Consumer Rights Wiki

Bambu Lab Authorization Control System: Difference between revisions

← Older edit
VisualWikitext
Andrew V (talk | contribs)
confirmed, superconfirmed
674 edits
Andrew V (talk | contribs)
confirmed, superconfirmed
674 edits
 
Line 21: Line 21:
This announcement, after the edit in question, clearly states in the header - '''''Updated: January 17, 2025''' - to include additional details and FAQs where the '''What happens if I never upgrade to this firmware?''' among others was added.''
This announcement, after the edit in question, clearly states in the header - '''''Updated: January 17, 2025''' - to include additional details and FAQs where the '''What happens if I never upgrade to this firmware?''' among others was added.''


As per webpage oldest snapshot from '''archive.is'''<ref name="firmware-update-introducing-new-authorization-control-system-22">{{Cite web |last=@BambuKidd |date=16 Jan 2025 |title=Firmware Update Introducing New Authorization Control System |url=https://blog.bambulab.com/firmware-update-introducing-new-authorization-control-system-2/ |url-status=live |archive-url=https://archive.is/ejq3R |archive-date=16 Jan 2025 |access-date=1 May 2025 |website=[[Bambu Lab]] Blog}}</ref> dated 16 Jan 2025 17:31 UTC there are two references if choosing to stay on the old firmware:<blockquote>
As per webpage oldest snapshot from '''archive.is'''<ref name="firmware-update-introducing-new-authorization-control-system-22">{{Cite web |last=@BambuKidd |date=16 Jan 2025 |title=Firmware Update Introducing New Authorization Control System |url=https://blog.bambulab.com/firmware-update-introducing-new-authorization-control-system-2/ |url-status=live |archive-url=https://ghostarchive.org/archive/qwL63 |archive-date=2026-03-07 |access-date=2025-05-01 |website=[[Bambu Lab]] Blog}}</ref> dated 16 Jan 2025 17:31 UTC there are two references if choosing to stay on the old firmware:<blockquote>


====<sup> Important Information for End Users </sup>====
====<sup> Important Information for End Users </sup>====
Line 56: Line 56:
*In the article cited about printer exposure, the hack was carried out largely because of user misconfiguration.<ref>{{Cite web |last=Ms. Smith |date=5 Sep 2018 |title=Over 3,700 exposed 3D printers open to remote attackers |url=https://www.csoonline.com/article/566223/over-3700-exposed-3d-printers-open-to-remote-attackers.html?ref=blog.bambulab.com |url-status=live |archive-url=https://web.archive.org/web/20260216002556/https://www.csoonline.com/article/566223/over-3700-exposed-3d-printers-open-to-remote-attackers.html?ref=blog.bambulab.com |archive-date=16 Feb 2026 |access-date=1 May 2025 |website=[[CSO]]}}</ref> Printer exposure can be mitigated by offering more convenient ways to securely expose printers to the internet, so that users are not tempted to allow unauthenticated access over the network.
*In the article cited about printer exposure, the hack was carried out largely because of user misconfiguration.<ref>{{Cite web |last=Ms. Smith |date=5 Sep 2018 |title=Over 3,700 exposed 3D printers open to remote attackers |url=https://www.csoonline.com/article/566223/over-3700-exposed-3d-printers-open-to-remote-attackers.html?ref=blog.bambulab.com |url-status=live |archive-url=https://web.archive.org/web/20260216002556/https://www.csoonline.com/article/566223/over-3700-exposed-3d-printers-open-to-remote-attackers.html?ref=blog.bambulab.com |archive-date=16 Feb 2026 |access-date=1 May 2025 |website=[[CSO]]}}</ref> Printer exposure can be mitigated by offering more convenient ways to securely expose printers to the internet, so that users are not tempted to allow unauthenticated access over the network.
*The "abnormal traffic" can be mitigated by steps Bambu has already put in place, as detailed in their own article on the matter.<ref>{{Cite web |title=Summary of Security Incident Responses and Abnormal Cloud Traffic |url=https://wiki.bambulab.com/en/security-incidents-cloud-traffic?ref=blog.bambulab.com |url-status=live |archive-url= |archive-date= |access-date=1 May 2025 |website=[[Bambu Lab]] Wiki}}</ref>
*The "abnormal traffic" can be mitigated by steps Bambu has already put in place, as detailed in their own article on the matter.<ref>{{Cite web |title=Summary of Security Incident Responses and Abnormal Cloud Traffic |url=https://wiki.bambulab.com/en/security-incidents-cloud-traffic?ref=blog.bambulab.com |url-status=live |archive-url= |archive-date= |access-date=1 May 2025 |website=[[Bambu Lab]] Wiki}}</ref>
*"Other malicious devices in the LAN" can be partially mitigated by steps Bambu has already put in place, as detailed in their own article on the matter.<ref>{{Cite web |last=@SpaghettiMonster |date=25 Nov 2022 |title=Answering network security concerns for our printers |url=https://blog.bambulab.com/answering-network-security-concerns/ |url-status=live |archive-url=https://web.archive.org/web/20260216001754/https://blog.bambulab.com/answering-network-security-concerns/ |archive-date=16 Feb 2026 |access-date=1 May 2025 |website=[[Bambu Lab]] Blog}}</ref> Another mitigation is to add stronger authentication mechanisms, rather than using a weak pre-shared LAN access code as is currently the case.
*"Other malicious devices in the LAN" can be partially mitigated by steps Bambu has already put in place, as detailed in their own article on the matter.<ref>{{Cite web |last=@SpaghettiMonster |date=25 Nov 2022 |title=Answering network security concerns for our printers |url=https://blog.bambulab.com/answering-network-security-concerns/ |url-status=live |archive-url=https://ghostarchive.org/archive/CE0Ii |archive-date=2026-03-30 |access-date=2025-05-01 |website=[[Bambu Lab]] Blog}}</ref> Another mitigation is to add stronger authentication mechanisms, rather than using a weak pre-shared LAN access code as is currently the case.


==Issues with LAN mode requiring authorization==
==Issues with LAN mode requiring authorization==
[[File:Bambu Connect App - Lan Device Discovery without Bambu Login.png|thumb|Bambu Connect App - Lan Device Discovery without Bambu Login]]
[[File:Bambu Connect App - Lan Device Discovery without Bambu Login.png|thumb|Bambu Connect App - Lan Device Discovery without Bambu Login]]
Bambu Lab printers have the ability to be controlled over both cloud and LAN. This allowed users to integrate their printers into private networks and maintain full control without having to rely on the manufacturer's server while also allowing cloud access. The new authorization system mandates that even LAN-based operations must go through an authentication process using Bambu Connect to retain full control.<ref name="bambu-connect">{{Cite web |title=Bambu Connect (beta) |url=https://wiki.bambulab.com/en/software/bambu-connect |url-status=live |archive-url=https://ghostarchive.org/archive/CVCtK |archive-date=2026-03-30 |access-date=1 May 2025 |website=Bambu Lab Wiki}}</ref> Full local access is still possible and unchanged for those not using the cloud.
Bambu Lab printers have the ability to be controlled over both cloud and LAN. This allowed users to integrate their printers into private networks and maintain full control without having to rely on the manufacturer's server while also allowing cloud access. The new authorization system mandates that even LAN-based operations must go through an authentication process using Bambu Connect to retain full control.<ref name="bambu-connect">{{Cite web |[email protected] |title=Bambu Connect (beta) |url=https://wiki.bambulab.com/en/software/bambu-connect |url-status=live |archive-url=https://ghostarchive.org/archive/CVCtK |archive-date=2026-03-30 |access-date=1 May 2025 |website=[[Bambu Lab]] Wiki}}</ref> Full local access is still possible and unchanged for those not using the cloud.


This change has drawn criticism for many reasons:
This change has drawn criticism for many reasons:
Retrieved from "https://consumerrights.wiki/w/Bambu_Lab_Authorization_Control_System"