Skip to content
Naked Security Naked Security

News in brief: drone chiefs urge regulation; Microsoft drops SMB1; Virgin router warning

Your daily round-up of some of the other stories in the news

Your daily round-up of some of the other stories in the news

Drone chiefs call for regulations

Drone industry chiefs were due to meet President Trump at the White House this week – and were expected to call for more regulation.

The meetings, which were due to start on Thursday, are to focus on regulations for emerging technologies including 5G, artificial intelligence and drones. They include executives from organisations including AT&T, drone-maker PrecisionHawk and venture capitalist firms.

Michael Chasen, chief executive of PrecisionHawk, told Recode that “the drone industry is one of the few industries where we need more regulations, not less”. That’s because the FAA hasn’t yet produced rules that would make it legal to carry out commercial activities such as delivering packages.

Greg McNeal of mapping software company AirMap told Recode: “We asked why autonomous cars weighing 3,500lb can drive next to hundreds of pedestrians, but a 3lb drone can’t fly over people. The FAA follows a legacy approach to regulating aviation that requires everyone to ask for permission.”

Microsoft to retire SMB1

The next version of Windows will not include SMB1, the protocol that facilitated the spread of the WannaCry ransomware outbreak in May.

The change is already rolling out to members of Microsoft’s Windows Insider programme – the shift will feature in Build 16226 of Windows 10.

In a Windows Insider blogpost, Dona Sarker said: “As part of a multi-year security plan, we are removing the SMB1 networking protocol from Windows by default. This build has this change, however the change only affects clean installations of Windows, not upgrades.”

Microsoft has been urging users to ditch that protocol since before the WannaCry outbreak: Ned Pyle said, loud and clear, back in September last year that “SMB1 isn’t safe”.

He added in his Technet post: “The original SMB1 protocol is nearly 30 years old, and like much of the software made in the 80s, it was designed for a world that no longer exists. A world without malicious actors, without vast sets of important data, without near-universal computer usage. Frankly, its naivete is staggering when viewed though modern eyes. I blame the West Coast hippy lifestyle.”

For users who aren’t early-adopter nerds on the Windows Insider programme, the change will come when the Redstone 3 – or Fall Creators’ Update – rolls out.

Virgin customers warned on routers

Are you a Virgin Media customer in the UK with the Super Hub 2 router? If so, you’re among the 800,000 or so users who probably needs to change both the Wi-Fi password and the password to access the router’s configuration pages.

The warning came after research by the consumer association Which? found that the router model’s default passwords were insecure: the Wi-Fi password is easily cracked, according to Which?, and once on the network, the default admin password is the same for all devices.

Which? criticised a number of devices that Naked Security has flagged up in the past, including the CloudPets teddy whose user accounts had been breached, and insecure IoT security cameras.

Virgin said it was offering affected customers the option to upgrade to a newer router – the Super Hub 3 – and added: “The security of our network and of our customers is of paramount importance to us.”

Catch up with all of today’s stories on Naked Security


I wonder Kate…did you read any of the current drone regs before you wrote this article ???

An one thing we certainly don’t need is Trump and his Corporate Cronies screwing up anymore of the FAA.


It seems to me that Microsoft could also switch off SMB1 for upgrades without bugging many people, if they first send out something that tracks if it’s legitimately used. If no use in 30 days, disable it on the upgrade.


In regards to the Virgin routers – i don’t understand how upgrading to a newer model will help unless the firmware is hackable irrespective of how strong the usernames and passwords and SSID/Encryption key is. If an individual decides to leave the defaults as they are then no matter what router you have a hacker can easily obtain default credentials on line and gain unauthorised access.


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!