Setting the Record Straight on Cloud Access and Community

Don’t worry.

Bye now lol.

Could this be kier’s father? Or his ghosts?

That reminds me of that time I had 3 TiVo boxes that were cloud connected, I thought they were great machines, great cloud features, yay. I bet there were people out there saying why do you love the cloud features of TiVo? Wouldn’t you rather that box was able to record free to air without needing the cloud, nah why would I care, its not like they are going to turn off the cloud is it? Why should I care about you folks that want local access without restrictions, I’m alright Jack.

Oops spoke too soon, now they are bricks, oh well if I had just cared about wanting local access first cloud access second. Who knew that a big company like TiVo would pull ■■■■ like that.

4 Likes

Is everyone over the outrage over Bambulab’s policies?

Nah. We’re nursing our grudges. :wink:

4 Likes

I have a question (not a rhetorical question, an actual technical looking-for-an-answer question) which is:

If the Bambu cloud service that this replacement slicer is using is basically just turning around the data and sending it back to the machine, then rather than spoofing the client in order to get the Bambu cloud to do that for an alternative slicer, wouldn’t you get the same effect by spoofing the Bambu cloud instead? I.e. running a server locally that looks to both your printer and your slicer like the Bambu cloud, and have that turn the file around and send it to the printer instead? It would require your local network to intercept the traffic from the printer and redirect it to your own ‘cloud’ server instead, which is actually quite easy on two levels: 1) if the printer accesses the remote server by name, just add a local entry in your local DNS server to respond to Bambu’s name and return the address of your own local ‘cloud’ server; or 2) if the printer is stupid enough to have hard-coded the remote server’s IP address, do address translation on it and redirect packets to your local server that way instead.

(An alternative slicer client doesn’t need to use this interception although it could do; all it has to do is add a dropdown menu of which alternative cloud server it should use…)

I haven’t looked into the details of the communication protocols between the printer and the remote server but I’m guessing they’re understood? Didn’t I see a post last year saying that the encryption key was embedded in the program or something equally stupid? And it sounds like the client side of the protocol is well known too since that’s what this alternative slicer is already using?

Spoofing the server locally would mean that the alternative slicer would not need to use the Bambu server which would completely remove Bambu’s objection to this software. (Then we would find out, if they still tried to block it, whether it was a legitimate objection or just a pretext.)

Is this technically feasible or is there some encryption component missing that would preclude it?

Yes, if you could securely intercept and reroute all the calls via MITM service, you’d have a cloudfree bambu. The “printer job” portion of their service could be replaced with a dead-simple FTP server or something like a service attached to RabbitMQ, you only need 3 verbs, sendJob-places file available for download by printer, checkJob-see if printer has a job, retreiveJob-printer downloads and clears queue. It’s not rocket science, but its current state is both encrypted and closed source requiring reverse engineering, and generally will be painful to do since custom firmware is likely out of the question

Ah. Yes, I was indeed suggesting a mechanism that did not require alternative firmware or switching to LAN- or dev-mode. I guess the problem is that the embedded key was an encryption key but not a decryption key? (or vice-versa, whichever half of a public key it was.)

Do you mean something like this, by any chance? However, this is not spoofing, but rather a separate, independent development. It completely replaces the cloud, basically an alternative self-hosted cloud.

4 Likes

Interesting project, I hadn’t seen it. Apart from having to switch your printer to dev mode, it does look like a usable alternative.

Followup question: is the bambu firmware open source? Ie when they release a new firmware, is it possible to rebuild it but with the communications protocol either using a different key (one that we all share) - or perhaps even just removing the encryption altogether? (and changing the cloud host name/IP) - i.e. changes that could probably be relatively easily automated to produce an open version of the firmware whenever it is updated? Or is the firmware closed source and changes like that would require poking the image, which would be far less likely to be easily automated?

No, it’s proprietary.

But why is the cloud necessary in the first place? If Bambu Lab didn’t have the need to harvest user’s data then there would be no need or “security” issue.

Just look at HP inkjets. HP sent an “update” that bricked printers that used ink cartridges not manufactured by them. they did this to printers already sold and in use.

Also, Bambu Lab has refused to commit to not taking similar action in the future.

3 Likes

You mean like every single modern car that you own? Like every cell phone made today? Or did you stop buying those when they started being connected to Ford’s, Toyota’s, Apple’s (insert any car, phone, tv, even your dishwasher, etc., today) own cloud networking? I highly doubt it.

But somehow you are stuck on the 3d printer as the hill to die on for that. Not the fact that your own phone you own is basically a spy listening device. That’s totally fine. The crazy 3d printer company is the evil one.

They do it for a plethroa of reasons I’m sure. One of which is probably security, stopping hot / stolen devices, verifying serial numbers as legit machines of users putting in tickets (aka accountability instead of giving free money away), not to mention the fact that it makes it easier for the user to boot.

Even your CAD software (almost all of them) nowadays are cloud. At least BL lets you disable it if you want to.

3 Likes

Actively advocating for the late stage capitalist/enshiattification/status quo/loss of rights+quality is what losers do. Just cuz Google apple and the rest had the nerve to do it in the first place doesn’t make the original path nor the followers footsteps acceptable. Maybe don’t spend energy going out of your way to defend it lest you look like some sort of clown

You keep saying you can disable it. Go ahead. You first. I’ve got an offline lab and an online one and I can tell you the machines I’ve set up offline from Bambu are like pulling teeth to get both setup and work flowed in. To this day these machines still are idebtified by serial because to rename them requires cloud access. I implore you to stop repeating your marketing phrase of “oh lol u can just turn it off” please try it yourself for an entire week, even if you’ve missed the mark to have created it fully offline.

4 Likes

When did I ever advocate for it? Don’t put words in my mouth and make absurd claims that have no basis in reality.

I just spoke facts. You can ignore then. You can falsely say I’m for this or that. You can cry like a petulant child about them. I don’t care. It still doesn’t change the fact that what I said is true.

4 Likes

What in the holy ■■■■ does this have to do with anything I’ve said at all?

It’s like none of you people can read and comprehend the very basics of the English language.

Welcome to the forum, Scott Hancock… Oh, I thought he’d been dead for ages? Congratulations on your resurrection! :tada:

It’s great that you’ve found your way directly here to discuss such a controversial topic. In fact, you were so quick that you didn’t even have time to read and agree to the rules - wow, that’s impressive!

I hope you enjoy the forum. It’s always a good idea to start your first post by targeting other users right off the bat. That’s a very sympathetic approach. :heart:

5 Likes

Try using a different word. Maybe expand your vocabulary a little more.

2 Likes