Hard to say for a whole country, where every state in it has its own rules 
2 Likes
I don’t know about that. Although I haven’t been to all 50 states(only 46) the one thing you may count on is Walmart. I’m pretty sure all of them sell guns… with background checks of course…
3 Likes
Glad the community can see right through this.
This is not a regular bunch of consumers who don’t care.
OrcaSlicer is not going to buy into this new auth system. 
2 Likes
The kids specified the printers. I bought my X1C because the kids did all of the legwork to determine what best suited their needs. I knew what I was buying – a printer with WiFi only (which is dumb) and a cloud connect that could be ignored with the LAN mode and a few features don’t work. The kids run their computers in LAN mode for the simple reason that it’s easiest to bind BambuStudio to the printer using the magic code than to have a log-in on Bambu’s cloud that they’d have to share.
And that use case – sharing multiple printers among multiple users without having the deal with credentials for a cloud account – is what makes Bambu’s current cloud system pretty much unusable for any organization that wants to do that!
3 Likes
Then you must have also read that they reserve the right to change functions at any time, as stated in Section 7 of the Terms of Service.
I agree that their approach is unusual, but that wasn’t the reason I pointed out that even LAN mode, in its current state, has security flaws. I also never claimed that their upcoming solution is a good one—just explained why they are implementing it based on the facts they’ve disclosed.
I haven’t tried the beta myself yet, likely because I’m in the wrong region, so I can’t say how it would impact anything at this point.
2 Likes
A post was merged into an existing topic: Orca Slicer or die!
Echoing the sentiments of other commenters here, it would damage my perception of Bambu Labs if they chose to ignore the community’s negative sentiment over shifting toward a walled garden. Their business was built on this community’s open source and tinkering roots.
2 Likes
Even if Bambu is rolling back, noone with a minimal amount of knowledge would recommend bambu anymore. You killed yourself guys, because some sales people wanna earn even more money. My next printer will be a prusa, for sure !
5 Likes
At least one YouTuber addressed this, pointing out most of the other major 3d printer manufacturers are themselves also all Chinese companies under the same jurisdiction and aren’t making such moves (I… don’t know…? I’ve only been gaining familiarity with Bambu’s because I’d been ready to buy an X1C when this incident began). But this appears to be a Bambu Labs thing, and not a “they’re a Chinese company” thing.
2 Likes
FWIW, I do think the post that got moved to the other thread is REALLY BIG NEWS in regards to this topic and of material importance to at least Orca Slicer users. If you’re one of those users, maybe have a look. If that kind of news doesn’t force a rethink by management, then certainly nothing said here will.
I really don’t get it. The cloud security guy in the video I linked to said that doing this correctly would take literally minutes or hours, not days or weeks. If that’s true, that means it could have already been corrected and all this would be over with.
But anyway, fun chatting with you all. I’m always interested in how different people arrive at such different conclusions, all while looking at the same information.
4 Likes
You mean, that idiot in New York that is trying again (and will probably fail again).
1 Like
I just cancelled my order for a p1s. I will not buy another Bambu printer until this anti consumerism stops. I don’t buy apple products for the same reason. When I buy a product I use it as I see fit and I will not have the company who made it tell me how I can use it or what I can modify it with. Sorry Bambu you have lost a customer and anyone I talk to will go to your competition. Not because they make a better product but because they will not tell me if I can modify there product or use it in the best way I can.
7 Likes
What do you think is more likely…A very good hacker brute strength hacks your individual machine/pass key, or a group of hackers get the main key from bambu and control all printers?
Im obviously not a hacker. I use PC’s and build them but Im probably using the incorrect wording above. Hopefully someone can explain if im way off.
“But the kids didn’t [buy the printers], which was my point”
If you read the post you were responding to, my whole point was that the kids didnt pay the bill. That was the dad part of the comment.
5 Likes
Wait, you’re claiming I’m “clueless about security” because I said that MakerWorld uses email for the 2FA code instead of SMS because they don’t have users’ phone numbers?
That’s a wild assertion, supported by facts not in evidence.
“Never attribute to incompetence that which is adequately explained by malice. but don’t rule out incompetence. Or malice.”
– the complement of Hanlon’s Razor.
Anyway, from the linked TechRepublic article:
And while we hope that people are careful about what they download and don’t click on phishing links in spam and all of that, who knows.
Anyway, for the most part I do my browsing in private windows, so cookies are tossed as soon as the tab is closed. Yes, that requires constant re-authentication for everything, including my banking web sites. And it should be obvious why I do this – the tracking cookies that make Amazon show you ads for things you looked at on other web sites is borderline peepshow.
I love conspiracy theory, so here it is: Just a phone call from CCP officer, BBL will gladly hand over the credential + logging data on a silver plate.
Gladly, I think not, as Bambu has its own reasons for collecting them (think of further use of all this user data, way beyond what is said to be for), but nevertheless they’ll hand it over because they won’t have a choice in this matter. Though besides locating users and profiling them and their spending habits and the amount of their average expenses, based on the infos in the gathered data, there isn’t really much they can do with it… YET.
3 Likes
For those that say we know the printers where in a closed garden…
When I bought my printers BBL showed them in this garden:
In some days the printers will be in a garden like this:
So the “you knew it was in a walled garden so…” idea is not fair.
The “go to PRUSA” is not fair.
Change use conditions of already sold items is not fair.
We bought an scenario and they want to change it.
BBL can change it for future printers to sold, customers will decide they buy or not.
We bought a closed garden. We want it, not another we were not informed of.
7 Likes
It’s easy and quick to do it when you have a competent cybersec team guiding a competent development team from the start - which Dr. Tao himself said that they didn’t (and based on latest releases, I’d wager they still don’t) - it becomes more and more difficult with time. At the moment it certainly wouldn’t be a few hours job, but it still would probably take less than it took to build that Connect ineffective nonsense, at least if security was the main motivation behind these changes.
6 Likes
If they have an engineer who understands security, the work would take a few days to weeks. The hardest part is getting it reviewed by someone else who knows what they’re doing and explaining all the choices made. Documentation and test cases are also time consuming, but necessary.
If they don’t have someone who knows what they’re doing – it’s going to be a mess, because many important details will be forgotten.
How do I know this? Because I’ve implemented secure communications a few times on different OSes and platforms, including some that most of you probably still use.
Based on BambuLab’s communication, it sounds like they want to do the right thing, and simply don’t know how. It really does seem like they took advice from a web developer instead of someone who actually knows security.
2 Likes