I've been looking into this since my nipper recently got a DS. Unlike the Wii, the DS does only appear to support WEP instead of WPA, which is a disappointment.
Cracking WEP is actually pretty easy provided you know which tools to use and you've captured enough traffic. As IT security is my job I'm familiar with these, but as I'm not sure on OcUK's stance on discussing such things, I'll not say any more than that.
However, I will say that hiding your SSID and MAC filtering isn't difficult to circumvent either (as this is still broadcast anyway). If anything, people hiding their SSIDs can be detrimental, as you might not be aware that your neighbour has a WLAN, which may be broadcasting on the same channel and causing interference - at least if you can see a strong signal, then you're likely to try changing the channel.
Nonetheless, for home users, it's undoubtedly sufficient, as people aren't going to go to the effort of cracking your WEP key just to piggyback off your ADSL or cable connection.
Er.... sorry about that, I got kinda carried away
Anyway, one thing I've been meaning to look into is the use of dual SSIDs that the dd-wrt firmware for my WRT54GL is supposed to be implementing. If this works, then I'll have a DS-specific SSID that accepts WEP that my nipper can use, whilst the rest of my kit connects to a more securely configred other SSID. Kinda like the way that FON has public and private SSIDs.
Haven't had time to really look into it just yet though.
