What the hell Bambu???

I use local home assistant to command and control my printer. For what reason am I being now obligated to ask for your permission to make my own 2 devices talk to each other??? That’s a fallic move.

What a joke of an excuse is the dev mode??? I want to be able to do that without losing convenience of the handy app. Another bad move.

No more purchases from you until you decide that your users aren’t to be treated like farm stock.

I used to love your products and praised you up to heaven to anybody asking me about my prints. Try and guess what you just made me look like in the eyes of my friends. I’ll tell you - you made me a sore looser and a laughing stock for trusting you.

Come to your senses and revert this!

Over reacting. if you are using it in an isolated network with no internet access nothing changes. My X1-C’s all have original firmware and have done 1000’s of hours with no update. Your choice to update the firmware! Get over it!

It seems there might be a misunderstanding about cookie security. A properly secured system would not allow access simply by copying cookies.

I’ve noticed a growing number of concerns about this update from people who may not fully grasp the nuances of security, even if they believe they do. This isn’t to say you don’t know anything about it, but it’s clear there’s a lack of understanding regarding how cookie security works.

So, before labeling something as insecure, I’d kindly suggest ensuring the facts are clear first.

Thanks BL. I don’t like being under the control of a company.

Prusa Core one will be my next purchase, even though I loved my X1C.

Here we go again. You knew the company you were buying the printer from, you knew it was a Chinese manufacturer, and you knew it was primarily cloud-based.

So, may I ask—why did you choose to buy it in the first place?

My take: I’m guessing if you bought a Bambu Labs printer, you were aware about the closed ecosystem. Bambu can do what they want, and you can be rightfully upset by it, but you have choices to avoid or prevent unwanted changes. They’re not bricking your printer, they’re not blacklisting non-Bambu filament (They’ve assured us that they won’t in this blog post). That checks my boxes on 3D printer companies I shouldn’t buy from. But if Bambu is removing a feature you need (Like for print farms), you should 100% sell! Bambu isn’t the only 3D printing option, and other companies have been reliable. But buying a 3D printer with a closed ecosystem and complaining about it’s closed ecosystem doesn’t really make sense (I’m not referring to anybody or anything in this post, just wanting to put my opinion out there)

PS: I don’t think they’re doing this because of security concerns.

I am complaining about incompetence and lying.

It took me some time to understand the real problem of the announced change, likely because I mostly rely on the default printing through the cloud. In my opinion:

• 3rd party integration → This was always on the table; even BL doesn’t need to justify it. My major surprise was how long it lasted. I am not happy with it, but they are in their right, and I was aware of it at the time of the acquisition.

• LAN mode → At first glance, a CLOUD authentication doesn’t seem excessive, but it will affect all who are in their right and don’t want to be online. Considering the X1E, I can’t see how this will be imposed. Is it excluded?

• developer mode → From the misleading name to the uncertainty of how it will work, it shows that it was an answer made in a rush to solve a problem.

I may be wrong, and this is speculation; I believe that most of us are a niche group in their market, an important one, but minor. So, I doubt that threatening to sell the printers would significantly impact their core business.

However, I would seek legal advice if I were an unhappy LAN user. I am not a lawyer, and this varies from country to country. For those within the EU, remember that laws are very rigid regarding not providing users alternatives to keep their privacy. At the very least, you will get a professional case assessment.

@L0rdS474n
Alot of people choose Bambu because when you do research, youll find a million bambu bros digging on all other brands. To a noob, they make it seem as if there is only 1 option. Its become fairly toxic with gate keepers oddly playing bambu employee. Wish I could follow those people around and put them down every time theyre unhappy with something. Just blame it on them. Its probably mostly kids, so i try and take it easy on them. Cant make choices when dad is paying the bill.

Welcome to the forum btw

@Ziknazoo
They are working on a pay to play farm software.

@catdogdonkey The difference is they are closing it even more than when they sold the printers. It wasnt completely closed down before.

So, kids are buying printers this expensive? Good to know.

But let’s be clear—it’s everyone’s own responsibility to research the products they buy before they hit the ‘checkout’ button. If you skip that step, you can’t really point fingers at the company later. It’s like signing a contract without reading the fine print and then complaining when that fine print comes back to bite you somewhere… uncomfortable.

This printer is marketed as a cloud-based printer—that’s its main selling point. If you buy it for a different purpose, that’s a conscious decision you’re making, and you should understand that it might not meet your expectations down the road. Nowhere on their site, as far as I can see, do they claim it’s designed to be primarily an offline printer.

Even more interesting is when these militant complainers try to argue that LAN mode is the safest option, despite the fact that the access key is only 32 bits long. It takes about half a second to loop through all possible combinations, and the username is public knowledge since there’s only one user—bblp.

Currently, the system (and I haven’t even been offered the beta yet) isn’t secure, whether in cloud mode or LAN. That’s precisely why they’re making changes in the first place. Speculating about ulterior motives is just nonsense, and that is what I agree is truly childish. But honestly, do kids even buy printers in this price range with their own money? I doubt it.

What I’d prefer, however, is for Bambu Lab to offer some way to allow users to run custom firmware that works seamlessly with their sensitive motor controls and any other proprietary technologies they’re trying to protect. That would strike a good balance between security, functionality, and openness.

Lastly, we all need to put a stop to the aggressive war currently raging between the two camps—those who believe LAN is God’s gift to humanity and those who see cloud as a convenient tool. This conflict benefits no one and only sows division. Let’s aim for constructive dialogue instead of escalating a battle that helps neither side.

The printer still performs as advertised. LAN mode serves as a fallback if the cloud service is unavailable—it was never intended to be its primary mode. Nothing about this has changed with the BETA firmware; LAN remains its fallback mode.

If LAN had been designed as the printer’s primary mode, a change in functionality could have been argued. However, since that’s not the case, there’s no actual change from what was originally offered when you purchased it.

There is. Pretending there isn’t despite multiple evidences to the contrary (even direct statements from Bambu admiting it) is plain wrong.

Let me just say this: multiple people bought those printer specifically because combination of their quality, price AND the possibility to do the things that 3rd party soft/hardware offered. Had this “security” change been here from the get go, those people wouldn’t have bought the printer.

Uh… sir… or Lord… Me thinks you may want to do some fact checking here. LAN mode was never a convenience. It was never promoted as fall back. It was promoted as a means by which “security minded” people, like me, could isolate their printers from the Internet from the onset.

__________________________________

Some might ask, when was LAN mode first introduced?

Answer: On day one for the P1P.

How do I know this? Because I was there! No gaslighting is going to change that fact, and what follows are the receipts to prove it.

PROOF that we aren’t imagining what we read or what was in the box.

Here is the earliest reference, dating back to November 2022. I waited until the P1P was released and got mine at the beginning of June 2023 after Bambu convinced me by finally fulfilling the orders they had promised two months prior.

The first blog post was from none other than Dr. Tao, aka Spaghetti Monster six months prior to the P1P launch in April of 2023.

image1097×438 45.1 KB

Even back then, Bambu was getting slammed for failing to demonstrate network security competency. At the time, Dr. Tao was much more humble, as this statement from that blog attests to.

Take a look at Dr. Tao’s statements on this topic from November 2022:

image1144×646 95.9 KB

Back then, Tao was viewed as a hero—open, honest, and humble. Most of us chalked up these vulnerabilities to growing pains, but as long as there was a way to work offline, it was an acceptable method and, in my case, preferred. So what happened to that lovable, humble geek who openly admitted that Bambu wasn’t perfect and that they were constantly improving? We want that Dr. Tao back.

______________________________________________

Bottom Line: This is not about fanboys vs. who should or could have read the damned fine print.

This is about property rights and whether or not a user owns their product. That is at the heart of the outrage. All these other complaints stem from this single fact—Bambu violated the trust and sanctity of a long-standing basic property right and did so with extreme prejudice and contempt toward the community.

And yet, they still promote a cloud-based printer with a fallback to print if the cloud goes down. NOT THAT IT SHOULD JUST RUN ON LAN ONLY.

I’m starting to think 3D printer users are breathing in too many fumes these days.

Here’s what they claim:

Print from anywhere with any device

You can send prints via Bambu Studio and control your printer anytime, anywhere with Bambu Handy. We also support SD card and local network printing for your projects.

And that hasn’t changed—not with the new firmware or anything before that. They never claimed LAN mode would be authentication-free or that you’d never need to authenticate online, whether once or for a specific time.

Nowhere do they mention any intention to support other slicers, third-party aftermarket modifications, or anything along those lines.

The irony is that it’s Chinese New Years, and so probably nobody from Bambu is reading these forum messages. After reflecting on even m own earlier outburst (which I hastily threw together before running off to a dental appointment), I just have to laugh, because whatever strong feelings people may or may not have or write about, I do get the impression that nothing we write here will ever make any kind of difference. Bambu is going to do whatever it’s going to do, and it is very much a take-it-over-leave it proposition. Always has been that way, and as near as I can tell, quite probably always will be.

Makerworld not being properly secured is my point. If I keep their cookies I do not need a user name, password, or 2FA code to log in again probably for 12 months when the cookies expire. That is completely unlike every financial services site I use.

If you are in possession of the facts you can detail the measures Bambu take to ensure cookies stolen from my system can not be used by someone else?

Have you tried copying these cookies to another browser or computer to verify if simply copying them grants access?

Why are you comparing this to a financial service? Do you genuinely think MakerWorld operates as a financial service?

I’ve never logged back into my Google account on my lab computer—does that mean Google is just as bad as MakerWorld in your opinion?

They should allow users to stay logged in indefinitely or implement a timeout. Being permanently logged in, as long as your device is secured against unauthorized access, is not automatically insecure.

What tractor is that in your profile picture? The hood looks too new for the 20 series, the cab looks too old for the 30 series.

Adding to this well written post and not wanting to go further down the rabbit hole, i will leave this here for those interested, since it’s a feature and not an option, stated by Bambulab themselves, unless removed in a near future.

image1242×819 47.2 KB

Maybe you should read this. Bambu apparently didn’t.

I know it is hard for a fanboi to accept Bambu Labs are so grossly incompetent.