Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
mastodon.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
The original server operated by the Mastodon gGmbH non-profit

Administered by:

Server stats:

348K
active users

mastodon.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.0-nightly.2025-03-25

Public *
muesli

BambuLab basically locks down their entire 3D printer ecosystem with this ridiculous cloud authorization system.

You want to print locally via your LAN? Sorry, the cloud needs to authorize your g-code first.

Want to use another slicer to send your job to the printer? Sorry, no.

Would it really still surprise anyone if DRM'd filaments are next on their agenda? Their printers are good, their prices are cheap, but please, stop supporting this company.

blog.bambulab.com/firmware-upd

Bambu Lab Blog · Firmware Update Introducing New Authorization Control SystemLaunching first for X Series printers, with P and A Series updates planned for future release
#3dprinting
Public
Kitsune Yasu

@fribbledom@mastodon.social that's not true, you still can use other Slicers as described in the linked article, you just need an additional piece of software to sign your requests, to make sure that the printer cannot be used from unauthorized users

Public
muesli

@kitsune_yasu I didn't claim otherwise. But let's not pretend this has anything to do with security.

Public *
Kitsune Yasu

@fribbledom@mastodon.social

Want to use another slicer to send your job to the printer? Sorry, no.
I'd argue that this part is quite misleading.
let's not pretend this has anything to do with security
Well, if you want to make sure, that only authorized people can use the printer, than you need to add an authentication layer into the current protocol.
This system also prevents people, that can access your WLAN, to manipulate your printer as long as they don't have authorization to use it.

Public
muesli

@kitsune_yasu

There would have been a multitude of ways to actually improve their security:

an Oauth API, API tokens, token/PIN exchange on the printer's display and/or a QR-code, an actual LAN-only mode, manual certificate exchange, ... I'll stop here.

All of these solutions would be absolutely feasible, actually secure, and would not lock you out from using a third-party slicer. Their solution isn't about security at all, it's only about controlling their ecosystem.

Public
Kitsune Yasu

@fribbledom@mastodon.social This would still require you to have an additional piece of software that allows the authentication on top of the default protocol.

I agree that there should be an open solution for others in the long run.

Public
muesli

@kitsune_yasu

Yes, but that's a solution that slicers can simply adopt and implement. Like they do for dozens of other protocols and auth mechanisms.

Public
Kitsune Yasu

@fribbledom@mastodon.social Yes, but read the article.

THIS IS A BETA

The app is only there, so maintainers of slicers don't need to implement an Auth-System, as long as it is in an experimental phase.

muesli

@kitsune_yasu

When the entire architecture and design of their security mechanism is flawed an update won't help them.

The only thing they can reasonably do is to move the signing process to their cloud service.

Which, again, would be hilariously stupid.

Jan 19, 2025, 05:57 PM·Public·Web
0boosts·1favorite
ExploreLive feeds
About