Class actions take years and I’m not saying that there wouldn’t be any backlash just it would be too late for people to escape/avoid it.
Yes, when FAA imposes that everybody flying needs to wear a clown nose for security reasons - you can ignore the ruling. What BambuLab proposes here is the equivalent of FAA obliging you to a yearly inspection of your house’s garden hose ‘for security reasons’.
It’s absurd and I struggle to understand why are you trying to defend such a thing with such fervor when it doesn’t benefit you in any shape and form - unless you have financial stake in the company and know of a long term plan how to turn increased control into monetization. Not implying that you do, just finding it very difficult to understand your defense of a clear anti-consumer move.
3 Likes
brother… we need to stop playing these games. They are rent seeking plain and simple. Bambu was kicking and screaming the whole way building lan mode. Imagine if we didn’t have lan mode at this juncture. My god.
I can see a community jailbreak or replacement pcb in the future.
1 Like
If Bambulab forces users into their ecosystem and rules out every other option, I will sell all my Bambu Lab printers.
Hello and welcome again, Prusa:-)
And FLSUN with their Klippers monsters 
2 Likes
But that’s the thing - if only Bambu Connect needs access to the internet, it doesn’t increase security whatsoever as if it’s running on a compromised system, the threat actor can exfoliate anything it exchanges with BambuLab servers. If the intention is for both, Bambu Connect and the printer to connect to BL servers to ‘kiss & make up’, then you don’t have LAN-only mode anymore - you need to enable internet access to the printer.
In both cases, Bambu hasn’t explained how any of this increases security, and based on how they handle their private keys (as in, embedding them in the binary) I have very, very high doubts they have the faintest idea what they’re doing. Of course, this is assuming they actually want to increase security, not just further lock-in the printers to their ecosystem, which is the main reason for all the speculation around here.
1 Like
You’re not the only one. Why defend this change?
There’s always some who want to argue that we should just forget about our “silly” opinions on privacy, property ownership/control, workflow, and deeply held principles. Just go to sleep, our overlords have our best interests in mind–trust them!
I suppose at least it helps keep the thread at the top… for whatever that’s worth.
1 Like
They will say this until Bambu pulls a Makerbot on them. 
Even Apple doesn’t wall off this hard with potential filament rfid locking a real possibility. I have an Iphone and don’t use any Apple services; Yet everything works as intended through app alternatives and sideloading via altstore. Just imagine the complete nuclear meltdown if they did this silently and we didn’t demand LAN mode? 
Bambu is laying the ground work to pull a Makerbot on us. I think they recently updated their terms too.
1 Like
To document what was sold to us:
What is LAN Mode? LAN Mode is a feature that allows Bambu Lab printers to work in a local area network, and communicate with the slicer for sending files and monitoring without requiring internet access. This feature can also benefit you if you are printing highly sensitive models that need to be kept private and highly secured.
How to enable LAN Mode on Bambu Lab printers | Bambu Lab Wiki. as of 2025-01-20
Just documenting here (and elsewhere) in case they decide to remove it or change the wording.
4 Likes
This went on all Bambu printers in the building at first hour in the morning!
We were on the verge of aquiring a bunch more of X1C’s, along with eagrly waiting for that larger format H2D to hit the market. All Bambu related equipement aquisition is fully on hold starting this morning.
Also, I would highly advise anyone to follow-up this great tutorial on how to take yours offline, at least till the muddy waters clear up a bit:
https://www.reddit.com/r/BambuLab/comments/1i4f0d7/bambus_security_update_how_to_stop_updates_and/
9 Likes
We should post such pictures all over the internet.
You mean offline? 25 Characters
1 Like
Thanks for the notice on the typo 
1 Like
Does anyone know how they plan to give Bambu Studio and Handy privileged access?
My understanding is that they don’t need to go through Bambu Connect? Or was I misinformed?
And more importantly… How can they give those two applications direct access in a way that can’t be reverse engineered and used by other software to mimic one of those two? 
1 Like
And yet, you somehow manage to breathe every day despite that level of stupidity.
You’re not misinformed - the new Bambu Studio just includes the network comm code that Bambu Connect does as well (and Orca devs asked for the same but were denied). I’d bet if someone disassembles it and digs through it, Bambu Studio also has the hardcoded private key present to talk with the printers. This is beyond laughable if it’s being done with security in mind.
2 Likes
I guess I’m not really sure what you’re highlighting here? This scenario exists right now whether you run Bambu Connect or not. I think what you’re trying to highlight is that it doesn’t matter if you run Bambu Connect, OrcaSlicer, or any other 3rd party software; none of this improves security in this scenario. Which is true. I’m not familiar with the printer itself doing the authorization, but I suppose that it’s possible with the new firmware. Was this noted somewhere? I’ve read so many things I may have overlooked it.
If we look at their decision purely based upon what they have written. We can see that this is an attempt to solve two problems.
- Secure the printers critical controls from malicious actors through remote execution. This update, while poorly executed, does meet that intent. A malicious actor would require local PC access to control the printer. It does not improve security on the local PC. Not saying there isn’t other ways they could solve this, but that the intent is met by requiring authorization.
- Stop abnormal traffic to cloud servers. This update also meets the intent of solving this problem. By requiring 3rd parties to get approval from Bambu before their software can interact with printer controls, they limit the potential of poorly written software tanking their servers. This of course could have been solved on the server side, but that wasn’t done.
We have absolutely no idea how Bambu came to the decision they did. What we do know is that their stated problems they were trying to solve will be solved by these updates. They may not fully realize the scope of the impact this is causing to their user base. At this point they need to read all of these concerns users have brought up and take some corrective action. Whether that’s change course, provide clarity of their intent, provide answers and/or solutions to users problems, or let users know they don’t plan to change course. Regardless what they do, I think people need to be given more information so that they can start making informed decisions about their future with Bambu’s printers and services.
2 Likes
Indeed. You’re very much correct given that usually and in practice it takes someone to be a master in stupidity to be able to make such a determination. Thank you for your consideration and determination of my intellectual abilities. I do feel much better, now that you have so graciously decided to notice my comment.
2 Likes
Bambu Studio also has the hardcoded private key present to talk with the printers
Probably starting with Bambu Studio 1.10.2 Public Beta. Before that, no such keys were needed in LAN mode (as it should be). Also, the keys will expire from time to time, requiring users to go online again. And who guarantees that keys will still be released for today’s printers 10 or 20 years down the road?
2 Likes
As a brand new bambu owner, I am most likely returning my product and never buying from this company again.
They must abandon this practice if they want my money.
1 Like
I am “late to the party” and regretfully I ordered my P1S before knowing of this issue (otherwise I would have switched to Anycubic) but IMU the alleged “security measures” are utter BS.
- AFAIK (please connect me if I am wrong) out of the box the printers do not expose any service/port directyl on the Internet. They only act as a client towards BL servers which in turn act as a public facing gateway for end users to remote control the printer(s). This means that in a normal scenario the only risk of remote exploitation of the printer is if BL Labs servers are compromised. Blocking third party compatibility does NOT decrease the attack perimeter.
OTOH if the printer IS actually exposed on the 'net, that means that the user has enough tecnical knowledge to at least know how to access a router/firewall and configure a DMZ and/or configure a PAT and anyone doing so is willing to accept the risk that the device is exploited, lest accessing through a VPN. - the BL “solution” obviously does not address the possibility for Bambu Strudio or Bambu Connect itself to be exploited on local machines as a bridgehead to run an attack on LAN printer(s) so I fail to see how this new functionality actually reduces any risk.
Bottom line: just scrap this new system since the cost/benefit ratio is nowhere near having any sense.
Unless, of course, this has nothing to do with security but it is just a way to act as a gatekeeper (see above, not going to purchase from BL again).