I think people are making a big nothing burger out of this.
Bambu is patching a security issue. Personally I don't want any device or application to send any old G-code to my printer. Like say command the printer to basically destroy itself.
Could this lead to completely locking it down in the future? Yes. But they could do that anyways.
I think this is a way to stop getting their pants sued off.
If they really wanted to lock it down they could just make it so everything has to go through their servers and require files to be signed before being read from SD cards.
"Security" on behalf of the user is a complete red herring. You can't print to my 2d printer or my 3d printer, but I can, with "any old device or application". Because they're on my network, not public on the internet.
I disagree. These devices can easily burn down people's homes if given bad G-code. Then they would be sued into the dirt for a security whole a mile wide. Looking at the changes this is about liability.
How is an electron app that just adds another step solving the problem? They should have just secured their api properly instead of using security as an excuse to cut out third party software that will get around an inevitable subscription.
Because authenticated commands removes the liability issue. Hacking the device vs we knowingly let anything send g-code.
This is basically the equivalent to having passwords on a MySQL database or redis server.
Why on earth would they add a subscription? That makes absolutely no sense business wise. No one would buy their printers, and they don't have a captured market to strong arm anyone.
Why would they add a subscription? Uhm print farms already have subscription based software. Bambu would just be an easier entry. They already have screenshots of it on their wiki.
You mean like when Bambu issues a firmware update remotely and many printers which were sitting idle just start printing without being commanded by the user? [1]
I personally do not want my printer connected to any vendor's server in any way...IMHO, there is no reason for it.
This isn't a security fix. As a security protocol, it wouldn't pass any kind of security audit. A security fix would be something based on a per user credential, not on obscurity.
> Personally I don't want any device or application to send any old G-code to my printer.
Username/password over TLS would do that better than what Bambu Lab is proposing, as an extremely simplistic example.
And LAN-only mode should work without any external connections yet it looks like it'll require it for authentication. That defeats the whole idea of LAN-only!
> Bambu is patching a security issue. Personally I don't want any device or application to send any old G-code to my printer. Like say command the printer to basically destroy itself.
Why not implement some kind of open authentication? One that other slicers can implement.
Bambu is patching a security issue. Personally I don't want any device or application to send any old G-code to my printer. Like say command the printer to basically destroy itself.
Could this lead to completely locking it down in the future? Yes. But they could do that anyways.
I think this is a way to stop getting their pants sued off.
If they really wanted to lock it down they could just make it so everything has to go through their servers and require files to be signed before being read from SD cards.
But instead we really have a half ass attempt.