Forum privacy issue: Files now hosted in China?

Site Feedback
1

This is a sanity check.

In the past 24 hours, has anyone uploaded a 3MF file and verified the destination of the download link? I have all .cn domains blocked on my network to prevent redirection to Chinese-hosted domains. This is for cyber security reasons as one will see below why this is important.

Until yesterday, all uploaded files were hosted on Amazon’s U.S. servers. Now I’m seeing this message:

Note: My network is blocking this.

image
image1511×500 31.4 KB

Here it is in another browser and what’s also disturbing is it appears to be randomizing the address based on either browser session or login. That in and of itself is puzzling. There is no value to randomizing the link unless that’s intended for use as personally identifiable data.

image
image1626×629 44.4 KB

Here’s a post where I uploaded a 3MF file. The original poster also uploaded one. Both links, including mine posted just 6 hours ago, now resolve to a Chinese domain:

https://forum.bambulab.com/t/trouble-forcing-parts-to-print-top-and-bottom-layers-where-they-touch/170491

Here’s the actual file link:

https://forum.bambulab.com/uploads/short-url/gLnKJnOPugJnMjNIoJCwx3HNfbH.3mf

Here’s is what one sees when one hovers over it. It appears to be a perfectly normal link until one clicks on it.

image
image1661×261 18.7 KB

Clicking it silently redirects to:

https://or-cloud-forum-prod.s3.us-west-2.amazonaws.com.cn/original/3X/7/5/757df8589fb89703824ba22293fb0d861c068019.3mf

This is disturbing.

:worried:

For those unfamiliar with why this is an issue or who haven’t following the TikTok issue, the PRC has the legal authority to compel all Chinese companies to share and or surveil anyone interacting with their platform. Consider that some folks may not be as cyber-aware. With AI, it’s now possible for LLM to scan through models and analyze what the design intent is. That’s no danger if you’re just printing a key ring but what if you have an idea for a product? Do you trust your data in the hands of a site that the Chinese government at any time without disclosure can seize?

2 Likes
2

Bambu Lab is a Chinese company which I assume you knew before you purchased a Bambu Lab printer.

In case you weren’t aware, any instances of the Chinese Government compelling a Chinese company operating in China to turn over data would not be limited only to data stored within China. If that company is storing data in the USA, for example, that data would not be exempt from any such cases.

If China having potential access to your data is a no-go for you - you should be aware of what I’ve said above.

4 Likes
3

you should be concerned about the nsa spying on you , than a link posted to a chinese domain

3 Likes
4

First, I apologize that I cannot give proper credit for this recently posted workaround to download a .3mf from the forum. It is a simple solution until the issue is fixed. I saw it within the past few days, I’m just not finding the proper search terms to locate the post again.

Basically, you just need to remove “.cn” from the URL. So when you get this error:

…go up to your URL address bar and edit out the “.cn”.

I don’t know if the file is still retrieved direct from China or a closer Amazon mirror, but it will be downloaded. Maybe the forum is being too specific about the file hosting server?

FWIW, I do not have a block on my home network for Chinese servers. Maybe my ISP does, but the forum .3mf downloads are the only ones that generate the “can’t be reached” error.

2 Likes