Advertisement
DS Wi-Fi uses WEP, not WPA News
DS News by Tom Bramwell
Some more technical details of Nintendo's Wi-Fi Connection service for the DS have appeared on the net this week thanks to eagle-eyed (well, presumably just 'eyed') attendees of last week's Digital Life Show in New York City, who saw it demonstrated.
Wi-Fi Connection is capable of auto-detecting the SSIDs of 802.11b-compatible wireless networks in its immediate vicinity (or whatever number of metres it is that the thing supports), and is happy to obtain its own IP address automatically (using DHCP) or work with a static one. All of which bodes well for compatibility.
In slightly less good news, Wi-Fi Connection apparently uses WEP security rather than WPA. As Joystiq points out, WEP is pretty easily cracked and most people ought to be running WPA at home by now - which presents a problem.
Mind you, it's not a problem if you've shelled out £30 for the USB Wi-Fi Adapter plug-in for your home PC, which acts as a kind of gateway for the DS no matter the scenario, but for those of you hoping to take it online, by the sound of it you'll have to plunge your network back into the choppy, electronic shark infested waters of WEP - at least for the time being.
We'll bring you more on Wi-Fi Connection very soon - the first game to support it, Mario Kart DS, is due out in Europe on November 25th.
Advertisement
Want to comment on this article? Log in, or register!
Comments: 1-39 of 39 in total
Poster
|
Tweakmonkey
18/10/05 @ 10:33
0
It's true WEP can be cracked, but in my opinion it's sufficient for playing games over.
|
|
BradlayLaw
18/10/05 @ 10:54
0
I use WEP and MAC address filtering which should be pretty secure. I hope :(
|
|
0
> Just filter network traffic by mac address - job done!
MAC addresses can be spoofed, that's no protection at all. Honestly, these days if you're not using WPA you're wide open. WEP can be cracked in minutes these days with freely available tools. This is just not good enough, bad Nintendo! I'm really disappointed in you! /smacks Nintendo on the nose with a rolled up newspaper. |
|
0
It would be quite disappointing if this turns out to be the case, as nicka etc, points out, wep is disturbingly easy to crack, and wpa or wpa2 the only way to go if you, more or less, want any security whatsoever.
I recommend everyone using less than wpa to read: http://www.tomsnetworking.com/Sections-article124-page1.php (if anyone knows of any better articles etc please post them.) If i remember correctly the online interface will be dependent on each game (although all should be using the same) which could mean that if they start supporting wpa not all games would be able to use it? That would be quite awful. |
|
kangarootoo
18/10/05 @ 12:39
0
Lets get this context. Most warchalkers don't give a rats ass about your home network. There is nothing interesting on it and your broadband is slow compared to their usual targets.
Insisting on WPA is like insisting on having a metal garden shed instead of wooden one. Sure it will protect you if someone decides your garden shears are worth having, but in the grand scheme of things chances are no one cares what is in there. If someone really wants to "rape your PC" there are easier ways. |
|
kangarootoo
18/10/05 @ 13:04
0
Sort of relevant, if anyone is interested. There is a trend in IT security circles towards securing the client rather than the network. In other words, you don't much care if someone gets access to your wires because they can't do anything once they get there.
Of course the belt and braces approach would work best, but currently a lot of less clued companies focus on stopping network access whilst neglecting the individual security of their systems. Meaning that if someone does get indoors they can pretty much do what you want. I guess to follow my analogy, its like having a rickety shed door but chaining all your tools to a metal wall. I didn't mean to go all grumpy on those expressing concerns over their home PC security. Of course those concerns are valid. My point here is that if you have a home network, especially one that is wireless, your primary concern should be how secure your PC is rather then how secure your network is. How many of those with wireless networks (WEP, WPA or otherwise) use even a simple login prompt and password? I suspect not many.
Edited 1 times,
most recently on 18/10/05 @ 14:03
|
|
0
I use WPA as _one_ of the currently *accepted* best defenses for a wireless home network. When you're securing a wireless home network then WPA (if you have it) is pretty much a no-brainer in my opinion. When all is said and done, I'm just interested in making sure my wifi is as secure as I can reasonably make it - ie not leaving that garden shed unlocked, kangarootoo.
Nintendo (Who I have no axe to grind with, I love Nintendo for crissakes!) have implemented WEP, this leaves me with a problem as it means I have to put my (admittedly small) home network on WEP just for my DS. Fine, no drive-by warchalker (Or unscrupulous neighbour) is likely to steal my bandwidth, but I've just made my home network a little less secure. Earlier I commented on various people proposing MAC filtering as a solution - I simply meant that this is no better protection than WEP or a cure-all for weaknesses in WEP. Although I too use it, it's just another tool in the box. And yes, keep your PC patched, anti-virus, look out for Spyware etc. lets be careful out there people etc. /goes back to playing nintendogs, woof!
Edited 1 times,
most recently on 18/10/05 @ 15:12
|
|
kangarootoo
18/10/05 @ 14:21
0
I agree that anyone going to bother of scanning your wireless traffic is also likely to be wised up enough to spoof a mac address and so that offers little more protection.
And I can see that having to effectively downgrade your network so that you add a device that is essentially brand new to market is a bit off. Given that somewhere like PC World probably doesn't even sell 11b/g equipment anymore, it does seem a little behind the times. I guess they are factoring cost against security, and for most of the DS buying public they have probably (if unfortunately) done the right thing. I wonder how much it would have cost to incoporate WPA compatible HW? I guess we will never really know. |
|
rogermellie
18/10/05 @ 14:51
0
I'm surprised they're using WEP considering the amount of freely available software there is to sniff out and reverse engineer it. Mind you I doubt it matters anyway, as most people where I live don't use any security on their wireless networks. So there are plenty of soft targets around me if I just use WEP.
|
|
kangarootoo
18/10/05 @ 14:59
0
I got by for about 3 weeks in our new place until broadband got sorted, just picking up unsecured networks. Sure I had to sit in the conservatory wearing a tin foil bonnet to achieve a 1mbps connection, but it did the job. Swapping my desktop PC for a laptop was the finest thing I ever did (well, perhaps there will be greater achievements read out at my funeral, but it was quite a good thing to do all the same).
|
|
kangarootoo
18/10/05 @ 15:19
0
Oh balls. Me and my big mouth. Though in my defense, they could have nicked stuff out of my garden shed and I wouldn't have complained.
EDIT: Also, these were unsecured networks. If they had WEP in place I wouldn't have broken in. That would be rude and also kind of (i.e. very actually) illegal.
Edited 1 times,
most recently on 18/10/05 @ 16:19
|
|
rogermellie
18/10/05 @ 15:41
0
I got by for about 3 weeks in our new place until broadband got sorted, just picking up unsecured networks.
Like you say they're unsecured and any network wireless browser will pick them up even by **cough** accident. I can't believe retailers are flogging these routers to households without helping or at least warning them of the security issues. Looking on the bright side it will be ace to play on my DS with other people. I just hope some of my neighbours will invest in a DS. |
|
kangarootoo
18/10/05 @ 15:57
0
I didn't download anything, I simply used it for email. Anyway, enough of my excuses. I'm not saying it was OK, its just what I did until my own connection got sorted.
I agree with rogermellie (partly as it serves to distract attention from my own nefarious activities). PC World will happily sell you the HW, but then one week later you will be turning up unsecured on someones WAP list with an SSID of "Linksys" or "Netgear". I'm honestly not sure of the legal issues surrounding connecting to an unsecured network. The way Windows words things, you could possibly argue that you were invited to do so. I know that sounds feeble, but the company I worked for some years back (a big US IT corp) actually changed the wording on the login screen of its OS, as it could be argued that presenting a prompt suggesting that you "Please log in" was an invitation that could be used in the legal defense of a hacker. Real law is stranger than fiction. |
|
0
The lure of Mario Kart and Animal Crossing is quite possibly too strong to resist, I'll probably end up switching to WEP (shudder) despite all my posturing.. I'm not that happy about WEP, but I am massively excited about the possibilities.
Although I *think* there was as much as a paragraph about security buried deep in my Netgear manual it's neither simple or obvious to set these things up for the average joe even with XP trying to 'help' - not to mention that most people want to plug it in and get going without having to refer a large-ish manual. |
|
kangarootoo
18/10/05 @ 16:38
0
What the home market really needs is some kind of basic "all listen to me" button, not dissimilar to that used on Bluetooth peripherals.
Press button on base station (metaphorically speaking), press button on laptop. "I can see PC called XXYZZ" says base station. "Yes, as expected" says user and confirms. Devices now share secure connection, MAC address, passphrase and all. Give it a generation or so (hopefully). |
|
0
I know WEP sucks, but it seems to be the standard right now, the PSP launched with only WEP and anyone running homebrew on v1.50 is stuck with it. Also the XBox MN-740 gaming adapter only has WEP and some of us would of thought Microsoft would release a WPA upgrade for it, yet they still haven't!!
|
|
0
hey, I'm not in the least wifimatically minded and I admitedly don't know a lot about networking but it seems to me that the more secure the network, the more lag will be introduced. Maybe its just practical, WEP is faster than WPA?
The reason I think this is I've noticed some slow down in the initial connection (eg waiting a fraction longer before a web page loads) when I enabled WPA. Happy to be proved wrong though. (then I'll fiddle more with my own network to find out why its a bit slower now) |
|
kangarootoo
19/10/05 @ 12:50
0
Yeah, my little brainwave would require your keys to be exchanged in an unsecured way (the bit before the user confirms all if good and dandy). Admittedly, anyone scanning the airwaves at that moment would have what they needed to break in. Errr... and they may be some other glaring holes in my brainwave too :)
@Foxxlet I'm not sure that would be the case. I guess would increase traffic over , but whether WPA needs to attach more packets (extra security bits encasing the actual info you are sending through the air) than WEP... I'm not sure. The method of encryption could actually be more efficient. Anyone with some low level comms knowledge want to shout out about WPA encryption (or do I have go nosing myself to scratch the curiosity itch that is developing?). |
|
kangarootoo
19/10/05 @ 12:53
0
Ah, WPA not so secure anymore.
http://www.thincomputing.net/newsitem68.html |
Comments: 1-39 of 39 in total
Want to comment on this article? Log in, or register!
