Bambu Studio 1.10.2 Public Beta

Bambu Lab Beta Testing Bambu Studio (Public Beta testing)
22

When it comes to security and user privacy Bambu are complete idiots.

They force PIA 2FA by email authentication on me to log into Makerworld then tell me I can mitigate that PIA by keeping their cookies. Log in status cookies which are easier to steal than my password, last for 12 months and completely bypass password and 2FA. To avoid the pain of 2FA by email they suggest I make my account less secure than it is without 2FA.

This authorization and authentication protection mechanism sounds like more of the same will be forced on me if I ever update the printer firmware or buy a new one. My printer can access DNS and NTP on the internet. All else is blocked by my router firewall because I donā€™t trust Bambu. I do trust my LAN and donā€™t need their stupid extra security to be forced on me. How hard would it be to let me turn it off?

The good news is Creality, Anycubic, etc are catching up so I might well have options to avoid this ā– ā– ā– ā– .

23

@SupportAssistant The community has spoken and is currently voicing negative views towards this new requirement.

When can we expect an official response from the CEO?

24

The official information is present in the blog post shared below:

We also included some frequently asked questions at the bottom of the article, to clarify some of the details.

1 Like
25

I will sell my printer if it needs internet access.

26

Actually, the main reason you guys are invoking is your cloud security problems, not the usersā€™ . No one attacks a 3d printer through a local properly managed LAN, and no self-respecting hacker will lose his time targeting a 3d printerā€¦ so all that mumbo-jumbo added to your article (including the FAQ) are just a smoke screen.
I rather stick with my current firmware and use my printer as i see fit (OrcaSlicer including), and take my chances with a hacker potentially and successfully gaining unauthorized access to my personal networkā€¦ to use my printerā€¦ Ridiculous argument, but if thatā€™s how you want to play it, so be it; Iā€™ll play my cards the way I see fit, and not how you want me to play it.

4 Likes
27

This isnā€™t good enough. do better.

28

I get a unknown error in hms after updating to the beta firmware.

1 Like
29

LOLā€¦ thatā€™s strike oneā€¦
ā€¦ let them come, people, let them come.

2 Likes
30

Iā€™ve read them and theyā€™re silly to say the least.

Letā€™s go over them:

Why is this change needed?

There are 2 reasons stated:

  • one is local printer safety - which gets nullified immediately since OctoPrint exists and they have had guide on securing remotely-accessible printers for years: OctoPrint.org - A Guide To Safe Remote Access of OctoPrint
  • 2nd is Bambuā€™s cloud safety - which is your problem that you could very well fix without messing with peopleā€™s access. You couldā€™ve hired cloud safety expert(s) who could help you fix that for fraction of the costs and none of negative blowback.

Point validity: 0.5/2 (iā€™ll give you 0.5 because cloud security isnā€™t simple)

Why does it need to be enabled in LAN mode as well?

Which tries and fails to explain this silliness on LAN mode. If someone has trojan on their local net, 3d printer is least of concerns. And if it is - then on LAN thereā€™s instance of Bambu Studio that can be then used to do all those shenenigans you claim to protect people against.

Point validity: 0/1

Does this mean I wonā€™t be able to use Orca Slicer in the future?

This fails to mention that the connectivity is essentially gone, so the AMS functionality is gone too. No nice filament selectionā€¦ Iā€™ll go over that connect later on but I gotta say - this is totally wrong idea and it cannot be even called ā€œintegrationā€. Nothing about that is ā€œsmoothā€ and ā€œhassle freeā€

Point validity: 0/1

Can Orca Slicer access or read printer information? What functionalities does Orca Slicer have without Bambu Connect?

TL;DR: nothing useful will work. And ā€œimport-fileā€ via url scheme? REALLY? Tons of ways to do inter-process communications and you went with url scheme?

So - thereā€™s no point here and for url scheme I give -10 points out of 1

I am using Home Assistant to control my printers. Will this still work?

TL;DR: Not really, no.

I wonder how much THAT will anger people since Iā€™ve seen a lot of drama when bambu was blocking MQTT back in june 2024ā€¦

so again - 0/1

What happens if I never upgrade to this firmware?

This point basically says: if you want your printer to work with orca slicer or anything external do not upgrade ever.

0/1 points again

Will aftermarket accessories stop working?

TL;DR: Yes, quite so. Turn panda touch into $60 brick.

0/1 points made

So to sum up: No real benefits to the end-users, all external improvements get rendered quite useless. And valid points made: -9.5/8. (I gave negative 10 for url scheme calls. talk about insecure way to pass dataā€¦ if we skip that thereā€™s 0.5/8 validity)

Iā€™d say thatā€™s a very bad idea.

12 Likes
31

I got out of my simrig just to read this. Spot on. I use HA and depend on certain automations for my printers and it sucks to have a simple thing as that taken from me.
This is not a resolution for us, the users. This is the start of what they want from the beginning but they were always cautious about itā€¦ until now. I smell something fishy here and i think, and itā€™s only my thought, that this has to do with their next printer launch.

I turned my back long time ago and will keep using my x1 with the x1 plus firmware and thatā€™s it. Sadly itā€™s not an option for everyone or every printer.

Now on to the sim rig again, gotta do some fast laps :sweat_smile:

2 Likes
32

Add to all the above arguments, this limited time-line firmware/software/security/bugfixes support:

Bambu 1
Bambu 11057Ɨ1337 172 KB

and considering the current circumstances (as laid out before us by Bambu), one might wonder how many users will get to install their final updatesā€¦I guess that not that manyā€¦

1 Like
33

Yeah no way my next printer will be a Bambu. Youā€™re approaching the problem the wrong way. I get that you want better security for your cloud (I know cause I do this for a living) but disabling access for third party softwares that are running in our LAN to access our printers also on our LAN is NOT the way to go. Fix your cloud security (and if you canā€™t then hire consultants or external help) and let me thinker with my own printer at home however I like. Stopping updating the firmware is not a valid solution. This goes against the security principle itself. No firmware updates = no security fix.

7 Likes
34

What a rug pull! This is awful news; Iā€™ve only had my printer for a few months. Hopefully, the obvious customer outrage will convince them not to become 3D HP.

2 Likes
35

Hello! I recently bought a bambu lab a1 printer and I absolutely love it. I do have some questions though. How do I opt out of your new firmware and take full control of MY printer that I spent $500 on? There are no security threats in the environment that I use my A1 printer in, so I donā€™t need any authorization and authentication protection mechanisms.
many thanks,
Buzz

1 Like
36

Turn your printer settings to LAN only mode, and block your printer access to internet, then youā€™re safe (at least for the time being)

3 Likes
37
  1. Introduce authorization and authentication protection mechanism: Bambu Studio now supports signing and encrypting control commands sent to printers when the printer supports authorization and authentication protection. The printer will determine whether the commands can be executed.

You really had to do this, huh? It wasnā€™t enough that the printer has certain parts locked down, someone at Bambu really thought itā€™s a great idea to make their users paranoid about their printer turning into an HP one.

I didnā€™t buy an X1C to be afraid to do firmware updates, or miss out on features. Now I have to, because someone elseā€™s ā€œsecurityā€ concerns that donā€™t impact me at all are apparently more important than the principle of ā€œdonā€™t take away from the stuff that I bought more than a year ago, I already bought it and Iā€™d like to do with it as I please.ā€.

I hope that being on the last firmware before the new horrible one doesnā€™t mean Iā€™ve already soft-bricked my printer, and that maybe in can get custom firmware or something like that, which is something I had no interest in doing prior to this announcement.

2 Likes
38

everything has already been said. but to add to the voices, let it be known that i too strongly disagree with the new auth system and the general direction highlighted by those changes. by f*cking over your customer base like this, you go against everything the 3D printing community stands for, while also making your devices thoroughly unattractive for people using them in a professional context. be better.

8 Likes
40

If this is pushed out as a forced firmware then I wonā€™t be looking at Bambu printers never again, no matter how cheap they are. I donā€™t care about the cloud cabability to be honest, but going after LAN mode is really silly.

1 Like
41

And later weā€™ll need a subscription to use AMSā€¦I canā€™t believe Iā€™m considering a Creality instead of the incoming bambu printer I was sooo excited about

1 Like
42

Activated my forum account just to say that if this ridiculous update that forces us to use aUtHoRiZeD bambu software and pointless cloud connectivity, I will never purchase from Bambu again for any reason.

This quote speaks for me.

3 Likes