DS online? i am currently running 56k dial-up. i know i have to get high-speed but how fast? im not gonna screw around with routers if they arent gonna support the DS. and how much is this dongle gonna cost?
Gaurav @ Dec 18th 2005 9:07PM
Perhaps the DS can sense when a router is using a WEP key or a WAP key? This specific router may have been WEP so it displays the "WEP key" box.
Just thinking aloud
Gaurav @ Dec 18th 2005 9:07PM
okay sorry, I'm retarded.
DNS @ Dec 18th 2005 9:07PM
A combination of WPA and mac address filtering would be fine - You still have WPA but the router does not apply it to the DS's MAC address.
mike @ Dec 18th 2005 9:07PM
Perhaps the DS can sense when a router is using a WEP key or a WAP key? This specific router may have been WEP so it displays the "WEP key" box.
--
You know, man.. i agree.. why would Nintendo be so out to lunch as to set this wifi up where no one could use it...
"To sell dongles?"
Eh, that blows goats.. If I can't use the online service, i'm not getting a DS. That simple.
Jago @ Dec 18th 2005 9:07PM
kojo87 = wth? Your still using dial-up? So how is it living in the 1990s? lol j/k
You can just get the basic DSL that is normally around $25-30 and you should be fine. Ideally tho cable internet is better...
Elyscape @ Dec 18th 2005 9:07PM
Re: #15 (azdruid)
Um... whoops?
Never mind, then. Go go gadget misinformation!
Jago @ Dec 18th 2005 9:07PM
"You know, man.. i agree.. why would Nintendo be so out to lunch as to set this wifi up where no one could use it...
"To sell dongles?"
Eh, that blows goats.. If I can't use the online service, i'm not getting a DS. That simple."
How else do you expect people to use the network if they don't have a wifi network. Do you expect that their routers magically transform into wifi routers? The USB wifi dongle is being created so they don't alienate people who don't (or won't) buy a wifi router.
At least they are trying to get people to play their games online...unlike Sony with the PSP.
Alex K. @ Dec 18th 2005 9:07PM
so...
who cares?
nobody.
WEP vs. WPA makes no difference. both are crackable, it's a matter of how long they take to crack.
JohnBlade @ Dec 18th 2005 9:07PM
Guys guys calm down. The DS doesn't use an exact replica of 802.11b but a slight variant with some custom packet encryption.
It -cant- work on a standard wireless 802.11b network, and that's why you need something like the dongle to get you on the Internet. It's a cheap/easy way to ensure everyone is on an even playing field (i.e. you dont need to buy a wireless AP to use your DS).
The real problem is that you'd have to be within 8 metre's or so from your PC.
OM @ Dec 18th 2005 9:07PM
Paranoia, paranoia, everybody's coming to get me....
If you people are really that worried, just get the dongle. At least then you know that if you go to a friend's or relative's house, and they dont have a WiFi router, you can easily carry the dongle around and plug it in a USB port.
OM @ Dec 18th 2005 9:07PM
It -cant- work on a standard wireless 802.11b network, and that's why you need something like the dongle to get you on the Internet. It's a cheap/easy way to ensure everyone is on an even playing field (i.e. you dont need to buy a wireless AP to use your DS).
---------------------------------
The service will be free to Nintendo DS owners, requiring no additional charge to play supported games over the internet. Households with Wi-Fi networks can access the service with only a minimal of setup procedures. For households with standard broadband internet access and no wireless router, Nintendo will sell separately the Nintendo Wi-Fi USB Connector that will enable the Nintendo DS systems to connect to the internet.
Jago @ Dec 18th 2005 9:07PM
Thanks -OM-...I was about to say the same thing. I have played Mario Kart DS on a normal wifi network and you don't need the dongle...the dongle is only for those WITHOUT a wifi router.
mike @ Dec 18th 2005 9:07PM
How else do you expect people to use the network if they don't have a wifi network. Do you expect that their routers magically transform into wifi routers? The USB wifi dongle is being created so they don't alienate people who don't (or won't) buy a wifi router.
---
Huh? It says here that this WEP shit won't work with most wireless routers!
I have a wireless router, and I read on Joystiq that Nintendo's new Online service won't work right out of the box...?
Hey man.. I'm not bitching for the sake of bitching.. i'm seriously concerned that Nintendo DS won't work with most wireless routers sold today.
Convince me that I have nothing to worry about.. but I can't get a concrete answer.
Nintendo's online email help actually BLOCKS people from asking questions about Wifi.. they won't say a word.
Jago @ Dec 18th 2005 9:07PM
It's not as bad as you might think...I have actually played MKDS here where I work. I can't say anyhting more then that but trust me...the situation isn't as bad as you think.
Tim @ Dec 18th 2005 9:07PM
Basically, it seems the consensus is that if you're not using a wi-fi router using WEP at home, then they expect you to go to friggin McDonald's to play a game. I can alrealdy see the lawsuits pouring in. Not for deceptive marketing, but all these kids now being advertised to, to go to McDonald's...and...play video games. Can you say, "You're making my kid fat!"
Your mom @ Dec 18th 2005 9:07PM
I don't care what the situation is with online. I expect to destroy you all in MKDS on Nov. 11th.
den @ Dec 18th 2005 9:07PM
You know what I said when I "noticed" that the DS will "probably" "ONLY" support WEP and not WPA?
I said, "Darn, I guess I have to set my router BACK to WEP."
In other words, it's NOT A BIG DEAL. MOST people I know have their wireless completely OPEN, they've never been hacked. Unless you have something serious to hide, then you shouldn't worry about it. And if you do, you shouldn't be wireless to begin with. Or on a network for that matter. Or on the internet. And if you have a DS, your probably not the type of person to have "sensitive" information in the first place. Get over yourselves, you aren't as important as you think you are.
blubman @ Dec 18th 2005 9:07PM
@den:
Lol, I totally agree! :D
But the problem is, most people won't even know what WEP and WPA are, or even how to configure their router. So this might scare some people of in the first place.
And indeed, any router that has WPA encription can be configured to use WEP encription instead.
And if you're scared 'they' will try to crack your network: If they want to crack it, they'll crack it, WPA or WEP. But for the ordinary household you'll want some encription anyway (to keep your nosy neighbours from useing your internet ;))
fowley @ Dec 18th 2005 9:07PM
as has ben said many time, no matter what the encryption is it can be cracked in a given time. personally my concerns are not wioth security, i would welcome people using my wifi router at home (in neighbourng houses) to get online with their DS. there isnt much point in snooping on game info is there?
the problem i see, as mention once (maybe twice) here is the range of the DS, normally its only 10 meters. so it does restrict gameplay online to one room in my house. hopefully the revolution wil have improved range. i guess the DS online system will eb a great testbed for seing how sucessful revolution online gaming will be :)
as for the PSP..... havent heard much bout its online stuff.
Muzza @ Dec 18th 2005 9:07PM
Settle people.
Unless there is a serious issue with the DS unable to cope with WPA, then Nintendo will use it. They said before they want to appeal to the widest range of users. At e3-04 they did say the DS was WIFI compatible. As long as it supports the B standard it should be able to be configured to use WPA, unless nintendo's proprietry protocol interfere's with it somehow. The PSP originally diddnt support WPA, not without a firmware upgrade.
That screenshot diddnt show everything, you can still scroll down on it. Now, Someone find us a downloadable MKDS manual...
If there is no WPA it would be because of 1 of 2 reasons.
1: The DS is unable to support WPA
2: Nintendo diddnt see it as something to put too much effort into. (I hope this ones right if it doesnt support WPA.)
I have a wireless router, and WPA or no WPA I expect to be hurling red shells at you all come nov 15th.
Kel @ Dec 18th 2005 9:07PM
I'll be frank i live in the "country" were dial-up is the only thing availiable, the only form of high speed avaliable to my area is Satelite and its a whopping 700 dollars to start, so with the being said am i not going to be able to play ds online? basically this decides if i get a ds or not, i have the money but if i can't take full advantage of it im prolly not gonna get a ds.
ipodman @ Dec 18th 2005 9:07PM
Well, it's out and it works fine.
Moyo @ Dec 18th 2005 9:07PM
Yeah, well it is out...and that sucks - all he does is PLAY ONLINE KART now...sigh
I worry abt security!
Moyo @ Dec 18th 2005 9:07PM
I am curious if anyone knows what the mainstream age group is, that's playing this game online?
Thanks!