After reading BIGTREE TECHs announcement of bambus working on a firmware update that will disable lcd screens like the panda/Xtouch, bambu customers who bought/want this feature has 2 options:
A) dont install any new firmware updates, missing out on improvements to their printers
B) Use third party firmware that allows use of these products.So although Bambu only wants bambu firmware on their machines they are giving us a reason to consider non- bambu firmware.Is this really what bambu wants
Personally I wont use a non-Bambu firmware so that means I wont upgrade firmware ( I wont be happy about it either)
Where did they say bambu is working on such firmware? Nowhere.
They said that bambu warned them that they might add another encryption layer (but that would be just pure evil on bambu side as one layer already exists - TLS for mqtt and adding another one doesn’t provide any security benefits).
Your right Bambu didnt SAY they were working on the firmware, they stopped just short of that…Bambu contacted bigtree tech days after their product launch and told them they were thinking about adding another encryption layer,doing this purely to boost the security of their products. ( you yourself called that BS) So they took the step to warn them they are thinking about doing this and why.( what did you say about pure evil to do this for this reason) But if they are thinking about it and took the initiative to warn bigtree tech and gave a BS reason…they are in the early stages of initiation and planning it at the very least ,wouldn’t you say.And bigtree tech is taking it seriously enough to come up with a contingency plan. But no they didnt ACTUALLY SAY they are working on it, but actions speak louder than words,( 5:26 of the video)
I recieved an email ftom bigtree this morning as acknowledgement of the firmware issue here is the relative part:
“Bambu Lab has indicated that they are going to add an extra layer of security to this communication link in a future firmware update. When this extra layer is added, it will mean that the Panda Touch may be unable to control some features of the printer such as motor movement, heaters, print speed, and possibly even the ability to start prints.”
You conveniently left out this part from the same email, quoted from the other thread on the same topic:
So Bigtreetech hacked their own non-standard way to access the current firmware because currently no API exists for them to do so using supported methods. Bambu warns BTT know that the firmware is subject to change and therefore that hack MAY not work in the future, but Bambu DOES intend to provide a standardized way to access the controls in the future, an API that will be supported and can be expected to continue working after subsequent firmware updates.
What else would you have Bambu do?
Bambu has already indicated a willingness to provide functions that do not currently exist, functions that are not a necessity for their own purposes, functions that they never even suggested might be available. They can’t be expected freeze development of their own firmware to accommodate another company.
Do you think, say Apple (or Google for that matter) would say anything at all if such a change were to happen? if anything they’d release it in a public statement buried deep somewhere where people aren’t like to look, but what’s more likely would be they’d just apply the change and say “good news! we upgraded our security with the last firmware! bummer that the non compliant, non O.E.M stuff you got a month or two back stopped working”
Bambu isn’t obliged to say anything about such a change, the fact that they reached out to the affected companies and warned that something already was in the works does speak a bit about intentions. Adding official, supported routes for expansion isn’t wrong in itself as it can mitigate random stuff breaking during updates and gives a clearer path forward.
But I’m no fool either and really hope they don’t mirror reddits take on the API access.
The future will tell, this is just another fork on the same path as the X1Plus firmware.
the Xtouch works like the panda and bambu had no problem with it for 9 months but then 3 days after bigtree launches their product we get the security update problem? And that does the Xtouch team say about this? He says they are working on the firmware. Actually this IS a buisness issue with bigtree and banbu, nothing technical here.If its not then why not make the API available first, let the developers upgrade their product then release the new firmware and everybody wins. WHAT ELSE WOULD YOU HAVE BAMBU DO? (you wrote) Well bambu did nothing for 9 months with the Xtouch which does the same thing as the panda, they wasnt worried about security then nor an API but now that bigtree released a product big tree all of a sudden has security concerns. I would investigate this more and see what happened between bambu and big tree, something DID happen but parties involve are not specifying what. You wrote BAMBU HAS ALREADY EXPRESSED A WILLINGNESS to ect.ect,ect. They have also expresses willingness to work with third party developers to expand their ecosystem.Actions speak louder than words so you asked what else would you have bambu do? Id have them do what they told us they would do, work with other developers to expand their ecosystem and Id have them release the API first. If it wasnt a problem for 9 months with the Xtouch why the urgency now with the panda. Why wasnt an API unnecessary with the Xtouch
you wrote “The future will tell, this is just another fork on the same path as the X1Plus firmware.”. Im amazed bamnu would give their customers another reason to use non-bambu firmware when they dont want that to happen
You guys better downgrade your firmware while you get a chance because that’s going bye-bye soon. Just like the X1. But in the end it doesn’t really matter because they’re going to force firmware flashes to update everything.
Holy smokes! The number of folks in this thread that have zero idea what they’re talking about is exactly the same number that are panicking over this change.
If you had the slightest understanding of what they are doing and how this is done, you would realize this is a gigantic nothingburger.
Adding another layer of security to a MQTT server that can be accessed remotely while providing an official API that can be accessed - securely? Oh the horror!
Xtouch has been using the same technology as the panda for 9 months and they had no issue until days after bigtree released their product.So why is it a problem now?There are alot of Xtouches being used and few pandas.Yesterday morning one of the developers team posted on their facebook page that this is really an issue between BIGTREE and bambu ( bigtree pissed them off) Bambu was aware of Xtouch for 9 months and they didnt come up with an API in that time so I dont have alot of faith in them .(They have a good product but their operations arnt very smooth) So Instead they are making a firmware that will cripple our pandas/Xtouches . Why not come out with the API first, licence it to the developers so they can patch their products and then release their new firmware…if they were acting in good faith thats what they would do.If they were looking out for their customers interests thats what they would do.You are the one with zero idea of what is happening here.
If you’re really wondering why the change now, then you haven’t been paying attention to this thread, or you don’t understand the reason why. It’s not a puzzle, bud. It’s pretty simple.
You’re just being pedantic and your questions about the process are obtuse. If you have such a problem with the way that Bambu is doing things, start your own business and do it the way you want to. Otherwise, you’re just whining.
I have been paying attention to statements from the developers of Xtouch and BIGTREE TECH as well as every relevant bambu facebook page not just this thread or the statements bambu makes , so I know there is more to this than what is in this thread. I bought a bambu printer, its my property and I have every right to question when someone limits the way I am allowed to use it so I dont have to start my own business, Im in buisness with bambu.You just posted a reply that offered no information or knowledge of the situation.You didnt answer any of the events I relayed, instead you made a pompus reply that added nothing to the overall understanding of the specific issue, you added nothing at all but some childish name calling. You know there are other people that might be interested in what is going on, if you cant add something constructive, why dont you move on.
Of course I read it,a while back. We are not talking about firmware as the products dont alter the firmware at all, these lcd screens use the same communication scheme the Handy app doe, and therefore the same encryption. I read how bambu is interested in working with responsible 3rd party vendors to expand their ecosystem because they are not big enough to do it alone. The xtouch has been being in use for 9 months, 9 months bambu has been aware of this yet they had no problem with it and no API.This is contrary to their statement I just mentioned.
