Is Nintendo DS wifi Safe?
January 15, 2006 12:13 PM   Subscribe

Nintendo DS wifi questions...

My son has a Nintendo DS and just got a couple of games for Christmas that he can play wirelessly on the Nintendo wifi network. My husband set it up and it seems to work (he was playing Mario with a kid in Japan this morning).

Our questions are more regarding the security of it all. We have a router with a firewall, as well as running the Windows XP firewall (DSL connection). We just wondered, though, is it possible for someone to give us a virus or hack into our computer network through this Nintendo DS connection? There are two ways to run with people you know with a friend code and one with anyone that happens to be playing at the same time. Is one of these methods safer than the other? Anything else we should be aware of that we may not be thinking of?
posted by Mrs. Smith to Technology (10 answers total)
are you using a wireless router or Nintendo's own USB wifi connector?
posted by mcsweetie at 12:47 PM on January 15, 2006

Wow, someone sure did a good job of giving you the willies about using the net. Adding a DS to your network does not impact your security in any way that I can think of. All matches are set up through Nintendo's servers, there is no difference in the risk between a friend code and a random match, as neither of them have any more risk than browsing the web or anything else you might do. As a closed, single-purpose design, the DS is far less vulnerable to attack than your PC. If you want to worry about your security, worry about the PC. Your DS is clean as a whistle, no matter how you use it.

Disclaimer: Anything's possible, but no-one has yet heard of what you're worrying about happening, and if it happened, it would be big news in the geek press.
posted by ulotrichous at 12:51 PM on January 15, 2006

On preview, if you added a new wireless access point to your network to enable this, your access point could be unsecure (and probably is by default), that could allow people immediately nearby to join your network behind your router, but outside your PC's firewall. If you're using Nintendo's USB dongle, the worst case scenario there would involve someone hiding in the bushes with a DS who really wanted to play Mario Kart online without your permission. Or maybe Animal Crossing.
posted by ulotrichous at 12:57 PM on January 15, 2006

Response by poster: We're using our router, not the Nintendo USB connector, so yes, we added a new access point. My concern is that someone could use that access point to get into the computers. I'm not concerned at all about someone hacking my kid's DS.
posted by Mrs. Smith at 1:21 PM on January 15, 2006

have you enabled any sort of encryption on your wireless router? currently, the nintendo DS only supports WEP encryption is considered relatively weak by security dudes, but it's better than nothing and will make war drivers just lookin' to get online move on and find a network without any encryption. check your access point's manufacturer's web site for step-by-step info on how to enable WEP (you'll also have to configure it on your DS but it's a snap).

a combination of XP's built-in security powers and a wireless router with NAT and some kind of encryption is actually a pretty secure combination. as long as you keep up with windows updates, you'll be fine.
posted by mcsweetie at 1:29 PM on January 15, 2006

If you had the wireless router previously, say for using with a wireless laptop or something, it's just as safe as it previously was. Actually in all truth, if you use WEP encryption on your wireless network, it's marginally easier to break the encryption because the DS adds to to the sum total of packets flying around in the air. WEP is inherently weak, and given time, the rights tools, and ingestion of enough of the packets going from device<>router, it can be broken.

Would I worry ? Not particularly. Turn on MAC address control (consult routers' manual) and a decent WEP password (nothing in the dictionary) that changes semi-frequently. Unfortunately WPA isn't supported on the DS as far as I know.

Most of the time the effort involved to break on to your wireless network far outweighs the benefits. There are plenty of folks who leave their APs wide open, and other folks usually use that path of least resistance. :-)
posted by GreenTentacle at 1:30 PM on January 15, 2006

oh one more thing, when you're configuring your router, you'll probably have to login via your web browser. if you haven't already changed the login and password, do that right away! on the odd chance that someone does crack your WEP key, they can login to your router using the default username and password and wreck all kinds of havoc.
posted by mcsweetie at 1:33 PM on January 15, 2006

I concur with the "safe if you're using WEP" crowd. I set my son's DS up on our wireless network a couple weeks ago and it went in just as easily as any of the standard machines I've added, even entering the long-ass WEP key on that DS-emulated keyboard.

I also go a step futher and add the DS's MAC address to the allowed list in the router.

As long as you have some reasonable level of encryption enabled at the router, I think you should feel pretty safe.
posted by hwestiii at 5:33 PM on January 15, 2006

The Nintendo handset works only with WEP encryption. WEP encryption has been broken. It is now useless. If your network supports the DS, then any random passer-by can crack your network within 5 minutes.

They can then use your connection to send spam and do otherwise illegal things, for which YOU will take the heat.

You should switch to WPA, the new form of encryption, immediately. It will break the DS' ability to go online at your house, but IMO, that's not really an issue compared to going to court for music piracy or jail for hacking.

If you have the technical chops, setting up a second wireless access point on a SEPARATE WIRE from your internal network would be possible... there are four outgoing TCP ports you have to open to the whole Net, and you have to allow all UDP traffic, both in- and out-bound. (the Nintendo wifi site has details in the FAQ).

Outbound UDP isn't too dangerous. All the nasty stuff I know of is carried via the standard TCP, which you would almost completely block. If all you have on that wireless network is the access point and the DS, that would be a pretty safe setup, even though the encryption is weak. Even if someone hacks in, they can't really do much useful... except play DS games, anyway. :)

The knowledge in how to DO this, however, is rather arcane, and it's not likely you'll be able to do it with a standard access point/firewall. You'd need an AP that supported two internal networks, and I'm not aware of any cheap ones that do.

It was totally irresponsible for Nintendo to release a WEP-only device in 2004.
posted by Malor at 6:22 PM on January 15, 2006

Er, 2005. :)
posted by Malor at 8:35 AM on January 16, 2006

« Older Why do I shed?   |   Best international multi-city airfare? Newer »
This thread is closed to new comments.