Bambu Lab Authorization Control System: Difference between revisions

← Older edit Newer edit →

VisualWikitext

@@ Line 21: / Line 21: @@
 <blockquote><strong>What happens if I never upgrade to this firmware?</strong>
-You may continue using an older firmware version that does not include the new security updates; however, this means the printers may miss out on important security fixes or bug patches included in newer versions. We highly encourage updating to the latest firmware version for the best experience and enhanced security.</blockquote>However, '''this was not present on the day of the announcement.''' A snapshot of their webpage from archive.is demonstrates this section did not exist on the day of the announcement, when community members voiced their concerns.<ref name="firmware-update-introducing-new-authorization-control-system-22" /><ref>[[:File:2024-01-16-Firmware Update Introducing New Authorization Control System.pdf]]File:2024-01-16-Firmware Update Introducing New Authorization Control System.pdf</ref> Bambu's response to community feedback<ref>{{Cite web |last=@SpaghettiMonster |date=20 Jan 2025 |title=Updates and Third-Party Integration with Bambu Connect |url=https://blog.bambulab.com/updates-and-third-party-integration-with-bambu-connect/ |url-status=live |access-date=1 May 2025 |website=Bambu Lab Blog}}</ref> references ''"social media posts spreading baseless allegations and untrue claims about Bambu Lab",'' including ''"Firmware updates will block your printer’s ability to print.",'' without mentioning the context for those allegations. The context for those allegations was the lack of inclusion of the ''"What happens if I never upgrade to this firmware?"'' in Bambu's initial announcement alongside their stated terms of service.
+You may continue using an older firmware version that does not include the new security updates; however, this means the printers may miss out on important security fixes or bug patches included in newer versions. We highly encourage updating to the latest firmware version for the best experience and enhanced security.</blockquote>However, '''this was not present on the day of the announcement.''' A snapshot of their webpage from archive.is demonstrates this section did not exist on the day of the announcement, when community members voiced their concerns.<ref name="firmware-update-introducing-new-authorization-control-system-22" /><ref>[[:File:2024-01-16-Firmware Update Introducing New Authorization Control System.pdf]]File:2024-01-16-Firmware Update Introducing New Authorization Control System.pdf</ref> Bambu's response to community feedback<ref>{{Cite web |last=@SpaghettiMonster |date=20 Jan 2025 |title=Updates and Third-Party Integration with Bambu Connect |url=https://blog.bambulab.com/updates-and-third-party-integration-with-bambu-connect/ |url-status=live |access-date=1 May 2025 |website=Bambu Lab Blog |url-status=live |archive-url=https://web.archive.org/web/20260216001409/https://blog.bambulab.com/updates-and-third-party-integration-with-bambu-connect/ |archive-date=16 Feb 2026}}</ref> references ''"social media posts spreading baseless allegations and untrue claims about Bambu Lab",'' including ''"Firmware updates will block your printer’s ability to print.",'' without mentioning the context for those allegations. The context for those allegations was the lack of inclusion of the ''"What happens if I never upgrade to this firmware?"'' in Bambu's initial announcement alongside their stated terms of service.
 This announcement, after the edit in question, clearly states in the header - '''''Updated: January 17, 2025''' - to include additional details and FAQs where the '''What happens if I never upgrade to this firmware?''' among others was added.''
@@ Line 46: / Line 46: @@
 ===Privacy policy issues===
-Bambu Lab's privacy policy, under "Personal Data that we collect," explicitly states: "3D Model in each client ('Printing Files') and other information related to the print job we may store, including start times, finish times, filament consumption and other relevant information."<ref>{{Cite web |date=25 Mar 2025 |title=Privacy Policy |url=https://bambulab.com/en-us/policies/privacy |url-status=live |access-date=1 May 2025 |website=[[Bambu Lab]]}}</ref> This contradicts their claim that they do not monitor 3D prints. Additionally, the privacy policy webpage is notably excluded from the Wayback Machine, raising concerns about transparency and accountability in their data practices.<ref>https://web.archive.org/web/20250000000000*/https://bambulab.com/en-us/policies/privacy</ref>
+Bambu Lab's privacy policy, under "Personal Data that we collect," explicitly states: "3D Model in each client ('Printing Files') and other information related to the print job we may store, including start times, finish times, filament consumption and other relevant information."<ref>{{Cite web |date=25 Mar 2025 |title=Privacy Policy |url=https://bambulab.com/en-us/policies/privacy |url-status=live |access-date=1 May 2025 |website=[[Bambu Lab]] |url-status=live |archive-url=https://web.archive.org/web/20260216002621/https://bambulab.com/en-us/policies/privacy |archive-date=16 Feb 2026}}</ref> This contradicts their claim that they do not monitor 3D prints. Additionally, the privacy policy webpage is notably excluded from the Wayback Machine, raising concerns about transparency and accountability in their data practices.<ref>https://web.archive.org/web/20250000000000*/https://bambulab.com/en-us/policies/privacy</ref>
 ===Community strategies to deal with risks===
@@ Line 57: / Line 57: @@
 Bambu Lab has stated that the authorization system is in place in order to protect against "remote hacks," "printer exposure," and "abnormal traffic or attacks." There are, however, several ways to mitigate these risks without the loss of user control that their system causes:
-*'''The "remote hacks" that were cited as an example in the article seem to be a direct result of the 3D-printer vendor not responding properly to a reported security vulnerability in their product.<ref>{{Cite web |last=Cluley |first=Graham |date=1 Mar 2024 |title=Someone is hacking 3D printers to warn owners of a security flaw |url=https://www.bitdefender.com/en-au/blog/hotforsecurity/someone-is-hacking-3d-printers-to-warn-owners-of-a-security-flaw?ref=blog.bambulab.com |url-status=live |access-date=1 May 2025 |website=Bitdefender}}</ref> Therefore, in order to get attention, the researcher decided to infect machines and display a harmless message to spread publicity.''' Properly responding to security vulnerabilities, working to patch them quickly, and working with the security community (who would be more than happy to help secure products) would be some ways to prevent this.
+*'''The "remote hacks" that were cited as an example in the article seem to be a direct result of the 3D-printer vendor not responding properly to a reported security vulnerability in their product.<ref>{{Cite web |last=Cluley |first=Graham |date=1 Mar 2024 |title=Someone is hacking 3D printers to warn owners of a security flaw |url=https://www.bitdefender.com/en-au/blog/hotforsecurity/someone-is-hacking-3d-printers-to-warn-owners-of-a-security-flaw?ref=blog.bambulab.com |url-status=live |access-date=1 May 2025 |website=Bitdefender |url-status=live |archive-url=https://web.archive.org/web/20260216002646/https://www.bitdefender.com/en-au/blog/hotforsecurity/someone-is-hacking-3d-printers-to-warn-owners-of-a-security-flaw?ref=blog.bambulab.com |archive-date=16 Feb 2026}}</ref> Therefore, in order to get attention, the researcher decided to infect machines and display a harmless message to spread publicity.''' Properly responding to security vulnerabilities, working to patch them quickly, and working with the security community (who would be more than happy to help secure products) would be some ways to prevent this.
-*In the article cited about printer exposure, the hack was carried out largely because of user misconfiguration.<ref>{{Cite web |last=Ms. Smith |date=5 Sep 2018 |title=Over 3,700 exposed 3D printers open to remote attackers |url=https://www.csoonline.com/article/566223/over-3700-exposed-3d-printers-open-to-remote-attackers.html?ref=blog.bambulab.com |url-status=live |access-date=1 May 2025 |website=CSO}}</ref> Printer exposure can be mitigated by offering more convenient ways to securely expose printers to the internet, so that users are not tempted to allow unauthenticated access over the network.
+*In the article cited about printer exposure, the hack was carried out largely because of user misconfiguration.<ref>{{Cite web |last=Ms. Smith |date=5 Sep 2018 |title=Over 3,700 exposed 3D printers open to remote attackers |url=https://www.csoonline.com/article/566223/over-3700-exposed-3d-printers-open-to-remote-attackers.html?ref=blog.bambulab.com |url-status=live |access-date=1 May 2025 |website=CSO |url-status=live |archive-url=https://web.archive.org/web/20260216002556/https://www.csoonline.com/article/566223/over-3700-exposed-3d-printers-open-to-remote-attackers.html?ref=blog.bambulab.com |archive-date=16 Feb 2026}}</ref> Printer exposure can be mitigated by offering more convenient ways to securely expose printers to the internet, so that users are not tempted to allow unauthenticated access over the network.
-*The "abnormal traffic" can be mitigated by steps Bambu has already put in place, as detailed in their own article on the matter.<ref>{{Cite web |title=Summary of Security Incident Responses and Abnormal Cloud Traffic |url=https://wiki.bambulab.com/en/security-incidents-cloud-traffic?ref=blog.bambulab.com |url-status=live |access-date=1 May 2025 |website=Bambu Lab Wiki}}</ref>
+*The "abnormal traffic" can be mitigated by steps Bambu has already put in place, as detailed in their own article on the matter.<ref>{{Cite web |title=Summary of Security Incident Responses and Abnormal Cloud Traffic |url=https://wiki.bambulab.com/en/security-incidents-cloud-traffic?ref=blog.bambulab.com |url-status=live |access-date=1 May 2025 |website=Bambu Lab Wiki |url-status=live |archive-url=https://web.archive.org/web/20260216003052/https://wiki.bambulab.com/en/security-incidents-cloud-traffic?ref=blog.bambulab.com |archive-date=16 Feb 2026}}</ref>
-*"Other malicious devices in the LAN" can be partially mitigated by steps Bambu has already put in place, as detailed in their own article on the matter.<ref>{{Cite web |last=@SpaghettiMonster |date=25 Nov 2022 |title=Answering network security concerns for our printers |url=https://blog.bambulab.com/answering-network-security-concerns/ |url-status=live |access-date=1 May 2025 |website=Bambu Lab Blog}}</ref> Another mitigation is to add stronger authentication mechanisms, rather than using a weak pre-shared LAN access code as is currently the case.
+*"Other malicious devices in the LAN" can be partially mitigated by steps Bambu has already put in place, as detailed in their own article on the matter.<ref>{{Cite web |last=@SpaghettiMonster |date=25 Nov 2022 |title=Answering network security concerns for our printers |url=https://blog.bambulab.com/answering-network-security-concerns/ |url-status=live |access-date=1 May 2025 |website=Bambu Lab Blog |url-status=live |archive-url=https://web.archive.org/web/20260216001754/https://blog.bambulab.com/answering-network-security-concerns/ |archive-date=16 Feb 2026}}</ref> Another mitigation is to add stronger authentication mechanisms, rather than using a weak pre-shared LAN access code as is currently the case.
 ==Issues with LAN mode requiring authorization==
 [[File:Bambu Connect App - Lan Device Discovery without Bambu Login.png|thumb|Bambu Connect App - Lan Device Discovery without Bambu Login]]
-Bambu Lab printers have the ability to be controlled over both cloud and LAN. This allowed users to integrate their printers into private networks and maintain full control without having to rely on the manufacturer's server while also allowing cloud access. The new authorization system mandates that even LAN-based operations must go through an authentication process using Bambu Connect to retain full control.<ref name="bambu-connect">{{Cite web |title=Bambu Connect (beta) |url=https://wiki.bambulab.com/en/software/bambu-connect |url-status=live |access-date=1 May 2025 |website=Bambu Lab Wiki}}</ref> Full local access is still possible and unchanged for those not using the cloud.
+Bambu Lab printers have the ability to be controlled over both cloud and LAN. This allowed users to integrate their printers into private networks and maintain full control without having to rely on the manufacturer's server while also allowing cloud access. The new authorization system mandates that even LAN-based operations must go through an authentication process using Bambu Connect to retain full control.<ref name="bambu-connect">{{Cite web |title=Bambu Connect (beta) |url=https://wiki.bambulab.com/en/software/bambu-connect |url-status=live |access-date=1 May 2025 |website=Bambu Lab Wiki |url-status=live |archive-url=https://web.archive.org/web/20260216001924/https://wiki.bambulab.com/en/software/bambu-connect |archive-date=16 Feb 2026}}</ref> Full local access is still possible and unchanged for those not using the cloud.
 This change has drawn criticism for many reasons:
@@ Line 70: / Line 70: @@
 **Confidentiality required by US Law - This is in conflict with those that have to comply with 18 CFR § 3a.61, 32 CFR § 117.15, 32 CFR § 2001.47, and other restrictions.
 *'''Loss of offline independence while also using cloud''': Before, users could have hybrid offline setups. The requirement for authentication removes this option unless users revert to older firmware versions, which Bambu does not allow people to do once they have updated to the firmware using the new scheme.
-*'''Increased complexity''': The added authentication layer complicates workflows for users who built custom setups or relied on third-party integrations for LAN control while retaining cloud functionality.<ref name=":4">{{Cite web |last=@edlboston |date=Jan 2023 |title=Yes, I know about the LAN mode. But as has been stated by many people, things like the camera will not work, nor will the Handy app. There is no technical reason that these are bound to the cloud. This is the problem and why I titled this FULL Non-Cloud Network. |url=https://forum.bambulab.com/t/full-non-cloud-based-network-option-needed/3643 |url-status=live |access-date=1 May 2025 |website=Bambu Lab Community Forum}}</ref>
+*'''Increased complexity''': The added authentication layer complicates workflows for users who built custom setups or relied on third-party integrations for LAN control while retaining cloud functionality.<ref name=":4">{{Cite web |last=@edlboston |date=Jan 2023 |title=Yes, I know about the LAN mode. But as has been stated by many people, things like the camera will not work, nor will the Handy app. There is no technical reason that these are bound to the cloud. This is the problem and why I titled this FULL Non-Cloud Network. |url=https://forum.bambulab.com/t/full-non-cloud-based-network-option-needed/3643 |url-status=live |access-date=1 May 2025 |website=Bambu Lab Community Forum |url-status=live |archive-url=https://web.archive.org/web/20260216002035/https://forum.bambulab.com/t/full-non-cloud-based-network-option-needed/3643 |archive-date=16 Feb 2026}}</ref>
 It is worth noting that:
@@ Line 82: / Line 82: @@
 ===Precedents and comparisons===
-Critics have likened this potential functionality to similar cases in other industries where manufacturers remotely restrict product features. Notable examples include [[HP]]'s printer firmware updates that [[HP Instant Ink|rendered third-party ink cartridges unusable]] and Tesla's software locks on second-hand vehicles. These parallels suggest a broader trend of manufacturers [[Retroactively amended purchase|using software to control hardware capabilities post-purchase]].<ref name=":5">https://www.classaction.org/hp-printer-lawsuit</ref><ref>https://www.wired.com/story/tesla-remote-disable-used-car-features/</ref>
+Critics have likened this potential functionality to similar cases in other industries where manufacturers remotely restrict product features. Notable examples include [[HP]]'s printer firmware updates that [[HP Instant Ink|rendered third-party ink cartridges unusable]] and Tesla's software locks on second-hand vehicles. These parallels suggest a broader trend of manufacturers [[Retroactively amended purchase|using software to control hardware capabilities post-purchase]].<ref name=":5">https://www.classaction.org/hp-printer-lawsuit</ref><ref>https://www.wired.com/story/tesla-remote-disable-used-car-features/ ([https://web.archive.org/web/20260216002258/https://www.wired.com/story/tesla-remote-disable-used-car-features Archived])</ref>
 ===X1E firmware 01.01.02.00 LAN only connection "BUG"===
@@ Line 118: / Line 118: @@
 While basic status monitoring remains available (e.g., print-progress updates in Home Assistant), the new firmware removes the ability for home-automation systems to control printer functions. Users can no longer:
 *Start or stop prints remotely using Home Assistant, BTT Panda Touch,<ref name=":0">{{Cite web |last=@BIGTREETECH |date=17 Jan 2025 |title=<nowiki>Dear Users, Recently Bambu announced some significant changes to how authorization will work with some of their coming firmware updates for the X series (X1, X1C, X1E) of their printers. We want to use this post to explain how it will affect the Panda Touch and how you can still retain full functionality.
-The announcement in question can be read here: https://blog.bambulab.com/firmware-update-introducing.../ Below is a bullet point list of the key points and implications from this announcement: - The new authorization control system will be rolled out to the X range of printers on the 23rd of January 2025. - No mention is made of an exact release schedule for the P and A series printers. - The new authorization method will likely limit the control available to third party devices and software on all X series machines. This includes software like Home Assistant, Orca Slicer and the Panda Touch. - A and P series machines will retain full third party software and device control until Bambu release a similar firmware update for those machines. - The firmware updates are optional and any users who wish to retain third party device or software control can choose not to perform the update. - We have reached out to Bambu to try and obtain more information and we will keep users updated as Bambu provides feedback that is approved for public release. Our recommendation is to remain on your current firmware so that you can retain the use of the Panda Touch until we have more clarity about the situation. Sincerely, The BIQU/BIGTREETECH team.</nowiki> |url=https://www.facebook.com/BIGTREETECH/posts/pfbid0SNZGxvf7NRdmyVgHf6y9yNedNbU2RrCfdT8gugTSD4AYfr5BHneNF9H1EbwyYiJEl |url-status=live |access-date=1 May 2025 |website=[[Facebook]]}}</ref> or other third-party accessories or software interfaces
+The announcement in question can be read here: https://blog.bambulab.com/firmware-update-introducing.../ Below is a bullet point list of the key points and implications from this announcement: - The new authorization control system will be rolled out to the X range of printers on the 23rd of January 2025. - No mention is made of an exact release schedule for the P and A series printers. - The new authorization method will likely limit the control available to third party devices and software on all X series machines. This includes software like Home Assistant, Orca Slicer and the Panda Touch. - A and P series machines will retain full third party software and device control until Bambu release a similar firmware update for those machines. - The firmware updates are optional and any users who wish to retain third party device or software control can choose not to perform the update. - We have reached out to Bambu to try and obtain more information and we will keep users updated as Bambu provides feedback that is approved for public release. Our recommendation is to remain on your current firmware so that you can retain the use of the Panda Touch until we have more clarity about the situation. Sincerely, The BIQU/BIGTREETECH team.</nowiki> |url=https://www.facebook.com/BIGTREETECH/posts/pfbid0SNZGxvf7NRdmyVgHf6y9yNedNbU2RrCfdT8gugTSD4AYfr5BHneNF9H1EbwyYiJEl |url-status=live |access-date=1 May 2025 |website=[[Facebook]] |url-status=live |archive-url=http://web.archive.org/web/20251004104021/https://www.facebook.com/BIGTREETECH/posts/pfbid0SNZGxvf7NRdmyVgHf6y9yNedNbU2RrCfdT8gugTSD4AYfr5BHneNF9H1EbwyYiJEl |archive-date=4 Oct 2025}}</ref> or other third-party accessories or software interfaces
 *Control printer temperatures or cooling
 *Automate printer behaviors based on sensor data or events
@@ Line 124: / Line 124: @@
 ===Permanent nature of the update===
-Once a printer is updated to the new firmware, users can still revert to previous versions that allows full control of the printer using LAN mode access key while signed into the cloud.<ref>{{Cite web |last=Hollister |first=Sean |date=22 Jan 2025 |title=Here’s what Bambu will — and won’t — promise after its controversial 3D printer update |url=https://www.theverge.com/2025/1/21/24349031/bambu-3d-printer-update-authentication-filament-subscription-lock-answers |url-status=live |access-date=1 May 2025 |website=The Verge}}</ref> The option still exists to disable the cloud service.
+Once a printer is updated to the new firmware, users can still revert to previous versions that allows full control of the printer using LAN mode access key while signed into the cloud.<ref>{{Cite web |last=Hollister |first=Sean |date=22 Jan 2025 |title=Here’s what Bambu will — and won’t — promise after its controversial 3D printer update |url=https://www.theverge.com/2025/1/21/24349031/bambu-3d-printer-update-authentication-filament-subscription-lock-answers |url-status=live |access-date=1 May 2025 |website=The Verge |url-status=live |archive-url=http://web.archive.org/web/20251122143504/https://www.theverge.com/2025/1/21/24349031/bambu-3d-printer-update-authentication-filament-subscription-lock-answers |archive-date=22 Nov 2025}}</ref> The option still exists to disable the cloud service.
 The manufacturer states this change is required for security, but community members note that many of the security vulnerabilities being addressed stem from Bambu's own cloud-centric design choices rather than inherent risks of local network control<ref name="bambulab-forum-134549/12">{{Cite web |date=14 Jan 2025 |title=Bambu Studio 1.10.2 Public Beta |url=https://forum.bambulab.com/t/bambu-studio-1-10-2-public-beta/134549/12 |url-status=live |access-date=1 May 2025 |website=Bambu Lab Community Forum}}</ref>. The update forces users into using Bambu Connect middleware if they want to retain limited cloud functionality.
@@ Line 141: / Line 141: @@
 *Home automation integration beyond basic status monitoring
-Previously, third-party software such as OrcaSlicer<ref name="orca-slicer-issue8063">{{Cite web |date=16 Jan 2025 |title=FW 1.08.03.00 from Bambu WILL BREAK ORCASLICER for X, P and A series #8063 |url=https://github.com/SoftFever/OrcaSlicer/issues/8063 |url-status=live |access-date=1 May 2025 |website=GitHub}}</ref> could interact with Bambu Lab printers via the open-source Bambu Studio and proprietary network plug-ins. While Bambu Connect provides a limited URL-based API to initiate prints, most functionality previously openly available is now restricted to Bambu's ecosystem<ref name="bambulab-forum-135400/9" />.
+Previously, third-party software such as OrcaSlicer<ref name="orca-slicer-issue8063">{{Cite web |date=16 Jan 2025 |title=FW 1.08.03.00 from Bambu WILL BREAK ORCASLICER for X, P and A series #8063 |url=https://github.com/SoftFever/OrcaSlicer/issues/8063 |url-status=live |access-date=1 May 2025 |website=GitHub |url-status=live |archive-url=http://web.archive.org/web/20250708192842/https://github.com/SoftFever/OrcaSlicer/issues/8063 |archive-date=8 Jul 2025}}</ref> could interact with Bambu Lab printers via the open-source Bambu Studio and proprietary network plug-ins. While Bambu Connect provides a limited URL-based API to initiate prints, most functionality previously openly available is now restricted to Bambu's ecosystem<ref name="bambulab-forum-135400/9" />.
 Previously, third-party accessories such as Panda Touch would allow users to control their printers with a standalone device. Panda Touch was especially popular amongst P series printer owners since P series printers contain a monochromatic screen with a D-pad by default for printer control whereas Panda Touch is a full-color touch screen that had a small battery so that way users could reposition and detach their Panda Touch off their printers if needed. Users would be able to queue up jobs, jog printer motors, and connect to multiple printers at once in order to monitor print jobs. According to Big Tree Tech (BTT), the manufacturer of the Panda Touch, they urge users of Panda Touch not to update firmware any further since doing so would foreseeably permanently break compatibility with users' printers and their Panda Touch. <ref name=":0" />
@@ Line 243: / Line 243: @@
 *The system creates dependence on Bambu's cloud services availability for basic printer functionality<ref name=":4" />
-While Bambu Lab maintains that cloud processing is necessary for security and functionality, community members argue this represents unnecessary data collection that could be handled locally<ref name="bambulab-forum-134549/12" />. The company's cloud infrastructure costs are significant, leading some users to speculate that future monetization of the cloud services may be planned<ref name="bambulab-forum-3643/5">{{Cite web |last=@NeverDie |date=Jan 2025 |title=I’m not disagreeing, but as a short-term workaround, are you able to write the print files to an SD card and then print from that? I’m too new to have tried it myself, but I thought that was at least an option. |url=https://forum.bambulab.com/t/full-non-cloud-based-network-option-needed/3643/5 |url-status=live |access-date=1 May 2025 |website=Bambu Lab Community Forum}}</ref>. Therefore, people should assess if their use case mandates the use of the cloud service and disable it when it doesn't.
+While Bambu Lab maintains that cloud processing is necessary for security and functionality, community members argue this represents unnecessary data collection that could be handled locally<ref name="bambulab-forum-134549/12" />. The company's cloud infrastructure costs are significant, leading some users to speculate that future monetization of the cloud services may be planned<ref name="bambulab-forum-3643/5">{{Cite web |last=@NeverDie |date=Jan 2025 |title=I’m not disagreeing, but as a short-term workaround, are you able to write the print files to an SD card and then print from that? I’m too new to have tried it myself, but I thought that was at least an option. |url=https://forum.bambulab.com/t/full-non-cloud-based-network-option-needed/3643/5 |url-status=live |access-date=1 May 2025 |website=Bambu Lab Community Forum |url-status=live |archive-url=https://web.archive.org/web/20260216002035/https://forum.bambulab.com/t/full-non-cloud-based-network-option-needed/3643 |archive-date=16 Feb 2026}}</ref>. Therefore, people should assess if their use case mandates the use of the cloud service and disable it when it doesn't.
 This shift from local control to cloud-dependent operation is part of a broader trend in consumer devices, where manufacturers use security concerns to justify increased data collection and reduced customer control over devices they bought and paid for. Privacy-conscious users should operate their printers in LAN-only mode to avoid cloud connectivity.
@@ Line 249: / Line 249: @@
 ==Customer reactions==
-Customer reactions have been overwhelmingly negative.<ref>{{Cite web |last=@hho |date=15 Jan 2025 |title=Improvements Introduce authorization and authentication protection mechanism: Bambu Studio now supports signing and encrypting control commands sent to printers when the printer supports authorization and authentication protection. The printer will determine whether the commands can be executed. Hmmm. This reads suspiciously vague. It could mean that Bambu printers get an onboard permission handling, so that you can “lock down” your printer and set what commands can be run. But it could also mean that Bambu printers in (or of?) the future will only run Gcode encrypted and signed by Bambu Studio… |url=https://forum.bambulab.com/t/bambu-studio-1-10-2-public-beta/134549/4 |url-status=live |access-date=1 May 2025 |website=Bambu Lab Community Forum}}</ref><ref>{{Cite web |last=@iranintoavan |title=Firmware Update Introducing New Authorization Control System |url=https://old.reddit.com/r/BambuLab/comments/1i2psvz/firmware_update_introducing_new_authorization/ |url-status=live |access-date=1 May 2025 |website=Old Reddit}}</ref> Bambu Lab has historically pushed cloud-based printer interaction while offering limited LAN mode functionality<ref name=":4" />. Many customers argue that the security issues this locked-down firmware claims to address are actually consequences of the company's cloud-based design choices rather than inherent risks of local network control,<ref name="bambulab-forum-134549/12" /> which continues to infuriate users who are now told that security is the justification for a loss of freedom. As a result of the announcement of the shift, customer ratings on sites like Trustpilot rapidly dropped,<ref>https://www.trustpilot.com/review/bambulab.com?sort=recency</ref> with many reviews citing the restrictions as the reason for the bad reviews.
+Customer reactions have been overwhelmingly negative.<ref>{{Cite web |last=@hho |date=15 Jan 2025 |title=Improvements Introduce authorization and authentication protection mechanism: Bambu Studio now supports signing and encrypting control commands sent to printers when the printer supports authorization and authentication protection. The printer will determine whether the commands can be executed. Hmmm. This reads suspiciously vague. It could mean that Bambu printers get an onboard permission handling, so that you can “lock down” your printer and set what commands can be run. But it could also mean that Bambu printers in (or of?) the future will only run Gcode encrypted and signed by Bambu Studio… |url=https://forum.bambulab.com/t/bambu-studio-1-10-2-public-beta/134549/4 |url-status=live |access-date=1 May 2025 |website=Bambu Lab Community Forum}}</ref><ref>{{Cite web |last=@iranintoavan |title=Firmware Update Introducing New Authorization Control System |url=https://old.reddit.com/r/BambuLab/comments/1i2psvz/firmware_update_introducing_new_authorization/ |url-status=live |access-date=1 May 2025 |website=Old Reddit}}</ref> Bambu Lab has historically pushed cloud-based printer interaction while offering limited LAN mode functionality<ref name=":4" />. Many customers argue that the security issues this locked-down firmware claims to address are actually consequences of the company's cloud-based design choices rather than inherent risks of local network control,<ref name="bambulab-forum-134549/12" /> which continues to infuriate users who are now told that security is the justification for a loss of freedom. As a result of the announcement of the shift, customer ratings on sites like Trustpilot rapidly dropped,<ref>https://www.trustpilot.com/review/bambulab.com?sort=recency ([http://web.archive.org/web/20251004104031/https://www.trustpilot.com/review/bambulab.com?sort=recency Archived])</ref> with many reviews citing the restrictions as the reason for the bad reviews.
 The shift raises privacy concerns as the restricted LAN mode functionality will now push more users into Bambu's cloud infrastructure for processing user print data, including file names and print settings.
@@ Line 266: / Line 266: @@
 Like 2D printers, Bambu Lab's update restricts functionality previously available to users and pushes them toward proprietary software and cloud-based control.
-A parallel specific to the 3D-printing industry can also be drawn from the now-defunct 3D-printer manufacturer [[MakerBot]], whose shift from open-source, DIY-focused machines in 2012 to closed-source, proprietary machines (similarly to Bambu Labs), ultimately drove customers to less-expensive, open-source competitors.<ref>{{Cite web |last=Benchoff |first=Brian |date=28 Apr 2016 |title=The MakerBot Obituary |url=https://hackaday.com/2016/04/28/the-makerbot-obituary/ |url-status=live |access-date=1 May 2025 |website=hackaday.com}}</ref> MakerBot was also accused of asserting ownership over publicly available, open-source designs uploaded to its 3D print repository, Thingiverse.<ref>{{Cite web |last=Biggs |first=John |date=28 May 2014 |title=MakerBot Responds To Critics Who Claim It Is Stealing Community IP |url=https://techcrunch.com/2014/05/28/makerbot-responds-to-critics-who-claim-it-is-stealing-community-ip/ |url-status=live |access-date=1 May 2025 |website=TechCrunch}}</ref> These factors contributed to MakerBot steadily losing their position and reputation as an industry leader, before getting absorbed by rival Ultimaker in 2022.
+A parallel specific to the 3D-printing industry can also be drawn from the now-defunct 3D-printer manufacturer [[MakerBot]], whose shift from open-source, DIY-focused machines in 2012 to closed-source, proprietary machines (similarly to Bambu Labs), ultimately drove customers to less-expensive, open-source competitors.<ref>{{Cite web |last=Benchoff |first=Brian |date=28 Apr 2016 |title=The MakerBot Obituary |url=https://hackaday.com/2016/04/28/the-makerbot-obituary/ |url-status=live |access-date=1 May 2025 |website=hackaday.com |url-status=live |archive-url=http://web.archive.org/web/20251208222057/https://hackaday.com/2016/04/28/the-makerbot-obituary/ |archive-date=8 Dec 2025}}</ref> MakerBot was also accused of asserting ownership over publicly available, open-source designs uploaded to its 3D print repository, Thingiverse.<ref>{{Cite web |last=Biggs |first=John |date=28 May 2014 |title=MakerBot Responds To Critics Who Claim It Is Stealing Community IP |url=https://techcrunch.com/2014/05/28/makerbot-responds-to-critics-who-claim-it-is-stealing-community-ip/ |url-status=live |access-date=1 May 2025 |website=TechCrunch |url-status=live |archive-url=http://web.archive.org/web/20251111041317/https://techcrunch.com/2014/05/28/makerbot-responds-to-critics-who-claim-it-is-stealing-community-ip/ |archive-date=11 Nov 2025}}</ref> These factors contributed to MakerBot steadily losing their position and reputation as an industry leader, before getting absorbed by rival Ultimaker in 2022.
 ==TOS restricting development of third party devices and accessories==