I mentioned it before but Bambu is NOT alone in this game.
Many manufacturers of electronic devices intentionally make it near- or fully impossible to downgrade or install custom firmware.
Take Samsung and their higher end phones.
For over two years users get ongoing updates to the T’s &C’s - you can ignore the notification, can ignore checking the changes but you can’t refuse them.
Same story for their firmwares - they come with the note that a downgrade to an earlier version is not possible.
While the dowgrade still works, sort of, using Odin and such, there is not reason for Samsung locking out users like this.
The big problem with Bambu is not the updates or ‘security improvements’ but how the company keeps lying about the true intentions.
There is still bugs to be fixed but for a long while Bambu is now stuck on finding ways to lock things out, with that functionality goes down the drain for some or many users.
So what about those downgrades and the user’s ability to decide what version to run?
Bambu made big statements with the 1.0.7 firmware for the p! series - install firmware locally and with no need for online services…
Sounds really great but it is impossible.
Not only because Bambu refuses to provide earlier firmwares but also because Studio/Handy get (intentionally) confused if things won’t match.
the result is that users are forced to update until all it to Bambu’s liking.
Can you just stick with what you have, like firmware 1.0.7 and Studio 1.10.1.50?
Probably as it is possible to keep the printer and Studio out of the WWW.
But it also means that future updates that one might want for better features or such are coming with a lot of salt.
You are doomed if you update and doomed if you don’t.
Bambu does not even have to lock us out directly, it is very easy to ‘fix’ the hosted 3MF files to require a minimum Studio or Handy version to print them.
It is even possible to enable the security and encryption options the 3MF format offers - like by requiring a token to print.
E.T. calling home ?
Are there available backdoors Bambu OR a hacker could use to mess things up?
Plenty…
Studio tries to upload ‘statistical data’ for quality control purposes.
I saw this every time Studio started and it seems impossible to work out what is transferred, the data is of course encrypted and of course Bambu won’t say anything.
An unsuspecting future user might find it hard or impossible to get the printer paired again after it ‘provided’ a new access code.
Those codes are generated based on some hardware ID’s and through a more or less complex algorithm.
All Bambu needs to do it making it mandatory to have these codes updated in your account - to ensure no one misuses your machines…
There is an endless amount of possible scenarios where a user can be forced to take Studio or Handy online and with that all doors are wide open for Bambu.
Ask yourself why a company would render your printer useless unless you budge to whatever their software and conditions demand…
I tried to find a trustworthy source for the Bambu firmware files but not even through Baidu I was able to find more than takedown notices.
It seems some people did host those files at one stage but right now I can’t find a firmware archive for my P1S.
But hey! At least the 1.0.7 is available from the Bambu servers…
Tried an offline update with it but of course this did not work as the printer claims I can’t update with the same firmware version.
Modifying the file is useless as well because any change will be detected and causes a refusal.
What can or could happen in the future is one thing, what Bambu actually does a totally different story.
Time will tell whether or not the backlash from the community will affect them but chances are their sales will stay steady.
Will someone hack those new apps we need?
Well, Bambu did a lousy job the first time around and within 24 hours their public and private keys were published with all other requirements.
Some say this was intended by Bambu so they would be able to see if people out there would try bad things.
The flaws were fixed, the codes and keys changed…
Does that mean it can’t be hacked?
Wait and see…
There is one things though that still bothers me…
WHY DOES BAMBU BOTHER WITH ALL THIS NONSENSE ??
Let’s face it, people buy their printers for a reason.
And like with anything else in our networks WE ARE responsible to ensure hackers stay out as the first defence, not any software or hardware…
Probably even more people would buy their soon outdated printers if they would be customisable and free of these hassles.
And there is not really any financial gain to be made either for Bambu but locking people out or making things hard…
Olias already provided a challenge, let me add more >
Use a spare PC/laptop or just a VM to install a slightly custom Windows on it.
One that has no Internet explorer and no Edge working.
Disable them, block them, use a custom install, whatever fits you.
Then Install Studio and try to get it working ROFL
You will find this seemingly simple task near impossible and if you get Studio to work many things still won’t work.
No one seems to wonder what Studio does with all those IE and Edge libraries, DLL’s and build in functions.
Sure, a lot is used to give us the Studio experience, help files and all that.
But some is also used to communicate…
Windows offers a lot of ‘feedback’ to programs running on it and Edge provides more than enough options to transfer this data to wherever.
So how about checking what Windows internals are used to do the bidding for Bambu ? 
