I have a Netgear Orbi Mesh system (all wired) and run Netgear Armor security over the network. My 272 and Qb are wired to this network.
Today Armor started blocking Tidal (api.tidal…) as Naim 272/Qb v1 is sending unencrypted information.
Quick fix will be to unblock the url in Armor.
However wanted to know if this should be encrypted by default and if not, is Naim likely to fix forward for these products, or leave unsupported?
Sadly not as rare as you would like to think, even for supposedly ‘sensitive’ apps.
How much of a risk this is to you will depend on a number of factors, such as whether you run your system in your own LAN behind a proper firewall.
The original Tidal API that we use is http only and it exchanges login details in an unencrypted form. This wasn’t something of Naims making (we and everyone else had to use the API as defined by Tidal in 2014), but the world has moved on security expectations wise, even though its not protecting a bank account or similar.
I do have some good news though - we have new code in public beta for Muso Gen1 & green screen Hifi products that updates them to switch them to more secure protocols and principles (OAuth2, TLS1.3) to ensure they have many more years of life in them.
As it’s in public beta it’s quite advanced, but at this stage we can’t give full details of what is in the update & when it will go live. It’s all good stuff though and will make various on the forum eat their hats who have claimed we would never do an update! 
Best wishes
Steve Harris
Software Director
Naim Audio Ltd.
Brilliant, thank you. @Stevesky
While you’re at it. Could you fiddle around and add the qobuz api to my firmware upgrades if I send you my serial numbers 
That’s great news for 272 owners.
I had better dig all the cables and link plugs out and get ready to carry 272 and NDX to the iMac for these new updates then 
Hi @normsbigwindow and @Stevesky
I wish I had seen your very helpful posts earlier. I have the same set-up Netgear ORBI mesh with Netgear Armor. Unfortunately, Netgear Armor identified my ND5 XS as an “Asia Pacific Microsystems thermostat” (I kid you not).
I pulled my hair out for days trying to figure out why I could access TIDAL on my Mu-So speakers but not my ND5 XS. I whitelisted the “thermostat” and I am happily streaming TIDAL again on my ND5 XS.
I hope the beta discussed will also include the ND5 XS!!
Thanks, Paul
Have found my cable and am ready and waiting 
I just installed an NDS. Glad to own a Macbook!
Ah yes, but it is still recommended to have a wired Ethernet connection to the laptop, so are you close to the router or do you have a long cable?
I’m wondering if it is worth carrying the iMac to the streamers, but I’ll need a 20m cable for the Mac.
Luckily, this doesn’t happen often😄
You don’t need a wired connection to the laptop. WiFi is fine as long as it’s reasonably good. Also you can’t brick the streamer if the update fails because of a WiFi issue. You can always start again because the legacy products boot from a piece of resident code that isn’t over-written by the updates.
Best
David
David, very useful info thanks. In that case I may try taking the mac to the streamers, as it is only the mains cable to unplug for that. Unlike the 272 that has all manner of analogue, digital, optical, PSU’s attached! Thanks.
I like to live dangerously 
And as David H helpfully points out, it’s not all that dangerous.
My NDS came with v4.6 firmware. Only yesterday I was debating whether to install v4.7. So I guess I’ll wait a bit…
@easeback1 you have convinced me to give wireless a go when this new update arrives. Good luck with the NDS should be a brilliant source. I think if you want to use Tidal, you may need 4.7 so it works properly.
Enjoy.
The wired-only advice likely dates from a decade or so ago when wi-fi networks were less stable.
Thanks, the NDS is proving to be a fantastic purchase. Running Qobuz via Audirvana / Mac Mini.
I can confirm David’s point that doing the update over WiFi is generally fine, over the years I must have done 20 or so updates without the Ethernet cable and never had one go wrong.
Also any reason you’re not using a local NTP source and using time.netweaver.uk instead ?
Or even pool.ntp.org.
Just did a packet capture on my mu-so v1 and noticed it.
And while you’re at it please also fix this long running bug
Reported several times,never got a straight answer. 
Couldn’t care less about the security issue but if above bug could be fixed that would be great.
Amen to fixing the bug that complicates playing DSD tracks larger than 1 GB on first-gen streamers (NDS, NDX)! While this doesn’t manifest itself for much outside of the long movements of late 19th-century symphonies, it is a little disappointing that a company that sweats the details like Naim hasn’t been able to fix this bug.