Played around again with this sniffing shark and used a lot of swearing along the way - much more once I was doneā¦
Fairness first!
Turned out I blamed Bambu for no reason, so my honest apology for that one!
Still not entirely happy with what the printer is doing in terms trying to call home either directly or once connected to and unprotected Studio.
But that it something for another story once I had time to do some proper testing and checks on just that issue.
Let the hunt begin
I started the sniffing on just that second IP that kept popping up when I started the printer.
Like before I saw some activity and the attempt to transfer some data right after switching on.
Like before it all stopped after a few failed attempts.
While waiting for things to happen I tried to find some info on how a little ESP with no extra I can see on the Wiki pics of the circuit boards is able to produce a second IP and ID nameā¦
Unless you actually make a chip outside specs and with the sole purpose of having this feature it seems impossible.
Bambu goes cheap where possible so they would not invest a fortune on a custom ESP chipā¦
So obviously there had to be something in this rattling box that isnāt mentioned anywhere - AND a second WiFI antenna.
Why? Because you have a bloody hard time with two WiFi transmitters sharing a single antennaā¦
Since I saw the first app helping people to find the apps they have on their phones I know that there is an app for everythingā¦
Also for helping you find the best channels for your router or to log wifi signals on the go.
Not really a sniffer dog but able to get you close to something fishy.
Ever tried to shield you phone so it results in a weaker Wifi reception ?
Funā¦
Eventually though I honed it in for the rear left corner of the printer - finally success!
Needed some space to take covers off and thatās when the confusion started.
With the printer mover to little camping table I tried to get a bit closer to this weird IP creator but nothingā¦
Only from the front where the Bambu antenna sitsā¦
Confused much by this ? I certainly was, especially considering Wireshark still showed this IP popping up when I turned the printer onā¦
Something does not add up here was what this little voice in my head started to scream out and couldnāt blame the little voice for itā¦
I spent the next hour or so restarting the printer after having moved it back and forth.
Why would I have the signal when it sits on the bench but not when it sits on the table so close to it?
Should have removed some of the wrapping around the phone but hey, why do the obvious once you are so focussed on knowing where to lookā¦
Had a beer, took a nice walk, had another beer and started over.
This time though with the table in the other corner of the room and the AMS removed.
No signal, must be the AMS then?? ROFL
Was about to give up consider going clinical insane to deal with the problem when I found the culprit by accident.
Decided to clean up all the dust and plastic bits and pieces that accumulated around the printer.
Once done I had something to eat and wanted try again with Wireshark but no IP to play with - Whiskey Tango Foxtrot ??!!
If you suddenly start falling very fast you probably lost your parachute.
If your trailer suddenly goes all over the place while leaving a tail of sparks you probably lost a wheelā¦
But I did not loose anything the printer works fine, must be going insane after all or at least more than my usual levelā¦
So I want to see how the print is going but not see that much - damn LED strip was not plugged into the power board I use for the printer.
Fixed that, print looked fine and there it was again in Wireshark when I got back to the computerā¦
YES, the damn BLUETOOTH controlled LED strip that come so cheap for Chinaā¦
Wanted to just plug into the printers USB port but the pack stated it requires a modern USB able to provide 1.8A, which is no issue on most laptops this light was meant to be used for according to the listing.
This rotten thing of a Chinese light
I should have been suspicious already when reading things like
āvery bright lightā
āhigh powerā
āgreat to created ambient light effects that react to sound and musicā
āworks on all USB ports able to provide a charging current of least 2Aā
āsuperior adhesionā
āfully waterproofā
Well, at least considering the seller only wanted $16.49AU including shipping for a 1m RGBW strip.
And who needs a waterproof LED around a laptop ???
The thing started flashing through the rainbow when I powered it up the first time.
I needed just the white LEDās so I had to download some app to control the strip as none of mine were able to.
Should have paid the 8 bucks extra to get the optional IR remote padā¦
The app was in Chinese I after clicking everywhere I could not find anything reading english or any other language for that matter.
Wouldnāt even start without BT permission AND being able to reach the internet.
There were two pop ups with WiFi in embedded with Chinese and once enabled it actually worked.
Lots and lots of useless clicking later I had the strip in white and it even remembered after being unplugged.
Deleted the app, called it a day and never looked back.
The strip served me well with my old printer and before that I used it for my mini lathe.
Always with either a power board that had a USB charging port or a USB charger plugged in.
Why would a BT controlled LED strip need a controller that comes with a not mentioned WiFi support?
Ok, it might have been mentioned in their app but if so I could not read itā¦
I tried to find it with my apps that support WiFi LED strips but nada, nix, zilch, nichtsā¦
And the app, for the short while I had to use it, only used BT because once it finally worked I turned the Wifi off to see if it kept working.
The most obvious conclusion would be that it is not just USB sticks and USB cables that got hacked to server for sinister thingsā¦
Could not make this tough black resin to go away that covers/seals where the magic between cable and strip happens.
But I cut off the USB connector and put a salvaged on there and the weird IP still showed up.
Not in the plug on this oneā¦
With heat and all solvents I have failing I gave the thing to a friend of mine who wants to see if he can remove the stuff at work with the thing they have to remove resins and such.
Would love to see whatās hiding in thereā¦
What the moral of all this?
Sometime the obvious isnāt the cause of a problem.
And just because something is (was back then) too cheap to be true but still arrives and works wonāt mean it only comes with the listed āfeaturesā.
I know how bad those fake USB sticks, cables and some cameras from China can be but a LED strip???
Not even I would suspect that a strip light could come with calling home featuresā¦
What about this IP used?
It changes every time the light was switched off.
The info I got from those DNS and IP checking websites either claimed that no information is available, other than the usual info about the hoster or that it is part of a VPN.
What would happen if is used for the advertised purpose around a laptop or PC?
No clue and I am not trying to find out either.
Tried a few years ago with a fake USB stick and I had to reformat (low level!!) the entire hardrive and re-flash the bios to make the laptop usable againā¦
Wonāt try with a LED light that I was lucky to have never used in a computing deviceā¦
Honestly, I was soooo hoping to really peel one off against Bambu, even hoping it would be a thing of the 1.07 firmwareā¦
But finding out the culprit is a LED light I kept using for a few years now while wondering why this cheap thing still works was a refreshing shock to say it nicely.
Additional thoughts after a bit more digging on fakes and such
I had to refresh what I learned when dealing with fake USB sticks, USB hard drive adaptors and such in the past.
A good place to start is always what some refer to as āThe Dark Webā - scary place to be if you donāt know anything about, otherwise just different to access compared to what everyone uses.
If something bad can be found available on the dark web we can rest assured it is in use somewhere and probably for quite a while.
With that sorted came those websites offering insight into new things for our computers, online safety and such.
Was quite shocked that the problem of fakes has gone from really bad to really far worse in just a few years.
And it seem when it comes to accessing things or doing bad things there is a whole new world now for the bad guys.
Even TV boxes and Android cars radios can spy on you these days 
There seems to be real of staying safe either because today we can can things online and if it is cheap enough and works we wonāt care.
If you want to check for yourself what might be hiding in your devices then following āEthical Hackerā or just searching for him will give you plenty of videos from his interviews, links for websites who actually checked his claims and verified them plus some more.
Another good alternative is to check those websites our IT admin might frequent to stay in the loop of hardware based threats.
Both ways will open your eyes, certainly opened mine, although a few years late LOL
Seems that old school tech will be my preferred choice again rather than aiming for cheap things of questionable origin and intend
If nothing else than at least I found a little bit more trust into Bambu again - a little bitā¦
So again sorry Bambu for considering my printer tried use a second IP - honest mistake on my side!
